spring-projects
diff --git a/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/PasswordManagementConfigurer.java
Lines changed: 2 additions & 2 deletions b/‎config/src/main/java/org/springframework/security/config/annotation/web/configurers/PasswordManagementConfigurer.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎config/src/test/java/org/springframework/security/config/annotation/web/configurers/PasswordManagementConfigurerTests.java
Lines changed: 12 additions & 12 deletions b/‎config/src/test/java/org/springframework/security/config/annotation/web/configurers/PasswordManagementConfigurerTests.java
Lines changed: 12 additions & 12 deletions
diff --git a/‎core/src/main/java/org/springframework/security/authentication/password/ChangeLengthPasswordAdvisor.java
Lines changed: 18 additions & 21 deletions b/‎core/src/main/java/org/springframework/security/authentication/password/ChangeLengthPasswordAdvisor.java
Lines changed: 18 additions & 21 deletions
diff --git a/‎core/src/main/java/org/springframework/security/authentication/password/ChangePasswordAdvice.java
Lines changed: 2 additions & 8 deletions b/‎core/src/main/java/org/springframework/security/authentication/password/ChangePasswordAdvice.java
Lines changed: 2 additions & 8 deletions
diff --git a/‎core/src/main/java/org/springframework/security/authentication/password/CompositeChangePasswordAdvisor.java
Lines changed: 6 additions & 8 deletions b/‎core/src/main/java/org/springframework/security/authentication/password/CompositeChangePasswordAdvisor.java
Lines changed: 6 additions & 8 deletions
diff --git a/‎core/src/main/java/org/springframework/security/authentication/password/PasswordAction.java
Lines changed: 7 additions & 0 deletions b/‎core/src/main/java/org/springframework/security/authentication/password/PasswordAction.java
Lines changed: 7 additions & 0 deletions
diff --git a/‎core/src/main/java/org/springframework/security/authentication/password/UserDetailsChangePasswordAdvisor.java
Lines changed: 1 addition & 1 deletion b/‎core/src/main/java/org/springframework/security/authentication/password/UserDetailsChangePasswordAdvisor.java
Lines changed: 1 addition & 1 deletion
diff --git a/‎core/src/main/java/org/springframework/security/authentication/password/UserDetailsPasswordManager.java
Lines changed: 1 addition & 1 deletion b/‎core/src/main/java/org/springframework/security/authentication/password/UserDetailsPasswordManager.java
Lines changed: 1 addition & 1 deletion
diff --git a/‎core/src/main/java/org/springframework/security/core/userdetails/User.java
Lines changed: 6 additions & 6 deletions b/‎core/src/main/java/org/springframework/security/core/userdetails/User.java
Lines changed: 6 additions & 6 deletions
diff --git a/‎core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java
Lines changed: 3 additions & 3 deletions b/‎core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java
Lines changed: 3 additions & 3 deletions
@@ -106,8 +106,8 @@ public void init(B http) throws Exception {
 
 		ChangePasswordAdvisor changePasswordAdvisor = (this.changePasswordAdvisor != null) ? this.changePasswordAdvisor
 				: this.context.getBeanProvider(ChangePasswordAdvisor.class)
-					.getIfUnique(() -> CompositeChangePasswordAdvisor
-						.of(new UserDetailsChangePasswordAdvisor(), new ChangeCompromisedPasswordAdvisor()));
+					.getIfUnique(() -> CompositeChangePasswordAdvisor.of(new UserDetailsChangePasswordAdvisor(),
+							new ChangeCompromisedPasswordAdvisor()));
 
 		http.setSharedObject(ChangePasswordAdviceRepository.class, changePasswordAdviceRepository);
 		http.setSharedObject(UserDetailsPasswordManager.class, passwordManager);
 
@@ -31,6 +31,7 @@
 import org.springframework.mock.web.MockHttpSession;
 import org.springframework.security.authentication.password.ChangePasswordAdvice;
 import org.springframework.security.authentication.password.ChangePasswordAdvisor;
+import org.springframework.security.authentication.password.PasswordAction;
 import org.springframework.security.authentication.password.UserDetailsPasswordManager;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -223,7 +224,8 @@ UserDetailsService users() {
 			String adminPassword = UUID.randomUUID().toString();
 			UserDetails compromised = PasswordEncodedUser.user();
 			UserDetails admin = PasswordEncodedUser.withUserDetails(PasswordEncodedUser.admin())
-					.password(adminPassword).build();
+				.password(adminPassword)
+				.build();
 			return new InMemoryUserDetailsManager(compromised, admin);
 		}
 
@@ -243,24 +245,23 @@ static class AdminController {
 		}
 
 		@GetMapping("/advice/{username}")
-		ResponseEntity<ChangePasswordAdvice> requireChangePassword(@PathVariable("username") String username) {
+		ResponseEntity<PasswordAction> requireChangePassword(@PathVariable("username") String username) {
 			UserDetails user = this.users.loadUserByUsername(username);
 			if (user == null) {
 				return ResponseEntity.notFound().build();
 			}
-			return ResponseEntity.ok(user.getChangePasswordAdvice());
+			return ResponseEntity.ok(user.getPasswordAction());
 		}
 
 		@PostMapping("/expire/{username}")
-		ResponseEntity<ChangePasswordAdvice> expirePassword(@PathVariable("username") String username) {
+		ResponseEntity<PasswordAction> expirePassword(@PathVariable("username") String username) {
 			UserDetails user = this.users.loadUserByUsername(username);
 			if (user == null) {
 				return ResponseEntity.notFound().build();
 			}
-			ChangePasswordAdvice advice = () -> ChangePasswordAdvice.Action.MUST_CHANGE;
-			this.passwords.savePasswordAdvice(user, advice);
+			this.passwords.savePasswordAction(user, PasswordAction.MUST_CHANGE);
 			URI uri = URI.create("/admin/passwords/advice/" + username);
-			return ResponseEntity.created(uri).body(advice);
+			return ResponseEntity.created(uri).body(PasswordAction.MUST_CHANGE);
 		}
 
 	}
@@ -270,11 +271,9 @@ static class HomeController {
 
 		private final UserDetailsPasswordManager passwords;
 
-		private final ChangePasswordAdvisor changePasswordAdvisor =
-				new ChangeCompromisedPasswordAdvisor();
+		private final ChangePasswordAdvisor changePasswordAdvisor = new ChangeCompromisedPasswordAdvisor();
 
-		private final ChangePasswordAdviceRepository changePasswordAdviceRepository =
-				new HttpSessionChangePasswordAdviceRepository();
+		private final ChangePasswordAdviceRepository changePasswordAdviceRepository = new HttpSessionChangePasswordAdviceRepository();
 
 		private final PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
 
@@ -291,13 +290,14 @@ ChangePasswordAdvice index(ChangePasswordAdvice advice) {
 		ResponseEntity<?> changePassword(@AuthenticationPrincipal UserDetails user,
 				@RequestParam("password") String password, HttpServletRequest request, HttpServletResponse response) {
 			ChangePasswordAdvice advice = this.changePasswordAdvisor.advise(user, password);
-			if (advice.getAction() != ChangePasswordAdvice.Action.ABSTAIN) {
+			if (advice.getAction() != PasswordAction.ABSTAIN) {
 				return ResponseEntity.badRequest().body(advice);
 			}
 			this.passwords.updatePassword(user, this.encoder.encode(password));
 			this.changePasswordAdviceRepository.removePasswordAdvice(request, response);
 			return ResponseEntity.ok().build();
 		}
+
 	}
 
 }
@@ -16,7 +16,6 @@
 
 package org.springframework.security.authentication.password;
 
-import org.springframework.security.authentication.password.ChangePasswordAdvice.Action;
 import org.springframework.security.core.userdetails.UserDetails;
 
 public class ChangeLengthPasswordAdvisor implements ChangePasswordAdvisor {
@@ -25,9 +24,9 @@ public class ChangeLengthPasswordAdvisor implements ChangePasswordAdvisor {
 
 	private final int maxLength;
 
-	private Action tooShortAction = Action.MUST_CHANGE;
+	private PasswordAction tooShortAction = PasswordAction.MUST_CHANGE;
 
-	private Action tooLongAction = Action.SHOULD_CHANGE;
+	private PasswordAction tooLongAction = PasswordAction.SHOULD_CHANGE;
 
 	public ChangeLengthPasswordAdvisor(int minLength) {
 		this(minLength, Integer.MAX_VALUE);
@@ -49,29 +48,30 @@ public ChangePasswordAdvice advise(UserDetails user, String password) {
 		return ChangePasswordAdvice.ABSTAIN;
 	}
 
-	public void setTooShortAction(Action tooShortAction) {
+	public void setTooShortAction(PasswordAction tooShortAction) {
 		this.tooShortAction = tooShortAction;
 	}
 
-	public void setTooLongAction(Action tooLongAction) {
+	public void setTooLongAction(PasswordAction tooLongAction) {
 		this.tooLongAction = tooLongAction;
 	}
 
 	public static final class TooShortAdvice implements ChangePasswordAdvice {
-		private final Action action;
+
+		private final PasswordAction action;
 
 		private final int minLength;
 
 		private final int actualLength;
 
-		private TooShortAdvice(Action action, int minLength, int actualLength) {
+		private TooShortAdvice(PasswordAction action, int minLength, int actualLength) {
 			this.action = action;
 			this.minLength = minLength;
 			this.actualLength = actualLength;
 		}
 
 		@Override
-		public Action getAction() {
+		public PasswordAction getAction() {
 			return this.action;
 		}
 
@@ -85,30 +85,28 @@ public int getActualLength() {
 
 		@Override
 		public String toString() {
-			return "TooShort [" +
-					"action=" + this.action +
-					", minLength=" + this.minLength +
-					", actualLength=" + this.actualLength +
-					"]";
+			return "TooShort [" + "action=" + this.action + ", minLength=" + this.minLength + ", actualLength="
+					+ this.actualLength + "]";
 		}
 
 	}
 
 	public static final class TooLongAdvice implements ChangePasswordAdvice {
-		private final Action action;
+
+		private final PasswordAction action;
 
 		private final int maxLength;
 
 		private final int actualLength;
 
-		private TooLongAdvice(Action action, int maxLength, int actualLength) {
+		private TooLongAdvice(PasswordAction action, int maxLength, int actualLength) {
 			this.action = action;
 			this.maxLength = maxLength;
 			this.actualLength = actualLength;
 		}
 
 		@Override
-		public Action getAction() {
+		public PasswordAction getAction() {
 			return this.action;
 		}
 
@@ -122,11 +120,10 @@ public int getActualLength() {
 
 		@Override
 		public String toString() {
-			return "TooLong [" +
-					"action=" + this.action +
-					", maxLength=" + this.maxLength +
-					", actualLength=" + this.actualLength +
-					"]";
+			return "TooLong [" + "action=" + this.action + ", maxLength=" + this.maxLength + ", actualLength="
+					+ this.actualLength + "]";
 		}
+
 	}
+
 }
@@ -18,14 +18,8 @@
 
 public interface ChangePasswordAdvice {
 
-	ChangePasswordAdvice ABSTAIN = () -> Action.ABSTAIN;
+	ChangePasswordAdvice ABSTAIN = () -> PasswordAction.ABSTAIN;
 
-	Action getAction();
-
-	enum Action {
-
-		ABSTAIN, SHOULD_CHANGE, MUST_CHANGE
-
-	}
+	PasswordAction getAction();
 
 }
@@ -44,7 +44,7 @@ public ChangePasswordAdvice advise(UserDetails user, String password) {
 
 	public static final class Advice implements ChangePasswordAdvice {
 
-		private final Action action;
+		private final PasswordAction action;
 
 		private final Collection<ChangePasswordAdvice> advice;
 
@@ -53,8 +53,8 @@ private Advice(Collection<ChangePasswordAdvice> advice) {
 			this.advice = advice;
 		}
 
-		private Action findMostUrgentAction(Collection<ChangePasswordAdvice> advice) {
-			Action mostUrgentAction = Action.ABSTAIN;
+		private PasswordAction findMostUrgentAction(Collection<ChangePasswordAdvice> advice) {
+			PasswordAction mostUrgentAction = PasswordAction.ABSTAIN;
 			for (ChangePasswordAdvice a : advice) {
 				if (mostUrgentAction.ordinal() < a.getAction().ordinal()) {
 					mostUrgentAction = a.getAction();
@@ -64,7 +64,7 @@ private Action findMostUrgentAction(Collection<ChangePasswordAdvice> advice) {
 		}
 
 		@Override
-		public Action getAction() {
+		public PasswordAction getAction() {
 			return this.action;
 		}
 
@@ -74,11 +74,9 @@ public Collection<ChangePasswordAdvice> getAdvice() {
 
 		@Override
 		public String toString() {
-			return "Composite [" +
-					"action=" + this.action +
-					", advice=" + this.advice +
-					"]";
+			return "Composite [" + "action=" + this.action + ", advice=" + this.advice + "]";
 		}
+
 	}
 
 }
@@ -0,0 +1,7 @@
+package org.springframework.security.authentication.password;
+
+public enum PasswordAction {
+
+	ABSTAIN, SHOULD_CHANGE, MUST_CHANGE
+
+}
@@ -22,7 +22,7 @@ public final class UserDetailsChangePasswordAdvisor implements ChangePasswordAdv
 
 	@Override
 	public ChangePasswordAdvice advise(UserDetails user, String password) {
-		return user.getChangePasswordAdvice();
+		return user::getPasswordAction;
 	}
 
 }
@@ -21,6 +21,6 @@
 
 public interface UserDetailsPasswordManager extends UserDetailsPasswordService {
 
-	void savePasswordAdvice(UserDetails user, ChangePasswordAdvice advice);
+	void savePasswordAction(UserDetails user, PasswordAction action);
 
 }
@@ -32,7 +32,7 @@
 import org.apache.commons.logging.LogFactory;
 import org.jspecify.annotations.Nullable;
 
-import org.springframework.security.authentication.password.ChangePasswordAdvice;
+import org.springframework.security.authentication.password.PasswordAction;
 import org.springframework.security.core.CredentialsContainer;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.SpringSecurityCoreVersion;
@@ -82,7 +82,7 @@ public class User implements UserDetails, CredentialsContainer {
 
 	private final boolean enabled;
 
-	private final ChangePasswordAdvice changePasswordAdvice;
+	private final PasswordAction passwordAction;
 
 	/**
 	 * Calls the more complex constructor with all boolean arguments set to {@code true}.
@@ -118,7 +118,7 @@ public User(String username, @Nullable String password, boolean enabled, boolean
 		this.accountNonExpired = accountNonExpired;
 		this.credentialsNonExpired = credentialsNonExpired;
 		this.accountNonLocked = accountNonLocked;
-		this.changePasswordAdvice = ChangePasswordAdvice.ABSTAIN;
+		this.passwordAction = PasswordAction.ABSTAIN;
 		this.authorities = Collections.unmodifiableSet(sortAuthorities(authorities));
 	}
 
@@ -129,7 +129,7 @@ public User(UserDetails user) {
 		this.accountNonExpired = user.isAccountNonExpired();
 		this.credentialsNonExpired = user.isCredentialsNonExpired();
 		this.accountNonLocked = user.isAccountNonLocked();
-		this.changePasswordAdvice = user.getChangePasswordAdvice();
+		this.passwordAction = user.getPasswordAction();
 		this.authorities = Collections.unmodifiableSet(sortAuthorities(user.getAuthorities()));
 	}
 
@@ -169,8 +169,8 @@ public boolean isCredentialsNonExpired() {
 	}
 
 	@Override
-	public ChangePasswordAdvice getChangePasswordAdvice() {
-		return this.changePasswordAdvice;
+	public PasswordAction getPasswordAction() {
+		return this.passwordAction;
 	}
 
 	@Override
 
@@ -21,7 +21,7 @@
 
 import org.jspecify.annotations.Nullable;
 
-import org.springframework.security.authentication.password.ChangePasswordAdvice;
+import org.springframework.security.authentication.password.PasswordAction;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 
@@ -103,8 +103,8 @@ default boolean isEnabled() {
 		return true;
 	}
 
-	default ChangePasswordAdvice getChangePasswordAdvice() {
-		return ChangePasswordAdvice.ABSTAIN;
+	default PasswordAction getPasswordAction() {
+		return PasswordAction.ABSTAIN;
 	}
 
 }
Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ public ChangePasswordAdvice advise(UserDetails user, String password) {`
`44`	`44`
`45`	`45`	`public static final class Advice implements ChangePasswordAdvice {`
`46`	`46`
`47`		`- private final Action action;`
	`47`	`+ private final PasswordAction action;`
`48`	`48`
`49`	`49`	`private final Collection<ChangePasswordAdvice> advice;`
`50`	`50`
`@@ -53,8 +53,8 @@ private Advice(Collection<ChangePasswordAdvice> advice) {`
`53`	`53`	`this.advice = advice;`
`54`	`54`	`}`
`55`	`55`
`56`		`- private Action findMostUrgentAction(Collection<ChangePasswordAdvice> advice) {`
`57`		`- Action mostUrgentAction = Action.ABSTAIN;`
	`56`	`+ private PasswordAction findMostUrgentAction(Collection<ChangePasswordAdvice> advice) {`
	`57`	`+ PasswordAction mostUrgentAction = PasswordAction.ABSTAIN;`
`58`	`58`	`for (ChangePasswordAdvice a : advice) {`
`59`	`59`	`if (mostUrgentAction.ordinal() < a.getAction().ordinal()) {`
`60`	`60`	`mostUrgentAction = a.getAction();`
`@@ -64,7 +64,7 @@ private Action findMostUrgentAction(Collection<ChangePasswordAdvice> advice) {`
`64`	`64`	`}`
`65`	`65`
`66`	`66`	`@Override`
`67`		`- public Action getAction() {`
	`67`	`+ public PasswordAction getAction() {`
`68`	`68`	`return this.action;`
`69`	`69`	`}`
`70`	`70`
`@@ -74,11 +74,9 @@ public Collection<ChangePasswordAdvice> getAdvice() {`
`74`	`74`
`75`	`75`	`@Override`
`76`	`76`	`public String toString() {`
`77`		`- return "Composite [" +`
`78`		`- "action=" + this.action +`
`79`		`- ", advice=" + this.advice +`
`80`		`- "]";`
	`77`	`+ return "Composite [" + "action=" + this.action + ", advice=" + this.advice + "]";`
`81`	`78`	`}`
	`79`	`+`
`82`	`80`	`}`
`83`	`81`
`84`	`82`	`}`
Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,7 @@ public final class UserDetailsChangePasswordAdvisor implements ChangePasswordAdv`
`22`	`22`
`23`	`23`	`@Override`
`24`	`24`	`public ChangePasswordAdvice advise(UserDetails user, String password) {`
`25`		`- return user.getChangePasswordAdvice();`
	`25`	`+ return user::getPasswordAction;`
`26`	`26`	`}`
`27`	`27`
`28`	`28`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,6 @@`
`21`	`21`
`22`	`22`	`public interface UserDetailsPasswordManager extends UserDetailsPasswordService {`
`23`	`23`
`24`		`- void savePasswordAdvice(UserDetails user, ChangePasswordAdvice advice);`
	`24`	`+ void savePasswordAction(UserDetails user, PasswordAction action);`
`25`	`25`
`26`	`26`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,7 @@`
`21`	`21`
`22`	`22`	`import org.jspecify.annotations.Nullable;`
`23`	`23`
`24`		`-import org.springframework.security.authentication.password.ChangePasswordAdvice;`
	`24`	`+import org.springframework.security.authentication.password.PasswordAction;`
`25`	`25`	`import org.springframework.security.core.Authentication;`
`26`	`26`	`import org.springframework.security.core.GrantedAuthority;`
`27`	`27`
`@@ -103,8 +103,8 @@ default boolean isEnabled() {`
`103`	`103`	`return true;`
`104`	`104`	`}`
`105`	`105`
`106`		`- default ChangePasswordAdvice getChangePasswordAdvice() {`
`107`		`- return ChangePasswordAdvice.ABSTAIN;`
	`106`	`+ default PasswordAction getPasswordAction() {`
	`107`	`+ return PasswordAction.ABSTAIN;`
`108`	`108`	`}`
`109`	`109`
`110`	`110`	`}`