Spring Security When possible use SmartHttpMessageConverter over GenericHttpMessageConverter

Spring Security often uses GenericHttpMessageConverter for JSON support. The new Jackson support was refined to be a SmartHttpMessageConverter, so we should refine our usage to leverage SmartHttpMessageConverter when possible. Here are a few places that are using GenericHttpMessageConverter:

• config/src/main/java/org/springframework/security/config/web/server/HttpMessageConverters.java
• oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/http/converter/HttpMessageConverters.java
• oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/HttpMessageConverters.java
• oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/HttpMessageConverters.java
• oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/OAuth2ProtectedResourceMetadataFilter.java

Comment From: therepanic

Hi, @rwinch. Can I work on this?