OAuth upgrade
Strip out the legacy org.springframework.security.oauth:spring-security-oauth2
and switch to org.springframework.security:spring-security-oauth2-resource-server
and spring-security-oauth2-authorization-server
.
If the authorization-server
becomes a problem, then perhaps start with Google's OAuth 2 login (see https://docs.spring.io/spring-security/reference/servlet/oauth2/login/advanced.html#oauth2login-advanced-redirection-endpoint for example) or with Okta.