Temporarily remove authorization-server sample

Issue gh-97

servlet/spring-boot/java/oauth2/authorization-server/README.adoc

@@ -1,121 +0,0 @@
-= OAuth 2.0 Authorization Server Sample
-
-This sample demonstrates Authorization Server with the `authorization_code` and `client_credentials` grant types, as well as OpenID Connect 1.0. This authorization server is configured to generate JWT tokens signed with the `RS256` algorithm.
-
-* <<running-the-tests, Running the tests>>
-* <<running-the-app, Running the app>>
-* <<testing-with-a-resource-server, Testing with a resource server>>
-
-[[running-the-tests]]
-== Running the tests
-
-To run the tests, do:
-
-```bash
-./gradlew integrationTest
-```
-
-Or import the project into your IDE and run `OAuth2AuthorizationServerApplicationTests` from there.
-
-=== What is it doing?
-
-The tests are making requests to the token endpoint with the `client_credentials` grant type using the `client_secret_basic` authentication method, and subsequently verifying the access token from the response using the token introspection endpoint.
-
-The introspection endpoint response is used to verify the token (decode the JWT in this case), returning the payload including the requested scope.
-
-NOTE: Spring Security does not require the token introspection endpoint when configured to use the Bearer scheme with JWTs, this is simply used for demonstration purposes.
-
-[[running-the-app]]
-== Running the app
-
-To run as a stand-alone application, do:
-
-```bash
-./gradlew bootRun
-```
-
-Or import the project into your IDE and run `OAuth2AuthorizationServerApplication` from there.
-
-Once it is up and running, you can issue the following request:
-
-```bash
-curl -X POST messaging-client:secret@localhost:9000/oauth2/token -d "grant_type=client_credentials" -d "scope=message:read"
-```
-
-This returns something like the following:
-
-```json
-{
-    "access_token": "eyJraWQiOiI4YWY4Zjc2Zi0zMTdkLTQxZmYtYWY5Yi1hZjg5NDg4ODM5YzciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJtZXNzYWdpbmctY2xpZW50IiwiYXVkIjoibWVzc2FnaW5nLWNsaWVudCIsIm5iZiI6MTYyNzMzNDQ1MCwic2NvcGUiOlsibWVzc2FnZTpyZWFkIl0sImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo5MDAwIiwiZXhwIjoxNjI3MzM0NzUwLCJpYXQiOjE2MjczMzQ0NTAsImp0aSI6IjBiYjYwZjhkLWIzNjItNDk0MC05MGRmLWZhZDg4N2Q1Yzg1ZSJ9.O8dI67B_feRjOn6pJi5ctPJmUJCNpV77SC4OiWqmpa5UHvf4Ud6L6EFe9LKuPIRrEWi8rMdCdMBOPKQMXvxLoI3LMUPf7Yj973uvZN0E988MsKwhGwxyaa_Wam8wFlk8aQlN8SbW3cKdeH-nKloNMdwjfspovefX521mxouaMjmyXdIFrM5WZ15GZK69NIniACSatE-pc9TAjKYBDbC65jVt_zHEvDQbEkZulF2bjrGOZC8C3IbJWnlKgkcshrY44TtrGPyCp2gIS0TSUUsG00iSBBC8E8zPU-YdfaP8gB9_FwUwK9zfy_hU2Ykf2aU3eulpGDVLn2rCwFeK86Rw1w",
-    "expires_in": 299,
-    "scope": "message:read",
-    "token_type": "Bearer"
-}
-```
-
-In order to make the same token introspection request as the tests, export the access token from the response:
-
-```bash
-export TOKEN=...
-```
-
-Then issue the following request:
-
-```bash
-curl -X POST messaging-client:secret@localhost:9000/oauth2/introspect -d "token=$TOKEN"
-```
-
-Which will return something like the following:
-
-```json
-{
-    "active": true,
-    "aud": [
-        "messaging-client"
-    ],
-    "client_id": "messaging-client",
-    "exp": 1627334750,
-    "iat": 1627334450,
-    "iss": "http://localhost:9000",
-    "jti": "0bb60f8d-b362-4940-90df-fad887d5c85e",
-    "nbf": 1627334450,
-    "scope": "message:read",
-    "sub": "messaging-client",
-    "token_type": "Bearer"
-}
-```
-
-[[testing-with-a-resource-server]]
-== Testing with a resource server
-
-This sample can be used in conjunction with a resource server, such as the https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2/resource-server/hello-security[resource-server sample] in this project which is pre-configured to work with this authorization server sample out of the box.
-
-You can run that app similarly to the authorization server:
-
-```bash
-./gradlew bootRun
-```
-
-Once it is up and running, you can issue the following request:
-
-```bash
-curl -X POST messaging-client:secret@localhost:9000/oauth2/token -d "grant_type=client_credentials" -d "scope=message:read"
-```
-
-Then, export the access token from the response:
-
-```bash
-export TOKEN=...
-```
-
-Then issue the following request:
-
-```bash
-curl -H "Authorization: Bearer $TOKEN" localhost:8080
-```
-
-Which will respond with the phrase:
-
-```
-Hello, messaging-client!
-```

servlet/spring-boot/java/oauth2/authorization-server/build.gradle

@@ -1,29 +0,0 @@
-plugins {
-	id 'org.springframework.boot' version '3.0.0-SNAPSHOT'
-	id 'io.spring.dependency-management' version '1.0.11.RELEASE'
-	id "nebula.integtest" version "8.2.0"
-	id 'java'
-}
-
-repositories {
-	mavenCentral()
-	maven { url "https://repo.spring.io/milestone" }
-	maven { url "https://repo.spring.io/snapshot" }
-}
-
-ext["micrometer.version"] = "1.10.0-SNAPSHOT"
-
-dependencies {
-	implementation 'org.springframework.boot:spring-boot-starter-web'
-	implementation 'org.springframework.security:spring-security-oauth2-authorization-server:1.0.0-M1'
-
-	testImplementation 'org.springframework.boot:spring-boot-starter-test'
-	testImplementation 'org.springframework.security:spring-security-test'
-
-	integTestImplementation 'net.sourceforge.htmlunit:htmlunit'
-}
-
-tasks.withType(Test).configureEach {
-	useJUnitPlatform()
-	outputs.upToDateWhen { false }
-}

servlet/spring-boot/java/oauth2/authorization-server/gradle.properties

@@ -1,2 +0,0 @@
-version=6.0.0-SNAPSHOT
-spring-security.version=6.0.0-SNAPSHOT

servlet/spring-boot/java/oauth2/authorization-server/gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +0,0 @@
-distributionBase=GRADLE_USER_HOME
-distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.3-bin.zip
-zipStoreBase=GRADLE_USER_HOME
-zipStorePath=wrapper/dists

servlet/spring-boot/java/oauth2/authorization-server/gradlew

@@ -1,185 +0,0 @@
-#!/usr/bin/env sh
-
-#
-# Copyright 2015 the original author or authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-##############################################################################
-##
-##  Gradle start up script for UN*X
-##
-##############################################################################
-
-# Attempt to set APP_HOME
-# Resolve links: $0 may be a link
-PRG="$0"
-# Need this for relative symlinks.
-while [ -h "$PRG" ] ; do
-    ls=`ls -ld "$PRG"`
-    link=`expr "$ls" : '.*-> \(.*\)$'`
-    if expr "$link" : '/.*' > /dev/null; then
-        PRG="$link"
-    else
-        PRG=`dirname "$PRG"`"/$link"
-    fi
-done
-SAVED="`pwd`"
-cd "`dirname \"$PRG\"`/" >/dev/null
-APP_HOME="`pwd -P`"
-cd "$SAVED" >/dev/null
-
-APP_NAME="Gradle"
-APP_BASE_NAME=`basename "$0"`
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
-
-# Use the maximum available, or set MAX_FD != -1 to use that value.
-MAX_FD="maximum"
-
-warn () {
-    echo "$*"
-}
-
-die () {
-    echo
-    echo "$*"
-    echo
-    exit 1
-}
-
-# OS specific support (must be 'true' or 'false').
-cygwin=false
-msys=false
-darwin=false
-nonstop=false
-case "`uname`" in
-  CYGWIN* )
-    cygwin=true
-    ;;
-  Darwin* )
-    darwin=true
-    ;;
-  MINGW* )
-    msys=true
-    ;;
-  NONSTOP* )
-    nonstop=true
-    ;;
-esac
-
-CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
-
-
-# Determine the Java command to use to start the JVM.
-if [ -n "$JAVA_HOME" ] ; then
-    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
-        # IBM's JDK on AIX uses strange locations for the executables
-        JAVACMD="$JAVA_HOME/jre/sh/java"
-    else
-        JAVACMD="$JAVA_HOME/bin/java"
-    fi
-    if [ ! -x "$JAVACMD" ] ; then
-        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-    fi
-else
-    JAVACMD="java"
-    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-fi
-
-# Increase the maximum file descriptors if we can.
-if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
-    MAX_FD_LIMIT=`ulimit -H -n`
-    if [ $? -eq 0 ] ; then
-        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
-            MAX_FD="$MAX_FD_LIMIT"
-        fi
-        ulimit -n $MAX_FD
-        if [ $? -ne 0 ] ; then
-            warn "Could not set maximum file descriptor limit: $MAX_FD"
-        fi
-    else
-        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
-    fi
-fi
-
-# For Darwin, add options to specify how the application appears in the dock
-if $darwin; then
-    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
-fi
-
-# For Cygwin or MSYS, switch paths to Windows format before running java
-if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
-    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
-    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
-    
-    JAVACMD=`cygpath --unix "$JAVACMD"`
-
-    # We build the pattern for arguments to be converted via cygpath
-    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
-    SEP=""
-    for dir in $ROOTDIRSRAW ; do
-        ROOTDIRS="$ROOTDIRS$SEP$dir"
-        SEP="|"
-    done
-    OURCYGPATTERN="(^($ROOTDIRS))"
-    # Add a user-defined pattern to the cygpath arguments
-    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
-        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
-    fi
-    # Now convert the arguments - kludge to limit ourselves to /bin/sh
-    i=0
-    for arg in "$@" ; do
-        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
-        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
-
-        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
-            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
-        else
-            eval `echo args$i`="\"$arg\""
-        fi
-        i=`expr $i + 1`
-    done
-    case $i in
-        0) set -- ;;
-        1) set -- "$args0" ;;
-        2) set -- "$args0" "$args1" ;;
-        3) set -- "$args0" "$args1" "$args2" ;;
-        4) set -- "$args0" "$args1" "$args2" "$args3" ;;
-        5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
-        6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
-        7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
-        8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
-        9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
-    esac
-fi
-
-# Escape application args
-save () {
-    for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
-    echo " "
-}
-APP_ARGS=`save "$@"`
-
-# Collect all arguments for the java command, following the shell quoting and substitution rules
-eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
-
-exec "$JAVACMD" "$@"

servlet/spring-boot/java/oauth2/authorization-server/gradlew.bat

@@ -1,104 +0,0 @@
-@rem
-@rem Copyright 2015 the original author or authors.
-@rem
-@rem Licensed under the Apache License, Version 2.0 (the "License");
-@rem you may not use this file except in compliance with the License.
-@rem You may obtain a copy of the License at
-@rem
-@rem      https://www.apache.org/licenses/LICENSE-2.0
-@rem
-@rem Unless required by applicable law or agreed to in writing, software
-@rem distributed under the License is distributed on an "AS IS" BASIS,
-@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-@rem See the License for the specific language governing permissions and
-@rem limitations under the License.
-@rem
-
-@if "%DEBUG%" == "" @echo off
-@rem ##########################################################################
-@rem
-@rem  Gradle startup script for Windows
-@rem
-@rem ##########################################################################
-
-@rem Set local scope for the variables with windows NT shell
-if "%OS%"=="Windows_NT" setlocal
-
-set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
-set APP_BASE_NAME=%~n0
-set APP_HOME=%DIRNAME%
-
-@rem Resolve any "." and ".." in APP_HOME to make it shorter.
-for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
-
-@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
-
-@rem Find java.exe
-if defined JAVA_HOME goto findJavaFromJavaHome
-
-set JAVA_EXE=java.exe
-%JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
-
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:findJavaFromJavaHome
-set JAVA_HOME=%JAVA_HOME:"=%
-set JAVA_EXE=%JAVA_HOME%/bin/java.exe
-
-if exist "%JAVA_EXE%" goto init
-
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
-:execute
-@rem Setup the command line
-
-set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
-
-
-@rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
-
-:end
-@rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
-
-:fail
-rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
-rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
-
-:mainEnd
-if "%OS%"=="Windows_NT" endlocal
-
-:omega

servlet/spring-boot/java/oauth2/authorization-server/settings.gradle

@@ -1 +0,0 @@
-

servlet/spring-boot/java/oauth2/authorization-server/src/integTest/java/example/OAuth2AuthorizationServerApplicationITests.java

@@ -1,195 +0,0 @@
-/*
- * Copyright 2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package example;
-
-import java.util.Map;
-
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import org.junit.jupiter.api.Test;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.http.HttpHeaders;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.test.context.ActiveProfiles;
-import org.springframework.test.web.servlet.MockMvc;
-import org.springframework.test.web.servlet.MvcResult;
-import org.springframework.test.web.servlet.request.RequestPostProcessor;
-
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-
-/**
- * Integration tests for {@link OAuth2AuthorizationServerApplication}.
- *
- * @author Steve Riesenberg
- */
-@SpringBootTest
-@AutoConfigureMockMvc
-@ActiveProfiles("test")
-public class OAuth2AuthorizationServerApplicationITests {
-
-	private static final String CLIENT_ID = "messaging-client";
-
-	private static final String CLIENT_SECRET = "secret";
-
-	private final ObjectMapper objectMapper = new ObjectMapper();
-
-	@Autowired
-	private MockMvc mockMvc;
-
-	@Test
-	void performTokenRequestWhenValidClientCredentialsThenOk() throws Exception {
-		// @formatter:off
-		this.mockMvc.perform(post("/oauth2/token")
-				.param("grant_type", "client_credentials")
-				.param("scope", "message:read")
-				.with(basicAuth(CLIENT_ID, CLIENT_SECRET)))
-				.andExpect(status().isOk())
-				.andExpect(jsonPath("$.access_token").isString())
-				.andExpect(jsonPath("$.expires_in").isNumber())
-				.andExpect(jsonPath("$.scope").value("message:read"))
-				.andExpect(jsonPath("$.token_type").value("Bearer"));
-		// @formatter:on
-	}
-
-	@Test
-	void performTokenRequestWhenMissingScopeThenOk() throws Exception {
-		// @formatter:off
-		this.mockMvc.perform(post("/oauth2/token")
-				.param("grant_type", "client_credentials")
-				.param("scope", "message:read message:write")
-				.with(basicAuth(CLIENT_ID, CLIENT_SECRET)))
-				.andExpect(status().isOk())
-				.andExpect(jsonPath("$.access_token").isString())
-				.andExpect(jsonPath("$.expires_in").isNumber())
-				.andExpect(jsonPath("$.scope").value("message:read message:write"))
-				.andExpect(jsonPath("$.token_type").value("Bearer"));
-		// @formatter:on
-	}
-
-	@Test
-	void performTokenRequestWhenInvalidClientCredentialsThenUnauthorized() throws Exception {
-		// @formatter:off
-		this.mockMvc.perform(post("/oauth2/token")
-				.param("grant_type", "client_credentials")
-				.param("scope", "message:read")
-				.with(basicAuth("bad", "password")))
-				.andExpect(status().isUnauthorized())
-				.andExpect(jsonPath("$.error").value("invalid_client"));
-		// @formatter:on
-	}
-
-	@Test
-	void performTokenRequestWhenMissingGrantTypeThenUnauthorized() throws Exception {
-		// @formatter:off
-		this.mockMvc.perform(post("/oauth2/token")
-				.with(basicAuth("bad", "password")))
-				.andExpect(status().isUnauthorized())
-				.andExpect(jsonPath("$.error").value("invalid_client"));
-		// @formatter:on
-	}
-
-	@Test
-	void performTokenRequestWhenGrantTypeNotRegisteredThenBadRequest() throws Exception {
-		// @formatter:off
-		this.mockMvc.perform(post("/oauth2/token")
-				.param("grant_type", "client_credentials")
-				.with(basicAuth("login-client", "openid-connect")))
-				.andExpect(status().isBadRequest())
-				.andExpect(jsonPath("$.error").value("unauthorized_client"));
-		// @formatter:on
-	}
-
-	@Test
-	void performIntrospectionRequestWhenValidTokenThenOk() throws Exception {
-		// @formatter:off
-		this.mockMvc.perform(post("/oauth2/introspect")
-				.param("token", getAccessToken())
-				.with(basicAuth(CLIENT_ID, CLIENT_SECRET)))
-				.andExpect(status().isOk())
-				.andExpect(jsonPath("$.active").value("true"))
-				.andExpect(jsonPath("$.aud[0]").value(CLIENT_ID))
-				.andExpect(jsonPath("$.client_id").value(CLIENT_ID))
-				.andExpect(jsonPath("$.exp").isNumber())
-				.andExpect(jsonPath("$.iat").isNumber())
-				.andExpect(jsonPath("$.iss").value("http://localhost:9000"))
-				.andExpect(jsonPath("$.nbf").isNumber())
-				.andExpect(jsonPath("$.scope").value("message:read"))
-				.andExpect(jsonPath("$.sub").value(CLIENT_ID))
-				.andExpect(jsonPath("$.token_type").value("Bearer"));
-		// @formatter:on
-	}
-
-	@Test
-	void performIntrospectionRequestWhenInvalidCredentialsThenUnauthorized() throws Exception {
-		// @formatter:off
-		this.mockMvc.perform(post("/oauth2/introspect")
-				.param("token", getAccessToken())
-				.with(basicAuth("bad", "password")))
-				.andExpect(status().isUnauthorized())
-				.andExpect(jsonPath("$.error").value("invalid_client"));
-		// @formatter:on
-	}
-
-	private String getAccessToken() throws Exception {
-		// @formatter:off
-		MvcResult mvcResult = this.mockMvc.perform(post("/oauth2/token")
-				.param("grant_type", "client_credentials")
-				.param("scope", "message:read")
-				.with(basicAuth(CLIENT_ID, CLIENT_SECRET)))
-				.andExpect(status().isOk())
-				.andExpect(jsonPath("$.access_token").exists())
-				.andReturn();
-		// @formatter:on
-
-		String tokenResponseJson = mvcResult.getResponse().getContentAsString();
-		Map<String, Object> tokenResponse = this.objectMapper.readValue(tokenResponseJson, new TypeReference<>() {
-		});
-
-		return tokenResponse.get("access_token").toString();
-	}
-
-	private static BasicAuthenticationRequestPostProcessor basicAuth(String username, String password) {
-		return new BasicAuthenticationRequestPostProcessor(username, password);
-	}
-
-	private static final class BasicAuthenticationRequestPostProcessor implements RequestPostProcessor {
-
-		private final String username;
-
-		private final String password;
-
-		private BasicAuthenticationRequestPostProcessor(String username, String password) {
-			this.username = username;
-			this.password = password;
-		}
-
-		@Override
-		public MockHttpServletRequest postProcessRequest(MockHttpServletRequest request) {
-			HttpHeaders headers = new HttpHeaders();
-			headers.setBasicAuth(this.username, this.password);
-			request.addHeader("Authorization", headers.getFirst("Authorization"));
-			return request;
-		}
-
-	}
-
-}

servlet/spring-boot/java/oauth2/authorization-server/src/main/java/example/OAuth2AuthorizationServerApplication.java

@@ -1,34 +0,0 @@
-/*
- * Copyright 2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package example;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-/**
- * OAuth Authorization Server Application.
- *
- * @author Steve Riesenberg
- */
-@SpringBootApplication
-public class OAuth2AuthorizationServerApplication {
-
-	public static void main(String[] args) {
-		SpringApplication.run(OAuth2AuthorizationServerApplication.class, args);
-	}
-
-}

servlet/spring-boot/java/oauth2/authorization-server/src/main/java/example/OAuth2AuthorizationServerSecurityConfiguration.java

@@ -1,166 +0,0 @@
-/*
- * Copyright 2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package example;
-
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.util.UUID;
-
-import com.nimbusds.jose.jwk.JWKSet;
-import com.nimbusds.jose.jwk.RSAKey;
-import com.nimbusds.jose.jwk.source.ImmutableJWKSet;
-import com.nimbusds.jose.jwk.source.JWKSource;
-import com.nimbusds.jose.proc.SecurityContext;
-
-import org.springframework.beans.factory.config.BeanDefinition;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Role;
-import org.springframework.core.annotation.Order;
-import org.springframework.security.config.Customizer;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
-import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
-import org.springframework.security.oauth2.core.oidc.OidcScopes;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
-import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
-import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
-import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
-import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
-import org.springframework.security.oauth2.server.authorization.settings.ProviderSettings;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
-import org.springframework.security.web.SecurityFilterChain;
-
-/**
- * OAuth Authorization Server Configuration.
- *
- * @author Steve Riesenberg
- */
-@Configuration
-@EnableWebSecurity
-public class OAuth2AuthorizationServerSecurityConfiguration {
-
-	@Bean
-	@Order(1)
-	public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
-		OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
-		return http.formLogin(Customizer.withDefaults()).build();
-	}
-
-	@Bean
-	@Order(2)
-	public SecurityFilterChain standardSecurityFilterChain(HttpSecurity http) throws Exception {
-		// @formatter:off
-		http
-			.authorizeHttpRequests((authorize) -> authorize
-				.anyRequest().authenticated()
-			)
-			.formLogin(Customizer.withDefaults());
-		// @formatter:on
-
-		return http.build();
-	}
-
-	@Bean
-	public RegisteredClientRepository registeredClientRepository() {
-		// @formatter:off
-		RegisteredClient loginClient = RegisteredClient.withId(UUID.randomUUID().toString())
-				.clientId("login-client")
-				.clientSecret("{noop}openid-connect")
-				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
-				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
-				.redirectUri("http://127.0.0.1:8080/login/oauth2/code/login-client")
-				.redirectUri("http://127.0.0.1:8080/authorized")
-				.scope(OidcScopes.OPENID)
-				.scope(OidcScopes.PROFILE)
-				.clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build())
-				.build();
-		RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
-				.clientId("messaging-client")
-				.clientSecret("{noop}secret")
-				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
-				.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
-				.scope("message:read")
-				.scope("message:write")
-				.build();
-		// @formatter:on
-
-		return new InMemoryRegisteredClientRepository(loginClient, registeredClient);
-	}
-
-	@Bean
-	public JWKSource<SecurityContext> jwkSource(KeyPair keyPair) {
-		RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
-		RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
-		// @formatter:off
-		RSAKey rsaKey = new RSAKey.Builder(publicKey)
-				.privateKey(privateKey)
-				.keyID(UUID.randomUUID().toString())
-				.build();
-		// @formatter:on
-		JWKSet jwkSet = new JWKSet(rsaKey);
-		return new ImmutableJWKSet<>(jwkSet);
-	}
-
-	@Bean
-	public JwtDecoder jwtDecoder(KeyPair keyPair) {
-		return NimbusJwtDecoder.withPublicKey((RSAPublicKey) keyPair.getPublic()).build();
-	}
-
-	@Bean
-	public ProviderSettings providerSettings() {
-		return ProviderSettings.builder().issuer("http://localhost:9000").build();
-	}
-
-	@Bean
-	public UserDetailsService userDetailsService() {
-		// @formatter:off
-		UserDetails userDetails = User.withDefaultPasswordEncoder()
-				.username("user")
-				.password("password")
-				.roles("USER")
-				.build();
-		// @formatter:on
-
-		return new InMemoryUserDetailsManager(userDetails);
-	}
-
-	@Bean
-	@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
-	KeyPair generateRsaKey() {
-		KeyPair keyPair;
-		try {
-			KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
-			keyPairGenerator.initialize(2048);
-			keyPair = keyPairGenerator.generateKeyPair();
-		}
-		catch (Exception ex) {
-			throw new IllegalStateException(ex);
-		}
-		return keyPair;
-	}
-
-}

servlet/spring-boot/java/oauth2/authorization-server/src/main/resources/application.yml

@@ -1,2 +0,0 @@
-server:
-  port: 9000