Merge pull request #46316 from michalvavrik/feature/drop-security-extension-deprecations

sberyozkin · web-flow · commit e701f486e644 · 2025-02-20T22:20:07.000Z
Drop couple of deprecated build items and a field in Security and Vert.x HTTP Security area, mark `redirect-after-login` for removal
diff --git a/extensions/amazon-lambda-http/runtime/src/main/java/io/quarkus/amazon/lambda/http/LambdaHttpAuthenticationMechanism.java b/extensions/amazon-lambda-http/runtime/src/main/java/io/quarkus/amazon/lambda/http/LambdaHttpAuthenticationMechanism.java
@@ -95,7 +95,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {
     }
 
     @Override
-    public HttpCredentialTransport getCredentialTransport() {
-        return null;
+    public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {
+        return Uni.createFrom().nullItem();
     }
 }
diff --git a/extensions/amazon-lambda-rest/runtime/src/main/java/io/quarkus/amazon/lambda/http/LambdaHttpAuthenticationMechanism.java b/extensions/amazon-lambda-rest/runtime/src/main/java/io/quarkus/amazon/lambda/http/LambdaHttpAuthenticationMechanism.java
@@ -95,7 +95,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {
     }
 
     @Override
-    public HttpCredentialTransport getCredentialTransport() {
-        return null;
+    public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {
+        return Uni.createFrom().nullItem();
     }
 }
diff --git a/extensions/elytron-security-oauth2/runtime/src/main/java/io/quarkus/elytron/security/oauth2/runtime/auth/OAuth2AuthMechanism.java b/extensions/elytron-security-oauth2/runtime/src/main/java/io/quarkus/elytron/security/oauth2/runtime/auth/OAuth2AuthMechanism.java
@@ -72,7 +72,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {
     }
 
     @Override
-    public HttpCredentialTransport getCredentialTransport() {
-        return new HttpCredentialTransport(HttpCredentialTransport.Type.AUTHORIZATION, "bearer");
+    public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {
+        return Uni.createFrom().item(new HttpCredentialTransport(HttpCredentialTransport.Type.AUTHORIZATION, "bearer"));
     }
 }
diff --git a/extensions/elytron-security-properties-file/deployment/src/test/java/io/quarkus/security/test/CustomAuth.java b/extensions/elytron-security-properties-file/deployment/src/test/java/io/quarkus/security/test/CustomAuth.java
@@ -88,7 +88,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {
     }
 
     @Override
-    public HttpCredentialTransport getCredentialTransport() {
-        return new HttpCredentialTransport(HttpCredentialTransport.Type.AUTHORIZATION, "basic");
+    public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {
+        return Uni.createFrom().item(new HttpCredentialTransport(HttpCredentialTransport.Type.AUTHORIZATION, "basic"));
     }
 }
diff --git a/extensions/security/deployment/src/main/java/io/quarkus/security/deployment/SecurityProcessor.java b/extensions/security/deployment/src/main/java/io/quarkus/security/deployment/SecurityProcessor.java
@@ -123,7 +123,6 @@
 import io.quarkus.security.runtime.interceptor.SecurityCheckStorageBuilder;
 import io.quarkus.security.runtime.interceptor.SecurityConstrainer;
 import io.quarkus.security.runtime.interceptor.SecurityHandler;
-import io.quarkus.security.spi.AdditionalSecuredClassesBuildItem;
 import io.quarkus.security.spi.AdditionalSecuredMethodsBuildItem;
 import io.quarkus.security.spi.AdditionalSecurityAnnotationBuildItem;
 import io.quarkus.security.spi.AdditionalSecurityConstrainerEventPropsBuildItem;
@@ -522,26 +521,6 @@ void registerSecurityInterceptors(BuildProducer<InterceptorBindingRegistrarBuild
                 .done());
     }
 
-    /**
-     * Transform deprecated {@link AdditionalSecuredClassesBuildItem} to {@link AdditionalSecuredMethodsBuildItem}.
-     */
-    @BuildStep
-    void transformAdditionalSecuredClassesToMethods(List<AdditionalSecuredClassesBuildItem> additionalSecuredClassesBuildItems,
-            BuildProducer<AdditionalSecuredMethodsBuildItem> additionalSecuredMethodsBuildItemBuildProducer) {
-        for (AdditionalSecuredClassesBuildItem additionalSecuredClassesBuildItem : additionalSecuredClassesBuildItems) {
-            final Collection<MethodInfo> securedMethods = new ArrayList<>();
-            for (ClassInfo additionalSecuredClass : additionalSecuredClassesBuildItem.additionalSecuredClasses) {
-                for (MethodInfo method : additionalSecuredClass.methods()) {
-                    if (isPublicNonStaticNonConstructor(method)) {
-                        securedMethods.add(method);
-                    }
-                }
-            }
-            additionalSecuredMethodsBuildItemBuildProducer.produce(
-                    new AdditionalSecuredMethodsBuildItem(securedMethods, additionalSecuredClassesBuildItem.rolesAllowed));
-        }
-    }
-
     /*
      * The annotation store is not meant to be generally supported for security annotation.
      * It is only used here in order to be able to register the DenyAllInterceptor for
diff --git a/extensions/security/spi/src/main/java/io/quarkus/security/spi/AdditionalSecuredClassesBuildItem.java b/extensions/security/spi/src/main/java/io/quarkus/security/spi/AdditionalSecuredClassesBuildItem.java
diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityPolicyBuildItem.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityPolicyBuildItem.java
diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java
@@ -73,7 +73,6 @@
 import io.quarkus.vertx.http.runtime.security.FormAuthenticationMechanism;
 import io.quarkus.vertx.http.runtime.security.HttpAuthenticator;
 import io.quarkus.vertx.http.runtime.security.HttpAuthorizer;
-import io.quarkus.vertx.http.runtime.security.HttpSecurityPolicy;
 import io.quarkus.vertx.http.runtime.security.HttpSecurityRecorder;
 import io.quarkus.vertx.http.runtime.security.HttpSecurityRecorder.AuthenticationHandler;
 import io.quarkus.vertx.http.runtime.security.MtlsAuthenticationMechanism;
@@ -90,28 +89,9 @@
 public class HttpSecurityProcessor {
 
     private static final DotName AUTH_MECHANISM_NAME = DotName.createSimple(HttpAuthenticationMechanism.class);
-    private static final DotName BASIC_AUTH_MECH_NAME = DotName.createSimple(BasicAuthenticationMechanism.class);
     private static final DotName BASIC_AUTH_ANNOTATION_NAME = DotName.createSimple(BasicAuthentication.class);
     private static final String KOTLIN_SUSPEND_IMPL_SUFFIX = "$suspendImpl";
 
-    @Record(ExecutionTime.STATIC_INIT)
-    @BuildStep
-    void produceNamedHttpSecurityPolicies(List<HttpSecurityPolicyBuildItem> httpSecurityPolicyBuildItems,
-            BuildProducer<SyntheticBeanBuildItem> syntheticBeanProducer,
-            HttpSecurityRecorder recorder) {
-        if (!httpSecurityPolicyBuildItems.isEmpty()) {
-            httpSecurityPolicyBuildItems.forEach(item -> syntheticBeanProducer
-                    .produce(SyntheticBeanBuildItem
-                            .configure(HttpSecurityPolicy.class)
-                            .named(HttpSecurityPolicy.class.getName() + "." + item.getName())
-                            .runtimeValue(recorder.createNamedHttpSecurityPolicy(item.getPolicySupplier(), item.getName()))
-                            .addType(HttpSecurityPolicy.class)
-                            .scope(Singleton.class)
-                            .unremovable()
-                            .done()));
-        }
-    }
-
     @BuildStep
     @Record(ExecutionTime.STATIC_INIT)
     AdditionalBeanBuildItem initFormAuth(
diff --git a/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/security/HeaderAuthenticator.java b/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/security/HeaderAuthenticator.java
@@ -38,7 +38,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {
     }
 
     @Override
-    public HttpCredentialTransport getCredentialTransport() {
-        return null;
+    public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {
+        return Uni.createFrom().nullItem();
     }
 }
diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthRuntimeConfig.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/FormAuthRuntimeConfig.java
@@ -58,7 +58,7 @@ enum CookieSameSite {
      *             if there is no landing page.
      */
     @WithDefault("true")
-    @Deprecated
+    @Deprecated(forRemoval = true, since = "2.16")
     boolean redirectAfterLogin();
 
     /**
diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java
@@ -129,24 +129,6 @@ public EagerSecurityInterceptorStorage get() {
         };
     }
 
-    public RuntimeValue<HttpSecurityPolicy> createNamedHttpSecurityPolicy(Supplier<HttpSecurityPolicy> policySupplier,
-            String name) {
-        return new RuntimeValue<>(new HttpSecurityPolicy() {
-            private final HttpSecurityPolicy delegate = policySupplier.get();
-
-            @Override
-            public Uni<CheckResult> checkPermission(RoutingContext request, Uni<SecurityIdentity> identity,
-                    AuthorizationRequestContext requestContext) {
-                return delegate.checkPermission(request, identity, requestContext);
-            }
-
-            @Override
-            public String name() {
-                return name;
-            }
-        });
-    }
-
     public Supplier<Map<String, Object>> createAdditionalSecEventPropsSupplier() {
         return new Supplier<Map<String, Object>>() {
             @Override
diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/ImmutablePathMatcher.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/ImmutablePathMatcher.java
@@ -55,7 +55,7 @@ public PathMatch<T> match(String path) {
         if (hasExactPathMatches) {
             T match = exactPathMatches.get(path);
             if (match != null) {
-                return new PathMatch<>(path, "", match);
+                return new PathMatch<>(path, match);
             }
         }
 
@@ -64,7 +64,7 @@ public PathMatch<T> match(String path) {
             if (pathLength == length) {
                 SubstringMatch<T> next = paths.get(path, length);
                 if (next != null) {
-                    return new PathMatch<>(path, "", next.getValue());
+                    return new PathMatch<>(path, next.getValue());
                 }
             } else if (pathLength < length) {
                 char c = path.charAt(pathLength);
@@ -76,12 +76,12 @@ public PathMatch<T> match(String path) {
                     //String part = path.substring(0, pathLength);
                     SubstringMatch<T> next = paths.get(path, pathLength);
                     if (next != null) {
-                        return new PathMatch<>(next.getKey(), path.substring(pathLength), next.getValue());
+                        return new PathMatch<>(next.getKey(), next.getValue());
                     }
                 }
             }
         }
-        return new PathMatch<>("", path, defaultHandler);
+        return new PathMatch<>("", defaultHandler);
     }
 
     public static <T> ImmutablePathMatcherBuilder<T> builder() {
@@ -90,25 +90,13 @@ public static <T> ImmutablePathMatcherBuilder<T> builder() {
 
     public static final class PathMatch<T> {
         private final String matched;
-        private final String remaining;
         private final T value;
 
-        public PathMatch(String matched, String remaining, T value) {
+        public PathMatch(String matched, T value) {
             this.matched = matched;
-            this.remaining = remaining;
             this.value = value;
         }
 
-        /**
-         * @deprecated because it can't be supported with inner wildcard without cost. It's unlikely this method is
-         *             used by anyone as users don't get in touch with this class. If there is legit use case, please
-         *             open Quarkus issue.
-         */
-        @Deprecated
-        public String getRemaining() {
-            return remaining;
-        }
-
         public String getMatched() {
             return matched;
         }

Original file line number	Diff line number	Diff line change
`@@ -95,7 +95,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {`
`95`	`95`	`}`
`96`	`96`
`97`	`97`	`@Override`
`98`		`- public HttpCredentialTransport getCredentialTransport() {`
`99`		`- return null;`
	`98`	`+ public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {`
	`99`	`+ return Uni.createFrom().nullItem();`
`100`	`100`	`}`
`101`	`101`	`}`
Original file line number	Diff line number	Diff line change
`@@ -72,7 +72,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {`
`72`	`72`	`}`
`73`	`73`
`74`	`74`	`@Override`
`75`		`- public HttpCredentialTransport getCredentialTransport() {`
`76`		`- return new HttpCredentialTransport(HttpCredentialTransport.Type.AUTHORIZATION, "bearer");`
	`75`	`+ public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {`
	`76`	`+ return Uni.createFrom().item(new HttpCredentialTransport(HttpCredentialTransport.Type.AUTHORIZATION, "bearer"));`
`77`	`77`	`}`
`78`	`78`	`}`
Original file line number	Diff line number	Diff line change
`@@ -88,7 +88,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {`
`88`	`88`	`}`
`89`	`89`
`90`	`90`	`@Override`
`91`		`- public HttpCredentialTransport getCredentialTransport() {`
`92`		`- return new HttpCredentialTransport(HttpCredentialTransport.Type.AUTHORIZATION, "basic");`
	`91`	`+ public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {`
	`92`	`+ return Uni.createFrom().item(new HttpCredentialTransport(HttpCredentialTransport.Type.AUTHORIZATION, "basic"));`
`93`	`93`	`}`
`94`	`94`	`}`
Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@ public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`@Override`
`41`		`- public HttpCredentialTransport getCredentialTransport() {`
`42`		`- return null;`
	`41`	`+ public Uni<HttpCredentialTransport> getCredentialTransport(RoutingContext context) {`
	`42`	`+ return Uni.createFrom().nullItem();`
`43`	`43`	`}`
`44`	`44`	`}`
Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,7 @@ public PathMatch<T> match(String path) {`
`55`	`55`	`if (hasExactPathMatches) {`
`56`	`56`	`T match = exactPathMatches.get(path);`
`57`	`57`	`if (match != null) {`
`58`		`- return new PathMatch<>(path, "", match);`
	`58`	`+ return new PathMatch<>(path, match);`
`59`	`59`	`}`
`60`	`60`	`}`
`61`	`61`
`@@ -64,7 +64,7 @@ public PathMatch<T> match(String path) {`
`64`	`64`	`if (pathLength == length) {`
`65`	`65`	`SubstringMatch<T> next = paths.get(path, length);`
`66`	`66`	`if (next != null) {`
`67`		`- return new PathMatch<>(path, "", next.getValue());`
	`67`	`+ return new PathMatch<>(path, next.getValue());`
`68`	`68`	`}`
`69`	`69`	`} else if (pathLength < length) {`
`70`	`70`	`char c = path.charAt(pathLength);`
`@@ -76,12 +76,12 @@ public PathMatch<T> match(String path) {`
`76`	`76`	`//String part = path.substring(0, pathLength);`
`77`	`77`	`SubstringMatch<T> next = paths.get(path, pathLength);`
`78`	`78`	`if (next != null) {`
`79`		`- return new PathMatch<>(next.getKey(), path.substring(pathLength), next.getValue());`
	`79`	`+ return new PathMatch<>(next.getKey(), next.getValue());`
`80`	`80`	`}`
`81`	`81`	`}`
`82`	`82`	`}`
`83`	`83`	`}`
`84`		`- return new PathMatch<>("", path, defaultHandler);`
	`84`	`+ return new PathMatch<>("", defaultHandler);`
`85`	`85`	`}`
`86`	`86`
`87`	`87`	`public static <T> ImmutablePathMatcherBuilder<T> builder() {`
`@@ -90,25 +90,13 @@ public static <T> ImmutablePathMatcherBuilder<T> builder() {`
`90`	`90`
`91`	`91`	`public static final class PathMatch<T> {`
`92`	`92`	`private final String matched;`
`93`		`- private final String remaining;`
`94`	`93`	`private final T value;`
`95`	`94`
`96`		`- public PathMatch(String matched, String remaining, T value) {`
	`95`	`+ public PathMatch(String matched, T value) {`
`97`	`96`	`this.matched = matched;`
`98`		`- this.remaining = remaining;`
`99`	`97`	`this.value = value;`
`100`	`98`	`}`
`101`	`99`
`102`		`- /**`
`103`		`- * @deprecated because it can't be supported with inner wildcard without cost. It's unlikely this method is`
`104`		`- * used by anyone as users don't get in touch with this class. If there is legit use case, please`
`105`		`- * open Quarkus issue.`
`106`		`- */`
`107`		`- @Deprecated`
`108`		`- public String getRemaining() {`
`109`		`- return remaining;`
`110`		`- }`
`111`		`-`
`112`	`100`	`public String getMatched() {`
`113`	`101`	`return matched;`
`114`	`102`	`}`