Adds hints for Authentication manager

core/src/main/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHints.java

@@ -19,14 +19,18 @@
 import java.util.List;
 import java.util.stream.Stream;
 
+import org.springframework.aop.SpringProxy;
+import org.springframework.aop.framework.Advised;
 import org.springframework.aot.hint.MemberCategory;
 import org.springframework.aot.hint.RuntimeHints;
 import org.springframework.aot.hint.RuntimeHintsRegistrar;
 import org.springframework.aot.hint.TypeReference;
+import org.springframework.core.DecoratingProxy;
 import org.springframework.security.access.expression.SecurityExpressionOperations;
 import org.springframework.security.access.expression.SecurityExpressionRoot;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AccountExpiredException;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.CredentialsExpiredException;
@@ -49,6 +53,7 @@
  * {@link RuntimeHintsRegistrar} for core classes
  *
  * @author Marcus Da Coregio
+ * @author Nikita Konev
  * @since 6.0
  */
 class CoreSecurityRuntimeHints implements RuntimeHintsRegistrar {
@@ -61,6 +66,7 @@ public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
 		hints.resources().registerResourceBundle("org.springframework.security.messages");
 		registerDefaultJdbcSchemaFileHint(hints);
 		registerSecurityContextHints(hints);
+		registerJdkProxyHints(hints);
 	}
 
 	private void registerMethodSecurityHints(RuntimeHints hints) {
@@ -104,4 +110,9 @@ private void registerSecurityContextHints(RuntimeHints hints) {
 				(builder) -> builder.withMembers(MemberCategory.INVOKE_PUBLIC_METHODS));
 	}
 
+	private void registerJdkProxyHints(RuntimeHints hints) {
+		hints.proxies().registerJdkProxy(AuthenticationManager.class, SpringProxy.class, Advised.class,
+				DecoratingProxy.class);
+	}
+
 }

core/src/test/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHintsTests.java

@@ -23,16 +23,20 @@
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.MethodSource;
 
+import org.springframework.aop.SpringProxy;
+import org.springframework.aop.framework.Advised;
 import org.springframework.aot.hint.MemberCategory;
 import org.springframework.aot.hint.RuntimeHints;
 import org.springframework.aot.hint.RuntimeHintsRegistrar;
 import org.springframework.aot.hint.TypeReference;
 import org.springframework.aot.hint.predicate.RuntimeHintsPredicates;
+import org.springframework.core.DecoratingProxy;
 import org.springframework.core.io.support.SpringFactoriesLoader;
 import org.springframework.security.access.expression.SecurityExpressionOperations;
 import org.springframework.security.access.expression.SecurityExpressionRoot;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AccountExpiredException;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.CredentialsExpiredException;
@@ -59,6 +63,7 @@
  * Tests for {@link CoreSecurityRuntimeHints}
  *
  * @author Marcus Da Coregio
+ * @author Nikita Konev
  */
 class CoreSecurityRuntimeHintsTests {
 
@@ -144,4 +149,10 @@ void securityContextHasHints() {
 				.withMemberCategories(MemberCategory.INVOKE_PUBLIC_METHODS)).accepts(this.hints);
 	}
 
+	@Test
+	void authenticationManagerHasHints() {
+		assertThat(RuntimeHintsPredicates.proxies().forInterfaces(AuthenticationManager.class, SpringProxy.class,
+				Advised.class, DecoratingProxy.class)).accepts(this.hints);
+	}
+
 }