Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Usage of deprecated function in JWT documentation #13446

Closed
sueszli opened this issue Jul 3, 2023 · 5 comments
Closed

Usage of deprecated function in JWT documentation #13446

sueszli opened this issue Jul 3, 2023 · 5 comments
Assignees
@jzheaux
Labels
in: docs An issue in Documentation or samples status: feedback-provided Feedback has been provided type: bug A general bug

Comments

@sueszli
Copy link
Contributor

sueszli commented Jul 3, 2023
edited
Loading

Describe the bug
The Spring Security 6.1.1 documentation contains functions which are marked as deprecated by the RedHat VSCode extension.

Here is the warning that I am getting:

The method jwt() from the type OAuth2ResourceServerConfigurer<HttpSecurity> has been deprecated since version 6.1 and marked for removalJava(67110275)

Here is the documentation:

To Reproduce

  1. Install VSCode
  2. Install this official extension that warns you about deprecated functions: "redhat.java"
  3. Write this code snippet into your project:
 // ... lines removed for brevity

@RequiredArgsConstructor
@Configuration
@EnableWebSecurity
public class SecurityConfig {

 // ... lines removed for brevity

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http, AuthenticationConfiguration authenticationConfiguration) throws Exception {

        http.authorizeHttpRequests(authorize -> authorize.anyRequest());
        http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt); // <---- warning shows up here
       
       // ... lines removed for brevity
   
        return http.build();
    }
}

Expected behavior
I expected the documentation not to contain deprecated code snippets.
@sueszli sueszli added status: waiting-for-triage An issue we've not yet triaged type: bug A general bug labels Jul 3, 2023
@jzheaux
Copy link
Contributor

jzheaux commented Jul 10, 2023

Good catch, @sueszli! Can you provide a PR to the 6.1.x branch that updates the documentation? Instead it should say:

.oauth2ResourceServer((oauth2) -> oauth2.jwt(Customizer.withDefaults()))

@jzheaux jzheaux self-assigned this Jul 10, 2023
@jzheaux jzheaux added status: waiting-for-feedback We need additional information before we can continue in: docs An issue in Documentation or samples and removed status: waiting-for-triage An issue we've not yet triaged labels Jul 10, 2023
@sueszli
Copy link
Contributor Author

sueszli commented Jul 10, 2023

Will do immediately!

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels Jul 10, 2023
@sueszli sueszli mentioned this issue Jul 10, 2023
Closed
@sueszli
Copy link
Contributor Author

sueszli commented Jul 10, 2023

@jzheaux thank you for allowing me to contribute to this project!

@jzheaux jzheaux mentioned this issue Jul 12, 2023
Closed
@jzheaux jzheaux moved this to Done in Spring Security Team Jul 12, 2023
@demarcomsevthr
Copy link

If I want to set also a converter and I write:

http.oauth2ResourceServer(cfg -> cfg.jwt(Customizer.withDefaults()).jwtAuthenticationConverter(myJwtTokenConverter));

I got this error:
The method jwtAuthenticationConverter(KeycloakJwtTokenConverter) is undefined for the type OAuth2ResourceServerConfigurer

How can I fix it?

@Mitko101513
Copy link

@demarcomsevthr

Here is an example, hope it helps.
.oauth2ResourceServer((oauth2) -> oauth2.jwt(jwtConfigurer -> jwtConfigurer.jwtAuthenticationConverter(jwtAuthConverter)))

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: docs An issue in Documentation or samples status: feedback-provided Feedback has been provided type: bug A general bug
Projects
Spring Security Team
Status: Done
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jzheaux @demarcomsevthr @Mitko101513 @spring-projects-issues @sueszli