From 65b5d468fbd3cd202f1e80b1815399e8003bf985 Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Mon, 24 Feb 2020 06:15:41 -0500 Subject: [PATCH] Deprecate UnAuthenticatedServerOAuth2AuthorizedClientRepository Fixes gh-8016 --- ...thenticatedServerOAuth2AuthorizedClientRepository.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/UnAuthenticatedServerOAuth2AuthorizedClientRepository.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/UnAuthenticatedServerOAuth2AuthorizedClientRepository.java index 593489d52e..05356df521 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/UnAuthenticatedServerOAuth2AuthorizedClientRepository.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/UnAuthenticatedServerOAuth2AuthorizedClientRepository.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2019 the original author or authors. + * Copyright 2002-2020 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,22 +19,26 @@ package org.springframework.security.oauth2.client.web.server; import org.springframework.security.authentication.AuthenticationTrustResolver; import org.springframework.security.authentication.AuthenticationTrustResolverImpl; import org.springframework.security.core.Authentication; +import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.util.Assert; import org.springframework.web.server.ServerWebExchange; import reactor.core.publisher.Mono; -import java.util.concurrent.ConcurrentHashMap; import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; /** * Provides support for an unauthenticated user. This is useful when running as a process with no * user associated to it. The implementation ensures that {@link ServerWebExchange} is null and that the * {@link Authentication} is either null or anonymous to prevent using it incorrectly. * + * @deprecated Use {@link AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager} instead + * * @author Rob Winch * @since 5.1 */ +@Deprecated public class UnAuthenticatedServerOAuth2AuthorizedClientRepository implements ServerOAuth2AuthorizedClientRepository { private final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();