Deprecate default OAuth2AccessTokenResponseClients

Closes gh-15737
2025-06-29 15:22:15 +00:00 · 2024-09-10 13:57:15 -05:00 · 2024-09-10 13:57:15 -05:00 · 7490a8162b
commit 7490a8162b
parent 2cead9b73f
5 changed files with 14 additions and 4 deletions
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationCodeTokenResponseClient.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationCodeTokenResponseClient.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -52,7 +52,9 @@ import org.springframework.web.client.RestTemplate;
 * @see <a target="_blank" href=
 * "https://tools.ietf.org/html/rfc6749#section-4.1.4">Section 4.1.4 Access Token Response
 * (Authorization Code Grant)</a>
+ * @deprecated Use {@link RestClientAuthorizationCodeTokenResponseClient} instead
 */
+@Deprecated(since = "6.4")
 public final class DefaultAuthorizationCodeTokenResponseClient
 		implements OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> {

--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultClientCredentialsTokenResponseClient.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultClientCredentialsTokenResponseClient.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -52,7 +52,9 @@ import org.springframework.web.client.RestTemplate;
 * @see <a target="_blank" href=
 * "https://tools.ietf.org/html/rfc6749#section-4.4.3">Section 4.4.3 Access Token Response
 * (Client Credentials Grant)</a>
+ * @deprecated Use {@link RestClientClientCredentialsTokenResponseClient} instead
 */
+@Deprecated(since = "6.4")
 public final class DefaultClientCredentialsTokenResponseClient
 		implements OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> {

--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultJwtBearerTokenResponseClient.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultJwtBearerTokenResponseClient.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -50,7 +50,9 @@ import org.springframework.web.client.RestTemplate;
 * 2.1 Using JWTs as Authorization Grants</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc7521#section-4.1">Section
 * 4.1 Using Assertions as Authorization Grants</a>
+ * @deprecated Use {@link RestClientJwtBearerTokenResponseClient} instead
 */
+@Deprecated(since = "6.4")
 public final class DefaultJwtBearerTokenResponseClient
 		implements OAuth2AccessTokenResponseClient<JwtBearerGrantRequest> {

--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultRefreshTokenTokenResponseClient.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultRefreshTokenTokenResponseClient.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -49,7 +49,9 @@ import org.springframework.web.client.RestTemplate;
 * @see OAuth2AccessTokenResponse
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-6">Section 6
 * Refreshing an Access Token</a>
+ * @deprecated Use {@link RestClientRefreshTokenTokenResponseClient} instead
 */
+@Deprecated(since = "6.4")
 public final class DefaultRefreshTokenTokenResponseClient
 		implements OAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest> {

--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultTokenExchangeTokenResponseClient.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultTokenExchangeTokenResponseClient.java
@ -50,7 +50,9 @@ import org.springframework.web.client.RestTemplate;
 * 2.1 Request</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc8693#section-2.2">Section
 * 2.2 Response</a>
+ * @deprecated Use {@link RestClientRefreshTokenTokenResponseClient} instead
 */
+@Deprecated(since = "6.4")
 public final class DefaultTokenExchangeTokenResponseClient
 		implements OAuth2AccessTokenResponseClient<TokenExchangeGrantRequest> {