Fix checkstyle violations for test module in 1.3.x

Issue gh-1624

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProviderTests.java

@@ -491,12 +491,12 @@ public class OAuth2AuthorizationCodeRequestAuthenticationProviderTests {
 		this.authenticationProvider.setAuthorizationConsentRequired(authorizationConsentRequired);
 
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		String redirectUri = registeredClient.getRedirectUris().toArray(new String[0])[1];
 		OAuth2AuthorizationCodeRequestAuthenticationToken authentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
-				AUTHORIZATION_URI, registeredClient.getClientId(), principal, redirectUri, STATE,
+				AUTHORIZATION_URI, registeredClient.getClientId(), this.principal, redirectUri, STATE,
 				registeredClient.getScopes(), null);
 
 		OAuth2AuthorizationCodeRequestAuthenticationToken authenticationResult = (OAuth2AuthorizationCodeRequestAuthenticationToken) this.authenticationProvider

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java

@@ -334,7 +334,7 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests {
 		Consumer<OAuth2ClientCredentialsAuthenticationContext> authenticationValidator = mock(Consumer.class);
 		this.authenticationProvider.setAuthenticationValidator(authenticationValidator);
 
-		when(this.jwtEncoder.encode(any())).thenReturn(createJwt(registeredClient.getScopes()));
+		given(this.jwtEncoder.encode(any())).willReturn(createJwt(registeredClient.getScopes()));
 
 		this.authenticationProvider.authenticate(authentication);
 

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProviderTests.java

@@ -58,11 +58,11 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.verifyNoInteractions;
 import static org.mockito.Mockito.verifyNoMoreInteractions;
-import static org.mockito.Mockito.when;
 
 /**
  * Tests for {@link OAuth2TokenExchangeAuthenticationProvider}.
@@ -180,7 +180,7 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 			.authorizationGrantType(AuthorizationGrantType.TOKEN_EXCHANGE)
 			.build();
 		OAuth2TokenExchangeAuthenticationToken authentication = createDelegationRequest(registeredClient);
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).thenReturn(null);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(null);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -203,7 +203,7 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createExpiredAccessToken(SUBJECT_TOKEN))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).thenReturn(authorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -226,7 +226,7 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createAccessToken(SUBJECT_TOKEN), withTokenFormat(OAuth2TokenFormat.REFERENCE))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).thenReturn(authorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -252,7 +252,7 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 				.attributes((attributes) -> attributes.remove(Principal.class.getName()))
 				.build();
 		// @formatter:on
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).thenReturn(authorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -275,8 +275,8 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization subjectAuthorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createAccessToken(SUBJECT_TOKEN))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization, (OAuth2Authorization) null);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization, (OAuth2Authorization) null);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -303,8 +303,8 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createExpiredAccessToken(ACTOR_TOKEN))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization, actorAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization, actorAuthorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -331,8 +331,8 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createAccessToken(ACTOR_TOKEN), withTokenFormat(OAuth2TokenFormat.REFERENCE))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization, actorAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization, actorAuthorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -365,8 +365,8 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createAccessToken(ACTOR_TOKEN), withClaims(actorTokenClaims))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization, actorAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization, actorAuthorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -399,8 +399,8 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createAccessToken(ACTOR_TOKEN), withClaims(actorTokenClaims))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization, actorAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization, actorAuthorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -428,8 +428,8 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 				.token(createAccessToken(SUBJECT_TOKEN), withClaims(Map.of("may_act", authorizedActorClaims)))
 				.build();
 		// @formatter:on
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -456,8 +456,8 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createAccessToken(ACTOR_TOKEN))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization, actorAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization, actorAuthorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -485,8 +485,8 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 		OAuth2Authorization actorAuthorization = TestOAuth2Authorizations.authorization(registeredClient)
 			.token(createAccessToken(ACTOR_TOKEN))
 			.build();
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization, actorAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization, actorAuthorization);
 		// @formatter:off
 		assertThatExceptionOfType(OAuth2AuthenticationException.class)
 				.isThrownBy(() -> this.authenticationProvider.authenticate(authentication))
@@ -514,10 +514,10 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 				.attribute(Principal.class.getName(), userPrincipal)
 				.build();
 		// @formatter:on
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization);
 		OAuth2AccessToken accessToken = createAccessToken("token-value");
-		when(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).thenReturn(accessToken);
+		given(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).willReturn(accessToken);
 		OAuth2AccessTokenAuthenticationToken authenticationResult = (OAuth2AccessTokenAuthenticationToken) this.authenticationProvider
 			.authenticate(authentication);
 		assertThat(authenticationResult.getRegisteredClient()).isEqualTo(registeredClient);
@@ -571,10 +571,10 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 				.attribute(Principal.class.getName(), subjectPrincipal)
 				.build();
 		// @formatter:on
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization);
 		OAuth2AccessToken accessToken = createAccessToken("token-value");
-		when(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).thenReturn(accessToken);
+		given(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).willReturn(accessToken);
 		OAuth2AccessTokenAuthenticationToken authenticationResult = (OAuth2AccessTokenAuthenticationToken) this.authenticationProvider
 			.authenticate(authentication);
 		assertThat(authenticationResult.getRegisteredClient()).isEqualTo(registeredClient);
@@ -634,10 +634,10 @@ public class OAuth2TokenExchangeAuthenticationProviderTests {
 				.token(createAccessToken(ACTOR_TOKEN), withClaims(actor2.getClaims()))
 				.build();
 		// @formatter:on
-		when(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
-			.thenReturn(subjectAuthorization, actorAuthorization);
+		given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class)))
+			.willReturn(subjectAuthorization, actorAuthorization);
 		OAuth2AccessToken accessToken = createAccessToken("token-value");
-		when(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).thenReturn(accessToken);
+		given(this.tokenGenerator.generate(any(OAuth2TokenContext.class))).willReturn(accessToken);
 		OAuth2AccessTokenAuthenticationToken authenticationResult = (OAuth2AccessTokenAuthenticationToken) this.authenticationProvider
 			.authenticate(authentication);
 		assertThat(authenticationResult.getRegisteredClient()).isEqualTo(registeredClient);

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProviderTests.java

@@ -55,9 +55,9 @@ import org.springframework.security.oauth2.server.authorization.util.TestX509Cer
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
 
 /**
  * Tests for {@link X509ClientCertificateAuthenticationProvider}.
@@ -153,16 +153,16 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				.clientAuthenticationMethod(ClientAuthenticationMethod.TLS_CLIENT_AUTH)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId() + "-invalid", ClientAuthenticationMethod.TLS_CLIENT_AUTH,
 				TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null);
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
-			.satisfies(error -> {
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
+			.satisfies((error) -> {
 				assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
 				assertThat(error.getDescription()).contains(OAuth2ParameterNames.CLIENT_ID);
 			});
@@ -171,16 +171,16 @@ public class X509ClientCertificateAuthenticationProviderTests {
 	@Test
 	public void authenticateWhenUnsupportedClientAuthenticationMethodThenThrowOAuth2AuthenticationException() {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH,
 				TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null);
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
-			.satisfies(error -> {
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
+			.satisfies((error) -> {
 				assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
 				assertThat(error.getDescription()).contains("authentication_method");
 			});
@@ -193,15 +193,15 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				.clientAuthenticationMethod(ClientAuthenticationMethod.TLS_CLIENT_AUTH)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH, null, null);
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
-			.satisfies(error -> {
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
+			.satisfies((error) -> {
 				assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
 				assertThat(error.getDescription()).contains("credentials");
 			});
@@ -219,16 +219,16 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH,
 				TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null);
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
-			.satisfies(error -> {
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
+			.satisfies((error) -> {
 				assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
 				assertThat(error.getDescription()).contains("x509_certificate_subject_dn");
 			});
@@ -246,8 +246,8 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId(), ClientAuthenticationMethod.TLS_CLIENT_AUTH,
@@ -276,8 +276,8 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		// PKI Certificate will have different issuer
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
@@ -285,8 +285,8 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE, null);
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
-			.satisfies(error -> {
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
+			.satisfies((error) -> {
 				assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
 				assertThat(error.getDescription()).contains("x509_certificate_issuer");
 			});
@@ -299,16 +299,16 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				.clientAuthenticationMethod(ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH,
 				TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null);
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
-			.satisfies(error -> {
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
+			.satisfies((error) -> {
 				assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
 				assertThat(error.getDescription()).contains("client_jwk_set_url");
 			});
@@ -326,16 +326,16 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH,
 				TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null);
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
-			.satisfies(error -> {
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
+			.satisfies((error) -> {
 				assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
 				assertThat(error.getDescription()).contains("jwk_set_uri");
 			});
@@ -407,16 +407,16 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH,
 				TestX509Certificates.DEMO_CLIENT_SELF_SIGNED_CERTIFICATE, null);
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
-			.satisfies(error -> {
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
+			.satisfies((error) -> {
 				assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
 				assertThat(error.getDescription()).contains(expectedErrorDescription);
 			});
@@ -434,8 +434,8 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(
 				registeredClient.getClientId(), ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH,
@@ -465,14 +465,14 @@ public class X509ClientCertificateAuthenticationProviderTests {
 				)
 				.build();
 		// @formatter:on
-		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
-			.thenReturn(registeredClient);
+		given(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
+			.willReturn(registeredClient);
 
 		OAuth2Authorization authorization = TestOAuth2Authorizations
 			.authorization(registeredClient, createPkceAuthorizationParametersS256())
 			.build();
-		when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE)))
-			.thenReturn(authorization);
+		given(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE)))
+			.willReturn(authorization);
 
 		Map<String, Object> parameters = createPkceTokenParameters(S256_CODE_VERIFIER);
 

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AuthorizationServerContextFilterTests.java

@@ -21,7 +21,6 @@ import java.util.Set;
 import java.util.concurrent.atomic.AtomicReference;
 
 import jakarta.servlet.FilterChain;
-
 import org.junit.jupiter.api.Test;
 
 import org.springframework.mock.web.MockHttpServletRequest;
@@ -49,7 +48,7 @@ class AuthorizationServerContextFilterTests {
 	private AuthorizationServerContextFilter filter;
 
 	@Test
-	public void doFilterWhenDefaultEndpointsThenIssuerResolved() throws Exception {
+	void doFilterWhenDefaultEndpointsThenIssuerResolved() throws Exception {
 		AuthorizationServerSettings authorizationServerSettings = AuthorizationServerSettings.builder().build();
 		this.filter = new AuthorizationServerContextFilter(authorizationServerSettings);
 
@@ -63,7 +62,7 @@ class AuthorizationServerContextFilterTests {
 	}
 
 	@Test
-	public void doFilterWhenCustomEndpointsThenIssuerResolved() throws Exception {
+	void doFilterWhenCustomEndpointsThenIssuerResolved() throws Exception {
 		AuthorizationServerSettings authorizationServerSettings = AuthorizationServerSettings.builder()
 			.authorizationEndpoint("/oauth2/v1/authorize")
 			.deviceAuthorizationEndpoint("/oauth2/v1/device_authorization")
@@ -88,7 +87,7 @@ class AuthorizationServerContextFilterTests {
 	}
 
 	@Test
-	public void doFilterWhenIssuerHasMultiplePathsThenIssuerResolved() throws Exception {
+	void doFilterWhenIssuerHasMultiplePathsThenIssuerResolved() throws Exception {
 		AuthorizationServerSettings authorizationServerSettings = AuthorizationServerSettings.builder().build();
 		this.filter = new AuthorizationServerContextFilter(authorizationServerSettings);
 

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizersTests.java

@@ -45,8 +45,8 @@ import org.springframework.security.oauth2.server.authorization.util.TestX509Cer
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.entry;
+import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
 
 /**
  * Tests for {@link DefaultOAuth2TokenCustomizers}.
@@ -98,7 +98,7 @@ class DefaultOAuth2TokenCustomizersTests {
 	void customizeWhenTokenExchangeGrantAndResourcesThenNoClaimsAdded() {
 		OAuth2TokenExchangeAuthenticationToken tokenExchangeAuthentication = mock(
 				OAuth2TokenExchangeAuthenticationToken.class);
-		when(tokenExchangeAuthentication.getResources()).thenReturn(Set.of("resource1", "resource2"));
+		given(tokenExchangeAuthentication.getResources()).willReturn(Set.of("resource1", "resource2"));
 		// @formatter:off
 		JwtEncodingContext tokenContext = JwtEncodingContext.with(this.jwsHeaderBuilder, this.jwtClaimsBuilder)
 				.tokenType(OAuth2TokenType.ACCESS_TOKEN)
@@ -115,7 +115,7 @@ class DefaultOAuth2TokenCustomizersTests {
 	void customizeWhenTokenExchangeGrantAndAudiencesThenNoClaimsAdded() {
 		OAuth2TokenExchangeAuthenticationToken tokenExchangeAuthentication = mock(
 				OAuth2TokenExchangeAuthenticationToken.class);
-		when(tokenExchangeAuthentication.getAudiences()).thenReturn(Set.of("audience1", "audience2"));
+		given(tokenExchangeAuthentication.getAudiences()).willReturn(Set.of("audience1", "audience2"));
 		// @formatter:off
 		JwtEncodingContext tokenContext = JwtEncodingContext.with(this.jwsHeaderBuilder, this.jwtClaimsBuilder)
 				.tokenType(OAuth2TokenType.ACCESS_TOKEN)
@@ -132,7 +132,7 @@ class DefaultOAuth2TokenCustomizersTests {
 	void customizeWhenTokenExchangeGrantAndDelegationThenActClaimAdded() {
 		OAuth2TokenExchangeAuthenticationToken tokenExchangeAuthentication = mock(
 				OAuth2TokenExchangeAuthenticationToken.class);
-		when(tokenExchangeAuthentication.getAudiences()).thenReturn(Collections.emptySet());
+		given(tokenExchangeAuthentication.getAudiences()).willReturn(Collections.emptySet());
 
 		Authentication subject = new TestingAuthenticationToken("subject", null);
 		OAuth2TokenExchangeActor actor1 = new OAuth2TokenExchangeActor(

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/JwkSetTests.java

@@ -113,7 +113,7 @@ public class JwkSetTests {
 	public void requestWhenJwkSetCustomEndpointThenReturnKeys() throws Exception {
 		this.spring.register(AuthorizationServerConfigurationCustomEndpoints.class).autowire();
 
-		assertJwkSetRequestThenReturnKeys(authorizationServerSettings.getJwkSetEndpoint());
+		assertJwkSetRequestThenReturnKeys(this.authorizationServerSettings.getJwkSetEndpoint());
 	}
 
 	@Test
@@ -121,7 +121,7 @@ public class JwkSetTests {
 		this.spring.register(AuthorizationServerConfigurationCustomEndpoints.class).autowire();
 
 		String issuer = "https://example.com:8443/issuer1";
-		assertJwkSetRequestThenReturnKeys(issuer.concat(authorizationServerSettings.getJwkSetEndpoint()));
+		assertJwkSetRequestThenReturnKeys(issuer.concat(this.authorizationServerSettings.getJwkSetEndpoint()));
 	}
 
 	private void assertJwkSetRequestThenReturnKeys(String jwkSetEndpointUri) throws Exception {

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java

@@ -947,7 +947,7 @@ public class OAuth2AuthorizationCodeGrantTests {
 			.andReturn();
 
 		ArgumentCaptor<OAuth2TokenContext> tokenContextCaptor = ArgumentCaptor.forClass(OAuth2TokenContext.class);
-		verify(tokenGenerator).generate(tokenContextCaptor.capture());
+		verify(this.tokenGenerator).generate(tokenContextCaptor.capture());
 		OAuth2TokenContext tokenContext = tokenContextCaptor.getValue();
 		assertThat(tokenContext.getAuthorizationServerContext().getIssuer()).isEqualTo(issuer);
 	}

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java

@@ -442,9 +442,9 @@ public class OAuth2TokenIntrospectionTests {
 		OAuth2TokenIntrospectionAuthenticationToken tokenIntrospectionAuthentication = new OAuth2TokenIntrospectionAuthenticationToken(
 				accessToken.getTokenValue(), clientPrincipal, null, null);
 
-		when(authenticationConverter.convert(any())).thenReturn(tokenIntrospectionAuthentication);
-		when(authenticationProvider.supports(eq(OAuth2TokenIntrospectionAuthenticationToken.class))).thenReturn(true);
-		when(authenticationProvider.authenticate(any())).thenReturn(tokenIntrospectionAuthentication);
+		given(authenticationConverter.convert(any())).willReturn(tokenIntrospectionAuthentication);
+		given(authenticationProvider.supports(eq(OAuth2TokenIntrospectionAuthenticationToken.class))).willReturn(true);
+		given(authenticationProvider.authenticate(any())).willReturn(tokenIntrospectionAuthentication);
 
 		String issuer = "https://example.com:8443/issuer1";
 

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java

@@ -24,12 +24,11 @@ import java.util.Set;
 import java.util.function.Consumer;
 import java.util.function.Function;
 
-import jakarta.servlet.http.HttpServletResponse;
-
 import com.nimbusds.jose.jwk.JWKSet;
 import com.nimbusds.jose.jwk.source.ImmutableJWKSet;
 import com.nimbusds.jose.jwk.source.JWKSource;
 import com.nimbusds.jose.proc.SecurityContext;
+import jakarta.servlet.http.HttpServletResponse;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilterTests.java

@@ -68,13 +68,11 @@ import org.springframework.util.StringUtils;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.assertj.core.api.Assertions.entry;
-import static org.assertj.core.api.InstanceOfAssertFactories.type;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.verifyNoInteractions;
-import static org.mockito.Mockito.when;
 
 /**
  * Tests for {@link OAuth2TokenEndpointFilter}.
@@ -280,7 +278,7 @@ public class OAuth2TokenEndpointFilterTests {
 				entry("custom-param-1", "custom-value-1"),
 				entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" }));
 		assertThat(authorizationCodeAuthentication.getDetails())
-			.asInstanceOf(type(WebAuthenticationDetails.class))
+			.asInstanceOf(InstanceOfAssertFactories.type(WebAuthenticationDetails.class))
 			.extracting(WebAuthenticationDetails::getRemoteAddress)
 			.isEqualTo(REMOTE_ADDRESS);
 
@@ -345,7 +343,7 @@ public class OAuth2TokenEndpointFilterTests {
 				entry("custom-param-1", "custom-value-1"),
 				entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" }));
 		assertThat(clientCredentialsAuthentication.getDetails())
-			.asInstanceOf(type(WebAuthenticationDetails.class))
+			.asInstanceOf(InstanceOfAssertFactories.type(WebAuthenticationDetails.class))
 			.extracting(WebAuthenticationDetails::getRemoteAddress)
 			.isEqualTo(REMOTE_ADDRESS);
 
@@ -434,7 +432,7 @@ public class OAuth2TokenEndpointFilterTests {
 				entry("custom-param-1", "custom-value-1"),
 				entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" }));
 		assertThat(refreshTokenAuthenticationToken.getDetails())
-			.asInstanceOf(type(WebAuthenticationDetails.class))
+			.asInstanceOf(InstanceOfAssertFactories.type(WebAuthenticationDetails.class))
 			.extracting(WebAuthenticationDetails::getRemoteAddress)
 			.isEqualTo(REMOTE_ADDRESS);
 
@@ -468,7 +466,7 @@ public class OAuth2TokenEndpointFilterTests {
 		OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = new OAuth2AccessTokenAuthenticationToken(
 				registeredClient, clientPrincipal, accessToken, refreshToken);
 
-		when(this.authenticationManager.authenticate(any())).thenReturn(accessTokenAuthentication);
+		given(this.authenticationManager.authenticate(any())).willReturn(accessTokenAuthentication);
 
 		SecurityContext securityContext = SecurityContextHolder.createEmptyContext();
 		securityContext.setAuthentication(clientPrincipal);
@@ -495,7 +493,8 @@ public class OAuth2TokenEndpointFilterTests {
 		assertThat(tokenExchangeAuthenticationToken.getAdditionalParameters()).containsExactly(
 				entry("custom-param-1", "custom-value-1"),
 				entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" }));
-		assertThat(tokenExchangeAuthenticationToken.getDetails()).asInstanceOf(type(WebAuthenticationDetails.class))
+		assertThat(tokenExchangeAuthenticationToken.getDetails())
+			.asInstanceOf(InstanceOfAssertFactories.type(WebAuthenticationDetails.class))
 			.extracting(WebAuthenticationDetails::getRemoteAddress)
 			.isEqualTo(REMOTE_ADDRESS);
 

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests.java

@@ -108,7 +108,7 @@ public class OAuth2AccessTokenResponseAuthenticationSuccessHandlerTests {
 		assertThatThrownBy(() -> this.authenticationSuccessHandler.onAuthenticationSuccess(request, response,
 				new TestingAuthenticationToken(this.clientPrincipal, null)))
 			.isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
 			.extracting("errorCode")
 			.isEqualTo(OAuth2ErrorCodes.SERVER_ERROR);
 	}

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverterTests.java

@@ -63,7 +63,7 @@ public class X509ClientCertificateAuthenticationConverterTests {
 		request.setAttribute("jakarta.servlet.request.X509Certificate",
 				TestX509Certificates.DEMO_CLIENT_PKI_CERTIFICATE);
 		assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
 			.extracting("errorCode")
 			.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
 	}
@@ -76,7 +76,7 @@ public class X509ClientCertificateAuthenticationConverterTests {
 		request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-1");
 		request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-2");
 		assertThatThrownBy(() -> this.converter.convert(request)).isInstanceOf(OAuth2AuthenticationException.class)
-			.extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
+			.extracting((ex) -> ((OAuth2AuthenticationException) ex).getError())
 			.extracting("errorCode")
 			.isEqualTo(OAuth2ErrorCodes.INVALID_REQUEST);
 	}