Get latest from source (#2)

* Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.35

Closes spring-projectsgh-1089

* Update to jackson-bom:2.14.2

Closes spring-projectsgh-1090

* Update to junit-jupiter:5.9.2

Closes spring-projectsgh-1091

* Release 1.0.1

* Next Development Version

* Update to Spring Security 6.1.0-M1

Closes spring-projectsgh-1093

* Update to nimbus-jose-jwt:9.30.2

Closes spring-projectsgh-1094

* Update to assertj-core:3.24.2

Closes spring-projectsgh-1095

* Update to mockito-core:4.11.0

Closes spring-projectsgh-1096

* Release 1.1.0-M1

* Next Development Version

* Add user property to deploy_docs workflow

* Fix broken support link

Closes spring-projectsgh-1092

* Fix client secret encoding when client dynamically registered

Closes spring-projectsgh-1056

* Polish spring-projectsgh-1056

* Allow PasswordEncoder to be configured in OidcClientRegistrationAuthenticationProvider

Issue spring-projectsgh-1056

* Upgrade client secret when available

Closes spring-projectsgh-1099

* Polish spring-projectsgh-1105

* Add support for OAuth 2.0 Device Authorization Grant

Closes spring-projectsgh-44

* Switch to spring-security SNAPSHOT dependencies

Issue spring-projectsgh-44

* Use spring-security 6.1 in snapshot tests

Issue spring-projectsgh-1106

* Update to actions/checkout@v3

Closes spring-projectsgh-1117

* Use spring-io/spring-gradle-build-action

Closes spring-projectsgh-1120

* Use spring-io/spring-gradle-build-action

Closes spring-projectsgh-1120

* Revert accidental change in versions

Issue spring-projectsgh-1120

* Polish spring-projectsgh-1106

* Update to Spring Framework 6.0.7

Closes spring-projectsgh-1130

* Update to Spring Security 1.1.0-M2

Closes spring-projectsgh-1131

* Update to nimbus-jose-jwt:9.31

Closes spring-projectsgh-1132

* Update to Spring Framework 6.0.7 in buildSrc

Issue spring-projectsgh-1130

* Release 1.1.0-M2

* Next Development Version

* Polish spring-projectsgh-1106 Device Authorization Grant

* Avoid persisting client principal in device authorization request

Issue spring-projectsgh-1106

* Polish spring-projectsgh-1068

Issue spring-projectsgh-1077

* Add OidcLogoutAuthenticationToken.isPrincipalAuthenticated()

Issue spring-projectsgh-1077

* Ensure ID Token is active before processing logout request

Issue spring-projectsgh-1077

* Allow localhost in redirect_uri

Closes spring-projectsgh-651

* Fix refresh token error code INVALID_CLIENT to INVALID_GRANT

Closes spring-projectsgh-1139

* Do not require authorizationRequest for device grant

Issue spring-projectsgh-1127

* Add tests for OAuth 2.0 Device Authorization Grant

This commit adds tests for the following components:
* AuthenticationConverters
* AuthenticationProviders
* Endpoint Filters

Issue spring-projectsgh-44
Closes spring-projectsgh-1127

* JDBC device_code authorization

Issue spring-projectsgh-1156

* Polish spring-projectsgh-1143

* Add tests and update examples in docs

Closes spring-projectsgh-1156

* Polish ref-doc

Issue spring-projectsgh-1156

* Add customization to support public clients for device grant

Issue spring-projectsgh-1157

* Polish samples

Closes spring-projectsgh-1157

* Add documentation for OAuth 2.0 Device Authorization Grant

Closes spring-projectsgh-1158

* Polish spring-projectsgh-1127

* Polish spring-projectsgh-1158

* Add documentation for OpenID Connect 1.0 Logout Endpoint

Closes spring-projectsgh-1069

* Update Stack Overflow tag to spring-authorization-server

* Update to Spring Framework 5.3.27

Closes spring-projectsgh-1162

* Update to Spring Security 5.8.3

Closes spring-projectsgh-1163

* Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38

Closes spring-projectsgh-1164

* Update to Spring Framework 6.0.8

Closes spring-projectsgh-1165

* Update to Spring Security 6.0.3

Closes spring-projectsgh-1166

* Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38

Closes spring-projectsgh-1167

* Update to Spring Framework 6.0.8

Closes spring-projectsgh-1168

* Update to Spring Security 6.1.0-RC1

Closes spring-projectsgh-1169

* Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38

Closes spring-projectsgh-1170

* Update to json-path:2.8.0

Closes spring-projectsgh-1171

* Release 0.4.2

* Next Development Version

* Release 1.0.2

* Next Development Version

* Release 1.1.0-RC1

* Next Development Version

* Update to org.jfrog.buildinfo:build-info-extractor-gradle:4.29.0

Closes spring-projectsgh-1175

* Apply ArtifactoryPlugin to SpringRootProjectPlugin

Closes spring-projectsgh-1177

* Fix artifact build properties for Artifactory

- Apply SpringArtifactoryPlugin in SpringRootProjectPlugin (which applies ArtifactoryPlugin)
- In SpringArtifactoryPlugin don't set publication if MavenPublishPlugin is not applied

Closes spring-projectsgh-1179

* Add test for dynamic client registration with custom metadata

Issue spring-projectsgh-1172

* Add logout success page to default client sample

Sample client (located in 'samples/messages-client' directory) is configured with a custom logout success page where
the end-user is redirected to upon successful logout action.

Fixes spring-projectsgh-1142

* Add sample featured-authorizationserver

Issue spring-projectsgh-1189

* Merge custom-consent-authorizationserver into featured-authorizationserver

Issue spring-projectsgh-1189

* Merge federated-identity-authorizationserver into featured-authorizationserver

Issue spring-projectsgh-1189

* Update io.spring.ge.conventions plugin to 0.0.13

Closes spring-projectsgh-1190

* Update spring-asciidoctor-backends to 0.0.5

Closes spring-projectsgh-1192

* Merge device-grant-authorizationserver into featured-authorizationserver

Issue spring-projectsgh-1189

* Merge device-client into messages-client

Issue spring-projectsgh-1189

* Use custom consent page for device code flow

Issue spring-projectsgh-1189

* Use current authentication for device authorization

Issue spring-projectsgh-1189

* Reuse error handling

Issue spring-projectsgh-1189

* Handle web client response error

Issue spring-projectsgh-1189

* Update @SInCE

* Rename featured-authorizationserver to demo-authorizationserver

Issue spring-projectsgh-1189

* Rename messages-client to demo-client

Issue spring-projectsgh-1189

* Update sample README

Issue spring-projectsgh-1189

* Add integration tests for device grant

Issue spring-projectsgh-1116

* Update web ui design for demo-client

Issue spring-projectsgh-1196

* Polish web ui design for demo-client

Issue spring-projectsgh-1196

* Update web ui design for demo-authorizationserver

Issue spring-projectsgh-1196

* Polish web ui design for demo-client

Issue spring-projectsgh-1196

* Polish demo sample

Issue spring-projectsgh-1189

* Update to Spring Boot 3.1.0-RC1

Closes spring-projectsgh-1198

* Refresh Getting Started example

Closes spring-projectsgh-1186

* Use Spring Boot starter in samples

Closes spring-projectsgh-1187

* Invalidate tokens previously issued when code is reused

Closes spring-projectsgh-1152

* Polish spring-projectsgh-1152

* Add How-to: Authenticate using Social Login

Closes spring-projectsgh-538

* Add How-to: Authenticate using a Single Page Application with PKCE

Closes spring-projectsgh-539

* Hash the sid claim in the ID Token

Closes spring-projectsgh-1207

* Simplified federated login in demo sample

Closes spring-projectsgh-1208

* Polish spring-projectsgh-1186

* Polish spring-projectsgh-538

* Remove FederatedIdentityConfigurer from demo sample

Issue spring-projectsgh-1208

* Update exception handling config in ref-doc

Closes spring-projectsgh-1205

* Update exception handling config in samples

Closes spring-projectsgh-1204

* Polish ref-doc

Issue spring-projectsgh-1205

* Polish tests

* Add How-to: Implement an Extension Authorization Grant Type

Closes spring-projectsgh-686

* Update to Spring Framework 6.0.9

Closes spring-projectsgh-1213

* Update to Spring Security 6.1.0

Closes spring-projectsgh-1214

* Update to jackson-bom 2.15.0

Closes spring-projectsgh-1215

* Update to junit-jupiter 5.9.3

Closes spring-projectsgh-1216

* Release 1.1.0

* Next Development Version

* Revert serialVersionUID to 0.4.0

Closes spring-projectsgh-1218

* Revert serialVersionUID to 1.0.0

Closes spring-projectsgh-1219

* Revert serialVersionUID to 1.1.0

Closes spring-projectsgh-1220

* Exclude project dependency from spring-boot-dependencies

Closes spring-projectsgh-1228

* Update to Spring Boot 3.1.0

* Update com.gradle.enterprise plugin to 3.13.3

Closes spring-projectsgh-1234
Issue spring-projectsgh-1231

* Prepare for automated validation scripts

See https://github.com/gradle/gradle-enterprise-build-validation-scripts/blob/main/Gradle.md

Issue spring-projectsgh-1231

* ID Token contains sid claim after refresh_token grant

Closes spring-projectsgh-1224

* Use substring instead of replaceFirst in OAuth2AuthorizationConsent

Closes spring-projectsgh-1222

* Validate authorized principal instead of sub during logout

Closes spring-projectsgh-1235

* Revert "Prepare for automated validation scripts"

This reverts commit ece9f10.

Issue spring-projectsgh-1231

* Add debug log entries

Closes spring-projectsgh-1245
Closes spring-projectsgh-1246
Closes spring-projectsgh-1247
Closes spring-projectsgh-1248

* Polish additional logging

Issue spring-projectsgh-1245, spring-projectsgh-1246, spring-projectsgh-1247, spring-projectsgh-1248

* Enable caching of :asciidoctor gradle task

* Use direct code import

Issue spring-projectsgh-1231

* Next Minor Version

* Fix NPE on access token in OAuth2AuthorizationCodeAuthenticationProvider

Closes spring-projectsgh-1233

* Polish spring-projectsgh-1233

* Fix to save all values for multi-valued request parameters

Fixes spring-projectsgh-1250

* Polish spring-projectsgh-1252

* Fix to save all values for multi-valued device grant parameters

Fixes spring-projectsgh-1269

* Polish spring-projectsgh-1252

* Update to Spring Framework 5.3.28

Closes spring-projectsgh-1272

* Update to Spring Security 5.8.4

Closes spring-projectsgh-1273

* Update to jackson-bom 2.14.3

Closes spring-projectsgh-1274

* Update to Spring Framework 6.0.10

Closes spring-projectsgh-1276

* Update to Spring Security 6.0.4

Closes spring-projectsgh-1277

* Update to Spring Framework 6.0.10

Closes spring-projectsgh-1278

* Update to Spring Security 6.1.1

Closes spring-projectsgh-1279

* Update to junit-jupiter 5.9.3

Closes spring-projectsgh-1280

* Update to junit-jupiter 5.9.3

Closes spring-projectsgh-1281

* Update to jackson-bom 2.15.2

Closes spring-projectsgh-1282

* Update feature planning section to using GitHub Projects

* Release 1.1.1

* Next Development Version

* Fix generating ID token with null sid when refresh_token grant

Closes spring-projectsgh-1283

* Polish spring-projectsgh-1289

* Fix NPE in DefaultErrorController

Closes spring-projectsgh-1286

* Migrate docs to Antora

Issue spring-projectsgh-1295

* Polish Antora migration

Issue spring-projectsgh-1292
Closes spring-projectsgh-1295

* Remove unused antora-playbook.yml

* Replaces 'install' with 'publishToMavenLocal' command in README

* Adds how-to guide on adding authorities to access tokens

Closes spring-projectsgh-542

* Polish spring-projectsgh-1264

* Update order of guides in nav.adoc

* Fix userCode validation

Issue spring-projectsgh-44

* Polish spring-projectsgh-1309

* Add Revved up by Gradle Enterprise badge

* Move badges to header

This is similar to Spring Boot:
  https://github.com/spring-projects/spring-boot/blob/main/README.adoc

* Fix workflow status link

* Fix samples test suite execution and failing tests

Closes spring-projectsgh-1324

* Polish spring-projectsgh-1325

* Move deploy-docs.yml to correct folder

Issue spring-projectsgh-1295

* Remove manual list of guides

Issue spring-projectsgh-1295

* Remove reference to gh-pages

Issue spring-projectsgh-1295

* Update to Spring Framework 6.0.11

Closes spring-projectsgh-1338

* Update to Spring Security 6.1.2

Closes spring-projectsgh-1339

* Update to org.hsqldb:hsqldb 2.7.2

Closes spring-projectsgh-1340

* Release 1.1.2

* Next Development Version

* Adds ability to inject custom metadata at client registration

Closes spring-projectsgh-1172

* Polish spring-projectsgh-1326

* Adds dynamic client registration how-to guide

Closes spring-projectsgh-647

* Polish spring-projectsgh-1320

* Add code challenge methods for oidc provider configuration response

Closes spring-projectsgh-1302

* Update to Spring Framework 6.1.0-M5

Closes spring-projectsgh-1364

* Update to Spring Security 6.2.0-M3

Closes spring-projectsgh-1365

* Update to nimbus-jose-jwt 9.35

Closes spring-projectsgh-1366

* Update to junit-jupiter 5.10.0

Closes spring-projectsgh-1367

* Update to okhttp 4.11.0

Closes spring-projectsgh-1368

* Release 1.2.0-M1

* Next Development Version

---------

Co-authored-by: Joe Grandja <[email protected]>
Co-authored-by: Siva Kumar Edupuganti <[email protected]>
Co-authored-by: Yuta Saito <[email protected]>
Co-authored-by: Shannon Pamperl <[email protected]>
Co-authored-by: Steve Riesenberg <[email protected]>
Co-authored-by: HuiYeong <[email protected]>
Co-authored-by: Xu Xiaowei <[email protected]>
Co-authored-by: Janne Valkealahti <[email protected]>
Co-authored-by: Dmitriy Dubson <[email protected]>
Co-authored-by: neochae <[email protected]>
Co-authored-by: heartape <[email protected]>
Co-authored-by: Dejan Varmedja <[email protected]>
Co-authored-by: Jerome Prinet <[email protected]>
Co-authored-by: Pavel Efros <[email protected]>
Co-authored-by: Martin Lindström <[email protected]>
Co-authored-by: cbilodeau <[email protected]>
Co-authored-by: Rob Winch <[email protected]>
Co-authored-by: Dmitriy Dubson <[email protected]>
Co-authored-by: Martin Bogusz <[email protected]>
Co-authored-by: Eric Haag <[email protected]>
Co-authored-by: Tuxzx <[email protected]>

Author: 22 people

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1,5 @@
 blank_issues_enabled: false
 contact_links:
   - name: Community Support
-    url: https://stackoverflow.com/questions/tagged/spring-security
-    about: Please ask and answer questions on StackOverflow with the tag `spring-security`.
+    url: https://stackoverflow.com/questions/tagged/spring-authorization-server
+    about: Please ask and answer questions on StackOverflow with the tag `spring-authorization-server`.

.github/workflows/continuous-integration-workflow.yml

@@ -18,16 +18,16 @@ jobs:
       runjobs: ${{ steps.continue.outputs.runjobs }}
       project_version: ${{ steps.continue.outputs.project_version }}
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - id: continue
         name: Determine if should continue
         if: env.RUN_JOBS == 'true'
         run: |
           # Run jobs if in upstream repository
-          echo "::set-output name=runjobs::true"
+          echo "runjobs=true" >> $GITHUB_OUTPUT
           # Extract version from gradle.properties
           version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}')
-          echo "::set-output name=project_version::$version"
+          echo "project_version=$version" >> $GITHUB_OUTPUT
   build:
     name: Build
     needs: [prerequisites]
@@ -39,19 +39,12 @@ jobs:
     runs-on: ${{ matrix.os }}
     if: needs.prerequisites.outputs.runjobs
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Set up JDK ${{ matrix.jdk }}
-        uses: actions/setup-java@v1
+        uses: spring-io/spring-gradle-build-action@v2
         with:
           java-version: ${{ matrix.jdk }}
-      - name: Setup gradle user name
-        run: |
-          mkdir -p ~/.gradle
-          echo 'systemProp.user.name=spring-builds+github' >> ~/.gradle/gradle.properties
-      - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2
-        env:
-          GRADLE_USER_HOME: ~/.gradle
+          distribution: temurin
       - name: Build with Gradle
         env:
           GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }}
@@ -66,33 +59,31 @@ jobs:
     runs-on: ubuntu-latest
     if: needs.prerequisites.outputs.runjobs
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Set up JDK
-        uses: actions/setup-java@v1
+        uses: spring-io/spring-gradle-build-action@v2
         with:
           java-version: 17
-      - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2
+          distribution: temurin
       - name: Snapshot Tests
         env:
           GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }}
           GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
           GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }}
           ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
           ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
-        run: ./gradlew test --refresh-dependencies -Duser.name=spring-builds+github -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PforceMavenRepositories=snapshot -PspringFrameworkVersion='6.0.+' -PspringSecurityVersion='6.0.+' -PlocksDisabled --stacktrace
+        run: ./gradlew test --refresh-dependencies -Duser.name=spring-builds+github -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PforceMavenRepositories=snapshot -PspringFrameworkVersion='6.0.+' -PspringSecurityVersion='6.1.+' -PlocksDisabled --stacktrace
   deploy_artifacts:
     name: Deploy Artifacts
     needs: [build, snapshot_tests]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Set up JDK
-        uses: actions/setup-java@v1
+        uses: spring-io/spring-gradle-build-action@v2
         with:
           java-version: 17
-      - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2
+          distribution: temurin
       - name: Deploy Artifacts
         env:
           GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }}
@@ -110,13 +101,12 @@ jobs:
     needs: [build, snapshot_tests]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Set up JDK
-        uses: actions/setup-java@v1
+        uses: spring-io/spring-gradle-build-action@v2
         with:
           java-version: 17
-      - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2
+          distribution: temurin
       - name: Deploy Docs
         env:
           GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }}
@@ -125,4 +115,4 @@ jobs:
           DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }}
           DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }}
           DOCS_HOST: ${{ secrets.DOCS_HOST }}
-        run: ./gradlew deployDocs -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace
+        run: ./gradlew deployDocs -Duser.name=spring-builds+github -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace

.github/workflows/deploy-docs.yml

@@ -0,0 +1,31 @@
+name: Deploy Docs
+on:
+  push:
+    tags: '**'
+  repository_dispatch:
+    types: request-build-reference # legacy
+  #schedule:
+  #- cron: '0 10 * * *' # Once per day at 10am UTC
+  workflow_dispatch:
+permissions:
+  actions: write
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    if: github.repository_owner == 'spring-projects'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          ref: docs-build
+          fetch-depth: 1
+      - name: Dispatch (partial build)
+        if: github.ref_type == 'branch'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: gh workflow run deploy-docs.yml -r $(git rev-parse --abbrev-ref HEAD) -f build-refname=${{ github.ref_name }}
+      - name: Dispatch (full build)
+        if: github.ref_type == 'tag'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: gh workflow run deploy-docs.yml -r $(git rev-parse --abbrev-ref HEAD)

.github/workflows/pr-build-workflow.yml

@@ -15,10 +15,11 @@ jobs:
         jdk: [17]
       fail-fast: false
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Set up JDK ${{ matrix.jdk }}
-        uses: actions/setup-java@v1
+        uses: spring-io/spring-gradle-build-action@v2
         with:
           java-version: ${{ matrix.jdk }}
+          distribution: 'temurin'
       - name: Build with Gradle
         run: ./gradlew clean build

.gitignore

@@ -37,3 +37,4 @@ out/
 
 ### Mac ###
 .DS_Store
+cached-antora-playbook.yml

CONTRIBUTING.adoc

@@ -11,7 +11,7 @@ Please report unacceptable behavior to [email protected].
 == Using GitHub Issues
 We use GitHub issues to track bugs and enhancements.
 If you have a general usage question please ask on https://stackoverflow.com[Stack Overflow].
-The Spring Security team and the broader community monitor the https://stackoverflow.com/tags/spring-security[`spring-security`] tag.
+The Spring Security team and the broader community monitor the https://stackoverflow.com/tags/spring-authorization-server[`spring-authorization-server`] tag.
 
 If you are reporting a bug, please help to speed up problem diagnosis by providing as much information as possible.
 Ideally, that would include a https://stackoverflow.com/help/minimal-reproducible-example[complete & minimal sample project] that reproduces the problem.

README.adoc

@@ -1,17 +1,12 @@
-image::https://badges.gitter.im/Join%20Chat.svg[Gitter,link=https://gitter.im/spring-projects/spring-security?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge]
-
-image:https://github.com/spring-projects/spring-authorization-server/workflows/CI/badge.svg?branch=main["Build Status", link="https://github.com/spring-projects/spring-authorization-server/actions?query=workflow%3ACI"]
-
-= Spring Authorization Server
+= Spring Authorization Server image:https://badges.gitter.im/Join%20Chat.svg[Gitter,link=https://gitter.im/spring-projects/spring-security?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge] image:https://github.com/spring-projects/spring-authorization-server/workflows/CI/badge.svg?branch=main["Build Status", link="https://github.com/spring-projects/spring-authorization-server/actions?query=workflow%3ABuild%2Band%2BDeploy"] image:https://img.shields.io/badge/Revved%20up%20by-Gradle%20Enterprise-06A0CE?logo=Gradle&labelColor=02303A["Revved up by Gradle Enterprise", link="https://ge.spring.io/scans?&search.rootProjectNames=spring-authorization-server"]
 
 The Spring Authorization Server project, led by the https://spring.io/projects/spring-security/[Spring Security] team, is focused on delivering https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-07#section-1.1[OAuth 2.1 Authorization Server] support to the Spring community.
 
 This project replaces the Authorization Server support provided by https://spring.io/projects/spring-security-oauth/[Spring Security OAuth].
 
 == Feature Planning
-This project uses https://www.zenhub.com/[ZenHub] to prioritize the feature roadmap and help organize the project plan.
-The project board can be accessed https://app.zenhub.com/workspaces/authorization-server-5e8f3182b5e8f5841bfc4902/board?repos=248032165[here].
-It is recommended to install the ZenHub https://www.zenhub.com/extension[browser extension] as it integrates natively within GitHub's user interface.
+This project uses https://docs.github.com/en/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects[GitHub Projects] to prioritize the feature roadmap and help organize the project plan.
+The project board can be accessed https://github.com/orgs/spring-projects/projects/8[here].
 
 The feature list can be viewed in the https://docs.spring.io/spring-authorization-server/docs/current/reference/html/overview.html#feature-list[reference documentation].
 
@@ -67,7 +62,7 @@ git clone [email protected]:spring-projects/spring-authorization-server.git
 === Install all spring-\* jars into your local Maven cache
 [indent=0]
 ----
-./gradlew install
+./gradlew publishToMavenLocal
 ----
 
 === Compile and test; build all jars, distribution zips, and docs
@@ -79,8 +74,8 @@ git clone [email protected]:spring-projects/spring-authorization-server.git
 Discover more commands with `./gradlew tasks`.
 
 == Getting Support
-Check out the https://stackoverflow.com/questions/tagged/spring-security[Spring Security tags on Stack Overflow].
-https://spring.io/services[Commercial support] is available too.
+Check out the https://stackoverflow.com/questions/tagged/spring-authorization-server[Spring Authorization Server tags on Stack Overflow].
+https://spring.io/support[Commercial support] is available too.
 
 == Contributing
 https://help.github.com/articles/creating-a-pull-request[Pull requests] are welcome; see the link:CONTRIBUTING.adoc[contributor guidelines] for details.

buildSrc/build.gradle

@@ -21,7 +21,7 @@ dependencies {
 	implementation "org.asciidoctor:asciidoctor-gradle-jvm-pdf:3.3.2"
 	implementation "org.jetbrains.kotlin:kotlin-gradle-plugin:1.6.10"
 	implementation "org.hidetake:gradle-ssh-plugin:2.10.1"
-	implementation "org.jfrog.buildinfo:build-info-extractor-gradle:4.26.1"
+	implementation "org.jfrog.buildinfo:build-info-extractor-gradle:4.29.0"
 	implementation "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.7.1"
-	implementation "org.springframework:spring-core:6.0.0"
+	implementation "org.springframework:spring-core:6.0.11"
 }

buildSrc/src/main/java/io/spring/gradle/convention/SpringRootProjectPlugin.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -22,6 +22,7 @@
 import org.gradle.api.plugins.PluginManager;
 
 import org.springframework.gradle.classpath.SpringCheckProhibitedDependenciesLifecyclePlugin;
+import org.springframework.gradle.maven.SpringArtifactoryPlugin;
 import org.springframework.gradle.maven.SpringNexusPlugin;
 import org.springframework.gradle.nohttp.SpringNoHttpPlugin;
 import org.springframework.gradle.sonarqube.SpringSonarQubePlugin;
@@ -38,6 +39,7 @@ public void apply(Project project) {
 		pluginManager.apply(SpringNoHttpPlugin.class);
 		pluginManager.apply(SpringNexusPlugin.class);
 		pluginManager.apply(SpringCheckProhibitedDependenciesLifecyclePlugin.class);
+		pluginManager.apply(SpringArtifactoryPlugin.class);
 		pluginManager.apply(SpringSonarQubePlugin.class);
 
 		// Apply default repositories

buildSrc/src/main/java/org/springframework/gradle/docs/SpringAsciidoctorPlugin.java

@@ -104,7 +104,7 @@ private void createAsciidoctorExtensionsConfiguration(Project project) {
 			project.getConfigurations().matching((candidate) -> "management".equals(candidate.getName()))
 					.all(configuration::extendsFrom);
 			configuration.getDependencies().add(project.getDependencies()
-					.create("io.spring.asciidoctor.backends:spring-asciidoctor-backends:0.0.3"));
+					.create("io.spring.asciidoctor.backends:spring-asciidoctor-backends:0.0.5"));
 			configuration.getDependencies()
 					.add(project.getDependencies().create("org.asciidoctor:asciidoctorj-pdf:1.5.3"));
 		});
@@ -120,6 +120,9 @@ private void configureAsciidoctorExtension(AbstractAsciidoctorTask asciidoctorTa
 				// Not using intermediateWorkDir.
 				// See https://github.com/asciidoctor/asciidoctor-gradle-plugin/issues/523
 				resourcesSrcDirSpec.include("images/*.png", "css/**", "js/**", "**/*.java");
+				// This exclusion is required to allow cacheability of :spring-authorization-server-docs:asciidoctor
+				// The whole docs/src/docs/asciidoc folder is being passed as a task input
+				resourcesSrcDirSpec.exclude("**/examples/build/**");
 			});
 		});
 		if (asciidoctorTask instanceof AsciidoctorTask) {

buildSrc/src/main/java/org/springframework/gradle/maven/SpringArtifactoryPlugin.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,6 +18,7 @@
 
 import org.gradle.api.Plugin;
 import org.gradle.api.Project;
+import org.gradle.api.publish.maven.plugins.MavenPublishPlugin;
 import org.jfrog.gradle.plugin.artifactory.ArtifactoryPlugin;
 import org.jfrog.gradle.plugin.artifactory.dsl.ArtifactoryPluginConvention;
 
@@ -49,7 +50,10 @@ public void apply(Project project) {
 						repository.setPassword(project.findProperty("artifactoryPassword"));
 					}
 				});
-				publish.defaults((defaults) -> defaults.publications("mavenJava"));
+				// Would fail if maven publish is not applied, i.e. in root project (SpringRootProjectPlugin)
+				project.getPlugins().withType(MavenPublishPlugin.class, mavenPublish -> {
+					publish.defaults((defaults) -> defaults.publications("mavenJava"));
+				});
 			});
 		});
 	}

dependencies/spring-authorization-server-dependencies.gradle

@@ -9,16 +9,16 @@ javaPlatform {
 dependencies {
 	api platform("org.springframework:spring-framework-bom:$springFrameworkVersion")
 	api platform("org.springframework.security:spring-security-bom:$springSecurityVersion")
-	api platform("com.fasterxml.jackson:jackson-bom:2.14.0")
+	api platform("com.fasterxml.jackson:jackson-bom:2.15.2")
 	constraints {
-		api "com.nimbusds:nimbus-jose-jwt:9.24.4"
+		api "com.nimbusds:nimbus-jose-jwt:9.35"
 		api "jakarta.servlet:jakarta.servlet-api:6.0.0"
-		api "org.junit.jupiter:junit-jupiter:5.9.1"
-		api "org.assertj:assertj-core:3.23.1"
-		api "org.mockito:mockito-core:4.8.1"
-		api "com.squareup.okhttp3:mockwebserver:4.10.0"
-		api "com.squareup.okhttp3:okhttp:4.10.0"
-		api "com.jayway.jsonpath:json-path:2.7.0"
-		api "org.hsqldb:hsqldb:2.7.1"
+		api "org.junit.jupiter:junit-jupiter:5.10.0"
+		api "org.assertj:assertj-core:3.24.2"
+		api "org.mockito:mockito-core:4.11.0"
+		api "com.squareup.okhttp3:mockwebserver:4.11.0"
+		api "com.squareup.okhttp3:okhttp:4.11.0"
+		api "com.jayway.jsonpath:json-path:2.8.0"
+		api "org.hsqldb:hsqldb:2.7.2"
 	}
 }

docs/antora.yml

@@ -0,0 +1,23 @@
+name: authorization-server
+version: true
+title: Spring Authorization Server
+nav:
+  - modules/ROOT/nav.adoc
+ext:
+  collector:
+    run:
+      command: gradlew -q -PbuildSrc.skipTests=true "-Dorg.gradle.jvmargs=-Xmx3g -XX:+HeapDumpOnOutOfMemoryError" :spring-authorization-server-docs:generateAntoraYml
+      local: true
+    scan:
+      dir: ./build/generated-antora-resources
+
+asciidoc:
+  attributes:
+    attribute-missing: 'warn'
+    chomp: 'all'
+    spring-security-reference-base-url: "https://docs.spring.io/spring-security/reference"
+    spring-security-api-base-url: "https://docs.spring.io/spring-security/site/docs/current/api"
+    spring-boot-reference-base-url: "https://docs.spring.io/spring-boot/docs/current/reference/html"
+    examples-dir: example$docs-src
+    samples-dir: example$samples
+    docs-java: '{examples-dir}/main/java'

docs/modules/ROOT/examples/docs-src

@@ -0,0 +1 @@
+../../../src

docs/modules/ROOT/examples/samples

@@ -0,0 +1 @@
+../../../../samples

docs/modules/ROOT/nav.adoc

@@ -0,0 +1,14 @@
+* xref:overview.adoc[]
+* xref:getting-help.adoc[]
+* xref:getting-started.adoc[]
+* xref:configuration-model.adoc[]
+* xref:core-model-components.adoc[]
+* xref:protocol-endpoints.adoc[]
+* xref:how-to.adoc[]
+** xref:guides/how-to-pkce.adoc[]
+** xref:guides/how-to-social-login.adoc[]
+** xref:guides/how-to-ext-grant-type.adoc[]
+** xref:guides/how-to-userinfo.adoc[]
+** xref:guides/how-to-jpa.adoc[]
+** xref:guides/how-to-custom-claims-authorities.adoc[]
+** xref:guides/how-to-dynamic-client-registration.adoc[]