From f647f537085e0a1398e554e436747679b64d42ee Mon Sep 17 00:00:00 2001
From: Andres Contreras <andres.contreras@soon.es>
Date: Thu, 18 Jun 2026 21:49:00 +0200
Subject: [PATCH 1/6] build: manage the fireflyframework-security platform in
 the single BOM

Register all fireflyframework-security-* modules (api/spi/core/webflux/
resource-server, method-policy, oauth2-client, authorization-server,
autoconfigure, test, and adapters incl. adapter-r2dbc) plus Spring
Authorization Server. Consolidation: there is one framework BOM (no
separate security-bom).
---
 pom.xml | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 93 insertions(+)

diff --git a/pom.xml b/pom.xml
index 6532571..66d17d3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -222,6 +222,99 @@
                 <version>${project.version}</version>
             </dependency>
 
+            <!-- Security platform (hexagonal, on Spring Security 6) -->
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-api</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-spi</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-core</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-webflux</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-resource-server</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-method-policy</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-oauth2-client</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-authorization-server</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-autoconfigure</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-test</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-opa</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-cerbos</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-openfga</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-r2dbc</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-vault</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-aws-kms</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-azure-keyvault</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <!-- Spring Authorization Server (servlet authorization-server module) -->
+            <dependency>
+                <groupId>org.springframework.security</groupId>
+                <artifactId>spring-security-oauth2-authorization-server</artifactId>
+                <version>1.5.4</version>
+            </dependency>
+
             <!-- Notifications -->
             <dependency>
                 <groupId>org.fireflyframework</groupId>

From ba7608e0b50dbb6acb874c4a71a05d935e31e569 Mon Sep 17 00:00:00 2001
From: Andres Contreras <andres.contreras@soon.es>
Date: Thu, 18 Jun 2026 22:09:28 +0200
Subject: [PATCH 2/6] build: prune BOM to modules that exist (drop
 autoconfigure + deferred adapter placeholders)

---
 pom.xml | 30 ------------------------------
 1 file changed, 30 deletions(-)

diff --git a/pom.xml b/pom.xml
index 66d17d3..9c66f7c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -263,11 +263,6 @@
                 <artifactId>fireflyframework-security-authorization-server</artifactId>
                 <version>${project.version}</version>
             </dependency>
-            <dependency>
-                <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-security-autoconfigure</artifactId>
-                <version>${project.version}</version>
-            </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
                 <artifactId>fireflyframework-security-test</artifactId>
@@ -278,36 +273,11 @@
                 <artifactId>fireflyframework-security-adapter-opa</artifactId>
                 <version>${project.version}</version>
             </dependency>
-            <dependency>
-                <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-security-adapter-cerbos</artifactId>
-                <version>${project.version}</version>
-            </dependency>
-            <dependency>
-                <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-security-adapter-openfga</artifactId>
-                <version>${project.version}</version>
-            </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
                 <artifactId>fireflyframework-security-adapter-r2dbc</artifactId>
                 <version>${project.version}</version>
             </dependency>
-            <dependency>
-                <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-security-adapter-vault</artifactId>
-                <version>${project.version}</version>
-            </dependency>
-            <dependency>
-                <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-security-adapter-aws-kms</artifactId>
-                <version>${project.version}</version>
-            </dependency>
-            <dependency>
-                <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-security-adapter-azure-keyvault</artifactId>
-                <version>${project.version}</version>
-            </dependency>
             <!-- Spring Authorization Server (servlet authorization-server module) -->
             <dependency>
                 <groupId>org.springframework.security</groupId>

From c8d4ca62e33d9b82611ca712141fd0f80151a426 Mon Sep 17 00:00:00 2001
From: Andres Contreras <andres.contreras@soon.es>
Date: Thu, 18 Jun 2026 22:26:20 +0200
Subject: [PATCH 3/6] build: manage fireflyframework-security-adapter-openfga
 (ReBAC) in the BOM

---
 pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pom.xml b/pom.xml
index 9c66f7c..983f024 100644
--- a/pom.xml
+++ b/pom.xml
@@ -273,6 +273,11 @@
                 <artifactId>fireflyframework-security-adapter-opa</artifactId>
                 <version>${project.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-openfga</artifactId>
+                <version>${project.version}</version>
+            </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
                 <artifactId>fireflyframework-security-adapter-r2dbc</artifactId>

From d4ccfd9320fa4f11f28ec66344a2c8a0ad7bd122 Mon Sep 17 00:00:00 2001
From: Andres Contreras <andres.contreras@soon.es>
Date: Thu, 18 Jun 2026 22:38:25 +0200
Subject: [PATCH 4/6] build: manage fireflyframework-security-adapter-vault
 (SecretsPort) in the BOM

---
 pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pom.xml b/pom.xml
index 983f024..24700d8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -278,6 +278,11 @@
                 <artifactId>fireflyframework-security-adapter-openfga</artifactId>
                 <version>${project.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-vault</artifactId>
+                <version>${project.version}</version>
+            </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
                 <artifactId>fireflyframework-security-adapter-r2dbc</artifactId>

From 9e8b23c58fd5bbd7f4bca79be999341533c39dd9 Mon Sep 17 00:00:00 2001
From: Andres Contreras <andres.contreras@soon.es>
Date: Thu, 18 Jun 2026 22:41:14 +0200
Subject: [PATCH 5/6] build: manage fireflyframework-security-adapter-cerbos
 (ABAC) in the BOM

---
 pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pom.xml b/pom.xml
index 24700d8..95b0eee 100644
--- a/pom.xml
+++ b/pom.xml
@@ -283,6 +283,11 @@
                 <artifactId>fireflyframework-security-adapter-vault</artifactId>
                 <version>${project.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.fireflyframework</groupId>
+                <artifactId>fireflyframework-security-adapter-cerbos</artifactId>
+                <version>${project.version}</version>
+            </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
                 <artifactId>fireflyframework-security-adapter-r2dbc</artifactId>

From f99b8442f63e1ce20bbbdc5918a821bca307e981 Mon Sep 17 00:00:00 2001
From: Andres Contreras <andres.contreras@soon.es>
Date: Fri, 19 Jun 2026 00:38:43 +0200
Subject: [PATCH 6/6] refactor!: migrate idp tier into the security family

Rename Maven coordinates and Java packages from fireflyframework-idp[-*]
to fireflyframework-security-idp[-*] / org.fireflyframework.security.idp.
Part of the fireflyframework-security platform migration.

BREAKING CHANGE: artifactId and base package renamed.
---
 README.md |  2 +-
 pom.xml   | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 81b05f8..b4cde8f 100644
--- a/README.md
+++ b/README.md
@@ -52,7 +52,7 @@ The BOM pins versions for every module in the framework. They are grouped below
 | **Starters** | `fireflyframework-starter-core`, `-starter-domain`, `-starter-data`, `-starter-application` | Opinionated Spring Boot starters per architectural tier. |
 | **Application Layer** | `fireflyframework-backoffice` | Back-office application building blocks. |
 | **ECM** | `fireflyframework-ecm` + `-ecm-storage-aws`, `-ecm-storage-azure`, `-ecm-esignature-docusign`, `-ecm-esignature-adobe-sign`, `-ecm-esignature-logalty` | Enterprise content management with pluggable storage (S3, Azure Blob) and e-signature adapters. |
-| **IDP** | `fireflyframework-idp` + `-idp-keycloak`, `-idp-aws-cognito`, `-idp-azure-ad`, `-idp-internal-db` | Identity-provider abstraction with pluggable provider adapters. |
+| **IDP** | `fireflyframework-security-idp` + `-idp-keycloak`, `-idp-aws-cognito`, `-idp-azure-ad`, `-idp-internal-db` | Identity-provider abstraction with pluggable provider adapters. |
 | **Notifications** | `fireflyframework-notifications`, `-notifications-core` + `-notifications-firebase`, `-twilio`, `-sendgrid`, `-resend` | Multi-channel notifications (push, SMS, email) with provider adapters. |
 | **Rule Engine** | `fireflyframework-rule-engine` (aggregator) + `-core`, `-interfaces`, `-models`, `-web`, `-sdk` | YAML-DSL business rule engine. |
 | **Webhooks** | `fireflyframework-webhooks` (aggregator) + `-interfaces`, `-core`, `-web`, `-processor`, `-sdk` | Inbound/outbound webhook delivery and processing. |
diff --git a/pom.xml b/pom.xml
index 95b0eee..ee9b0ca 100644
--- a/pom.xml
+++ b/pom.xml
@@ -198,27 +198,27 @@
             <!-- IDP -->
             <dependency>
                 <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-idp</artifactId>
+                <artifactId>fireflyframework-security-idp</artifactId>
                 <version>${project.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-idp-aws-cognito</artifactId>
+                <artifactId>fireflyframework-security-idp-aws-cognito</artifactId>
                 <version>${project.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-idp-internal-db</artifactId>
+                <artifactId>fireflyframework-security-idp-internal-db</artifactId>
                 <version>${project.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-idp-keycloak</artifactId>
+                <artifactId>fireflyframework-security-idp-keycloak</artifactId>
                 <version>${project.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.fireflyframework</groupId>
-                <artifactId>fireflyframework-idp-azure-ad</artifactId>
+                <artifactId>fireflyframework-security-idp-azure-ad</artifactId>
                 <version>${project.version}</version>
             </dependency>