Deprecated API

Contents

• Terminally Deprecated
• Interfaces
• Classes
• Fields
• Methods
• Constructors

Terminally Deprecated Elements

Element	Description
com.broadleafcommerce.auth.data.AuthorizationServerDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.AuthorizedClientDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.autoconfigure.AuthorizationDataInitializationProperties	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.autoconfigure.AuthorizationServerDataInitializerAutoConfiguration	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.DataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.DefaultMasterGlobalAdminUserDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.ExternalRoleMapDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.PermissionDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.PermissionScopeDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.RoleDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.SecurityScopeDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.UserDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.resource.domain.AccessTokenClaimKeys.UserDataClaims.USER_NAME_1X
com.broadleafcommerce.auth.security.service.DefaultPrivilegeService(UserRoleService<UserRole>, UserRoleAncestryHydrationService, AuthorizationServerService<AuthorizationServer>)	Since 1.8.0. Use DefaultPrivilegeService(UserRoleService, UserRoleAncestryHydrationService, AuthorizationServerService, AccountAncestorService, TokenProperties)
com.broadleafcommerce.auth.security.service.SimplePayloadMapper(TypeFactory)	since 1.8.0. Use SimplePayloadMapper(TypeFactory, AuthTranslationPostMapperMember)
com.broadleafcommerce.auth.user.validation.ResetPasswordFormValidator.validate(List<P>, ResetPasswordForm, Errors)	Since 1.8.0-GA. Use ResetPasswordFormValidator.validate(List, ResetPasswordForm, Errors, User).
com.broadleafcommerce.auth.user.web.authentication.session.AuthenticationStrategyDelegate.canHandle(Authentication)	Use AuthenticationStrategyDelegate.canHandle(Authentication, AuthorizedClient)
com.broadleafcommerce.auth.user.web.endpoint.AuthenticationController.getOath2AuthenticationProviders()	in favor of AuthenticationController.oauth2AuthenticationProviders. (This method is misspelled.)
com.broadleafcommerce.auth.user.web.endpoint.AuthenticationController.getOath2AuthenticationProviders(ClientIdentityProviderProperties.ClientProperties, boolean)	in favor of AuthenticationController.getOauth2AuthenticationProviders(AuthorizedClient). The new method takes the client id into account to ensure correct caching. Before, all commerce clients were using the same cache entry.

Deprecated Interfaces

Interface	Description
com.broadleafcommerce.auth.data.DataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)

Deprecated Classes

Class	Description
com.broadleafcommerce.auth.data.AuthorizationServerDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.AuthorizedClientDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.autoconfigure.AuthorizationDataInitializationProperties	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.autoconfigure.AuthorizationServerDataInitializerAutoConfiguration	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.DefaultMasterGlobalAdminUserDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.ExternalRoleMapDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.PermissionDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.PermissionScopeDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.RoleDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.SecurityScopeDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)
com.broadleafcommerce.auth.data.UserDataInitializer	Deprecated in favor of liquibase insert pattern (see auth.starter.required.data.changelog.xml)

Deprecated Fields

Field	Description
com.broadleafcommerce.auth.resource.domain.AccessTokenClaimKeys.UserDataClaims.USER_NAME_1X
com.broadleafcommerce.auth.user.listener.SegmentMemberPersistenceHandler.LAST_PROCESS_SEGMENT_DATE	in favour of SegmentMemberPersistenceHandler.getLastProcessedSegmentDateAttributeName(String)

Deprecated Methods

Method	Description
com.broadleafcommerce.auth.authorization.TokenProperties.isSupportRefreshTokenCleanup()	This property is no longer used. AuthenticationServices is configured to clean up Authorizations by default. The cleanup interval is determined by TokenProperties.maxTokenCleanupInterval and TokenProperties.minTokenCleanupInterval.
com.broadleafcommerce.auth.authorization.TokenProperties.setSupportRefreshTokenCleanup(boolean)	This property is no longer used. AuthenticationServices is configured to clean up Authorizations by default. The cleanup interval is determined by TokenProperties.maxTokenCleanupInterval and TokenProperties.minTokenCleanupInterval.
com.broadleafcommerce.auth.client.web.repo.BroadleafAuthorizationRequestRepository.saveAuthRequestWrapper(AuthorizationRequestWrapper)	since 1.6, replaced by BroadleafAuthorizationRequestRepository.saveAuthRequestWrapperResponseCookie(AuthorizationRequestWrapper)
com.broadleafcommerce.auth.resource.service.UserOperationService.findAllByScopeIn(Collection<String>)	use UserOperationService.getUserOperationInformation(Collection, String) instead
com.broadleafcommerce.auth.security.repository.RoleRepository.findAllByNameContainingIgnoreCaseAndArchivedFalse(String, Pageable)	Use RoleRepository.findAllByNameContainingIgnoreCaseAndArchivedFalseAndAccountRoleEquals(String, boolean, Pageable)
com.broadleafcommerce.auth.security.repository.UserPermissionRepository.findAllByNameContainingIgnoreCaseAndArchivedFalse(String, Pageable)	Since 1.8.0. Use UserPermissionRepository.findAllByNameContainingIgnoreCaseAndArchivedFalseAndAccountPermissionEquals(String, boolean, Pageable)
com.broadleafcommerce.auth.security.service.DefaultSecurityService.filterScopesByPermission(Set<String>, Set<String>)	This incorrectly requires that all scopes/perms are 1-1 and ignores the permission root flag. Use DefaultSecurityService.filterScopesByPermission(Set, Set, Set) which correctly accounts for scopes that aren't related to permission roots.
com.broadleafcommerce.auth.security.service.DefaultSecurityService.filterScopesByPermissions(Set<String>, Set<String>)	Use DefaultSecurityService.filterScopesByPermission(Set, Set) instead.
com.broadleafcommerce.auth.security.service.DefaultSecurityService.findOpenRequestedScopes(Set<String>)	Use DefaultSecurityService.findOpenScopes(Set), which returns a Set instead of a Stream.
com.broadleafcommerce.auth.security.service.DefaultUserRoleService.findAllByNameContainingAndNotArchived(String, Pageable)
com.broadleafcommerce.auth.security.service.UserPermissionService.findAllByNameContainingAndNotArchived(String, Pageable)	Since 1.8.0. Use UserPermissionService.findAllByNameContainingAndNotArchived(String, boolean, boolean, Pageable)
com.broadleafcommerce.auth.security.service.UserRoleService.findAllByNameContainingAndNotArchived(String, Pageable)	Since 1.8.0. Use UserRoleService.findAllByNameContainingAndNotArchived(String, boolean, Pageable) Passing "false" for the accountRole parameter is functionally equivalent to the behavior of this method pre-deprecation.
com.broadleafcommerce.auth.user.autoconfigure.AuthorizationServerProperties.isPkceEnabled()	This property is no longer used. Instead, PKCE functionality can be enabled on an AuthorizedClient with the field: AuthorizedClient.getProofKeyRequired().
com.broadleafcommerce.auth.user.autoconfigure.AuthorizationServerProperties.isUseRedirectUriHost()
com.broadleafcommerce.auth.user.autoconfigure.AuthorizationServerProperties.setPkceEnabled(boolean)	This property is no longer used. Instead, PKCE functionality can be enabled on an AuthorizedClient with the field: AuthorizedClient.getProofKeyRequired().
com.broadleafcommerce.auth.user.autoconfigure.AuthorizationServerProperties.setUseRedirectUriHost(boolean)
com.broadleafcommerce.auth.user.listener.AdminUserPersistenceHandler.toAuthPermissionRef(AdminPermissionRef)	Since 1.7.0. Use AdminUserPersistenceHandler.toAuthPermissionRef(String)
com.broadleafcommerce.auth.user.listener.AdminUserPersistenceHandler.toAuthRoleRef(AdminRoleRef)	Since 1.7.0. Use AdminUserPersistenceHandler.toAuthRoleRef(String)
com.broadleafcommerce.auth.user.listener.domain.AdminUser.AdminUserBuilder.permissions(Set<AdminPermissionRef>)
com.broadleafcommerce.auth.user.listener.domain.AdminUser.AdminUserBuilder.roles(Set<AdminRoleRef>)
com.broadleafcommerce.auth.user.listener.domain.AdminUser.getPermissions()
com.broadleafcommerce.auth.user.listener.domain.AdminUser.getRoles()
com.broadleafcommerce.auth.user.service.DefaultUserMessagingService.buildResetPasswordUri(String)	use DefaultUserMessagingService.buildResetPasswordUri(String, String)
com.broadleafcommerce.auth.user.service.DefaultUserMessagingService.getResetPasswordUrl(HttpServletRequest)	use DefaultUserMessagingService.getResetPasswordUrl(HttpServletRequest, String)
com.broadleafcommerce.auth.user.service.password.DefaultUserRegistrationService.registerUser(UserRegistration, ContextInfo)
com.broadleafcommerce.auth.user.service.password.UserPasswordService.createTokenForUser(String, String)	Use UserPasswordService.createResetPasswordToken(java.lang.String, java.lang.String) instead.
com.broadleafcommerce.auth.user.service.password.UserRegistrationService.registerUser(UserRegistration, ContextInfo)	in favor of UserRegistrationService.registerUser(com.broadleafcommerce.auth.user.api.dto.UserRegistration, com.broadleafcommerce.data.tracking.core.context.ContextInfo), as context is no longer a requirement
com.broadleafcommerce.auth.user.session.StatelessUtil.createSessionCookie(OAuth2SessionToken)	in favor of StatelessUtil.getSessionCookie(OAuth2SessionToken)
com.broadleafcommerce.auth.user.session.StatelessUtil.getRemoveSavedRequestCookie()	since 1.6, replaced by StatelessUtil.createSavedRequestRemovalCookie()
com.broadleafcommerce.auth.user.session.StatelessUtil.getRemoveSessionCookie(String)	in favor of StatelessUtil.getSessionRemovalCookie(String)
com.broadleafcommerce.auth.user.session.StatelessUtil.getSavedRequestCookie(String, String)	since 1.6, replaced by StatelessUtil.createSavedRequestCookie(String, String)
com.broadleafcommerce.auth.user.session.token.enhancer.UserAccessTokenEnhancer.getUserMappingProperties()
com.broadleafcommerce.auth.user.session.token.enhancer.UserAccessTokenEnhancer.setUserMappingProperties(UserMappingProperties)
com.broadleafcommerce.auth.user.util.CookieUtil.createCookie(String, String, int)	since 1.6, replaced by CookieUtil.createResponseCookie(String, String, int, String)
com.broadleafcommerce.auth.user.util.CookieUtil.createDeleteCookie(String)	since 1.6, replaced by CookieUtil.createSessionRemovalResponseCookie(String, String)
com.broadleafcommerce.auth.user.util.CookieUtil.createSessionCookie(String, String)	since 1.6, replaced by CookieUtil.createSessionResponseCookie(String, String, String)
com.broadleafcommerce.auth.user.validation.ResetPasswordFormValidator.validate(List<P>, ResetPasswordForm, Errors)	Since 1.8.0-GA. Use ResetPasswordFormValidator.validate(List, ResetPasswordForm, Errors, User).
com.broadleafcommerce.auth.user.web.authentication.session.AbstractAuthenticationStrategyDelegate.isAutoRegister(String)	Use AbstractAuthenticationStrategyDelegate.isAutoRegister(AuthorizedClient) instead.
com.broadleafcommerce.auth.user.web.authentication.session.AbstractAuthenticationStrategyDelegate.registerNewUser(T, String, String)	use AbstractAuthenticationStrategyDelegate.registerNewUser(Authentication, AuthorizedClient, String, String)
com.broadleafcommerce.auth.user.web.authentication.session.AuthenticationStrategyDelegate.canHandle(Authentication)	Use AuthenticationStrategyDelegate.canHandle(Authentication, AuthorizedClient)
com.broadleafcommerce.auth.user.web.authentication.session.AuthenticationStrategyDelegate.getOAuth2UserDetails(Authentication)	Use AuthenticationStrategyDelegate.getOAuth2UserDetails(Authentication, AuthorizedClient)
com.broadleafcommerce.auth.user.web.endpoint.AuthenticationController.getOath2AuthenticationProviders()	in favor of AuthenticationController.oauth2AuthenticationProviders. (This method is misspelled.)
com.broadleafcommerce.auth.user.web.endpoint.AuthenticationController.getOath2AuthenticationProviders(ClientIdentityProviderProperties.ClientProperties, boolean)	in favor of AuthenticationController.getOauth2AuthenticationProviders(AuthorizedClient). The new method takes the client id into account to ensure correct caching. Before, all commerce clients were using the same cache entry.
com.broadleafcommerce.auth.user.web.endpoint.EmbeddedRegistrationController.registerUser(UserRegistration, ContextInfo)	in favor of the approach in RegistrationFormController.

Deprecated Constructors

Constructor	Description
com.broadleafcommerce.auth.security.service.DefaultPrivilegeService(UserRoleService<UserRole>, UserRoleAncestryHydrationService, AuthorizationServerService<AuthorizationServer>)	Since 1.8.0. Use DefaultPrivilegeService(UserRoleService, UserRoleAncestryHydrationService, AuthorizationServerService, AccountAncestorService, TokenProperties)
com.broadleafcommerce.auth.security.service.SimplePayloadMapper(TypeFactory)	since 1.8.0. Use SimplePayloadMapper(TypeFactory, AuthTranslationPostMapperMember)
com.broadleafcommerce.auth.tenant.message.AuthTenantPersistenceHandler(ApplicationService<Application>, ObjectMapper, TypeFactory)	As of 1.4.0. Use AuthTenantPersistenceHandler(ObjectMapper, ApplicationService, TypeFactory, AuthServerCreationHandler)