Update dependency no.nav.security:mock-oauth2-server to v2

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
no.nav.security:mock-oauth2-server	0.5.10 -> 2.1.10

---

Release Notes

navikt/mock-oauth2-server (no.nav.security:mock-oauth2-server)

v2.1.10

Compare Source

What's Changed

• fix(logback): set logback severity back to INFO (#​753) @​jenspav
• fix(readme): replace scope with code (#​754) @​jenspav
• feat: support custom TimeProvider when validating tokens (introspect, userinfo) (#​730) @​tommytroen

⬆️ Dependency upgrades

• chore(deps): bump the github group with 7 updates (#​734) @​dependabot
• chore(deps): bump the github group across 1 directory with 2 updates (#​733) @​dependabot

v2.1.9

Compare Source

What's Changed

• chore(build): netty-all with netty-codec-http (#​723) @​ybelMekk
• Fix/704 response types (#​710) @​pniederlag

⬆️ Dependency upgrades

• chore(deps): bump the github group across 1 directory with 5 updates (#​726) @​dependabot
• chore: bumped gradle wrapper to 8.9 (#​724) @​MikAoJk
• chore(deps): bump the github group across 1 directory with 17 updates (#​722) @​dependabot
• chore(deps): bump the github group across 1 directory with 2 updates (#​715) @​dependabot

v2.1.8

Compare Source

What's Changed

🐛 Bug Fixes

• fix: extend wellknown return values (#​704) (#​706) @​pniederlag

⬆️ Dependency upgrades

• chore(deps): bump the github group across 1 directory with 20 updates (#​709) @​dependabot
• chore(deps): bump org.jetbrains.kotlinx:kotlinx-serialization-json from 1.6.3 to 1.7.0 in the github group (#​702) @​dependabot

v2.1.7

Compare Source

What's Changed

🚀 Features

• feat: support objects and lists in request mapping claims (#​699) @​tommytroen

v2.1.6

Compare Source

What's Changed

• #​691 OAuth2TokenProvider should allow dynamic systemTime (#​693) @​xuanswe

⬆️ Dependency upgrades

• chore(deps): bump the github group across 1 directory with 6 updates (#​698) @​dependabot
• chore(deps): bump the github group across 1 directory with 9 updates (#​689) @​dependabot
• chore(deps): bump JamesIves/github-pages-deploy-action from 4.6.0 to 4.6.1 in the github group (#​685) @​dependabot
• chore(deps): bump the github group across 1 directory with 2 updates (#​684) @​dependabot
• chore(deps): bump the github group across 1 directory with 15 updates (#​679) @​dependabot
• chore(deps): bump the github group with 2 updates (#​676) @​dependabot

v2.1.5

Compare Source

What's Changed

🚀 Features

• feat(tokenprovider): support setting a static system time (#​668) @​tommytroen
• feat(logback): only use logback config in standalone server (#​667) @​tommytroen
• feat(DefaultOAuth2TokenCallback): Allow overriding tid claim (#​663) @​oddsund

⬆️ Dependency upgrades

• chore(deps): bump the github group with 2 updates (#​666) @​dependabot
• chore(deps): bump dependabot/fetch-metadata from 2.0.0 to 2.1.0 in the github group (#​672) @​dependabot
• chore(deps): bump JamesIves/github-pages-deploy-action from 4.5.0 to 4.6.0 in the github group (#​669) @​dependabot
• chore(deps): bump the github group across 1 directory with 7 updates (#​671) @​dependabot

v2.1.4

Compare Source

What's Changed

⬆️ Dependency upgrades

• chore(deps): bump the github group with 1 update (#​656) @​dependabot
• chore(deps): bump the github group with 28 updates (#​662) @​dependabot

v2.1.3

Compare Source

What's Changed

Breaking changes

• The constructor for the OAuth2Config class accepts a new parameter rotateRefreshToken. This has a default value of false. You may need to update your code if you're instantiating a OAuth2Config without named parameters.

🚀 Features

• feat(refresh_token): rotate refresh tokens if configured to rotate (#​645) @​tommytroen

⬆️ Dependency upgrades

• chore(deps): bump the github group with 23 updates (#​650) @​dependabot
• chore(deps): bump bouncycastle, use bcpkix-jdk18on instead of jdk15on (#​641) @​tommytroen

v2.1.2

Compare Source

What's Changed

⬆️ Dependency upgrades

• chore(deps): bump transitive dep jsonpath to 2.9.0 (#​640) @​tommytroen
• chore(deps): bump the github group with 22 updates (#​639) @​dependabot
• chore(deps): bump release-drafter/release-drafter from 5 to 6 (#​634) @​dependabot
• chore(deps): bump com.nimbusds:oauth2-oidc-sdk from 11.6 to 11.9.1 (#​622) @​dependabot
• chore(deps): bump org.assertj:assertj-core from 3.25.1 to 3.25.2 (#​631) @​dependabot
• chore(deps): bump gradle/gradle-build-action from 2 to 3 (#​632) @​dependabot
• chore(deps): bump io.netty:netty-all from 4.1.104.Final to 4.1.106.Final (#​629) @​dependabot
• chore(deps): bump org.jmailen.kotlinter from 4.1.1 to 4.2.0 (#​624) @​dependabot
• chore(deps): bump com.github.ben-manes.versions from 0.50.0 to 0.51.0 (#​630) @​dependabot
• chore(deps): bump com.fasterxml.woodstox:woodstox-core from 6.5.1 to 6.6.0 (#​626) @​dependabot

v2.1.1

Compare Source

What's Changed

• feat: add id-token to password grant token response (#​610) @​jp7677

⬆️ Dependency upgrades

• chore(deps): bump org.assertj:assertj-core from 3.25.0 to 3.25.1 (#​621) @​dependabot
• chore(deps): bump io.projectreactor:reactor-test from 3.6.1 to 3.6.2 (#​623) @​dependabot
• chore(deps): bump org.assertj:assertj-core from 3.24.2 to 3.25.0 (#​620) @​dependabot
• chore(deps): bump org.jmailen.kotlinter from 4.1.0 to 4.1.1 (#​618) @​dependabot
• chore(deps): bump jacksonVersion from 2.16.0 to 2.16.1 (#​617) @​dependabot
• chore(deps): bump org.jetbrains.kotlin:kotlin-test-junit5 from 1.9.21 to 1.9.22 (#​616) @​dependabot
• chore(deps): bump jvm from 1.9.21 to 1.9.22 (#​614) @​dependabot
• chore(deps): bump io.netty:netty-all from 4.1.101.Final to 4.1.104.Final (#​613) @​dependabot
• chore(deps): bump io.projectreactor:reactor-test from 3.6.0 to 3.6.1 (#​608) @​dependabot

v2.1.0

Compare Source

What's Changed

🚀 Features

• Regex based matching in RequestMappingTokenCallback and request parameters used as variables inside claims (#​578) @​kvokacka

⬆️ Dependency upgrades

• chore(deps): bump ch.qos.logback:logback-classic from 1.4.13 to 1.4.14 (#​604) @​dependabot
• chore(deps): bump actions/stale from 8 to 9 (#​605) @​dependabot
• chore(deps): bump ktorVersion from 2.3.6 to 2.3.7 (#​606) @​dependabot
• chore(deps): bump ch.qos.logback:logback-classic from 1.4.11 to 1.4.13 (#​602) @​dependabot
• chore(deps): bump actions/setup-java from 3 to 4 (#​603) @​dependabot
• chore(deps): bump JamesIves/github-pages-deploy-action from 4.4.3 to 4.5.0 (#​601) @​dependabot
• chore(deps): bump springBootVersion from 3.1.5 to 3.2.0 (#​596) @​dependabot
• chore(deps): bump jvm from 1.9.20 to 1.9.21 (#​597) @​dependabot
• chore(deps): bump org.jetbrains.kotlin:kotlin-test-junit5 from 1.9.20 to 1.9.21 (#​598) @​dependabot

v2.0.1

Compare Source

What's Changed

🚀 Features

• feat: basic client authentication for token exchange grant (#​564) @​valdemon

🐛 Bug Fixes

• fix: use hostname instead of canonicalHostname (#​586) @​tronghn
  • this should resolve issues with inconsistent URLs for Windows users
• fix(httpRequest): naming clash, update nimbus sdk to latest (#​576) @​ybelMekk

⬆️ Dependency upgrades

• chore(deps): bump com.github.ben-manes.versions from 0.49.0 to 0.50.0 (#​595) @​dependabot
• chore(deps): bump jacksonVersion from 2.15.3 to 2.16.0 (#​594) @​dependabot
• chore(deps): bump io.projectreactor:reactor-test from 3.5.11 to 3.6.0 (#​593) @​dependabot
• chore(deps): bump org.jmailen.kotlinter from 4.0.0 to 4.1.0 (#​592) @​dependabot
• chore(deps): bump io.netty:netty-all from 4.1.100.Final to 4.1.101.Final (#​588) @​dependabot
• chore(deps): bump ktorVersion from 2.3.5 to 2.3.6 (#​587) @​dependabot
• chore(deps): bump kotestVersion from 5.7.2 to 5.8.0 (#​584) @​dependabot
• chore(deps): bump junitJupiterVersion from 5.10.0 to 5.10.1 (#​583) @​dependabot
• chore(deps): bump com.nimbusds:oauth2-oidc-sdk from 11.5 to 11.6 (#​585) @​dependabot
• chore(deps): bump org.jetbrains.kotlin:kotlin-test-junit5 from 1.9.10 to 1.9.20 (#​580) @​dependabot
• chore(deps): bump jvm from 1.9.10 to 1.9.20 (#​579) @​dependabot
• chore(deps): bump com.nimbusds:oauth2-oidc-sdk from 11.4 to 11.5 (#​577) @​dependabot
• chore(deps): bump springBootVersion from 3.1.4 to 3.1.5 (#​574) @​dependabot
• fix(httpRequest): naming clash, update nimbus sdk to latest (#​576) @​ybelMekk
• chore(deps): bump com.nimbusds:oauth2-oidc-sdk from 10.15 to 11.4 (#​571) @​dependabot
• chore(deps): bump org.jetbrains.dokka from 1.9.0 to 1.9.10 (#​569) @​dependabot
• chore(deps): bump com.squareup.okhttp3:mockwebserver from 4.11.0 to 4.12.0 (#​568) @​dependabot
• chore(deps): bump jacksonVersion from 2.15.2 to 2.15.3 (#​567) @​dependabot
• chore(deps): bump io.projectreactor:reactor-test from 3.5.10 to 3.5.11 (#​566) @​dependabot
• chore(deps): bump io.netty:netty-all from 4.1.99.Final to 4.1.100.Final (#​565) @​dependabot
• bump(deps): kotlinter 3.16.0 to 4.0.0 (#​562) @​ybelMekk
• chore(deps): bump com.github.ben-manes.versions from 0.48.0 to 0.49.0 (#​559) @​dependabot
• chore(deps): bump ktorVersion from 2.3.4 to 2.3.5 (#​556) @​dependabot
• chore(deps): bump io.netty:netty-all from 4.1.98.Final to 4.1.99.Final (#​555) @​dependabot
• chore(deps): bump com.google.cloud.tools.jib from 3.3.2 to 3.4.0 (#​554) @​dependabot
• chore(deps): bump io.netty:netty-all from 4.1.97.Final to 4.1.98.Final (#​552) @​dependabot
• chore(deps): bump springBootVersion from 3.1.3 to 3.1.4 (#​553) @​dependabot
• chore(deps): bump com.nimbusds:oauth2-oidc-sdk from 10.14.2 to 10.15 (#​549) @​dependabot
• chore(deps): bump io.projectreactor:reactor-test from 3.5.9 to 3.5.10 (#​548) @​dependabot
• chore(deps): bump docker/login-action from 2 to 3 (#​546) @​dependabot

v2.0.0

Compare Source

What's Changed

🚀 Features

• feat: allow to configure clientId as sub in RequestMapping (#​532) @​kvokacka
• feat: serve static assets, support wildcard path in routes (#​526) @​tommytroen
• feat(oauth2): add state when provided (#​524) @​ybelMekk

⚠️ Breaking Changes

• feat: serve static assets, support wildcard path in routes (#​526) @​tommytroen

⬆️ Dependency upgrades

• chore(deps): bump actions/checkout from 3 to 4 (#​540) @​dependabot
• chore(deps): bump kotestVersion from 5.7.1 to 5.7.2 (#​541) @​dependabot
• chore(deps): bump com.github.ben-manes.versions from 0.47.0 to 0.48.0 (#​542) @​dependabot
• chore(deps): bump kotestVersion from 5.6.2 to 5.7.1 (#​539) @​dependabot
• chore(deps): bump ktorVersion from 2.3.3 to 2.3.4 (#​534) @​dependabot
• chore(deps): bump org.jetbrains.dokka from 1.8.20 to 1.9.0 (#​538) @​dependabot
• chore(deps): bump com.nimbusds:oauth2-oidc-sdk from 10.13.2 to 10.14.2 (#​537) @​dependabot
• chore(deps): bump org.yaml:snakeyaml from 2.0 to 2.2 (#​536) @​dependabot
• chore(deps): bump com.fasterxml.woodstox:woodstox-core from 6.4.0 to 6.5.1 (#​535) @​dependabot
• chore(deps): bump org.jetbrains.kotlin:kotlin-test-junit5 from 1.9.0 to 1.9.10 (#​529) @​dependabot
• chore(deps): bump jvm from 1.9.0 to 1.9.10 (#​528) @​dependabot
• chore(deps): bump io.netty:netty-all from 4.1.96.Final to 4.1.97.Final (#​527) @​dependabot
• chore(deps): bump ch.qos.logback:logback-classic from 1.4.8 to 1.4.11 (#​521) @​dependabot
• chore(deps): bump io.projectreactor:reactor-test from 3.4.24 to 3.5.9 (#​523) @​dependabot
• chore(deps): bump org.jmailen.kotlinter from 3.15.0 to 3.16.0 (#​522) @​dependabot
• chore(deps): bump com.nimbusds:oauth2-oidc-sdk from 10.11 to 10.13.2 (#​520) @​dependabot
• chore(deps): bump io.netty:netty-all from 4.1.94.Final to 4.1.96.Final (#​515) @​dependabot
• chore(deps): bump ktorVersion from 2.3.2 to 2.3.3 (#​517) @​dependabot
• chore(deps): bump junitJupiterVersion from 5.9.3 to 5.10.0 (#​512) @​dependabot
• chore(deps): bump springBootVersion from 3.1.1 to 3.1.2 (#​510) @​dependabot

🚧 Fix

• fix(server): replace deprecated Java API (#​530) @​ybelMekk
• add(workflows): permissions for action to publish (navikt/mock-oauth2-server@1c8c8ed) @​ybelMekk

v1.0.0

Compare Source

What's Changed

⬆️ Upgrades

• Java 11 -> 17
• Spring Boot 2 -> 3
• Bumped various libraries to their latest versions

Full Changelog: navikt/mock-oauth2-server@0.5.10...1.0.0

---

Configuration

📅 Schedule: Branch creation - "every 3 weeks on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vlsi]

Incompatible because this component declares a component, compatible with Java 17 and the consumer needed a component, compatible with Java 11

[loosebazooka]

yeah unlike last time, this appears to be a very intentional move to java 17. We probably just need to disable this test on Java11?

[vlsi]

Do we gain much from dropping Java 11?
Do we lose userbase by dropping Java 11?

I would rather pin mok-oauth2 to v1 to avoid adding unexpected Java 17 requirements for the users.

[loosebazooka]

I think we could run this test only on java17?