From 2ad859a63c361a9732aa9b325e04bb8e36aa878e Mon Sep 17 00:00:00 2001
From: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Date: Tue, 22 Apr 2025 13:37:40 -0600
Subject: [PATCH] Add Missing Deprecation Markers

---
 .../config/annotation/rsocket/PayloadInterceptorOrder.java  | 4 ++++
 .../security/config/method/MethodConfigUtils.java           | 3 +++
 .../access/hierarchicalroles/RoleHierarchyUtils.java        | 2 ++
 .../security/access/intercept/NullRunAsManager.java         | 2 ++
 .../method/PostAuthorizeReactiveAuthorizationManager.java   | 3 +++
 .../PostFilterAuthorizationReactiveMethodInterceptor.java   | 3 +++
 .../method/PreAuthorizeReactiveAuthorizationManager.java    | 3 +++
 .../PreFilterAuthorizationReactiveMethodInterceptor.java    | 3 +++
 .../BasicAuthenticationPayloadExchangeConverter.java        | 2 ++
 .../authentication/BearerPayloadExchangeConverter.java      | 2 ++
 .../web/access/channel/AbstractRetryEntryPoint.java         | 4 ++++
 .../security/web/access/channel/ChannelEntryPoint.java      | 6 ++++++
 .../web/access/channel/RetryWithHttpEntryPoint.java         | 6 ++++++
 .../web/access/channel/RetryWithHttpsEntryPoint.java        | 6 ++++++
 .../web/context/DelegatingSecurityContextRepository.java    | 5 +++++
 .../web/context/HttpSessionSecurityContextRepository.java   | 2 ++
 .../security/web/context/NullSecurityContextRepository.java | 4 ++++
 .../context/RequestAttributeSecurityContextRepository.java  | 4 ++++
 18 files changed, 64 insertions(+)

diff --git a/config/src/main/java/org/springframework/security/config/annotation/rsocket/PayloadInterceptorOrder.java b/config/src/main/java/org/springframework/security/config/annotation/rsocket/PayloadInterceptorOrder.java
index 4577301714..db9e8fd4ec 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/rsocket/PayloadInterceptorOrder.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/rsocket/PayloadInterceptorOrder.java
@@ -33,12 +33,16 @@ public enum PayloadInterceptorOrder implements Ordered {
 	/**
 	 * Where basic authentication is placed.
 	 * @see RSocketSecurity#basicAuthentication(Customizer)
+	 * @deprecated please see {@link PayloadInterceptorOrder#AUTHENTICATION}
 	 */
+	@Deprecated
 	BASIC_AUTHENTICATION,
 	/**
 	 * Where JWT based authentication is performed.
 	 * @see RSocketSecurity#jwt(Customizer)
+	 * @deprecated please see {@link PayloadInterceptorOrder#AUTHENTICATION}
 	 */
+	@Deprecated
 	JWT_AUTHENTICATION,
 	/**
 	 * A generic placeholder for other types of authentication.
diff --git a/config/src/main/java/org/springframework/security/config/method/MethodConfigUtils.java b/config/src/main/java/org/springframework/security/config/method/MethodConfigUtils.java
index d6808633af..e61231b29c 100644
--- a/config/src/main/java/org/springframework/security/config/method/MethodConfigUtils.java
+++ b/config/src/main/java/org/springframework/security/config/method/MethodConfigUtils.java
@@ -24,6 +24,7 @@ import org.springframework.security.access.AccessDecisionVoter;
 import org.springframework.security.access.vote.AffirmativeBased;
 import org.springframework.security.access.vote.AuthenticatedVoter;
 import org.springframework.security.access.vote.RoleVoter;
+import org.springframework.security.authorization.AuthorizationManager;
 import org.springframework.security.config.BeanIds;
 
 /**
@@ -32,7 +33,9 @@ import org.springframework.security.config.BeanIds;
  * @author Luke Taylor
  * @author Ben Alex
  * @author Rob Winch
+ * @deprecated Please use {@link AuthorizationManager} instead
  */
+@Deprecated
 abstract class MethodConfigUtils {
 
 	@SuppressWarnings("unchecked")
diff --git a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtils.java b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtils.java
index 2143632d14..f23add9629 100644
--- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtils.java
+++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtils.java
@@ -43,7 +43,9 @@ public final class RoleHierarchyUtils {
 	 * @return a string representation of a role hierarchy
 	 * @throws IllegalArgumentException if roleHierarchyMap is null or empty or if a role
 	 * name is null or empty or if an implied role name(s) is null or empty
+	 * @deprecated please see {@link RoleHierarchyImpl#setHierarchy} deprecation notice
 	 */
+	@Deprecated
 	public static String roleHierarchyFromMap(Map<String, List<String>> roleHierarchyMap) {
 		Assert.notEmpty(roleHierarchyMap, "roleHierarchyMap cannot be empty");
 		StringWriter result = new StringWriter();
diff --git a/core/src/main/java/org/springframework/security/access/intercept/NullRunAsManager.java b/core/src/main/java/org/springframework/security/access/intercept/NullRunAsManager.java
index 1cd0bf85d1..36b8ad2157 100644
--- a/core/src/main/java/org/springframework/security/access/intercept/NullRunAsManager.java
+++ b/core/src/main/java/org/springframework/security/access/intercept/NullRunAsManager.java
@@ -28,7 +28,9 @@ import org.springframework.security.core.Authentication;
  * functionality.
  *
  * @author Ben Alex
+ * @deprecated please see {@link RunAsManager} deprecation notice
  */
+@Deprecated
 final class NullRunAsManager implements RunAsManager {
 
 	@Override
diff --git a/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManager.java
index 2b09d0fd61..e69edcf361 100644
--- a/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManager.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManager.java
@@ -59,7 +59,10 @@ public final class PostAuthorizeReactiveAuthorizationManager
 	 * not be resolved.
 	 * @param defaults - whether to resolve pre/post-authorization templates parameters
 	 * @since 6.3
+	 * @deprecated please use
+	 * {@link #setTemplateDefaults(AnnotationTemplateExpressionDefaults)}
 	 */
+	@Deprecated
 	public void setTemplateDefaults(PrePostTemplateDefaults defaults) {
 		this.registry.setTemplateDefaults(defaults);
 	}
diff --git a/core/src/main/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptor.java b/core/src/main/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptor.java
index 78079be150..7e37707074 100644
--- a/core/src/main/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptor.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptor.java
@@ -74,7 +74,10 @@ public final class PostFilterAuthorizationReactiveMethodInterceptor implements A
 	 * not be resolved.
 	 * @param defaults - whether to resolve pre/post-authorization templates parameters
 	 * @since 6.3
+	 * @deprecated please use
+	 * {@link #setTemplateDefaults(AnnotationTemplateExpressionDefaults)}
 	 */
+	@Deprecated
 	public void setTemplateDefaults(PrePostTemplateDefaults defaults) {
 		this.registry.setTemplateDefaults(defaults);
 	}
diff --git a/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManager.java
index 86829e6020..ddb0eb375d 100644
--- a/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManager.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManager.java
@@ -59,7 +59,10 @@ public final class PreAuthorizeReactiveAuthorizationManager
 	 * not be resolved.
 	 * @param defaults - whether to resolve pre/post-authorization templates parameters
 	 * @since 6.3
+	 * @deprecated please use
+	 * {@link #setTemplateDefaults(AnnotationTemplateExpressionDefaults)}
 	 */
+	@Deprecated
 	public void setTemplateDefaults(PrePostTemplateDefaults defaults) {
 		this.registry.setTemplateDefaults(defaults);
 	}
diff --git a/core/src/main/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptor.java b/core/src/main/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptor.java
index 2b9f9a4894..4f2267c3cb 100644
--- a/core/src/main/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptor.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptor.java
@@ -77,7 +77,10 @@ public final class PreFilterAuthorizationReactiveMethodInterceptor implements Au
 	 * not be resolved.
 	 * @param defaults - whether to resolve pre/post-authorization templates parameters
 	 * @since 6.3
+	 * @deprecated please use
+	 * {@link #setTemplateDefaults(AnnotationTemplateExpressionDefaults)}
 	 */
+	@Deprecated
 	public void setTemplateDefaults(PrePostTemplateDefaults defaults) {
 		this.registry.setTemplateDefaults(defaults);
 	}
diff --git a/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BasicAuthenticationPayloadExchangeConverter.java b/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BasicAuthenticationPayloadExchangeConverter.java
index bab31bd630..8ff0749475 100644
--- a/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BasicAuthenticationPayloadExchangeConverter.java
+++ b/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BasicAuthenticationPayloadExchangeConverter.java
@@ -36,7 +36,9 @@ import org.springframework.util.MimeTypeUtils;
  *
  * @author Rob Winch
  * @since 5.2
+ * @deprecated please use {@link AuthenticationPayloadExchangeConverter} instead
  */
+@Deprecated
 public class BasicAuthenticationPayloadExchangeConverter implements PayloadExchangeAuthenticationConverter {
 
 	private MimeType metadataMimetype = MimeTypeUtils
diff --git a/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BearerPayloadExchangeConverter.java b/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BearerPayloadExchangeConverter.java
index cdaca17264..09d02452e8 100644
--- a/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BearerPayloadExchangeConverter.java
+++ b/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BearerPayloadExchangeConverter.java
@@ -34,7 +34,9 @@ import org.springframework.security.rsocket.metadata.BearerTokenMetadata;
  *
  * @author Rob Winch
  * @since 5.2
+ * @deprecated please use {@link AuthenticationPayloadExchangeConverter} instead
  */
+@Deprecated
 public class BearerPayloadExchangeConverter implements PayloadExchangeAuthenticationConverter {
 
 	private static final String BEARER_MIME_TYPE_VALUE = BearerTokenMetadata.BEARER_AUTHENTICATION_MIME_TYPE.toString();
diff --git a/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java
index ad0346d4aa..4af85191e4 100644
--- a/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java
@@ -34,7 +34,11 @@ import org.springframework.util.Assert;
 
 /**
  * @author Luke Taylor
+ * @deprecated please use
+ * {@link org.springframework.security.web.transport.HttpsRedirectFilter} and its
+ * associated {@link PortMapper}
  */
+@Deprecated
 public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
 
 	protected final Log logger = LogFactory.getLog(getClass());
diff --git a/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java
index f5149055bf..405b861179 100644
--- a/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java
@@ -22,6 +22,8 @@ import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 
+import org.springframework.security.web.PortMapper;
+
 /**
  * May be used by a {@link ChannelProcessor} to launch a web channel.
  *
@@ -31,7 +33,11 @@ import jakarta.servlet.http.HttpServletResponse;
  * interface to assist <code>ChannelProcessor</code>s in performing this delegation.
  *
  * @author Ben Alex
+ * @deprecated please use
+ * {@link org.springframework.security.web.transport.HttpsRedirectFilter} and its
+ * associated {@link PortMapper}
  */
+@Deprecated
 public interface ChannelEntryPoint {
 
 	/**
diff --git a/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java
index 27fcf7deb8..a4cd77fd81 100644
--- a/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.access.channel;
 
+import org.springframework.security.web.PortMapper;
+
 /**
  * Commences an insecure channel by retrying the original request using HTTP.
  * <p>
@@ -24,7 +26,11 @@ package org.springframework.security.web.access.channel;
  * issue.
  *
  * @author Ben Alex
+ * @deprecated please use
+ * {@link org.springframework.security.web.transport.HttpsRedirectFilter} and its
+ * associated {@link PortMapper}
  */
+@Deprecated(since = "6.5")
 public class RetryWithHttpEntryPoint extends AbstractRetryEntryPoint {
 
 	public RetryWithHttpEntryPoint() {
diff --git a/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java
index 7b13ab2fd5..c7e113ac67 100644
--- a/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java
@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.access.channel;
 
+import org.springframework.security.web.PortMapper;
+
 /**
  * Commences a secure channel by retrying the original request using HTTPS.
  * <p>
@@ -25,7 +27,11 @@ package org.springframework.security.web.access.channel;
  * </p>
  *
  * @author Ben Alex
+ * @deprecated please use
+ * {@link org.springframework.security.web.transport.HttpsRedirectFilter} and its
+ * associated {@link PortMapper}
  */
+@Deprecated(since = "6.5")
 public class RetryWithHttpsEntryPoint extends AbstractRetryEntryPoint {
 
 	public RetryWithHttpsEntryPoint() {
diff --git a/web/src/main/java/org/springframework/security/web/context/DelegatingSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/DelegatingSecurityContextRepository.java
index 10c6d1e429..7a5eb98336 100644
--- a/web/src/main/java/org/springframework/security/web/context/DelegatingSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/DelegatingSecurityContextRepository.java
@@ -44,7 +44,12 @@ public final class DelegatingSecurityContextRepository implements SecurityContex
 		this.delegates = delegates;
 	}
 
+	/**
+	 * @deprecated
+	 * @see SecurityContextRepository#loadContext
+	 */
 	@Override
+	@Deprecated
 	public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
 		SecurityContext result = null;
 		for (SecurityContextRepository delegate : this.delegates) {
diff --git a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
index 3edacbd7ac..1eec20e161 100644
--- a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
@@ -115,7 +115,9 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo
 	 * If the session is null, the context object is null or the context object stored in
 	 * the session is not an instance of {@code SecurityContext}, a new context object
 	 * will be generated and returned.
+	 * @deprecated please see {@link SecurityContextRepository#loadContext}
 	 */
+	@Deprecated
 	@Override
 	public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
 		HttpServletRequest request = requestResponseHolder.getRequest();
diff --git a/web/src/main/java/org/springframework/security/web/context/NullSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/NullSecurityContextRepository.java
index e0a916f46e..3d1a4eca39 100644
--- a/web/src/main/java/org/springframework/security/web/context/NullSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/NullSecurityContextRepository.java
@@ -38,7 +38,11 @@ public final class NullSecurityContextRepository implements SecurityContextRepos
 		return false;
 	}
 
+	/**
+	 * @deprecated please see {@link SecurityContextRepository#loadContext}
+	 */
 	@Override
+	@Deprecated
 	public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
 		return this.securityContextHolderStrategy.createEmptyContext();
 	}
diff --git a/web/src/main/java/org/springframework/security/web/context/RequestAttributeSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/RequestAttributeSecurityContextRepository.java
index 2080c61d55..daf9b21bd4 100644
--- a/web/src/main/java/org/springframework/security/web/context/RequestAttributeSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/RequestAttributeSecurityContextRepository.java
@@ -75,7 +75,11 @@ public final class RequestAttributeSecurityContextRepository implements Security
 		return getContext(request) != null;
 	}
 
+	/**
+	 * @deprecated please see {@link SecurityContextRepository#loadContext}
+	 */
 	@Override
+	@Deprecated
 	public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
 		return loadDeferredContext(requestResponseHolder.getRequest()).get();
 	}