From e0ef1d655c60f8a77e2427cd99bf1f3c2be39e4d Mon Sep 17 00:00:00 2001 From: gimgisu Date: Fri, 23 Jan 2026 12:25:27 +0900 Subject: [PATCH 1/4] @gisu1102 Remove compiler warnings in spring-security-oauth2-authorization-server - Remove ACCESS_DECLARED_FIELDS from AOT/runtime hints - Add @SuppressWarnings("removal") for Jackson2 deprecated adapters Closes spring-projectsgh-18432 Signed-off-by: gimgisu --- ...ecurity-oauth2-authorization-server.gradle | 4 +++ .../JdbcOAuth2AuthorizationService.java | 3 ++ ...ionServerBeanRegistrationAotProcessor.java | 36 ++++++++----------- ...OAuth2AuthorizationServerRuntimeHints.java | 3 +- .../JdbcRegisteredClientRepository.java | 3 ++ .../JdbcOAuth2AuthorizationServiceTests.java | 2 ++ 6 files changed, 29 insertions(+), 22 deletions(-) diff --git a/oauth2/oauth2-authorization-server/spring-security-oauth2-authorization-server.gradle b/oauth2/oauth2-authorization-server/spring-security-oauth2-authorization-server.gradle index 0d19d51df5d..6d0dfca6e4d 100644 --- a/oauth2/oauth2-authorization-server/spring-security-oauth2-authorization-server.gradle +++ b/oauth2/oauth2-authorization-server/spring-security-oauth2-authorization-server.gradle @@ -1,3 +1,7 @@ +plugins { + id 'compile-warnings-error' +} + apply plugin: 'io.spring.convention.spring-module' dependencies { diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java index 1488eed18ea..852f958f55d 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.java @@ -505,6 +505,7 @@ Map readValue(String data) { * 3. */ @Deprecated(forRemoval = true, since = "7.0") + @SuppressWarnings("removal") public static class OAuth2AuthorizationRowMapper extends AbstractOAuth2AuthorizationRowMapper { private ObjectMapper objectMapper = Jackson2.createObjectMapper(); @@ -747,6 +748,7 @@ String writeValueAsString(Map data) throws Exception { * Jackson 3. */ @Deprecated(forRemoval = true, since = "7.0") + @SuppressWarnings("removal") public static class OAuth2AuthorizationParametersMapper extends AbstractOAuth2AuthorizationParametersMapper { private ObjectMapper objectMapper = Jackson2.createObjectMapper(); @@ -895,6 +897,7 @@ private String writeMap(Map data) { @Deprecated(forRemoval = true, since = "7.0") private static final class Jackson2 { + @SuppressWarnings("removal") private static ObjectMapper createObjectMapper() { ObjectMapper objectMapper = new ObjectMapper(); ClassLoader classLoader = Jackson2.class.getClassLoader(); diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java index 071f8a20a81..0760b93e1e0 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java @@ -34,7 +34,6 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.jackson.CoreJacksonModule; -import org.springframework.security.jackson2.CoreJackson2Module; import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest; @@ -50,11 +49,9 @@ import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeCompositeAuthenticationToken; import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.jackson.OAuth2AuthorizationServerJacksonModule; -import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module; import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat; import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.security.web.jackson.WebServletJacksonModule; -import org.springframework.security.web.jackson2.WebServletJackson2Module; import org.springframework.security.web.savedrequest.DefaultSavedRequest; import org.springframework.util.ClassUtils; @@ -116,12 +113,14 @@ public void applyTo(GenerationContext generationContext, BeanRegistrationCode be private void registerHints(RuntimeHints hints) { // Collections -> UnmodifiableSet, UnmodifiableList, UnmodifiableMap, // UnmodifiableRandomAccessList, etc. - hints.reflection().registerType(Collections.class, MemberCategory.DECLARED_CLASSES); + hints.reflection() + .registerType(Collections.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + MemberCategory.INVOKE_DECLARED_METHODS); // HashSet hints.reflection() - .registerType(HashSet.class, MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS); + .registerType(HashSet.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + MemberCategory.INVOKE_DECLARED_METHODS); hints.reflection() .registerTypes(Arrays.asList(TypeReference.of(AbstractAuthenticationToken.class), @@ -138,18 +137,17 @@ private void registerHints(RuntimeHints hints) { TypeReference.of(AuthorizationGrantType.class), TypeReference.of(OAuth2AuthorizationResponseType.class), TypeReference.of(OAuth2TokenFormat.class)), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + MemberCategory.INVOKE_DECLARED_METHODS)); // Jackson Modules if (jackson2Present) { hints.reflection() .registerTypes( - Arrays.asList(TypeReference.of(CoreJackson2Module.class), - TypeReference.of(WebServletJackson2Module.class), - TypeReference.of(OAuth2AuthorizationServerJackson2Module.class)), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + Arrays.asList(TypeReference.of(CoreJacksonModule.class), + TypeReference.of(WebServletJacksonModule.class), + TypeReference.of(OAuth2AuthorizationServerJacksonModule.class)), + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } if (jackson3Present) { @@ -158,8 +156,7 @@ private void registerHints(RuntimeHints hints) { Arrays.asList(TypeReference.of(CoreJacksonModule.class), TypeReference.of(WebServletJacksonModule.class), TypeReference.of(OAuth2AuthorizationServerJacksonModule.class)), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } @@ -222,8 +219,7 @@ private void registerHints(RuntimeHints hints) { hints.reflection() .registerType(TypeReference .of("org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken"), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); // Jackson Module @@ -231,8 +227,7 @@ private void registerHints(RuntimeHints hints) { hints.reflection() .registerType(TypeReference .of("org.springframework.security.oauth2.client.jackson2.OAuth2ClientJackson2Module"), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } if (jackson3Present) { @@ -240,8 +235,7 @@ private void registerHints(RuntimeHints hints) { .registerType( TypeReference .of("org.springframework.security.oauth2.client.jackson.OAuth2ClientJacksonModule"), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java index 12854d6c906..f0d7c4148d4 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java @@ -46,7 +46,8 @@ public void registerHints(RuntimeHints hints, ClassLoader classLoader) { .of("org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter$OAuth2AuthorizationCodeRequestValidatingFilter"), MemberCategory.INVOKE_DECLARED_CONSTRUCTORS); hints.reflection() - .registerType(OAuth2AuthorizationCodeRequestAuthenticationToken.class, MemberCategory.DECLARED_FIELDS); + .registerType(OAuth2AuthorizationCodeRequestAuthenticationToken.class, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS); } diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java index 29786a17128..4a10b5a8962 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/JdbcRegisteredClientRepository.java @@ -283,6 +283,7 @@ Map readValue(String data) { * @deprecated Use {@link JsonMapperRegisteredClientRowMapper} to switch to Jackson 3. */ @Deprecated(forRemoval = true, since = "7.0") + @SuppressWarnings("removal") public static class RegisteredClientRowMapper extends AbstractRegisteredClientRowMapper { private ObjectMapper objectMapper = Jackson2.createObjectMapper(); @@ -435,6 +436,7 @@ String writeValueAsString(Map data) throws Exception { * Jackson 3. */ @Deprecated(forRemoval = true, since = "7.0") + @SuppressWarnings("removal") public static class RegisteredClientParametersMapper extends AbstractRegisteredClientParametersMapper { private ObjectMapper objectMapper = Jackson2.createObjectMapper(); @@ -527,6 +529,7 @@ private String writeMap(Map data) { @Deprecated(forRemoval = true, since = "7.0") private static final class Jackson2 { + @SuppressWarnings("removal") private static ObjectMapper createObjectMapper() { ObjectMapper objectMapper = new ObjectMapper(); ClassLoader classLoader = Jackson2.class.getClassLoader(); diff --git a/oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java b/oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java index 04f7a9a3103..62b55c23f7e 100644 --- a/oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java +++ b/oauth2/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationServiceTests.java @@ -657,6 +657,7 @@ private OAuth2Authorization findBy(String filter, Object... args) { return !result.isEmpty() ? result.get(0) : null; } + @SuppressWarnings("removal") private static final class CustomOAuth2AuthorizationRowMapper extends JdbcOAuth2AuthorizationService.OAuth2AuthorizationRowMapper { @@ -794,6 +795,7 @@ private Map parseMap(String data) { } + @SuppressWarnings("removal") private static final class CustomOAuth2AuthorizationParametersMapper extends JdbcOAuth2AuthorizationService.OAuth2AuthorizationParametersMapper { From 75cb28b9b1c5f44b5424671286005f6d5e8a5d87 Mon Sep 17 00:00:00 2001 From: gimgisu Date: Sat, 24 Jan 2026 13:02:45 +0900 Subject: [PATCH 2/4] @gisu1102 Restore Jackson 2 module runtime hints for passivity - Keep Jackson 2 module registrations when jackson2 is present - Extract Jackson 2 hint registration into a dedicated method - Suppress removal warnings only for the Jackson 2 registration Closes spring-projectsgh-18432 Signed-off-by: gimgisu --- ...ionServerBeanRegistrationAotProcessor.java | 22 +++++++++++++------ 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java index 0760b93e1e0..e5f9c0480dc 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java @@ -34,6 +34,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.jackson.CoreJacksonModule; +import org.springframework.security.jackson2.CoreJackson2Module; import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest; @@ -49,9 +50,11 @@ import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeCompositeAuthenticationToken; import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.jackson.OAuth2AuthorizationServerJacksonModule; +import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module; import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat; import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.security.web.jackson.WebServletJacksonModule; +import org.springframework.security.web.jackson2.WebServletJackson2Module; import org.springframework.security.web.savedrequest.DefaultSavedRequest; import org.springframework.util.ClassUtils; @@ -142,13 +145,7 @@ private void registerHints(RuntimeHints hints) { // Jackson Modules if (jackson2Present) { - hints.reflection() - .registerTypes( - Arrays.asList(TypeReference.of(CoreJacksonModule.class), - TypeReference.of(WebServletJacksonModule.class), - TypeReference.of(OAuth2AuthorizationServerJacksonModule.class)), - (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, - MemberCategory.INVOKE_DECLARED_METHODS)); + registerJackson2Modules(hints); } if (jackson3Present) { hints.reflection() @@ -275,6 +272,17 @@ private void registerHints(RuntimeHints hints) { } } + @SuppressWarnings("removal") + private void registerJackson2Modules(RuntimeHints hints) { + hints.reflection() + .registerTypes( + Arrays.asList(TypeReference.of(CoreJackson2Module.class), + TypeReference.of(WebServletJackson2Module.class), + TypeReference.of(OAuth2AuthorizationServerJackson2Module.class)), + (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + MemberCategory.INVOKE_DECLARED_METHODS)); + } + private static Class loadClass(String className) { try { return Class.forName(className); From 754b3d839496fd8a808ca0b78c6a026ff58713cf Mon Sep 17 00:00:00 2001 From: gimgisu Date: Sat, 24 Jan 2026 14:01:41 +0900 Subject: [PATCH 3/4] @gisu1102 Align AOT hints with MemberCategory deprecation replacements - Replace DECLARED_FIELDS with ACCESS_DECLARED_FIELDS in runtime hints - Preserve 1:1 intent for Collections via registerType only - Keep INVOKE_* only where it existed before Closes spring-projectsgh-18432 Signed-off-by: gimgisu --- ...ionServerBeanRegistrationAotProcessor.java | 26 +++++++++++-------- ...OAuth2AuthorizationServerRuntimeHints.java | 2 +- 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java index e5f9c0480dc..75cb812bbc6 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java @@ -116,14 +116,12 @@ public void applyTo(GenerationContext generationContext, BeanRegistrationCode be private void registerHints(RuntimeHints hints) { // Collections -> UnmodifiableSet, UnmodifiableList, UnmodifiableMap, // UnmodifiableRandomAccessList, etc. - hints.reflection() - .registerType(Collections.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, - MemberCategory.INVOKE_DECLARED_METHODS); + hints.reflection().registerType(Collections.class); // HashSet hints.reflection() - .registerType(HashSet.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, - MemberCategory.INVOKE_DECLARED_METHODS); + .registerType(HashSet.class, MemberCategory.ACCESS_DECLARED_FIELDS, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS); hints.reflection() .registerTypes(Arrays.asList(TypeReference.of(AbstractAuthenticationToken.class), @@ -140,7 +138,8 @@ private void registerHints(RuntimeHints hints) { TypeReference.of(AuthorizationGrantType.class), TypeReference.of(OAuth2AuthorizationResponseType.class), TypeReference.of(OAuth2TokenFormat.class)), - (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); // Jackson Modules @@ -153,7 +152,8 @@ private void registerHints(RuntimeHints hints) { Arrays.asList(TypeReference.of(CoreJacksonModule.class), TypeReference.of(WebServletJacksonModule.class), TypeReference.of(OAuth2AuthorizationServerJacksonModule.class)), - (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } @@ -216,7 +216,8 @@ private void registerHints(RuntimeHints hints) { hints.reflection() .registerType(TypeReference .of("org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken"), - (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); // Jackson Module @@ -224,7 +225,8 @@ private void registerHints(RuntimeHints hints) { hints.reflection() .registerType(TypeReference .of("org.springframework.security.oauth2.client.jackson2.OAuth2ClientJackson2Module"), - (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } if (jackson3Present) { @@ -232,7 +234,8 @@ private void registerHints(RuntimeHints hints) { .registerType( TypeReference .of("org.springframework.security.oauth2.client.jackson.OAuth2ClientJacksonModule"), - (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } @@ -279,7 +282,8 @@ private void registerJackson2Modules(RuntimeHints hints) { Arrays.asList(TypeReference.of(CoreJackson2Module.class), TypeReference.of(WebServletJackson2Module.class), TypeReference.of(OAuth2AuthorizationServerJackson2Module.class)), - (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, + (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java index f0d7c4148d4..a9227faafc6 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerRuntimeHints.java @@ -47,7 +47,7 @@ public void registerHints(RuntimeHints hints, ClassLoader classLoader) { MemberCategory.INVOKE_DECLARED_CONSTRUCTORS); hints.reflection() .registerType(OAuth2AuthorizationCodeRequestAuthenticationToken.class, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS); + MemberCategory.ACCESS_DECLARED_FIELDS); } From 41c9f9f4bdf6d97b020c3b0dc7700c4abb69ba48 Mon Sep 17 00:00:00 2001 From: gimgisu Date: Tue, 27 Jan 2026 10:20:21 +0900 Subject: [PATCH 4/4] @gisu1102 Apply code formatting to OAuth2AuthorizationServerBeanRegistrationAotProcessor Closes spring-projectsgh-18432 Signed-off-by: gimgisu --- ...uth2AuthorizationServerBeanRegistrationAotProcessor.java | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java index 75cb812bbc6..34199fdaf40 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/aot/hint/OAuth2AuthorizationServerBeanRegistrationAotProcessor.java @@ -139,8 +139,7 @@ private void registerHints(RuntimeHints hints) { TypeReference.of(OAuth2AuthorizationResponseType.class), TypeReference.of(OAuth2TokenFormat.class)), (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, - MemberCategory.INVOKE_DECLARED_METHODS)); + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); // Jackson Modules if (jackson2Present) { @@ -283,8 +282,7 @@ private void registerJackson2Modules(RuntimeHints hints) { TypeReference.of(WebServletJackson2Module.class), TypeReference.of(OAuth2AuthorizationServerJackson2Module.class)), (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, - MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, - MemberCategory.INVOKE_DECLARED_METHODS)); + MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); } private static Class loadClass(String className) {