.github/workflows/release-scheduler.yml

@@ -14,7 +14,7 @@ jobs:
     strategy:
       matrix:
         # List of active maintenance branches.
-        branch: [ main, 1.2.x, 1.1.x ]
+        branch: [ main, 1.2.x ]
     runs-on: ubuntu-latest
     steps:
       - name: Checkout

CONTRIBUTING.adoc

@@ -4,9 +4,7 @@ Spring Authorization Server is released under the Apache 2.0 license.
 If you would like to contribute something, or simply want to hack on the code this document should help you https://github.com/spring-projects/spring-authorization-server#getting-started[get started].
 
 == Code of Conduct
-This project adheres to the Contributor Covenant link:CODE_OF_CONDUCT.adoc[code of conduct].
-By participating, you are expected to uphold this code.
-Please report unacceptable behavior to spring-code-of-conduct@pivotal.io.
+Please see our https://github.com/spring-projects/.github/blob/main/CODE_OF_CONDUCT.md[code of conduct].
 
 == Using GitHub Issues
 We use GitHub issues to track bugs and enhancements.

README.adoc

@@ -36,8 +36,7 @@ Be sure to read the https://docs.spring.io/spring-authorization-server/reference
 JavaDoc is also available for the https://docs.spring.io/spring-authorization-server/docs/current/api/[Spring Authorization Server API] and https://docs.spring.io/spring-security/site/docs/current/api/[Spring Security API].
 
 == Code of Conduct
-This project adheres to the Contributor Covenant link:CODE_OF_CONDUCT.adoc[code of conduct].
-By participating, you are expected to uphold this code. Please report unacceptable behavior to spring-code-of-conduct@pivotal.io.
+Please see our https://github.com/spring-projects/.github/blob/main/CODE_OF_CONDUCT.md[code of conduct].
 
 == Downloading Artifacts
 See https://github.com/spring-projects/spring-framework/wiki/Spring-Framework-Artifacts[downloading Spring artifacts] for Maven repository information.

buildSrc/build.gradle

@@ -25,5 +25,5 @@ dependencies {
 	implementation "org.hidetake:gradle-ssh-plugin:2.10.1"
 	implementation "org.jfrog.buildinfo:build-info-extractor-gradle:5.2.0"
 	implementation "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.7.1"
-	implementation "org.springframework:spring-core:6.1.7"
+	implementation "org.springframework:spring-core:6.1.9"
 }

dependencies/spring-authorization-server-dependencies.gradle

@@ -11,7 +11,7 @@ dependencies {
 	api platform("org.springframework.security:spring-security-bom:$springSecurityVersion")
 	api platform("com.fasterxml.jackson:jackson-bom:2.17.1")
 	constraints {
-		api "com.nimbusds:nimbus-jose-jwt:9.39.1"
+		api "com.nimbusds:nimbus-jose-jwt:9.39.3"
 		api "jakarta.servlet:jakarta.servlet-api:6.0.0"
 		api "org.bouncycastle:bcpkix-jdk18on:1.78.1"
 		api "org.bouncycastle:bcprov-jdk18on:1.78.1"
@@ -21,6 +21,6 @@ dependencies {
 		api "com.squareup.okhttp3:mockwebserver:4.12.0"
 		api "com.squareup.okhttp3:okhttp:4.12.0"
 		api "com.jayway.jsonpath:json-path:2.9.0"
-		api "org.hsqldb:hsqldb:2.7.2"
+		api "org.hsqldb:hsqldb:2.7.3"
 	}
 }

docs/modules/ROOT/pages/index.adoc

@@ -13,6 +13,6 @@ xref:how-to.adoc[How-to Guides] :: Guides to get the most from Spring Authorizat
 
 Joe Grandja, Steve Riesenberg
 
-Copyright © 2020 - 2023
+Copyright © 2020 - 2024
 
 Copies of this document may be made for your own use and for distribution to others, provided that you do not charge any fee for such copies and further provided that each copy contains this Copyright Notice, whether distributed in print or electronically.

etc/checkstyle/checkstyle-suppressions.xml

@@ -0,0 +1,8 @@
+<?xml version="1.0"?>
+<!DOCTYPE suppressions PUBLIC
+		"-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN"
+		"https://checkstyle.org/dtds/suppressions_1_2.dtd">
+<suppressions>
+	<suppress files=".*" checks="JavadocStyle" />
+	<suppress files="SpringAuthorizationServerVersion\.java" checks="HideUtilityClassConstructor"/>
+</suppressions>

etc/checkstyle/checkstyle.xml

@@ -1,51 +1,18 @@
 <?xml version="1.0"?>
-<!DOCTYPE module PUBLIC "-//Puppy Crawl//DTD Check Configuration 1.3//EN"
-		"https://www.puppycrawl.com/dtds/configuration_1_3.dtd">
-<module name="Checker">
-	<!-- Suppressions -->
+<!DOCTYPE module PUBLIC
+		"-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
+		"https://checkstyle.org/dtds/configuration_1_3.dtd">
+<module name="com.puppycrawl.tools.checkstyle.Checker">
 	<module name="SuppressionFilter">
-		<property name="file" value="${config_loc}/suppressions.xml"/>
+		<property name="file"
+				  value="${config_loc}/checkstyle-suppressions.xml" />
 	</module>
-
-	<!-- Root Checks -->
-	<module name="RegexpHeader">
-		<property name="headerFile" value="${config_loc}/header.txt"/>
-		<property name="fileExtensions" value="java"/>
+	<module name="com.puppycrawl.tools.checkstyle.checks.header.RegexpHeaderCheck">
+		<property name="headerFile" value="${config_loc}/header.txt" />
+		<property name="fileExtensions" value="java" />
 	</module>
-
-	<!-- Root Checks -->
-	<module name="TreeWalker">
-		<!-- Annotations -->
-		<module name="MissingOverrideCheck" />
-
-		<!-- Coding -->
-		<module name="EmptyStatementCheck" />
-		<module name="RedundantModifier" />
-
-		<!-- Imports -->
-		<module name="UnusedImportsCheck">
-			<property name="processJavadoc" value="true" />
-		</module>
-
-		<!-- Regexp -->
-		<module name="RegexpSinglelineJava">
-			<property name="format" value="^\t* +\t*\S"/>
-			<property name="message" value="Line has leading space characters; indentation should be performed with tabs only."/>
-			<property name="ignoreComments" value="true"/>
-		</module>
-		<module name="RegexpSinglelineJava">
-			<property name="maximum" value="0"/>
-			<property name="format" value="org\.junit\.Assert\.assert"/>
-			<property name="message" value="Please use AssertJ imports."/>
-			<property name="ignoreComments" value="true"/>
-		</module>
-		<module name="Regexp">
-			<property name="format" value="[ \t]+$"/>
-			<property name="illegalPattern" value="true"/>
-			<property name="message" value="Trailing whitespace"/>
-		</module>
-
-		<!-- Whitespace -->
-		<module name="WhitespaceAfterCheck" />
+	<module name="io.spring.javaformat.checkstyle.SpringChecks">
+		<property name="excludes" value="io.spring.javaformat.checkstyle.check.SpringHeaderCheck" />
+		<property name="excludes" value="com.puppycrawl.tools.checkstyle.checks.javadoc.JavadocPackageCheck" />
 	</module>
 </module>

etc/checkstyle/header.txt

@@ -1,5 +1,5 @@
 ^\Q/*\E$
-^\Q * Copyright\E (\d{4}(\-\d{4})? the original author or authors\.|(\d{4}, )*(\d{4}) Acegi Technology Pty Limited)$
+^\Q * Copyright \E20\d\d\-20\d\d\Q the original author or authors.\E$
 ^\Q *\E$
 ^\Q * Licensed under the Apache License, Version 2.0 (the "License");\E$
 ^\Q * you may not use this file except in compliance with the License.\E$

gradle.properties

@@ -1,9 +1,9 @@
-version=1.3.0
+version=1.3.1
 org.gradle.jvmargs=-Xmx3g -XX:+HeapDumpOnOutOfMemoryError
 org.gradle.parallel=true
 org.gradle.caching=true
-springFrameworkVersion=6.1.7
-springSecurityVersion=6.3.0
+springFrameworkVersion=6.1.9
+springSecurityVersion=6.3.1
 springJavaformatVersion=0.0.41
 checkstyleToolVersion=8.34
 nohttpCheckstyleVersion=0.0.11

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/AbstractOAuth2AuthorizationServerMetadata.java

@@ -36,8 +36,8 @@
  *
  * @author Daniel Garnier-Moiroux
  * @author Joe Grandja
- * @see OAuth2AuthorizationServerMetadataClaimAccessor
  * @since 0.1.1
+ * @see OAuth2AuthorizationServerMetadataClaimAccessor
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc8414#section-3.2">3.2.
  * Authorization Server Metadata Response</a>
  * @see <a target="_blank" href=
@@ -72,8 +72,11 @@ public Map<String, Object> getClaims() {
 
 	/**
 	 * A builder for subclasses of {@link AbstractOAuth2AuthorizationServerMetadata}.
+	 *
+	 * @param <T> the type of object
+	 * @param <B> the type of the builder
 	 */
-	protected static abstract class AbstractBuilder<T extends AbstractOAuth2AuthorizationServerMetadata, B extends AbstractBuilder<T, B>> {
+	protected abstract static class AbstractBuilder<T extends AbstractOAuth2AuthorizationServerMetadata, B extends AbstractBuilder<T, B>> {
 
 		private final Map<String, Object> claims = new LinkedHashMap<>();
 
@@ -509,15 +512,15 @@ protected void validate() {
 		private void addClaimToClaimList(String name, String value) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(value, "value cannot be null");
-			getClaims().computeIfAbsent(name, k -> new LinkedList<String>());
+			getClaims().computeIfAbsent(name, (k) -> new LinkedList<String>());
 			((List<String>) getClaims().get(name)).add(value);
 		}
 
 		@SuppressWarnings("unchecked")
 		private void acceptClaimValues(String name, Consumer<List<String>> valuesConsumer) {
 			Assert.hasText(name, "name cannot be empty");
 			Assert.notNull(valuesConsumer, "valuesConsumer cannot be null");
-			getClaims().computeIfAbsent(name, k -> new LinkedList<String>());
+			getClaims().computeIfAbsent(name, (k) -> new LinkedList<String>());
 			List<String> values = (List<String>) getClaims().get(name);
 			valuesConsumer.accept(values);
 		}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationConsentService.java

@@ -63,7 +63,7 @@ public InMemoryOAuth2AuthorizationConsentService(OAuth2AuthorizationConsent... a
 	 */
 	public InMemoryOAuth2AuthorizationConsentService(List<OAuth2AuthorizationConsent> authorizationConsents) {
 		Assert.notNull(authorizationConsents, "authorizationConsents cannot be null");
-		authorizationConsents.forEach(authorizationConsent -> {
+		authorizationConsents.forEach((authorizationConsent) -> {
 			Assert.notNull(authorizationConsent, "authorizationConsent cannot be null");
 			int id = getId(authorizationConsent);
 			Assert.isTrue(!this.authorizationConsents.containsKey(id),

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationService.java

@@ -94,7 +94,7 @@ public InMemoryOAuth2AuthorizationService(OAuth2Authorization... authorizations)
 	 */
 	public InMemoryOAuth2AuthorizationService(List<OAuth2Authorization> authorizations) {
 		Assert.notNull(authorizations, "authorizations cannot be null");
-		authorizations.forEach(authorization -> {
+		authorizations.forEach((authorization) -> {
 			Assert.notNull(authorization, "authorization cannot be null");
 			Assert.isTrue(!this.authorizations.containsKey(authorization.getId()),
 					"The authorization must be unique. Found duplicate identifier: " + authorization.getId());
@@ -129,7 +129,7 @@ public void remove(OAuth2Authorization authorization) {
 	public OAuth2Authorization findById(String id) {
 		Assert.hasText(id, "id cannot be empty");
 		OAuth2Authorization authorization = this.authorizations.get(id);
-		return authorization != null ? authorization : this.initializedAuthorizations.get(id);
+		return (authorization != null) ? authorization : this.initializedAuthorizations.get(id);
 	}
 
 	@Nullable
@@ -164,19 +164,26 @@ private static boolean hasToken(OAuth2Authorization authorization, String token,
 					matchesRefreshToken(authorization, token) ||
 					matchesDeviceCode(authorization, token) ||
 					matchesUserCode(authorization, token);
-		} else if (OAuth2ParameterNames.STATE.equals(tokenType.getValue())) {
+		}
+		else if (OAuth2ParameterNames.STATE.equals(tokenType.getValue())) {
 			return matchesState(authorization, token);
-		} else if (OAuth2ParameterNames.CODE.equals(tokenType.getValue())) {
+		}
+		else if (OAuth2ParameterNames.CODE.equals(tokenType.getValue())) {
 			return matchesAuthorizationCode(authorization, token);
-		} else if (OAuth2TokenType.ACCESS_TOKEN.equals(tokenType)) {
+		}
+		else if (OAuth2TokenType.ACCESS_TOKEN.equals(tokenType)) {
 			return matchesAccessToken(authorization, token);
-		} else if (OidcParameterNames.ID_TOKEN.equals(tokenType.getValue())) {
+		}
+		else if (OidcParameterNames.ID_TOKEN.equals(tokenType.getValue())) {
 			return matchesIdToken(authorization, token);
-		} else if (OAuth2TokenType.REFRESH_TOKEN.equals(tokenType)) {
+		}
+		else if (OAuth2TokenType.REFRESH_TOKEN.equals(tokenType)) {
 			return matchesRefreshToken(authorization, token);
-		} else if (OAuth2ParameterNames.DEVICE_CODE.equals(tokenType.getValue())) {
+		}
+		else if (OAuth2ParameterNames.DEVICE_CODE.equals(tokenType.getValue())) {
 			return matchesDeviceCode(authorization, token);
-		} else if (OAuth2ParameterNames.USER_CODE.equals(tokenType.getValue())) {
+		}
+		else if (OAuth2ParameterNames.USER_CODE.equals(tokenType.getValue())) {
 			return matchesUserCode(authorization, token);
 		}
 		// @formatter:on

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationConsentService.java

@@ -71,17 +71,6 @@
 @ImportRuntimeHints(JdbcOAuth2AuthorizationConsentService.JdbcOAuth2AuthorizationConsentServiceRuntimeHintsRegistrar.class)
 public class JdbcOAuth2AuthorizationConsentService implements OAuth2AuthorizationConsentService {
 
-	static class JdbcOAuth2AuthorizationConsentServiceRuntimeHintsRegistrar implements RuntimeHintsRegistrar {
-
-		@Override
-		public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
-			hints.resources()
-				.registerResource(new ClassPathResource(
-						"org/springframework/security/oauth2/server/authorization/oauth2-authorization-consent-schema.sql"));
-		}
-
-	}
-
 	// @formatter:off
 	private static final String COLUMN_NAMES = "registered_client_id, "
 			+ "principal_name, "
@@ -288,4 +277,15 @@ public List<SqlParameterValue> apply(OAuth2AuthorizationConsent authorizationCon
 
 	}
 
+	static class JdbcOAuth2AuthorizationConsentServiceRuntimeHintsRegistrar implements RuntimeHintsRegistrar {
+
+		@Override
+		public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
+			hints.resources()
+				.registerResource(new ClassPathResource(
+						"org/springframework/security/oauth2/server/authorization/oauth2-authorization-consent-schema.sql"));
+		}
+
+	}
+
 }