Use Spring Framework Nullability Annotations

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>

config/src/main/java/org/springframework/security/config/annotation/method/configuration/DeferringMethodInterceptor.java

@@ -20,10 +20,10 @@ import java.util.function.Supplier;
 
 import org.aopalliance.aop.Advice;
 import org.aopalliance.intercept.MethodInvocation;
-import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
 
 import org.springframework.aop.Pointcut;
+import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
 import org.springframework.security.authorization.method.AuthorizationAdvisor;
 import org.springframework.util.function.SingletonSupplier;
 
@@ -40,7 +40,7 @@ final class DeferringMethodInterceptor<M extends AuthorizationAdvisor> implement
 
 	@Nullable
 	@Override
-	public Object invoke(@NotNull MethodInvocation invocation) throws Throwable {
+	public Object invoke(@NonNull MethodInvocation invocation) throws Throwable {
 		return this.delegate.get().invoke(invocation);
 	}
 

config/src/main/java/org/springframework/security/config/annotation/method/configuration/MethodSecurityAdvisorRegistrar.java

@@ -19,8 +19,6 @@ package org.springframework.security.config.annotation.method.configuration;
 import org.aopalliance.aop.Advice;
 import org.aopalliance.intercept.MethodInterceptor;
 import org.aopalliance.intercept.MethodInvocation;
-import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
 
 import org.springframework.aop.Advisor;
 import org.springframework.aop.Pointcut;
@@ -33,6 +31,8 @@ import org.springframework.beans.factory.support.RootBeanDefinition;
 import org.springframework.context.annotation.ImportBeanDefinitionRegistrar;
 import org.springframework.core.Ordered;
 import org.springframework.core.type.AnnotationMetadata;
+import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
 import org.springframework.security.authorization.method.AuthorizationAdvisor;
 
 class MethodSecurityAdvisorRegistrar implements ImportBeanDefinitionRegistrar {
@@ -100,7 +100,7 @@ class MethodSecurityAdvisorRegistrar implements ImportBeanDefinitionRegistrar {
 
 		@Nullable
 		@Override
-		public Object invoke(@NotNull MethodInvocation invocation) throws Throwable {
+		public Object invoke(@NonNull MethodInvocation invocation) throws Throwable {
 			return this.advisor.invoke(invocation);
 		}
 

config/src/main/java/org/springframework/security/config/web/PathPatternRequestMatcherBuilderFactoryBean.java

@@ -16,8 +16,6 @@
 
 package org.springframework.security.config.web;
 
-import reactor.util.annotation.NonNull;
-
 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.BeanFactory;
 import org.springframework.beans.factory.BeanFactoryAware;
@@ -27,6 +25,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.ApplicationContextAware;
+import org.springframework.lang.NonNull;
 import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
 import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
 import org.springframework.web.util.pattern.PathPatternParser;

config/src/main/java/org/springframework/security/config/web/server/OAuth2ErrorEncoder.java

@@ -21,7 +21,6 @@ import java.io.IOException;
 import java.util.List;
 import java.util.Map;
 
-import org.jetbrains.annotations.NotNull;
 import org.reactivestreams.Publisher;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
@@ -34,6 +33,7 @@ import org.springframework.http.HttpOutputMessage;
 import org.springframework.http.MediaType;
 import org.springframework.http.codec.HttpMessageEncoder;
 import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.lang.NonNull;
 import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.util.MimeType;
 
@@ -41,7 +41,7 @@ class OAuth2ErrorEncoder implements HttpMessageEncoder<OAuth2Error> {
 
 	private final HttpMessageConverter<Object> messageConverter = HttpMessageConverters.getJsonMessageConverter();
 
-	@NotNull
+	@NonNull
 	@Override
 	public List<MediaType> getStreamingMediaTypes() {
 		return List.of();
@@ -52,7 +52,7 @@ class OAuth2ErrorEncoder implements HttpMessageEncoder<OAuth2Error> {
 		return getEncodableMimeTypes().contains(mimeType);
 	}
 
-	@NotNull
+	@NonNull
 	@Override
 	public Flux<DataBuffer> encode(Publisher<? extends OAuth2Error> error, DataBufferFactory bufferFactory,
 			ResolvableType elementType, MimeType mimeType, Map<String, Object> hints) {
@@ -68,7 +68,7 @@ class OAuth2ErrorEncoder implements HttpMessageEncoder<OAuth2Error> {
 		}).map(bufferFactory::wrap).flux();
 	}
 
-	@NotNull
+	@NonNull
 	@Override
 	public List<MimeType> getEncodableMimeTypes() {
 		return List.of(MediaType.APPLICATION_JSON);
@@ -78,13 +78,13 @@ class OAuth2ErrorEncoder implements HttpMessageEncoder<OAuth2Error> {
 
 		private final ByteArrayOutputStream body = new ByteArrayOutputStream();
 
-		@NotNull
+		@NonNull
 		@Override
 		public ByteArrayOutputStream getBody() {
 			return this.body;
 		}
 
-		@NotNull
+		@NonNull
 		@Override
 		public HttpHeaders getHeaders() {
 			return new HttpHeaders();

config/src/test/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfigurationTests.java

@@ -18,7 +18,6 @@ package org.springframework.security.config.annotation.web.reactive;
 
 import java.util.Collections;
 
-import org.jetbrains.annotations.NotNull;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import reactor.core.publisher.Mono;
@@ -26,6 +25,7 @@ import reactor.core.publisher.Mono;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpStatus;
+import org.springframework.lang.NonNull;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
 import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.config.test.SpringTestContext;
@@ -109,7 +109,7 @@ public class WebFluxSecurityConfigurationTests {
 		assertThat(webFilterChainProxy).isNotNull();
 	}
 
-	private static @NotNull DefaultWebFilterChain emptyChain() {
+	private static @NonNull DefaultWebFilterChain emptyChain() {
 		return new DefaultWebFilterChain((webExchange) -> Mono.empty(), Collections.emptyList());
 	}
 

config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java

@@ -45,7 +45,6 @@ import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpServletResponseWrapper;
 import org.apache.http.HttpStatus;
 import org.assertj.core.api.iterable.Extractor;
-import org.jetbrains.annotations.NotNull;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.stubbing.Answer;
@@ -55,6 +54,7 @@ import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.BeanCreationException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.parsing.BeanDefinitionParsingException;
+import org.springframework.lang.NonNull;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.mock.web.MockHttpSession;
@@ -908,17 +908,17 @@ public class MiscHttpConfigTests {
 		return proxy.getFilters(url);
 	}
 
-	@NotNull
+	@NonNull
 	private static RequestPostProcessor userCredentials() {
 		return httpBasic("user", "password");
 	}
 
-	@NotNull
+	@NonNull
 	private static RequestPostProcessor adminCredentials() {
 		return httpBasic("admin", "password");
 	}
 
-	@NotNull
+	@NonNull
 	private static RequestPostProcessor postCredentials() {
 		return httpBasic("poster", "password");
 	}

config/src/test/java/org/springframework/security/config/method/MethodSecurityBeanDefinitionParserTests.java

@@ -24,12 +24,12 @@ import java.util.function.Supplier;
 
 import org.aopalliance.intercept.MethodInterceptor;
 import org.aopalliance.intercept.MethodInvocation;
-import org.jetbrains.annotations.NotNull;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.annotation.AnnotationConfigurationException;
+import org.springframework.lang.NonNull;
 import org.springframework.lang.Nullable;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.PermissionEvaluator;
@@ -474,7 +474,7 @@ public class MethodSecurityBeanDefinitionParserTests {
 
 		@Nullable
 		@Override
-		public Object invoke(@NotNull MethodInvocation invocation) {
+		public Object invoke(@NonNull MethodInvocation invocation) {
 			Authentication auth = SecurityContextHolder.getContext().getAuthentication();
 			if ("bob".equals(auth.getName())) {
 				return "granted";

core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java

@@ -36,11 +36,11 @@ import java.util.stream.Stream;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import org.jetbrains.annotations.NotNull;
 import org.junit.jupiter.api.Test;
 
 import org.springframework.aop.Pointcut;
 import org.springframework.core.annotation.AnnotationAwareOrderComparator;
+import org.springframework.lang.NonNull;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.authentication.TestAuthentication;
@@ -443,7 +443,7 @@ public class AuthorizationAdvisorProxyFactoryTests {
 		}
 
 		@Override
-		public int compareTo(@NotNull User that) {
+		public int compareTo(@NonNull User that) {
 			return this.id.compareTo(that.getId());
 		}
 
@@ -453,7 +453,7 @@ public class AuthorizationAdvisorProxyFactoryTests {
 
 		List<User> users = List.of(new User("1", "first", "last"));
 
-		@NotNull
+		@NonNull
 		@Override
 		public Iterator<User> iterator() {
 			return this.users.iterator();

core/src/test/java/org/springframework/security/authorization/ReactiveAuthorizationAdvisorProxyFactoryTests.java

@@ -19,13 +19,13 @@ package org.springframework.security.authorization;
 import java.util.Iterator;
 import java.util.List;
 
-import org.jetbrains.annotations.NotNull;
 import org.junit.jupiter.api.Test;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
 import reactor.test.StepVerifier;
 
 import org.springframework.aop.Pointcut;
+import org.springframework.lang.NonNull;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.authentication.TestAuthentication;
@@ -193,7 +193,7 @@ public class ReactiveAuthorizationAdvisorProxyFactoryTests {
 		}
 
 		@Override
-		public int compareTo(@NotNull User that) {
+		public int compareTo(@NonNull User that) {
 			return this.id.compareTo(that.getId());
 		}
 
@@ -207,7 +207,7 @@ public class ReactiveAuthorizationAdvisorProxyFactoryTests {
 			return Flux.fromIterable(this.users);
 		}
 
-		@NotNull
+		@NonNull
 		@Override
 		public Iterator<User> iterator() {
 			return this.users.iterator();

etc/checkstyle/checkstyle.xml

@@ -47,5 +47,10 @@
 					  value="String.toUpperCase() should be String.toUpperCase(Locale.ROOT) or String.toUpperCase(Locale.ENGLISH)"/>
 			<property name="ignoreComments" value="true"/>
 		</module>
+		<module name="com.puppycrawl.tools.checkstyle.checks.imports.IllegalImportCheck">
+			<property name="id" value="bannedImports"/>
+			<property name="regexp" value="true"/>
+			<property name="illegalPkgs" value="org.jetbrains.annotations, reactor.util.annotation, javax.annotation"/>
+		</module>
 	</module>
 </module>

saml2/saml2-service-provider/src/opensaml4Test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSaml4Objects.java

@@ -19,7 +19,6 @@ package org.springframework.security.saml2.provider.service.authentication;
 import java.util.Collections;
 import java.util.List;
 
-import javax.annotation.Nullable;
 import javax.xml.namespace.QName;
 
 import net.shibboleth.utilities.java.support.xml.ElementSupport;
@@ -40,6 +39,7 @@ import org.opensaml.saml.saml2.core.AttributeValue;
 import org.w3c.dom.Element;
 
 import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
 import org.springframework.security.saml2.core.OpenSamlInitializationService;
 
 public final class TestCustomOpenSaml4Objects {

saml2/saml2-service-provider/src/opensaml5Main/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml5AuthenticationProvider.java

@@ -25,8 +25,6 @@ import java.util.List;
 import java.util.Map;
 import java.util.function.Consumer;
 
-import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
 import javax.xml.namespace.QName;
 
 import org.opensaml.saml.common.assertion.AssertionValidationException;
@@ -54,6 +52,7 @@ import org.opensaml.xmlsec.signature.support.SignatureTrustEngine;
 
 import org.springframework.core.convert.converter.Converter;
 import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.core.Authentication;
@@ -832,16 +831,16 @@ public final class OpenSaml5AuthenticationProvider implements AuthenticationProv
 				this.name = name;
 			}
 
-			@Nonnull
+			@NonNull
 			@Override
 			public QName getServicedCondition() {
 				return this.name;
 			}
 
-			@Nonnull
+			@NonNull
 			@Override
-			public ValidationResult validate(@Nonnull Condition condition, @Nonnull Assertion assertion,
-					@Nonnull ValidationContext context) {
+			public ValidationResult validate(@NonNull Condition condition, @NonNull Assertion assertion,
+					@NonNull ValidationContext context) {
 				return ValidationResult.VALID;
 			}
 
@@ -859,9 +858,9 @@ public final class OpenSaml5AuthenticationProvider implements AuthenticationProv
 						newTrustEngine, newSignaturePrevalidator);
 			}
 
-			@Nonnull
+			@NonNull
 			@Override
-			protected ValidationResult validateSignature(@Nonnull Assertion token, @Nonnull ValidationContext context)
+			protected ValidationResult validateSignature(@NonNull Assertion token, @NonNull ValidationContext context)
 					throws AssertionValidationException {
 				return ValidationResult.VALID;
 			}

saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/authentication/TestCustomOpenSaml5Objects.java

@@ -19,7 +19,6 @@ package org.springframework.security.saml2.provider.service.authentication;
 import java.util.Collections;
 import java.util.List;
 
-import javax.annotation.Nullable;
 import javax.xml.namespace.QName;
 
 import net.shibboleth.shared.xml.ElementSupport;
@@ -40,6 +39,7 @@ import org.opensaml.saml.saml2.core.AttributeValue;
 import org.w3c.dom.Element;
 
 import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
 import org.springframework.security.saml2.core.OpenSamlInitializationService;
 
 public final class TestCustomOpenSaml5Objects {