Merge branch 'master' into #1170-apis-json-plugin

distribution/examples/oauth2/azure-ad-with-jwts/README.md

@@ -4,15 +4,14 @@ This tutorial shows how to use Membrane API Gateway to validate Json Web Tokens
 
 Membrane API Gateway protects the Backend API.
 
-![Overview](00-overview.png)
+![Overview](./images/00-overview.png)
 
 1. The client retrieves the token from Azure AD.
 2. The JWT is issued by Azure AD and returned to the client
 3. The client then accesses the Backend through Membrane API Gateway.
 
 Membrane API Gateway exposes the Backend e.g. to the hostile internet. Only requests with a valid JWT are allowed to pass.
 
-
 # Azure AD Setup
 
 Both the Client and the Backend are registered in Azure AD with an "App registration". Don't get confused. ;)
@@ -27,7 +26,7 @@ Both the Client and the Backend are registered in Azure AD with an "App registra
 5. Choose ``New registration``.
 6. Enter a name (e.g. ``Demo Backend``) and click ``Register``.
 
-   ![Backend Registration](01-backend-registration.png)
+   ![Backend Registration](./images/01-backend-registration.png)
 
 7. Next to *Application ID URI*, click on ``Add an Application ID URI``.
 8. Next to *Application ID URI*, click on ``Set``.
@@ -48,22 +47,22 @@ There are several possibilities of getting a valid token. For this demo, we use
 1. Open https://aad.portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps .
 2. Choose ``New registration``.
 3. Enter a name (e.g. ``Demo Client``) and click ``Register``.
-   ![Client Registration](03-client-registration.png)
+   ![Client Registration](./images/03-client-registration.png)
 
 4. Take note of your ``Application (client) ID``.
 5. Next to *Client credentials*, click on ``Add a certificate or secret``.
 6. Click on ``New client secret``.
-   ![Creating a new client secret](04-client-secret-creation.png)
+   ![Creating a new client secret](https://www.membrane-api.io/security/azure-ad-jwt/04-client-secret-creation.png)
 7. Enter ``Demo Secret`` as Description.
 8. Click on ``Add``.
 9. Take note of the ``Value``, also known as the ``client secret``.
 10. Click on ``API permissions``.
 11. Click on ``Add a permission``.
-    ![Adding a permission](05-client-permission-granting.png)
+    ![Adding a permission](./images/05-client-permission-granting.png)
 13. Below ``My APIs``, choose ``Demo Backend``.
-    ![Adding a permission](06-client-permission-granting2.png)
+    ![Adding a permission](./images/06-client-permission-granting2.png)
 14. Select the ``ReadWrite`` permission.
-    ![Adding a permission](07-client-permission-granting3.png)
+    ![Adding a permission](./images/07-client-permission-granting3.png)
 15. Click on ``Add permission``.
 
 ### 2.b. Get a token

pom.xml

@@ -78,7 +78,7 @@
 		<javac.source>17</javac.source>
 		<javac.target>17</javac.target>
 		<jackson.version>2.17.1</jackson.version>
-		<spring.version>6.1.9</spring.version>
+		<spring.version>6.1.10</spring.version>
 		<slf4j.version>2.0.13</slf4j.version>
 		<log4j.version>2.23.1</log4j.version>
 		<junit.version>5.10.0</junit.version>