-
Notifications
You must be signed in to change notification settings - Fork 6.3k
Remove compiler warnings for spring-security-oauth2-authorization-server #18562
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,7 @@ | ||
| plugins { | ||
| id 'compile-warnings-error' | ||
| } | ||
|
|
||
| apply plugin: 'io.spring.convention.spring-module' | ||
|
|
||
| dependencies { | ||
|
|
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -34,7 +34,6 @@ | |
| import org.springframework.security.core.authority.SimpleGrantedAuthority; | ||
| import org.springframework.security.core.userdetails.User; | ||
| import org.springframework.security.jackson.CoreJacksonModule; | ||
| import org.springframework.security.jackson2.CoreJackson2Module; | ||
| import org.springframework.security.oauth2.core.AbstractOAuth2Token; | ||
| import org.springframework.security.oauth2.core.AuthorizationGrantType; | ||
| import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest; | ||
|
|
@@ -50,11 +49,9 @@ | |
| import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenExchangeCompositeAuthenticationToken; | ||
| import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository; | ||
| import org.springframework.security.oauth2.server.authorization.jackson.OAuth2AuthorizationServerJacksonModule; | ||
| import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module; | ||
| import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat; | ||
| import org.springframework.security.web.authentication.WebAuthenticationDetails; | ||
| import org.springframework.security.web.jackson.WebServletJacksonModule; | ||
| import org.springframework.security.web.jackson2.WebServletJackson2Module; | ||
| import org.springframework.security.web.savedrequest.DefaultSavedRequest; | ||
| import org.springframework.util.ClassUtils; | ||
|
|
||
|
|
@@ -116,12 +113,14 @@ public void applyTo(GenerationContext generationContext, BeanRegistrationCode be | |
| private void registerHints(RuntimeHints hints) { | ||
| // Collections -> UnmodifiableSet, UnmodifiableList, UnmodifiableMap, | ||
| // UnmodifiableRandomAccessList, etc. | ||
| hints.reflection().registerType(Collections.class, MemberCategory.DECLARED_CLASSES); | ||
| hints.reflection() | ||
| .registerType(Collections.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| MemberCategory.INVOKE_DECLARED_METHODS); | ||
|
|
||
| // HashSet | ||
| hints.reflection() | ||
| .registerType(HashSet.class, MemberCategory.DECLARED_FIELDS, | ||
| MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS); | ||
| .registerType(HashSet.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
|
Member
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can you help me understand why
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Thank you for pointing this out. You’re right — MemberCategory.DECLARED_FIELDS should be migrated to MemberCategory.ACCESS_DECLARED_FIELDS as documented in the Javadoc. In my earlier change, I removed DECLARED_FIELDS without explicitly replacing it with ACCESS_DECLARED_FIELDS, which made the migration look incomplete and not 1:1. I’ve updated the code so that:
This preserves the original intent of field access while aligning with the documented replacement in Spring Framework 7. |
||
| MemberCategory.INVOKE_DECLARED_METHODS); | ||
|
|
||
| hints.reflection() | ||
| .registerTypes(Arrays.asList(TypeReference.of(AbstractAuthenticationToken.class), | ||
|
|
@@ -138,18 +137,17 @@ private void registerHints(RuntimeHints hints) { | |
| TypeReference.of(AuthorizationGrantType.class), | ||
| TypeReference.of(OAuth2AuthorizationResponseType.class), | ||
| TypeReference.of(OAuth2TokenFormat.class)), | ||
| (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, | ||
| MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS)); | ||
| (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| MemberCategory.INVOKE_DECLARED_METHODS)); | ||
|
|
||
| // Jackson Modules | ||
| if (jackson2Present) { | ||
| hints.reflection() | ||
| .registerTypes( | ||
|
Member
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This needs to continue to register the jackson 2 modules for passivity. You can extract it into a separate method and add a suppression to it.
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Agreed. Jackson 2 module registration is still required for passivity when Jackson 2 I will keep the Jackson 2 registrations, extract them into a dedicated helper method, Jackson 3 module registration will remain unchanged. |
||
| Arrays.asList(TypeReference.of(CoreJackson2Module.class), | ||
| TypeReference.of(WebServletJackson2Module.class), | ||
| TypeReference.of(OAuth2AuthorizationServerJackson2Module.class)), | ||
| (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, | ||
| MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| Arrays.asList(TypeReference.of(CoreJacksonModule.class), | ||
| TypeReference.of(WebServletJacksonModule.class), | ||
| TypeReference.of(OAuth2AuthorizationServerJacksonModule.class)), | ||
| (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| MemberCategory.INVOKE_DECLARED_METHODS)); | ||
| } | ||
| if (jackson3Present) { | ||
|
|
@@ -158,8 +156,7 @@ private void registerHints(RuntimeHints hints) { | |
| Arrays.asList(TypeReference.of(CoreJacksonModule.class), | ||
| TypeReference.of(WebServletJacksonModule.class), | ||
| TypeReference.of(OAuth2AuthorizationServerJacksonModule.class)), | ||
| (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, | ||
| MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| MemberCategory.INVOKE_DECLARED_METHODS)); | ||
| } | ||
|
|
||
|
|
@@ -222,26 +219,23 @@ private void registerHints(RuntimeHints hints) { | |
| hints.reflection() | ||
| .registerType(TypeReference | ||
| .of("org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken"), | ||
| (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, | ||
| MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| MemberCategory.INVOKE_DECLARED_METHODS)); | ||
|
|
||
| // Jackson Module | ||
| if (jackson2Present) { | ||
| hints.reflection() | ||
| .registerType(TypeReference | ||
| .of("org.springframework.security.oauth2.client.jackson2.OAuth2ClientJackson2Module"), | ||
| (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, | ||
| MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| MemberCategory.INVOKE_DECLARED_METHODS)); | ||
| } | ||
| if (jackson3Present) { | ||
| hints.reflection() | ||
| .registerType( | ||
| TypeReference | ||
| .of("org.springframework.security.oauth2.client.jackson.OAuth2ClientJacksonModule"), | ||
| (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, | ||
| MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| (builder) -> builder.withMembers(MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| MemberCategory.INVOKE_DECLARED_METHODS)); | ||
| } | ||
|
|
||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This and the similar changes don't seem to be a one to one change from deprecation to replacement. For example, I'd expect this change to be as shown in this suggestion since the deprecation for DECLARED_CLASSES states it is deprecated with no replacement since registerType registers the class.
Can you help me understand why these changes do not appear to be a one to one replacement for the deprecations?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the clarification.
You're right — my change removed MemberCategory.DECLARED_CLASSES but didn’t make it explicit that the type itself is still being registered.
Since DECLARED_CLASSES is deprecated with no replacement (because registerType already registers the class), I’ll add an explicit
hints.reflection().registerType(T.class)alongside the existingINVOKE_*categories. This preserves the original “type registration”intent while keeping the reflective invocation hints where needed.