Polishing contribution

Closes gh-25780

spring-webmvc/src/main/java/org/springframework/web/servlet/mvc/method/annotation/ServletRequestMethodArgumentResolver.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,7 +19,6 @@ package org.springframework.web.servlet.mvc.method.annotation;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.Reader;
-import java.lang.annotation.Annotation;
 import java.security.Principal;
 import java.time.ZoneId;
 import java.util.Locale;
@@ -85,13 +84,12 @@ public class ServletRequestMethodArgumentResolver implements HandlerMethodArgume
 	@Override
 	public boolean supportsParameter(MethodParameter parameter) {
 		Class<?> paramType = parameter.getParameterType();
-		final Annotation[] parameterAnnotations = parameter.getParameterAnnotations();
 		return (WebRequest.class.isAssignableFrom(paramType) ||
 				ServletRequest.class.isAssignableFrom(paramType) ||
 				MultipartRequest.class.isAssignableFrom(paramType) ||
 				HttpSession.class.isAssignableFrom(paramType) ||
 				(pushBuilder != null && pushBuilder.isAssignableFrom(paramType)) ||
-				(Principal.class.isAssignableFrom(paramType) && parameterAnnotations.length == 0) ||
+				(Principal.class.isAssignableFrom(paramType) && parameter.getParameterAnnotations().length == 0) ||
 				InputStream.class.isAssignableFrom(paramType) ||
 				Reader.class.isAssignableFrom(paramType) ||
 				HttpMethod.class == paramType ||

spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/ServletRequestMethodArgumentResolverTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2019 the original author or authors.
+ * Copyright 2002-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -126,10 +126,7 @@ public class ServletRequestMethodArgumentResolverTests {
 		assertThat(result).as("Invalid result").isNull();
 	}
 
-	// spring-security already provides the @AuthenticationPrincipal annotation to inject the Principal taken from SecurityContext.getAuthentication.getPrincipal()
+	@Test // gh-25780
-	//  but ServletRequestMethodArgumentResolver used to take precedence over @AuthenticationPrincipal resolver org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver
-	//  and we used to get the wrong Principal in methods. See https://github.com/spring-projects/spring-framework/pull/25780
-	@Test
 	public void annotatedPrincipal() throws Exception {
 		Principal principal = () -> "Foo";
 		servletRequest.setUserPrincipal(principal);
@@ -262,14 +259,6 @@ public class ServletRequestMethodArgumentResolverTests {
 		assertThat(result).as("Invalid result").isSameAs(pushBuilder);
 	}
 
-	@Target({ ElementType.PARAMETER })
-	@Retention(RetentionPolicy.RUNTIME)
-	public @interface PlaceHolder {}
-
-	@SuppressWarnings("unused")
-	public void supportedParamsWithAnnotatedPrincipal(@PlaceHolder Principal p) {
-
-	}
 
 	@SuppressWarnings("unused")
 	public void supportedParams(ServletRequest p0,
@@ -283,7 +272,13 @@ public class ServletRequestMethodArgumentResolverTests {
 								TimeZone p8,
 								ZoneId p9,
 								HttpMethod p10,
-								PushBuilder p11) {
+								PushBuilder p11) {}
-	}
+
+	@Target({ ElementType.PARAMETER })
+	@Retention(RetentionPolicy.RUNTIME)
+	public @interface AuthenticationPrincipal {}
+
+	@SuppressWarnings("unused")
+	public void supportedParamsWithAnnotatedPrincipal(@AuthenticationPrincipal Principal p) {}
 
 }