Deprecate OpenID 2.0 Support

Add deprecation notice to all files in the spring-security-openid module Fixes gh-7263
2019-10-22 18:18:24 +02:00 · 2019-10-22 18:18:24 +02:00 · 84f45e4196
parent 339d44b5a1
commit 84f45e4196
19 changed files with 64 additions and 6 deletions
--- a/openid/spring-security-openid.gradle
+++ b/openid/spring-security-openid.gradle
@ -1,3 +1,7 @@
+// NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+// <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+// to <a href="https://openid.net/connect/">OpenID Connect</a>.
+
 apply plugin: 'io.spring.convention.spring-module'

 dependencies {
--- a/openid/src/main/java/org/springframework/security/openid/AuthenticationCancelledException.java
+++ b/openid/src/main/java/org/springframework/security/openid/AuthenticationCancelledException.java
@ -20,6 +20,9 @@ import org.springframework.security.core.AuthenticationException;
 /**
 * Indicates that OpenID authentication was cancelled
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Robin Bramley, Opsera Ltd
 */
 public class AuthenticationCancelledException extends AuthenticationException {
--- a/openid/src/main/java/org/springframework/security/openid/AxFetchListFactory.java
+++ b/openid/src/main/java/org/springframework/security/openid/AxFetchListFactory.java
@ -24,6 +24,9 @@ import java.util.List;
 * This allows the list of attributes for a fetch request to be tailored for different
 * OpenID providers, since they do not all support the same attributes.
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Luke Taylor
 * @since 3.1
 */
--- a/openid/src/main/java/org/springframework/security/openid/NullAxFetchListFactory.java
+++ b/openid/src/main/java/org/springframework/security/openid/NullAxFetchListFactory.java
@ -19,6 +19,9 @@ import java.util.Collections;
 import java.util.List;

 /**
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Luke Taylor
 * @since 3.1
 */
--- a/openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java
@ -41,6 +41,9 @@ import org.openid4java.message.ax.FetchResponse;
 import org.springframework.util.StringUtils;

 /**
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Ray Krueger
 * @author Luke Taylor
 */
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAttribute.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAttribute.java
@ -27,6 +27,9 @@ import org.springframework.util.Assert;
 * should be requested during a fetch request, or to hold values for an attribute which
 * are returned during the authentication process.
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Luke Taylor
 * @since 3.0
 */
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
@ -59,6 +59,9 @@ import java.util.*;
 * where it should (normally) be processed by an <tt>OpenIDAuthenticationProvider</tt> in
 * order to load the authorities for the user.
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Robin Bramley
 * @author Ray Krueger
 * @author Luke Taylor
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java
@ -44,6 +44,9 @@ import org.springframework.util.Assert;
 * {@code Authentication} token, so additional properties such as email addresses,
 * telephone numbers etc can easily be stored.
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Robin Bramley, Opsera Ltd.
 * @author Luke Taylor
 */
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java
@ -18,6 +18,9 @@ package org.springframework.security.openid;
 /**
 * Authentication status codes, based on JanRain status codes
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author JanRain Inc.
 * @author Robin Bramley, Opsera Ltd
 * @author Luke Taylor
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
@ -26,6 +26,9 @@ import org.springframework.security.core.SpringSecurityCoreVersion;
 /**
 * OpenID Authentication Token
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Robin Bramley
 */
 public class OpenIDAuthenticationToken extends AbstractAuthenticationToken {
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDConsumer.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDConsumer.java
@ -20,6 +20,9 @@ import javax.servlet.http.HttpServletRequest;
 /**
 * An interface for OpenID library implementations
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Ray Krueger
 * @author Robin Bramley, Opsera Ltd
 */
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDConsumerException.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDConsumerException.java
@ -18,6 +18,9 @@ package org.springframework.security.openid;
 /**
 * Thrown by an OpenIDConsumer if it cannot process a request
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Robin Bramley, Opsera Ltd
 */
 public class OpenIDConsumerException extends Exception {
--- a/openid/src/main/java/org/springframework/security/openid/RegexBasedAxFetchListFactory.java
+++ b/openid/src/main/java/org/springframework/security/openid/RegexBasedAxFetchListFactory.java
@ -22,7 +22,9 @@ import java.util.Map;
 import java.util.regex.Pattern;

 /**
- *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Luke Taylor
 * @since 3.1
 */
--- a/openid/src/main/java/org/springframework/security/openid/package.html
+++ b/openid/src/main/java/org/springframework/security/openid/package.html
@ -1,5 +1,9 @@
 <html>
 <body>
-Authenticates standard web browser users via <a href="https://openid.net">OpenID</a>.
+<p>Authenticates standard web browser users via <a href="https://openid.net">OpenID</a>.</p>
+
+<p>NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+    <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+    to <a href="https://openid.net/connect/">OpenID Connect</a>.</p>
 </body>
-</html>
+</html>
--- a/openid/src/test/java/org/springframework/security/openid/MockOpenIDConsumer.java
+++ b/openid/src/test/java/org/springframework/security/openid/MockOpenIDConsumer.java
@ -15,12 +15,12 @@
 */
 package org.springframework.security.openid;

-import org.springframework.security.openid.OpenIDAuthenticationToken;
-import org.springframework.security.openid.OpenIDConsumer;
-
 import javax.servlet.http.HttpServletRequest;

 /**
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Robin Bramley, Opsera Ltd
 */
 public class MockOpenIDConsumer implements OpenIDConsumer {
--- a/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java
+++ b/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java
@ -40,6 +40,9 @@ import org.springframework.mock.web.MockHttpServletRequest;
 import java.util.*;

 /**
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Luke Taylor
 */
 public class OpenID4JavaConsumerTests {
--- a/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationFilterTests.java
+++ b/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationFilterTests.java
@ -31,6 +31,11 @@ import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

+/**
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
+ */
 public class OpenIDAuthenticationFilterTests {

 	OpenIDAuthenticationFilter filter;
--- a/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProviderTests.java
+++ b/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProviderTests.java
@ -35,6 +35,9 @@ import org.springframework.security.core.userdetails.UserDetailsService;
 /**
 * Tests {@link OpenIDAuthenticationProvider}
 *
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+ * to <a href="https://openid.net/connect/">OpenID Connect</a>.
 * @author Robin Bramley, Opsera Ltd
 */
 public class OpenIDAuthenticationProviderTests {
--- a/openid/src/test/resources/logback-test.xml
+++ b/openid/src/test/resources/logback-test.xml
@ -1,3 +1,7 @@
+<!-- NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
+to <a href="https://openid.net/connect/">OpenID Connect</a>. -->
+
 <configuration>
 	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
 	<encoder>