Resolve package tangles with security marker annotation

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/CacheControlDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 
 /**
  * A Kotlin DSL to configure the [HttpSecurity] cache control headers using idiomatic
@@ -27,7 +26,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker
  * @author Eleftheria Stein
  * @since 5.3
  */
-@SecurityMarker
+@HeadersSecurityMarker
 class CacheControlDsl {
     private var disabled = false
 

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentSecurityPolicyDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 
 /**
  * A Kotlin DSL to configure the [HttpSecurity] Content-Security-Policy header using
@@ -29,7 +28,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker
  * @property policyDirectives the security policy directive(s) to be used in the response header.
  * @property reportOnly includes the Content-Security-Policy-Report-Only header in the response.
  */
-@SecurityMarker
+@HeadersSecurityMarker
 class ContentSecurityPolicyDsl {
     var policyDirectives: String? = null
     var reportOnly: Boolean? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentTypeOptionsDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 
 /**
  * A Kotlin DSL to configure [HttpSecurity] X-Content-Type-Options header using idiomatic
@@ -27,7 +26,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker
  * @author Eleftheria Stein
  * @since 5.3
  */
-@SecurityMarker
+@HeadersSecurityMarker
 class ContentTypeOptionsDsl {
     private var disabled = false
 

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/FrameOptionsDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 
 /**
  * A Kotlin DSL to configure the [HttpSecurity] X-Frame-Options header using
@@ -30,7 +29,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker
  * application.
  * @property deny deny framing any content from this application.
  */
-@SecurityMarker
+@HeadersSecurityMarker
 class FrameOptionsDsl {
     var sameOrigin: Boolean? = null
     var deny: Boolean? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HeadersSecurityMarker.kt

@@ -0,0 +1,26 @@
+/*
+ * Copyright 2002-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.config.web.servlet.headers
+
+/**
+ * Marker annotation indicating that the annotated class is part of the headers security DSL.
+ *
+ * @author Eleftheria Stein
+ * @since 5.4
+ */
+@DslMarker
+annotation class HeadersSecurityMarker

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpPublicKeyPinningDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 
 /**
  * A Kotlin DSL to configure the [HttpSecurity] HTTP Public Key Pinning header using
@@ -35,7 +34,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker
  * the server.
  * @property reportUri the URI to which the browser should report pin validation failures.
  */
-@SecurityMarker
+@HeadersSecurityMarker
 class HttpPublicKeyPinningDsl {
     var pins: Map<String, String>? = null
     var maxAgeInSeconds: Long? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpStrictTransportSecurityDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.web.util.matcher.RequestMatcher
 
 /**
@@ -35,7 +34,7 @@ import org.springframework.security.web.util.matcher.RequestMatcher
  * @property includeSubDomains if true, subdomains should be considered HSTS Hosts too.
  * @property preload if true, preload will be included in HSTS Header.
  */
-@SecurityMarker
+@HeadersSecurityMarker
 class HttpStrictTransportSecurityDsl {
     var maxAgeInSeconds: Long? = null
     var requestMatcher: RequestMatcher? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ReferrerPolicyDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter
 
 /**
@@ -29,7 +28,7 @@ import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWrite
  * @since 5.3
  * @property policy the policy to be used in the response header.
  */
-@SecurityMarker
+@HeadersSecurityMarker
 class ReferrerPolicyDsl {
     var policy: ReferrerPolicyHeaderWriter.ReferrerPolicy? = null
 

config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/XssProtectionConfigDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 
 /**
  * A Kotlin DSL to configure the [HttpSecurity] XSS protection header using
@@ -30,7 +29,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker
  * @property xssProtectionEnabled if true, the header value will contain a value of 1.
  * If false, will explicitly disable specify that X-XSS-Protection is disabled.
  */
-@SecurityMarker
+@HeadersSecurityMarker
 class XssProtectionConfigDsl {
     var block: Boolean? = null
     var xssProtectionEnabled: Boolean? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/AuthorizationCodeGrantDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.client
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository
@@ -35,7 +34,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
  * @property accessTokenResponseClient the client used for requesting the access token credential
  * from the Token Endpoint.
  */
-@SecurityMarker
+@OAuth2ClientSecurityMarker
 class AuthorizationCodeGrantDsl {
     var authorizationRequestResolver: OAuth2AuthorizationRequestResolver? = null
     var authorizationRequestRepository: AuthorizationRequestRepository<OAuth2AuthorizationRequest>? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/OAuth2ClientSecurityMarker.kt

@@ -0,0 +1,26 @@
+/*
+ * Copyright 2002-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.config.web.servlet.oauth2.client
+
+/**
+ * Marker annotation indicating that the annotated class is part of the OAuth 2.0 client security DSL.
+ *
+ * @author Eleftheria Stein
+ * @since 5.4
+ */
+@DslMarker
+annotation class OAuth2ClientSecurityMarker

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/AuthorizationEndpointDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.login
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
@@ -33,7 +32,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
  * @property authorizationRequestResolver the resolver used for resolving [OAuth2AuthorizationRequest]'s.
  * @property authorizationRequestRepository the repository used for storing [OAuth2AuthorizationRequest]'s.
  */
-@SecurityMarker
+@OAuth2LoginSecurityMarker
 class AuthorizationEndpointDsl {
     var baseUri: String? = null
     var authorizationRequestResolver: OAuth2AuthorizationRequestResolver? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/OAuth2LoginSecurityMarker.kt

@@ -0,0 +1,26 @@
+/*
+ * Copyright 2002-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.config.web.servlet.oauth2.login
+
+/**
+ * Marker annotation indicating that the annotated class is part of the OAuth 2.0 login security DSL.
+ *
+ * @author Eleftheria Stein
+ * @since 5.4
+ */
+@DslMarker
+annotation class OAuth2LoginSecurityMarker

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/RedirectionEndpointDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.login
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 
 /**
  * A Kotlin DSL to configure the Authorization Server's Redirection Endpoint using
@@ -28,7 +27,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker
  * @since 5.3
  * @property baseUri the URI where the authorization response will be processed.
  */
-@SecurityMarker
+@OAuth2LoginSecurityMarker
 class RedirectionEndpointDsl {
     var baseUri: String? = null
 

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/TokenEndpointDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.login
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
 
@@ -31,7 +30,7 @@ import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCo
  * @property accessTokenResponseClient the client used for requesting the access token credential
  * from the Token Endpoint.
  */
-@SecurityMarker
+@OAuth2LoginSecurityMarker
 class TokenEndpointDsl {
     var accessTokenResponseClient: OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>? = null
 

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/UserInfoEndpointDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.login
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest
 import org.springframework.security.oauth2.client.registration.ClientRegistration
@@ -39,7 +38,7 @@ import org.springframework.security.oauth2.core.user.OAuth2User
  * End-User from the UserInfo Endpoint.
  * @property userAuthoritiesMapper the [GrantedAuthoritiesMapper] used for mapping [OAuth2User.getAuthorities]
  */
-@SecurityMarker
+@OAuth2LoginSecurityMarker
 class UserInfoEndpointDsl {
     var userService: OAuth2UserService<OAuth2UserRequest, OAuth2User>? = null
     var oidcUserService: OAuth2UserService<OidcUserRequest, OidcUser>? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/JwtDsl.kt

@@ -20,7 +20,6 @@ import org.springframework.core.convert.converter.Converter
 import org.springframework.security.authentication.AbstractAuthenticationToken
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.oauth2.jwt.Jwt
 import org.springframework.security.oauth2.jwt.JwtDecoder
 
@@ -35,7 +34,7 @@ import org.springframework.security.oauth2.jwt.JwtDecoder
  * @property jwkSetUri configures a [JwtDecoder] using a
  * <a target="_blank" href="https://tools.ietf.org/html/rfc7517">JSON Web Key (JWK)</a> URL
  */
-@SecurityMarker
+@OAuth2ResourceServerSecurityMarker
 class JwtDsl {
     private var _jwtDecoder: JwtDecoder? = null
     private var _jwkSetUri: String? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OAuth2ResourceServerSecurityMarker.kt

@@ -0,0 +1,26 @@
+/*
+ * Copyright 2002-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.config.web.servlet.oauth2.resourceserver
+
+/**
+ * Marker annotation indicating that the annotated class is part of the OAuth 2.0 resource server security DSL.
+ *
+ * @author Eleftheria Stein
+ * @since 5.4
+ */
+@DslMarker
+annotation class OAuth2ResourceServerSecurityMarker

config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OpaqueTokenDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.resourceserver
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector
 
 /**
@@ -29,7 +28,7 @@ import org.springframework.security.oauth2.server.resource.introspection.OpaqueT
  * @property introspectionUri the URI of the Introspection endpoint.
  * @property introspector the [OpaqueTokenIntrospector] to use.
  */
-@SecurityMarker
+@OAuth2ResourceServerSecurityMarker
 class OpaqueTokenDsl {
     private var _introspectionUri: String? = null
     private var _introspector: OpaqueTokenIntrospector? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionConcurrencyDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.session
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import org.springframework.security.core.session.SessionRegistry
 import org.springframework.security.web.session.SessionInformationExpiredStrategy
 
@@ -38,7 +37,7 @@ import org.springframework.security.web.session.SessionInformationExpiredStrateg
  * is allowed access and an existing user's session is expired.
  * @property sessionRegistry the [SessionRegistry] implementation used.
  */
-@SecurityMarker
+@SessionSecurityMarker
 class SessionConcurrencyDsl {
     var maximumSessions: Int? = null
     var expiredUrl: String? = null

config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionFixationDsl.kt

@@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.session
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
-import org.springframework.security.config.web.servlet.SecurityMarker
 import javax.servlet.http.HttpServletRequest
 import javax.servlet.http.HttpSession
 
@@ -29,7 +28,7 @@ import javax.servlet.http.HttpSession
  * @author Eleftheria Stein
  * @since 5.3
  */
-@SecurityMarker
+@SessionSecurityMarker
 class SessionFixationDsl {
     private var strategy: SessionFixationStrategy? = null
 

config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionSecurityMarker.kt

@@ -0,0 +1,26 @@
+/*
+ * Copyright 2002-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.config.web.servlet.session
+
+/**
+ * Marker annotation indicating that the annotated class is part of the session security DSL.
+ *
+ * @author Eleftheria Stein
+ * @since 5.4
+ */
+@DslMarker
+annotation class SessionSecurityMarker