diff --git a/oauth2/oauth2-authorization-server/spring-security-oauth2-authorization-server.gradle b/oauth2/oauth2-authorization-server/spring-security-oauth2-authorization-server.gradle index 9c25625a55..af669f35b7 100644 --- a/oauth2/oauth2-authorization-server/spring-security-oauth2-authorization-server.gradle +++ b/oauth2/oauth2-authorization-server/spring-security-oauth2-authorization-server.gradle @@ -1,3 +1,7 @@ +plugins { + id 'compile-warnings-error' +} + apply plugin: 'io.spring.convention.spring-module' apply plugin: 'javadoc-warnings-error' diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java index 1488eed18e..852f958f55 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java @@ -505,6 +505,7 @@ public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationServic * 3. */ @Deprecated(forRemoval = true, since = "7.0") + @SuppressWarnings("removal") public static class OAuth2AuthorizationRowMapper extends AbstractOAuth2AuthorizationRowMapper { private ObjectMapper objectMapper = Jackson2.createObjectMapper(); @@ -747,6 +748,7 @@ public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationServic * Jackson 3. */ @Deprecated(forRemoval = true, since = "7.0") + @SuppressWarnings("removal") public static class OAuth2AuthorizationParametersMapper extends AbstractOAuth2AuthorizationParametersMapper { private ObjectMapper objectMapper = Jackson2.createObjectMapper(); @@ -895,6 +897,7 @@ public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationServic @Deprecated(forRemoval = true, since = "7.0") private static final class Jackson2 { + @SuppressWarnings("removal") private static ObjectMapper createObjectMapper() { ObjectMapper objectMapper = new ObjectMapper(); ClassLoader classLoader = Jackson2.class.getClassLoader(); diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java index 071f8a20a8..0760b93e1e 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java @@ -34,7 +34,6 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.jackson.CoreJacksonModule; -import org.springframework.security.jackson2.CoreJackson2Module; import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest; @@ -50,11 +49,9 @@ import org.springframework.security.oauth2.server.authorization.authentication.O import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeCompositeAuthenticationToken; import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.jackson.OAuth2AuthorizationServerJacksonModule; -import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module; import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat; import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.security.web.jackson.WebServletJacksonModule; -import org.springframework.security.web.jackson2.WebServletJackson2Module; import org.springframework.security.web.savedrequest.DefaultSavedRequest; import org.springframework.util.ClassUtils; @@ -116,12 +113,14 @@ class OAuth2AuthorizationServerBeanRegistrationAotProcessor implements BeanRegis private void registerHints(RuntimeHints hints) { // Collections -> UnmodifiableSet, UnmodifiableList, UnmodifiableMap, // UnmodifiableRandomAccessList, etc. - hints.reflection().registerType(Collections.class, MemberCategory.DECLARED_CLASSES); + hints.reflection() + .registerType(Collections.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + MemberCategory.INVOKE_DECLARED_METHODS); // HashSet hints.reflection() - .registerType(HashSet.class, MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS); + .registerType(HashSet.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + MemberCategory.INVOKE_DECLARED_METHODS); hints.reflection() .registerTypes(Arrays.asList(TypeReference.of(AbstractAuthenticationToken.class), @@ -138,18 +137,17 @@ class OAuth2AuthorizationServerBeanRegistrationAotProcessor implements BeanRegis TypeReference.of(AuthorizationGrantType.class), TypeReference.of(OAuth2AuthorizationResponseType.class), TypeReference.of(OAuth2TokenFormat.class)), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + MemberCategory.INVOKE_DECLARED_METHODS)); // Jackson Modules if (jackson2Present) { hints.reflection() .registerTypes( - Arrays.asList(TypeReference.of(CoreJackson2Module.class), - TypeReference.of(WebServletJackson2Module.class), - TypeReference.of(OAuth2AuthorizationServerJackson2Module.class)), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + Arrays.asList(TypeReference.of(CoreJacksonModule.class), + TypeReference.of(WebServletJacksonModule.class), + TypeReference.of(OAuth2AuthorizationServerJacksonModule.class)), + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } if (jackson3Present) { @@ -158,8 +156,7 @@ class OAuth2AuthorizationServerBeanRegistrationAotProcessor implements BeanRegis Arrays.asList(TypeReference.of(CoreJacksonModule.class), TypeReference.of(WebServletJacksonModule.class), TypeReference.of(OAuth2AuthorizationServerJacksonModule.class)), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } @@ -222,8 +219,7 @@ class OAuth2AuthorizationServerBeanRegistrationAotProcessor implements BeanRegis hints.reflection() .registerType(TypeReference .of("org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken"), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); // Jackson Module @@ -231,8 +227,7 @@ class OAuth2AuthorizationServerBeanRegistrationAotProcessor implements BeanRegis hints.reflection() .registerType(TypeReference .of("org.springframework.security.oauth2.client.jackson2.OAuth2ClientJackson2Module"), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } if (jackson3Present) { @@ -240,8 +235,7 @@ class OAuth2AuthorizationServerBeanRegistrationAotProcessor implements BeanRegis .registerType( TypeReference .of("org.springframework.security.oauth2.client.jackson.OAuth2ClientJacksonModule"), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java index 12854d6c90..f0d7c4148d 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java @@ -46,7 +46,8 @@ class OAuth2AuthorizationServerRuntimeHints implements RuntimeHintsRegistrar { .of("org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter$OAuth2AuthorizationCodeRequestValidatingFilter"), MemberCategory.INVOKE_DECLARED_CONSTRUCTORS); hints.reflection() - .registerType(OAuth2AuthorizationCodeRequestAuthenticationToken.class, MemberCategory.DECLARED_FIELDS); + .registerType(OAuth2AuthorizationCodeRequestAuthenticationToken.class, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS); } diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java index 29786a1712..4a10b5a896 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java @@ -283,6 +283,7 @@ public class JdbcRegisteredClientRepository implements RegisteredClientRepositor * @deprecated Use {@link JsonMapperRegisteredClientRowMapper} to switch to Jackson 3. */ @Deprecated(forRemoval = true, since = "7.0") + @SuppressWarnings("removal") public static class RegisteredClientRowMapper extends AbstractRegisteredClientRowMapper { private ObjectMapper objectMapper = Jackson2.createObjectMapper(); @@ -435,6 +436,7 @@ public class JdbcRegisteredClientRepository implements RegisteredClientRepositor * Jackson 3. */ @Deprecated(forRemoval = true, since = "7.0") + @SuppressWarnings("removal") public static class RegisteredClientParametersMapper extends AbstractRegisteredClientParametersMapper { private ObjectMapper objectMapper = Jackson2.createObjectMapper(); @@ -527,6 +529,7 @@ public class JdbcRegisteredClientRepository implements RegisteredClientRepositor @Deprecated(forRemoval = true, since = "7.0") private static final class Jackson2 { + @SuppressWarnings("removal") private static ObjectMapper createObjectMapper() { ObjectMapper objectMapper = new ObjectMapper(); ClassLoader classLoader = Jackson2.class.getClassLoader(); diff --git a/oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java b/oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java index 04f7a9a310..62b55c23f7 100644 --- a/oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java +++ b/oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java @@ -657,6 +657,7 @@ public class JdbcOAuth2AuthorizationServiceTests { return !result.isEmpty() ? result.get(0) : null; } + @SuppressWarnings("removal") private static final class CustomOAuth2AuthorizationRowMapper extends JdbcOAuth2AuthorizationService.OAuth2AuthorizationRowMapper { @@ -794,6 +795,7 @@ public class JdbcOAuth2AuthorizationServiceTests { } + @SuppressWarnings("removal") private static final class CustomOAuth2AuthorizationParametersMapper extends JdbcOAuth2AuthorizationService.OAuth2AuthorizationParametersMapper {