auth0 · tanya732 · Feb 27, 2026 · Feb 26, 2026 · Feb 26, 2026 · Feb 27, 2026
@@ -2,27 +2,37 @@ plugins {
     id 'java-library'
 }
 
-group = 'com.auth0'
-version = '1.0.0-SNAPSHOT'
-
-java {
-    sourceCompatibility = JavaVersion.VERSION_1_8
-    targetCompatibility = JavaVersion.VERSION_1_8
+ext {
+    POM_ARTIFACT_ID = 'auth0-api-java'
+    POM_NAME = 'auth0-api-java'
+    POM_DESCRIPTION = 'Auth0 Java API Library'
+    POM_PACKAGING = 'jar'
 }
 
+// Disable javadoc for this module (Java 8 target, internal API)
 tasks.withType(Javadoc) {
     enabled = false
 }
 
+apply from: rootProject.file('gradle/versioning.gradle')
+
+group = GROUP
+version = getVersionFromFile()
+
+java {
+    sourceCompatibility = JavaVersion.VERSION_1_8
+    targetCompatibility = JavaVersion.VERSION_1_8
+}
+
 dependencies {
     // Core dependencies
     implementation 'com.fasterxml.jackson.core:jackson-databind:2.15.2'
     implementation 'org.apache.httpcomponents:httpclient:4.5.14'
-    
+
     // JWT validation dependencies
     implementation 'com.auth0:java-jwt:4.5.1'
     implementation 'com.auth0:jwks-rsa:0.23.0'
-    
+
     // Test dependencies
     testImplementation 'junit:junit:4.13.2'
     testImplementation 'org.hamcrest:hamcrest:2.2'
@@ -41,5 +51,6 @@ test {
     }
 }
 
-// This module is internal - no publishing configuration needed
-// It will be bundled into auth0-springboot-api as a transitive dependency
+logger.lifecycle("Using version ${version} for ${name} group ${group}")
+
+apply from: rootProject.file('gradle/maven-publish.gradle')
@@ -1,5 +1,6 @@
 package com.auth0.playground;
 
+import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.Authentication;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -11,13 +12,20 @@
 public class ProfileController {
 
     @GetMapping("/protected")
-    public String protectedEndpoint(Authentication authentication) {
-        System.out.println("🔐 Received request for protected resource: "+ authentication.getPrincipal().toString());
-        return "Hello " + authentication.getName() + ", access granted!";
+    public ResponseEntity<Map<String, Object>> protectedEndpoint(Authentication authentication) {
+        String userId = authentication.getName(); // Returns the 'sub' claim
+
+        return ResponseEntity.ok(Map.of(
+                "message", "Access granted!",
+                "user", userId,
+                "authenticated", true
+        ));
     }
 
     @GetMapping("/public")
-    public Map<String, Object> pub() {
-        return Map.of("message", "Public endpoint — no token required");
+    public ResponseEntity<Map<String, Object>> publicEndpoint() {
+        return ResponseEntity.ok(Map.of(
+                "message", "Public endpoint - no token required"
+        ));
     }
 }
@@ -3,12 +3,14 @@
 import com.auth0.spring.boot.Auth0AuthenticationFilter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 @Configuration
+@EnableMethodSecurity
 public class SecurityConfig {
     @Bean
     SecurityFilterChain apiSecurity(