diff --git a/docs/src/docs/asciidoc/examples/src/test/java/sample/jose/TestKeys.java b/docs/src/docs/asciidoc/examples/src/test/java/sample/jose/TestKeys.java index f2588be8..e8a8e3c2 100644 --- a/docs/src/docs/asciidoc/examples/src/test/java/sample/jose/TestKeys.java +++ b/docs/src/docs/asciidoc/examples/src/test/java/sample/jose/TestKeys.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package sample.jose; import java.math.BigInteger; @@ -36,12 +35,7 @@ import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be removed when merging this codebase into Spring Security. - * * @author Joe Grandja - * @since 5.2 */ public final class TestKeys { diff --git a/docs/src/docs/asciidoc/examples/src/test/java/sample/test/SpringTestContext.java b/docs/src/docs/asciidoc/examples/src/test/java/sample/test/SpringTestContext.java index 6bb8229a..96e674d4 100644 --- a/docs/src/docs/asciidoc/examples/src/test/java/sample/test/SpringTestContext.java +++ b/docs/src/docs/asciidoc/examples/src/test/java/sample/test/SpringTestContext.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2017 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package sample.test; import java.io.Closeable; @@ -44,11 +43,7 @@ import org.springframework.web.filter.OncePerRequestFilter; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; /** - * TODO - * This class is a straight copy from Spring Security. - * * @author Rob Winch - * @since 5.0 */ public class SpringTestContext implements Closeable { diff --git a/docs/src/docs/asciidoc/examples/src/test/java/sample/test/SpringTestContextExtension.java b/docs/src/docs/asciidoc/examples/src/test/java/sample/test/SpringTestContextExtension.java index f49d85a2..019db2de 100644 --- a/docs/src/docs/asciidoc/examples/src/test/java/sample/test/SpringTestContextExtension.java +++ b/docs/src/docs/asciidoc/examples/src/test/java/sample/test/SpringTestContextExtension.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2017 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package sample.test; import java.lang.reflect.Field; @@ -27,8 +26,7 @@ import org.junit.jupiter.api.extension.ExtensionContext; import org.springframework.security.test.context.TestSecurityContextHolder; /** - * TODO - * This class is a straight copy from Spring Security. + * @author Rob Winch */ public class SpringTestContextExtension implements BeforeEachCallback, AfterEachCallback { diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/http/converter/HttpMessageConverters.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/http/converter/HttpMessageConverters.java index c01ca472..a5e53631 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/http/converter/HttpMessageConverters.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/http/converter/HttpMessageConverters.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,14 +23,10 @@ import org.springframework.http.converter.json.MappingJackson2HttpMessageConvert import org.springframework.util.ClassUtils; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be consolidated when merging this codebase into Spring Security. - * * Utility methods for {@link HttpMessageConverter}'s. * * @author Joe Grandja - * @since 5.1 + * @since 0.1.1 */ final class HttpMessageConverters { diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/JsonNodeUtils.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/JsonNodeUtils.java index 2a482082..f7b0bcae 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/JsonNodeUtils.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/JsonNodeUtils.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.oauth2.server.authorization.jackson2; import java.util.Map; @@ -24,14 +23,10 @@ import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be consolidated when merging this codebase into Spring Security. - * * Utility class for {@code JsonNode}. * * @author Joe Grandja - * @since 5.3 + * @since 0.1.2 */ abstract class JsonNodeUtils { diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/OAuth2AuthorizationRequestDeserializer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/OAuth2AuthorizationRequestDeserializer.java index def03a72..3fe9ed19 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/OAuth2AuthorizationRequestDeserializer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/OAuth2AuthorizationRequestDeserializer.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.oauth2.server.authorization.jackson2; import java.io.IOException; @@ -31,14 +30,10 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be consolidated when merging this codebase into Spring Security. - * * A {@code JsonDeserializer} for {@link OAuth2AuthorizationRequest}. * * @author Joe Grandja - * @since 5.3 + * @since 0.1.2 * @see OAuth2AuthorizationRequest * @see OAuth2AuthorizationRequestMixin */ diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/OAuth2AuthorizationRequestMixin.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/OAuth2AuthorizationRequestMixin.java index 64340c38..0bf7c9a8 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/OAuth2AuthorizationRequestMixin.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/OAuth2AuthorizationRequestMixin.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.oauth2.server.authorization.jackson2; import com.fasterxml.jackson.annotation.JsonAutoDetect; @@ -24,15 +23,11 @@ import com.fasterxml.jackson.databind.annotation.JsonDeserialize; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be consolidated when merging this codebase into Spring Security. - * * This mixin class is used to serialize/deserialize {@link OAuth2AuthorizationRequest}. * It also registers a custom deserializer {@link OAuth2AuthorizationRequestDeserializer}. * * @author Joe Grandja - * @since 5.3 + * @since 0.1.2 * @see OAuth2AuthorizationRequest * @see OAuth2AuthorizationRequestDeserializer */ diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/StdConverters.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/StdConverters.java index dea0d220..54aae299 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/StdConverters.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/StdConverters.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.oauth2.server.authorization.jackson2; import com.fasterxml.jackson.databind.JsonNode; @@ -25,14 +24,10 @@ import org.springframework.security.oauth2.core.ClientAuthenticationMethod; import org.springframework.security.oauth2.core.OAuth2AccessToken; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be consolidated when merging this codebase into Spring Security. - * * {@code StdConverter} implementations. * * @author Joe Grandja - * @since 5.3 + * @since 0.1.2 */ abstract class StdConverters { diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/UnmodifiableMapDeserializer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/UnmodifiableMapDeserializer.java index cbaa232f..a8e362e2 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/UnmodifiableMapDeserializer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/UnmodifiableMapDeserializer.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.oauth2.server.authorization.jackson2; import java.io.IOException; @@ -28,14 +27,10 @@ import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be consolidated when merging this codebase into Spring Security. - * * A {@code JsonDeserializer} for {@link Collections#unmodifiableMap(Map)}. * * @author Joe Grandja - * @since 5.3 + * @since 0.1.2 * @see Collections#unmodifiableMap(Map) * @see UnmodifiableMapMixin */ diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/UnmodifiableMapMixin.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/UnmodifiableMapMixin.java index 66506578..047735fe 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/UnmodifiableMapMixin.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/jackson2/UnmodifiableMapMixin.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.oauth2.server.authorization.jackson2; import java.util.Collections; @@ -24,16 +23,12 @@ import com.fasterxml.jackson.annotation.JsonTypeInfo; import com.fasterxml.jackson.databind.annotation.JsonDeserialize; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be consolidated when merging this codebase into Spring Security. - * * This mixin class is used to serialize/deserialize * {@link Collections#unmodifiableMap(Map)}. It also registers a custom deserializer * {@link UnmodifiableMapDeserializer}. * * @author Joe Grandja - * @since 5.3 + * @since 0.1.2 * @see Collections#unmodifiableMap(Map) * @see UnmodifiableMapDeserializer */ diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java index c98953e4..893497b0 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java @@ -177,7 +177,6 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe } if (!isValidTokenEndpointAuthenticationMethod(clientRegistrationAuthentication.getClientRegistration())) { - // TODO Add OAuth2ErrorCodes.INVALID_CLIENT_METADATA throwInvalidClientRegistration("invalid_client_metadata", OidcClientMetadataClaimNames.TOKEN_ENDPOINT_AUTH_METHOD); } diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/HttpMessageConverters.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/HttpMessageConverters.java index ed5784f0..2cf27c75 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/HttpMessageConverters.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/HttpMessageConverters.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,14 +23,10 @@ import org.springframework.http.converter.json.MappingJackson2HttpMessageConvert import org.springframework.util.ClassUtils; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be consolidated when merging this codebase into Spring Security. - * * Utility methods for {@link HttpMessageConverter}'s. * * @author Joe Grandja - * @since 5.1 + * @since 0.1.0 */ final class HttpMessageConverters { diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilter.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilter.java index 3c1232b0..91ec1317 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilter.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilter.java @@ -291,7 +291,6 @@ public final class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilte if (authorizationCodeRequestAuthentication == null || !StringUtils.hasText(authorizationCodeRequestAuthentication.getRedirectUri())) { - // TODO Send default html error response response.sendError(HttpStatus.BAD_REQUEST.value(), error.toString()); return; } diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/config/test/SpringTestContext.java b/oauth2-authorization-server/src/test/java/org/springframework/security/config/test/SpringTestContext.java index cbac116a..be3e3f00 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/config/test/SpringTestContext.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/config/test/SpringTestContext.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2017 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,9 +13,17 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.config.test; +import java.io.Closeable; +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + import org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor; import org.springframework.mock.web.MockServletConfig; import org.springframework.mock.web.MockServletContext; @@ -32,24 +40,11 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon import org.springframework.web.context.support.XmlWebApplicationContext; import org.springframework.web.filter.OncePerRequestFilter; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.Closeable; -import java.util.ArrayList; -import java.util.List; - import static org.springframework.security.config.BeanIds.SPRING_SECURITY_FILTER_CHAIN; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be removed when merging this codebase into Spring Security. - * * @author Rob Winch - * @since 5.0 */ public class SpringTestContext implements Closeable { private Object test; diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/config/test/SpringTestRule.java b/oauth2-authorization-server/src/test/java/org/springframework/security/config/test/SpringTestRule.java index 56ca7088..9c486ffc 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/config/test/SpringTestRule.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/config/test/SpringTestRule.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2017 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,21 +13,16 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.config.test; import org.junit.rules.MethodRule; import org.junit.runners.model.FrameworkMethod; import org.junit.runners.model.Statement; + import org.springframework.security.test.context.TestSecurityContextHolder; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be removed when merging this codebase into Spring Security. - * * @author Rob Winch - * @since 5.0 */ public class SpringTestRule extends SpringTestContext implements MethodRule { @Override diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/config/util/InMemoryXmlApplicationContext.java b/oauth2-authorization-server/src/test/java/org/springframework/security/config/util/InMemoryXmlApplicationContext.java index 11e5f064..4b163248 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/config/util/InMemoryXmlApplicationContext.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/config/util/InMemoryXmlApplicationContext.java @@ -1,5 +1,5 @@ /* - * Copyright 2009-2020 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,10 +22,6 @@ import org.springframework.core.io.Resource; import org.springframework.security.util.InMemoryResource; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be removed when merging this codebase into Spring Security. - * * @author Luke Taylor * @author EddĂș MelĂ©ndez */ diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/config/util/InMemoryXmlWebApplicationContext.java b/oauth2-authorization-server/src/test/java/org/springframework/security/config/util/InMemoryXmlWebApplicationContext.java index 3910fab4..759f1be6 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/config/util/InMemoryXmlWebApplicationContext.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/config/util/InMemoryXmlWebApplicationContext.java @@ -1,5 +1,5 @@ /* - * Copyright 2012-2016 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,10 +28,6 @@ import static org.springframework.security.config.util.InMemoryXmlApplicationCon import static org.springframework.security.config.util.InMemoryXmlApplicationContext.SPRING_SECURITY_VERSION; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be removed when merging this codebase into Spring Security. - * * @author Joe Grandja */ public class InMemoryXmlWebApplicationContext extends AbstractRefreshableWebApplicationContext { diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jose/TestKeys.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jose/TestKeys.java index 0baa8cb4..39e16e9f 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jose/TestKeys.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jose/TestKeys.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.springframework.security.oauth2.jose; import java.math.BigInteger; @@ -36,12 +35,7 @@ import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; /** - * TODO - * This class is a straight copy from Spring Security. - * It should be removed when merging this codebase into Spring Security. - * * @author Joe Grandja - * @since 5.2 */ public final class TestKeys {