Align modules with Spring Security

Closes gh-95
This commit is contained in:
Joe Grandja 2020-07-22 05:06:09 -04:00
parent ea828fb2bf
commit 6d9d400f4f
49 changed files with 52 additions and 41 deletions

View File

@ -4,12 +4,15 @@ dependencies {
compile 'org.springframework.security:spring-security-core' compile 'org.springframework.security:spring-security-core'
compile 'org.springframework.security:spring-security-config' compile 'org.springframework.security:spring-security-config'
compile springCoreDependency compile springCoreDependency
compile project(':spring-authorization-server-core')
optional project(':spring-security-oauth2-authorization-server')
optional project(path: ':spring-security-oauth2-authorization-server', configuration: 'tests')
testCompile 'org.springframework.security:spring-security-test' testCompile 'org.springframework.security:spring-security-test'
testCompile 'junit:junit' testCompile 'junit:junit'
testCompile 'org.assertj:assertj-core' testCompile 'org.assertj:assertj-core'
testCompile 'org.mockito:mockito-core' testCompile 'org.mockito:mockito-core'
testCompile 'com.jayway.jsonpath:json-path'
provided 'javax.servlet:javax.servlet-api' provided 'javax.servlet:javax.servlet-api'
} }

View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.springframework.security.config.annotation.web.configuration.oauth2.server.authorization; package org.springframework.security.config.annotation.web.configuration;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;

View File

@ -13,10 +13,9 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.springframework.security.config.annotation.web.configuration.oauth2.server.authorization; package org.springframework.security.config.annotation.web.configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer; import org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer;
import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.config.Customizer.withDefaults;

View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.springframework.security.oauth2.server.authorization.web; package org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization;
import org.junit.Before; import org.junit.Before;
import org.junit.BeforeClass; import org.junit.BeforeClass;
@ -24,7 +24,7 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Import;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.oauth2.server.authorization.OAuth2AuthorizationServerConfiguration; import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
import org.springframework.security.config.test.SpringTestRule; import org.springframework.security.config.test.SpringTestRule;
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
@ -37,8 +37,11 @@ import org.springframework.security.oauth2.server.authorization.TokenType;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients; import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter;
import org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult; import org.springframework.test.web.servlet.MvcResult;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap; import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
@ -59,7 +62,6 @@ import static org.mockito.Mockito.when;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@ -98,7 +100,7 @@ public class OAuth2AuthorizationCodeGrantTests {
when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
.thenReturn(registeredClient); .thenReturn(registeredClient);
MvcResult mvcResult = this.mvc.perform(get(OAuth2AuthorizationEndpointFilter.DEFAULT_AUTHORIZATION_ENDPOINT_URI) MvcResult mvcResult = this.mvc.perform(MockMvcRequestBuilders.get(OAuth2AuthorizationEndpointFilter.DEFAULT_AUTHORIZATION_ENDPOINT_URI)
.params(getAuthorizationRequestParameters(registeredClient))) .params(getAuthorizationRequestParameters(registeredClient)))
.andExpect(status().is3xxRedirection()) .andExpect(status().is3xxRedirection())
.andReturn(); .andReturn();
@ -141,7 +143,7 @@ public class OAuth2AuthorizationCodeGrantTests {
eq(TokenType.AUTHORIZATION_CODE))) eq(TokenType.AUTHORIZATION_CODE)))
.thenReturn(authorization); .thenReturn(authorization);
this.mvc.perform(post(OAuth2TokenEndpointFilter.DEFAULT_TOKEN_ENDPOINT_URI) this.mvc.perform(MockMvcRequestBuilders.post(OAuth2TokenEndpointFilter.DEFAULT_TOKEN_ENDPOINT_URI)
.params(getTokenRequestParameters(registeredClient, authorization)) .params(getTokenRequestParameters(registeredClient, authorization))
.header(HttpHeaders.AUTHORIZATION, "Basic " + encodeBasicAuth( .header(HttpHeaders.AUTHORIZATION, "Basic " + encodeBasicAuth(
registeredClient.getClientId(), registeredClient.getClientSecret())) registeredClient.getClientId(), registeredClient.getClientSecret()))

View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.springframework.security.oauth2.server.authorization.web; package org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization;
import org.junit.Before; import org.junit.Before;
import org.junit.BeforeClass; import org.junit.BeforeClass;
@ -24,7 +24,7 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Import;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.oauth2.server.authorization.OAuth2AuthorizationServerConfiguration; import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
import org.springframework.security.config.test.SpringTestRule; import org.springframework.security.config.test.SpringTestRule;
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
@ -32,7 +32,9 @@ import org.springframework.security.oauth2.server.authorization.OAuth2Authorizat
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients; import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
import java.net.URLEncoder; import java.net.URLEncoder;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
@ -81,7 +83,7 @@ public class OAuth2ClientCredentialsGrantTests {
public void requestWhenTokenRequestNotAuthenticatedThenUnauthorized() throws Exception { public void requestWhenTokenRequestNotAuthenticatedThenUnauthorized() throws Exception {
this.spring.register(AuthorizationServerConfiguration.class).autowire(); this.spring.register(AuthorizationServerConfiguration.class).autowire();
this.mvc.perform(post(OAuth2TokenEndpointFilter.DEFAULT_TOKEN_ENDPOINT_URI) this.mvc.perform(MockMvcRequestBuilders.post(OAuth2TokenEndpointFilter.DEFAULT_TOKEN_ENDPOINT_URI)
.param(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()) .param(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
.with(csrf())) .with(csrf()))
.andExpect(status().isUnauthorized()); .andExpect(status().isUnauthorized());

View File

@ -0,0 +1,14 @@
apply plugin: 'io.spring.convention.spring-module'
dependencies {
compile 'org.springframework.security:spring-security-core'
compile springCoreDependency
testCompile 'junit:junit'
testCompile 'org.assertj:assertj-core'
testCompile 'org.mockito:mockito-core'
}
jacoco {
toolVersion = '0.8.5'
}

View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.springframework.security.oauth2.server.authorization; package org.springframework.security.core;
/** /**
* Internal class used for serialization across Spring Security Authorization Server classes. * Internal class used for serialization across Spring Security Authorization Server classes.
@ -21,7 +21,7 @@ package org.springframework.security.oauth2.server.authorization;
* @author Anoop Garlapati * @author Anoop Garlapati
* @since 0.0.1 * @since 0.0.1
*/ */
public final class Version { public final class SpringSecurityCoreVersion2 {
private static final int MAJOR = 0; private static final int MAJOR = 0;
private static final int MINOR = 0; private static final int MINOR = 0;
private static final int PATCH = 1; private static final int PATCH = 1;

View File

@ -1,27 +1,17 @@
apply plugin: 'io.spring.convention.spring-module' apply plugin: 'io.spring.convention.spring-module'
dependencies { dependencies {
compile project(':spring-security-core2')
compile 'org.springframework.security:spring-security-core' compile 'org.springframework.security:spring-security-core'
compile 'org.springframework.security:spring-security-web' compile 'org.springframework.security:spring-security-web'
compile 'org.springframework.security:spring-security-oauth2-core' compile 'org.springframework.security:spring-security-oauth2-core'
compile springCoreDependency compile springCoreDependency
compile 'com.nimbusds:oauth2-oidc-sdk'
compile 'com.fasterxml.jackson.core:jackson-databind' compile 'com.fasterxml.jackson.core:jackson-databind'
optional 'com.nimbusds:nimbus-jose-jwt'
optional 'org.springframework.security:spring-security-oauth2-jose'
testCompile project(path: ':spring-authorization-server-config', configuration: 'tests')
testCompile 'org.springframework:spring-webmvc' testCompile 'org.springframework:spring-webmvc'
testCompile 'junit:junit' testCompile 'junit:junit'
testCompile 'org.assertj:assertj-core' testCompile 'org.assertj:assertj-core'
testCompile 'org.mockito:mockito-core' testCompile 'org.mockito:mockito-core'
testCompile 'com.squareup.okhttp3:mockwebserver'
testCompile 'com.jayway.jsonpath:json-path'
provided 'javax.servlet:javax.servlet-api' provided 'javax.servlet:javax.servlet-api'
} }
jacoco {
toolVersion = '0.8.5'
}

View File

@ -15,6 +15,7 @@
*/ */
package org.springframework.security.oauth2.server.authorization; package org.springframework.security.oauth2.server.authorization;
import org.springframework.security.core.SpringSecurityCoreVersion2;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -38,7 +39,7 @@ import java.util.function.Consumer;
* @see OAuth2AccessToken * @see OAuth2AccessToken
*/ */
public class OAuth2Authorization implements Serializable { public class OAuth2Authorization implements Serializable {
private static final long serialVersionUID = Version.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
private String registeredClientId; private String registeredClientId;
private String principalName; private String principalName;
private OAuth2AccessToken accessToken; private OAuth2AccessToken accessToken;
@ -145,7 +146,7 @@ public class OAuth2Authorization implements Serializable {
* A builder for {@link OAuth2Authorization}. * A builder for {@link OAuth2Authorization}.
*/ */
public static class Builder implements Serializable { public static class Builder implements Serializable {
private static final long serialVersionUID = Version.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
private String registeredClientId; private String registeredClientId;
private String principalName; private String principalName;
private OAuth2AccessToken accessToken; private OAuth2AccessToken accessToken;

View File

@ -15,7 +15,7 @@
*/ */
package org.springframework.security.oauth2.server.authorization; package org.springframework.security.oauth2.server.authorization;
import org.springframework.security.core.SpringSecurityCoreVersion; import org.springframework.security.core.SpringSecurityCoreVersion2;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import java.io.Serializable; import java.io.Serializable;
@ -24,7 +24,7 @@ import java.io.Serializable;
* @author Joe Grandja * @author Joe Grandja
*/ */
public final class TokenType implements Serializable { public final class TokenType implements Serializable {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
public static final TokenType ACCESS_TOKEN = new TokenType("access_token"); public static final TokenType ACCESS_TOKEN = new TokenType("access_token");
public static final TokenType AUTHORIZATION_CODE = new TokenType("authorization_code"); public static final TokenType AUTHORIZATION_CODE = new TokenType("authorization_code");
private final String value; private final String value;

View File

@ -17,8 +17,8 @@ package org.springframework.security.oauth2.server.authorization.authentication;
import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.SpringSecurityCoreVersion2;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.server.authorization.Version;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -37,7 +37,7 @@ import java.util.Collections;
* @see OAuth2ClientAuthenticationToken * @see OAuth2ClientAuthenticationToken
*/ */
public class OAuth2AccessTokenAuthenticationToken extends AbstractAuthenticationToken { public class OAuth2AccessTokenAuthenticationToken extends AbstractAuthenticationToken {
private static final long serialVersionUID = Version.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
private final RegisteredClient registeredClient; private final RegisteredClient registeredClient;
private final Authentication clientPrincipal; private final Authentication clientPrincipal;
private final OAuth2AccessToken accessToken; private final OAuth2AccessToken accessToken;

View File

@ -18,7 +18,7 @@ package org.springframework.security.oauth2.server.authorization.authentication;
import org.springframework.lang.Nullable; import org.springframework.lang.Nullable;
import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.server.authorization.Version; import org.springframework.security.core.SpringSecurityCoreVersion2;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import java.util.Collections; import java.util.Collections;
@ -34,7 +34,7 @@ import java.util.Collections;
* @see OAuth2ClientAuthenticationToken * @see OAuth2ClientAuthenticationToken
*/ */
public class OAuth2AuthorizationCodeAuthenticationToken extends AbstractAuthenticationToken { public class OAuth2AuthorizationCodeAuthenticationToken extends AbstractAuthenticationToken {
private static final long serialVersionUID = Version.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
private String code; private String code;
private Authentication clientPrincipal; private Authentication clientPrincipal;
private String clientId; private String clientId;

View File

@ -18,7 +18,7 @@ package org.springframework.security.oauth2.server.authorization.authentication;
import org.springframework.lang.Nullable; import org.springframework.lang.Nullable;
import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.server.authorization.Version; import org.springframework.security.core.SpringSecurityCoreVersion2;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -35,7 +35,7 @@ import java.util.Collections;
* @see OAuth2ClientAuthenticationProvider * @see OAuth2ClientAuthenticationProvider
*/ */
public class OAuth2ClientAuthenticationToken extends AbstractAuthenticationToken { public class OAuth2ClientAuthenticationToken extends AbstractAuthenticationToken {
private static final long serialVersionUID = Version.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
private String clientId; private String clientId;
private String clientSecret; private String clientSecret;
private RegisteredClient registeredClient; private RegisteredClient registeredClient;

View File

@ -17,7 +17,7 @@ package org.springframework.security.oauth2.server.authorization.authentication;
import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.server.authorization.Version; import org.springframework.security.core.SpringSecurityCoreVersion2;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import java.util.Collections; import java.util.Collections;
@ -34,7 +34,7 @@ import java.util.Set;
* @see OAuth2ClientAuthenticationToken * @see OAuth2ClientAuthenticationToken
*/ */
public class OAuth2ClientCredentialsAuthenticationToken extends AbstractAuthenticationToken { public class OAuth2ClientCredentialsAuthenticationToken extends AbstractAuthenticationToken {
private static final long serialVersionUID = Version.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
private final Authentication clientPrincipal; private final Authentication clientPrincipal;
private final Set<String> scopes; private final Set<String> scopes;

View File

@ -15,9 +15,9 @@
*/ */
package org.springframework.security.oauth2.server.authorization.client; package org.springframework.security.oauth2.server.authorization.client;
import org.springframework.security.core.SpringSecurityCoreVersion2;
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod; import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.server.authorization.Version;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils; import org.springframework.util.CollectionUtils;
@ -38,7 +38,7 @@ import java.util.function.Consumer;
* @since 0.0.1 * @since 0.0.1
*/ */
public class RegisteredClient implements Serializable { public class RegisteredClient implements Serializable {
private static final long serialVersionUID = Version.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
private String id; private String id;
private String clientId; private String clientId;
private String clientSecret; private String clientSecret;
@ -152,7 +152,7 @@ public class RegisteredClient implements Serializable {
* A builder for {@link RegisteredClient}. * A builder for {@link RegisteredClient}.
*/ */
public static class Builder implements Serializable { public static class Builder implements Serializable {
private static final long serialVersionUID = Version.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion2.SERIAL_VERSION_UID;
private String id; private String id;
private String clientId; private String clientId;
private String clientSecret; private String clientSecret;

View File

@ -3,8 +3,8 @@ apply plugin: 'io.spring.convention.spring-sample-boot'
dependencies { dependencies {
implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'org.springframework.boot:spring-boot-starter-security'
implementation project(':spring-security-oauth2-authorization-server')
implementation 'com.nimbusds:oauth2-oidc-sdk' implementation 'com.nimbusds:oauth2-oidc-sdk'
implementation project(':spring-authorization-server-core')
testImplementation('org.springframework.boot:spring-boot-starter-test') { testImplementation('org.springframework.boot:spring-boot-starter-test') {
exclude group: 'org.junit.vintage', module: 'junit-vintage-engine' exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'