chore: upgrade to spring-security 5.8.13

build.gradle.kts

@@ -69,6 +69,7 @@ subprojects {
         val striktVersion: String by project
         val detektVersion: String by project
 
+        testRuntimeOnly("org.slf4j:slf4j-simple:1.7.36")
         testImplementation(platform("io.strikt:strikt-bom:${striktVersion}"))
         detektPlugins("io.gitlab.arturbosch.detekt:detekt-formatting:${detektVersion}")
     }
@@ -135,15 +136,15 @@ subprojects {
     }
 
     testlogger {
-        showFullStackTraces = false
+        showFullStackTraces = true
         showCauses = true
         // time of execution more than this threshold = test is considered as slow
         slowThreshold = 2000
         showPassed = true
         showSkipped = true
         showFailed = true
         // set to 'true' to show whole error stream (all ERROR events)
-        showStandardStreams = false
+        showStandardStreams = true
         showPassedStandardStreams = false
         showSkippedStandardStreams = false
         showFailedStandardStreams = true

gooddata-server-oauth2-autoconfigure/build.gradle.kts

@@ -34,22 +34,23 @@ dependencies {
     val springMockkVersion: String by project
     val tinkVersion: String by project
     val wiremockVersion: String by project
+    val springSecurityVersion: String by project
 
     api("com.fasterxml.jackson.core:jackson-databind")
     api("io.netty:netty-codec-http")
     api("org.springframework.boot:spring-boot")
     api("org.springframework.boot:spring-boot-starter-webflux")
-    api("org.springframework.security:spring-security-oauth2-client:5.6.11")
-    api("org.springframework.security:spring-security-oauth2-resource-server:5.6.11")
+    api("org.springframework.security:spring-security-oauth2-client:$springSecurityVersion")
+    api("org.springframework.security:spring-security-oauth2-resource-server:$springSecurityVersion")
     api("org.springframework:spring-web")
 
     implementation("com.fasterxml.jackson.datatype:jackson-datatype-jsr310")
     implementation("com.github.ben-manes.caffeine:caffeine:3.1.8")
     implementation("com.google.crypto.tink:tink:${tinkVersion}")
     implementation("io.github.microutils:kotlin-logging:${kotlinLoggingVersion}")
     implementation("io.projectreactor.kotlin:reactor-kotlin-extensions")
-    implementation("org.springframework.security:spring-security-config:5.6.11")
-    implementation("org.springframework.security:spring-security-oauth2-jose:5.6.11")
+    implementation("org.springframework.security:spring-security-config:$springSecurityVersion")
+    implementation("org.springframework.security:spring-security-oauth2-jose:$springSecurityVersion")
 
     testImplementation("com.github.tomakehurst:wiremock:${wiremockVersion}")
     testImplementation("com.google.crypto.tink:tink:${tinkVersion}")

gooddata-server-oauth2-autoconfigure/src/main/kotlin/BearerTokenReactiveAuthenticationManagerResolver.kt

@@ -27,7 +27,7 @@ import org.springframework.security.core.Authentication
 import org.springframework.security.oauth2.core.OAuth2TokenValidator
 import org.springframework.security.oauth2.jwt.Jwt
 import org.springframework.security.oauth2.jwt.JwtException
-import org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken
+import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
 import org.springframework.security.oauth2.server.resource.authentication.JwtReactiveAuthenticationManager
 import org.springframework.web.server.ServerWebExchange
@@ -96,7 +96,7 @@ private class JwtAuthenticationManager(
             .flatMap(::authenticate)
     }
 
-    private fun authenticate(jwtToken: BearerTokenAuthenticationToken): Mono<Authentication>? {
+    private fun authenticate(jwtToken: BearerTokenAuthenticationToken): Mono<Authentication> {
         return getOrganizationFromContext().flatMap { organization ->
             val decoder = prepareJwtDecoder(getJwkSet(organization.id), supportedJwsAlgorithms)
                 .apply { setJwtValidator(jwtTokenValidator) }

gooddata-server-oauth2-autoconfigure/src/test/kotlin/OAuth2UserValidatorTest.kt

@@ -31,7 +31,7 @@ class OAuth2UserValidatorTest {
 
     private val userValidator = OAuth2UserValidator()
     private val userRequest = mockk<OAuth2UserRequest> {
-        every { clientRegistration } returns mockk {
+        every { clientRegistration } returns mockk(relaxed = true) {
             every { providerDetails } returns mockk {
                 every { userInfoEndpoint } returns mockk {
                     every { userNameAttributeName } returns "userName"

gradle.properties

@@ -30,3 +30,4 @@ tinkVersion=1.13.0
 wiremockVersion=2.27.2
 kotlinVersion=1.9.23
 springBootVersion=2.7.18
+springSecurityVersion=5.8.13

renovate.json5

@@ -24,7 +24,7 @@
     {
       "groupName": "spring security",
       "matchPackagePrefixes": ["org.springframework.security:"],
-      "allowedVersions": "<5.7.0"
+      "allowedVersions": "<6.0.0"
     },
     {
       "groupName": "spring boot",