Merge pull request #1063 from swagger-api/swos-617

exclude json module from apache oauth2 client to fix security issue.

Author: HugoMario

src/main/resources/handlebars/Java/libraries/feign/build.gradle.java11.mustache

@@ -45,7 +45,10 @@ dependencies {
     {{#threetenbp}}
     implementation "com.github.joschi.jackson:jackson-datatype-threetenbp:$threepane_version"
     {{/threetenbp}}
-    implementation "org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"
+    implementation("org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version") {
+        exclude group: 'org.json', module: 'json'
+    }
+    implementation "org.json:json:20180130"
     implementation "com.brsanthu:migbase64:2.2"
     implementation "com.sun.xml.ws:jaxws-rt:2.3.3"
     testImplementation "junit:junit:$junit_version"

src/main/resources/handlebars/Java/libraries/feign/build.gradle.mustache

@@ -139,7 +139,10 @@ dependencies {
     {{#threetenbp}}
     compile "com.github.joschi.jackson:jackson-datatype-threetenbp:$threepane_version"
     {{/threetenbp}}
-    compile "org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"
+    compile ("org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version") {
+        exclude group: "org.json", module: "json"
+    }
+    compile "org.json:json:20180130"
     compile "com.brsanthu:migbase64:2.2"
     testCompile "junit:junit:$junit_version"
 }

src/main/resources/handlebars/Java/libraries/retrofit/build.gradle.java11.mustache

@@ -28,7 +28,10 @@ dependencies {
     {{^useOas2}}
     implementation "io.swagger.core.v3:swagger-annotations:$swagger_annotations_version"
     {{/useOas2}}
-    implementation "org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"
+    implementation("org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version") {
+        exclude group: 'org.json', module: 'json'
+    }
+    implementation "org.json:json:20180130"
     implementation "joda-time:joda-time:$jodatime_version"
     implementation "com.sun.xml.ws:jaxws-rt:2.3.3"
     testImplementation "junit:junit:$junit_version"

src/main/resources/handlebars/Java/libraries/retrofit/build.gradle.mustache

@@ -122,7 +122,10 @@ dependencies {
     {{^useOas2}}
     compile "io.swagger.core.v3:swagger-annotations:$swagger_annotations_version"
     {{/useOas2}}
-    compile "org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"
+    compile ("org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version") {
+        exclude group: "org.json", module: "json"
+    }
+    compile "org.json:json:20180130"
     compile "joda-time:joda-time:$jodatime_version"
     testCompile "junit:junit:$junit_version"
 }

src/main/resources/handlebars/Java/libraries/retrofit2/build.gradle.java11.mustache

@@ -60,7 +60,9 @@ dependencies {
     {{/useOas2}}
     implementation ("org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"){
         exclude group:'org.apache.oltu.oauth2' , module: 'org.apache.oltu.oauth2.common'
+        exclude group: 'org.json', module: 'json'
     }
+    implementation "org.json:json:20180130"
     implementation "io.gsonfire:gson-fire:$json_fire_version"
     {{#joda}}
     implementation "joda-time:joda-time:$jodatime_version"

src/main/resources/handlebars/Java/libraries/retrofit2/build.gradle.mustache

@@ -151,7 +151,10 @@ dependencies {
     {{^useOas2}}
     compile "io.swagger.core.v3:swagger-annotations:$swagger_annotations_version"
     {{/useOas2}}
-    compile "org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"
+    compile ("org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version") {
+        exclude group: "org.json", module: "json"
+    }
+    compile "org.json:json:20180130"
     compile "io.gsonfire:gson-fire:$json_fire_version"
     {{#joda}}
     compile "joda-time:joda-time:$jodatime_version"