Use !isAuthenticated

rwinch · rwinch · commit 593f7c44903a · 2025-03-25T16:14:25.000-05:00
It's more verbose to see if the user is not null and not anonymous Issue gh-16385
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java b/web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java
@@ -345,7 +345,7 @@ public PublicKeyCredentialRequestOptions createCredentialRequestOptions(
 	}
 
 	private List<CredentialRecord> findCredentialRecords(Authentication authentication) {
-		if (authentication == null || this.trustResolver.isAnonymous(authentication)) {
+		if (!this.trustResolver.isAuthenticated(authentication)) {
 			return Collections.emptyList();
 		}
 		PublicKeyCredentialUserEntity userEntity = this.userEntities.findByUsername(authentication.getName());

Original file line number	Diff line number	Diff line change
`@@ -345,7 +345,7 @@ public PublicKeyCredentialRequestOptions createCredentialRequestOptions(`
`345`	`345`	`}`
`346`	`346`
`347`	`347`	`private List<CredentialRecord> findCredentialRecords(Authentication authentication) {`
`348`		`- if (authentication == null \|\| this.trustResolver.isAnonymous(authentication)) {`
	`348`	`+ if (!this.trustResolver.isAuthenticated(authentication)) {`
`349`	`349`	`return Collections.emptyList();`
`350`	`350`	`}`
`351`	`351`	`PublicKeyCredentialUserEntity userEntity = this.userEntities.findByUsername(authentication.getName());`