From 397ea8cf72273e7f58d6032feea38fb6339f9359 Mon Sep 17 00:00:00 2001
From: nenaraab <nenaraab@users.noreply.github.com>
Date: Wed, 18 Aug 2021 17:45:34 +0200
Subject: [PATCH] XsuaaTokenFlows accepts
 com.sap.cloud.security.xsuaa.client.ClientCredentials as argument (#629)

* dependabot should run daily
* XsuaaTokenFlows accepts com.sap.cloud.security.xsuaa.client.ClientCredentials as argument
* bump version to 2.10.5
* upgrade spring-security deps to 2.5.2
---
 .github/dependabot.yml                        |  2 +-
 CHANGELOG.md                                  | 10 ++++++
 api/README.md                                 |  2 +-
 api/pom.xml                                   |  2 +-
 java-api/README.md                            |  2 +-
 java-api/pom.xml                              |  2 +-
 java-security-it/pom.xml                      |  2 +-
 java-security-test/README.md                  |  2 +-
 java-security-test/pom.xml                    |  2 +-
 .../Migration_SpringSecurityProjects.md       |  6 ++--
 java-security/README.md                       |  2 +-
 java-security/pom.xml                         |  2 +-
 pom.xml                                       |  4 +--
 samples/java-security-usage-ias/pom.xml       |  4 +--
 samples/java-security-usage/pom.xml           |  4 +--
 samples/java-tokenclient-usage/pom.xml        |  4 +--
 samples/sap-java-buildpack-api-usage/pom.xml  |  2 +-
 samples/spring-security-basic-auth/pom.xml    |  4 +--
 samples/spring-security-hybrid-usage/pom.xml  |  4 +--
 samples/spring-security-xsuaa-usage/pom.xml   |  4 +--
 .../pom.xml                                   |  4 +--
 spring-security-starter/pom.xml               |  2 +-
 spring-security/README.md                     |  2 +-
 spring-security/pom.xml                       |  4 +--
 spring-xsuaa-it/pom.xml                       |  2 +-
 spring-xsuaa-mock/README.md                   |  2 +-
 spring-xsuaa-mock/pom.xml                     |  2 +-
 spring-xsuaa-starter/pom.xml                  |  2 +-
 spring-xsuaa-test/README.md                   |  2 +-
 spring-xsuaa-test/pom.xml                     |  2 +-
 spring-xsuaa/README.md                        |  4 +--
 spring-xsuaa/pom.xml                          |  2 +-
 token-client/README.md                        |  6 ++--
 token-client/pom.xml                          |  2 +-
 .../xsuaa/tokenflows/XsuaaTokenFlows.java     | 19 ++++++++++-
 .../xsuaa/tokenflows/XsuaaTokenFlowsTest.java | 32 +++++++++++++++++--
 36 files changed, 105 insertions(+), 50 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 5f92433b2a..6d8d9c04b1 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,7 +3,7 @@ updates:
   - package-ecosystem: maven
     directory: "/"
     schedule:
-      interval: weekly
+      interval: daily
       time: "10:00"
       timezone: Etc/UCT
     reviewers:
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 23c1bfabac..fe1c93d8c5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,16 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## 2.10.5
+- [token-client] 
+  - `XsuaaTokenFlows` constructor accepts `com.sap.cloud.security.xsuaa.client.ClientCredentials` as argument.
+  
+#### Dependency upgrades
+- org.springframework.security:spring-security-oauth2-jose 5.5.1 --> 5.5.2
+- org.springframework.security:spring-security-oauth2-resource-server 5.5.1 --> 5.5.2
+- org.springframework.security:spring-security-oauth2-jose 5.5.1 --> 5.5.2
+- org.springframework.security:spring-boot-starter-test 5.5.1 --> 5.5.2
+
 ## 2.10.4
 - [java-security] Enrich `JsonParsingException` to detect wrong authorization headers earlier
 - [token-client] 
diff --git a/api/README.md b/api/README.md
index 18996768d5..7cb9c1be75 100644
--- a/api/README.md
+++ b/api/README.md
@@ -5,6 +5,6 @@
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>api</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 ```
diff --git a/api/pom.xml b/api/pom.xml
index 3a9652b642..a78f0fded0 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -11,7 +11,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<packaging>jar</packaging>
diff --git a/java-api/README.md b/java-api/README.md
index 01b71c4856..63ffa2a6de 100644
--- a/java-api/README.md
+++ b/java-api/README.md
@@ -5,6 +5,6 @@
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-api</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 ```
diff --git a/java-api/pom.xml b/java-api/pom.xml
index 9f9987612d..d1b30c84cc 100644
--- a/java-api/pom.xml
+++ b/java-api/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>
diff --git a/java-security-it/pom.xml b/java-security-it/pom.xml
index e595ade076..1b735edce9 100644
--- a/java-security-it/pom.xml
+++ b/java-security-it/pom.xml
@@ -9,7 +9,7 @@
     <parent>
         <artifactId>parent</artifactId>
         <groupId>com.sap.cloud.security.xsuaa</groupId>
-        <version>2.10.4</version>
+        <version>2.10.5</version>
     </parent>
 
     <artifactId>java-security-it</artifactId>
diff --git a/java-security-test/README.md b/java-security-test/README.md
index 1a8ade9256..ea5df01b08 100644
--- a/java-security-test/README.md
+++ b/java-security-test/README.md
@@ -22,7 +22,7 @@ It includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT) th
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-security-test</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
     <scope>test</scope>
 </dependency>
 ```
diff --git a/java-security-test/pom.xml b/java-security-test/pom.xml
index fdcbf79517..596cd0ff34 100644
--- a/java-security-test/pom.xml
+++ b/java-security-test/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>
diff --git a/java-security/Migration_SpringSecurityProjects.md b/java-security/Migration_SpringSecurityProjects.md
index b76c77b102..aa8e8699dc 100644
--- a/java-security/Migration_SpringSecurityProjects.md
+++ b/java-security/Migration_SpringSecurityProjects.md
@@ -37,19 +37,19 @@ First make sure you have the following dependencies defined in your pom.xml:
 <dependency>
   <groupId>com.sap.cloud.security.xsuaa</groupId>
   <artifactId>api</artifactId>
-  <version>2.10.4</version>
+  <version>2.10.5</version>
 </dependency>
 <dependency>
   <groupId>com.sap.cloud.security</groupId>
   <artifactId>java-security</artifactId>
-  <version>2.10.4</version>
+  <version>2.10.5</version>
 </dependency>
 
 <!-- new java-security dependencies for unit tests -->
 <dependency>
   <groupId>com.sap.cloud.security</groupId>
   <artifactId>java-security-test</artifactId>
-  <version>2.10.4</version>
+  <version>2.10.5</version>
   <scope>test</scope>
 </dependency>
 ```
diff --git a/java-security/README.md b/java-security/README.md
index c570b2bca9..33a89d7f87 100644
--- a/java-security/README.md
+++ b/java-security/README.md
@@ -47,7 +47,7 @@ In case of XSUAA does the JWT provide a valid `jku` token header parameter that
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-security</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 <dependency>
     <groupId>org.apache.httpcomponents</groupId>
diff --git a/java-security/pom.xml b/java-security/pom.xml
index 3ee252c086..81bac68ab1 100644
--- a/java-security/pom.xml
+++ b/java-security/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>
diff --git a/pom.xml b/pom.xml
index cd1230aa01..62b3d21b92 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
 
 	<groupId>com.sap.cloud.security.xsuaa</groupId>
 	<artifactId>parent</artifactId>
-	<version>2.10.4</version>
+	<version>2.10.5</version>
 	<packaging>pom</packaging>
 
 	<name>parent</name>
@@ -60,7 +60,7 @@
 		<!-- make sure that spring core and spring boot versions are compatible-->
 		<spring.boot.version>2.5.3</spring.boot.version>
 		<spring.core.version>5.3.9</spring.core.version>
-		<spring.security.version>5.5.1</spring.security.version>
+		<spring.security.version>5.5.2</spring.security.version>
 		<spring.security.oauth2.version>2.5.1.RELEASE</spring.security.oauth2.version>
 		<spring.security.jwt.version>1.1.1.RELEASE</spring.security.jwt.version>
 		<reactor.version>3.4.9</reactor.version>
diff --git a/samples/java-security-usage-ias/pom.xml b/samples/java-security-usage-ias/pom.xml
index 4ef6258ada..89c19db1c3 100755
--- a/samples/java-security-usage-ias/pom.xml
+++ b/samples/java-security-usage-ias/pom.xml
@@ -6,7 +6,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.sap.cloud.security.xssec.samples</groupId>
     <artifactId>java-security-usage-ias</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
     <packaging>war</packaging>
 
     <!--profiles>
@@ -27,7 +27,7 @@
     <properties>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
-        <sap.cloud.security.version>2.10.4</sap.cloud.security.version>
+        <sap.cloud.security.version>2.10.5</sap.cloud.security.version>
         <slf4j.api.version>1.7.30</slf4j.api.version>
         <apache.httpclient.version>4.5.13</apache.httpclient.version>
         <javax.servlet.api.version>4.0.1</javax.servlet.api.version>
diff --git a/samples/java-security-usage/pom.xml b/samples/java-security-usage/pom.xml
index f4b7b09c1a..8e32f8041c 100755
--- a/samples/java-security-usage/pom.xml
+++ b/samples/java-security-usage/pom.xml
@@ -6,7 +6,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.sap.cloud.security.xssec.samples</groupId>
     <artifactId>java-security-usage</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
     <packaging>war</packaging>
 
     <!--profiles>
@@ -27,7 +27,7 @@
     <properties>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
-        <sap.cloud.security.version>2.10.4</sap.cloud.security.version>
+        <sap.cloud.security.version>2.10.5</sap.cloud.security.version>
         <slf4j.api.version>1.7.30</slf4j.api.version>
         <apache.httpclient.version>4.5.13</apache.httpclient.version>
         <javax.servlet.api.version>4.0.1</javax.servlet.api.version>
diff --git a/samples/java-tokenclient-usage/pom.xml b/samples/java-tokenclient-usage/pom.xml
index 39feefbd44..0ef10e38f0 100755
--- a/samples/java-tokenclient-usage/pom.xml
+++ b/samples/java-tokenclient-usage/pom.xml
@@ -6,13 +6,13 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.sap.cloud.security.xssec.samples</groupId>
     <artifactId>java-tokenclient-usage</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
     <packaging>war</packaging>
 
     <properties>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
-        <sap.cloud.security.version>2.10.4</sap.cloud.security.version>
+        <sap.cloud.security.version>2.10.5</sap.cloud.security.version>
         <apache.httpclient.version>4.5.13</apache.httpclient.version>
         <javax.servlet.api.version>4.0.1</javax.servlet.api.version>
         <slf4j.api.version>1.7.30</slf4j.api.version>
diff --git a/samples/sap-java-buildpack-api-usage/pom.xml b/samples/sap-java-buildpack-api-usage/pom.xml
index 2d83683495..e92caf40eb 100755
--- a/samples/sap-java-buildpack-api-usage/pom.xml
+++ b/samples/sap-java-buildpack-api-usage/pom.xml
@@ -6,7 +6,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.sap.cloud.security.xssec.samples</groupId>
 	<artifactId>sap-java-buildpack-api-usage</artifactId>
-	<version>2.10.4</version>
+	<version>2.10.5</version>
 	<packaging>war</packaging>
 
 	<properties>
diff --git a/samples/spring-security-basic-auth/pom.xml b/samples/spring-security-basic-auth/pom.xml
index 2fbbe8cc42..aa45404bff 100644
--- a/samples/spring-security-basic-auth/pom.xml
+++ b/samples/spring-security-basic-auth/pom.xml
@@ -13,14 +13,14 @@
 	</parent>
 
 	<artifactId>spring-security-basic-auth</artifactId>
-	<version>2.10.4</version>
+	<version>2.10.5</version>
 	<name>spring-security-basic-auth</name>
 
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 		<java.version>1.8</java.version>
-		<sap.cloud.security.version>2.10.4</sap.cloud.security.version>
+		<sap.cloud.security.version>2.10.5</sap.cloud.security.version>
 		<apache.httpclient.version>4.5.13</apache.httpclient.version>
 	</properties>
 
diff --git a/samples/spring-security-hybrid-usage/pom.xml b/samples/spring-security-hybrid-usage/pom.xml
index c5cd12c511..648405f203 100644
--- a/samples/spring-security-hybrid-usage/pom.xml
+++ b/samples/spring-security-hybrid-usage/pom.xml
@@ -16,7 +16,7 @@
 
 	<groupId>com.sap.cloud.security.samples</groupId>
 	<artifactId>spring-security-hybrid-usage</artifactId>
-	<version>2.10.4</version>
+	<version>2.10.5</version>
 
 	<properties>
 		<!-- 
@@ -28,7 +28,7 @@
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 		<java.version>1.8</java.version>
-		<sap.cloud.security.version>2.10.4</sap.cloud.security.version>
+		<sap.cloud.security.version>2.10.5</sap.cloud.security.version>
 		<apache.httpclient.version>4.5.13</apache.httpclient.version>
 	</properties>
 
diff --git a/samples/spring-security-xsuaa-usage/pom.xml b/samples/spring-security-xsuaa-usage/pom.xml
index 7ed159f3ed..6b2539c294 100644
--- a/samples/spring-security-xsuaa-usage/pom.xml
+++ b/samples/spring-security-xsuaa-usage/pom.xml
@@ -16,7 +16,7 @@
 
 	<groupId>com.sap.cloud.security.samples</groupId>
 	<artifactId>spring-security-xsuaa-usage</artifactId>
-	<version>2.10.4</version>
+	<version>2.10.5</version>
 	<name>spring-security-xsuaa-usage</name>
 
 	<properties>
@@ -29,7 +29,7 @@
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 		<java.version>1.8</java.version>
-		<sap.cloud.security.version>2.10.4</sap.cloud.security.version>
+		<sap.cloud.security.version>2.10.5</sap.cloud.security.version>
 		<apache.httpclient.version>4.5.13</apache.httpclient.version>
 	</properties>
 
diff --git a/samples/spring-webflux-security-xsuaa-usage/pom.xml b/samples/spring-webflux-security-xsuaa-usage/pom.xml
index 34d5b5328c..5325b6447d 100644
--- a/samples/spring-webflux-security-xsuaa-usage/pom.xml
+++ b/samples/spring-webflux-security-xsuaa-usage/pom.xml
@@ -14,12 +14,12 @@
 
     <groupId>com.sap.cloud.security.samples</groupId>
     <artifactId>spring-webflux-security-xsuaa-usage</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
     <name>spring-webflux-security-xsuaa-usage</name>
 
     <properties>
         <java.version>1.8</java.version>
-        <sap.cloud.security.version>2.10.4</sap.cloud.security.version>
+        <sap.cloud.security.version>2.10.5</sap.cloud.security.version>
     </properties>
 
     <dependencies>
diff --git a/spring-security-starter/pom.xml b/spring-security-starter/pom.xml
index eca8598b7f..e49df60150 100644
--- a/spring-security-starter/pom.xml
+++ b/spring-security-starter/pom.xml
@@ -16,7 +16,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>
diff --git a/spring-security/README.md b/spring-security/README.md
index f1da137054..3494c1cbde 100644
--- a/spring-security/README.md
+++ b/spring-security/README.md
@@ -34,7 +34,7 @@ These (spring) dependencies needs to be provided:
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>resourceserver-security-spring-boot-starter</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 <dependency>
     <groupId>org.apache.httpcomponents</groupId>
diff --git a/spring-security/pom.xml b/spring-security/pom.xml
index 7da61c4961..660d9c8ee3 100644
--- a/spring-security/pom.xml
+++ b/spring-security/pom.xml
@@ -9,13 +9,13 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>
 	<artifactId>spring-security</artifactId>
 	<packaging>jar</packaging>
-	<version>2.10.4</version>
+	<version>2.10.5</version>
 
 	<dependencies>
 		<dependency>
diff --git a/spring-xsuaa-it/pom.xml b/spring-xsuaa-it/pom.xml
index 0350187086..22d5f5db65 100644
--- a/spring-xsuaa-it/pom.xml
+++ b/spring-xsuaa-it/pom.xml
@@ -8,7 +8,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<artifactId>spring-xsuaa-it</artifactId>
diff --git a/spring-xsuaa-mock/README.md b/spring-xsuaa-mock/README.md
index acbdf52cf3..cfd472fc9b 100644
--- a/spring-xsuaa-mock/README.md
+++ b/spring-xsuaa-mock/README.md
@@ -21,7 +21,7 @@ The default implementation offers already valid *token_keys* for JWT tokens, tha
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>spring-xsuaa-mock</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 <dependency> <!-- new with version 1.5.0 - provided with org.springframework.boot:spring-boot-starter:jar -->
     <groupId>org.springframework.boot</groupId>
diff --git a/spring-xsuaa-mock/pom.xml b/spring-xsuaa-mock/pom.xml
index 3678f1be0e..f0f5f77304 100644
--- a/spring-xsuaa-mock/pom.xml
+++ b/spring-xsuaa-mock/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<artifactId>spring-xsuaa-mock</artifactId>
diff --git a/spring-xsuaa-starter/pom.xml b/spring-xsuaa-starter/pom.xml
index 237f94feae..37a182ec3c 100644
--- a/spring-xsuaa-starter/pom.xml
+++ b/spring-xsuaa-starter/pom.xml
@@ -16,7 +16,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<artifactId>xsuaa-spring-boot-starter</artifactId>
diff --git a/spring-xsuaa-test/README.md b/spring-xsuaa-test/README.md
index 2664df06a1..41bb87153f 100644
--- a/spring-xsuaa-test/README.md
+++ b/spring-xsuaa-test/README.md
@@ -31,7 +31,7 @@ This includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT)
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>spring-xsuaa-test</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
     <scope>test</scope>
 </dependency>
 
diff --git a/spring-xsuaa-test/pom.xml b/spring-xsuaa-test/pom.xml
index 5a3ca13c91..dba8273426 100644
--- a/spring-xsuaa-test/pom.xml
+++ b/spring-xsuaa-test/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<artifactId>spring-xsuaa-test</artifactId>
diff --git a/spring-xsuaa/README.md b/spring-xsuaa/README.md
index c425c850e7..7b9eae09d4 100644
--- a/spring-xsuaa/README.md
+++ b/spring-xsuaa/README.md
@@ -25,7 +25,7 @@ These (spring) dependencies needs to be provided:
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>spring-xsuaa</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 <dependency> <!-- new with version 1.5.0 -->
     <groupId>org.apache.logging.log4j</groupId>
@@ -39,7 +39,7 @@ These (spring) dependencies needs to be provided:
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>xsuaa-spring-boot-starter</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 ```
 
diff --git a/spring-xsuaa/pom.xml b/spring-xsuaa/pom.xml
index 218f3a3182..8f6b8ade55 100644
--- a/spring-xsuaa/pom.xml
+++ b/spring-xsuaa/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<artifactId>spring-xsuaa</artifactId>
diff --git a/token-client/README.md b/token-client/README.md
index f915cbdf2e..54555a4d00 100644
--- a/token-client/README.md
+++ b/token-client/README.md
@@ -23,7 +23,7 @@ The Resource owner password credentials (i.e., username and password) can be use
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>token-client</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 <dependency>
   <groupId>org.apache.httpcomponents</groupId>
@@ -83,7 +83,7 @@ By default, the `DefaultOAuth2TokenService` caches tokens internally. The Cache
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>token-client</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 <dependency>
     <groupId>org.springframework</groupId>
@@ -136,7 +136,7 @@ In context of a Spring Boot application you may like to leverage auto-configurat
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>xsuaa-spring-boot-starter</artifactId>
-    <version>2.10.4</version>
+    <version>2.10.5</version>
 </dependency>
 <dependency> <!-- required when using Spring Web `RestTemplate` with X.509 authentication method-->
   <groupId>org.apache.httpcomponents</groupId>
diff --git a/token-client/pom.xml b/token-client/pom.xml
index 78a7d8d94b..e2247f2d6c 100644
--- a/token-client/pom.xml
+++ b/token-client/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.10.4</version>
+		<version>2.10.5</version>
 	</parent>
 
 	<artifactId>token-client</artifactId>
diff --git a/token-client/src/main/java/com/sap/cloud/security/xsuaa/tokenflows/XsuaaTokenFlows.java b/token-client/src/main/java/com/sap/cloud/security/xsuaa/tokenflows/XsuaaTokenFlows.java
index 8fb9f88d4a..6fb4288b49 100644
--- a/token-client/src/main/java/com/sap/cloud/security/xsuaa/tokenflows/XsuaaTokenFlows.java
+++ b/token-client/src/main/java/com/sap/cloud/security/xsuaa/tokenflows/XsuaaTokenFlows.java
@@ -7,7 +7,9 @@
 
 import java.io.Serializable;
 
-import com.sap.cloud.security.xsuaa.client.*;
+import com.sap.cloud.security.config.ClientCredentials;
+import com.sap.cloud.security.xsuaa.client.OAuth2TokenService;
+import com.sap.cloud.security.xsuaa.client.OAuth2ServiceEndpointsProvider;
 import com.sap.cloud.security.config.ClientIdentity;
 
 import static com.sap.cloud.security.xsuaa.Assertions.assertNotNull;
@@ -27,6 +29,21 @@ public class XsuaaTokenFlows implements Serializable {
 	private final OAuth2TokenService oAuth2TokenService;
 	private final OAuth2ServiceEndpointsProvider endpointsProvider;
 
+	/**
+	 * @deprecated in favor of {@link #XsuaaTokenFlows(OAuth2TokenService, OAuth2ServiceEndpointsProvider, ClientIdentity)}
+	 */
+	@Deprecated
+	public XsuaaTokenFlows(OAuth2TokenService oAuth2TokenService,
+						   OAuth2ServiceEndpointsProvider endpointsProvider, com.sap.cloud.security.xsuaa.client.ClientCredentials clientCredentials) {
+		assertNotNull(oAuth2TokenService, "OAuth2TokenService must not be null.");
+		assertNotNull(endpointsProvider, "OAuth2ServiceEndpointsProvider must not be null");
+		assertNotNull(clientCredentials, "ClientCredentials must not be null.");
+
+		this.oAuth2TokenService = oAuth2TokenService;
+		this.endpointsProvider = endpointsProvider;
+		this.clientIdentity = new ClientCredentials(clientCredentials.getId(), clientCredentials.getSecret());
+	}
+
 	/**
 	 * Create a new instance of this bean with the given RestTemplate. Applications
 	 * should {@code @Autowire} instances of this bean.
diff --git a/token-client/src/test/java/com/sap/cloud/security/xsuaa/tokenflows/XsuaaTokenFlowsTest.java b/token-client/src/test/java/com/sap/cloud/security/xsuaa/tokenflows/XsuaaTokenFlowsTest.java
index c7ced5f6a4..3a4fe3001b 100644
--- a/token-client/src/test/java/com/sap/cloud/security/xsuaa/tokenflows/XsuaaTokenFlowsTest.java
+++ b/token-client/src/test/java/com/sap/cloud/security/xsuaa/tokenflows/XsuaaTokenFlowsTest.java
@@ -15,12 +15,25 @@
 import org.junit.runner.RunWith;
 import org.mockito.Mockito;
 import org.mockito.junit.MockitoJUnitRunner;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.client.RestOperations;
 import org.springframework.web.client.RestTemplate;
 
+import java.net.URI;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import static com.sap.cloud.security.xsuaa.client.OAuth2TokenServiceConstants.*;
+import static com.sap.cloud.security.xsuaa.client.OAuth2TokenServiceConstants.TOKEN_TYPE;
 import static com.sap.cloud.security.xsuaa.tokenflows.TestConstants.CLIENT_CREDENTIALS;
 import static com.sap.cloud.security.xsuaa.tokenflows.TestConstants.XSUAA_BASE_URI;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.junit.Assert.assertNotNull;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
 
 @RunWith(MockitoJUnitRunner.class)
 public class XsuaaTokenFlowsTest {
@@ -29,13 +42,21 @@ public class XsuaaTokenFlowsTest {
 	private XsuaaTokenFlows cut;
 	private OAuth2ServiceEndpointsProvider endpointsProvider;
 	private OAuth2TokenService oAuth2TokenService;
+	private RestOperations restOperations;
 
 	@Before
 	public void setup() {
 		oAuth2ServiceConfiguration = Mockito.mock(OAuth2ServiceConfiguration.class);
 		Mockito.when(oAuth2ServiceConfiguration.getUrl()).thenReturn(XSUAA_BASE_URI);
 		this.endpointsProvider = new XsuaaDefaultEndpoints(oAuth2ServiceConfiguration);
-		this.oAuth2TokenService = new XsuaaOAuth2TokenService(new RestTemplate());
+		this.restOperations = Mockito.mock(RestTemplate.class);
+		Map responseMap = new HashMap<>();
+		responseMap.put(ACCESS_TOKEN, "f529.dd6e30.d454677322aaabb0");
+		responseMap.put(EXPIRES_IN, "43199");
+		responseMap.put(TOKEN_TYPE, "bearer");
+		Mockito.when(restOperations.postForEntity(any(URI.class), any(HttpEntity.class), eq(Map.class)))
+				.thenReturn(new ResponseEntity<>(responseMap, HttpStatus.OK));
+		this.oAuth2TokenService = new XsuaaOAuth2TokenService(restOperations);
 		cut = new XsuaaTokenFlows(oAuth2TokenService, this.endpointsProvider, CLIENT_CREDENTIALS);
 	}
 
@@ -51,7 +72,7 @@ public void constructor_throwsOnNullValues() {
 
 		assertThatThrownBy(() -> {
 			new XsuaaTokenFlows(oAuth2TokenService, endpointsProvider, null);
-		}).isInstanceOf(IllegalArgumentException.class).hasMessageStartingWith("ClientIdentity");
+		}).isInstanceOf(IllegalArgumentException.class).hasMessageStartingWith("ClientCredentials");
 
 	}
 
@@ -78,4 +99,11 @@ public void startPasswordTokenFlow() {
 		PasswordTokenFlow flow = cut.passwordTokenFlow();
 		assertNotNull("PasswordTokenFlow must not be null.", flow);
 	}
+
+	@Test
+	public void versionMismatch() throws TokenFlowException {
+		cut = new XsuaaTokenFlows(oAuth2TokenService, this.endpointsProvider, new com.sap.cloud.security.xsuaa.client.ClientCredentials("sb-spring-netflix-demo!t12291",
+				"2Tc2Xz7DNy4KiACwvunulmxF32w="));
+		cut.clientCredentialsTokenFlow().execute();
+	}
 }