Update to Spring Framework 5.0.1.BUILD-SNAPSHOT

Fixes gh-4633

core/src/main/java/org/springframework/security/core/SpringSecurityCoreVersion.java

@@ -40,7 +40,7 @@ public class SpringSecurityCoreVersion {
 	 */
 	public static final long SERIAL_VERSION_UID = 500L;
 
-	static final String MIN_SPRING_VERSION = "5.0.0.RELEASE";
+	static final String MIN_SPRING_VERSION = "5.0.1.BUILD-SNAPSHOT";
 
 	static {
 		performVersionChecks();

gradle/dependency-management.gradle

@@ -1,7 +1,7 @@
 dependencyManagement {
 	imports {
 		mavenBom 'io.projectreactor:reactor-bom:Bismuth-RELEASE'
-		mavenBom 'org.springframework:spring-framework-bom:5.0.0.RELEASE'
+		mavenBom 'org.springframework:spring-framework-bom:5.0.1.BUILD-SNAPSHOT'
 		mavenBom 'org.springframework.data:spring-data-releasetrain:Kay-RELEASE'
 	}
 	dependencies {

webflux/src/test/java/org/springframework/security/test/web/reactive/server/WebTestHandler.java

@@ -16,6 +16,7 @@
 package org.springframework.security.test.web.reactive.server;
 
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest.BaseBuilder;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 import org.springframework.web.server.WebFilter;
 import org.springframework.web.server.WebHandler;
@@ -39,7 +40,7 @@ public class WebTestHandler {
 	}
 
 	public WebHandlerResult exchange(BaseBuilder<?> baseBuilder) {
-		ServerWebExchange exchange = baseBuilder.toExchange();
+		ServerWebExchange exchange = MockServerWebExchange.from(baseBuilder.build());
 		return exchange(exchange);
 	}
 

webflux/src/test/java/org/springframework/security/web/server/DefaultServerRedirectStrategyTests.java

@@ -22,6 +22,7 @@ import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;
 import org.springframework.http.HttpStatus;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.web.server.ServerWebExchange;
@@ -67,7 +68,7 @@ public class DefaultServerRedirectStrategyTests {
 
 	@Test
 	public void sendRedirectWhenNoContextThenStatusAndLocationSet() {
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = exchange(MockServerHttpRequest.get("/"));
 
 		this.strategy.sendRedirect(this.exchange, this.location).block();
 
@@ -78,7 +79,7 @@ public class DefaultServerRedirectStrategyTests {
 
 	@Test
 	public void sendRedirectWhenContextPathSetThenStatusAndLocationSet() {
-		this.exchange = MockServerHttpRequest.get("/context/foo").contextPath("/context").toExchange();
+		this.exchange = exchange(MockServerHttpRequest.get("/context/foo").contextPath("/context"));
 
 		this.strategy.sendRedirect(this.exchange, this.location).block();
 
@@ -89,7 +90,7 @@ public class DefaultServerRedirectStrategyTests {
 	@Test
 	public void sendRedirectWhenContextPathSetAndAbsoluteURLThenStatusAndLocationSet() {
 		this.location = URI.create("https://example.com/foo/bar");
-		this.exchange = MockServerHttpRequest.get("/context/foo").contextPath("/context").toExchange();
+		this.exchange = exchange(MockServerHttpRequest.get("/context/foo").contextPath("/context"));
 
 		this.strategy.sendRedirect(this.exchange, this.location).block();
 
@@ -100,7 +101,7 @@ public class DefaultServerRedirectStrategyTests {
 	@Test
 	public void sendRedirectWhenContextPathSetAndDisabledThenStatusAndLocationSet() {
 		this.strategy.setContextRelative(false);
-		this.exchange = MockServerHttpRequest.get("/context/foo").contextPath("/context").toExchange();
+		this.exchange = exchange(MockServerHttpRequest.get("/context/foo").contextPath("/context"));
 
 		this.strategy.sendRedirect(this.exchange, this.location).block();
 
@@ -112,7 +113,7 @@ public class DefaultServerRedirectStrategyTests {
 	public void sendRedirectWhenCustomStatusThenStatusSet() {
 		HttpStatus status = HttpStatus.MOVED_PERMANENTLY;
 		this.strategy.setHttpStatus(status);
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = exchange(MockServerHttpRequest.get("/"));
 
 		this.strategy.sendRedirect(this.exchange, this.location).block();
 
@@ -124,4 +125,8 @@ public class DefaultServerRedirectStrategyTests {
 	public void setHttpStatusWhenNullLocationThenException() {
 		this.strategy.setHttpStatus(null);
 	}
+
+	private static MockServerWebExchange exchange(MockServerHttpRequest.BaseBuilder<?> request) {
+		return MockServerWebExchange.from(request.build());
+	}
 }

webflux/src/test/java/org/springframework/security/web/server/DelegatingServerAuthenticationEntryPointTests.java

@@ -22,6 +22,7 @@ import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;
 import org.springframework.http.HttpStatus;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
@@ -40,7 +41,7 @@ import static org.springframework.security.web.server.DelegatingServerAuthentica
  */
 @RunWith(MockitoJUnitRunner.class)
 public class DelegatingServerAuthenticationEntryPointTests {
-	private ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	private ServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 	@Mock
 	private ServerWebExchangeMatcher matcher1;

webflux/src/test/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverterTests.java

@@ -19,6 +19,7 @@ package org.springframework.security.web.server;
 import org.junit.Test;
 import org.springframework.http.HttpHeaders;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import reactor.core.publisher.Mono;
@@ -36,45 +37,49 @@ public class ServerHttpBasicAuthenticationConverterTests {
 
 	@Test
 	public void applyWhenNoAuthorizationHeaderThenEmpty() {
-		Mono<Authentication> result = converter.apply(request.toExchange());
+		Mono<Authentication> result = apply(this.request);
 
 		assertThat(result.block()).isNull();
 	}
 
 	@Test
 	public void applyWhenEmptyAuthorizationHeaderThenEmpty() {
-		Mono<Authentication> result = converter.apply(request.header(HttpHeaders.AUTHORIZATION, "").toExchange());
+		Mono<Authentication> result = apply(this.request.header(HttpHeaders.AUTHORIZATION, ""));
 
 		assertThat(result.block()).isNull();
 	}
 
 	@Test
 	public void applyWhenOnlyBasicAuthorizationHeaderThenEmpty() {
-		Mono<Authentication> result = converter.apply(request.header(HttpHeaders.AUTHORIZATION, "Basic ").toExchange());
+		Mono<Authentication> result = apply(this.request.header(HttpHeaders.AUTHORIZATION, "Basic "));
 
 		assertThat(result.block()).isNull();
 	}
 
 	@Test
 	public void applyWhenNotBase64ThenEmpty() {
-		Mono<Authentication> result = converter.apply(request.header(HttpHeaders.AUTHORIZATION, "Basic z").toExchange());
+		Mono<Authentication> result = apply(this.request.header(HttpHeaders.AUTHORIZATION, "Basic z"));
 
 		assertThat(result.block()).isNull();
 	}
 
 	@Test
 	public void applyWhenNoSemicolonThenEmpty() {
-		Mono<Authentication> result = converter.apply(request.header(HttpHeaders.AUTHORIZATION, "Basic dXNlcg==").toExchange());
+		Mono<Authentication> result = apply(this.request.header(HttpHeaders.AUTHORIZATION, "Basic dXNlcg=="));
 
 		assertThat(result.block()).isNull();
 	}
 
 	@Test
 	public void applyWhenUserPasswordThenAuthentication() {
-		Mono<Authentication> result = converter.apply(request.header(HttpHeaders.AUTHORIZATION, "Basic dXNlcjpwYXNzd29yZA==").toExchange());
+		Mono<Authentication> result = apply(this.request.header(HttpHeaders.AUTHORIZATION, "Basic dXNlcjpwYXNzd29yZA=="));
 
 		UsernamePasswordAuthenticationToken authentication = result.cast(UsernamePasswordAuthenticationToken.class).block();
 		assertThat(authentication.getPrincipal()).isEqualTo("user");
 		assertThat(authentication.getCredentials()).isEqualTo("password");
 	}
+
+	private Mono<Authentication> apply(MockServerHttpRequest.BaseBuilder<?> request) {
+		return this.converter.apply(MockServerWebExchange.from(this.request.build()));
+	}
 }

webflux/src/test/java/org/springframework/security/web/server/authentication/HttpBasicServerAuthenticationEntryPointTests.java

@@ -23,6 +23,7 @@ import org.mockito.junit.MockitoJUnitRunner;
 
 import org.springframework.http.HttpStatus;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint;
@@ -53,7 +54,7 @@ public class HttpBasicServerAuthenticationEntryPointTests {
 
 	@Test
 	public void commenceWhenSubscribeThenStatusAndHeaderSet() {
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = exchange(MockServerHttpRequest.get("/"));
 
 		this.entryPoint.commence(this.exchange, this.exception).block();
 
@@ -66,7 +67,7 @@ public class HttpBasicServerAuthenticationEntryPointTests {
 	@Test
 	public void commenceWhenCustomRealmThenStatusAndHeaderSet() {
 		this.entryPoint.setRealm("Custom");
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = exchange(MockServerHttpRequest.get("/"));
 
 		this.entryPoint.commence(this.exchange, this.exception).block();
 
@@ -80,4 +81,9 @@ public class HttpBasicServerAuthenticationEntryPointTests {
 	public void setRealmWhenNullThenException() {
 		this.entryPoint.setRealm(null);
 	}
+
+
+	private static MockServerWebExchange exchange(MockServerHttpRequest.BaseBuilder<?> request) {
+		return MockServerWebExchange.from(request.build());
+	}
 }

webflux/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationEntryPointTests.java

@@ -23,6 +23,7 @@ import org.mockito.junit.MockitoJUnitRunner;
 
 import org.springframework.http.HttpStatus;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.server.ServerRedirectStrategy;
@@ -69,7 +70,7 @@ public class RedirectServerAuthenticationEntryPointTests {
 
 	@Test
 	public void commenceWhenSubscribeThenStatusAndLocationSet() {
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 		this.entryPoint.commence(this.exchange, this.exception).block();
 
@@ -84,7 +85,7 @@ public class RedirectServerAuthenticationEntryPointTests {
 		when(this.serverRedirectStrategy.sendRedirect(any(), any())).thenReturn(result);
 		HttpStatus status = HttpStatus.MOVED_PERMANENTLY;
 		this.entryPoint.setServerRedirectStrategy(this.serverRedirectStrategy);
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 		assertThat(this.entryPoint.commence(this.exchange, this.exception)).isEqualTo(result);
 	}

webflux/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationSuccessHandlerTests.java

@@ -22,6 +22,7 @@ import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;
 import org.springframework.http.HttpStatus;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.server.ServerRedirectStrategy;
 import org.springframework.security.web.server.WebFilterExchange;
@@ -74,7 +75,7 @@ public class RedirectServerAuthenticationSuccessHandlerTests {
 
 	@Test
 	public void successWhenSubscribeThenStatusAndLocationSet() {
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 		this.handler.onAuthenticationSuccess(new WebFilterExchange(this.exchange,
 			this.chain), this.authentication).block();
@@ -89,7 +90,7 @@ public class RedirectServerAuthenticationSuccessHandlerTests {
 		Mono<Void> result = Mono.empty();
 		when(this.serverRedirectStrategy.sendRedirect(any(), any())).thenReturn(result);
 		this.handler.setServerRedirectStrategy(this.serverRedirectStrategy);
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 		assertThat(this.handler.onAuthenticationSuccess(new WebFilterExchange(this.exchange,
 			this.chain), this.authentication)).isEqualTo(result);

webflux/src/test/java/org/springframework/security/web/server/authorization/HttpStatusServerAccessDeniedHandlerTests.java

@@ -23,6 +23,7 @@ import org.mockito.junit.MockitoJUnitRunner;
 
 import org.springframework.http.HttpStatus;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.web.server.ServerWebExchange;
 
@@ -56,7 +57,7 @@ public class HttpStatusServerAccessDeniedHandlerTests {
 
 	@Test
 	public void commenceWhenSubscribeThenStatusSet() {
-		this.exchange = MockServerHttpRequest.get("/").toExchange();
+		this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 		this.handler.handle(this.exchange, this.exception).block();
 

webflux/src/test/java/org/springframework/security/web/server/context/AuthenticationReactorContextWebFilterTests.java

@@ -18,6 +18,7 @@ package org.springframework.security.web.server.context;
 
 import org.junit.Test;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.web.server.ServerWebExchange;
@@ -39,7 +40,7 @@ public class AuthenticationReactorContextWebFilterTests {
 
 	Principal principal = new TestingAuthenticationToken("user","password", "ROLE_USER");
 
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 	@Test
 	public void filterWhenExistingContextAndPrincipalNotNullThenContextPopulated() {

webflux/src/test/java/org/springframework/security/web/server/context/ServerSecurityContextRepositoryWebFilterTests.java

@@ -22,6 +22,7 @@ import org.junit.runner.RunWith;
 import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextImpl;
 import org.springframework.security.test.web.reactive.server.WebTestHandler;
@@ -90,7 +91,7 @@ public class ServerSecurityContextRepositoryWebFilterTests {
 		when(repository.load(any())).thenReturn(Mono.empty());
 		filters = WebTestHandler.bindToWebFilters(filter, (e,c) -> e.getPrincipal().flatMap( p-> c.filter(e))) ;
 
-		ServerWebExchange exchangeWithPrincipal = this.exchange.toExchange().mutate().principal(Mono.just(principal)).build();
+		ServerWebExchange exchangeWithPrincipal = MockServerWebExchange.from(exchange.build()).mutate().principal(Mono.just(principal)).build();
 		WebTestHandler.WebHandlerResult result = filters.exchange(exchangeWithPrincipal);
 
 		verify(repository).load(any());

webflux/src/test/java/org/springframework/security/web/server/context/ServerWebExchangeAttributeServerSecurityContextRepositoryTests.java

@@ -18,6 +18,7 @@ package org.springframework.security.web.server.context;
 
 import org.junit.Test;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextImpl;
 import org.springframework.web.server.ServerWebExchange;
@@ -31,7 +32,7 @@ import static org.assertj.core.api.Assertions.assertThat;
  */
 public class ServerWebExchangeAttributeServerSecurityContextRepositoryTests {
 	ServerWebExchangeAttributeServerSecurityContextRepository repository = new ServerWebExchangeAttributeServerSecurityContextRepository();
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 	@Test
 	public void saveAndLoad() {

webflux/src/test/java/org/springframework/security/web/server/header/CacheControlServerHttpHeadersWriterTests.java

@@ -20,6 +20,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 import org.junit.Test;
 import org.springframework.http.HttpHeaders;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 
 /**
@@ -31,7 +32,8 @@ import org.springframework.web.server.ServerWebExchange;
 public class CacheControlServerHttpHeadersWriterTests {
 	CacheControlServerHttpHeadersWriter writer = new CacheControlServerHttpHeadersWriter();
 
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = MockServerWebExchange
+		.from(MockServerHttpRequest.get("/").build());
 
 	HttpHeaders headers = exchange.getResponse().getHeaders();
 

webflux/src/test/java/org/springframework/security/web/server/header/CompositeServerHttpHeadersWriterTests.java

@@ -26,6 +26,7 @@ import org.junit.runner.RunWith;
 import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 
 import reactor.core.publisher.Mono;
@@ -44,7 +45,7 @@ public class CompositeServerHttpHeadersWriterTests {
 
 	CompositeServerHttpHeadersWriter writer;
 
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 	@Before
 	public void setup() {

webflux/src/test/java/org/springframework/security/web/server/header/StaticServerHttpHeadersWriterTests.java

@@ -20,6 +20,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 import org.junit.Test;
 import org.springframework.http.HttpHeaders;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 
 /**
@@ -32,7 +33,8 @@ public class StaticServerHttpHeadersWriterTests {
 			.header(ContentTypeOptionsServerHttpHeadersWriter.X_CONTENT_OPTIONS, ContentTypeOptionsServerHttpHeadersWriter.NOSNIFF)
 			.build();
 
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = MockServerWebExchange
+		.from(MockServerHttpRequest.get("/").build());
 
 	HttpHeaders headers = exchange.getResponse().getHeaders();
 

webflux/src/test/java/org/springframework/security/web/server/header/StrictTransportSecurityServerHttpHeadersWriterTests.java

@@ -23,6 +23,7 @@ import java.util.Arrays;
 import org.junit.Test;
 import org.springframework.http.HttpHeaders;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 
 /**
@@ -36,7 +37,7 @@ public class StrictTransportSecurityServerHttpHeadersWriterTests {
 
 	@Test
 	public void writeHttpHeadersWhenHttpsThenWrites() {
-		exchange = MockServerHttpRequest.get("https://example.com/").toExchange();
+		exchange = exchange(MockServerHttpRequest.get("https://example.com/"));
 
 		hsts.writeHttpHeaders(exchange);
 
@@ -50,7 +51,7 @@ public class StrictTransportSecurityServerHttpHeadersWriterTests {
 	public void writeHttpHeadersWhenCustomMaxAgeThenWrites() {
 		Duration maxAge = Duration.ofDays(1);
 		hsts.setMaxAge(maxAge);
-		exchange = MockServerHttpRequest.get("https://example.com/").toExchange();
+		exchange = exchange(MockServerHttpRequest.get("https://example.com/"));
 
 		hsts.writeHttpHeaders(exchange);
 
@@ -63,7 +64,7 @@ public class StrictTransportSecurityServerHttpHeadersWriterTests {
 	@Test
 	public void writeHttpHeadersWhenCustomIncludeSubDomainsThenWrites() {
 		hsts.setIncludeSubDomains(false);
-		exchange = MockServerHttpRequest.get("https://example.com/").toExchange();
+		exchange = exchange(MockServerHttpRequest.get("https://example.com/"));
 
 		hsts.writeHttpHeaders(exchange);
 
@@ -75,7 +76,7 @@ public class StrictTransportSecurityServerHttpHeadersWriterTests {
 
 	@Test
 	public void writeHttpHeadersWhenNullSchemeThenNoHeaders() {
-		exchange = MockServerHttpRequest.get("/").toExchange();
+		exchange = exchange(MockServerHttpRequest.get("/"));
 
 		hsts.writeHttpHeaders(exchange);
 
@@ -85,11 +86,15 @@ public class StrictTransportSecurityServerHttpHeadersWriterTests {
 
 	@Test
 	public void writeHttpHeadersWhenHttpThenNoHeaders() {
-		exchange = MockServerHttpRequest.get("http://example.com/").toExchange();
+		exchange = exchange(MockServerHttpRequest.get("http://example.com/"));
 
 		hsts.writeHttpHeaders(exchange);
 
 		HttpHeaders headers = exchange.getResponse().getHeaders();
 		assertThat(headers).isEmpty();
 	}
+
+	private static MockServerWebExchange exchange(MockServerHttpRequest.BaseBuilder<?> request) {
+		return MockServerWebExchange.from(request.build());
+	}
 }

webflux/src/test/java/org/springframework/security/web/server/header/XContentTypeOptionsServerHttpHeadersWriterTests.java

@@ -20,6 +20,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 import org.junit.Test;
 import org.springframework.http.HttpHeaders;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 
 /**
@@ -30,7 +31,8 @@ public class XContentTypeOptionsServerHttpHeadersWriterTests {
 
 	ContentTypeOptionsServerHttpHeadersWriter writer = new ContentTypeOptionsServerHttpHeadersWriter();
 
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = MockServerWebExchange
+		.from(MockServerHttpRequest.get("/").build());
 
 	HttpHeaders headers = exchange.getResponse().getHeaders();
 

webflux/src/test/java/org/springframework/security/web/server/header/XFrameOptionsServerHttpHeadersWriterTests.java

@@ -21,6 +21,7 @@ import org.junit.Before;
 import org.junit.Test;
 import org.springframework.http.HttpHeaders;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 
 /**
@@ -29,7 +30,7 @@ import org.springframework.web.server.ServerWebExchange;
  */
 public class XFrameOptionsServerHttpHeadersWriterTests {
 
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = exchange(MockServerHttpRequest.get("/"));
 
 	XFrameOptionsServerHttpHeadersWriter writer;
 
@@ -81,4 +82,7 @@ public class XFrameOptionsServerHttpHeadersWriterTests {
 		assertThat(headers.get(XFrameOptionsServerHttpHeadersWriter.X_FRAME_OPTIONS)).containsOnly(headerValue);
 	}
 
+	private static MockServerWebExchange exchange(MockServerHttpRequest.BaseBuilder<?> request) {
+		return MockServerWebExchange.from(request.build());
+	}
 }

webflux/src/test/java/org/springframework/security/web/server/header/XXssProtectionServerHttpHeadersWriterTests.java

@@ -20,6 +20,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 import org.junit.Test;
 import org.springframework.http.HttpHeaders;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 
 /**
@@ -27,7 +28,7 @@ import org.springframework.web.server.ServerWebExchange;
  * @since 5.0
  */
 public class XXssProtectionServerHttpHeadersWriterTests {
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
 
 	HttpHeaders headers = exchange.getResponse().getHeaders();
 

webflux/src/test/java/org/springframework/security/web/server/util/matcher/MediaTypeServerWebExchangeMatcherTests.java

@@ -27,6 +27,7 @@ import org.mockito.junit.MockitoJUnitRunner;
 
 import org.springframework.http.MediaType;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.reactive.accept.RequestedContentTypeResolver;
 import org.springframework.web.server.ServerWebExchange;
 
@@ -131,6 +132,6 @@ public class MediaTypeServerWebExchangeMatcherTests {
 	}
 
 	private static ServerWebExchange exchange(MediaType... accept) {
-		return MockServerHttpRequest.get("/").accept(accept).toExchange();
+		return MockServerWebExchange.from(MockServerHttpRequest.get("/").accept(accept).build());
 	}
 }

webflux/src/test/java/org/springframework/security/web/server/util/matcher/PathMatcherServerWebExchangeMatcherTests.java

@@ -23,7 +23,7 @@ import org.mockito.junit.MockitoJUnitRunner;
 import org.springframework.http.HttpMethod;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
 import org.springframework.mock.http.server.reactive.MockServerHttpResponse;
-import org.springframework.mock.http.server.reactive.MockServerWebExchange;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.session.DefaultWebSessionManager;
 import org.springframework.web.util.pattern.PathPattern;
 
@@ -53,7 +53,7 @@ public class PathMatcherServerWebExchangeMatcherTests {
 		MockServerHttpRequest request = MockServerHttpRequest.post("/path").build();
 		MockServerHttpResponse response = new MockServerHttpResponse();
 		DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
-		exchange = request.toExchange();
+		exchange = MockServerWebExchange.from(request);
 		path = "/path";
 
 		matcher = new PathPatternParserServerWebExchangeMatcher(pattern);

webflux/src/test/java/org/springframework/security/web/server/util/matcher/ServerWebExchangeMatchersTests.java

@@ -19,6 +19,7 @@ package org.springframework.security.web.server.util.matcher;
 import org.junit.Test;
 import org.springframework.http.HttpMethod;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.web.server.ServerWebExchange;
 
 import static org.assertj.core.api.Assertions.*;
@@ -33,7 +34,8 @@ import static org.springframework.security.web.server.util.matcher.ServerWebExch
  * @since 5.0
  */
 public class ServerWebExchangeMatchersTests {
-	ServerWebExchange exchange = MockServerHttpRequest.get("/").toExchange();
+	ServerWebExchange exchange = MockServerWebExchange
+		.from(MockServerHttpRequest.get("/").build());
 
 	@Test
 	public void pathMatchersWhenSingleAndSamePatternThenMatches() throws Exception {