diff --git a/access/src/main/java/org/springframework/security/access/SecurityConfig.java b/access/src/main/java/org/springframework/security/access/SecurityConfig.java
index 7f471d1ef75..967b54e84d4 100644
--- a/access/src/main/java/org/springframework/security/access/SecurityConfig.java
+++ b/access/src/main/java/org/springframework/security/access/SecurityConfig.java
@@ -20,6 +20,8 @@
import java.util.ArrayList;
import java.util.List;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.core.annotation.SecurityAnnotationScanner;
import org.springframework.util.Assert;
@@ -50,7 +52,7 @@ public SecurityConfig(String config) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (obj instanceof ConfigAttribute attr) {
return this.attrib.equals(attr.getAttribute());
}
diff --git a/access/src/main/java/org/springframework/security/access/method/DelegatingMethodSecurityMetadataSource.java b/access/src/main/java/org/springframework/security/access/method/DelegatingMethodSecurityMetadataSource.java
index 138e9f97bb6..1523d1dec05 100644
--- a/access/src/main/java/org/springframework/security/access/method/DelegatingMethodSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/method/DelegatingMethodSecurityMetadataSource.java
@@ -114,7 +114,10 @@ private static class DefaultCacheKey {
}
@Override
- public boolean equals(Object other) {
+ public boolean equals(@Nullable Object other) {
+ if (other == null) {
+ return false;
+ }
DefaultCacheKey otherKey = (DefaultCacheKey) other;
return (this.method.equals(otherKey.method)
&& ObjectUtils.nullSafeEquals(this.targetClass, otherKey.targetClass));
diff --git a/access/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java b/access/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java
index 3ebb24d1414..6bcda9f40f2 100644
--- a/access/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java
+++ b/access/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java
@@ -265,7 +265,7 @@ private static class RegisteredMethod {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java b/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java
index 9458aadc232..8a6e2716f9c 100644
--- a/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java
+++ b/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java
@@ -16,6 +16,8 @@
package org.springframework.security.acls.domain;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.acls.model.Permission;
/**
@@ -52,7 +54,7 @@ protected AbstractPermission(int mask, char code) {
}
@Override
- public final boolean equals(Object obj) {
+ public final boolean equals(@Nullable Object obj) {
if (obj == null) {
return false;
}
diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java
index 035ecd78882..543aff5e25f 100644
--- a/acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java
+++ b/acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java
@@ -63,7 +63,7 @@ public AccessControlEntryImpl(@Nullable Serializable id, Acl acl, Sid sid, Permi
}
@Override
- public boolean equals(Object arg0) {
+ public boolean equals(@Nullable Object arg0) {
if (!(arg0 instanceof AccessControlEntryImpl)) {
return false;
}
diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java
index 0771bc05f55..fada8bf9649 100644
--- a/acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java
+++ b/acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java
@@ -278,7 +278,7 @@ public void updateAuditing(int aceIndex, boolean auditSuccess, boolean auditFail
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (obj == this) {
return true;
}
diff --git a/acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java b/acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java
index a72d690cf5e..c32b1770b60 100644
--- a/acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java
+++ b/acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java
@@ -16,6 +16,8 @@
package org.springframework.security.acls.domain;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.acls.model.Sid;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;
@@ -47,7 +49,7 @@ public GrantedAuthoritySid(GrantedAuthority grantedAuthority) {
}
@Override
- public boolean equals(Object object) {
+ public boolean equals(@Nullable Object object) {
if ((object == null) || !(object instanceof GrantedAuthoritySid)) {
return false;
}
diff --git a/acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java
index aafa3fff3f2..3c6259a4360 100644
--- a/acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java
+++ b/acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java
@@ -19,6 +19,8 @@
import java.io.Serializable;
import java.lang.reflect.Method;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.acls.model.ObjectIdentity;
import org.springframework.util.Assert;
import org.springframework.util.ClassUtils;
@@ -97,7 +99,7 @@ private Object invokeGetIdMethod(Object object, Class typeClass) {
* @return true if the presented object matches this object
*/
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (obj == null || !(obj instanceof ObjectIdentityImpl)) {
return false;
}
diff --git a/acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java b/acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java
index 373d85a5e91..df7b3bc51df 100644
--- a/acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java
+++ b/acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java
@@ -16,6 +16,8 @@
package org.springframework.security.acls.domain;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.acls.model.Sid;
import org.springframework.security.core.Authentication;
import org.springframework.util.Assert;
@@ -46,7 +48,7 @@ public PrincipalSid(Authentication authentication) {
}
@Override
- public boolean equals(Object object) {
+ public boolean equals(@Nullable Object object) {
if ((object == null) || !(object instanceof PrincipalSid)) {
return false;
}
diff --git a/acl/src/main/java/org/springframework/security/acls/model/ObjectIdentity.java b/acl/src/main/java/org/springframework/security/acls/model/ObjectIdentity.java
index 995e5140566..72216e8316c 100644
--- a/acl/src/main/java/org/springframework/security/acls/model/ObjectIdentity.java
+++ b/acl/src/main/java/org/springframework/security/acls/model/ObjectIdentity.java
@@ -18,6 +18,8 @@
import java.io.Serializable;
+import org.jspecify.annotations.Nullable;
+
/**
* Represents the identity of an individual domain object instance.
*
@@ -40,7 +42,7 @@ public interface ObjectIdentity extends Serializable {
* @see Object#equals(Object)
*/
@Override
- boolean equals(Object obj);
+ boolean equals(@Nullable Object obj);
/**
* Obtains the actual identifier. This identifier must not be reused to represent
diff --git a/acl/src/main/java/org/springframework/security/acls/model/Sid.java b/acl/src/main/java/org/springframework/security/acls/model/Sid.java
index 1e16e8ea947..31aedb4ea33 100644
--- a/acl/src/main/java/org/springframework/security/acls/model/Sid.java
+++ b/acl/src/main/java/org/springframework/security/acls/model/Sid.java
@@ -18,6 +18,8 @@
import java.io.Serializable;
+import org.jspecify.annotations.Nullable;
+
/**
* A security identity recognised by the ACL system.
*
@@ -40,7 +42,7 @@ public interface Sid extends Serializable {
* @return true if the objects are equal, false otherwise
*/
@Override
- boolean equals(Object obj);
+ boolean equals(@Nullable Object obj);
/**
* Refer to the java.lang.Object documentation for the interface
diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java
index c05d5c5964c..dfd1c4eaa3a 100644
--- a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java
+++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java
@@ -124,7 +124,7 @@ private static Integer extractKeyHash(String key) {
}
@Override
- public boolean equals(final Object obj) {
+ public boolean equals(@Nullable final Object obj) {
if (!super.equals(obj)) {
return false;
}
diff --git a/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java b/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java
index ba77e0ce2b4..24dff8d49b8 100644
--- a/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java
+++ b/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java
@@ -71,7 +71,7 @@ public String getServiceUrl() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfiguration.java
index 18cecd485e2..11e5595418a 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfiguration.java
@@ -27,6 +27,7 @@
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
+import org.jspecify.annotations.Nullable;
import org.reactivestreams.Publisher;
import org.reactivestreams.Subscription;
import reactor.core.CoreSubscriber;
@@ -286,7 +287,7 @@ public Set> entrySet() {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
diff --git a/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
index 18307f8b641..84ec495919b 100644
--- a/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
@@ -132,7 +132,7 @@ private void eraseSecret(@Nullable Object secret) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (!(obj instanceof AbstractAuthenticationToken test)) {
return false;
}
diff --git a/core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationToken.java
index 2e2a47b7e44..4338f37b480 100644
--- a/core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationToken.java
@@ -19,6 +19,8 @@
import java.io.Serializable;
import java.util.Collection;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;
@@ -70,7 +72,7 @@ private static Integer extractKeyHash(String key) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (!super.equals(obj)) {
return false;
}
diff --git a/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java
index 81d7edeafad..6c951fdcfe1 100644
--- a/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java
@@ -103,7 +103,7 @@ public Builder toBuilder() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (!super.equals(obj)) {
return false;
}
diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java b/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java
index 3389d8c60cc..a757dfaaecb 100644
--- a/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java
+++ b/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java
@@ -18,6 +18,8 @@
import java.security.Principal;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;
@@ -53,7 +55,7 @@ public String getAuthority() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/core/src/main/java/org/springframework/security/authorization/RequiredFactor.java b/core/src/main/java/org/springframework/security/authorization/RequiredFactor.java
index 5c477bb34ed..c169f2f68a3 100644
--- a/core/src/main/java/org/springframework/security/authorization/RequiredFactor.java
+++ b/core/src/main/java/org/springframework/security/authorization/RequiredFactor.java
@@ -71,7 +71,7 @@ public String getAuthority() {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (!(o instanceof RequiredFactor that)) {
return false;
}
diff --git a/core/src/main/java/org/springframework/security/authorization/RequiredFactorError.java b/core/src/main/java/org/springframework/security/authorization/RequiredFactorError.java
index 0d6cada187a..102be8db178 100644
--- a/core/src/main/java/org/springframework/security/authorization/RequiredFactorError.java
+++ b/core/src/main/java/org/springframework/security/authorization/RequiredFactorError.java
@@ -18,6 +18,8 @@
import java.util.Objects;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.core.authority.FactorGrantedAuthority;
import org.springframework.util.Assert;
@@ -68,7 +70,7 @@ public boolean isMissing() {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (o == null || getClass() != o.getClass()) {
return false;
}
diff --git a/core/src/main/java/org/springframework/security/core/ComparableVersion.java b/core/src/main/java/org/springframework/security/core/ComparableVersion.java
index 9e56c850fa0..223217f88dc 100644
--- a/core/src/main/java/org/springframework/security/core/ComparableVersion.java
+++ b/core/src/main/java/org/springframework/security/core/ComparableVersion.java
@@ -143,7 +143,7 @@ public int compareTo(@Nullable Item item) {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
@@ -208,7 +208,7 @@ public int compareTo(@Nullable Item item) {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
@@ -271,7 +271,7 @@ public int compareTo(@Nullable Item item) {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
@@ -379,7 +379,7 @@ public int compareTo(@Nullable Item item) {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
@@ -607,7 +607,7 @@ public String getCanonical() {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
return (o instanceof ComparableVersion) && items.equals(((ComparableVersion) o).items);
}
diff --git a/core/src/main/java/org/springframework/security/core/authority/FactorGrantedAuthority.java b/core/src/main/java/org/springframework/security/core/authority/FactorGrantedAuthority.java
index 51d88fbb4a6..f4ae88572e8 100644
--- a/core/src/main/java/org/springframework/security/core/authority/FactorGrantedAuthority.java
+++ b/core/src/main/java/org/springframework/security/core/authority/FactorGrantedAuthority.java
@@ -150,7 +150,7 @@ public Instant getIssuedAt() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java b/core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java
index cc918fd70d2..3c09a55e48a 100644
--- a/core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java
+++ b/core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java
@@ -16,6 +16,8 @@
package org.springframework.security.core.authority;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;
@@ -51,7 +53,7 @@ public String getAuthority() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/core/src/main/java/org/springframework/security/core/context/SecurityContextImpl.java b/core/src/main/java/org/springframework/security/core/context/SecurityContextImpl.java
index b6c43804070..af9d030a216 100644
--- a/core/src/main/java/org/springframework/security/core/context/SecurityContextImpl.java
+++ b/core/src/main/java/org/springframework/security/core/context/SecurityContextImpl.java
@@ -42,7 +42,7 @@ public SecurityContextImpl(Authentication authentication) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (obj instanceof SecurityContextImpl other) {
if ((this.getAuthentication() == null) && (other.getAuthentication() == null)) {
return true;
diff --git a/core/src/main/java/org/springframework/security/core/token/DefaultToken.java b/core/src/main/java/org/springframework/security/core/token/DefaultToken.java
index b2dfb2d185a..89132d73cd0 100644
--- a/core/src/main/java/org/springframework/security/core/token/DefaultToken.java
+++ b/core/src/main/java/org/springframework/security/core/token/DefaultToken.java
@@ -18,6 +18,8 @@
import java.util.Date;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.util.Assert;
/**
@@ -58,7 +60,7 @@ public String getExtendedInformation() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (obj instanceof DefaultToken rhs) {
return this.key.equals(rhs.key) && this.keyCreationTime == rhs.keyCreationTime
&& this.extendedInformation.equals(rhs.extendedInformation);
diff --git a/core/src/main/java/org/springframework/security/core/userdetails/User.java b/core/src/main/java/org/springframework/security/core/userdetails/User.java
index 46839eeec00..794b1d336d3 100644
--- a/core/src/main/java/org/springframework/security/core/userdetails/User.java
+++ b/core/src/main/java/org/springframework/security/core/userdetails/User.java
@@ -177,7 +177,7 @@ private static SortedSet sortAuthorities(Collection message) {
}
@Override
- public boolean equals(Object other) {
+ public boolean equals(@Nullable Object other) {
if (this == other) {
return true;
}
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java
index 35ebf79a417..5548132c150 100644
--- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java
+++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java
@@ -21,6 +21,8 @@
import java.util.List;
import java.util.Objects;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.util.Assert;
@@ -69,7 +71,7 @@ public List getActors() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (!(obj instanceof OAuth2TokenExchangeCompositeAuthenticationToken other)) {
return false;
}
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientId.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientId.java
index 7c3015a92e2..b74d6d46399 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientId.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientId.java
@@ -19,6 +19,8 @@
import java.io.Serializable;
import java.util.Objects;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.util.Assert;
@@ -69,7 +71,7 @@ public String getPrincipalName() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
index 1222ab9f5ac..2c0d99ad6bf 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
@@ -766,7 +766,7 @@ public boolean isRequireProofKey() {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java
index d06b30aa95e..e05a54424db 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java
@@ -92,7 +92,7 @@ public String getTokenValue() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AuthenticationMethod.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AuthenticationMethod.java
index 75b1d9f6af2..69dadd99aff 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AuthenticationMethod.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AuthenticationMethod.java
@@ -18,6 +18,8 @@
import java.io.Serializable;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.util.Assert;
/**
@@ -59,7 +61,7 @@ public String getValue() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AuthorizationGrantType.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AuthorizationGrantType.java
index a1543a1cd1e..efe984dfc00 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AuthorizationGrantType.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AuthorizationGrantType.java
@@ -18,6 +18,8 @@
import java.io.Serializable;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.util.Assert;
/**
@@ -84,7 +86,7 @@ public String getValue() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java
index cdb13b3a4f2..151c8a20806 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java
@@ -18,6 +18,8 @@
import java.io.Serializable;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.util.Assert;
/**
@@ -114,7 +116,7 @@ public static ClientAuthenticationMethod valueOf(String method) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AccessToken.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AccessToken.java
index ef0dbe4ccf2..48cbbf6fd52 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AccessToken.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AccessToken.java
@@ -135,7 +135,7 @@ public String getValue() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
index 5de190b0cae..9ca7aa0d91f 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
@@ -210,7 +210,7 @@ public static Builder authorizationCode() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseType.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseType.java
index df33f6b843c..d0e39f79b93 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseType.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseType.java
@@ -18,6 +18,8 @@
import java.io.Serializable;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.util.Assert;
/**
@@ -56,7 +58,7 @@ public String getValue() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java
index 28360753bd1..89e56d64424 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java
@@ -75,7 +75,7 @@ private DefaultAddressStandardClaim() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcUserInfo.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcUserInfo.java
index 06146bf5d39..8b7d6298901 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcUserInfo.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcUserInfo.java
@@ -23,6 +23,8 @@
import java.util.Map;
import java.util.function.Consumer;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.util.Assert;
/**
@@ -66,7 +68,7 @@ public Map getClaims() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthority.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthority.java
index 3b6acab6e79..9f539675579 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthority.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthority.java
@@ -126,7 +126,7 @@ public OidcIdToken getIdToken() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java
index 27d1e9e7d7d..c55fd13397f 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java
@@ -104,7 +104,7 @@ private Set sortAuthorities(Collection getAttributes() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
index 97a3b987e40..1a6016df5c6 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
@@ -199,7 +199,7 @@ public Set getCredentialTypes() {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/DefaultSaml2AuthenticatedPrincipal.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/DefaultSaml2AuthenticatedPrincipal.java
index 98b4e3d9fa9..2eb931acbf8 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/DefaultSaml2AuthenticatedPrincipal.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/DefaultSaml2AuthenticatedPrincipal.java
@@ -24,6 +24,7 @@
import java.util.Objects;
import org.jspecify.annotations.NullUnmarked;
+import org.jspecify.annotations.Nullable;
import org.springframework.util.Assert;
@@ -95,7 +96,7 @@ public void setRelyingPartyRegistrationId(String registrationId) {
}
@Override
- public boolean equals(Object object) {
+ public boolean equals(@Nullable Object object) {
if (this == object) {
return true;
}
diff --git a/test/src/main/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurer.java b/test/src/main/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurer.java
index 88863116713..6a033c18ff0 100644
--- a/test/src/main/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurer.java
+++ b/test/src/main/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurer.java
@@ -25,6 +25,7 @@
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
+import org.jspecify.annotations.Nullable;
import org.springframework.security.config.BeanIds;
import org.springframework.test.web.servlet.request.RequestPostProcessor;
@@ -142,7 +143,7 @@ public void destroy() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
return getDelegate().equals(obj);
}
diff --git a/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java b/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java
index 4b822ce7a2d..72781ead1bf 100644
--- a/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java
+++ b/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java
@@ -49,7 +49,7 @@ String getUrl() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (!(obj instanceof RequestKey key)) {
return false;
}
diff --git a/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java b/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java
index b4444d1e931..fa56d3520c6 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java
@@ -80,7 +80,7 @@ public String getRemoteAddress() {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
diff --git a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java
index 475beae7f97..6da9b14306c 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java
@@ -16,6 +16,8 @@
package org.springframework.security.web.authentication.switchuser;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;
@@ -59,7 +61,7 @@ public String getAuthority() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/web/src/main/java/org/springframework/security/web/header/Header.java b/web/src/main/java/org/springframework/security/web/header/Header.java
index cc6c75b3f59..921852ebfde 100644
--- a/web/src/main/java/org/springframework/security/web/header/Header.java
+++ b/web/src/main/java/org/springframework/security/web/header/Header.java
@@ -20,6 +20,7 @@
import java.util.List;
import jakarta.servlet.http.HttpServletResponse;
+import org.jspecify.annotations.Nullable;
import org.springframework.util.Assert;
@@ -62,7 +63,7 @@ public List getValues() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/web/src/main/java/org/springframework/security/web/server/csrf/DefaultCsrfToken.java b/web/src/main/java/org/springframework/security/web/server/csrf/DefaultCsrfToken.java
index faac96293d4..dfc68fd5ff6 100644
--- a/web/src/main/java/org/springframework/security/web/server/csrf/DefaultCsrfToken.java
+++ b/web/src/main/java/org/springframework/security/web/server/csrf/DefaultCsrfToken.java
@@ -18,6 +18,8 @@
import java.io.Serial;
+import org.jspecify.annotations.Nullable;
+
import org.springframework.util.Assert;
/**
@@ -69,7 +71,7 @@ public String getToken() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/web/src/main/java/org/springframework/security/web/servlet/util/matcher/PathPatternRequestMatcher.java b/web/src/main/java/org/springframework/security/web/servlet/util/matcher/PathPatternRequestMatcher.java
index 1e8d553c838..e3a97993f09 100644
--- a/web/src/main/java/org/springframework/security/web/servlet/util/matcher/PathPatternRequestMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/servlet/util/matcher/PathPatternRequestMatcher.java
@@ -161,7 +161,7 @@ private PathContainer getPathContainer(HttpServletRequest request) {
* {@inheritDoc}
*/
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (!(o instanceof PathPatternRequestMatcher that)) {
return false;
}
diff --git a/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java b/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java
index 6d0f576d76b..ecc22724d6a 100644
--- a/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java
+++ b/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java
@@ -24,6 +24,7 @@
import jakarta.servlet.WriteListener;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletResponseWrapper;
+import org.jspecify.annotations.Nullable;
/**
* Base class for response wrappers which encapsulate the logic for handling an event when
@@ -311,7 +312,7 @@ public void close() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
return this.delegate.equals(obj);
}
@@ -678,7 +679,7 @@ public void setWriteListener(WriteListener writeListener) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
return this.delegate.equals(obj);
}
diff --git a/web/src/main/java/org/springframework/security/web/util/matcher/AndRequestMatcher.java b/web/src/main/java/org/springframework/security/web/util/matcher/AndRequestMatcher.java
index 6b96696f2d2..73a234544f3 100644
--- a/web/src/main/java/org/springframework/security/web/util/matcher/AndRequestMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/matcher/AndRequestMatcher.java
@@ -23,6 +23,7 @@
import java.util.Objects;
import jakarta.servlet.http.HttpServletRequest;
+import org.jspecify.annotations.Nullable;
import org.springframework.util.Assert;
@@ -88,7 +89,7 @@ public MatchResult matcher(HttpServletRequest request) {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
diff --git a/web/src/main/java/org/springframework/security/web/util/matcher/AnyRequestMatcher.java b/web/src/main/java/org/springframework/security/web/util/matcher/AnyRequestMatcher.java
index f7a53805e58..28fcfb6605e 100644
--- a/web/src/main/java/org/springframework/security/web/util/matcher/AnyRequestMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/matcher/AnyRequestMatcher.java
@@ -17,6 +17,7 @@
package org.springframework.security.web.util.matcher;
import jakarta.servlet.http.HttpServletRequest;
+import org.jspecify.annotations.Nullable;
/**
* Matches any supplied request.
@@ -38,7 +39,7 @@ public boolean matches(HttpServletRequest request) {
@Override
@SuppressWarnings("deprecation")
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
return obj instanceof AnyRequestMatcher
|| obj instanceof org.springframework.security.web.util.matcher.AnyRequestMatcher;
}
diff --git a/web/src/main/java/org/springframework/security/web/util/matcher/MediaTypeRequestMatcher.java b/web/src/main/java/org/springframework/security/web/util/matcher/MediaTypeRequestMatcher.java
index f59ff8bb1f1..c0c73d51c86 100644
--- a/web/src/main/java/org/springframework/security/web/util/matcher/MediaTypeRequestMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/matcher/MediaTypeRequestMatcher.java
@@ -26,6 +26,7 @@
import jakarta.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.jspecify.annotations.Nullable;
import org.springframework.http.MediaType;
import org.springframework.util.Assert;
@@ -253,7 +254,7 @@ public void setIgnoredMediaTypes(Set ignoredMediaTypes) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/web/src/main/java/org/springframework/security/web/util/matcher/NegatedRequestMatcher.java b/web/src/main/java/org/springframework/security/web/util/matcher/NegatedRequestMatcher.java
index 158b2511c21..cb3c031278f 100644
--- a/web/src/main/java/org/springframework/security/web/util/matcher/NegatedRequestMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/matcher/NegatedRequestMatcher.java
@@ -19,6 +19,7 @@
import java.util.Objects;
import jakarta.servlet.http.HttpServletRequest;
+import org.jspecify.annotations.Nullable;
import org.springframework.util.Assert;
@@ -50,7 +51,7 @@ public boolean matches(HttpServletRequest request) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/web/src/main/java/org/springframework/security/web/util/matcher/OrRequestMatcher.java b/web/src/main/java/org/springframework/security/web/util/matcher/OrRequestMatcher.java
index 8204dc77b97..74b12cfa571 100644
--- a/web/src/main/java/org/springframework/security/web/util/matcher/OrRequestMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/matcher/OrRequestMatcher.java
@@ -21,6 +21,7 @@
import java.util.Objects;
import jakarta.servlet.http.HttpServletRequest;
+import org.jspecify.annotations.Nullable;
import org.springframework.util.Assert;
@@ -83,7 +84,7 @@ public MatchResult matcher(HttpServletRequest request) {
}
@Override
- public boolean equals(Object o) {
+ public boolean equals(@Nullable Object o) {
if (this == o) {
return true;
}
diff --git a/web/src/main/java/org/springframework/security/web/util/matcher/RequestHeaderRequestMatcher.java b/web/src/main/java/org/springframework/security/web/util/matcher/RequestHeaderRequestMatcher.java
index 3d07b183027..d3731c9ddfd 100644
--- a/web/src/main/java/org/springframework/security/web/util/matcher/RequestHeaderRequestMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/matcher/RequestHeaderRequestMatcher.java
@@ -94,7 +94,7 @@ public boolean matches(HttpServletRequest request) {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (this == obj) {
return true;
}
diff --git a/webauthn/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java b/webauthn/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java
index f3aa1a98e17..7827227a491 100644
--- a/webauthn/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java
+++ b/webauthn/src/main/java/org/springframework/security/web/webauthn/api/Bytes.java
@@ -71,7 +71,7 @@ public String toBase64UrlString() {
}
@Override
- public boolean equals(Object obj) {
+ public boolean equals(@Nullable Object obj) {
if (obj instanceof Bytes that) {
return that.toBase64UrlString().equals(toBase64UrlString());
}