Replace deprecated methods

config/src/main/java/org/springframework/security/config/http/OAuth2ClientBeanDefinitionParser.java

@@ -94,7 +94,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 				.rootBeanDefinition(OAuth2AuthorizationRequestRedirectFilter.class);
 		String authorizationRequestResolverRef = (authorizationCodeGrantElt != null)
 				? authorizationCodeGrantElt.getAttribute(ATT_AUTHORIZATION_REQUEST_RESOLVER_REF) : null;
-		if (!StringUtils.isEmpty(authorizationRequestResolverRef)) {
+		if (StringUtils.hasLength(authorizationRequestResolverRef)) {
 			authorizationRequestRedirectFilterBuilder.addConstructorArgReference(authorizationRequestResolverRef);
 		}
 		else {
@@ -122,7 +122,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 	private BeanMetadataElement getAuthorizationRequestRepository(Element element) {
 		String authorizationRequestRepositoryRef = (element != null)
 				? element.getAttribute(ATT_AUTHORIZATION_REQUEST_REPOSITORY_REF) : null;
-		if (!StringUtils.isEmpty(authorizationRequestRepositoryRef)) {
+		if (StringUtils.hasLength(authorizationRequestRepositoryRef)) {
 			return new RuntimeBeanReference(authorizationRequestRepositoryRef);
 		}
 		return BeanDefinitionBuilder.rootBeanDefinition(
@@ -143,7 +143,7 @@ private BeanMetadataElement getAuthorizationRedirectStrategy(Element element) {
 	private BeanMetadataElement getAccessTokenResponseClient(Element element) {
 		String accessTokenResponseClientRef = (element != null)
 				? element.getAttribute(ATT_ACCESS_TOKEN_RESPONSE_CLIENT_REF) : null;
-		if (!StringUtils.isEmpty(accessTokenResponseClientRef)) {
+		if (StringUtils.hasLength(accessTokenResponseClientRef)) {
 			return new RuntimeBeanReference(accessTokenResponseClientRef);
 		}
 		return BeanDefinitionBuilder.rootBeanDefinition(

config/src/main/java/org/springframework/security/config/http/OAuth2ClientBeanDefinitionParserUtils.java

@@ -42,23 +42,23 @@ private OAuth2ClientBeanDefinitionParserUtils() {
 
 	static BeanMetadataElement getClientRegistrationRepository(Element element) {
 		String clientRegistrationRepositoryRef = element.getAttribute(ATT_CLIENT_REGISTRATION_REPOSITORY_REF);
-		if (!StringUtils.isEmpty(clientRegistrationRepositoryRef)) {
+		if (StringUtils.hasLength(clientRegistrationRepositoryRef)) {
 			return new RuntimeBeanReference(clientRegistrationRepositoryRef);
 		}
 		return new RuntimeBeanReference(ClientRegistrationRepository.class);
 	}
 
 	static BeanMetadataElement getAuthorizedClientRepository(Element element) {
 		String authorizedClientRepositoryRef = element.getAttribute(ATT_AUTHORIZED_CLIENT_REPOSITORY_REF);
-		if (!StringUtils.isEmpty(authorizedClientRepositoryRef)) {
+		if (StringUtils.hasLength(authorizedClientRepositoryRef)) {
 			return new RuntimeBeanReference(authorizedClientRepositoryRef);
 		}
 		return null;
 	}
 
 	static BeanMetadataElement getAuthorizedClientService(Element element) {
 		String authorizedClientServiceRef = element.getAttribute(ATT_AUTHORIZED_CLIENT_SERVICE_REF);
-		if (!StringUtils.isEmpty(authorizedClientServiceRef)) {
+		if (StringUtils.hasLength(authorizedClientServiceRef)) {
 			return new RuntimeBeanReference(authorizedClientServiceRef);
 		}
 		return null;

config/src/main/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParser.java

@@ -175,7 +175,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 		}
 		Object source = parserContext.extractSource(element);
 		String loginProcessingUrl = element.getAttribute(ATT_LOGIN_PROCESSING_URL);
-		if (!StringUtils.isEmpty(loginProcessingUrl)) {
+		if (StringUtils.hasLength(loginProcessingUrl)) {
 			WebConfigUtils.validateHttpRedirect(loginProcessingUrl, parserContext, source);
 			oauth2LoginAuthenticationFilterBuilder.addConstructorArgValue(loginProcessingUrl);
 		}
@@ -187,7 +187,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 				.rootBeanDefinition(OAuth2LoginAuthenticationProvider.class)
 				.addConstructorArgValue(accessTokenResponseClient).addConstructorArgValue(oauth2UserService);
 		String userAuthoritiesMapperRef = element.getAttribute(ATT_USER_AUTHORITIES_MAPPER_REF);
-		if (!StringUtils.isEmpty(userAuthoritiesMapperRef)) {
+		if (StringUtils.hasLength(userAuthoritiesMapperRef)) {
 			oauth2LoginAuthenticationProviderBuilder.addPropertyReference("authoritiesMapper",
 					userAuthoritiesMapperRef);
 		}
@@ -197,7 +197,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 		BeanDefinitionBuilder oauth2AuthorizationRequestRedirectFilterBuilder = BeanDefinitionBuilder
 				.rootBeanDefinition(OAuth2AuthorizationRequestRedirectFilter.class);
 		String authorizationRequestResolverRef = element.getAttribute(ATT_AUTHORIZATION_REQUEST_RESOLVER_REF);
-		if (!StringUtils.isEmpty(authorizationRequestResolverRef)) {
+		if (StringUtils.hasLength(authorizationRequestResolverRef)) {
 			oauth2AuthorizationRequestRedirectFilterBuilder.addConstructorArgReference(authorizationRequestResolverRef);
 		}
 		else {
@@ -210,7 +210,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 		this.oauth2AuthorizationRequestRedirectFilter = oauth2AuthorizationRequestRedirectFilterBuilder
 				.getBeanDefinition();
 		String authenticationSuccessHandlerRef = element.getAttribute(ATT_AUTHENTICATION_SUCCESS_HANDLER_REF);
-		if (!StringUtils.isEmpty(authenticationSuccessHandlerRef)) {
+		if (StringUtils.hasLength(authenticationSuccessHandlerRef)) {
 			oauth2LoginAuthenticationFilterBuilder.addPropertyReference("authenticationSuccessHandler",
 					authenticationSuccessHandlerRef);
 		}
@@ -222,7 +222,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 					successHandlerBuilder.getBeanDefinition());
 		}
 		String loginPage = element.getAttribute(ATT_LOGIN_PAGE);
-		if (!StringUtils.isEmpty(loginPage)) {
+		if (StringUtils.hasLength(loginPage)) {
 			WebConfigUtils.validateHttpRedirect(loginPage, parserContext, source);
 			this.oauth2LoginAuthenticationEntryPoint = BeanDefinitionBuilder
 					.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class).addConstructorArgValue(loginPage)
@@ -239,7 +239,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 			}
 		}
 		String authenticationFailureHandlerRef = element.getAttribute(ATT_AUTHENTICATION_FAILURE_HANDLER_REF);
-		if (!StringUtils.isEmpty(authenticationFailureHandlerRef)) {
+		if (StringUtils.hasLength(authenticationFailureHandlerRef)) {
 			oauth2LoginAuthenticationFilterBuilder.addPropertyReference("authenticationFailureHandler",
 					authenticationFailureHandlerRef);
 		}
@@ -262,7 +262,7 @@ public BeanDefinition parse(Element element, ParserContext parserContext) {
 
 	private BeanMetadataElement getAuthorizationRequestRepository(Element element) {
 		String authorizationRequestRepositoryRef = element.getAttribute(ATT_AUTHORIZATION_REQUEST_REPOSITORY_REF);
-		if (!StringUtils.isEmpty(authorizationRequestRepositoryRef)) {
+		if (StringUtils.hasLength(authorizationRequestRepositoryRef)) {
 			return new RuntimeBeanReference(authorizationRequestRepositoryRef);
 		}
 		return BeanDefinitionBuilder.rootBeanDefinition(
@@ -290,19 +290,19 @@ private BeanDefinition getOidcAuthProvider(Element element, BeanMetadataElement
 		BeanDefinitionBuilder oidcAuthProviderBuilder = BeanDefinitionBuilder.rootBeanDefinition(
 				"org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider")
 				.addConstructorArgValue(accessTokenResponseClient).addConstructorArgValue(oidcUserService);
-		if (!StringUtils.isEmpty(userAuthoritiesMapperRef)) {
+		if (StringUtils.hasLength(userAuthoritiesMapperRef)) {
 			oidcAuthProviderBuilder.addPropertyReference("authoritiesMapper", userAuthoritiesMapperRef);
 		}
 		String jwtDecoderFactoryRef = element.getAttribute(ATT_JWT_DECODER_FACTORY_REF);
-		if (!StringUtils.isEmpty(jwtDecoderFactoryRef)) {
+		if (StringUtils.hasLength(jwtDecoderFactoryRef)) {
 			oidcAuthProviderBuilder.addPropertyReference("jwtDecoderFactory", jwtDecoderFactoryRef);
 		}
 		return oidcAuthProviderBuilder.getBeanDefinition();
 	}
 
 	private BeanMetadataElement getOidcUserService(Element element) {
 		String oidcUserServiceRef = element.getAttribute(ATT_OIDC_USER_SERVICE_REF);
-		if (!StringUtils.isEmpty(oidcUserServiceRef)) {
+		if (StringUtils.hasLength(oidcUserServiceRef)) {
 			return new RuntimeBeanReference(oidcUserServiceRef);
 		}
 		return BeanDefinitionBuilder
@@ -312,7 +312,7 @@ private BeanMetadataElement getOidcUserService(Element element) {
 
 	private BeanMetadataElement getOAuth2UserService(Element element) {
 		String oauth2UserServiceRef = element.getAttribute(ATT_USER_SERVICE_REF);
-		if (!StringUtils.isEmpty(oauth2UserServiceRef)) {
+		if (StringUtils.hasLength(oauth2UserServiceRef)) {
 			return new RuntimeBeanReference(oauth2UserServiceRef);
 		}
 		return BeanDefinitionBuilder
@@ -322,7 +322,7 @@ private BeanMetadataElement getOAuth2UserService(Element element) {
 
 	private BeanMetadataElement getAccessTokenResponseClient(Element element) {
 		String accessTokenResponseClientRef = element.getAttribute(ATT_ACCESS_TOKEN_RESPONSE_CLIENT_REF);
-		if (!StringUtils.isEmpty(accessTokenResponseClientRef)) {
+		if (StringUtils.hasLength(accessTokenResponseClientRef)) {
 			return new RuntimeBeanReference(accessTokenResponseClientRef);
 		}
 		return BeanDefinitionBuilder.rootBeanDefinition(

config/src/main/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParser.java

@@ -165,7 +165,7 @@ void validateConfiguration(Element oauth2ResourceServer, Element jwt, Element op
 
 	BeanMetadataElement getAuthenticationManagerResolver(Element element) {
 		String authenticationManagerResolverRef = element.getAttribute(AUTHENTICATION_MANAGER_RESOLVER_REF);
-		if (!StringUtils.isEmpty(authenticationManagerResolverRef)) {
+		if (StringUtils.hasLength(authenticationManagerResolverRef)) {
 			return new RuntimeBeanReference(authenticationManagerResolverRef);
 		}
 		BeanDefinitionBuilder authenticationManagerResolver = BeanDefinitionBuilder
@@ -176,15 +176,15 @@ BeanMetadataElement getAuthenticationManagerResolver(Element element) {
 
 	BeanMetadataElement getBearerTokenResolver(Element element) {
 		String bearerTokenResolverRef = element.getAttribute(BEARER_TOKEN_RESOLVER_REF);
-		if (StringUtils.isEmpty(bearerTokenResolverRef)) {
+		if (!StringUtils.hasLength(bearerTokenResolverRef)) {
 			return new RootBeanDefinition(DefaultBearerTokenResolver.class);
 		}
 		return new RuntimeBeanReference(bearerTokenResolverRef);
 	}
 
 	BeanMetadataElement getEntryPoint(Element element) {
 		String entryPointRef = element.getAttribute(ENTRY_POINT_REF);
-		if (StringUtils.isEmpty(entryPointRef)) {
+		if (!StringUtils.hasLength(entryPointRef)) {
 			return this.authenticationEntryPoint;
 		}
 		return new RuntimeBeanReference(entryPointRef);
@@ -223,7 +223,7 @@ void validateConfiguration(Element element, ParserContext pc) {
 
 		Object getDecoder(Element element) {
 			String decoderRef = element.getAttribute(DECODER_REF);
-			if (!StringUtils.isEmpty(decoderRef)) {
+			if (StringUtils.hasLength(decoderRef)) {
 				return new RuntimeBeanReference(decoderRef);
 			}
 			BeanDefinitionBuilder builder = BeanDefinitionBuilder
@@ -234,7 +234,7 @@ Object getDecoder(Element element) {
 
 		Object getJwtAuthenticationConverter(Element element) {
 			String jwtDecoderRef = element.getAttribute(JWT_AUTHENTICATION_CONVERTER_REF);
-			return (!StringUtils.isEmpty(jwtDecoderRef)) ? new RuntimeBeanReference(jwtDecoderRef)
+			return (StringUtils.hasLength(jwtDecoderRef)) ? new RuntimeBeanReference(jwtDecoderRef)
 					: new JwtAuthenticationConverter();
 		}
 
@@ -291,7 +291,7 @@ void validateConfiguration(Element element, ParserContext pc) {
 
 		BeanMetadataElement getIntrospector(Element element) {
 			String introspectorRef = element.getAttribute(INTROSPECTOR_REF);
-			if (!StringUtils.isEmpty(introspectorRef)) {
+			if (StringUtils.hasLength(introspectorRef)) {
 				return new RuntimeBeanReference(introspectorRef);
 			}
 			String introspectionUri = element.getAttribute(INTROSPECTION_URI);

config/src/main/java/org/springframework/security/config/oauth2/client/ClientRegistrationsBeanDefinitionParser.java

@@ -170,7 +170,7 @@ private static ClientRegistration.Builder getBuilderFromIssuerIfPossible(ParserC
 		if (providers.containsKey(providerId)) {
 			Map<String, String> provider = providers.get(providerId);
 			String issuer = provider.get(ATT_ISSUER_URI);
-			if (!StringUtils.isEmpty(issuer)) {
+			if (StringUtils.hasLength(issuer)) {
 				ClientRegistration.Builder builder = ClientRegistrations.fromIssuerLocation(issuer)
 						.registrationId(registrationId);
 				return getBuilder(parserContext, builder, provider);

config/src/test/java/org/springframework/security/config/doc/SpringSecurityXsdParser.java

@@ -179,7 +179,7 @@ private Attribute attr(XmlNode n) {
 	 */
 	private Element elmt(XmlNode n) {
 		String name = n.attribute("ref");
-		if (StringUtils.isEmpty(name)) {
+		if (!StringUtils.hasLength(name)) {
 			name = n.attribute("name");
 		}
 		else {
@@ -199,7 +199,7 @@ private Element elmt(XmlNode n) {
 		e.getAttrs().forEach((attr) -> attr.setElmt(e));
 		e.getChildElmts().values().forEach((element) -> element.getParentElmts().put(e.getName(), e));
 		String subGrpName = n.attribute("substitutionGroup");
-		if (!StringUtils.isEmpty(subGrpName)) {
+		if (StringUtils.hasLength(subGrpName)) {
 			Element subGrp = elmt(findNode(n, subGrpName.split(":")[1]));
 			subGrp.getSubGrps().add(e);
 		}

core/src/main/java/org/springframework/security/jackson2/SecurityJackson2Modules.java

@@ -127,7 +127,7 @@ private static Module loadAndGetInstance(String className, ClassLoader loader) {
 			Class<? extends Module> securityModule = (Class<? extends Module>) ClassUtils.forName(className, loader);
 			if (securityModule != null) {
 				logger.debug(LogMessage.format("Loaded module %s, now registering", className));
-				return securityModule.newInstance();
+				return securityModule.getConstructor().newInstance();
 			}
 		}
 		catch (Exception ex) {

core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java

@@ -145,7 +145,7 @@ public void createUserInsertsCorrectDataWithLocking() {
 				AuthorityUtils.createAuthorityList("A", "B"));
 		this.manager.createUser(user);
 		UserDetails user2 = this.manager.loadUserByUsername(user.getUsername());
-		assertThat(user2).isEqualToComparingFieldByField(user);
+		assertThat(user2).usingRecursiveComparison().isEqualTo(user);
 	}
 
 	@Test
@@ -176,7 +176,7 @@ public void updateUserChangesDataCorrectlyAndClearsCacheWithLocking() {
 				AuthorityUtils.createAuthorityList("D", "F", "E"));
 		this.manager.updateUser(newJoe);
 		UserDetails joe = this.manager.loadUserByUsername(newJoe.getUsername());
-		assertThat(joe).isEqualToComparingFieldByField(newJoe);
+		assertThat(joe).usingRecursiveComparison().isEqualTo(newJoe);
 		assertThat(this.cache.getUserMap().containsKey(newJoe.getUsername())).isFalse();
 	}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserRequestUtils.java

@@ -45,7 +45,7 @@ final class OidcUserRequestUtils {
 	static boolean shouldRetrieveUserInfo(OidcUserRequest userRequest) {
 		// Auto-disabled if UserInfo Endpoint URI is not provided
 		ClientRegistration clientRegistration = userRequest.getClientRegistration();
-		if (StringUtils.isEmpty(clientRegistration.getProviderDetails().getUserInfoEndpoint().getUri())) {
+		if (!StringUtils.hasLength(clientRegistration.getProviderDetails().getUserInfoEndpoint().getUri())) {
 			return false;
 		}
 		// The Claims requested by the profile, email, address, and phone scope values

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java

@@ -157,7 +157,7 @@ private OidcUser getUser(OidcUserRequest userRequest, OidcUserInfo userInfo, Set
 	private boolean shouldRetrieveUserInfo(OidcUserRequest userRequest) {
 		// Auto-disabled if UserInfo Endpoint URI is not provided
 		ProviderDetails providerDetails = userRequest.getClientRegistration().getProviderDetails();
-		if (StringUtils.isEmpty(providerDetails.getUserInfoEndpoint().getUri())) {
+		if (!StringUtils.hasLength(providerDetails.getUserInfoEndpoint().getUri())) {
 			return false;
 		}
 		// The Claims requested by the profile, email, address, and phone scope values

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java

@@ -189,7 +189,7 @@ public void setWebClient(WebClient webClient) {
 
 	private static Mono<UserInfoErrorResponse> parse(ClientResponse httpResponse) {
 		String wwwAuth = httpResponse.headers().asHttpHeaders().getFirst(HttpHeaders.WWW_AUTHENTICATE);
-		if (!StringUtils.isEmpty(wwwAuth)) {
+		if (StringUtils.hasLength(wwwAuth)) {
 			// Bearer token error?
 			return Mono.fromCallable(() -> UserInfoErrorResponse.parse(wwwAuth));
 		}

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFilter.java

@@ -238,10 +238,10 @@ private void processAuthorizationResponse(HttpServletRequest request, HttpServle
 			OAuth2Error error = ex.getError();
 			UriComponentsBuilder uriBuilder = UriComponentsBuilder.fromUriString(authorizationRequest.getRedirectUri())
 					.queryParam(OAuth2ParameterNames.ERROR, error.getErrorCode());
-			if (!StringUtils.isEmpty(error.getDescription())) {
+			if (StringUtils.hasLength(error.getDescription())) {
 				uriBuilder.queryParam(OAuth2ParameterNames.ERROR_DESCRIPTION, error.getDescription());
 			}
-			if (!StringUtils.isEmpty(error.getUri())) {
+			if (StringUtils.hasLength(error.getUri())) {
 				uriBuilder.queryParam(OAuth2ParameterNames.ERROR_URI, error.getUri());
 			}
 			this.redirectStrategy.sendRedirect(request, response, uriBuilder.build().encode().toString());

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java

@@ -111,7 +111,7 @@ public boolean supportsParameter(MethodParameter parameter) {
 	public Object resolveArgument(MethodParameter parameter, @Nullable ModelAndViewContainer mavContainer,
 			NativeWebRequest webRequest, @Nullable WebDataBinderFactory binderFactory) {
 		String clientRegistrationId = this.resolveClientRegistrationId(parameter);
-		if (StringUtils.isEmpty(clientRegistrationId)) {
+		if (!StringUtils.hasLength(clientRegistrationId)) {
 			throw new IllegalArgumentException("Unable to resolve the Client Registration Identifier. "
 					+ "It must be provided via @RegisteredOAuth2AuthorizedClient(\"client1\") or "
 					+ "@RegisteredOAuth2AuthorizedClient(registrationId = \"client1\").");
@@ -137,10 +137,10 @@ private String resolveClientRegistrationId(MethodParameter parameter) {
 		RegisteredOAuth2AuthorizedClient authorizedClientAnnotation = AnnotatedElementUtils
 				.findMergedAnnotation(parameter.getParameter(), RegisteredOAuth2AuthorizedClient.class);
 		Authentication principal = this.securityContextHolderStrategy.getContext().getAuthentication();
-		if (!StringUtils.isEmpty(authorizedClientAnnotation.registrationId())) {
+		if (StringUtils.hasLength(authorizedClientAnnotation.registrationId())) {
 			return authorizedClientAnnotation.registrationId();
 		}
-		if (!StringUtils.isEmpty(authorizedClientAnnotation.value())) {
+		if (StringUtils.hasLength(authorizedClientAnnotation.value())) {
 			return authorizedClientAnnotation.value();
 		}
 		if (principal != null && OAuth2AuthenticationToken.class.isAssignableFrom(principal.getClass())) {

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java

@@ -537,7 +537,7 @@ private OAuth2Error resolveErrorIfPossible(int statusCode) {
 		private Map<String, String> parseAuthParameters(String wwwAuthenticateHeader) {
 			// @formatter:off
 			return Stream.of(wwwAuthenticateHeader)
-					.filter((header) -> !StringUtils.isEmpty(header))
+					.filter((header) -> StringUtils.hasLength(header))
 					.filter((header) -> header.toLowerCase().startsWith("bearer"))
 					.map((header) -> header.substring("bearer".length()))
 					.map((header) -> header.split(","))

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java

@@ -652,7 +652,7 @@ private OAuth2Error resolveErrorIfPossible(int statusCode) {
 
 		private Map<String, String> parseAuthParameters(String wwwAuthenticateHeader) {
 			// @formatter:off
-			return Stream.of(wwwAuthenticateHeader).filter((header) -> !StringUtils.isEmpty(header))
+			return Stream.of(wwwAuthenticateHeader).filter((header) -> StringUtils.hasLength(header))
 					.filter((header) -> header.toLowerCase().startsWith("bearer"))
 					.map((header) -> header.substring("bearer".length()))
 					.map((header) -> header.split(","))