This is an automated email from the ASF dual-hosted git repository.
zrlw pushed a commit to branch 3.3
in repository https://gitbox.apache.org/repos/asf/dubbo.git
The following commit(s) were added to refs/heads/3.3 by this push:
new ea0976b9cb [3.3] Add dubbo-spring6-security plugin by splitting
dubbo-spring-security (#15494)
ea0976b9cb is described below
commit ea0976b9cbdb5f5e72c4083a32cc9c7e501835b5
Author: zrlw <[email protected]>
AuthorDate: Fri Jun 27 21:57:46 2025 +0800
[3.3] Add dubbo-spring6-security plugin by splitting dubbo-spring-security
(#15494)
* Add dubbo-spring6-security plugin by splitting dubbo-spring-security
* Fix FileTest to support dubbo-spring6-security
* Add dubbo-spring6-security and dubbo-plugin-loom to bom
---
.artifacts | 1 +
dubbo-distribution/dubbo-all-shaded/pom.xml | 23 ++
dubbo-distribution/dubbo-all/pom.xml | 23 ++
dubbo-distribution/dubbo-bom/pom.xml | 12 +
dubbo-plugin/dubbo-spring-security/pom.xml | 15 --
.../spring/security/jackson/ObjectMapperCodec.java | 7 -
.../security/jackson/ObjectMapperCodecTest.java | 2 +-
dubbo-plugin/dubbo-spring6-security/pom.xml | 258 +++++++++++++++++++++
.../oauth2/AuthorizationGrantTypeMixin.java | 0
.../oauth2/BearerTokenAuthenticationMixin.java | 0
.../oauth2/ClientAuthenticationMethodMixin.java | 0
.../security/oauth2/ClientSettingsMixin.java | 0
.../oauth2/OAuth2AuthenticatedPrincipalMixin.java | 0
.../OAuth2ClientAuthenticationTokenMixin.java | 0
.../security/oauth2/OAuth2SecurityModule.java | 0
.../security/oauth2/RegisteredClientMixin.java | 11 +-
.../spring/security/oauth2/TokenSettingsMixin.java | 0
.../oauth2/UnmodifiableCollectionMixin.java | 0
.../jackson/OAuth2ObjectMapperCodecCustomer.java | 39 ++++
...ring.security.jackson.ObjectMapperCodecCustomer | 1 +
.../security/oauth2/DeserializationTest.java | 126 ++++++++++
.../src/test/resources/dubbo-test.xml | 33 +++
.../src/test/resources/log4j2-test.xml | 29 +++
dubbo-test/dubbo-dependencies-all/pom.xml | 5 -
.../java/org/apache/dubbo/dependency/FileTest.java | 2 +
pom.xml | 3 +
26 files changed, 555 insertions(+), 35 deletions(-)
diff --git a/.artifacts b/.artifacts
index 27974610f1..88f77a30cb 100644
--- a/.artifacts
+++ b/.artifacts
@@ -107,6 +107,7 @@ dubbo-zookeeper-curator5-spring-boot-starter
dubbo-sentinel-spring-boot-starter
dubbo-seata-spring-boot-starter
dubbo-spring-security
+dubbo-spring6-security
dubbo-tracing
dubbo-xds
dubbo-plugin-loom
diff --git a/dubbo-distribution/dubbo-all-shaded/pom.xml
b/dubbo-distribution/dubbo-all-shaded/pom.xml
index a945581dda..0c91b206c9 100644
--- a/dubbo-distribution/dubbo-all-shaded/pom.xml
+++ b/dubbo-distribution/dubbo-all-shaded/pom.xml
@@ -513,6 +513,7 @@
<include>org.apache.dubbo:dubbo-security</include>
<include>org.apache.dubbo:dubbo-reactive</include>
<include>org.apache.dubbo:dubbo-spring-security</include>
+ <include>org.apache.dubbo:dubbo-spring6-security</include>
<include>org.apache.dubbo:dubbo-registry-api</include>
<include>org.apache.dubbo:dubbo-registry-multicast</include>
<include>org.apache.dubbo:dubbo-registry-multiple</include>
@@ -989,6 +990,21 @@
</build>
<profiles>
+ <profile>
+ <id>spring6-security</id>
+ <activation>
+ <jdk>[17,)</jdk>
+ </activation>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-spring6-security</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ <optional>true</optional>
+ </dependency>
+ </dependencies>
+ </profile>
<profile>
<id>loom</id>
<activation>
@@ -1007,6 +1023,13 @@
<profile>
<id>release</id>
<dependencies>
+ <dependency>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-spring6-security</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ <optional>true</optional>
+ </dependency>
<dependency>
<groupId>org.apache.dubbo</groupId>
<artifactId>dubbo-plugin-loom</artifactId>
diff --git a/dubbo-distribution/dubbo-all/pom.xml
b/dubbo-distribution/dubbo-all/pom.xml
index 8df563097d..c7c1386271 100644
--- a/dubbo-distribution/dubbo-all/pom.xml
+++ b/dubbo-distribution/dubbo-all/pom.xml
@@ -512,6 +512,7 @@
<include>org.apache.dubbo:dubbo-security</include>
<include>org.apache.dubbo:dubbo-reactive</include>
<include>org.apache.dubbo:dubbo-spring-security</include>
+ <include>org.apache.dubbo:dubbo-spring6-security</include>
<include>org.apache.dubbo:dubbo-registry-api</include>
<include>org.apache.dubbo:dubbo-registry-multicast</include>
<include>org.apache.dubbo:dubbo-registry-multiple</include>
@@ -974,6 +975,21 @@
</build>
<profiles>
+ <profile>
+ <id>spring6-security</id>
+ <activation>
+ <jdk>[17,)</jdk>
+ </activation>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-spring6-security</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ <optional>true</optional>
+ </dependency>
+ </dependencies>
+ </profile>
<profile>
<id>loom</id>
<activation>
@@ -992,6 +1008,13 @@
<profile>
<id>release</id>
<dependencies>
+ <dependency>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-spring6-security</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ <optional>true</optional>
+ </dependency>
<dependency>
<groupId>org.apache.dubbo</groupId>
<artifactId>dubbo-plugin-loom</artifactId>
diff --git a/dubbo-distribution/dubbo-bom/pom.xml
b/dubbo-distribution/dubbo-bom/pom.xml
index fd057752bb..2cdb6b72a4 100644
--- a/dubbo-distribution/dubbo-bom/pom.xml
+++ b/dubbo-distribution/dubbo-bom/pom.xml
@@ -291,6 +291,18 @@
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-spring6-security</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-plugin-loom</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+
<dependency>
<groupId>org.apache.dubbo</groupId>
<artifactId>dubbo-rest-jaxrs</artifactId>
diff --git a/dubbo-plugin/dubbo-spring-security/pom.xml
b/dubbo-plugin/dubbo-spring-security/pom.xml
index 514daf508d..68844fc816 100644
--- a/dubbo-plugin/dubbo-spring-security/pom.xml
+++ b/dubbo-plugin/dubbo-spring-security/pom.xml
@@ -29,7 +29,6 @@
<properties>
<skip_maven_deploy>false</skip_maven_deploy>
- <spring.oauth2.server>1.5.1</spring.oauth2.server>
</properties>
<dependencies>
@@ -59,26 +58,12 @@
<artifactId>spring-security-core</artifactId>
</dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-oauth2-core</artifactId>
- <optional>true</optional>
- </dependency>
-
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId>
<scope>test</scope>
<optional>true</optional>
</dependency>
-
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-oauth2-authorization-server</artifactId>
- <version>${spring.oauth2.server}</version>
- <scope>test</scope>
- <optional>true</optional>
- </dependency>
<!-- spring security -->
<!-- jackson -->
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/jackson/ObjectMapperCodec.java
b/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/jackson/ObjectMapperCodec.java
index 7c8cb06af8..f85e182e36 100644
---
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/jackson/ObjectMapperCodec.java
+++
b/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/jackson/ObjectMapperCodec.java
@@ -21,19 +21,16 @@ import org.apache.dubbo.common.logger.ErrorTypeAwareLogger;
import org.apache.dubbo.common.logger.LoggerFactory;
import org.apache.dubbo.common.utils.ClassUtils;
import org.apache.dubbo.common.utils.StringUtils;
-import org.apache.dubbo.spring.security.oauth2.OAuth2SecurityModule;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;
import java.util.function.Consumer;
-import com.fasterxml.jackson.databind.Module;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.module.SimpleModule;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import org.springframework.security.jackson2.CoreJackson2Module;
-import org.springframework.security.jackson2.SecurityJackson2Modules;
public class ObjectMapperCodec {
@@ -104,10 +101,6 @@ public class ObjectMapperCodec {
private void registerDefaultModule() {
mapper.registerModule(new CoreJackson2Module());
mapper.registerModule(new JavaTimeModule());
- mapper.registerModule(new OAuth2SecurityModule());
- List<Module> securityModules =
-
SecurityJackson2Modules.getModules(this.getClass().getClassLoader());
- mapper.registerModules(securityModules);
List<String> jacksonModuleClassNameList = new ArrayList<>();
jacksonModuleClassNameList.add(
diff --git
a/dubbo-plugin/dubbo-spring-security/src/test/java/org/apache/dubbo/spring/security/jackson/ObjectMapperCodecTest.java
b/dubbo-plugin/dubbo-spring-security/src/test/java/org/apache/dubbo/spring/security/jackson/ObjectMapperCodecTest.java
index ea2d613ec6..bae9af97f9 100644
---
a/dubbo-plugin/dubbo-spring-security/src/test/java/org/apache/dubbo/spring/security/jackson/ObjectMapperCodecTest.java
+++
b/dubbo-plugin/dubbo-spring-security/src/test/java/org/apache/dubbo/spring/security/jackson/ObjectMapperCodecTest.java
@@ -29,7 +29,7 @@ import
org.springframework.security.oauth2.core.OAuth2AccessToken;
public class ObjectMapperCodecTest {
- private ObjectMapperCodec mapper = new ObjectMapperCodec();
+ private final ObjectMapperCodec mapper = new ObjectMapperCodec();
@Test
public void testOAuth2AuthorizedClientCodec() {
diff --git a/dubbo-plugin/dubbo-spring6-security/pom.xml
b/dubbo-plugin/dubbo-spring6-security/pom.xml
new file mode 100644
index 0000000000..73078abf79
--- /dev/null
+++ b/dubbo-plugin/dubbo-spring6-security/pom.xml
@@ -0,0 +1,258 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-parent</artifactId>
+ <version>${revision}</version>
+ <relativePath>../../pom.xml</relativePath>
+ </parent>
+
+ <artifactId>dubbo-spring6-security</artifactId>
+ <packaging>jar</packaging>
+
+ <properties>
+ <skip_maven_deploy>false</skip_maven_deploy>
+ <spring.oauth2.server>1.5.1</spring.oauth2.server>
+ </properties>
+
+ <dependencies>
+ <!-- spring6 -->
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-core</artifactId>
+ <version>${spring-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-beans</artifactId>
+ <version>${spring-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context</artifactId>
+ <version>${spring-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-aop</artifactId>
+ <version>${spring-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-web</artifactId>
+ <version>${spring-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-jcl</artifactId>
+ <version>${spring-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-expression</artifactId>
+ <version>${spring-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <version>${spring-6.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+ <!-- spring6 -->
+
+ <!-- dubbo spring security -->
+ <dependency>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-spring-security</artifactId>
+ <version>${project.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-core</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <!-- dubbo spring security -->
+
+ <!-- spring6 security -->
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-config</artifactId>
+ <version>${spring-security-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-core</artifactId>
+ <version>${spring-security-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-web</artifactId>
+ <version>${spring-security-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-crypto</artifactId>
+ <version>${spring-security-6.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-oauth2-core</artifactId>
+ <version>${spring-security-6.version}</version>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-oauth2-jose</artifactId>
+ <version>${spring-security-6.version}</version>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-oauth2-resource-server</artifactId>
+ <version>${spring-security-6.version}</version>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-oauth2-authorization-server</artifactId>
+ <version>${spring.oauth2.server}</version>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-oauth2-client</artifactId>
+ <version>${spring-security-6.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+ <!-- spring security -->
+
+ <!-- spring boot 3 for test -->
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter</artifactId>
+ <version>${spring-boot-3.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot</artifactId>
+ <version>${spring-boot-3.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-autoconfigure</artifactId>
+ <version>${spring-boot-3.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-logging</artifactId>
+ <version>${spring-boot-3.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-test</artifactId>
+ <version>${spring-boot-3.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-test-autoconfigure</artifactId>
+ <version>${spring-boot-3.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-test</artifactId>
+ <version>${spring-boot-3.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ <exclusions>
+ <exclusion>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <!-- spring boot 3 for test -->
+
+ <!-- dubbo-config-spring6 for test -->
+ <dependency>
+ <groupId>org.apache.dubbo</groupId>
+ <artifactId>dubbo-config-spring6</artifactId>
+ <version>${project.parent.version}</version>
+ <scope>test</scope>
+ <optional>true</optional>
+ </dependency>
+ <!-- dubbo-config-spring6 for test -->
+
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-slf4j-impl</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>17</source>
+ <target>17</target>
+ <release>17</release>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/AuthorizationGrantTypeMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/AuthorizationGrantTypeMixin.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/AuthorizationGrantTypeMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/AuthorizationGrantTypeMixin.java
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/BearerTokenAuthenticationMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/BearerTokenAuthenticationMixin.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/BearerTokenAuthenticationMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/BearerTokenAuthenticationMixin.java
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/ClientAuthenticationMethodMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/ClientAuthenticationMethodMixin.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/ClientAuthenticationMethodMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/ClientAuthenticationMethodMixin.java
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/ClientSettingsMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/ClientSettingsMixin.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/ClientSettingsMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/ClientSettingsMixin.java
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2AuthenticatedPrincipalMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2AuthenticatedPrincipalMixin.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2AuthenticatedPrincipalMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2AuthenticatedPrincipalMixin.java
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2ClientAuthenticationTokenMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2ClientAuthenticationTokenMixin.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2ClientAuthenticationTokenMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2ClientAuthenticationTokenMixin.java
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2SecurityModule.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2SecurityModule.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2SecurityModule.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/OAuth2SecurityModule.java
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/RegisteredClientMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/RegisteredClientMixin.java
similarity index 84%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/RegisteredClientMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/RegisteredClientMixin.java
index f4977a2220..d8c4e97872 100644
---
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/RegisteredClientMixin.java
+++
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/RegisteredClientMixin.java
@@ -26,6 +26,8 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.annotation.JsonTypeInfo;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
+import
org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
+import
org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS)
@JsonAutoDetect(
@@ -36,11 +38,6 @@ import
org.springframework.security.oauth2.core.ClientAuthenticationMethod;
@JsonIgnoreProperties(ignoreUnknown = true)
abstract class RegisteredClientMixin {
- /**
- * declare clientSettings and tokenSettings as Object type to avoid
COMPILATION ERROR when compile it with jdk8
- * or jdk11, both ClientSettings and TokenSettings class file version are
61.0 which is higher than the version
- * which jdk8 (class file version: 52.0) or jdk11 (class file version:
55.0) could support.
- */
@JsonCreator
public RegisteredClientMixin(
@JsonProperty("id") String id,
@@ -54,6 +51,6 @@ abstract class RegisteredClientMixin {
@JsonProperty("redirectUris") Set<String> redirectUris,
@JsonProperty("postLogoutRedirectUris") Set<String>
postLogoutRedirectUris,
@JsonProperty("scopes") Set<String> scopes,
- @JsonProperty("clientSettings") Object clientSettings,
- @JsonProperty("tokenSettings") Object tokenSettings) {}
+ @JsonProperty("clientSettings") ClientSettings clientSettings,
+ @JsonProperty("tokenSettings") TokenSettings tokenSettings) {}
}
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/TokenSettingsMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/TokenSettingsMixin.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/TokenSettingsMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/TokenSettingsMixin.java
diff --git
a/dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/UnmodifiableCollectionMixin.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/UnmodifiableCollectionMixin.java
similarity index 100%
rename from
dubbo-plugin/dubbo-spring-security/src/main/java/org/apache/dubbo/spring/security/oauth2/UnmodifiableCollectionMixin.java
rename to
dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/UnmodifiableCollectionMixin.java
diff --git
a/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/jackson/OAuth2ObjectMapperCodecCustomer.java
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/jackson/OAuth2ObjectMapperCodecCustomer.java
new file mode 100644
index 0000000000..abaaeaf95b
--- /dev/null
+++
b/dubbo-plugin/dubbo-spring6-security/src/main/java/org/apache/dubbo/spring/security/oauth2/jackson/OAuth2ObjectMapperCodecCustomer.java
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.dubbo.spring.security.oauth2.jackson;
+
+import org.apache.dubbo.spring.security.jackson.ObjectMapperCodec;
+import org.apache.dubbo.spring.security.jackson.ObjectMapperCodecCustomer;
+import org.apache.dubbo.spring.security.oauth2.OAuth2SecurityModule;
+
+import java.util.List;
+
+import com.fasterxml.jackson.databind.Module;
+import org.springframework.security.jackson2.SecurityJackson2Modules;
+
+public class OAuth2ObjectMapperCodecCustomer implements
ObjectMapperCodecCustomer {
+
+ @Override
+ public void customize(ObjectMapperCodec objectMapperCodec) {
+ objectMapperCodec.configureMapper(mapper -> {
+ mapper.registerModule(new OAuth2SecurityModule());
+ List<Module> securityModules =
+
SecurityJackson2Modules.getModules(this.getClass().getClassLoader());
+ mapper.registerModules(securityModules);
+ });
+ }
+}
diff --git
a/dubbo-plugin/dubbo-spring6-security/src/main/resources/META-INF/dubbo/internal/org.apache.dubbo.spring.security.jackson.ObjectMapperCodecCustomer
b/dubbo-plugin/dubbo-spring6-security/src/main/resources/META-INF/dubbo/internal/org.apache.dubbo.spring.security.jackson.ObjectMapperCodecCustomer
new file mode 100644
index 0000000000..d3fea59891
--- /dev/null
+++
b/dubbo-plugin/dubbo-spring6-security/src/main/resources/META-INF/dubbo/internal/org.apache.dubbo.spring.security.jackson.ObjectMapperCodecCustomer
@@ -0,0 +1 @@
+oauth2Customer=org.apache.dubbo.spring.security.oauth2.jackson.OAuth2ObjectMapperCodecCustomer
diff --git
a/dubbo-plugin/dubbo-spring6-security/src/test/java/org/apache/dubbo/spring/security/oauth2/DeserializationTest.java
b/dubbo-plugin/dubbo-spring6-security/src/test/java/org/apache/dubbo/spring/security/oauth2/DeserializationTest.java
new file mode 100644
index 0000000000..e1b59881b2
--- /dev/null
+++
b/dubbo-plugin/dubbo-spring6-security/src/test/java/org/apache/dubbo/spring/security/oauth2/DeserializationTest.java
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.dubbo.spring.security.oauth2;
+
+import org.apache.dubbo.config.bootstrap.DubboBootstrap;
+import org.apache.dubbo.rpc.model.ApplicationModel;
+import org.apache.dubbo.spring.security.jackson.ObjectMapperCodec;
+
+import java.time.Duration;
+import java.time.Instant;
+import java.util.Collections;
+
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.ImportResource;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
+import
org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal;
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
+import org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType;
+import
org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
+import
org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
+import
org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
+import
org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat;
+import
org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
+import
org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
+
+@SpringBootTest(
+ properties = {"dubbo.registry.address=N/A"},
+ classes = {DeserializationTest.class})
+@Configuration
+public class DeserializationTest {
+
+ private static ObjectMapperCodec mapper;
+
+ @BeforeAll
+ public static void beforeAll() {
+ DubboBootstrap.reset();
+ mapper =
ApplicationModel.defaultModel().getDefaultModule().getBean(ObjectMapperCodec.class);
+ }
+
+ @AfterAll
+ public static void afterAll() {
+ DubboBootstrap.reset();
+ }
+
+ @Test
+ public void bearerTokenAuthenticationTest() {
+ BearerTokenAuthentication bearerTokenAuthentication = new
BearerTokenAuthentication(
+ new DefaultOAuth2AuthenticatedPrincipal(
+ "principal-name",
+ Collections.singletonMap("name", "kali"),
+ Collections.singleton(new
SimpleGrantedAuthority("1"))),
+ new OAuth2AccessToken(TokenType.BEARER, "111", Instant.MIN,
Instant.MAX),
+ Collections.emptyList());
+ String content = mapper.serialize(bearerTokenAuthentication);
+
+ BearerTokenAuthentication deserialize =
mapper.deserialize(content.getBytes(), BearerTokenAuthentication.class);
+
+ Assertions.assertNotNull(deserialize);
+ }
+
+ @Test
+ public void oauth2ClientAuthenticationTokenTest() {
+ OAuth2ClientAuthenticationToken oAuth2ClientAuthenticationToken = new
OAuth2ClientAuthenticationToken(
+ "client-id", ClientAuthenticationMethod.CLIENT_SECRET_POST,
"111", Collections.emptyMap());
+
+ String content = mapper.serialize(oAuth2ClientAuthenticationToken);
+
+ OAuth2ClientAuthenticationToken deserialize =
+ mapper.deserialize(content.getBytes(),
OAuth2ClientAuthenticationToken.class);
+
+ Assertions.assertNotNull(deserialize);
+ }
+
+ @Test
+ public void registeredClientTest() {
+ RegisteredClient registeredClient = RegisteredClient.withId("id")
+ .clientId("client-id")
+ .clientName("client-name")
+
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
+ .redirectUri("https://example.com";)
+
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_JWT)
+ .clientSecret("client-secret")
+ .clientIdIssuedAt(Instant.MIN)
+ .clientSecretExpiresAt(Instant.MAX)
+ .tokenSettings(TokenSettings.builder()
+ .accessTokenFormat(OAuth2TokenFormat.REFERENCE)
+ .accessTokenTimeToLive(Duration.ofSeconds(1000))
+ .build())
+ .clientSettings(ClientSettings.builder()
+ .setting("name", "value")
+ .requireProofKey(true)
+ .build())
+ .build();
+
+ String content = mapper.serialize(registeredClient);
+
+ RegisteredClient deserialize = mapper.deserialize(content.getBytes(),
RegisteredClient.class);
+
+ Assertions.assertEquals(registeredClient, deserialize);
+ }
+
+ @Configuration
+ @ImportResource("classpath:/dubbo-test.xml")
+ public static class OAuth2SecurityTestConfiguration {}
+}
diff --git
a/dubbo-plugin/dubbo-spring6-security/src/test/resources/dubbo-test.xml
b/dubbo-plugin/dubbo-spring6-security/src/test/resources/dubbo-test.xml
new file mode 100644
index 0000000000..8c39a7b92a
--- /dev/null
+++ b/dubbo-plugin/dubbo-spring6-security/src/test/resources/dubbo-test.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~
+ ~ Licensed to the Apache Software Foundation (ASF) under one or more
+ ~ contributor license agreements. See the NOTICE file distributed with
+ ~ this work for additional information regarding copyright ownership.
+ ~ The ASF licenses this file to You under the Apache License, Version 2.0
+ ~ (the "License"); you may not use this file except in compliance with
+ ~ the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ ~
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xmlns:dubbo="http://code.alibabatech.com/schema/dubbo";
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://code.alibabatech.com/schema/dubbo
+ http://code.alibabatech.com/schema/dubbo/dubbo.xsd";
default-lazy-init ="false">
+
+ <dubbo:application name="oauth2-security-test-app"/>
+
+ <dubbo:registry client="curator" address="${dubbo.registry.address}"/>
+
+ <dubbo:protocol name="dubbo" port="20880"/>
+</beans>
diff --git
a/dubbo-plugin/dubbo-spring6-security/src/test/resources/log4j2-test.xml
b/dubbo-plugin/dubbo-spring6-security/src/test/resources/log4j2-test.xml
new file mode 100644
index 0000000000..ba99f52cc2
--- /dev/null
+++ b/dubbo-plugin/dubbo-spring6-security/src/test/resources/log4j2-test.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one or more
+ ~ contributor license agreements. See the NOTICE file distributed with
+ ~ this work for additional information regarding copyright ownership.
+ ~ The ASF licenses this file to You under the Apache License, Version 2.0
+ ~ (the "License"); you may not use this file except in compliance with
+ ~ the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+<Configuration status="WARN">
+ <Appenders>
+ <Console name="Console" target="SYSTEM_OUT" follow="true">
+ <PatternLayout pattern="%d{HH:mm:ss.SSS} |-%highlight{%-5p} [%t]
%40.40c:%-3L -|
%m%n%rEx{filters(jdk.internal.reflect,java.lang.reflect,sun.reflect,org.junit,org.mockito)}"
charset="UTF-8"/>
+ </Console>
+ </Appenders>
+ <Loggers>
+ <Root level="info">
+ <AppenderRef ref="Console"/>
+ </Root>
+ </Loggers>
+</Configuration>
diff --git a/dubbo-test/dubbo-dependencies-all/pom.xml
b/dubbo-test/dubbo-dependencies-all/pom.xml
index 69889f8f9a..fcdc9b593b 100644
--- a/dubbo-test/dubbo-dependencies-all/pom.xml
+++ b/dubbo-test/dubbo-dependencies-all/pom.xml
@@ -71,11 +71,6 @@
<artifactId>dubbo-config-spring</artifactId>
<version>${project.version}</version>
</dependency>
- <!-- <dependency>-->
- <!-- <groupId>org.apache.dubbo</groupId>-->
- <!-- <artifactId>dubbo-config-spring6</artifactId>-->
- <!-- <version>${project.version}</version>-->
- <!-- </dependency>-->
<!-- config-center -->
<dependency>
diff --git
a/dubbo-test/dubbo-test-modules/src/test/java/org/apache/dubbo/dependency/FileTest.java
b/dubbo-test/dubbo-test-modules/src/test/java/org/apache/dubbo/dependency/FileTest.java
index b7f487faa2..851113e698 100644
---
a/dubbo-test/dubbo-test-modules/src/test/java/org/apache/dubbo/dependency/FileTest.java
+++
b/dubbo-test/dubbo-test-modules/src/test/java/org/apache/dubbo/dependency/FileTest.java
@@ -55,6 +55,7 @@ class FileTest {
ignoredModules.add(Pattern.compile("dubbo-demo.*"));
ignoredModules.add(Pattern.compile("dubbo-annotation-processor"));
ignoredModules.add(Pattern.compile("dubbo-config-spring6"));
+ ignoredModules.add(Pattern.compile("dubbo-spring6-security"));
ignoredModules.add(Pattern.compile("dubbo-spring-boot-3-autoconfigure"));
ignoredModules.add(Pattern.compile("dubbo-plugin-loom.*"));
@@ -74,6 +75,7 @@ class FileTest {
ignoredModulesInDubboAll.add(Pattern.compile(".*spring-boot.*"));
ignoredModulesInDubboAll.add(Pattern.compile("dubbo-maven-plugin"));
+
ignoredModulesInDubboAllShade.add(Pattern.compile("dubbo-spring6-security"));
ignoredModulesInDubboAllShade.add(Pattern.compile("dubbo-plugin-loom"));
}
diff --git a/pom.xml b/pom.xml
index f8507cdf78..f4841d5bfd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -165,6 +165,7 @@
<!-- For unify spring boot 3 version -->
<spring-6.version>6.2.8</spring-6.version>
+ <spring-security-6.version>6.5.1</spring-security-6.version>
<spring-boot-3.version>3.5.0</spring-boot-3.version>
<protobuf-protoc_version>3.22.3</protobuf-protoc_version>
@@ -495,6 +496,7 @@
</activation>
<modules>
<module>dubbo-spring-boot-project/dubbo-spring-boot-3-autoconfigure</module>
+ <module>dubbo-plugin/dubbo-spring6-security</module>
</modules>
</profile>
<!-- jacoco: mvn validate -Pjacoco -->
@@ -644,6 +646,7 @@
<id>release</id>
<modules>
<module>dubbo-spring-boot-project/dubbo-spring-boot-3-autoconfigure</module>
+ <module>dubbo-plugin/dubbo-spring6-security</module>
<module>dubbo-plugin/dubbo-plugin-loom</module>
<module>dubbo-distribution/dubbo-all</module>
<module>dubbo-distribution/dubbo-all-shaded</module>
