Uploaded image for project: 'Apache Fineract'
  1. Apache Fineract
  2. FINERACT-1012

Spring Security OAuth 2.x to Spring Security 5.2.x

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: In Progress
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 1.4.0
    • Fix Version/s: 1.6.0
    • Component/s: Security
    • Labels:

      Description

      The bump of spring-security-oauth2 from 2.3.6.RELEASE to 2.4.1.RELEASE in https://github.com/apache/fineract/pull/863 as part of FINERACT-963 introduced usage of @Deprecated code, which we are trying to avoid (and which since FINERACT-959 we're intentionally making the build fail).

      I'm going to use a @SuppressWarnings("deprecation") to be able to do the upgrade anyway, because upgrading a security related library to its latest version seems like a sensible thing to do, but we really should remove the suppression and switch to using Spring's newer APIs.

      https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide

      affects UserDetailsApiResource and TwoFactorAuthenticationFilter.createUpdatedAuthentication()

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                BLasan Benura Abeywardena
                Reporter:
                vorburger Michael Vorburger
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated: