Fix checkstyle violations for main module

Issue gh-1624

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/AbstractOAuth2AuthorizationServerMetadata.java

@@ -35,8 +35,8 @@ import org.springframework.util.Assert;
  * describes about its configuration.
  *
  * @author Daniel Garnier-Moiroux
- * @see OAuth2AuthorizationServerMetadataClaimAccessor
  * @since 0.1.1
+ * @see OAuth2AuthorizationServerMetadataClaimAccessor
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc8414#section-3.2">3.2.
  * Authorization Server Metadata Response</a>
  * @see <a target="_blank" href=
@@ -68,8 +68,11 @@ public abstract class AbstractOAuth2AuthorizationServerMetadata
 
 	/**
 	 * A builder for subclasses of {@link AbstractOAuth2AuthorizationServerMetadata}.
+	 *
+	 * @param <T> the type of object
+	 * @param <B> the type of the builder
 	 */
-	protected static abstract class AbstractBuilder<T extends AbstractOAuth2AuthorizationServerMetadata, B extends AbstractBuilder<T, B>> {
+	protected abstract static class AbstractBuilder<T extends AbstractOAuth2AuthorizationServerMetadata, B extends AbstractBuilder<T, B>> {
 
 		private final Map<String, Object> claims = new LinkedHashMap<>();
 
@@ -492,7 +495,7 @@ public abstract class AbstractOAuth2AuthorizationServerMetadata
 		private void addClaimToClaimList(String name, String value) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(value, "value cannot be null");
-			getClaims().computeIfAbsent(name, k -> new LinkedList<String>());
+			getClaims().computeIfAbsent(name, (k) -> new LinkedList<String>());
 			((List<String>) getClaims().get(name)).add(value);
 		}
 
@@ -500,7 +503,7 @@ public abstract class AbstractOAuth2AuthorizationServerMetadata
 		private void acceptClaimValues(String name, Consumer<List<String>> valuesConsumer) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(valuesConsumer, "valuesConsumer cannot be null");
-			getClaims().computeIfAbsent(name, k -> new LinkedList<String>());
+			getClaims().computeIfAbsent(name, (k) -> new LinkedList<String>());
 			List<String> values = (List<String>) getClaims().get(name);
 			valuesConsumer.accept(values);
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationConsentService.java

@@ -63,7 +63,7 @@ public final class InMemoryOAuth2AuthorizationConsentService implements OAuth2Au
 	 */
 	public InMemoryOAuth2AuthorizationConsentService(List<OAuth2AuthorizationConsent> authorizationConsents) {
 		Assert.notNull(authorizationConsents, "authorizationConsents cannot be null");
-		authorizationConsents.forEach(authorizationConsent -> {
+		authorizationConsents.forEach((authorizationConsent) -> {
 			Assert.notNull(authorizationConsent, "authorizationConsent cannot be null");
 			int id = getId(authorizationConsent);
 			Assert.isTrue(!this.authorizationConsents.containsKey(id),

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationService.java

@@ -94,7 +94,7 @@ public final class InMemoryOAuth2AuthorizationService implements OAuth2Authoriza
 	 */
 	public InMemoryOAuth2AuthorizationService(List<OAuth2Authorization> authorizations) {
 		Assert.notNull(authorizations, "authorizations cannot be null");
-		authorizations.forEach(authorization -> {
+		authorizations.forEach((authorization) -> {
 			Assert.notNull(authorization, "authorization cannot be null");
 			Assert.isTrue(!this.authorizations.containsKey(authorization.getId()),
 					"The authorization must be unique. Found duplicate identifier: " + authorization.getId());
@@ -129,7 +129,7 @@ public final class InMemoryOAuth2AuthorizationService implements OAuth2Authoriza
 	public OAuth2Authorization findById(String id) {
 		Assert.hasText(id, "id cannot be empty");
 		OAuth2Authorization authorization = this.authorizations.get(id);
-		return authorization != null ? authorization : this.initializedAuthorizations.get(id);
+		return (authorization != null) ? authorization : this.initializedAuthorizations.get(id);
 	}
 
 	@Nullable
@@ -164,19 +164,26 @@ public final class InMemoryOAuth2AuthorizationService implements OAuth2Authoriza
 					matchesRefreshToken(authorization, token) ||
 					matchesDeviceCode(authorization, token) ||
 					matchesUserCode(authorization, token);
-		} else if (OAuth2ParameterNames.STATE.equals(tokenType.getValue())) {
+		}
+		else if (OAuth2ParameterNames.STATE.equals(tokenType.getValue())) {
 			return matchesState(authorization, token);
-		} else if (OAuth2ParameterNames.CODE.equals(tokenType.getValue())) {
+		}
+		else if (OAuth2ParameterNames.CODE.equals(tokenType.getValue())) {
 			return matchesAuthorizationCode(authorization, token);
-		} else if (OAuth2TokenType.ACCESS_TOKEN.equals(tokenType)) {
+		}
+		else if (OAuth2TokenType.ACCESS_TOKEN.equals(tokenType)) {
 			return matchesAccessToken(authorization, token);
-		} else if (OidcParameterNames.ID_TOKEN.equals(tokenType.getValue())) {
+		}
+		else if (OidcParameterNames.ID_TOKEN.equals(tokenType.getValue())) {
 			return matchesIdToken(authorization, token);
-		} else if (OAuth2TokenType.REFRESH_TOKEN.equals(tokenType)) {
+		}
+		else if (OAuth2TokenType.REFRESH_TOKEN.equals(tokenType)) {
 			return matchesRefreshToken(authorization, token);
-		} else if (OAuth2ParameterNames.DEVICE_CODE.equals(tokenType.getValue())) {
+		}
+		else if (OAuth2ParameterNames.DEVICE_CODE.equals(tokenType.getValue())) {
 			return matchesDeviceCode(authorization, token);
-		} else if (OAuth2ParameterNames.USER_CODE.equals(tokenType.getValue())) {
+		}
+		else if (OAuth2ParameterNames.USER_CODE.equals(tokenType.getValue())) {
 			return matchesUserCode(authorization, token);
 		}
 		// @formatter:on

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java

@@ -362,6 +362,70 @@ public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationServic
 		return this.authorizationParametersMapper;
 	}
 
+	private static void initColumnMetadata(JdbcOperations jdbcOperations) {
+		columnMetadataMap = new HashMap<>();
+		ColumnMetadata columnMetadata;
+
+		columnMetadata = getColumnMetadata(jdbcOperations, "attributes", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "authorization_code_value", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "authorization_code_metadata", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "access_token_value", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "access_token_metadata", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "oidc_id_token_value", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "oidc_id_token_metadata", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "refresh_token_value", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "refresh_token_metadata", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "user_code_value", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "user_code_metadata", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "device_code_value", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+		columnMetadata = getColumnMetadata(jdbcOperations, "device_code_metadata", Types.BLOB);
+		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
+	}
+
+	private static ColumnMetadata getColumnMetadata(JdbcOperations jdbcOperations, String columnName,
+			int defaultDataType) {
+		Integer dataType = jdbcOperations.execute((ConnectionCallback<Integer>) (conn) -> {
+			DatabaseMetaData databaseMetaData = conn.getMetaData();
+			ResultSet rs = databaseMetaData.getColumns(null, null, TABLE_NAME, columnName);
+			if (rs.next()) {
+				return rs.getInt("DATA_TYPE");
+			}
+			// NOTE: (Applies to HSQL)
+			// When a database object is created with one of the CREATE statements or
+			// renamed with the ALTER statement,
+			// if the name is enclosed in double quotes, the exact name is used as the
+			// case-normal form.
+			// But if it is not enclosed in double quotes,
+			// the name is converted to uppercase and this uppercase version is stored in
+			// the database as the case-normal form.
+			rs = databaseMetaData.getColumns(null, null, TABLE_NAME.toUpperCase(), columnName.toUpperCase());
+			if (rs.next()) {
+				return rs.getInt("DATA_TYPE");
+			}
+			return null;
+		});
+		return new ColumnMetadata(columnName, (dataType != null) ? dataType : defaultDataType);
+	}
+
+	private static SqlParameterValue mapToSqlParameter(String columnName, String value) {
+		ColumnMetadata columnMetadata = columnMetadataMap.get(columnName);
+		return (Types.BLOB == columnMetadata.getDataType() && StringUtils.hasText(value))
+				? new SqlParameterValue(Types.BLOB, value.getBytes(StandardCharsets.UTF_8))
+				: new SqlParameterValue(columnMetadata.getDataType(), value);
+	}
+
 	/**
 	 * The default {@link RowMapper} that maps the current row in
 	 * {@code java.sql.ResultSet} to {@link OAuth2Authorization}.
@@ -741,68 +805,4 @@ public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationServic
 
 	}
 
-	private static void initColumnMetadata(JdbcOperations jdbcOperations) {
-		columnMetadataMap = new HashMap<>();
-		ColumnMetadata columnMetadata;
-
-		columnMetadata = getColumnMetadata(jdbcOperations, "attributes", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "authorization_code_value", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "authorization_code_metadata", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "access_token_value", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "access_token_metadata", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "oidc_id_token_value", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "oidc_id_token_metadata", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "refresh_token_value", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "refresh_token_metadata", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "user_code_value", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "user_code_metadata", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "device_code_value", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-		columnMetadata = getColumnMetadata(jdbcOperations, "device_code_metadata", Types.BLOB);
-		columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
-	}
-
-	private static ColumnMetadata getColumnMetadata(JdbcOperations jdbcOperations, String columnName,
-			int defaultDataType) {
-		Integer dataType = jdbcOperations.execute((ConnectionCallback<Integer>) conn -> {
-			DatabaseMetaData databaseMetaData = conn.getMetaData();
-			ResultSet rs = databaseMetaData.getColumns(null, null, TABLE_NAME, columnName);
-			if (rs.next()) {
-				return rs.getInt("DATA_TYPE");
-			}
-			// NOTE: (Applies to HSQL)
-			// When a database object is created with one of the CREATE statements or
-			// renamed with the ALTER statement,
-			// if the name is enclosed in double quotes, the exact name is used as the
-			// case-normal form.
-			// But if it is not enclosed in double quotes,
-			// the name is converted to uppercase and this uppercase version is stored in
-			// the database as the case-normal form.
-			rs = databaseMetaData.getColumns(null, null, TABLE_NAME.toUpperCase(), columnName.toUpperCase());
-			if (rs.next()) {
-				return rs.getInt("DATA_TYPE");
-			}
-			return null;
-		});
-		return new ColumnMetadata(columnName, dataType != null ? dataType : defaultDataType);
-	}
-
-	private static SqlParameterValue mapToSqlParameter(String columnName, String value) {
-		ColumnMetadata columnMetadata = columnMetadataMap.get(columnName);
-		return Types.BLOB == columnMetadata.getDataType() && StringUtils.hasText(value)
-				? new SqlParameterValue(Types.BLOB, value.getBytes(StandardCharsets.UTF_8))
-				: new SqlParameterValue(columnMetadata.getDataType(), value);
-	}
-
 }

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2Authorization.java

@@ -144,7 +144,7 @@ public class OAuth2Authorization implements Serializable {
 	public <T extends OAuth2Token> Token<T> getToken(Class<T> tokenType) {
 		Assert.notNull(tokenType, "tokenType cannot be null");
 		Token<?> token = this.tokens.get(tokenType);
-		return token != null ? (Token<T>) token : null;
+		return (token != null) ? (Token<T>) token : null;
 	}
 
 	/**
@@ -234,12 +234,13 @@ public class OAuth2Authorization implements Serializable {
 			.authorizationGrantType(authorization.getAuthorizationGrantType())
 			.authorizedScopes(authorization.getAuthorizedScopes())
 			.tokens(authorization.tokens)
-			.attributes(attrs -> attrs.putAll(authorization.getAttributes()));
+			.attributes((attrs) -> attrs.putAll(authorization.getAttributes()));
 	}
 
 	/**
 	 * A holder of an OAuth 2.0 Token and it's associated metadata.
 	 *
+	 * @param <T> the type of the {@link OAuth2Token}
 	 * @author Joe Grandja
 	 * @since 0.1.0
 	 */

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationConsentService.java

@@ -15,11 +15,11 @@
  */
 package org.springframework.security.oauth2.server.authorization;
 
+import java.security.Principal;
+
 import org.springframework.lang.Nullable;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 
-import java.security.Principal;
-
 /**
  * Implementations of this interface are responsible for the management of
  * {@link OAuth2AuthorizationConsent OAuth 2.0 Authorization Consent(s)}.

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationServerMetadata.java

@@ -52,13 +52,13 @@ public final class OAuth2AuthorizationServerMetadata extends AbstractOAuth2Autho
 	 */
 	public static Builder withClaims(Map<String, Object> claims) {
 		Assert.notEmpty(claims, "claims cannot be empty");
-		return new Builder().claims(c -> c.putAll(claims));
+		return new Builder().claims((c) -> c.putAll(claims));
 	}
 
 	/**
 	 * Helps configure an {@link OAuth2AuthorizationServerMetadata}.
 	 */
-	public static class Builder extends AbstractBuilder<OAuth2AuthorizationServerMetadata, Builder> {
+	public static final class Builder extends AbstractBuilder<OAuth2AuthorizationServerMetadata, Builder> {
 
 		private Builder() {
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2TokenIntrospection.java

@@ -88,13 +88,13 @@ public final class OAuth2TokenIntrospection implements OAuth2TokenIntrospectionC
 	 */
 	public static Builder withClaims(Map<String, Object> claims) {
 		Assert.notEmpty(claims, "claims cannot be empty");
-		return builder().claims(c -> c.putAll(claims));
+		return builder().claims((c) -> c.putAll(claims));
 	}
 
 	/**
 	 * A builder for {@link OAuth2TokenIntrospection}.
 	 */
-	public static class Builder {
+	public static final class Builder {
 
 		private final Map<String, Object> claims = new LinkedHashMap<>();
 
@@ -312,7 +312,7 @@ public final class OAuth2TokenIntrospection implements OAuth2TokenIntrospectionC
 		private void addClaimToClaimList(String name, String value) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(value, "value cannot be null");
-			this.claims.computeIfAbsent(name, k -> new LinkedList<String>());
+			this.claims.computeIfAbsent(name, (k) -> new LinkedList<String>());
 			((List<String>) this.claims.get(name)).add(value);
 		}
 
@@ -320,7 +320,7 @@ public final class OAuth2TokenIntrospection implements OAuth2TokenIntrospectionC
 		private void acceptClaimValues(String name, Consumer<List<String>> valuesConsumer) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(valuesConsumer, "valuesConsumer cannot be null");
-			this.claims.computeIfAbsent(name, k -> new LinkedList<String>());
+			this.claims.computeIfAbsent(name, (k) -> new LinkedList<String>());
 			List<String> values = (List<String>) this.claims.get(name);
 			valuesConsumer.accept(values);
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2TokenType.java

@@ -32,8 +32,14 @@ public final class OAuth2TokenType implements Serializable {
 
 	private static final long serialVersionUID = SpringAuthorizationServerVersion.SERIAL_VERSION_UID;
 
+	/**
+	 * {@code access_token} token type.
+	 */
 	public static final OAuth2TokenType ACCESS_TOKEN = new OAuth2TokenType("access_token");
 
+	/**
+	 * {@code refresh_token} token type.
+	 */
 	public static final OAuth2TokenType REFRESH_TOKEN = new OAuth2TokenType("refresh_token");
 
 	private final String value;

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionAuthenticationProvider.java

@@ -128,7 +128,7 @@ public final class JwtClientAssertionAuthenticationProvider implements Authentic
 
 		// @formatter:off
 		ClientAuthenticationMethod clientAuthenticationMethod =
-				registeredClient.getClientSettings().getTokenEndpointAuthenticationSigningAlgorithm() instanceof SignatureAlgorithm ?
+				(registeredClient.getClientSettings().getTokenEndpointAuthenticationSigningAlgorithm() instanceof SignatureAlgorithm) ?
 						ClientAuthenticationMethod.PRIVATE_KEY_JWT :
 						ClientAuthenticationMethod.CLIENT_SECRET_JWT;
 		// @formatter:on

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java

@@ -64,8 +64,6 @@ import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
 
-import static org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthenticationProviderUtils.getAuthenticatedClientElseThrowInvalidClient;
-
 /**
  * An {@link AuthenticationProvider} implementation for the OAuth 2.0 Authorization Code
  * Grant.
@@ -120,8 +118,8 @@ public final class OAuth2AuthorizationCodeAuthenticationProvider implements Auth
 	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		OAuth2AuthorizationCodeAuthenticationToken authorizationCodeAuthentication = (OAuth2AuthorizationCodeAuthenticationToken) authentication;
 
-		OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(
-				authorizationCodeAuthentication);
+		OAuth2ClientAuthenticationToken clientPrincipal = OAuth2AuthenticationProviderUtils
+			.getAuthenticatedClientElseThrowInvalidClient(authorizationCodeAuthentication);
 		RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
 
 		if (this.logger.isTraceEnabled()) {
@@ -166,7 +164,7 @@ public final class OAuth2AuthorizationCodeAuthenticationProvider implements Auth
 
 		if (!authorizationCode.isActive()) {
 			if (authorizationCode.isInvalidated()) {
-				OAuth2Authorization.Token<? extends OAuth2Token> token = authorization.getRefreshToken() != null
+				OAuth2Authorization.Token<? extends OAuth2Token> token = (authorization.getRefreshToken() != null)
 						? authorization.getRefreshToken() : authorization.getAccessToken();
 				if (token != null) {
 					// Invalidate the access (and refresh) token as the client is

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java

@@ -186,12 +186,12 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen
 				.build();
 
 			if (this.logger.isTraceEnabled()) {
-				logger.trace("Generated authorization consent state");
+				this.logger.trace("Generated authorization consent state");
 			}
 
 			this.authorizationService.save(authorization);
 
-			Set<String> currentAuthorizedScopes = currentAuthorizationConsent != null
+			Set<String> currentAuthorizedScopes = (currentAuthorizationConsent != null)
 					? currentAuthorizationConsent.getScopes() : null;
 
 			if (this.logger.isTraceEnabled()) {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationToken.java

@@ -81,9 +81,9 @@ public class OAuth2AuthorizationCodeRequestAuthenticationToken extends AbstractA
 		this.principal = principal;
 		this.redirectUri = redirectUri;
 		this.state = state;
-		this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
+		this.scopes = Collections.unmodifiableSet((scopes != null) ? new HashSet<>(scopes) : Collections.emptySet());
 		this.additionalParameters = Collections.unmodifiableMap(
-				additionalParameters != null ? new HashMap<>(additionalParameters) : Collections.emptyMap());
+				(additionalParameters != null) ? new HashMap<>(additionalParameters) : Collections.emptyMap());
 		this.authorizationCode = null;
 	}
 
@@ -113,7 +113,7 @@ public class OAuth2AuthorizationCodeRequestAuthenticationToken extends AbstractA
 		this.authorizationCode = authorizationCode;
 		this.redirectUri = redirectUri;
 		this.state = state;
-		this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
+		this.scopes = Collections.unmodifiableSet((scopes != null) ? new HashSet<>(scopes) : Collections.emptySet());
 		this.additionalParameters = Collections.emptyMap();
 		setAuthenticated(true);
 	}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationProvider.java

@@ -154,7 +154,7 @@ public final class OAuth2AuthorizationConsentAuthenticationProvider implements A
 
 		OAuth2AuthorizationConsent currentAuthorizationConsent = this.authorizationConsentService
 			.findById(authorization.getRegisteredClientId(), authorization.getPrincipalName());
-		Set<String> currentAuthorizedScopes = currentAuthorizationConsent != null
+		Set<String> currentAuthorizedScopes = (currentAuthorizationConsent != null)
 				? currentAuthorizationConsent.getScopes() : Collections.emptySet();
 
 		if (!currentAuthorizedScopes.isEmpty()) {
@@ -242,9 +242,7 @@ public final class OAuth2AuthorizationConsentAuthenticationProvider implements A
 		OAuth2Authorization updatedAuthorization = OAuth2Authorization.from(authorization)
 			.authorizedScopes(authorizedScopes)
 			.token(authorizationCode)
-			.attributes(attrs -> {
-				attrs.remove(OAuth2ParameterNames.STATE);
-			})
+			.attributes((attrs) -> attrs.remove(OAuth2ParameterNames.STATE))
 			.build();
 		this.authorizationService.save(updatedAuthorization);
 
@@ -353,9 +351,9 @@ public final class OAuth2AuthorizationConsentAuthenticationProvider implements A
 			redirectUri = null; // Prevent redirects
 		}
 
-		String state = authorizationRequest != null ? authorizationRequest.getState()
+		String state = (authorizationRequest != null) ? authorizationRequest.getState()
 				: authorizationConsentAuthentication.getState();
-		Set<String> requestedScopes = authorizationRequest != null ? authorizationRequest.getScopes()
+		Set<String> requestedScopes = (authorizationRequest != null) ? authorizationRequest.getScopes()
 				: authorizationConsentAuthentication.getScopes();
 
 		OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthenticationResult = new OAuth2AuthorizationCodeRequestAuthenticationToken(

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationToken.java

@@ -74,9 +74,9 @@ public class OAuth2AuthorizationConsentAuthenticationToken extends AbstractAuthe
 		this.clientId = clientId;
 		this.principal = principal;
 		this.state = state;
-		this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
+		this.scopes = Collections.unmodifiableSet((scopes != null) ? new HashSet<>(scopes) : Collections.emptySet());
 		this.additionalParameters = Collections.unmodifiableMap(
-				additionalParameters != null ? new HashMap<>(additionalParameters) : Collections.emptyMap());
+				(additionalParameters != null) ? new HashMap<>(additionalParameters) : Collections.emptyMap());
 		setAuthenticated(true);
 	}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationGrantAuthenticationToken.java

@@ -62,7 +62,7 @@ public class OAuth2AuthorizationGrantAuthenticationToken extends AbstractAuthent
 		this.authorizationGrantType = authorizationGrantType;
 		this.clientPrincipal = clientPrincipal;
 		this.additionalParameters = Collections.unmodifiableMap(
-				additionalParameters != null ? new HashMap<>(additionalParameters) : Collections.emptyMap());
+				(additionalParameters != null) ? new HashMap<>(additionalParameters) : Collections.emptyMap());
 	}
 
 	/**

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientAuthenticationToken.java

@@ -73,7 +73,7 @@ public class OAuth2ClientAuthenticationToken extends AbstractAuthenticationToken
 		this.clientAuthenticationMethod = clientAuthenticationMethod;
 		this.credentials = credentials;
 		this.additionalParameters = Collections
-			.unmodifiableMap(additionalParameters != null ? additionalParameters : Collections.emptyMap());
+			.unmodifiableMap((additionalParameters != null) ? additionalParameters : Collections.emptyMap());
 	}
 
 	/**

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java

@@ -43,8 +43,6 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
 import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
 
-import static org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthenticationProviderUtils.getAuthenticatedClientElseThrowInvalidClient;
-
 /**
  * An {@link AuthenticationProvider} implementation for the OAuth 2.0 Client Credentials
  * Grant.
@@ -92,8 +90,8 @@ public final class OAuth2ClientCredentialsAuthenticationProvider implements Auth
 	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		OAuth2ClientCredentialsAuthenticationToken clientCredentialsAuthentication = (OAuth2ClientCredentialsAuthenticationToken) authentication;
 
-		OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(
-				clientCredentialsAuthentication);
+		OAuth2ClientAuthenticationToken clientPrincipal = OAuth2AuthenticationProviderUtils
+			.getAuthenticatedClientElseThrowInvalidClient(clientCredentialsAuthentication);
 		RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
 
 		if (this.logger.isTraceEnabled()) {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationToken.java

@@ -47,7 +47,7 @@ public class OAuth2ClientCredentialsAuthenticationToken extends OAuth2Authorizat
 	public OAuth2ClientCredentialsAuthenticationToken(Authentication clientPrincipal, @Nullable Set<String> scopes,
 			@Nullable Map<String, Object> additionalParameters) {
 		super(AuthorizationGrantType.CLIENT_CREDENTIALS, clientPrincipal, additionalParameters);
-		this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
+		this.scopes = Collections.unmodifiableSet((scopes != null) ? new HashSet<>(scopes) : Collections.emptySet());
 	}
 
 	/**

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationConsentAuthenticationProvider.java

@@ -133,7 +133,7 @@ public final class OAuth2DeviceAuthorizationConsentAuthenticationProvider implem
 
 		OAuth2AuthorizationConsent currentAuthorizationConsent = this.authorizationConsentService
 			.findById(authorization.getRegisteredClientId(), principal.getName());
-		Set<String> currentAuthorizedScopes = currentAuthorizationConsent != null
+		Set<String> currentAuthorizedScopes = (currentAuthorizationConsent != null)
 				? currentAuthorizationConsent.getScopes() : Collections.emptySet();
 
 		if (!currentAuthorizedScopes.isEmpty()) {
@@ -187,11 +187,11 @@ public final class OAuth2DeviceAuthorizationConsentAuthenticationProvider implem
 				}
 			}
 			authorization = OAuth2Authorization.from(authorization)
-				.token(deviceCodeToken.getToken(),
-						metadata -> metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true))
-				.token(userCodeToken.getToken(),
-						metadata -> metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true))
-				.attributes(attrs -> attrs.remove(OAuth2ParameterNames.STATE))
+				.token((deviceCodeToken.getToken()),
+						(metadata) -> metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true))
+				.token((userCodeToken.getToken()),
+						(metadata) -> metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true))
+				.attributes((attrs) -> attrs.remove(OAuth2ParameterNames.STATE))
 				.build();
 			this.authorizationService.save(authorization);
 			if (this.logger.isTraceEnabled()) {
@@ -210,10 +210,10 @@ public final class OAuth2DeviceAuthorizationConsentAuthenticationProvider implem
 
 		authorization = OAuth2Authorization.from(authorization)
 			.authorizedScopes(authorizedScopes)
-			.token(userCodeToken.getToken(),
-					metadata -> metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true))
-			.attributes(attrs -> attrs.remove(OAuth2ParameterNames.STATE))
-			.attributes(attrs -> attrs.remove(OAuth2ParameterNames.SCOPE))
+			.token((userCodeToken.getToken()),
+					(metadata) -> metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true))
+			.attributes((attrs) -> attrs.remove(OAuth2ParameterNames.STATE))
+			.attributes((attrs) -> attrs.remove(OAuth2ParameterNames.SCOPE))
 			.build();
 		this.authorizationService.save(authorization);
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationConsentAuthenticationToken.java

@@ -82,7 +82,7 @@ public class OAuth2DeviceAuthorizationConsentAuthenticationToken extends OAuth2A
 		Assert.hasText(userCode, "userCode cannot be empty");
 		this.userCode = userCode;
 		this.requestedScopes = Collections
-			.unmodifiableSet(requestedScopes != null ? new HashSet<>(requestedScopes) : Collections.emptySet());
+			.unmodifiableSet((requestedScopes != null) ? new HashSet<>(requestedScopes) : Collections.emptySet());
 		setAuthenticated(true);
 	}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationRequestAuthenticationProvider.java

@@ -49,8 +49,6 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
 import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
 
-import static org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthenticationProviderUtils.getAuthenticatedClientElseThrowInvalidClient;
-
 /**
  * An {@link AuthenticationProvider} implementation for the Device Authorization Request
  * used in the OAuth 2.0 Device Authorization Grant.
@@ -97,8 +95,8 @@ public final class OAuth2DeviceAuthorizationRequestAuthenticationProvider implem
 	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		OAuth2DeviceAuthorizationRequestAuthenticationToken deviceAuthorizationRequestAuthentication = (OAuth2DeviceAuthorizationRequestAuthenticationToken) authentication;
 
-		OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(
-				deviceAuthorizationRequestAuthentication);
+		OAuth2ClientAuthenticationToken clientPrincipal = OAuth2AuthenticationProviderUtils
+			.getAuthenticatedClientElseThrowInvalidClient(deviceAuthorizationRequestAuthentication);
 		RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
 
 		if (this.logger.isTraceEnabled()) {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationRequestAuthenticationToken.java

@@ -70,9 +70,9 @@ public class OAuth2DeviceAuthorizationRequestAuthenticationToken extends Abstrac
 		Assert.hasText(authorizationUri, "authorizationUri cannot be empty");
 		this.clientPrincipal = clientPrincipal;
 		this.authorizationUri = authorizationUri;
-		this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
+		this.scopes = Collections.unmodifiableSet((scopes != null) ? new HashSet<>(scopes) : Collections.emptySet());
 		this.additionalParameters = Collections.unmodifiableMap(
-				additionalParameters != null ? new HashMap<>(additionalParameters) : Collections.emptyMap());
+				(additionalParameters != null) ? new HashMap<>(additionalParameters) : Collections.emptyMap());
 		this.deviceCode = null;
 		this.userCode = null;
 	}
@@ -92,7 +92,7 @@ public class OAuth2DeviceAuthorizationRequestAuthenticationToken extends Abstrac
 		Assert.notNull(deviceCode, "deviceCode cannot be null");
 		Assert.notNull(userCode, "userCode cannot be null");
 		this.clientPrincipal = clientPrincipal;
-		this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
+		this.scopes = Collections.unmodifiableSet((scopes != null) ? new HashSet<>(scopes) : Collections.emptySet());
 		this.deviceCode = deviceCode;
 		this.userCode = userCode;
 		this.authorizationUri = null;

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationProvider.java

@@ -45,8 +45,6 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
 import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
 import org.springframework.util.Assert;
 
-import static org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthenticationProviderUtils.getAuthenticatedClientElseThrowInvalidClient;
-
 /**
  * An {@link AuthenticationProvider} implementation for the Device Access Token Request
  * used in the OAuth 2.0 Device Authorization Grant.
@@ -102,8 +100,8 @@ public final class OAuth2DeviceCodeAuthenticationProvider implements Authenticat
 	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		OAuth2DeviceCodeAuthenticationToken deviceCodeAuthentication = (OAuth2DeviceCodeAuthenticationToken) authentication;
 
-		OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(
-				deviceCodeAuthentication);
+		OAuth2ClientAuthenticationToken clientPrincipal = OAuth2AuthenticationProviderUtils
+			.getAuthenticatedClientElseThrowInvalidClient(deviceCodeAuthentication);
 		RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
 
 		if (this.logger.isTraceEnabled()) {
@@ -203,7 +201,7 @@ public final class OAuth2DeviceCodeAuthenticationProvider implements Authenticat
 		// @formatter:off
 		OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.from(authorization)
 				// Invalidate the device code as it can only be used (successfully) once
-				.token(deviceCode.getToken(), metadata ->
+				.token(deviceCode.getToken(), (metadata) ->
 						metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true));
 		// @formatter:on
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java

@@ -149,7 +149,7 @@ public final class OAuth2DeviceVerificationAuthenticationProvider implements Aut
 				this.logger.trace("Saved authorization");
 			}
 
-			Set<String> currentAuthorizedScopes = currentAuthorizationConsent != null
+			Set<String> currentAuthorizedScopes = (currentAuthorizationConsent != null)
 					? currentAuthorizationConsent.getScopes() : null;
 
 			AuthorizationServerSettings authorizationServerSettings = AuthorizationServerContextHolder.getContext()
@@ -166,10 +166,10 @@ public final class OAuth2DeviceVerificationAuthenticationProvider implements Aut
 		authorization = OAuth2Authorization.from(authorization)
 				.principalName(principal.getName())
 				.authorizedScopes(requestedScopes)
-				.token(userCode.getToken(), metadata -> metadata
+				.token(userCode.getToken(), (metadata) -> metadata
 						.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true))
 				.attribute(Principal.class.getName(), principal)
-				.attributes(attributes -> attributes.remove(OAuth2ParameterNames.SCOPE))
+				.attributes((attributes) -> attributes.remove(OAuth2ParameterNames.SCOPE))
 				.build();
 		// @formatter:on
 		this.authorizationService.save(authorization);

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationToken.java

@@ -61,7 +61,7 @@ public class OAuth2DeviceVerificationAuthenticationToken extends AbstractAuthent
 		this.principal = principal;
 		this.userCode = userCode;
 		this.additionalParameters = Collections.unmodifiableMap(
-				additionalParameters != null ? new HashMap<>(additionalParameters) : Collections.emptyMap());
+				(additionalParameters != null) ? new HashMap<>(additionalParameters) : Collections.emptyMap());
 		this.clientId = null;
 	}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java

@@ -49,8 +49,6 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke
 import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
 import org.springframework.util.Assert;
 
-import static org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthenticationProviderUtils.getAuthenticatedClientElseThrowInvalidClient;
-
 /**
  * An {@link AuthenticationProvider} implementation for the OAuth 2.0 Refresh Token Grant.
  *
@@ -100,8 +98,8 @@ public final class OAuth2RefreshTokenAuthenticationProvider implements Authentic
 	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		OAuth2RefreshTokenAuthenticationToken refreshTokenAuthentication = (OAuth2RefreshTokenAuthenticationToken) authentication;
 
-		OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(
-				refreshTokenAuthentication);
+		OAuth2ClientAuthenticationToken clientPrincipal = OAuth2AuthenticationProviderUtils
+			.getAuthenticatedClientElseThrowInvalidClient(refreshTokenAuthentication);
 		RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
 
 		if (this.logger.isTraceEnabled()) {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationToken.java

@@ -52,7 +52,7 @@ public class OAuth2RefreshTokenAuthenticationToken extends OAuth2AuthorizationGr
 		super(AuthorizationGrantType.REFRESH_TOKEN, clientPrincipal, additionalParameters);
 		Assert.hasText(refreshToken, "refreshToken cannot be empty");
 		this.refreshToken = refreshToken;
-		this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet());
+		this.scopes = Collections.unmodifiableSet((scopes != null) ? new HashSet<>(scopes) : Collections.emptySet());
 	}
 
 	/**

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationProvider.java

@@ -39,8 +39,6 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
 import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
 
-import static org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthenticationProviderUtils.getAuthenticatedClientElseThrowInvalidClient;
-
 /**
  * An {@link AuthenticationProvider} implementation for OAuth 2.0 Token Introspection.
  *
@@ -84,8 +82,8 @@ public final class OAuth2TokenIntrospectionAuthenticationProvider implements Aut
 	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		OAuth2TokenIntrospectionAuthenticationToken tokenIntrospectionAuthentication = (OAuth2TokenIntrospectionAuthenticationToken) authentication;
 
-		OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(
-				tokenIntrospectionAuthentication);
+		OAuth2ClientAuthenticationToken clientPrincipal = OAuth2AuthenticationProviderUtils
+			.getAuthenticatedClientElseThrowInvalidClient(tokenIntrospectionAuthentication);
 
 		OAuth2Authorization authorization = this.authorizationService
 			.findByToken(tokenIntrospectionAuthentication.getToken(), null);

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationToken.java

@@ -67,7 +67,7 @@ public class OAuth2TokenIntrospectionAuthenticationToken extends AbstractAuthent
 		this.clientPrincipal = clientPrincipal;
 		this.tokenTypeHint = tokenTypeHint;
 		this.additionalParameters = Collections.unmodifiableMap(
-				additionalParameters != null ? new HashMap<>(additionalParameters) : Collections.emptyMap());
+				(additionalParameters != null) ? new HashMap<>(additionalParameters) : Collections.emptyMap());
 		this.tokenClaims = OAuth2TokenIntrospection.builder().build();
 	}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationProvider.java

@@ -29,8 +29,6 @@ import org.springframework.security.oauth2.server.authorization.OAuth2Authorizat
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.util.Assert;
 
-import static org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthenticationProviderUtils.getAuthenticatedClientElseThrowInvalidClient;
-
 /**
  * An {@link AuthenticationProvider} implementation for OAuth 2.0 Token Revocation.
  *
@@ -62,8 +60,8 @@ public final class OAuth2TokenRevocationAuthenticationProvider implements Authen
 	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		OAuth2TokenRevocationAuthenticationToken tokenRevocationAuthentication = (OAuth2TokenRevocationAuthenticationToken) authentication;
 
-		OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient(
-				tokenRevocationAuthentication);
+		OAuth2ClientAuthenticationToken clientPrincipal = OAuth2AuthenticationProviderUtils
+			.getAuthenticatedClientElseThrowInvalidClient(tokenRevocationAuthentication);
 		RegisteredClient registeredClient = clientPrincipal.getRegisteredClient();
 
 		OAuth2Authorization authorization = this.authorizationService

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepository.java

@@ -34,9 +34,9 @@ import org.springframework.util.StringUtils;
  * @author Anoop Garlapati
  * @author Ovidiu Popa
  * @author Joe Grandja
+ * @since 0.0.1
  * @see RegisteredClientRepository
  * @see RegisteredClient
- * @since 0.0.1
  */
 public final class InMemoryRegisteredClientRepository implements RegisteredClientRepository {
 
@@ -98,7 +98,7 @@ public final class InMemoryRegisteredClientRepository implements RegisteredClien
 
 	private void assertUniqueIdentifiers(RegisteredClient registeredClient,
 			Map<String, RegisteredClient> registrations) {
-		registrations.values().forEach(registration -> {
+		registrations.values().forEach((registration) -> {
 			if (registeredClient.getId().equals(registration.getId())) {
 				throw new IllegalArgumentException("Registered client must be unique. " + "Found duplicate identifier: "
 						+ registeredClient.getId());

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java

@@ -262,15 +262,15 @@ public class JdbcRegisteredClientRepository implements RegisteredClientRepositor
 			// @formatter:off
 			RegisteredClient.Builder builder = RegisteredClient.withId(rs.getString("id"))
 					.clientId(rs.getString("client_id"))
-					.clientIdIssuedAt(clientIdIssuedAt != null ? clientIdIssuedAt.toInstant() : null)
+					.clientIdIssuedAt((clientIdIssuedAt != null) ? clientIdIssuedAt.toInstant() : null)
 					.clientSecret(rs.getString("client_secret"))
-					.clientSecretExpiresAt(clientSecretExpiresAt != null ? clientSecretExpiresAt.toInstant() : null)
+					.clientSecretExpiresAt((clientSecretExpiresAt != null) ? clientSecretExpiresAt.toInstant() : null)
 					.clientName(rs.getString("client_name"))
 					.clientAuthenticationMethods((authenticationMethods) ->
-							clientAuthenticationMethods.forEach(authenticationMethod ->
+							clientAuthenticationMethods.forEach((authenticationMethod) ->
 									authenticationMethods.add(resolveClientAuthenticationMethod(authenticationMethod))))
 					.authorizationGrantTypes((grantTypes) ->
-							authorizationGrantTypes.forEach(grantType ->
+							authorizationGrantTypes.forEach((grantType) ->
 									grantTypes.add(resolveAuthorizationGrantType(grantType))))
 					.redirectUris((uris) -> uris.addAll(redirectUris))
 					.postLogoutRedirectUris((uris) -> uris.addAll(postLogoutRedirectUris))
@@ -357,22 +357,22 @@ public class JdbcRegisteredClientRepository implements RegisteredClientRepositor
 
 		@Override
 		public List<SqlParameterValue> apply(RegisteredClient registeredClient) {
-			Timestamp clientIdIssuedAt = registeredClient.getClientIdIssuedAt() != null
+			Timestamp clientIdIssuedAt = (registeredClient.getClientIdIssuedAt() != null)
 					? Timestamp.from(registeredClient.getClientIdIssuedAt()) : Timestamp.from(Instant.now());
 
-			Timestamp clientSecretExpiresAt = registeredClient.getClientSecretExpiresAt() != null
+			Timestamp clientSecretExpiresAt = (registeredClient.getClientSecretExpiresAt() != null)
 					? Timestamp.from(registeredClient.getClientSecretExpiresAt()) : null;
 
 			List<String> clientAuthenticationMethods = new ArrayList<>(
 					registeredClient.getClientAuthenticationMethods().size());
 			registeredClient.getClientAuthenticationMethods()
-				.forEach(clientAuthenticationMethod -> clientAuthenticationMethods
+				.forEach((clientAuthenticationMethod) -> clientAuthenticationMethods
 					.add(clientAuthenticationMethod.getValue()));
 
 			List<String> authorizationGrantTypes = new ArrayList<>(
 					registeredClient.getAuthorizationGrantTypes().size());
 			registeredClient.getAuthorizationGrantTypes()
-				.forEach(authorizationGrantType -> authorizationGrantTypes.add(authorizationGrantType.getValue()));
+				.forEach((authorizationGrantType) -> authorizationGrantTypes.add(authorizationGrantType.getValue()));
 
 			return Arrays.asList(new SqlParameterValue(Types.VARCHAR, registeredClient.getId()),
 					new SqlParameterValue(Types.VARCHAR, registeredClient.getClientId()),

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/RegisteredClient.java

@@ -40,9 +40,9 @@ import org.springframework.util.StringUtils;
  *
  * @author Joe Grandja
  * @author Anoop Garlapati
+ * @since 0.0.1
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-2">Section 2
  * Client Registration</a>
- * @since 0.0.1
  */
 public class RegisteredClient implements Serializable {
 
@@ -594,7 +594,7 @@ public class RegisteredClient implements Serializable {
 
 		private static boolean validateScope(String scope) {
 			return scope == null || scope.chars()
-				.allMatch(c -> withinTheRangeOf(c, 0x21, 0x21) || withinTheRangeOf(c, 0x23, 0x5B)
+				.allMatch((c) -> withinTheRangeOf(c, 0x21, 0x21) || withinTheRangeOf(c, 0x23, 0x5B)
 						|| withinTheRangeOf(c, 0x5D, 0x7E));
 		}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/RegisteredClientRepository.java

@@ -23,8 +23,8 @@ import org.springframework.lang.Nullable;
  * @author Joe Grandja
  * @author Anoop Garlapati
  * @author Ovidiu Popa
- * @see RegisteredClient
  * @since 0.0.1
+ * @see RegisteredClient
  */
 public interface RegisteredClientRepository {
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configuration/OAuth2AuthorizationServerConfiguration.java

@@ -64,10 +64,10 @@ public class OAuth2AuthorizationServerConfiguration {
 
 		http
 			.securityMatcher(endpointsMatcher)
-			.authorizeHttpRequests(authorize ->
+			.authorizeHttpRequests((authorize) ->
 				authorize.anyRequest().authenticated()
 			)
-			.csrf(csrf -> csrf.ignoringRequestMatchers(endpointsMatcher))
+			.csrf((csrf) -> csrf.ignoringRequestMatchers(endpointsMatcher))
 			.apply(authorizationServerConfigurer);
 	}
 	// @formatter:on

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AuthorizationServerContextFilter.java

@@ -67,7 +67,7 @@ final class AuthorizationServerContextFilter extends OncePerRequestFilter {
 
 	private static String resolveIssuer(AuthorizationServerSettings authorizationServerSettings,
 			HttpServletRequest request) {
-		return authorizationServerSettings.getIssuer() != null ? authorizationServerSettings.getIssuer()
+		return (authorizationServerSettings.getIssuer() != null) ? authorizationServerSettings.getIssuer()
 				: getContextPath(request);
 	}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java

@@ -86,6 +86,7 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OAuth2AuthorizationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -223,7 +224,7 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C
 
 	void addAuthorizationCodeRequestAuthenticationValidator(
 			Consumer<OAuth2AuthorizationCodeRequestAuthenticationContext> authenticationValidator) {
-		this.authorizationCodeRequestAuthenticationValidator = this.authorizationCodeRequestAuthenticationValidator == null
+		this.authorizationCodeRequestAuthenticationValidator = (this.authorizationCodeRequestAuthenticationValidator == null)
 				? authenticationValidator
 				: this.authorizationCodeRequestAuthenticationValidator.andThen(authenticationValidator);
 	}
@@ -248,7 +249,7 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders.forEach(
-				authenticationProvider -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
+				(authenticationProvider) -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java

@@ -320,7 +320,7 @@ public final class OAuth2AuthorizationServerConfigurer
 		}
 
 		List<RequestMatcher> requestMatchers = new ArrayList<>();
-		this.configurers.values().forEach(configurer -> {
+		this.configurers.values().forEach((configurer) -> {
 			configurer.init(httpSecurity);
 			requestMatchers.add(configurer.getRequestMatcher());
 		});
@@ -341,7 +341,7 @@ public final class OAuth2AuthorizationServerConfigurer
 
 	@Override
 	public void configure(HttpSecurity httpSecurity) {
-		this.configurers.values().forEach(configurer -> configurer.configure(httpSecurity));
+		this.configurers.values().forEach((configurer) -> configurer.configure(httpSecurity));
 
 		AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils
 			.getAuthorizationServerSettings(httpSecurity);
@@ -394,7 +394,7 @@ public final class OAuth2AuthorizationServerConfigurer
 
 	private <T extends AbstractOAuth2Configurer> RequestMatcher getRequestMatcher(Class<T> configurerType) {
 		T configurer = getConfigurer(configurerType);
-		return configurer != null ? configurer.getRequestMatcher() : null;
+		return (configurer != null) ? configurer.getRequestMatcher() : null;
 	}
 
 	private static void validateAuthorizationServerSettings(AuthorizationServerSettings authorizationServerSettings) {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerMetadataEndpointConfigurer.java

@@ -44,6 +44,7 @@ public final class OAuth2AuthorizationServerMetadataEndpointConfigurer extends A
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OAuth2AuthorizationServerMetadataEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -66,7 +67,7 @@ public final class OAuth2AuthorizationServerMetadataEndpointConfigurer extends A
 
 	void addDefaultAuthorizationServerMetadataCustomizer(
 			Consumer<OAuth2AuthorizationServerMetadata.Builder> defaultAuthorizationServerMetadataCustomizer) {
-		this.defaultAuthorizationServerMetadataCustomizer = this.defaultAuthorizationServerMetadataCustomizer == null
+		this.defaultAuthorizationServerMetadataCustomizer = (this.defaultAuthorizationServerMetadataCustomizer == null)
 				? defaultAuthorizationServerMetadataCustomizer : this.defaultAuthorizationServerMetadataCustomizer
 					.andThen(defaultAuthorizationServerMetadataCustomizer);
 	}
@@ -97,9 +98,9 @@ public final class OAuth2AuthorizationServerMetadataEndpointConfigurer extends A
 				authorizationServerMetadataCustomizer = this.defaultAuthorizationServerMetadataCustomizer;
 			}
 			if (this.authorizationServerMetadataCustomizer != null) {
-				authorizationServerMetadataCustomizer = authorizationServerMetadataCustomizer == null
-						? this.authorizationServerMetadataCustomizer
-						: authorizationServerMetadataCustomizer.andThen(this.authorizationServerMetadataCustomizer);
+				authorizationServerMetadataCustomizer = (authorizationServerMetadataCustomizer != null)
+						? authorizationServerMetadataCustomizer.andThen(this.authorizationServerMetadataCustomizer)
+						: this.authorizationServerMetadataCustomizer;
 			}
 		}
 		return authorizationServerMetadataCustomizer;

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java

@@ -79,6 +79,7 @@ public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Co
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OAuth2ClientAuthenticationConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -193,7 +194,7 @@ public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Co
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders.forEach(
-				authenticationProvider -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
+				(authenticationProvider) -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ConfigurerUtils.java

@@ -223,7 +223,7 @@ final class OAuth2ConfigurerUtils {
 		if (names.length > 1) {
 			throw new NoUniqueBeanDefinitionException(type, names);
 		}
-		return names.length == 1 ? (T) context.getBean(names[0]) : null;
+		return (names.length == 1) ? (T) context.getBean(names[0]) : null;
 	}
 
 }

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceAuthorizationEndpointConfigurer.java

@@ -76,6 +76,7 @@ public final class OAuth2DeviceAuthorizationEndpointConfigurer extends AbstractO
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OAuth2DeviceAuthorizationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -206,7 +207,7 @@ public final class OAuth2DeviceAuthorizationEndpointConfigurer extends AbstractO
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders
-			.forEach(authenticationProvider -> builder.authenticationProvider(postProcess(authenticationProvider)));
+			.forEach((authenticationProvider) -> builder.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceVerificationEndpointConfigurer.java

@@ -81,6 +81,7 @@ public final class OAuth2DeviceVerificationEndpointConfigurer extends AbstractOA
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OAuth2DeviceVerificationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -244,7 +245,7 @@ public final class OAuth2DeviceVerificationEndpointConfigurer extends AbstractOA
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders
-			.forEach(authenticationProvider -> builder.authenticationProvider(postProcess(authenticationProvider)));
+			.forEach((authenticationProvider) -> builder.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java

@@ -83,6 +83,7 @@ public final class OAuth2TokenEndpointConfigurer extends AbstractOAuth2Configure
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OAuth2TokenEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -192,7 +193,7 @@ public final class OAuth2TokenEndpointConfigurer extends AbstractOAuth2Configure
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders.forEach(
-				authenticationProvider -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
+				(authenticationProvider) -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java

@@ -73,6 +73,7 @@ public final class OAuth2TokenIntrospectionEndpointConfigurer extends AbstractOA
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OAuth2TokenIntrospectionEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -189,7 +190,7 @@ public final class OAuth2TokenIntrospectionEndpointConfigurer extends AbstractOA
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders.forEach(
-				authenticationProvider -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
+				(authenticationProvider) -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java

@@ -72,6 +72,7 @@ public final class OAuth2TokenRevocationEndpointConfigurer extends AbstractOAuth
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OAuth2TokenRevocationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -188,7 +189,7 @@ public final class OAuth2TokenRevocationEndpointConfigurer extends AbstractOAuth
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders.forEach(
-				authenticationProvider -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
+				(authenticationProvider) -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java

@@ -76,6 +76,7 @@ public final class OidcClientRegistrationEndpointConfigurer extends AbstractOAut
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OidcClientRegistrationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -201,7 +202,7 @@ public final class OidcClientRegistrationEndpointConfigurer extends AbstractOAut
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders.forEach(
-				authenticationProvider -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
+				(authenticationProvider) -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcConfigurer.java

@@ -49,6 +49,7 @@ public final class OidcConfigurer extends AbstractOAuth2Configurer {
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OidcConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -117,7 +118,7 @@ public final class OidcConfigurer extends AbstractOAuth2Configurer {
 	@Override
 	void init(HttpSecurity httpSecurity) {
 		List<RequestMatcher> requestMatchers = new ArrayList<>();
-		this.configurers.values().forEach(configurer -> {
+		this.configurers.values().forEach((configurer) -> {
 			configurer.init(httpSecurity);
 			requestMatchers.add(configurer.getRequestMatcher());
 		});
@@ -147,7 +148,7 @@ public final class OidcConfigurer extends AbstractOAuth2Configurer {
 			});
 		}
 
-		this.configurers.values().forEach(configurer -> configurer.configure(httpSecurity));
+		this.configurers.values().forEach((configurer) -> configurer.configure(httpSecurity));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcLogoutEndpointConfigurer.java

@@ -72,6 +72,7 @@ public final class OidcLogoutEndpointConfigurer extends AbstractOAuth2Configurer
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OidcLogoutEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -175,7 +176,7 @@ public final class OidcLogoutEndpointConfigurer extends AbstractOAuth2Configurer
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders.forEach(
-				authenticationProvider -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
+				(authenticationProvider) -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcProviderConfigurationEndpointConfigurer.java

@@ -44,6 +44,7 @@ public final class OidcProviderConfigurationEndpointConfigurer extends AbstractO
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OidcProviderConfigurationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -66,7 +67,7 @@ public final class OidcProviderConfigurationEndpointConfigurer extends AbstractO
 
 	void addDefaultProviderConfigurationCustomizer(
 			Consumer<OidcProviderConfiguration.Builder> defaultProviderConfigurationCustomizer) {
-		this.defaultProviderConfigurationCustomizer = this.defaultProviderConfigurationCustomizer == null
+		this.defaultProviderConfigurationCustomizer = (this.defaultProviderConfigurationCustomizer == null)
 				? defaultProviderConfigurationCustomizer
 				: this.defaultProviderConfigurationCustomizer.andThen(defaultProviderConfigurationCustomizer);
 	}
@@ -94,9 +95,9 @@ public final class OidcProviderConfigurationEndpointConfigurer extends AbstractO
 				providerConfigurationCustomizer = this.defaultProviderConfigurationCustomizer;
 			}
 			if (this.providerConfigurationCustomizer != null) {
-				providerConfigurationCustomizer = providerConfigurationCustomizer == null
-						? this.providerConfigurationCustomizer
-						: providerConfigurationCustomizer.andThen(this.providerConfigurationCustomizer);
+				providerConfigurationCustomizer = (providerConfigurationCustomizer != null)
+						? providerConfigurationCustomizer.andThen(this.providerConfigurationCustomizer)
+						: this.providerConfigurationCustomizer;
 			}
 		}
 		return providerConfigurationCustomizer;

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java

@@ -80,6 +80,7 @@ public final class OidcUserInfoEndpointConfigurer extends AbstractOAuth2Configur
 
 	/**
 	 * Restrict for internal use only.
+	 * @param objectPostProcessor an {@code ObjectPostProcessor}
 	 */
 	OidcUserInfoEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor);
@@ -219,7 +220,7 @@ public final class OidcUserInfoEndpointConfigurer extends AbstractOAuth2Configur
 		}
 		this.authenticationProvidersConsumer.accept(authenticationProviders);
 		authenticationProviders.forEach(
-				authenticationProvider -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
+				(authenticationProvider) -> httpSecurity.authenticationProvider(postProcess(authenticationProvider)));
 	}
 
 	@Override

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/http/converter/HttpMessageConverters.java

@@ -26,7 +26,7 @@ import org.springframework.util.ClassUtils;
  * Utility methods for {@link HttpMessageConverter}'s.
  *
  * @author Joe Grandja
- * @author luamas
+ * @author l uamas
  * @since 0.1.1
  */
 final class HttpMessageConverters {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/OidcClientRegistration.java

@@ -85,16 +85,17 @@ public final class OidcClientRegistration implements OidcClientMetadataClaimAcce
 	/**
 	 * Constructs a new {@link Builder} with the provided claims.
 	 * @param claims the claims to initialize the builder
+	 * @return the {@link Builder}
 	 */
 	public static Builder withClaims(Map<String, Object> claims) {
 		Assert.notEmpty(claims, "claims cannot be empty");
-		return new Builder().claims(c -> c.putAll(claims));
+		return new Builder().claims((c) -> c.putAll(claims));
 	}
 
 	/**
 	 * Helps configure an {@link OidcClientRegistration}.
 	 */
-	public static class Builder {
+	public static final class Builder {
 
 		private final Map<String, Object> claims = new LinkedHashMap<>();
 
@@ -434,7 +435,7 @@ public final class OidcClientRegistration implements OidcClientMetadataClaimAcce
 		private void addClaimToClaimList(String name, String value) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(value, "value cannot be null");
-			this.claims.computeIfAbsent(name, k -> new LinkedList<String>());
+			this.claims.computeIfAbsent(name, (k) -> new LinkedList<String>());
 			((List<String>) this.claims.get(name)).add(value);
 		}
 
@@ -442,7 +443,7 @@ public final class OidcClientRegistration implements OidcClientMetadataClaimAcce
 		private void acceptClaimValues(String name, Consumer<List<String>> valuesConsumer) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(valuesConsumer, "valuesConsumer cannot be null");
-			this.claims.computeIfAbsent(name, k -> new LinkedList<String>());
+			this.claims.computeIfAbsent(name, (k) -> new LinkedList<String>());
 			List<String> values = (List<String>) this.claims.get(name);
 			valuesConsumer.accept(values);
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/OidcProviderConfiguration.java

@@ -58,16 +58,17 @@ public final class OidcProviderConfiguration extends AbstractOAuth2Authorization
 	/**
 	 * Constructs a new {@link Builder} with the provided claims.
 	 * @param claims the claims to initialize the builder
+	 * @return the {@link Builder}
 	 */
 	public static Builder withClaims(Map<String, Object> claims) {
 		Assert.notEmpty(claims, "claims cannot be empty");
-		return new Builder().claims(c -> c.putAll(claims));
+		return new Builder().claims((c) -> c.putAll(claims));
 	}
 
 	/**
 	 * Helps configure an {@link OidcProviderConfiguration}.
 	 */
-	public static class Builder extends AbstractBuilder<OidcProviderConfiguration, Builder> {
+	public static final class Builder extends AbstractBuilder<OidcProviderConfiguration, Builder> {
 
 		private Builder() {
 		}
@@ -191,7 +192,7 @@ public final class OidcProviderConfiguration extends AbstractOAuth2Authorization
 		private void addClaimToClaimList(String name, String value) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(value, "value cannot be null");
-			getClaims().computeIfAbsent(name, k -> new LinkedList<String>());
+			getClaims().computeIfAbsent(name, (k) -> new LinkedList<String>());
 			((List<String>) getClaims().get(name)).add(value);
 		}
 
@@ -199,7 +200,7 @@ public final class OidcProviderConfiguration extends AbstractOAuth2Authorization
 		private void acceptClaimValues(String name, Consumer<List<String>> valuesConsumer) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(valuesConsumer, "valuesConsumer cannot be null");
-			getClaims().computeIfAbsent(name, k -> new LinkedList<String>());
+			getClaims().computeIfAbsent(name, (k) -> new LinkedList<String>());
 			List<String> values = (List<String>) getClaims().get(name);
 			valuesConsumer.accept(values);
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java

@@ -427,31 +427,35 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe
 				builder
 						.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_POST)
 						.clientSecret(CLIENT_SECRET_GENERATOR.generateKey());
-			} else if (ClientAuthenticationMethod.CLIENT_SECRET_JWT.getValue().equals(clientRegistration.getTokenEndpointAuthenticationMethod())) {
+			}
+			else if (ClientAuthenticationMethod.CLIENT_SECRET_JWT.getValue().equals(clientRegistration.getTokenEndpointAuthenticationMethod())) {
 				builder
 						.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_JWT)
 						.clientSecret(CLIENT_SECRET_GENERATOR.generateKey());
-			} else if (ClientAuthenticationMethod.PRIVATE_KEY_JWT.getValue().equals(clientRegistration.getTokenEndpointAuthenticationMethod())) {
+			}
+			else if (ClientAuthenticationMethod.PRIVATE_KEY_JWT.getValue().equals(clientRegistration.getTokenEndpointAuthenticationMethod())) {
 				builder.clientAuthenticationMethod(ClientAuthenticationMethod.PRIVATE_KEY_JWT);
-			} else {
+			}
+			else {
 				builder
 						.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
 						.clientSecret(CLIENT_SECRET_GENERATOR.generateKey());
 			}
 
-			builder.redirectUris(redirectUris ->
+			builder.redirectUris((redirectUris) ->
 					redirectUris.addAll(clientRegistration.getRedirectUris()));
 
 			if (!CollectionUtils.isEmpty(clientRegistration.getPostLogoutRedirectUris())) {
-				builder.postLogoutRedirectUris(postLogoutRedirectUris ->
+				builder.postLogoutRedirectUris((postLogoutRedirectUris) ->
 						postLogoutRedirectUris.addAll(clientRegistration.getPostLogoutRedirectUris()));
 			}
 
 			if (!CollectionUtils.isEmpty(clientRegistration.getGrantTypes())) {
-				builder.authorizationGrantTypes(authorizationGrantTypes ->
-						clientRegistration.getGrantTypes().forEach(grantType ->
+				builder.authorizationGrantTypes((authorizationGrantTypes) ->
+						clientRegistration.getGrantTypes().forEach((grantType) ->
 								authorizationGrantTypes.add(new AuthorizationGrantType(grantType))));
-			} else {
+			}
+			else {
 				builder.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE);
 			}
 			if (CollectionUtils.isEmpty(clientRegistration.getResponseTypes()) ||
@@ -460,7 +464,7 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe
 			}
 
 			if (!CollectionUtils.isEmpty(clientRegistration.getScopes())) {
-				builder.scopes(scopes ->
+				builder.scopes((scopes) ->
 						scopes.addAll(clientRegistration.getScopes()));
 			}
 
@@ -474,7 +478,8 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe
 					macAlgorithm = MacAlgorithm.HS256;
 				}
 				clientSettingsBuilder.tokenEndpointAuthenticationSigningAlgorithm(macAlgorithm);
-			} else if (ClientAuthenticationMethod.PRIVATE_KEY_JWT.getValue().equals(clientRegistration.getTokenEndpointAuthenticationMethod())) {
+			}
+			else if (ClientAuthenticationMethod.PRIVATE_KEY_JWT.getValue().equals(clientRegistration.getTokenEndpointAuthenticationMethod())) {
 				SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.from(clientRegistration.getTokenEndpointAuthenticationSigningAlgorithm());
 				if (signatureAlgorithm == null) {
 					signatureAlgorithm = SignatureAlgorithm.RS256;

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcUserInfoAuthenticationProvider.java

@@ -217,7 +217,7 @@ public final class OidcUserInfoAuthenticationProvider implements AuthenticationP
 			}
 
 			Map<String, Object> requestedClaims = new HashMap<>(claims);
-			requestedClaims.keySet().removeIf(claimName -> !scopeRequestedClaimNames.contains(claimName));
+			requestedClaims.keySet().removeIf((claimName) -> !scopeRequestedClaimNames.contains(claimName));
 
 			return requestedClaims;
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/RegisteredClientOidcClientRegistrationConverter.java

@@ -46,16 +46,16 @@ final class RegisteredClientOidcClientRegistrationConverter
 			builder.clientSecret(registeredClient.getClientSecret());
 		}
 
-		builder.redirectUris(redirectUris ->
+		builder.redirectUris((redirectUris) ->
 				redirectUris.addAll(registeredClient.getRedirectUris()));
 
 		if (!CollectionUtils.isEmpty(registeredClient.getPostLogoutRedirectUris())) {
-			builder.postLogoutRedirectUris(postLogoutRedirectUris ->
+			builder.postLogoutRedirectUris((postLogoutRedirectUris) ->
 					postLogoutRedirectUris.addAll(registeredClient.getPostLogoutRedirectUris()));
 		}
 
-		builder.grantTypes(grantTypes ->
-				registeredClient.getAuthorizationGrantTypes().forEach(authorizationGrantType ->
+		builder.grantTypes((grantTypes) ->
+				registeredClient.getAuthorizationGrantTypes().forEach((authorizationGrantType) ->
 						grantTypes.add(authorizationGrantType.getValue())));
 
 		if (registeredClient.getAuthorizationGrantTypes().contains(AuthorizationGrantType.AUTHORIZATION_CODE)) {
@@ -63,7 +63,7 @@ final class RegisteredClientOidcClientRegistrationConverter
 		}
 
 		if (!CollectionUtils.isEmpty(registeredClient.getScopes())) {
-			builder.scopes(scopes ->
+			builder.scopes((scopes) ->
 					scopes.addAll(registeredClient.getScopes()));
 		}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/HttpMessageConverters.java

@@ -26,7 +26,7 @@ import org.springframework.util.ClassUtils;
  * Utility methods for {@link HttpMessageConverter}'s.
  *
  * @author Joe Grandja
- * @author luamas
+ * @author l uamas
  * @since 0.1.0
  */
 final class HttpMessageConverters {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/OidcClientRegistrationHttpMessageConverter.java

@@ -184,7 +184,7 @@ public class OidcClientRegistrationHttpMessageConverter extends AbstractHttpMess
 		}
 
 		private static Converter<Object, ?> getConverter(TypeDescriptor targetDescriptor) {
-			return source -> CLAIM_CONVERSION_SERVICE.convert(source, OBJECT_TYPE_DESCRIPTOR, targetDescriptor);
+			return (source) -> CLAIM_CONVERSION_SERVICE.convert(source, OBJECT_TYPE_DESCRIPTOR, targetDescriptor);
 		}
 
 		private static Instant convertClientSecretExpiresAt(Object clientSecretExpiresAt) {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcClientRegistrationEndpointFilter.java

@@ -123,7 +123,7 @@ public final class OidcClientRegistrationEndpointFilter extends OncePerRequestFi
 		RequestMatcher clientConfigurationGetMatcher = new AntPathRequestMatcher(clientRegistrationEndpointUri,
 				HttpMethod.GET.name());
 
-		RequestMatcher clientIdMatcher = request -> {
+		RequestMatcher clientIdMatcher = (request) -> {
 			String clientId = request.getParameter(OAuth2ParameterNames.CLIENT_ID);
 			return StringUtils.hasText(clientId);
 		};
@@ -190,7 +190,7 @@ public final class OidcClientRegistrationEndpointFilter extends OncePerRequestFi
 	 * {@link OidcClientRegistration Client Registration Response}.
 	 * @param authenticationSuccessHandler the {@link AuthenticationSuccessHandler} used
 	 * for handling an {@link OidcClientRegistrationAuthenticationToken}
-	 * @see 0.4.0
+	 * @since 0.4.0
 	 */
 	public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler) {
 		Assert.notNull(authenticationSuccessHandler, "authenticationSuccessHandler cannot be null");

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/settings/AbstractSettings.java

@@ -86,8 +86,11 @@ public abstract class AbstractSettings implements Serializable {
 
 	/**
 	 * A builder for subclasses of {@link AbstractSettings}.
+	 *
+	 * @param <T> the type of object
+	 * @param <B> the type of the builder
 	 */
-	protected static abstract class AbstractBuilder<T extends AbstractSettings, B extends AbstractBuilder<T, B>> {
+	protected abstract static class AbstractBuilder<T extends AbstractSettings, B extends AbstractBuilder<T, B>> {
 
 		private final Map<String, Object> settings = new HashMap<>();
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/settings/AuthorizationServerSettings.java

@@ -156,13 +156,13 @@ public final class AuthorizationServerSettings extends AbstractSettings {
 	 */
 	public static Builder withSettings(Map<String, Object> settings) {
 		Assert.notEmpty(settings, "settings cannot be empty");
-		return new Builder().settings(s -> s.putAll(settings));
+		return new Builder().settings((s) -> s.putAll(settings));
 	}
 
 	/**
 	 * A builder for {@link AuthorizationServerSettings}.
 	 */
-	public final static class Builder extends AbstractBuilder<AuthorizationServerSettings, Builder> {
+	public static final class Builder extends AbstractBuilder<AuthorizationServerSettings, Builder> {
 
 		private Builder() {
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/settings/ClientSettings.java

@@ -95,13 +95,13 @@ public final class ClientSettings extends AbstractSettings {
 	 */
 	public static Builder withSettings(Map<String, Object> settings) {
 		Assert.notEmpty(settings, "settings cannot be empty");
-		return new Builder().settings(s -> s.putAll(settings));
+		return new Builder().settings((s) -> s.putAll(settings));
 	}
 
 	/**
 	 * A builder for {@link ClientSettings}.
 	 */
-	public final static class Builder extends AbstractBuilder<ClientSettings, Builder> {
+	public static final class Builder extends AbstractBuilder<ClientSettings, Builder> {
 
 		private Builder() {
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/settings/TokenSettings.java

@@ -76,6 +76,8 @@ public final class TokenSettings extends AbstractSettings {
 	 * Returns {@code true} if refresh tokens are reused when returning the access token
 	 * response, or {@code false} if a new refresh token is issued. The default is
 	 * {@code true}.
+	 * @return {@code true} if refresh tokens are reused when returning the access token
+	 * response, {@code false} otherwise
 	 */
 	public boolean isReuseRefreshTokens() {
 		return getSetting(ConfigurationSettingNames.Token.REUSE_REFRESH_TOKENS);
@@ -121,13 +123,13 @@ public final class TokenSettings extends AbstractSettings {
 	 */
 	public static Builder withSettings(Map<String, Object> settings) {
 		Assert.notEmpty(settings, "settings cannot be empty");
-		return new Builder().settings(s -> s.putAll(settings));
+		return new Builder().settings((s) -> s.putAll(settings));
 	}
 
 	/**
 	 * A builder for {@link TokenSettings}.
 	 */
-	public final static class Builder extends AbstractBuilder<TokenSettings, Builder> {
+	public static final class Builder extends AbstractBuilder<TokenSettings, Builder> {
 
 		private Builder() {
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtGenerator.java

@@ -122,7 +122,8 @@ public final class JwtGenerator implements OAuth2TokenGenerator<Jwt> {
 			if (!CollectionUtils.isEmpty(context.getAuthorizedScopes())) {
 				claimsBuilder.claim(OAuth2ParameterNames.SCOPE, context.getAuthorizedScopes());
 			}
-		} else if (OidcParameterNames.ID_TOKEN.equals(context.getTokenType().getValue())) {
+		}
+		else if (OidcParameterNames.ID_TOKEN.equals(context.getTokenType().getValue())) {
 			claimsBuilder.claim(IdTokenClaimNames.AZP, registeredClient.getClientId());
 			if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(context.getAuthorizationGrantType())) {
 				OAuth2AuthorizationRequest authorizationRequest = context.getAuthorization().getAttribute(
@@ -136,7 +137,8 @@ public final class JwtGenerator implements OAuth2TokenGenerator<Jwt> {
 					claimsBuilder.claim("sid", sessionInformation.getSessionId());
 					claimsBuilder.claim(IdTokenClaimNames.AUTH_TIME, sessionInformation.getLastRequest());
 				}
-			} else if (AuthorizationGrantType.REFRESH_TOKEN.equals(context.getAuthorizationGrantType())) {
+			}
+			else if (AuthorizationGrantType.REFRESH_TOKEN.equals(context.getAuthorizationGrantType())) {
 				OidcIdToken currentIdToken = context.getAuthorization().getToken(OidcIdToken.class).getToken();
 				if (currentIdToken.hasClaim("sid")) {
 					claimsBuilder.claim("sid", currentIdToken.getClaim("sid"));

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenClaimsSet.java

@@ -156,6 +156,7 @@ public final class OAuth2TokenClaimsSet implements OAuth2TokenClaimAccessor {
 		 * A {@code Consumer} to be provided access to the claims allowing the ability to
 		 * add, replace, or remove.
 		 * @param claimsConsumer a {@code Consumer} of the claims
+		 * @return the {@link Builder}
 		 */
 		public Builder claims(Consumer<Map<String, Object>> claimsConsumer) {
 			claimsConsumer.accept(this.claims);

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenCustomizer.java

@@ -19,10 +19,10 @@ package org.springframework.security.oauth2.server.authorization.token;
  * Implementations of this interface are responsible for customizing the OAuth 2.0 Token
  * attributes contained within the {@link OAuth2TokenContext}.
  *
+ * @param <T> the type of the context containing the OAuth 2.0 Token attributes
  * @author Joe Grandja
  * @since 0.1.0
  * @see OAuth2TokenContext
- * @param <T> the type of the context containing the OAuth 2.0 Token attributes
  */
 @FunctionalInterface
 public interface OAuth2TokenCustomizer<T extends OAuth2TokenContext> {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenGenerator.java

@@ -24,13 +24,13 @@ import org.springframework.security.oauth2.server.authorization.OAuth2Authorizat
  * Implementations of this interface are responsible for generating an {@link OAuth2Token}
  * using the attributes contained in the {@link OAuth2TokenContext}.
  *
+ * @param <T> the type of the OAuth 2.0 Token
  * @author Joe Grandja
  * @since 0.2.3
  * @see OAuth2Token
  * @see OAuth2TokenContext
  * @see OAuth2TokenClaimsSet
  * @see ClaimAccessor
- * @param <T> the type of the OAuth 2.0 Token
  */
 @FunctionalInterface
 public interface OAuth2TokenGenerator<T extends OAuth2Token> {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/DefaultConsentPage.java

@@ -31,8 +31,10 @@ import org.springframework.security.oauth2.core.oidc.OidcScopes;
 
 /**
  * For internal use only.
+ *
+ * @author Joe Grandja
  */
-class DefaultConsentPage {
+final class DefaultConsentPage {
 
 	private static final MediaType TEXT_HTML_UTF8 = new MediaType("text", "html", StandardCharsets.UTF_8);
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/NimbusJwkSetEndpointFilter.java

@@ -18,16 +18,15 @@ package org.springframework.security.oauth2.server.authorization.web;
 import java.io.IOException;
 import java.io.Writer;
 
-import jakarta.servlet.FilterChain;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
 import com.nimbusds.jose.jwk.JWKMatcher;
 import com.nimbusds.jose.jwk.JWKSelector;
 import com.nimbusds.jose.jwk.JWKSet;
 import com.nimbusds.jose.jwk.source.JWKSource;
 import com.nimbusds.jose.proc.SecurityContext;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 import org.springframework.http.HttpMethod;
 import org.springframework.http.MediaType;

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilter.java

@@ -151,12 +151,12 @@ public final class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilte
 				HttpMethod.GET.name());
 		RequestMatcher authorizationRequestPostMatcher = new AntPathRequestMatcher(authorizationEndpointUri,
 				HttpMethod.POST.name());
-		RequestMatcher openidScopeMatcher = request -> {
+		RequestMatcher openidScopeMatcher = (request) -> {
 			String scope = request.getParameter(OAuth2ParameterNames.SCOPE);
 			return StringUtils.hasText(scope) && scope.contains(OidcScopes.OPENID);
 		};
-		RequestMatcher responseTypeParameterMatcher = request -> request
-			.getParameter(OAuth2ParameterNames.RESPONSE_TYPE) != null;
+		RequestMatcher responseTypeParameterMatcher = (
+				request) -> request.getParameter(OAuth2ParameterNames.RESPONSE_TYPE) != null;
 
 		RequestMatcher authorizationRequestMatcher = new OrRequestMatcher(authorizationRequestGetMatcher,
 				new AndRequestMatcher(authorizationRequestPostMatcher, responseTypeParameterMatcher,

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2DeviceVerificationEndpointFilter.java

@@ -136,8 +136,8 @@ public final class OAuth2DeviceVerificationEndpointFilter extends OncePerRequest
 				HttpMethod.GET.name());
 		RequestMatcher verificationRequestPostMatcher = new AntPathRequestMatcher(deviceVerificationEndpointUri,
 				HttpMethod.POST.name());
-		RequestMatcher userCodeParameterMatcher = request -> request
-			.getParameter(OAuth2ParameterNames.USER_CODE) != null;
+		RequestMatcher userCodeParameterMatcher = (
+				request) -> request.getParameter(OAuth2ParameterNames.USER_CODE) != null;
 
 		return new AndRequestMatcher(
 				new OrRequestMatcher(verificationRequestGetMatcher, verificationRequestPostMatcher),

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenIntrospectionEndpointFilter.java

@@ -53,12 +53,12 @@ import org.springframework.web.filter.OncePerRequestFilter;
  * @author Gerardo Roza
  * @author Joe Grandja
  * @author Gaurav Tiwari
+ * @since 0.1.1
  * @see OAuth2TokenIntrospectionAuthenticationProvider
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc7662#section-2">Section 2
  * Introspection Endpoint</a>
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc7662#section-2.1">Section
  * 2.1 Introspection Request</a>
- * @since 0.1.1
  */
 public final class OAuth2TokenIntrospectionEndpointFilter extends OncePerRequestFilter {
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenRevocationEndpointFilter.java

@@ -51,12 +51,12 @@ import org.springframework.web.filter.OncePerRequestFilter;
  * @author Vivek Babu
  * @author Joe Grandja
  * @author Arfat Chaus
+ * @since 0.0.3
  * @see OAuth2TokenRevocationAuthenticationProvider
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc7009#section-2">Section 2
  * Token Revocation</a>
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc7009#section-2.1">Section
  * 2.1 Revocation Request</a>
- * @since 0.0.3
  */
 public final class OAuth2TokenRevocationEndpointFilter extends OncePerRequestFilter {
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AuthorizationCodeRequestAuthenticationConverter.java

@@ -145,10 +145,10 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationConverter impleme
 	}
 
 	private static RequestMatcher createOidcRequestMatcher() {
-		RequestMatcher postMethodMatcher = request -> "POST".equals(request.getMethod());
-		RequestMatcher responseTypeParameterMatcher = request -> request
-			.getParameter(OAuth2ParameterNames.RESPONSE_TYPE) != null;
-		RequestMatcher openidScopeMatcher = request -> {
+		RequestMatcher postMethodMatcher = (request) -> "POST".equals(request.getMethod());
+		RequestMatcher responseTypeParameterMatcher = (
+				request) -> request.getParameter(OAuth2ParameterNames.RESPONSE_TYPE) != null;
+		RequestMatcher openidScopeMatcher = (request) -> {
 			String scope = request.getParameter(OAuth2ParameterNames.SCOPE);
 			return StringUtils.hasText(scope) && scope.contains(OidcScopes.OPENID);
 		};