Polish ServerAuthenticationConverter

Fix package tangles

Issue: gh-5338

config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java

@@ -71,8 +71,6 @@ import org.springframework.security.web.server.DelegatingServerAuthenticationEnt
 import org.springframework.security.web.server.MatcherSecurityWebFilterChain;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.ServerAuthenticationEntryPoint;
-import org.springframework.security.web.server.ServerFormLoginAuthenticationConverter;
-import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
 import org.springframework.security.web.server.WebFilterExchange;
 import org.springframework.security.web.server.authentication.AuthenticationWebFilter;
 import org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint;
@@ -82,6 +80,8 @@ import org.springframework.security.web.server.authentication.RedirectServerAuth
 import org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler;
 import org.springframework.security.web.server.authentication.ServerAuthenticationFailureHandler;
 import org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler;
+import org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter;
+import org.springframework.security.web.server.authentication.ServerHttpBasicAuthenticationConverter;
 import org.springframework.security.web.server.authentication.logout.LogoutWebFilter;
 import org.springframework.security.web.server.authentication.logout.ServerLogoutHandler;
 import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;

web/src/main/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverter.java

@@ -15,7 +15,6 @@
  */
 package org.springframework.security.web.server;
 
-import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
 import org.springframework.util.Assert;
 import reactor.core.publisher.Mono;
 
@@ -32,31 +31,22 @@ import java.util.function.Function;
  *
  * @author Rob Winch
  * @since 5.0
+ * @deprecated use {@link org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter}
+ * instead.
  */
+@Deprecated
 public class ServerFormLoginAuthenticationConverter implements
-		ServerAuthenticationConverter,
 		Function<ServerWebExchange, Mono<Authentication>> {
 
 	private String usernameParameter = "username";
 
 	private String passwordParameter = "password";
 
-	@Override
-	public Mono<Authentication> convert(ServerWebExchange exchange) {
-		return exchange.getFormData()
-			.map( data -> createAuthentication(data));
-	}
-
-	/**
-	 * Alias for {@link #convert(ServerWebExchange)}
-	 * @param exchange the {@link ServerWebExchange} to use
-	 * @return the {@link Authentication}
-	 * @deprecated Use {@link #convert(ServerWebExchange)}
-	 */
 	@Override
 	@Deprecated
 	public Mono<Authentication> apply(ServerWebExchange exchange) {
-		return convert(exchange);
+		return exchange.getFormData()
+				.map( data -> createAuthentication(data));
 	}
 
 	private UsernamePasswordAuthenticationToken createAuthentication(

web/src/main/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverter.java

@@ -22,7 +22,6 @@ import org.springframework.http.HttpHeaders;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
 import org.springframework.web.server.ServerWebExchange;
 
 import reactor.core.publisher.Mono;
@@ -32,15 +31,18 @@ import reactor.core.publisher.Mono;
  *
  * @author Rob Winch
  * @since 5.0
+ * @deprecated Use {@link org.springframework.security.web.server.authentication.ServerHttpBasicAuthenticationConverter}
+ * instead.
  */
+@Deprecated
 public class ServerHttpBasicAuthenticationConverter implements
-		ServerAuthenticationConverter,
 		Function<ServerWebExchange, Mono<Authentication>> {
 
 	public static final String BASIC = "Basic ";
 
 	@Override
-	public Mono<Authentication> convert(ServerWebExchange exchange) {
+	@Deprecated
+	public Mono<Authentication> apply(ServerWebExchange exchange) {
 		ServerHttpRequest request = exchange.getRequest();
 
 		String authorization = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
@@ -49,7 +51,7 @@ public class ServerHttpBasicAuthenticationConverter implements
 		}
 
 		String credentials = authorization.length() <= BASIC.length() ?
-			"" : authorization.substring(BASIC.length(), authorization.length());
+				"" : authorization.substring(BASIC.length(), authorization.length());
 		byte[] decodedCredentials = base64Decode(credentials);
 		String decodedAuthz = new String(decodedCredentials);
 		String[] userParts = decodedAuthz.split(":");
@@ -64,18 +66,6 @@ public class ServerHttpBasicAuthenticationConverter implements
 		return Mono.just(new UsernamePasswordAuthenticationToken(username, password));
 	}
 
-	/**
-	 * Alias for {@link #convert(ServerWebExchange)}
-	 * @param exchange the {@link ServerWebExchange} to use
-	 * @return the {@link Authentication}
-	 * @deprecated Use {@link #convert(ServerWebExchange)}
-	 */
-	@Override
-	@Deprecated
-	public Mono<Authentication> apply(ServerWebExchange exchange) {
-		return convert(exchange);
-	}
-
 	private byte[] base64Decode(String value) {
 		try {
 			return Base64.getDecoder().decode(value);

web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java

@@ -22,7 +22,6 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.ReactiveSecurityContextHolder;
 import org.springframework.security.core.context.SecurityContextImpl;
-import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
 import org.springframework.security.web.server.WebFilterExchange;
 import org.springframework.security.web.server.context.NoOpServerSecurityContextRepository;
 import org.springframework.security.web.server.context.ServerSecurityContextRepository;

web/src/main/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverter.java

@@ -0,0 +1,38 @@
+/*
+ * Copyright 2002-2018 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.web.server.authentication;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+/**
+ * Converts a ServerWebExchange into a UsernamePasswordAuthenticationToken from the form
+ * data HTTP parameters.
+ *
+ * @author Rob Winch
+ * @since 5.1
+ */
+@SuppressWarnings("deprecation")
+public class ServerFormLoginAuthenticationConverter
+		extends org.springframework.security.web.server.ServerFormLoginAuthenticationConverter
+		implements ServerAuthenticationConverter {
+
+	@Override
+	public Mono<Authentication> convert(ServerWebExchange exchange) {
+		return apply(exchange);
+	}
+}

web/src/main/java/org/springframework/security/web/server/authentication/ServerHttpBasicAuthenticationConverter.java

@@ -0,0 +1,38 @@
+/*
+ * Copyright 2002-2018 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.web.server.authentication;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+/**
+ * Converts from a {@link ServerWebExchange} to an {@link Authentication} that can be authenticated.
+ *
+ * @author Rob Winch
+ * @since 5.1
+ */
+@SuppressWarnings("deprecation")
+public class ServerHttpBasicAuthenticationConverter
+		extends org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter
+		implements ServerAuthenticationConverter {
+
+
+	@Override
+	public Mono<Authentication> convert(ServerWebExchange exchange) {
+		return apply(exchange);
+	}
+}

web/src/test/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverterTests.java → web/src/test/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverterTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.web.server;
+package org.springframework.security.web.server.authentication;
 
 import org.junit.Before;
 import org.junit.Test;

web/src/test/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverterTests.java → web/src/test/java/org/springframework/security/web/server/authentication/ServerHttpBasicAuthenticationConverterTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.web.server;
+package org.springframework.security.web.server.authentication;
 
 import org.junit.Test;
 import org.springframework.http.HttpHeaders;