diff --git a/build.gradle.kts b/build.gradle.kts index a7552d7f..dc9568d8 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -4,18 +4,18 @@ import org.jetbrains.kotlin.gradle.dsl.JvmTarget val assertjVersion = "3.26.3" val kotlinLoggingVersion = "3.0.5" -val logbackVersion = "1.5.7" -val nimbusSdkVersion = "11.18" +val logbackVersion = "1.5.12" +val nimbusSdkVersion = "11.20.1" val mockWebServerVersion = "4.12.0" -val jacksonVersion = "2.17.2" -val nettyVersion = "4.1.112.Final" -val junitJupiterVersion = "5.11.0" -val kotlinVersion = "2.0.20" +val jacksonVersion = "2.18.1" +val nettyVersion = "4.1.114.Final" +val junitJupiterVersion = "5.11.3" +val kotlinVersion = "2.0.21" val freemarkerVersion = "2.3.33" val kotestVersion = "5.9.1" -val bouncyCastleVersion = "1.78.1" -val springBootVersion = "3.3.3" -val reactorTestVersion = "3.6.9" +val bouncyCastleVersion = "1.79" +val springBootVersion = "3.3.5" +val reactorTestVersion = "3.6.11" val ktorVersion = "2.3.12" val jsonPathVersion = "2.9.0" @@ -24,11 +24,11 @@ val mainClassKt = "no.nav.security.mock.oauth2.StandaloneMockOAuth2ServerKt" plugins { application - kotlin("jvm") version "2.0.20" + kotlin("jvm") version "2.0.21" id("se.patrikerdes.use-latest-versions") version "0.2.18" id("com.github.ben-manes.versions") version "0.51.0" id("org.jmailen.kotlinter") version "4.4.1" - id("com.google.cloud.tools.jib") version "3.4.3" + id("com.google.cloud.tools.jib") version "3.4.4" id("com.github.johnrengelman.shadow") version "8.1.1" id("net.researchgate.release") version "3.0.2" id("io.github.gradle-nexus.publish-plugin") version "2.0.0" @@ -67,7 +67,7 @@ dependencies { implementation("com.fasterxml.jackson.module:jackson-module-kotlin:$jacksonVersion") implementation("org.freemarker:freemarker:$freemarkerVersion") implementation("org.bouncycastle:bcpkix-jdk18on:$bouncyCastleVersion") - implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:1.7.1") + implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:1.7.3") testImplementation("org.assertj:assertj-core:$assertjVersion") testImplementation("org.junit.jupiter:junit-jupiter-api:$junitJupiterVersion") testImplementation("org.junit.jupiter:junit-jupiter-params:$junitJupiterVersion") @@ -95,7 +95,7 @@ dependencies { require("2.10.0") } } - testImplementation("org.yaml:snakeyaml:2.2") { + testImplementation("org.yaml:snakeyaml:2.3") { because("previous versions have security vulnerabilities") } add("api", "com.squareup.okio:okio") { @@ -125,7 +125,7 @@ dependencies { configurations { all { - resolutionStrategy.force("com.fasterxml.woodstox:woodstox-core:7.0.0") + resolutionStrategy.force("com.fasterxml.woodstox:woodstox-core:7.1.0") } } diff --git a/src/main/kotlin/no/nav/security/mock/oauth2/MockOAuth2Server.kt b/src/main/kotlin/no/nav/security/mock/oauth2/MockOAuth2Server.kt index 78384136..433b1e4a 100644 --- a/src/main/kotlin/no/nav/security/mock/oauth2/MockOAuth2Server.kt +++ b/src/main/kotlin/no/nav/security/mock/oauth2/MockOAuth2Server.kt @@ -241,11 +241,12 @@ open class MockOAuth2Server( val uri = tokenEndpointUrl(issuerId) val issuerUrl = issuerUrl(issuerId) val tokenRequest = - TokenRequest( - uri.toUri(), - ClientSecretBasic(ClientID(clientId), Secret("secret")), - AuthorizationCodeGrant(AuthorizationCode("123"), URI.create("http://localhost")), - ) + TokenRequest + .Builder( + uri.toUri(), + ClientSecretBasic(ClientID(clientId), Secret("secret")), + AuthorizationCodeGrant(AuthorizationCode("123"), URI.create("http://localhost")), + ).build() return config.tokenProvider.accessToken(tokenRequest, issuerUrl, tokenCallback, null) } @@ -290,8 +291,15 @@ open class MockOAuth2Server( object : AuthorizationGrant(GrantType("MockGrant")) { override fun toParameters(): MutableMap> = mutableMapOf() } + val request = + TokenRequest + .Builder( + URI.create("http://mockgrant"), + ClientID("mockclientid"), + mockGrant, + ).build() return this.config.tokenProvider.exchangeAccessToken( - TokenRequest(URI.create("http://mockgrant"), ClientID("mockclientid"), mockGrant), + request, issuerUrl, jwtClaimsSet, DefaultOAuth2TokenCallback( diff --git a/src/main/kotlin/no/nav/security/mock/oauth2/http/OAuth2HttpRequest.kt b/src/main/kotlin/no/nav/security/mock/oauth2/http/OAuth2HttpRequest.kt index ac55ed9c..1d13ee39 100644 --- a/src/main/kotlin/no/nav/security/mock/oauth2/http/OAuth2HttpRequest.kt +++ b/src/main/kotlin/no/nav/security/mock/oauth2/http/OAuth2HttpRequest.kt @@ -40,14 +40,15 @@ data class OAuth2HttpRequest( val tokenExchangeGrant = TokenExchangeGrant.parse(formParameters.map) // TODO: add scope if present in request - return TokenRequest( - this.url.toUri(), - clientAuthentication, - tokenExchangeGrant, - null, - emptyList(), - formParameters.map.mapValues { mutableListOf(it.value) }, - ) + val builder = + TokenRequest.Builder( + this.url.toUri(), + clientAuthentication, + tokenExchangeGrant, + ) + formParameters.map.forEach { (key, value) -> builder.customParameter(key, value) } + + return builder.build() } @Suppress("MemberVisibilityCanBePrivate") diff --git a/src/main/kotlin/no/nav/security/mock/oauth2/token/KeyProvider.kt b/src/main/kotlin/no/nav/security/mock/oauth2/token/KeyProvider.kt index 003acf7d..4d078f23 100644 --- a/src/main/kotlin/no/nav/security/mock/oauth2/token/KeyProvider.kt +++ b/src/main/kotlin/no/nav/security/mock/oauth2/token/KeyProvider.kt @@ -73,5 +73,4 @@ open class KeyProvider jwkSelector: JWKSelector?, context: SecurityContext?, ): MutableList = jwkSelector?.select(JWKSet(signingKeys.values.toList()).toPublicJWKSet()) ?: mutableListOf() - }