From 60bed7f68aa8c3bcd5363cffb8aa8e0ee748d2aa Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Wed, 19 Mar 2025 18:26:50 -0600 Subject: [PATCH] Polish AuthenticationRequest Property - Add getter for reading the request - Update BadCredentialsMixing to ignore authentication - Allow exception to be mutable Issue gh-16444 --- .../core/AuthenticationException.java | 43 ++++++++++--------- .../BadCredentialsExceptionMixin.java | 2 +- etc/checkstyle/checkstyle-suppressions.xml | 1 + 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/core/src/main/java/org/springframework/security/core/AuthenticationException.java b/core/src/main/java/org/springframework/security/core/AuthenticationException.java index 914f165dca..8efe1be55f 100644 --- a/core/src/main/java/org/springframework/security/core/AuthenticationException.java +++ b/core/src/main/java/org/springframework/security/core/AuthenticationException.java @@ -31,15 +31,7 @@ public abstract class AuthenticationException extends RuntimeException { @Serial private static final long serialVersionUID = 2018827803361503060L; - /** - * The {@link Authentication} object representing the failed authentication attempt. - *

- * This field captures the authentication request that was attempted but ultimately - * failed, providing critical information for diagnosing the failure and facilitating - * debugging. If set, the value must not be null. - *

- */ - private Authentication authRequest; + private Authentication authenticationRequest; /** * Constructs an {@code AuthenticationException} with the specified message and root @@ -49,7 +41,6 @@ public abstract class AuthenticationException extends RuntimeException { */ public AuthenticationException(String msg, Throwable cause) { super(msg, cause); - this.authRequest = null; } /** @@ -59,23 +50,33 @@ public abstract class AuthenticationException extends RuntimeException { */ public AuthenticationException(String msg) { super(msg); - this.authRequest = null; } - /** - * Sets the {@link Authentication} object representing the failed authentication + * Get the {@link Authentication} object representing the failed authentication * attempt. *

- * This method allows the injection of the authentication request that resulted in a - * failure. The provided {@code authRequest} should not be null if set. - *

- * @param authRequest the authentication request associated with the failed - * authentication attempt. + * This field captures the authentication request that was attempted but ultimately + * failed, providing critical information for diagnosing the failure and facilitating + * debugging + * @since 6.5 */ - public void setAuthRequest(Authentication authRequest) { - Assert.notNull(authRequest, "AuthRequest cannot be null"); - this.authRequest = authRequest; + public Authentication getAuthenticationRequest() { + return this.authenticationRequest; + } + + /** + * Set the {@link Authentication} object representing the failed authentication + * attempt. + *

+ * The provided {@code authenticationRequest} should not be null + * @param authenticationRequest the authentication request associated with the failed + * authentication attempt + * @since 6.5 + */ + public void setAuthenticationRequest(Authentication authenticationRequest) { + Assert.notNull(authenticationRequest, "authenticationRequest cannot be null"); + this.authenticationRequest = authenticationRequest; } } diff --git a/core/src/main/java/org/springframework/security/jackson2/BadCredentialsExceptionMixin.java b/core/src/main/java/org/springframework/security/jackson2/BadCredentialsExceptionMixin.java index 5471374b4d..aedb7507ad 100644 --- a/core/src/main/java/org/springframework/security/jackson2/BadCredentialsExceptionMixin.java +++ b/core/src/main/java/org/springframework/security/jackson2/BadCredentialsExceptionMixin.java @@ -40,7 +40,7 @@ import com.fasterxml.jackson.annotation.JsonTypeInfo; * @see CoreJackson2Module */ @JsonTypeInfo(use = JsonTypeInfo.Id.CLASS, include = JsonTypeInfo.As.PROPERTY) -@JsonIgnoreProperties(ignoreUnknown = true, value = { "cause", "stackTrace" }) +@JsonIgnoreProperties(ignoreUnknown = true, value = { "cause", "stackTrace", "authenticationRequest" }) class BadCredentialsExceptionMixin { /** diff --git a/etc/checkstyle/checkstyle-suppressions.xml b/etc/checkstyle/checkstyle-suppressions.xml index b368ce84e8..c1c5baf08a 100644 --- a/etc/checkstyle/checkstyle-suppressions.xml +++ b/etc/checkstyle/checkstyle-suppressions.xml @@ -38,6 +38,7 @@ +