Use nimbus-jose-jwt and oauth2-oidc-sdk versions from spring-security

- Spring Security 5.4.5 downgraded nimbus-jose-jwt to 8.+ from 9.+, which breaks NimbusJwsEncoder. - Bump Security to 5.4.5, and Boot to 2.4.3 to match Security Closes gh-256
2021-03-12 14:24:15 +01:00
parent 3b0938883b
commit 59040a4c3d
3 changed files with 4 additions and 5 deletions
--- a/gradle/dependency-management.gradle
+++ b/gradle/dependency-management.gradle
@@ -3,7 +3,7 @@ if (!project.hasProperty("springVersion")) {
 }

 if (!project.hasProperty("springSecurityVersion")) {
-	ext.springSecurityVersion = "5.4.2"
+	ext.springSecurityVersion = "5.4.5"
 }

 if (!project.hasProperty("reactorVersion")) {
@@ -25,8 +25,6 @@ dependencyManagement {
 	}

 	dependencies {
-		dependency "com.nimbusds:oauth2-oidc-sdk:8.23.1"
-		dependency "com.nimbusds:nimbus-jose-jwt:9.1.3"
 		dependency "javax.servlet:javax.servlet-api:4.0.1"
 		dependency 'junit:junit:4.13.1'
 		dependency 'org.assertj:assertj-core:3.18.1'