Deprecated API

Contents

• Terminally Deprecated
• Classes
• Methods

Terminally Deprecated Elements

Element	Description
org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService.setAccessibleScopes(Set<String>)	Use OidcUserService.setRetrieveUserInfo(Predicate) instead

Deprecated Classes

Class	Description
org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient	Use RestClientAuthorizationCodeTokenResponseClient instead
org.springframework.security.oauth2.client.endpoint.DefaultClientCredentialsTokenResponseClient	Use RestClientClientCredentialsTokenResponseClient instead
org.springframework.security.oauth2.client.endpoint.DefaultJwtBearerTokenResponseClient	Use RestClientJwtBearerTokenResponseClient instead
org.springframework.security.oauth2.client.endpoint.DefaultPasswordTokenResponseClient	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
org.springframework.security.oauth2.client.endpoint.DefaultRefreshTokenTokenResponseClient	Use RestClientRefreshTokenTokenResponseClient instead
org.springframework.security.oauth2.client.endpoint.DefaultTokenExchangeTokenResponseClient	Use RestClientRefreshTokenTokenResponseClient instead
org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequestEntityConverter	Use DefaultOAuth2TokenRequestParametersConverter instead
org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequestEntityConverter	Use DefaultOAuth2TokenRequestParametersConverter instead
org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequestEntityConverter	Use DefaultOAuth2TokenRequestParametersConverter instead
org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequestEntityConverter	Use DefaultOAuth2TokenRequestParametersConverter instead
org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequestEntityConverter	Use DefaultOAuth2TokenRequestParametersConverter instead
org.springframework.security.oauth2.client.endpoint.TokenExchangeGrantRequestEntityConverter	Use DefaultOAuth2TokenRequestParametersConverter instead
org.springframework.security.oauth2.client.endpoint.WebClientReactivePasswordTokenResponseClient	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
org.springframework.security.oauth2.client.PasswordOAuth2AuthorizedClientProvider	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
org.springframework.security.oauth2.client.PasswordReactiveOAuth2AuthorizedClientProvider	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.

Deprecated Methods

Method	Description
org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.password()	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder.password(Consumer<OAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder>)	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService.setAccessibleScopes(Set<String>)	Use OidcUserService.setRetrieveUserInfo(Predicate) instead
org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.password()	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.
org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder.password(Consumer<ReactiveOAuth2AuthorizedClientProviderBuilder.PasswordGrantBuilder>)	The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant. See reference OAuth 2.0 Security Best Current Practice.