Replace removed context-related operators

Closes gh-11194

Author: marcusdacoregio

config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java

@@ -3236,7 +3236,7 @@ static class ServerWebExchangeReactorContextWebFilter implements WebFilter {
 
 		@Override
 		public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
-			return chain.filter(exchange).subscriberContext(Context.of(ServerWebExchange.class, exchange));
+			return chain.filter(exchange).contextWrite(Context.of(ServerWebExchange.class, exchange));
 		}
 
 	}

config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java

@@ -97,8 +97,7 @@ public void monoWhenPermitAllThenSuccess() {
 	@Test
 	public void monoPreAuthorizeHasRoleWhenGrantedThenSuccess() {
 		given(this.delegate.monoPreAuthorizeHasRoleFindById(1L)).willReturn(Mono.just("result"));
-		Mono<String> findById = this.messageService.monoPreAuthorizeHasRoleFindById(1L)
-				.subscriberContext(this.withAdmin);
+		Mono<String> findById = this.messageService.monoPreAuthorizeHasRoleFindById(1L).contextWrite(this.withAdmin);
 		StepVerifier.create(findById).expectNext("result").verifyComplete();
 	}
 
@@ -113,16 +112,15 @@ public void monoPreAuthorizeHasRoleWhenNoAuthenticationThenDenied() {
 	@Test
 	public void monoPreAuthorizeHasRoleWhenNotAuthorizedThenDenied() {
 		given(this.delegate.monoPreAuthorizeHasRoleFindById(1L)).willReturn(Mono.from(this.result));
-		Mono<String> findById = this.messageService.monoPreAuthorizeHasRoleFindById(1L)
-				.subscriberContext(this.withUser);
+		Mono<String> findById = this.messageService.monoPreAuthorizeHasRoleFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 		this.result.assertNoSubscribers();
 	}
 
 	@Test
 	public void monoPreAuthorizeBeanWhenGrantedThenSuccess() {
 		given(this.delegate.monoPreAuthorizeBeanFindById(2L)).willReturn(Mono.just("result"));
-		Mono<String> findById = this.messageService.monoPreAuthorizeBeanFindById(2L).subscriberContext(this.withAdmin);
+		Mono<String> findById = this.messageService.monoPreAuthorizeBeanFindById(2L).contextWrite(this.withAdmin);
 		StepVerifier.create(findById).expectNext("result").verifyComplete();
 	}
 
@@ -144,29 +142,29 @@ public void monoPreAuthorizeBeanWhenNoAuthenticationThenDenied() {
 	@Test
 	public void monoPreAuthorizeBeanWhenNotAuthorizedThenDenied() {
 		given(this.delegate.monoPreAuthorizeBeanFindById(1L)).willReturn(Mono.from(this.result));
-		Mono<String> findById = this.messageService.monoPreAuthorizeBeanFindById(1L).subscriberContext(this.withUser);
+		Mono<String> findById = this.messageService.monoPreAuthorizeBeanFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 		this.result.assertNoSubscribers();
 	}
 
 	@Test
 	public void monoPostAuthorizeWhenAuthorizedThenSuccess() {
 		given(this.delegate.monoPostAuthorizeFindById(1L)).willReturn(Mono.just("user"));
-		Mono<String> findById = this.messageService.monoPostAuthorizeFindById(1L).subscriberContext(this.withUser);
+		Mono<String> findById = this.messageService.monoPostAuthorizeFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectNext("user").verifyComplete();
 	}
 
 	@Test
 	public void monoPostAuthorizeWhenNotAuthorizedThenDenied() {
 		given(this.delegate.monoPostAuthorizeBeanFindById(1L)).willReturn(Mono.just("not-authorized"));
-		Mono<String> findById = this.messageService.monoPostAuthorizeBeanFindById(1L).subscriberContext(this.withUser);
+		Mono<String> findById = this.messageService.monoPostAuthorizeBeanFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 	}
 
 	@Test
 	public void monoPostAuthorizeWhenBeanAndAuthorizedThenSuccess() {
 		given(this.delegate.monoPostAuthorizeBeanFindById(2L)).willReturn(Mono.just("user"));
-		Mono<String> findById = this.messageService.monoPostAuthorizeBeanFindById(2L).subscriberContext(this.withUser);
+		Mono<String> findById = this.messageService.monoPostAuthorizeBeanFindById(2L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectNext("user").verifyComplete();
 	}
 
@@ -180,7 +178,7 @@ public void monoPostAuthorizeWhenBeanAndNotAuthenticatedAndAuthorizedThenSuccess
 	@Test
 	public void monoPostAuthorizeWhenBeanAndNotAuthorizedThenDenied() {
 		given(this.delegate.monoPostAuthorizeBeanFindById(1L)).willReturn(Mono.just("not-authorized"));
-		Mono<String> findById = this.messageService.monoPostAuthorizeBeanFindById(1L).subscriberContext(this.withUser);
+		Mono<String> findById = this.messageService.monoPostAuthorizeBeanFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 	}
 
@@ -201,8 +199,7 @@ public void fluxWhenPermitAllThenSuccess() {
 	@Test
 	public void fluxPreAuthorizeHasRoleWhenGrantedThenSuccess() {
 		given(this.delegate.fluxPreAuthorizeHasRoleFindById(1L)).willReturn(Flux.just("result"));
-		Flux<String> findById = this.messageService.fluxPreAuthorizeHasRoleFindById(1L)
-				.subscriberContext(this.withAdmin);
+		Flux<String> findById = this.messageService.fluxPreAuthorizeHasRoleFindById(1L).contextWrite(this.withAdmin);
 		StepVerifier.create(findById).consumeNextWith((s) -> assertThat(s).isEqualTo("result")).verifyComplete();
 	}
 
@@ -217,16 +214,15 @@ public void fluxPreAuthorizeHasRoleWhenNoAuthenticationThenDenied() {
 	@Test
 	public void fluxPreAuthorizeHasRoleWhenNotAuthorizedThenDenied() {
 		given(this.delegate.fluxPreAuthorizeHasRoleFindById(1L)).willReturn(Flux.from(this.result));
-		Flux<String> findById = this.messageService.fluxPreAuthorizeHasRoleFindById(1L)
-				.subscriberContext(this.withUser);
+		Flux<String> findById = this.messageService.fluxPreAuthorizeHasRoleFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 		this.result.assertNoSubscribers();
 	}
 
 	@Test
 	public void fluxPreAuthorizeBeanWhenGrantedThenSuccess() {
 		given(this.delegate.fluxPreAuthorizeBeanFindById(2L)).willReturn(Flux.just("result"));
-		Flux<String> findById = this.messageService.fluxPreAuthorizeBeanFindById(2L).subscriberContext(this.withAdmin);
+		Flux<String> findById = this.messageService.fluxPreAuthorizeBeanFindById(2L).contextWrite(this.withAdmin);
 		StepVerifier.create(findById).expectNext("result").verifyComplete();
 	}
 
@@ -248,29 +244,29 @@ public void fluxPreAuthorizeBeanWhenNoAuthenticationThenDenied() {
 	@Test
 	public void fluxPreAuthorizeBeanWhenNotAuthorizedThenDenied() {
 		given(this.delegate.fluxPreAuthorizeBeanFindById(1L)).willReturn(Flux.from(this.result));
-		Flux<String> findById = this.messageService.fluxPreAuthorizeBeanFindById(1L).subscriberContext(this.withUser);
+		Flux<String> findById = this.messageService.fluxPreAuthorizeBeanFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 		this.result.assertNoSubscribers();
 	}
 
 	@Test
 	public void fluxPostAuthorizeWhenAuthorizedThenSuccess() {
 		given(this.delegate.fluxPostAuthorizeFindById(1L)).willReturn(Flux.just("user"));
-		Flux<String> findById = this.messageService.fluxPostAuthorizeFindById(1L).subscriberContext(this.withUser);
+		Flux<String> findById = this.messageService.fluxPostAuthorizeFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectNext("user").verifyComplete();
 	}
 
 	@Test
 	public void fluxPostAuthorizeWhenNotAuthorizedThenDenied() {
 		given(this.delegate.fluxPostAuthorizeBeanFindById(1L)).willReturn(Flux.just("not-authorized"));
-		Flux<String> findById = this.messageService.fluxPostAuthorizeBeanFindById(1L).subscriberContext(this.withUser);
+		Flux<String> findById = this.messageService.fluxPostAuthorizeBeanFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 	}
 
 	@Test
 	public void fluxPostAuthorizeWhenBeanAndAuthorizedThenSuccess() {
 		given(this.delegate.fluxPostAuthorizeBeanFindById(2L)).willReturn(Flux.just("user"));
-		Flux<String> findById = this.messageService.fluxPostAuthorizeBeanFindById(2L).subscriberContext(this.withUser);
+		Flux<String> findById = this.messageService.fluxPostAuthorizeBeanFindById(2L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectNext("user").verifyComplete();
 	}
 
@@ -284,7 +280,7 @@ public void fluxPostAuthorizeWhenBeanAndNotAuthenticatedAndAuthorizedThenSuccess
 	@Test
 	public void fluxPostAuthorizeWhenBeanAndNotAuthorizedThenDenied() {
 		given(this.delegate.fluxPostAuthorizeBeanFindById(1L)).willReturn(Flux.just("not-authorized"));
-		Flux<String> findById = this.messageService.fluxPostAuthorizeBeanFindById(1L).subscriberContext(this.withUser);
+		Flux<String> findById = this.messageService.fluxPostAuthorizeBeanFindById(1L).contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 	}
 
@@ -306,7 +302,7 @@ public void publisherWhenPermitAllThenSuccess() {
 	public void publisherPreAuthorizeHasRoleWhenGrantedThenSuccess() {
 		given(this.delegate.publisherPreAuthorizeHasRoleFindById(1L)).willReturn(publisherJust("result"));
 		Publisher<String> findById = Flux.from(this.messageService.publisherPreAuthorizeHasRoleFindById(1L))
-				.subscriberContext(this.withAdmin);
+				.contextWrite(this.withAdmin);
 		StepVerifier.create(findById).consumeNextWith((s) -> assertThat(s).isEqualTo("result")).verifyComplete();
 	}
 
@@ -322,7 +318,7 @@ public void publisherPreAuthorizeHasRoleWhenNoAuthenticationThenDenied() {
 	public void publisherPreAuthorizeHasRoleWhenNotAuthorizedThenDenied() {
 		given(this.delegate.publisherPreAuthorizeHasRoleFindById(1L)).willReturn(this.result);
 		Publisher<String> findById = Flux.from(this.messageService.publisherPreAuthorizeHasRoleFindById(1L))
-				.subscriberContext(this.withUser);
+				.contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 		this.result.assertNoSubscribers();
 	}
@@ -331,7 +327,7 @@ public void publisherPreAuthorizeHasRoleWhenNotAuthorizedThenDenied() {
 	public void publisherPreAuthorizeBeanWhenGrantedThenSuccess() {
 		given(this.delegate.publisherPreAuthorizeBeanFindById(2L)).willReturn(publisherJust("result"));
 		Publisher<String> findById = Flux.from(this.messageService.publisherPreAuthorizeBeanFindById(2L))
-				.subscriberContext(this.withAdmin);
+				.contextWrite(this.withAdmin);
 		StepVerifier.create(findById).expectNext("result").verifyComplete();
 	}
 
@@ -354,7 +350,7 @@ public void publisherPreAuthorizeBeanWhenNoAuthenticationThenDenied() {
 	public void publisherPreAuthorizeBeanWhenNotAuthorizedThenDenied() {
 		given(this.delegate.publisherPreAuthorizeBeanFindById(1L)).willReturn(this.result);
 		Publisher<String> findById = Flux.from(this.messageService.publisherPreAuthorizeBeanFindById(1L))
-				.subscriberContext(this.withUser);
+				.contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 		this.result.assertNoSubscribers();
 	}
@@ -363,23 +359,23 @@ public void publisherPreAuthorizeBeanWhenNotAuthorizedThenDenied() {
 	public void publisherPostAuthorizeWhenAuthorizedThenSuccess() {
 		given(this.delegate.publisherPostAuthorizeFindById(1L)).willReturn(publisherJust("user"));
 		Publisher<String> findById = Flux.from(this.messageService.publisherPostAuthorizeFindById(1L))
-				.subscriberContext(this.withUser);
+				.contextWrite(this.withUser);
 		StepVerifier.create(findById).expectNext("user").verifyComplete();
 	}
 
 	@Test
 	public void publisherPostAuthorizeWhenNotAuthorizedThenDenied() {
 		given(this.delegate.publisherPostAuthorizeBeanFindById(1L)).willReturn(publisherJust("not-authorized"));
 		Publisher<String> findById = Flux.from(this.messageService.publisherPostAuthorizeBeanFindById(1L))
-				.subscriberContext(this.withUser);
+				.contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 	}
 
 	@Test
 	public void publisherPostAuthorizeWhenBeanAndAuthorizedThenSuccess() {
 		given(this.delegate.publisherPostAuthorizeBeanFindById(2L)).willReturn(publisherJust("user"));
 		Publisher<String> findById = Flux.from(this.messageService.publisherPostAuthorizeBeanFindById(2L))
-				.subscriberContext(this.withUser);
+				.contextWrite(this.withUser);
 		StepVerifier.create(findById).expectNext("user").verifyComplete();
 	}
 
@@ -394,7 +390,7 @@ public void publisherPostAuthorizeWhenBeanAndNotAuthenticatedAndAuthorizedThenSu
 	public void publisherPostAuthorizeWhenBeanAndNotAuthorizedThenDenied() {
 		given(this.delegate.publisherPostAuthorizeBeanFindById(1L)).willReturn(publisherJust("not-authorized"));
 		Publisher<String> findById = Flux.from(this.messageService.publisherPostAuthorizeBeanFindById(1L))
-				.subscriberContext(this.withUser);
+				.contextWrite(this.withUser);
 		StepVerifier.create(findById).expectError(AccessDeniedException.class).verify();
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfigurationTests.java

@@ -199,7 +199,7 @@ public void createPublisherWhenLastOperatorAddedThenSecurityContextAttributesAva
 		SecurityContextHolder.getContext().setAuthentication(this.authentication);
 		ClientResponse clientResponseOk = ClientResponse.create(HttpStatus.OK).build();
 		// @formatter:off
-		ExchangeFilterFunction filter = (req, next) -> Mono.subscriberContext()
+		ExchangeFilterFunction filter = (req, next) -> Mono.deferContextual(Mono::just)
 				.filter((ctx) -> ctx.hasKey(SecurityReactorContextSubscriber.SECURITY_CONTEXT_ATTRIBUTES))
 				.map((ctx) -> ctx.get(SecurityReactorContextSubscriber.SECURITY_CONTEXT_ATTRIBUTES))
 				.cast(Map.class)

config/src/test/java/org/springframework/security/config/web/server/ServerHttpSecurityTests.java

@@ -557,7 +557,7 @@ private static class SubscriberContextController {
 
 		@GetMapping("/**")
 		Mono<String> pathWithinApplicationFromContext() {
-			return Mono.subscriberContext().filter((c) -> c.hasKey(ServerWebExchange.class))
+			return Mono.deferContextual(Mono::just).filter((c) -> c.hasKey(ServerWebExchange.class))
 					.map((c) -> c.get(ServerWebExchange.class))
 					.map((e) -> e.getRequest().getPath().pathWithinApplication().value());
 		}

core/src/main/java/org/springframework/security/core/context/ReactiveSecurityContextHolder.java

@@ -42,7 +42,8 @@ private ReactiveSecurityContextHolder() {
 	 */
 	public static Mono<SecurityContext> getContext() {
 		// @formatter:off
-		return Mono.subscriberContext()
+		return Mono.deferContextual(Mono::just)
+				.cast(Context.class)
 				.filter(ReactiveSecurityContextHolder::hasSecurityContext)
 				.flatMap(ReactiveSecurityContextHolder::getSecurityContext);
 		// @formatter:on

core/src/test/java/org/springframework/security/core/context/ReactiveSecurityContextHolderTests.java

@@ -42,9 +42,9 @@ public void getContextWhenEmpty() {
 	public void setContextAndGetContextThenEmitsContext() {
 		SecurityContext expectedContext = new SecurityContextImpl(
 				new TestingAuthenticationToken("user", "password", "ROLE_USER"));
-		Mono<SecurityContext> context = Mono.subscriberContext()
+		Mono<SecurityContext> context = Mono.deferContextual(Mono::just)
 				.flatMap((c) -> ReactiveSecurityContextHolder.getContext())
-				.subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(expectedContext)));
+				.contextWrite(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(expectedContext)));
 		// @formatter:off
 		StepVerifier.create(context)
 				.expectNext(expectedContext)
@@ -60,7 +60,7 @@ public void demo() {
 				.map(SecurityContext::getAuthentication)
 				.map(Authentication::getName)
 				.flatMap(this::findMessageByUsername)
-				.subscriberContext(ReactiveSecurityContextHolder.withAuthentication(authentication));
+				.contextWrite(ReactiveSecurityContextHolder.withAuthentication(authentication));
 		StepVerifier.create(messageByUsername)
 				.expectNext("Hi user")
 				.verifyComplete();
@@ -76,10 +76,10 @@ public void setContextAndClearAndGetContextThenEmitsEmpty() {
 		SecurityContext expectedContext = new SecurityContextImpl(
 				new TestingAuthenticationToken("user", "password", "ROLE_USER"));
 		// @formatter:off
-		Mono<SecurityContext> context = Mono.subscriberContext()
+		Mono<SecurityContext> context = Mono.deferContextual(Mono::just)
 				.flatMap((c) -> ReactiveSecurityContextHolder.getContext())
-				.subscriberContext(ReactiveSecurityContextHolder.clearContext())
-				.subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(expectedContext)));
+				.contextWrite(ReactiveSecurityContextHolder.clearContext())
+				.contextWrite(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(expectedContext)));
 		StepVerifier.create(context)
 				.verifyComplete();
 		// @formatter:on
@@ -89,10 +89,10 @@ public void setContextAndClearAndGetContextThenEmitsEmpty() {
 	public void setAuthenticationAndGetContextThenEmitsContext() {
 		Authentication expectedAuthentication = new TestingAuthenticationToken("user", "password", "ROLE_USER");
 		// @formatter:off
-		Mono<Authentication> authentication = Mono.subscriberContext()
+		Mono<Authentication> authentication = Mono.deferContextual(Mono::just)
 				.flatMap((c) -> ReactiveSecurityContextHolder.getContext())
 				.map(SecurityContext::getAuthentication)
-				.subscriberContext(ReactiveSecurityContextHolder.withAuthentication(expectedAuthentication));
+				.contextWrite(ReactiveSecurityContextHolder.withAuthentication(expectedAuthentication));
 		StepVerifier.create(authentication)
 				.expectNext(expectedAuthentication)
 				.verifyComplete();

dependencies/spring-security-dependencies.gradle

@@ -9,7 +9,7 @@ javaPlatform {
 dependencies {
 	api platform("org.springframework:spring-framework-bom:$springFrameworkVersion")
 	api platform("io.projectreactor:reactor-bom:2020.0.17")
-	api platform("io.rsocket:rsocket-bom:1.1.1")
+	api platform("io.rsocket:rsocket-bom:1.1.2")
 	api platform("org.junit:junit-bom:5.8.2")
 	api platform("org.springframework.data:spring-data-bom:2022.0.0-M3")
 	api platform("org.jetbrains.kotlin:kotlin-bom:$kotlinVersion")

docs/modules/ROOT/pages/reactive/authorization/method.adoc

@@ -21,7 +21,7 @@ Mono<String> messageByUsername = ReactiveSecurityContextHolder.getContext()
 	.map(Authentication::getName)
 	.flatMap(this::findMessageByUsername)
 	// In a WebFlux application the `subscriberContext` is automatically setup using `ReactorContextWebFilter`
-	.subscriberContext(ReactiveSecurityContextHolder.withAuthentication(authentication));
+	.contextWrite(ReactiveSecurityContextHolder.withAuthentication(authentication));
 
 StepVerifier.create(messageByUsername)
 	.expectNext("Hi user")
@@ -37,7 +37,7 @@ val messageByUsername: Mono<String> = ReactiveSecurityContextHolder.getContext()
 	.map(SecurityContext::getAuthentication)
 	.map(Authentication::getName)
 	.flatMap(this::findMessageByUsername) // In a WebFlux application the `subscriberContext` is automatically setup using `ReactorContextWebFilter`
-	.subscriberContext(ReactiveSecurityContextHolder.withAuthentication(authentication))
+	.contextWrite(ReactiveSecurityContextHolder.withAuthentication(authentication))
 
 StepVerifier.create(messageByUsername)
 	.expectNext("Hi user")