Steve Riesenberg

Thanks for reaching out @Crystark! > I can return **null** as a response to `getAuthority` which is allowed as per the documentation: Please consider the entirety of the method's documentation:...

@Crystark thanks for your reply. While reviewing your code, I am having a bit of difficulty understanding it and the intent of it, but it appears to be all about...

**Note:** I created [spring-io/spring-security-release-tools](https://github.com/spring-io/spring-security-release-tools/) for reusable plugin(s) and GitHub Actions.

Thanks for the PR @kcsurapaneni! Could you please rebase/squash your commits and remove the intermediary merge commit?

@Tandolf, thanks for the suggestion! Have a look at [`AuthenticationFilter`](https://github.com/spring-projects/spring-security/blob/92a385ed0510cad1f118c9b4e8bd8d4368297871/web/src/main/java/org/springframework/security/web/authentication/AuthenticationFilter.java#L68). This class has strong parity with `AuthenticationWebFilter` and is highly flexible, yet isn't used in any built-in configurers as of...

Hi @Tandolf, I agree that naming is tough, often the most difficult part! 😄 This definitely sounds different from `formLogin`. But perhaps we can forestall that decision and focus on...

I'd have to double check in all scenarios, but I believe Jackson is an `optional` dependency (at least in oauth2-client). Therefore, `OAuth2AccessTokenResponseHttpMessageConverter` uses an internal utility `HttpMessageConverters.getJsonMessageConverter()` to resolve a...

@sheriumair thanks for the PR! It's possible the original code was incorrect (this code goes back to 2007), but the null check appears to have been intended to handle the...

Once you are finished with the above updates, would you mind please squashing your commits?

Hi @sheriumair! Looks like there's still two commits? I think there should only be one.