Fix removal of framework deprecated code

Issue https://github.com/spring-projects/spring-framework/issues/27686

config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java

@@ -3234,7 +3234,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * @see MvcRequestMatcher
 	 */
 	public HttpSecurity mvcMatcher(String mvcPattern) {
-		HandlerMappingIntrospector introspector = new HandlerMappingIntrospector(getContext());
+		HandlerMappingIntrospector introspector = new HandlerMappingIntrospector();
+		introspector.setApplicationContext(getContext());
+		introspector.afterPropertiesSet();
 		return requestMatcher(new MvcRequestMatcher(introspector, mvcPattern));
 	}
 

config/src/main/java/org/springframework/security/config/annotation/web/socket/AbstractSecurityWebSocketMessageBrokerConfigurer.java

@@ -50,8 +50,8 @@ import org.springframework.util.AntPathMatcher;
 import org.springframework.util.Assert;
 import org.springframework.util.PathMatcher;
 import org.springframework.web.servlet.handler.SimpleUrlHandlerMapping;
-import org.springframework.web.socket.config.annotation.AbstractWebSocketMessageBrokerConfigurer;
 import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
+import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;
 import org.springframework.web.socket.server.HandshakeInterceptor;
 import org.springframework.web.socket.server.support.WebSocketHttpRequestHandler;
 import org.springframework.web.socket.sockjs.SockJsService;
@@ -84,8 +84,8 @@ import org.springframework.web.socket.sockjs.transport.TransportHandlingSockJsSe
  */
 @Order(Ordered.HIGHEST_PRECEDENCE + 100)
 @Import(ObjectPostProcessorConfiguration.class)
-public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends AbstractWebSocketMessageBrokerConfigurer
-		implements SmartInitializingSingleton {
+public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer
+		implements WebSocketMessageBrokerConfigurer, SmartInitializingSingleton {
 
 	private final WebSocketMessageSecurityMetadataSourceRegistry inboundRegistry = new WebSocketMessageSecurityMetadataSourceRegistry();
 
@@ -107,12 +107,12 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
 	@Override
 	public final void configureClientInboundChannel(ChannelRegistration registration) {
 		ChannelSecurityInterceptor inboundChannelSecurity = this.context.getBean(ChannelSecurityInterceptor.class);
-		registration.setInterceptors(this.context.getBean(SecurityContextChannelInterceptor.class));
+		registration.interceptors(this.context.getBean(SecurityContextChannelInterceptor.class));
 		if (!sameOriginDisabled()) {
-			registration.setInterceptors(this.context.getBean(CsrfChannelInterceptor.class));
+			registration.interceptors(this.context.getBean(CsrfChannelInterceptor.class));
 		}
 		if (this.inboundRegistry.containsMapping()) {
-			registration.setInterceptors(inboundChannelSecurity);
+			registration.interceptors(inboundChannelSecurity);
 		}
 		customizeClientInboundChannel(registration);
 	}

config/src/test/java/org/springframework/security/config/annotation/web/socket/AbstractSecurityWebSocketMessageBrokerConfigurerDocTests.java

@@ -41,9 +41,9 @@ import org.springframework.security.web.csrf.CsrfToken;
 import org.springframework.security.web.csrf.DefaultCsrfToken;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
-import org.springframework.web.socket.config.annotation.AbstractWebSocketMessageBrokerConfigurer;
 import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
 import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
+import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;
 
 import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 
@@ -139,7 +139,7 @@ public class AbstractSecurityWebSocketMessageBrokerConfigurerDocTests {
 
 	@Configuration
 	@EnableWebSocketMessageBroker
-	static class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
+	static class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
 
 		@Override
 		public void registerStompEndpoints(StompEndpointRegistry registry) {

itest/context/src/main/java/org/springframework/security/integration/UserDetailsServiceImpl.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,7 +16,6 @@
 
 package org.springframework.security.integration;
 
-import org.springframework.beans.factory.annotation.Required;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.transaction.annotation.Transactional;
@@ -32,7 +31,6 @@ public class UserDetailsServiceImpl implements UserDetailsService {
 		return null;
 	}
 
-	@Required
 	public void setUserRepository(UserRepository userRepository) {
 		this.userRepository = userRepository;
 	}

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/authentication/OAuth2LoginAuthenticationWebFilterTests.java

@@ -74,7 +74,7 @@ public class OAuth2LoginAuthenticationWebFilterTests {
 		this.filter = new OAuth2LoginAuthenticationWebFilter(this.authenticationManager,
 				this.authorizedClientRepository);
 		this.webFilterExchange = new WebFilterExchange(MockServerWebExchange.from(MockServerHttpRequest.get("/")),
-				new DefaultWebFilterChain((exchange) -> exchange.getResponse().setComplete()));
+				new DefaultWebFilterChain((exchange) -> exchange.getResponse().setComplete(), Collections.emptyList()));
 		given(this.authorizedClientRepository.saveAuthorizedClient(any(), any(), any())).willReturn(Mono.empty());
 	}
 

web/src/main/java/org/springframework/security/web/server/WebFilterChainProxy.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -26,7 +26,6 @@ import org.springframework.web.server.ServerWebExchange;
 import org.springframework.web.server.WebFilter;
 import org.springframework.web.server.WebFilterChain;
 import org.springframework.web.server.handler.DefaultWebFilterChain;
-import org.springframework.web.server.handler.FilteringWebHandler;
 
 /**
  * Used to delegate to a List of {@link SecurityWebFilterChain} instances.
@@ -52,7 +51,7 @@ public class WebFilterChainProxy implements WebFilter {
 				.filterWhen((securityWebFilterChain) -> securityWebFilterChain.matches(exchange)).next()
 				.switchIfEmpty(chain.filter(exchange).then(Mono.empty()))
 				.flatMap((securityWebFilterChain) -> securityWebFilterChain.getWebFilters().collectList())
-				.map((filters) -> new FilteringWebHandler(chain::filter, filters)).map(DefaultWebFilterChain::new)
+				.map((filters) -> new DefaultWebFilterChain(chain::filter, filters))
 				.flatMap((securedChain) -> securedChain.filter(exchange));
 	}
 

web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationFailureHandlerTests.java

@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.server.authentication;
 
+import java.util.Collections;
+
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.Mock;
@@ -95,7 +97,7 @@ public class RedirectServerAuthenticationFailureHandlerTests {
 
 	private WebFilterExchange createExchange() {
 		return new WebFilterExchange(MockServerWebExchange.from(MockServerHttpRequest.get("/").build()),
-				new DefaultWebFilterChain((e) -> Mono.empty()));
+				new DefaultWebFilterChain((e) -> Mono.empty(), Collections.emptyList()));
 	}
 
 }

web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java

@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.server.context;
 
+import java.util.List;
+
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
@@ -109,7 +111,8 @@ public class ReactorContextWebFilterTests {
 		given(this.repository.load(any())).willReturn(this.securityContext.mono());
 		String contextKey = "main";
 		WebFilter mainContextWebFilter = (e, c) -> c.filter(e).subscriberContext(Context.of(contextKey, true));
-		WebFilterChain chain = new DefaultWebFilterChain((e) -> Mono.empty(), mainContextWebFilter, this.filter);
+		WebFilterChain chain = new DefaultWebFilterChain((e) -> Mono.empty(),
+				List.of(mainContextWebFilter, this.filter));
 		Mono<Void> filter = chain.filter(MockServerWebExchange.from(this.exchange.build()));
 		StepVerifier.create(filter).expectAccessibleContext().hasKey(contextKey).then().verifyComplete();
 	}

web/src/test/java/org/springframework/security/web/server/context/SecurityContextServerWebExchangeWebFilterTests.java

@@ -16,6 +16,8 @@
 
 package org.springframework.security.web.server.context;
 
+import java.util.Collections;
+
 import org.junit.jupiter.api.Test;
 import reactor.core.publisher.Mono;
 import reactor.test.StepVerifier;
@@ -48,7 +50,8 @@ public class SecurityContextServerWebExchangeWebFilterTests {
 				.filter(this.exchange, new DefaultWebFilterChain((e) -> e.getPrincipal()
 						.doOnSuccess((contextPrincipal) -> assertThat(contextPrincipal).isEqualTo(this.principal))
 						.flatMap((contextPrincipal) -> Mono.subscriberContext())
-						.doOnSuccess((context) -> assertThat(context.<String>get("foo")).isEqualTo("bar")).then()))
+						.doOnSuccess((context) -> assertThat(context.<String>get("foo")).isEqualTo("bar")).then(),
+						Collections.emptyList()))
 				.subscriberContext((context) -> context.put("foo", "bar"))
 				.subscriberContext(ReactiveSecurityContextHolder.withAuthentication(this.principal));
 		StepVerifier.create(result).verifyComplete();
@@ -61,7 +64,7 @@ public class SecurityContextServerWebExchangeWebFilterTests {
 						new DefaultWebFilterChain((e) -> e.getPrincipal()
 								.doOnSuccess(
 										(contextPrincipal) -> assertThat(contextPrincipal).isEqualTo(this.principal))
-								.then()))
+								.then(), Collections.emptyList()))
 				.subscriberContext(ReactiveSecurityContextHolder.withAuthentication(this.principal));
 		StepVerifier.create(result).verifyComplete();
 	}
@@ -73,7 +76,7 @@ public class SecurityContextServerWebExchangeWebFilterTests {
 				new DefaultWebFilterChain((e) -> e.getPrincipal().defaultIfEmpty(defaultAuthentication)
 						.doOnSuccess(
 								(contextPrincipal) -> assertThat(contextPrincipal).isEqualTo(defaultAuthentication))
-						.then()));
+						.then(), Collections.emptyList()));
 		StepVerifier.create(result).verifyComplete();
 	}