Add Missing Deprecation Markers

8 months ago · 2ad859a63c
18 changed files with 64 additions and 0 deletions
--- a/config/src/main/java/org/springframework/security/config/annotation/rsocket/PayloadInterceptorOrder.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/rsocket/PayloadInterceptorOrder.java
@ -33,12 +33,16 @@ public enum PayloadInterceptorOrder implements Ordered {
				@@ -33,12 +33,16 @@ public enum PayloadInterceptorOrder implements Ordered {
 	/**
 	 * Where basic authentication is placed.
 	 * @see RSocketSecurity#basicAuthentication(Customizer)
+	 * @deprecated please see {@link PayloadInterceptorOrder#AUTHENTICATION}
 	 */
+	@Deprecated
 	BASIC_AUTHENTICATION,
 	/**
 	 * Where JWT based authentication is performed.
 	 * @see RSocketSecurity#jwt(Customizer)
+	 * @deprecated please see {@link PayloadInterceptorOrder#AUTHENTICATION}
 	 */
+	@Deprecated
 	JWT_AUTHENTICATION,
 	/**
 	 * A generic placeholder for other types of authentication.
--- a/config/src/main/java/org/springframework/security/config/method/MethodConfigUtils.java
+++ b/config/src/main/java/org/springframework/security/config/method/MethodConfigUtils.java
@ -24,6 +24,7 @@ import org.springframework.security.access.AccessDecisionVoter;
				@@ -24,6 +24,7 @@ import org.springframework.security.access.AccessDecisionVoter;
 import org.springframework.security.access.vote.AffirmativeBased;
 import org.springframework.security.access.vote.AuthenticatedVoter;
 import org.springframework.security.access.vote.RoleVoter;
+import org.springframework.security.authorization.AuthorizationManager;
 import org.springframework.security.config.BeanIds;

 /**
@ -32,7 +33,9 @@ import org.springframework.security.config.BeanIds;
				@@ -32,7 +33,9 @@ import org.springframework.security.config.BeanIds;
 * @author Luke Taylor
 * @author Ben Alex
 * @author Rob Winch
+ * @deprecated Please use {@link AuthorizationManager} instead
 */
+@Deprecated
 abstract class MethodConfigUtils {

 	@SuppressWarnings("unchecked")
--- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtils.java
+++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtils.java
@ -43,7 +43,9 @@ public final class RoleHierarchyUtils {
				@@ -43,7 +43,9 @@ public final class RoleHierarchyUtils {
 	 * @return a string representation of a role hierarchy
 	 * @throws IllegalArgumentException if roleHierarchyMap is null or empty or if a role
 	 * name is null or empty or if an implied role name(s) is null or empty
+	 * @deprecated please see {@link RoleHierarchyImpl#setHierarchy} deprecation notice
 	 */
+	@Deprecated
 	public static String roleHierarchyFromMap(Map<String, List<String>> roleHierarchyMap) {
 		Assert.notEmpty(roleHierarchyMap, "roleHierarchyMap cannot be empty");
 		StringWriter result = new StringWriter();
--- a/core/src/main/java/org/springframework/security/access/intercept/NullRunAsManager.java
+++ b/core/src/main/java/org/springframework/security/access/intercept/NullRunAsManager.java
@ -28,7 +28,9 @@ import org.springframework.security.core.Authentication;
				@@ -28,7 +28,9 @@ import org.springframework.security.core.Authentication;
 * functionality.
 *
 * @author Ben Alex
+ * @deprecated please see {@link RunAsManager} deprecation notice
 */
+@Deprecated
 final class NullRunAsManager implements RunAsManager {

 	@Override
--- a/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManager.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManager.java
@ -59,7 +59,10 @@ public final class PostAuthorizeReactiveAuthorizationManager
				@@ -59,7 +59,10 @@ public final class PostAuthorizeReactiveAuthorizationManager
 	 * not be resolved.
 	 * @param defaults - whether to resolve pre/post-authorization templates parameters
 	 * @since 6.3
+	 * @deprecated please use
+	 * {@link #setTemplateDefaults(AnnotationTemplateExpressionDefaults)}
 	 */
+	@Deprecated
 	public void setTemplateDefaults(PrePostTemplateDefaults defaults) {
 		this.registry.setTemplateDefaults(defaults);
 	}
--- a/core/src/main/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptor.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptor.java
@ -74,7 +74,10 @@ public final class PostFilterAuthorizationReactiveMethodInterceptor implements A
				@@ -74,7 +74,10 @@ public final class PostFilterAuthorizationReactiveMethodInterceptor implements A
 	 * not be resolved.
 	 * @param defaults - whether to resolve pre/post-authorization templates parameters
 	 * @since 6.3
+	 * @deprecated please use
+	 * {@link #setTemplateDefaults(AnnotationTemplateExpressionDefaults)}
 	 */
+	@Deprecated
 	public void setTemplateDefaults(PrePostTemplateDefaults defaults) {
 		this.registry.setTemplateDefaults(defaults);
 	}
--- a/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManager.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManager.java
@ -59,7 +59,10 @@ public final class PreAuthorizeReactiveAuthorizationManager
				@@ -59,7 +59,10 @@ public final class PreAuthorizeReactiveAuthorizationManager
 	 * not be resolved.
 	 * @param defaults - whether to resolve pre/post-authorization templates parameters
 	 * @since 6.3
+	 * @deprecated please use
+	 * {@link #setTemplateDefaults(AnnotationTemplateExpressionDefaults)}
 	 */
+	@Deprecated
 	public void setTemplateDefaults(PrePostTemplateDefaults defaults) {
 		this.registry.setTemplateDefaults(defaults);
 	}
--- a/core/src/main/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptor.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptor.java
@ -77,7 +77,10 @@ public final class PreFilterAuthorizationReactiveMethodInterceptor implements Au
				@@ -77,7 +77,10 @@ public final class PreFilterAuthorizationReactiveMethodInterceptor implements Au
 	 * not be resolved.
 	 * @param defaults - whether to resolve pre/post-authorization templates parameters
 	 * @since 6.3
+	 * @deprecated please use
+	 * {@link #setTemplateDefaults(AnnotationTemplateExpressionDefaults)}
 	 */
+	@Deprecated
 	public void setTemplateDefaults(PrePostTemplateDefaults defaults) {
 		this.registry.setTemplateDefaults(defaults);
 	}
--- a/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BasicAuthenticationPayloadExchangeConverter.java
+++ b/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BasicAuthenticationPayloadExchangeConverter.java
@ -36,7 +36,9 @@ import org.springframework.util.MimeTypeUtils;
				@@ -36,7 +36,9 @@ import org.springframework.util.MimeTypeUtils;
 *
 * @author Rob Winch
 * @since 5.2
+ * @deprecated please use {@link AuthenticationPayloadExchangeConverter} instead
 */
+@Deprecated
 public class BasicAuthenticationPayloadExchangeConverter implements PayloadExchangeAuthenticationConverter {

 	private MimeType metadataMimetype = MimeTypeUtils
--- a/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BearerPayloadExchangeConverter.java
+++ b/rsocket/src/main/java/org/springframework/security/rsocket/authentication/BearerPayloadExchangeConverter.java
@ -34,7 +34,9 @@ import org.springframework.security.rsocket.metadata.BearerTokenMetadata;
				@@ -34,7 +34,9 @@ import org.springframework.security.rsocket.metadata.BearerTokenMetadata;
 *
 * @author Rob Winch
 * @since 5.2
+ * @deprecated please use {@link AuthenticationPayloadExchangeConverter} instead
 */
+@Deprecated
 public class BearerPayloadExchangeConverter implements PayloadExchangeAuthenticationConverter {

 	private static final String BEARER_MIME_TYPE_VALUE = BearerTokenMetadata.BEARER_AUTHENTICATION_MIME_TYPE.toString();
--- a/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java
@ -34,7 +34,11 @@ import org.springframework.util.Assert;
				@@ -34,7 +34,11 @@ import org.springframework.util.Assert;

 /**
 * @author Luke Taylor
+ * @deprecated please use
+ * {@link org.springframework.security.web.transport.HttpsRedirectFilter} and its
+ * associated {@link PortMapper}
 */
+@Deprecated
 public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {

 	protected final Log logger = LogFactory.getLog(getClass());
--- a/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java
@ -22,6 +22,8 @@ import jakarta.servlet.ServletException;
				@@ -22,6 +22,8 @@ import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;

+import org.springframework.security.web.PortMapper;
+
 /**
 * May be used by a {@link ChannelProcessor} to launch a web channel.
 *
@ -31,7 +33,11 @@ import jakarta.servlet.http.HttpServletResponse;
				@@ -31,7 +33,11 @@ import jakarta.servlet.http.HttpServletResponse;
 * interface to assist <code>ChannelProcessor</code>s in performing this delegation.
 *
 * @author Ben Alex
+ * @deprecated please use
+ * {@link org.springframework.security.web.transport.HttpsRedirectFilter} and its
+ * associated {@link PortMapper}
 */
+@Deprecated
 public interface ChannelEntryPoint {

 	/**
--- a/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java
@ -16,6 +16,8 @@
				@@ -16,6 +16,8 @@

 package org.springframework.security.web.access.channel;

+import org.springframework.security.web.PortMapper;
+
 /**
 * Commences an insecure channel by retrying the original request using HTTP.
 * <p>
@ -24,7 +26,11 @@ package org.springframework.security.web.access.channel;
				@@ -24,7 +26,11 @@ package org.springframework.security.web.access.channel;
 * issue.
 *
 * @author Ben Alex
+ * @deprecated please use
+ * {@link org.springframework.security.web.transport.HttpsRedirectFilter} and its
+ * associated {@link PortMapper}
 */
+@Deprecated(since = "6.5")
 public class RetryWithHttpEntryPoint extends AbstractRetryEntryPoint {

 	public RetryWithHttpEntryPoint() {
--- a/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java
@ -16,6 +16,8 @@
				@@ -16,6 +16,8 @@

 package org.springframework.security.web.access.channel;

+import org.springframework.security.web.PortMapper;
+
 /**
 * Commences a secure channel by retrying the original request using HTTPS.
 * <p>
@ -25,7 +27,11 @@ package org.springframework.security.web.access.channel;
				@@ -25,7 +27,11 @@ package org.springframework.security.web.access.channel;
 * </p>
 *
 * @author Ben Alex
+ * @deprecated please use
+ * {@link org.springframework.security.web.transport.HttpsRedirectFilter} and its
+ * associated {@link PortMapper}
 */
+@Deprecated(since = "6.5")
 public class RetryWithHttpsEntryPoint extends AbstractRetryEntryPoint {

 	public RetryWithHttpsEntryPoint() {
--- a/web/src/main/java/org/springframework/security/web/context/DelegatingSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/DelegatingSecurityContextRepository.java
@ -44,7 +44,12 @@ public final class DelegatingSecurityContextRepository implements SecurityContex
				@@ -44,7 +44,12 @@ public final class DelegatingSecurityContextRepository implements SecurityContex
 		this.delegates = delegates;
 	}

+	/**
+	 * @deprecated
+	 * @see SecurityContextRepository#loadContext
+	 */
 	@Override
+	@Deprecated
 	public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
 		SecurityContext result = null;
 		for (SecurityContextRepository delegate : this.delegates) {
--- a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
@ -115,7 +115,9 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo
				@@ -115,7 +115,9 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo
 	 * If the session is null, the context object is null or the context object stored in
 	 * the session is not an instance of {@code SecurityContext}, a new context object
 	 * will be generated and returned.
+	 * @deprecated please see {@link SecurityContextRepository#loadContext}
 	 */
+	@Deprecated
 	@Override
 	public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
 		HttpServletRequest request = requestResponseHolder.getRequest();
--- a/web/src/main/java/org/springframework/security/web/context/NullSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/NullSecurityContextRepository.java
@ -38,7 +38,11 @@ public final class NullSecurityContextRepository implements SecurityContextRepos
				@@ -38,7 +38,11 @@ public final class NullSecurityContextRepository implements SecurityContextRepos
 		return false;
 	}

+	/**
+	 * @deprecated please see {@link SecurityContextRepository#loadContext}
+	 */
 	@Override
+	@Deprecated
 	public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
 		return this.securityContextHolderStrategy.createEmptyContext();
 	}
--- a/web/src/main/java/org/springframework/security/web/context/RequestAttributeSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/RequestAttributeSecurityContextRepository.java
@ -75,7 +75,11 @@ public final class RequestAttributeSecurityContextRepository implements Security
				@@ -75,7 +75,11 @@ public final class RequestAttributeSecurityContextRepository implements Security
 		return getContext(request) != null;
 	}

+	/**
+	 * @deprecated please see {@link SecurityContextRepository#loadContext}
+	 */
 	@Override
+	@Deprecated
 	public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
 		return loadDeferredContext(requestResponseHolder.getRequest()).get();
 	}