From 61d7bc5a4eac220684e03fcaaa97bbc2e9c7341f Mon Sep 17 00:00:00 2001
From: Matthew Buckett <matthew.buckett@ctl.ox.ac.uk>
Date: Fri, 23 Aug 2024 16:26:38 +0100
Subject: [PATCH] Update to Spring 6.x

---
 .github/workflows/maven.yml                   | 13 ++++------
 .java-version                                 |  1 +
 pom.xml                                       | 26 ++++++++++++-------
 ...zationCodeGrantRequestEntityConverter.java |  3 +--
 ...2AuthorizationGrantRequestEntityUtils.java |  2 +-
 ...Auth2AuthorizedClientArgumentResolver.java |  4 +--
 6 files changed, 26 insertions(+), 23 deletions(-)
 create mode 100644 .java-version

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 1bd68fc..c8f4ce7 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -11,19 +11,16 @@ on:
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
-
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up JDK 1.8
-      uses: actions/setup-java@v3
+    - uses: actions/checkout@v4
+    - uses: actions/setup-java@v4
       with:
-        java-version: 8
+        java-version-file: .java-version
         distribution: temurin
         cache: maven
     - name: Build with Maven
-      run: mvn -B package --file pom.xml
+      run: mvn -B package
     # This is part of the release task so we don't want to allow failures.
     - name: Build JavaDoc with Maven
-      run: mvn -B javadoc:javadoc --file pom.xml
+      run: mvn -B javadoc:javadoc
diff --git a/.java-version b/.java-version
new file mode 100644
index 0000000..8e2afd3
--- /dev/null
+++ b/.java-version
@@ -0,0 +1 @@
+17
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index f281175..b4d0063 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
 
     <groupId>uk.ac.ox.ctl</groupId>
     <artifactId>canvas-spring-oauth2</artifactId>
-    <version>0.7-SNAPSHOT</version>
+    <version>1.0-SNAPSHOT</version>
     <name>Spring Security OAuth2 for Canvas</name>
     <description>This small project provides some supporting classes for using Spring Security OAuth2 with Canvas.</description>
     <url>https://github.com/oxctl/canvas-spring-oauth2</url>
@@ -44,8 +44,8 @@
     </licenses>
 
     <properties>
-        <maven.compiler.source>1.8</maven.compiler.source>
-        <maven.compiler.target>1.8</maven.compiler.target>
+        <maven.compiler.source>17</maven.compiler.source>
+        <maven.compiler.target>17</maven.compiler.target>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>
 
@@ -53,20 +53,19 @@
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-oauth2-client</artifactId>
-            <version>5.8.2</version>
+            <version>6.3.0</version>
         </dependency>
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-web</artifactId>
-            <version>5.3.25</version>
+            <version>6.1.9</version>
         </dependency>
-
         <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>3.0.1</version>
-            <scope>provided</scope>
+            <groupId>jakarta.platform</groupId>
+            <artifactId>jakarta.jakartaee-api</artifactId>
+            <version>10.0.0</version>
         </dependency>
+
         <dependency>
             <groupId>com.google.code.findbugs</groupId>
             <artifactId>annotations</artifactId>
@@ -74,6 +73,13 @@
             <scope>compile</scope>
         </dependency>
     </dependencies>
+    <repositories>
+        <repository>
+            <id>maven_central</id>
+            <name>Maven Central</name>
+            <url>https://repo.maven.apache.org/maven2/</url>
+        </repository>
+    </repositories>
 
     <profiles>
         <profile>
diff --git a/src/main/java/uk/ac/ox/ctl/oauth2/client/endpoint/CanvasOAuth2AuthorizationCodeGrantRequestEntityConverter.java b/src/main/java/uk/ac/ox/ctl/oauth2/client/endpoint/CanvasOAuth2AuthorizationCodeGrantRequestEntityConverter.java
index d21dd93..1cf71b8 100644
--- a/src/main/java/uk/ac/ox/ctl/oauth2/client/endpoint/CanvasOAuth2AuthorizationCodeGrantRequestEntityConverter.java
+++ b/src/main/java/uk/ac/ox/ctl/oauth2/client/endpoint/CanvasOAuth2AuthorizationCodeGrantRequestEntityConverter.java
@@ -87,8 +87,7 @@ private MultiValueMap<String, String> buildFormParameters(
         authorizationExchange.getAuthorizationRequest().getRedirectUri());
     // This is the special Canvas bit.
     formParameters.add(REPLACE_TOKENS, REPLACE_TOKENS_VALUE);
-    if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) || ClientAuthenticationMethod.POST.equals(
-        clientRegistration.getClientAuthenticationMethod())) {
+    if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) ) {
       formParameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
       formParameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
     } else {
diff --git a/src/main/java/uk/ac/ox/ctl/oauth2/client/endpoint/OAuth2AuthorizationGrantRequestEntityUtils.java b/src/main/java/uk/ac/ox/ctl/oauth2/client/endpoint/OAuth2AuthorizationGrantRequestEntityUtils.java
index 285c1ad..e4006aa 100644
--- a/src/main/java/uk/ac/ox/ctl/oauth2/client/endpoint/OAuth2AuthorizationGrantRequestEntityUtils.java
+++ b/src/main/java/uk/ac/ox/ctl/oauth2/client/endpoint/OAuth2AuthorizationGrantRequestEntityUtils.java
@@ -48,7 +48,7 @@ final class OAuth2AuthorizationGrantRequestEntityUtils {
   static HttpHeaders getTokenRequestHeaders(ClientRegistration clientRegistration) {
     HttpHeaders headers = new HttpHeaders();
     headers.addAll(DEFAULT_TOKEN_REQUEST_HEADERS);
-    if (ClientAuthenticationMethod.BASIC.equals(
+    if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(
         clientRegistration.getClientAuthenticationMethod())) {
       headers.setBasicAuth(clientRegistration.getClientId(), clientRegistration.getClientSecret());
     }
diff --git a/src/main/java/uk/ac/ox/ctl/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java b/src/main/java/uk/ac/ox/ctl/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
index ff6464b..14a3776 100644
--- a/src/main/java/uk/ac/ox/ctl/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
+++ b/src/main/java/uk/ac/ox/ctl/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
@@ -15,6 +15,8 @@
  */
 package uk.ac.ox.ctl.oauth2.client.web.method.annotation;
 
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.core.MethodParameter;
 import org.springframework.core.annotation.AnnotatedElementUtils;
 import org.springframework.lang.Nullable;
@@ -40,8 +42,6 @@
 import org.springframework.web.method.support.ModelAndViewContainer;
 import uk.ac.ox.ctl.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 
 /**
  * An implementation of a {@link HandlerMethodArgumentResolver} that is capable of resolving a