spring - Spring Security中已弃用的AuthorizationServer的替代品是什么？

Question

Spring Security 5.2.2已合并了Spring Security OAuth项目，但未合并AuthorizationServer或ResourceServer。 Spring Security 5.2.2中的AuthorizationServer的替代品是什么？

OAuth-2.0-Migration-Guide

This document contains guidance for moving OAuth 2.0 Clients and Resource Servers from Spring Security OAuth 2.x to Spring Security 5.2.x. Since Spring Security doesn’t provide Authorization Server support, migrating a Spring Security OAuth Authorization Server is out of scope for this document.

Answer 1

首先要注意的是Spring Security OAuth 2.4.0 officially deprecates all its classes。
第二件事是根据Spring Security - OAuth 2.0 Features Matrix - FAQ:

We are no longer planning on adding Authorization Server support to Spring Security.

一种解决方案是使用OAuth2授权服务器，例如 Gluu或 Keycloak，但是根据您的使用情况以及在授权服务器中进行的定制程度，这当然不是一件容易的事。
由于Spring社区的抗议，人们还希望在Spring Security中仍然可以实现授权服务器。根据 Josh Cummings on Github:

We'd like to thank everyone for your feedback on the decision to not support Authorization Server. Due to this feedback and some internal discussions, we are taking another look at this decision. We'll notify the community on any progress.

另请参阅: https://spring.io/blog/2019/11/14/spring-security-oauth-2-0-roadmap-update
==更新2020年3月5日==
回答约瑟夫(Joseph)的问题:“是否继续使用会发生任何问题？”:目前，还没有特定的问题，Spring Security OAuth仍会保留，但是在不久的将来可能不会出现这种情况。引用 same blog post as above:

The 2.3.x line will reach EOL in March 2020. We will support the 2.4.x line at least one year after reaching feature parity.

To that end, with the release of Spring Security 5.2, we are strongly encouraging users to start migrating their legacy OAuth 2.0 client and resource server applications to the new support in Spring Security 5.2.

==更新2020年4月15日==
全新的Spring授权服务器是 announced。您可以在 Github上找到它。
==更新2020年5月7日==
如 Spring blog所宣布:

To that end, the plan is to provide patch and security fixes for the Spring Security Oauth 2.4.x and 2.5.x line until May 2021. Additionally, security fixes will be supported for the 2.5.x line until May 2022, at which point the project will have reached end-of-life.