From 60bed7f68aa8c3bcd5363cffb8aa8e0ee748d2aa Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Wed, 19 Mar 2025 18:26:50 -0600 Subject: [PATCH] Polish AuthenticationRequest Property - Add getter for reading the request - Update BadCredentialsMixing to ignore authentication - Allow exception to be mutable Issue gh-16444 --- .../core/AuthenticationException.java | 43 ++++++++++--------- .../BadCredentialsExceptionMixin.java | 2 +- etc/checkstyle/checkstyle-suppressions.xml | 1 + 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/core/src/main/java/org/springframework/security/core/AuthenticationException.java b/core/src/main/java/org/springframework/security/core/AuthenticationException.java index 914f165dca..8efe1be55f 100644 --- a/core/src/main/java/org/springframework/security/core/AuthenticationException.java +++ b/core/src/main/java/org/springframework/security/core/AuthenticationException.java @@ -31,15 +31,7 @@ public abstract class AuthenticationException extends RuntimeException { @Serial private static final long serialVersionUID = 2018827803361503060L; - /** - * The {@link Authentication} object representing the failed authentication attempt. - *
- * This field captures the authentication request that was attempted but ultimately - * failed, providing critical information for diagnosing the failure and facilitating - * debugging. If set, the value must not be null. - *
- */ - private Authentication authRequest; + private Authentication authenticationRequest; /** * Constructs an {@code AuthenticationException} with the specified message and root @@ -49,7 +41,6 @@ public abstract class AuthenticationException extends RuntimeException { */ public AuthenticationException(String msg, Throwable cause) { super(msg, cause); - this.authRequest = null; } /** @@ -59,23 +50,33 @@ public abstract class AuthenticationException extends RuntimeException { */ public AuthenticationException(String msg) { super(msg); - this.authRequest = null; } - /** - * Sets the {@link Authentication} object representing the failed authentication + * Get the {@link Authentication} object representing the failed authentication * attempt. *- * This method allows the injection of the authentication request that resulted in a - * failure. The provided {@code authRequest} should not be null if set. - *
- * @param authRequest the authentication request associated with the failed - * authentication attempt. + * This field captures the authentication request that was attempted but ultimately + * failed, providing critical information for diagnosing the failure and facilitating + * debugging + * @since 6.5 */ - public void setAuthRequest(Authentication authRequest) { - Assert.notNull(authRequest, "AuthRequest cannot be null"); - this.authRequest = authRequest; + public Authentication getAuthenticationRequest() { + return this.authenticationRequest; + } + + /** + * Set the {@link Authentication} object representing the failed authentication + * attempt. + *
+ * The provided {@code authenticationRequest} should not be null
+ * @param authenticationRequest the authentication request associated with the failed
+ * authentication attempt
+ * @since 6.5
+ */
+ public void setAuthenticationRequest(Authentication authenticationRequest) {
+ Assert.notNull(authenticationRequest, "authenticationRequest cannot be null");
+ this.authenticationRequest = authenticationRequest;
}
}
diff --git a/core/src/main/java/org/springframework/security/jackson2/BadCredentialsExceptionMixin.java b/core/src/main/java/org/springframework/security/jackson2/BadCredentialsExceptionMixin.java
index 5471374b4d..aedb7507ad 100644
--- a/core/src/main/java/org/springframework/security/jackson2/BadCredentialsExceptionMixin.java
+++ b/core/src/main/java/org/springframework/security/jackson2/BadCredentialsExceptionMixin.java
@@ -40,7 +40,7 @@ import com.fasterxml.jackson.annotation.JsonTypeInfo;
* @see CoreJackson2Module
*/
@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS, include = JsonTypeInfo.As.PROPERTY)
-@JsonIgnoreProperties(ignoreUnknown = true, value = { "cause", "stackTrace" })
+@JsonIgnoreProperties(ignoreUnknown = true, value = { "cause", "stackTrace", "authenticationRequest" })
class BadCredentialsExceptionMixin {
/**
diff --git a/etc/checkstyle/checkstyle-suppressions.xml b/etc/checkstyle/checkstyle-suppressions.xml
index b368ce84e8..c1c5baf08a 100644
--- a/etc/checkstyle/checkstyle-suppressions.xml
+++ b/etc/checkstyle/checkstyle-suppressions.xml
@@ -38,6 +38,7 @@