From 721e3a5df1fbcdac4023382fc087c5fd35bef6f3 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Sat, 2 Mar 2024 02:19:48 -0500
Subject: [PATCH 01/51] Redo jakarta changes from bearer-tokens branch,
 limiting to client module

---
 Client/pom.xml                                |  2 +-
 .../org/gusdb/oauth2/client/HttpStatus.java   |  4 ++--
 .../org/gusdb/oauth2/client/OAuthClient.java  | 22 +++++++++----------
 EuPathDB/pom.xml                              |  4 ++--
 Server/pom.xml                                |  2 +-
 pom.xml                                       |  6 +++--
 6 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index d9a876e5..03404314 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-SNAPSHOT</version>
+    <version>1.1.4-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/Client/src/main/java/org/gusdb/oauth2/client/HttpStatus.java b/Client/src/main/java/org/gusdb/oauth2/client/HttpStatus.java
index a475eb2c..ca1d939f 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/HttpStatus.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/HttpStatus.java
@@ -1,7 +1,7 @@
 package org.gusdb.oauth2.client;
 
-import javax.ws.rs.core.Response.Status.Family;
-import javax.ws.rs.core.Response.StatusType;
+import jakarta.ws.rs.core.Response.Status.Family;
+import jakarta.ws.rs.core.Response.StatusType;
 
 public enum HttpStatus implements StatusType {
 
diff --git a/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java b/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
index a790d6f1..50fa2ab3 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
@@ -23,17 +23,17 @@
 
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
-import javax.ws.rs.ForbiddenException;
-import javax.ws.rs.NotAuthorizedException;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.client.Entity;
-import javax.ws.rs.client.Invocation;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.MultivaluedHashMap;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.Status;
+import jakarta.ws.rs.ForbiddenException;
+import jakarta.ws.rs.NotAuthorizedException;
+import jakarta.ws.rs.client.ClientBuilder;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.client.Invocation;
+import jakarta.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.MultivaluedHashMap;
+import jakarta.ws.rs.core.MultivaluedMap;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
diff --git a/EuPathDB/pom.xml b/EuPathDB/pom.xml
index 783dcba9..267f0069 100644
--- a/EuPathDB/pom.xml
+++ b/EuPathDB/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-SNAPSHOT</version>
+    <version>1.1.4-jakarta-SNAPSHOT</version>
   </parent>
 
   <properties>
@@ -16,7 +16,7 @@
     <!-- Expect this property to be passed in -->
     <oauthConfigFile>WEB-INF/OAuthSampleConfig.json</oauthConfigFile>
 
-    <fgputil.version>2.13.1</fgputil.version>
+    <fgputil.version>2.13.1-jakarta</fgputil.version>
   </properties>
 
   <dependencies>
diff --git a/Server/pom.xml b/Server/pom.xml
index 75004a8b..89d3c010 100644
--- a/Server/pom.xml
+++ b/Server/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-SNAPSHOT</version>
+    <version>1.1.4-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 46194ae3..16832ac2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,12 +4,12 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.1.4-SNAPSHOT</version>
+  <version>1.1.4-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>base-pom</artifactId>
-    <version>2.20</version>
+    <version>2.20-jakarta</version>
   </parent>
 
   <!-- Manage versions of libs specific to OAuth/tokens-->
@@ -23,8 +23,10 @@
 
   <modules>
     <module>Client</module>
+    <!-- Cannot make Server compliant with jakarta because of Oltu limitations
     <module>Server</module>
     <module>EuPathDB</module>
+    -->
   </modules>
 
   <scm>

From f297534837e920dd177d28807728ae7ee97027fd Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Sat, 2 Mar 2024 02:22:26 -0500
Subject: [PATCH 02/51] [maven-release-plugin] prepare release v1.1.4-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 03404314..25c006eb 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-jakarta-SNAPSHOT</version>
+    <version>1.1.4-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 16832ac2..87eec885 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.1.4-jakarta-SNAPSHOT</version>
+  <version>1.1.4-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v1.1.4-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 43fe95be42988a6227c64d886acbba2c86f84567 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Sat, 2 Mar 2024 02:22:28 -0500
Subject: [PATCH 03/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 25c006eb..518b3c84 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-jakarta</version>
+    <version>1.1.5-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 87eec885..7cfa781a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.1.4-jakarta</version>
+  <version>1.1.5-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v1.1.4-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From d2638c15e89b0e96e78dc1be760e2a0690ebac16 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Sat, 2 Mar 2024 02:34:06 -0500
Subject: [PATCH 04/51] Revert changes in Server and EuPathDB submodules so as
 not to confuse that Client is the only thing released

---
 EuPathDB/pom.xml | 4 ++--
 Server/pom.xml   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/EuPathDB/pom.xml b/EuPathDB/pom.xml
index 267f0069..aa534352 100644
--- a/EuPathDB/pom.xml
+++ b/EuPathDB/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-jakarta-SNAPSHOT</version>
+    <version>1.1.5-SNAPSHOT</version>
   </parent>
 
   <properties>
@@ -16,7 +16,7 @@
     <!-- Expect this property to be passed in -->
     <oauthConfigFile>WEB-INF/OAuthSampleConfig.json</oauthConfigFile>
 
-    <fgputil.version>2.13.1-jakarta</fgputil.version>
+    <fgputil.version>2.13.1</fgputil.version>
   </properties>
 
   <dependencies>
diff --git a/Server/pom.xml b/Server/pom.xml
index 89d3c010..9758bb08 100644
--- a/Server/pom.xml
+++ b/Server/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-jakarta-SNAPSHOT</version>
+    <version>1.1.5-SNAPSHOT</version>
   </parent>
 
   <dependencies>

From 3d8e990fb441b225f5f67332dc2f6e21dfcce422 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Sat, 2 Mar 2024 02:35:11 -0500
Subject: [PATCH 05/51] Revert changes in Server and EuPathDB submodules so as
 not to confuse that Client is the only thing released (again)

---
 EuPathDB/pom.xml | 2 +-
 Server/pom.xml   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/EuPathDB/pom.xml b/EuPathDB/pom.xml
index aa534352..783dcba9 100644
--- a/EuPathDB/pom.xml
+++ b/EuPathDB/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.5-SNAPSHOT</version>
+    <version>1.1.4-SNAPSHOT</version>
   </parent>
 
   <properties>
diff --git a/Server/pom.xml b/Server/pom.xml
index 9758bb08..75004a8b 100644
--- a/Server/pom.xml
+++ b/Server/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.5-SNAPSHOT</version>
+    <version>1.1.4-SNAPSHOT</version>
   </parent>
 
   <dependencies>

From bfb72618490e24039adb6e650208b6d30dbc80e0 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Sat, 6 Apr 2024 09:37:52 -0400
Subject: [PATCH 06/51] Fix NPE when record not found

---
 .../org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java  | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
index 1acc5e5e..55ba3661 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
@@ -10,6 +10,7 @@
 import org.apache.logging.log4j.Logger;
 import org.gusdb.oauth2.client.OAuthClient;
 import org.gusdb.oauth2.client.OAuthConfig;
+import org.gusdb.oauth2.shared.IdTokenFields;
 import org.json.JSONArray;
 import org.json.JSONObject;
 
@@ -22,7 +23,7 @@ public static Map<String, User> getUsersByEmail(OAuthClient client, OAuthConfig
   }
 
   public static <T extends User> Map<String, T> getUsersByEmail(OAuthClient client, OAuthConfig config, List<String> emails, Function<JSONObject, T> userConverter) {
-    return getUsers(client, config, emails, userConverter, "emails", u -> u.getEmail());
+    return getUsers(client, config, emails, userConverter, "emails", u -> u.getString(IdTokenFields.email.name()));
   }
 
   public static Map<Long, User> getUsersById(OAuthClient client, OAuthConfig config, List<Long> userIds) {
@@ -30,11 +31,11 @@ public static Map<Long, User> getUsersById(OAuthClient client, OAuthConfig confi
   }
 
   public static <T extends User> Map<Long, T> getUsersById(OAuthClient client, OAuthConfig config, List<Long> userIds, Function<JSONObject, T> userConverter) {
-    return getUsers(client, config, userIds, userConverter, "userIds", u -> u.getUserId());
+    return getUsers(client, config, userIds, userConverter, "userIds", u -> Long.valueOf(u.getString(IdTokenFields.sub.name())));
   }
 
   private static <T extends User, S> Map<S, T> getUsers(OAuthClient client, OAuthConfig config, List<S> identifiers,
-      Function<JSONObject, T> userConverter, String identifiersJsonPropKey, Function<T,S> keyGenerator) {
+      Function<JSONObject, T> userConverter, String identifiersJsonPropKey, Function<JSONObject,S> keyGenerator) {
     LOG.info("Using OAuthQuerier for multi-user request by " + identifiersJsonPropKey +
         ": [" + identifiers.stream().map(String::valueOf).collect(Collectors.joining(", ")) + "]");
     JSONArray response = new JSONArray(client.queryOAuth(config, new JSONObject().put(identifiersJsonPropKey, new JSONArray(identifiers))));
@@ -42,7 +43,7 @@ private static <T extends User, S> Map<S, T> getUsers(OAuthClient client, OAuthC
     for (int i = 0; i < response.length(); i++) {
       JSONObject userJson = response.getJSONObject(i);
       T user = userJson.getBoolean("found") ? userConverter.apply(userJson) : null;
-      userMap.put(keyGenerator.apply(user), user);
+      userMap.put(keyGenerator.apply(userJson), user);
     }
     return userMap;
   }

From 00cc6bcd9f4e93c8c1349855f03b640841bb1962 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Sat, 6 Apr 2024 09:40:36 -0400
Subject: [PATCH 07/51] [maven-release-plugin] prepare release v1.1.5-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 518b3c84..0125f185 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.5-jakarta-SNAPSHOT</version>
+    <version>1.1.5-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 7cfa781a..6356ad0d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.1.5-jakarta-SNAPSHOT</version>
+  <version>1.1.5-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v1.1.5-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 0ee50e1b3134ac3f157289b94afc6a61cbe2aba8 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Sat, 6 Apr 2024 09:40:39 -0400
Subject: [PATCH 08/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 0125f185..6006dae9 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.5-jakarta</version>
+    <version>1.1.6-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 6356ad0d..0f9f0973 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.1.5-jakarta</version>
+  <version>1.1.6-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v1.1.5-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From 4166f71b4a270b560b3538915a47658a0edf8f6f Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 22 Apr 2024 15:28:56 -0400
Subject: [PATCH 09/51] Hide client_secret values in logging

---
 Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java b/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
index 50fa2ab3..f09b91de 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
@@ -387,7 +387,7 @@ private SSLContext createSslContext() throws NoSuchAlgorithmException, KeyManage
   private static String dumpMultiMap(MultivaluedMap<String, String> formData) {
     StringBuilder str = new StringBuilder("{").append(NL);
     for (Entry<String,List<String>> entry : formData.entrySet()) {
-      String value = entry.getKey().equals("password") ? "<hidden>" :
+      String value = entry.getKey().equals("password") || entry.getKey().equals("client_secret") ? "<hidden>" :
         entry.getValue().stream().collect(Collectors.joining(", "));
       str.append("  ").append(entry.getKey()).append(": ")
          .append("[ ").append(value).append(" ]").append(NL);

From e8d413cd59eecdcdf7e9b4794324443e24de44a8 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 22 Apr 2024 15:29:55 -0400
Subject: [PATCH 10/51] [maven-release-plugin] prepare release v1.1.6-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 6006dae9..eb6104d9 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.6-jakarta-SNAPSHOT</version>
+    <version>1.1.6-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 0f9f0973..f8e49e0d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.1.6-jakarta-SNAPSHOT</version>
+  <version>1.1.6-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v1.1.6-jakarta</tag>
   </scm>
 
   <distributionManagement>

From f7826be7b93e2cfac6d9821b9c6248a31f0d41d7 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 22 Apr 2024 15:29:57 -0400
Subject: [PATCH 11/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index eb6104d9..255fc9dd 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.6-jakarta</version>
+    <version>1.1.7-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index f8e49e0d..fa495748 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.1.6-jakarta</version>
+  <version>1.1.7-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v1.1.6-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From b6c638b51a98b436ffd1053d6f09a0f290968fe5 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 3 May 2024 06:46:16 -0400
Subject: [PATCH 12/51] Upgrade to latest jakarta base-pom with servlet 6.0
 (oltu still broken)

---
 Client/pom.xml                                |  2 +-
 EuPathDB/pom.xml                              |  4 +-
 Server/pom.xml                                |  6 +--
 .../gusdb/oauth2/assets/StaticResource.java   |  2 +-
 .../oauth2/server/ApplicationListener.java    |  4 +-
 .../org/gusdb/oauth2/server/OAuthServlet.java |  4 +-
 .../oauth2/server/ServiceApplication.java     |  2 +-
 .../gusdb/oauth2/service/ExceptionMapper.java | 14 +++----
 .../oauth2/service/OAuthRequestHandler.java   |  6 +--
 .../oauth2/service/OAuthResponseFactory.java  |  4 +-
 .../gusdb/oauth2/service/OAuthService.java    | 40 +++++++++----------
 .../org/gusdb/oauth2/service/Session.java     |  2 +-
 .../oauth2/service/token/TokenFactory.java    |  2 +-
 .../util/JerseyHttpRequestWrapper.java        |  6 +--
 .../service/util/StateParamHttpRequest.java   | 10 ++---
 .../service/TokenSigningValidationTest.java   |  4 +-
 pom.xml                                       |  2 +-
 17 files changed, 57 insertions(+), 57 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 255fc9dd..f43c4512 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -18,7 +18,7 @@
       <artifactId>jersey-client</artifactId>
     </dependency>
 
-    <!-- Using org.json for external APIs in anticipation of nixing javax.json internally -->
+    <!-- Using org.json for external APIs in anticipation of nixing jakarta.json internally -->
     <dependency>
       <groupId>org.json</groupId>
       <artifactId>json</artifactId>
diff --git a/EuPathDB/pom.xml b/EuPathDB/pom.xml
index 783dcba9..75dc1613 100644
--- a/EuPathDB/pom.xml
+++ b/EuPathDB/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-SNAPSHOT</version>
+    <version>1.1.7-jakarta-SNAPSHOT</version>
   </parent>
 
   <properties>
@@ -16,7 +16,7 @@
     <!-- Expect this property to be passed in -->
     <oauthConfigFile>WEB-INF/OAuthSampleConfig.json</oauthConfigFile>
 
-    <fgputil.version>2.13.1</fgputil.version>
+    <fgputil.version>2.14-jakarta</fgputil.version>
   </properties>
 
   <dependencies>
diff --git a/Server/pom.xml b/Server/pom.xml
index 75004a8b..e3435b03 100644
--- a/Server/pom.xml
+++ b/Server/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.4-SNAPSHOT</version>
+    <version>1.1.7-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
@@ -84,8 +84,8 @@
     </dependency>
 
     <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>servlet-api</artifactId>
+      <groupId>jakarta.servlet</groupId>
+      <artifactId>jakarta.servlet-api</artifactId>
       <scope>provided</scope>
     </dependency>
 
diff --git a/Server/src/main/java/org/gusdb/oauth2/assets/StaticResource.java b/Server/src/main/java/org/gusdb/oauth2/assets/StaticResource.java
index a1f05a39..6a185a7b 100644
--- a/Server/src/main/java/org/gusdb/oauth2/assets/StaticResource.java
+++ b/Server/src/main/java/org/gusdb/oauth2/assets/StaticResource.java
@@ -10,7 +10,7 @@
 import java.util.Optional;
 import java.util.concurrent.atomic.AtomicInteger;
 
-import javax.ws.rs.core.StreamingOutput;
+import jakarta.ws.rs.core.StreamingOutput;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
diff --git a/Server/src/main/java/org/gusdb/oauth2/server/ApplicationListener.java b/Server/src/main/java/org/gusdb/oauth2/server/ApplicationListener.java
index 7a7ae1bc..f1cf8cfb 100644
--- a/Server/src/main/java/org/gusdb/oauth2/server/ApplicationListener.java
+++ b/Server/src/main/java/org/gusdb/oauth2/server/ApplicationListener.java
@@ -1,7 +1,7 @@
 package org.gusdb.oauth2.server;
 
-import javax.servlet.ServletContextEvent;
-import javax.servlet.ServletContextListener;
+import jakarta.servlet.ServletContextEvent;
+import jakarta.servlet.ServletContextListener;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
diff --git a/Server/src/main/java/org/gusdb/oauth2/server/OAuthServlet.java b/Server/src/main/java/org/gusdb/oauth2/server/OAuthServlet.java
index 1375ec4f..8b2d8198 100644
--- a/Server/src/main/java/org/gusdb/oauth2/server/OAuthServlet.java
+++ b/Server/src/main/java/org/gusdb/oauth2/server/OAuthServlet.java
@@ -5,8 +5,8 @@
 import java.nio.file.Path;
 import java.nio.file.Paths;
 
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
+import jakarta.servlet.ServletContext;
+import jakarta.servlet.ServletException;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
diff --git a/Server/src/main/java/org/gusdb/oauth2/server/ServiceApplication.java b/Server/src/main/java/org/gusdb/oauth2/server/ServiceApplication.java
index f401b863..3dfd574d 100644
--- a/Server/src/main/java/org/gusdb/oauth2/server/ServiceApplication.java
+++ b/Server/src/main/java/org/gusdb/oauth2/server/ServiceApplication.java
@@ -3,7 +3,7 @@
 import java.util.HashSet;
 import java.util.Set;
 
-import javax.ws.rs.core.Application;
+import jakarta.ws.rs.core.Application;
 
 import org.gusdb.oauth2.service.ExceptionMapper;
 import org.gusdb.oauth2.service.OAuthService;
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/ExceptionMapper.java b/Server/src/main/java/org/gusdb/oauth2/service/ExceptionMapper.java
index 956313fb..2ba3d2c7 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/ExceptionMapper.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/ExceptionMapper.java
@@ -1,18 +1,18 @@
 package org.gusdb.oauth2.service;
 
-import javax.ws.rs.NotFoundException;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.Status;
-import javax.ws.rs.ext.Provider;
+import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.WebApplicationException;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
+import jakarta.ws.rs.ext.Provider;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.glassfish.jersey.server.ParamException.PathParamException;
 
 @Provider
-public class ExceptionMapper implements javax.ws.rs.ext.ExceptionMapper<Exception> {
+public class ExceptionMapper implements jakarta.ws.rs.ext.ExceptionMapper<Exception> {
 
   private static Logger LOG = LogManager.getLogger(ExceptionMapper.class);
 
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/OAuthRequestHandler.java b/Server/src/main/java/org/gusdb/oauth2/service/OAuthRequestHandler.java
index 25c4bb63..31bce980 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/OAuthRequestHandler.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/OAuthRequestHandler.java
@@ -12,9 +12,9 @@
 import javax.json.JsonObject;
 import javax.json.JsonObjectBuilder;
 import javax.json.stream.JsonGenerator;
-import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.BadRequestException;
-import javax.ws.rs.core.Response;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.ws.rs.BadRequestException;
+import jakarta.ws.rs.core.Response;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/OAuthResponseFactory.java b/Server/src/main/java/org/gusdb/oauth2/service/OAuthResponseFactory.java
index fc14ad40..8ecab216 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/OAuthResponseFactory.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/OAuthResponseFactory.java
@@ -2,8 +2,8 @@
 
 import java.util.Collections;
 
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.ResponseBuilder;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.ResponseBuilder;
 
 import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
 import org.gusdb.oauth2.client.UnacceptableRequestReason;
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java b/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
index fa217b7e..c55030f5 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
@@ -26,26 +26,26 @@
 import javax.json.JsonObject;
 import javax.json.JsonValue;
 import javax.json.stream.JsonParsingException;
-import javax.servlet.ServletContext;
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.BadRequestException;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.FormParam;
-import javax.ws.rs.GET;
-import javax.ws.rs.HeaderParam;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.Status;
-import javax.ws.rs.core.Variant;
+import jakarta.servlet.ServletContext;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.ws.rs.BadRequestException;
+import jakarta.ws.rs.Consumes;
+import jakarta.ws.rs.FormParam;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.HeaderParam;
+import jakarta.ws.rs.POST;
+import jakarta.ws.rs.PUT;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.QueryParam;
+import jakarta.ws.rs.core.Context;
+import jakarta.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.MultivaluedMap;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
+import jakarta.ws.rs.core.Variant;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/Session.java b/Server/src/main/java/org/gusdb/oauth2/service/Session.java
index 521a00be..92a65cab 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/Session.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/Session.java
@@ -5,7 +5,7 @@
 import java.util.Set;
 import java.util.UUID;
 
-import javax.servlet.http.HttpSession;
+import jakarta.servlet.http.HttpSession;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/token/TokenFactory.java b/Server/src/main/java/org/gusdb/oauth2/service/token/TokenFactory.java
index 821b8f99..836d6668 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/token/TokenFactory.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/token/TokenFactory.java
@@ -8,7 +8,7 @@
 import javax.json.JsonObject;
 import javax.json.JsonObjectBuilder;
 import javax.json.JsonValue;
-import javax.ws.rs.ForbiddenException;
+import jakarta.ws.rs.ForbiddenException;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/util/JerseyHttpRequestWrapper.java b/Server/src/main/java/org/gusdb/oauth2/service/util/JerseyHttpRequestWrapper.java
index a1a65702..6426dcc5 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/util/JerseyHttpRequestWrapper.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/util/JerseyHttpRequestWrapper.java
@@ -7,9 +7,9 @@
 import java.util.Map;
 import java.util.NoSuchElementException;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletRequestWrapper;
-import javax.ws.rs.core.MultivaluedMap;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequestWrapper;
+import jakarta.ws.rs.core.MultivaluedMap;
 
 public class JerseyHttpRequestWrapper extends HttpServletRequestWrapper {
 
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/util/StateParamHttpRequest.java b/Server/src/main/java/org/gusdb/oauth2/service/util/StateParamHttpRequest.java
index 22c51d5f..12f93fd4 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/util/StateParamHttpRequest.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/util/StateParamHttpRequest.java
@@ -8,11 +8,11 @@
 import java.util.Locale;
 import java.util.Map;
 
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletInputStream;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
+import jakarta.servlet.RequestDispatcher;
+import jakarta.servlet.ServletInputStream;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpSession;
 
 import org.apache.oltu.oauth2.common.OAuth;
 
diff --git a/Server/src/test/java/org/gusdb/oauth2/service/TokenSigningValidationTest.java b/Server/src/test/java/org/gusdb/oauth2/service/TokenSigningValidationTest.java
index 234967e1..10431e33 100644
--- a/Server/src/test/java/org/gusdb/oauth2/service/TokenSigningValidationTest.java
+++ b/Server/src/test/java/org/gusdb/oauth2/service/TokenSigningValidationTest.java
@@ -9,8 +9,8 @@
 import java.util.Set;
 import java.util.function.Supplier;
 
-import javax.json.Json;
-import javax.json.JsonObject;
+import jakarta.json.Json;
+import jakarta.json.JsonObject;
 
 import org.gusdb.oauth2.exception.CryptoException;
 import org.gusdb.oauth2.shared.ECPublicKeyRepresentation;
diff --git a/pom.xml b/pom.xml
index fa495748..39c415cc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -9,7 +9,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>base-pom</artifactId>
-    <version>2.20-jakarta</version>
+    <version>2.21-jakarta</version>
   </parent>
 
   <!-- Manage versions of libs specific to OAuth/tokens-->

From 2b6e05aeaef82646e53652a72d44c96d6756eead Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 3 May 2024 06:46:53 -0400
Subject: [PATCH 13/51] [maven-release-plugin] prepare release v1.2.0-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index f43c4512..94392546 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.1.7-jakarta-SNAPSHOT</version>
+    <version>1.2.0-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 39c415cc..52846de2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.1.7-jakarta-SNAPSHOT</version>
+  <version>1.2.0-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v1.2.0-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 6108803c327e2c527d6f5fc084feab0bcc52d397 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 3 May 2024 06:46:56 -0400
Subject: [PATCH 14/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 94392546..d218a357 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.2.0-jakarta</version>
+    <version>1.2.1-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 52846de2..fcb28cf0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.2.0-jakarta</version>
+  <version>1.2.1-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v1.2.0-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From df1d9b042281df15279e5a25bf905b2a170fb470 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Wed, 12 Jun 2024 00:16:32 -0400
Subject: [PATCH 15/51] upgrade base pom

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index fcb28cf0..6bfbeb35 100644
--- a/pom.xml
+++ b/pom.xml
@@ -9,7 +9,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>base-pom</artifactId>
-    <version>2.21-jakarta</version>
+    <version>2.22-jakarta</version>
   </parent>
 
   <!-- Manage versions of libs specific to OAuth/tokens-->

From 3b3a627bc401bd3909ac5952bba5b469d33cc0e6 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 10 May 2024 01:12:37 -0400
Subject: [PATCH 16/51] spelling

---
 Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java b/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
index c55030f5..3617f987 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
@@ -632,7 +632,7 @@ public Response queryAccountData(String body) {
           input.containsKey(OAuthClient.JSON_KEY_CREDENTIALS)
           // use new client credentials format to determine validity
           ? getClientCredentials(input)
-          // otherwise use oauth names; kept for backward compatbility with old clients (apollopatch)
+          // otherwise use oauth names; kept for backward compatibility with old clients (apollopatch)
           : new SimpleEntry<>(
               input.getString(OAuth.OAUTH_CLIENT_ID),
               input.getString(OAuth.OAUTH_CLIENT_SECRET));

From f96dbd6bcde0473b5f723225865635bb778f3f69 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Wed, 12 Jun 2024 00:04:49 -0400
Subject: [PATCH 17/51] Reduce logging w/added privacy

---
 .../src/main/java/org/gusdb/oauth2/client/OAuthClient.java | 7 ++++---
 .../org/gusdb/oauth2/client/veupathdb/BearerTokenUser.java | 4 ++--
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java b/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
index f09b91de..bb500296 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
@@ -59,6 +59,7 @@
 public class OAuthClient {
 
   private static final Logger LOG = LogManager.getLogger(OAuthClient.class);
+
   private static final String NL = System.lineSeparator();
 
   public static final String JSON_KEY_CREDENTIALS = "clientCredentials";
@@ -112,7 +113,7 @@ private synchronized String getCachedPublicSigningKey(String oauthBaseUrl) {
     if (LAST_PUBLIC_KEY_FETCH_URL == null
         || !LAST_PUBLIC_KEY_FETCH_URL.equals(oauthBaseUrl)
         || System.currentTimeMillis() > PUBLIC_KEY_FETCH_EXPIRATION) {
-      LOG.info("Cached public key expired; refreshing from " + oauthBaseUrl + Endpoints.JWKS);
+      LOG.trace("Cached public key expired; refreshing from " + oauthBaseUrl + Endpoints.JWKS);
       CACHED_PUBLIC_KEY = fetchPublicSigningKey(oauthBaseUrl);
       LAST_PUBLIC_KEY_FETCH_URL = oauthBaseUrl;
       PUBLIC_KEY_FETCH_EXPIRATION = System.currentTimeMillis() + (PUBLIC_KEY_CACHE_DURATION_SECS.get() * 1000);
@@ -263,7 +264,7 @@ private String getToken(String path, Consumer<MultivaluedMap<String, String>> fo
     // add custom form params for this grant type
     formModifier.accept(formData);
 
-    LOG.info("Building token request with the following URL: " + oauthUrl +
+    LOG.trace("Building token request with the following URL: " + oauthUrl +
         " and params: " + dumpMultiMap(formData));
 
     // build request and get token response
@@ -278,7 +279,7 @@ private String getToken(String path, Consumer<MultivaluedMap<String, String>> fo
       if (response.getStatus() == 200) {
         // Success!  Read result into buffer and convert to JSON
         JSONObject json = new JSONObject(readResponseBody(response));
-        LOG.debug("Response received from OAuth server for token request: " + json.toString(2));
+        LOG.trace("Response received from OAuth server for token request: " + json.toString(2));
 
         // get id_token from object and decode to user ID
         return json.getString("id_token");
diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BearerTokenUser.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BearerTokenUser.java
index bf87cba3..98f77ed0 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BearerTokenUser.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BearerTokenUser.java
@@ -33,7 +33,7 @@ protected void fetchUserInfo() {
     // return if already fetched
     if (_userInfoFetched) return;
 
-    LOG.info("User data fetch requested for user " + getUserId() + "; querying OAuth server.");
+    LOG.trace("User data fetch requested for user " + getUserId() + "; querying OAuth server.");
     // fetch user info from OAuth server where it is stored (but only on demand, and only once for this object's lifetime)
     JSONObject userInfo = _client.getUserData(_oauthUrl, _token);
 
@@ -42,7 +42,7 @@ protected void fetchUserInfo() {
 
     _userInfoFetched = true;
 
-    LOG.info("User data successfully fetched for " + getDisplayName() + " / " + getOrganization());
+    LOG.trace("User data successfully fetched for " + getUserId());
   }
 
 }

From 5a69ce6ae30a35bca974f894f6770778a0ed2fa7 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Wed, 12 Jun 2024 00:25:18 -0400
Subject: [PATCH 18/51] Upgrade fgputil

---
 EuPathDB/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/EuPathDB/pom.xml b/EuPathDB/pom.xml
index 75dc1613..4bfd0c95 100644
--- a/EuPathDB/pom.xml
+++ b/EuPathDB/pom.xml
@@ -16,7 +16,7 @@
     <!-- Expect this property to be passed in -->
     <oauthConfigFile>WEB-INF/OAuthSampleConfig.json</oauthConfigFile>
 
-    <fgputil.version>2.14-jakarta</fgputil.version>
+    <fgputil.version>2.14.1-jakarta</fgputil.version>
   </properties>
 
   <dependencies>

From bbd5143dc06fbae501d9444b27e61710dad9534d Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Wed, 12 Jun 2024 00:26:15 -0400
Subject: [PATCH 19/51] [maven-release-plugin] prepare release v1.2.1-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index d218a357..47d474ef 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.2.1-jakarta-SNAPSHOT</version>
+    <version>1.2.1-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 6bfbeb35..caf62ff2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.2.1-jakarta-SNAPSHOT</version>
+  <version>1.2.1-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v1.2.1-jakarta</tag>
   </scm>
 
   <distributionManagement>

From f33c51352e46f7215c720963ed6511183dafa20d Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Wed, 12 Jun 2024 00:26:18 -0400
Subject: [PATCH 20/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 47d474ef..0f4023f3 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.2.1-jakarta</version>
+    <version>1.2.2-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index caf62ff2..5eaa1852 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.2.1-jakarta</version>
+  <version>1.2.2-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v1.2.1-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From 9234a452860e98d62b1d6659e98f179aea737286 Mon Sep 17 00:00:00 2001
From: Elizabeth Paige Harper <foxcapades.io@gmail.com>
Date: Thu, 19 Sep 2024 23:39:39 -0400
Subject: [PATCH 21/51] Replace usages of List with Collection to support other
 collection types, such as Sets without requiring callers to do an unnecessary
 conversion.

---
 .../gusdb/oauth2/client/veupathdb/OAuthQuerier.java  | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
index 55ba3661..643219dd 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
@@ -1,7 +1,7 @@
 package org.gusdb.oauth2.client.veupathdb;
 
+import java.util.Collection;
 import java.util.HashMap;
-import java.util.List;
 import java.util.Map;
 import java.util.function.Function;
 import java.util.stream.Collectors;
@@ -18,23 +18,23 @@ public class OAuthQuerier {
 
   private static final Logger LOG = LogManager.getLogger(OAuthQuerier.class);
 
-  public static Map<String, User> getUsersByEmail(OAuthClient client, OAuthConfig config, List<String> emails) {
+  public static Map<String, User> getUsersByEmail(OAuthClient client, OAuthConfig config, Collection<String> emails) {
     return getUsersByEmail(client, config, emails, BasicUser::new);
   }
 
-  public static <T extends User> Map<String, T> getUsersByEmail(OAuthClient client, OAuthConfig config, List<String> emails, Function<JSONObject, T> userConverter) {
+  public static <T extends User> Map<String, T> getUsersByEmail(OAuthClient client, OAuthConfig config, Collection<String> emails, Function<JSONObject, T> userConverter) {
     return getUsers(client, config, emails, userConverter, "emails", u -> u.getString(IdTokenFields.email.name()));
   }
 
-  public static Map<Long, User> getUsersById(OAuthClient client, OAuthConfig config, List<Long> userIds) {
+  public static Map<Long, User> getUsersById(OAuthClient client, OAuthConfig config, Collection<Long> userIds) {
     return getUsersById(client, config, userIds, BasicUser::new);
   }
 
-  public static <T extends User> Map<Long, T> getUsersById(OAuthClient client, OAuthConfig config, List<Long> userIds, Function<JSONObject, T> userConverter) {
+  public static <T extends User> Map<Long, T> getUsersById(OAuthClient client, OAuthConfig config, Collection<Long> userIds, Function<JSONObject, T> userConverter) {
     return getUsers(client, config, userIds, userConverter, "userIds", u -> Long.valueOf(u.getString(IdTokenFields.sub.name())));
   }
 
-  private static <T extends User, S> Map<S, T> getUsers(OAuthClient client, OAuthConfig config, List<S> identifiers,
+  private static <T extends User, S> Map<S, T> getUsers(OAuthClient client, OAuthConfig config, Collection<S> identifiers,
       Function<JSONObject, T> userConverter, String identifiersJsonPropKey, Function<JSONObject,S> keyGenerator) {
     LOG.info("Using OAuthQuerier for multi-user request by " + identifiersJsonPropKey +
         ": [" + identifiers.stream().map(String::valueOf).collect(Collectors.joining(", ")) + "]");

From 4a7206a186ec7e160846e26c70447c9ea4b7ee29 Mon Sep 17 00:00:00 2001
From: Elizabeth Paige Harper <foxcapades.io@gmail.com>
Date: Fri, 20 Sep 2024 08:59:03 -0400
Subject: [PATCH 22/51] [maven-release-plugin] prepare release 1.2.3-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 0f4023f3..54f125d2 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.2.2-jakarta-SNAPSHOT</version>
+    <version>1.2.3-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 5eaa1852..3c065692 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.2.2-jakarta-SNAPSHOT</version>
+  <version>1.2.3-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>1.2.3-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 55bf42f0daf66036e9e24dd23e915ca9ea6ea89f Mon Sep 17 00:00:00 2001
From: Elizabeth Paige Harper <foxcapades.io@gmail.com>
Date: Fri, 20 Sep 2024 08:59:05 -0400
Subject: [PATCH 23/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 54f125d2..5fcf753c 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>1.2.3-jakarta</version>
+    <version>1.2.4-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 3c065692..8879254d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>1.2.3-jakarta</version>
+  <version>1.2.4-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>1.2.3-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From 182aa9c78cecdad9be540f602ebb46aae1b40d49 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 30 Sep 2024 22:34:56 -0400
Subject: [PATCH 24/51] [maven-release-plugin] prepare release v2.0.0-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 0e1e8acc..6696037d 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>2.0.0-jakarta-SNAPSHOT</version>
+    <version>2.0.0-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 6f154463..60361547 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>2.0.0-jakarta-SNAPSHOT</version>
+  <version>2.0.0-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v2.0.0-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 1c79dab448a85f53f8de6fe995e94932a56ff2a4 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 30 Sep 2024 22:34:58 -0400
Subject: [PATCH 25/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 6696037d..0c52517e 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>2.0.0-jakarta</version>
+    <version>2.0.1-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 60361547..88008eeb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>2.0.0-jakarta</version>
+  <version>2.0.1-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v2.0.0-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From d9fcad463d9b88b637223456c645cd8699a49640 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Wed, 13 Nov 2024 15:02:46 -0500
Subject: [PATCH 26/51] [maven-release-plugin] prepare release v2.0.1-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 0c52517e..05059ace 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>2.0.1-jakarta-SNAPSHOT</version>
+    <version>2.0.1-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 88008eeb..aa65c825 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>2.0.1-jakarta-SNAPSHOT</version>
+  <version>2.0.1-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v2.0.1-jakarta</tag>
   </scm>
 
   <distributionManagement>

From e2f303f88674874d54dbff40e60a24b2e2c21407 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Wed, 13 Nov 2024 15:02:49 -0500
Subject: [PATCH 27/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 05059ace..96ea0092 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>2.0.1-jakarta</version>
+    <version>2.0.2-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index aa65c825..be7373fa 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>2.0.1-jakarta</version>
+  <version>2.0.2-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v2.0.1-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From f126499138e5754d0e0dd658e9c653b4a02a19e1 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Tue, 28 Jan 2025 17:51:17 -0500
Subject: [PATCH 28/51] Rework user class hierarchy to support differentiating
 UserInfo vs User object roles (information vs action on user's behalf)

---
 .../oauth2/client/veupathdb/OAuthQuerier.java |  14 +--
 .../gusdb/oauth2/client/veupathdb/User.java   | 109 ++----------------
 .../{BearerTokenUser.java => UserImpl.java}   |  11 +-
 .../oauth2/client/veupathdb/UserInfo.java     | 107 +++++++++++++++++
 .../{BasicUser.java => UserInfoImpl.java}     |  35 +++---
 .../oauth2/client/veupathdb/UserProperty.java |  10 +-
 .../eupathdb/AccountDbAuthenticator.java      |  28 ++---
 .../oauth2/eupathdb/UserInfoFetcher.java      |  10 +-
 .../oauth2/eupathdb/UserQueryHandler.java     |   6 +-
 .../java/org/gusdb/oauth2/Authenticator.java  |  10 +-
 .../{UserInfo.java => UserAccountInfo.java}   |   2 +-
 .../oauth2/service/OAuthRequestHandler.java   |   8 +-
 .../gusdb/oauth2/service/OAuthService.java    |   8 +-
 .../oauth2/service/token/TokenFactory.java    |  18 +--
 14 files changed, 202 insertions(+), 174 deletions(-)
 rename Client/src/main/java/org/gusdb/oauth2/client/veupathdb/{BearerTokenUser.java => UserImpl.java} (82%)
 create mode 100644 Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java
 rename Client/src/main/java/org/gusdb/oauth2/client/veupathdb/{BasicUser.java => UserInfoImpl.java} (77%)
 rename Server/src/main/java/org/gusdb/oauth2/{UserInfo.java => UserAccountInfo.java} (98%)

diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
index 643219dd..74e52f15 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/OAuthQuerier.java
@@ -18,23 +18,23 @@ public class OAuthQuerier {
 
   private static final Logger LOG = LogManager.getLogger(OAuthQuerier.class);
 
-  public static Map<String, User> getUsersByEmail(OAuthClient client, OAuthConfig config, Collection<String> emails) {
-    return getUsersByEmail(client, config, emails, BasicUser::new);
+  public static Map<String, UserInfo> getUsersByEmail(OAuthClient client, OAuthConfig config, Collection<String> emails) {
+    return getUsersByEmail(client, config, emails, UserInfoImpl::new);
   }
 
-  public static <T extends User> Map<String, T> getUsersByEmail(OAuthClient client, OAuthConfig config, Collection<String> emails, Function<JSONObject, T> userConverter) {
+  public static <T extends UserInfo> Map<String, T> getUsersByEmail(OAuthClient client, OAuthConfig config, Collection<String> emails, Function<JSONObject, T> userConverter) {
     return getUsers(client, config, emails, userConverter, "emails", u -> u.getString(IdTokenFields.email.name()));
   }
 
-  public static Map<Long, User> getUsersById(OAuthClient client, OAuthConfig config, Collection<Long> userIds) {
-    return getUsersById(client, config, userIds, BasicUser::new);
+  public static Map<Long, UserInfo> getUsersById(OAuthClient client, OAuthConfig config, Collection<Long> userIds) {
+    return getUsersById(client, config, userIds, UserInfoImpl::new);
   }
 
-  public static <T extends User> Map<Long, T> getUsersById(OAuthClient client, OAuthConfig config, Collection<Long> userIds, Function<JSONObject, T> userConverter) {
+  public static <T extends UserInfo> Map<Long, T> getUsersById(OAuthClient client, OAuthConfig config, Collection<Long> userIds, Function<JSONObject, T> userConverter) {
     return getUsers(client, config, userIds, userConverter, "userIds", u -> Long.valueOf(u.getString(IdTokenFields.sub.name())));
   }
 
-  private static <T extends User, S> Map<S, T> getUsers(OAuthClient client, OAuthConfig config, Collection<S> identifiers,
+  private static <T extends UserInfo, S> Map<S, T> getUsers(OAuthClient client, OAuthConfig config, Collection<S> identifiers,
       Function<JSONObject, T> userConverter, String identifiersJsonPropKey, Function<JSONObject,S> keyGenerator) {
     LOG.info("Using OAuthQuerier for multi-user request by " + identifiersJsonPropKey +
         ": [" + identifiers.stream().map(String::valueOf).collect(Collectors.joining(", ")) + "]");
diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/User.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/User.java
index ebfad179..c68c73b3 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/User.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/User.java
@@ -1,101 +1,16 @@
 package org.gusdb.oauth2.client.veupathdb;
 
-import java.util.Collections;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
-
-import org.gusdb.oauth2.client.veupathdb.UserProperty.InputType;
-import org.json.JSONObject;
-
-public interface User {
-
-  public static final Map<String,UserProperty> USER_PROPERTIES = createUserPropertyDefs();
-
-  static final String USERNAME_HELP = "You are able to log in with this value or your email.";
-  static final String ORGANIZATION_HELP = "Please use the full name of your academic institution, company, or foundation.";
-  static final String GROUP_NAME_HELP = "Please use the official name of your group or lab or the full name of your primary investigator.";
-  static final String ORGANIZATION_SUGGEST = "e.g. University of Pennsylvania";
-  static final String GROUP_NAME_SUGGEST = "e.g. Jane Doe Lab";
-  static final String NO_VALUE = null;
-
-  private static Map<String,UserProperty> createUserPropertyDefs() {
-    List<UserProperty> userProps = List.of(
-        new UserProperty("username", "Username", USERNAME_HELP, NO_VALUE, "username", false, false, InputType.TEXT, User::getUsername, User::setUsername),
-        new UserProperty("firstName", "First Name", NO_VALUE, NO_VALUE, "first_name", true, true, InputType.TEXT, User::getFirstName, User::setFirstName),
-        new UserProperty("middleName", "Middle Name", NO_VALUE, NO_VALUE, "middle_name", false, true, InputType.TEXT, User::getMiddleName, User::setMiddleName),
-        new UserProperty("lastName", "Last Name", NO_VALUE, NO_VALUE, "last_name", true, true, InputType.TEXT, User::getLastName, User::setLastName),
-        new UserProperty("country", "Country", NO_VALUE, NO_VALUE, "country", true, true, InputType.SELECT, User::getCountry, User::setCountry),
-        new UserProperty("organization", "Organization Name", ORGANIZATION_HELP, ORGANIZATION_SUGGEST, "organization", true, true, InputType.TEXT, User::getOrganization, User::setOrganization),
-        new UserProperty("organizationType", "Organization Type", NO_VALUE, NO_VALUE, "organization_type", true, true, InputType.SELECT, User::getOrganizationType, User::setOrganizationType),
-        new UserProperty("position", "Primary Position", NO_VALUE, NO_VALUE, "position", true, true, InputType.SELECT, User::getPosition, User::setPosition),
-        new UserProperty("groupName", "Group Name", GROUP_NAME_HELP, GROUP_NAME_SUGGEST, "group_name", true, true, InputType.TEXT, User::getGroupName, User::setGroupName),
-        new UserProperty("interests", "Interests", NO_VALUE, NO_VALUE, "interests", false, false, InputType.TEXTBOX, User::getInterests, User::setInterests)
-    );
-    return Collections.unmodifiableMap(userProps.stream().collect(Collectors.toMap(UserProperty::getName, x -> x, (a,b) -> a, () -> new LinkedHashMap<>())));
-  }
-
-  void setPropertyValues(JSONObject json);
-  void setPropertyValues(Map<String,String> propertyValues);
-
-  long getUserId();
-  boolean isGuest();
-  String getSignature();
-  String getStableId();
-
-  String getEmail();
-  User setEmail(String email);
-
-  String getUsername();
-  User setUsername(String username);
-
-  String getFirstName();
-  User setFirstName(String firstName);
-
-  String getMiddleName();
-  User setMiddleName(String middleName);
-
-  String getLastName();
-  User setLastName(String lastName);
-
-  String getCountry();
-  User setCountry(String country);
-
-  String getOrganization();
-  User setOrganization(String organization);
-
-  String getGroupName();
-  User setGroupName(String groupName);
-
-  String getPosition();
-  User setPosition(String position);
-
-  String getOrganizationType();
-  User setOrganizationType(String organizationType);
-
-  String getInterests();
-  User setInterests(String interests);
-
-  /**
-   * Provides a "pretty" display name for this user
-   * 
-   * @return display name for this user
-   */
-  default String getDisplayName() {
-    return isGuest() ? "Guest User" : formatDisplayName(getFirstName(), getMiddleName(), getLastName());
-  }
-
-  static String formatDisplayName(String firstName, String middleName, String lastName) {
-    return (
-      formatNamePart(firstName) +
-      formatNamePart(middleName) +
-      formatNamePart(lastName)
-    ).trim();
-  }
-
-  private static String formatNamePart(String namePart) {
-    return (namePart == null || namePart.isEmpty() ? "" : " " + namePart.trim());
-  }
+import org.gusdb.oauth2.client.ValidatedToken;
+
+/**
+ * Represents a VEuPathDB authenticated user.  Contains all user information and
+ * a validated authentication token which can be used to perform actions on the
+ * user's behalf.
+ *
+ * @author rdoherty
+ */
+public interface User extends UserInfo {
+
+  ValidatedToken getAuthenticationToken();
 
 }
diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BearerTokenUser.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserImpl.java
similarity index 82%
rename from Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BearerTokenUser.java
rename to Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserImpl.java
index 98f77ed0..c1d1d7c4 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BearerTokenUser.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserImpl.java
@@ -7,16 +7,16 @@
 import org.gusdb.oauth2.shared.IdTokenFields;
 import org.json.JSONObject;
 
-public class BearerTokenUser extends BasicUser {
+public class UserImpl extends UserInfoImpl implements User {
 
-  private static final Logger LOG = LogManager.getLogger(BearerTokenUser.class);
+  private static final Logger LOG = LogManager.getLogger(UserImpl.class);
 
   private final OAuthClient _client;
   private final String _oauthUrl;
   private final ValidatedToken _token;
   private boolean _userInfoFetched = false;
 
-  public BearerTokenUser(OAuthClient client, String oauthUrl, ValidatedToken token) {
+  public UserImpl(OAuthClient client, String oauthUrl, ValidatedToken token) {
     // parent constructor sets immutable fields provided on the token
     super(
         Long.valueOf(token.getUserId()),
@@ -28,6 +28,11 @@ public BearerTokenUser(OAuthClient client, String oauthUrl, ValidatedToken token
     _token = token;
   }
 
+  @Override
+  public ValidatedToken getAuthenticationToken() {
+    return _token;
+  }
+
   @Override
   protected void fetchUserInfo() {
     // return if already fetched
diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java
new file mode 100644
index 00000000..ca67b0b6
--- /dev/null
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java
@@ -0,0 +1,107 @@
+package org.gusdb.oauth2.client.veupathdb;
+
+import java.util.Collections;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+import org.gusdb.oauth2.client.veupathdb.UserProperty.InputType;
+import org.json.JSONObject;
+
+/**
+ * Represents a VEupathDB user's information.  However, cannot be used to act
+ * on the user's behalf since it does not contain an authentication token.
+ *
+ * @author rdoherty
+ */
+public interface UserInfo {
+
+  public static final Map<String,UserProperty> USER_PROPERTIES = createUserPropertyDefs();
+
+  static final String USERNAME_HELP = "You are able to log in with this value or your email.";
+  static final String ORGANIZATION_HELP = "Please use the full name of your academic institution, company, or foundation.";
+  static final String GROUP_NAME_HELP = "Please use the official name of your group or lab or the full name of your primary investigator.";
+  static final String ORGANIZATION_SUGGEST = "e.g. University of Pennsylvania";
+  static final String GROUP_NAME_SUGGEST = "e.g. Jane Doe Lab";
+  static final String NO_VALUE = null;
+
+  private static Map<String,UserProperty> createUserPropertyDefs() {
+    List<UserProperty> userProps = List.of(
+        new UserProperty("username", "Username", USERNAME_HELP, NO_VALUE, "username", false, false, InputType.TEXT, UserInfo::getUsername, UserInfo::setUsername),
+        new UserProperty("firstName", "First Name", NO_VALUE, NO_VALUE, "first_name", true, true, InputType.TEXT, UserInfo::getFirstName, UserInfo::setFirstName),
+        new UserProperty("middleName", "Middle Name", NO_VALUE, NO_VALUE, "middle_name", false, true, InputType.TEXT, UserInfo::getMiddleName, UserInfo::setMiddleName),
+        new UserProperty("lastName", "Last Name", NO_VALUE, NO_VALUE, "last_name", true, true, InputType.TEXT, UserInfo::getLastName, UserInfo::setLastName),
+        new UserProperty("country", "Country", NO_VALUE, NO_VALUE, "country", true, true, InputType.SELECT, UserInfo::getCountry, UserInfo::setCountry),
+        new UserProperty("organization", "Organization Name", ORGANIZATION_HELP, ORGANIZATION_SUGGEST, "organization", true, true, InputType.TEXT, UserInfo::getOrganization, UserInfo::setOrganization),
+        new UserProperty("organizationType", "Organization Type", NO_VALUE, NO_VALUE, "organization_type", true, true, InputType.SELECT, UserInfo::getOrganizationType, UserInfo::setOrganizationType),
+        new UserProperty("position", "Primary Position", NO_VALUE, NO_VALUE, "position", true, true, InputType.SELECT, UserInfo::getPosition, UserInfo::setPosition),
+        new UserProperty("groupName", "Group Name", GROUP_NAME_HELP, GROUP_NAME_SUGGEST, "group_name", true, true, InputType.TEXT, UserInfo::getGroupName, UserInfo::setGroupName),
+        new UserProperty("interests", "Interests", NO_VALUE, NO_VALUE, "interests", false, false, InputType.TEXTBOX, UserInfo::getInterests, UserInfo::setInterests)
+    );
+    return Collections.unmodifiableMap(userProps.stream().collect(Collectors.toMap(UserProperty::getName, x -> x, (a,b) -> a, () -> new LinkedHashMap<>())));
+  }
+
+  void setPropertyValues(JSONObject json);
+  void setPropertyValues(Map<String,String> propertyValues);
+
+  long getUserId();
+  boolean isGuest();
+  String getSignature();
+  String getStableId();
+
+  String getEmail();
+  UserInfo setEmail(String email);
+
+  String getUsername();
+  UserInfo setUsername(String username);
+
+  String getFirstName();
+  UserInfo setFirstName(String firstName);
+
+  String getMiddleName();
+  UserInfo setMiddleName(String middleName);
+
+  String getLastName();
+  UserInfo setLastName(String lastName);
+
+  String getCountry();
+  UserInfo setCountry(String country);
+
+  String getOrganization();
+  UserInfo setOrganization(String organization);
+
+  String getGroupName();
+  UserInfo setGroupName(String groupName);
+
+  String getPosition();
+  UserInfo setPosition(String position);
+
+  String getOrganizationType();
+  UserInfo setOrganizationType(String organizationType);
+
+  String getInterests();
+  UserInfo setInterests(String interests);
+
+  /**
+   * Provides a "pretty" display name for this user
+   * 
+   * @return display name for this user
+   */
+  default String getDisplayName() {
+    return isGuest() ? "Guest User" : formatDisplayName(getFirstName(), getMiddleName(), getLastName());
+  }
+
+  static String formatDisplayName(String firstName, String middleName, String lastName) {
+    return (
+      formatNamePart(firstName) +
+      formatNamePart(middleName) +
+      formatNamePart(lastName)
+    ).trim();
+  }
+
+  private static String formatNamePart(String namePart) {
+    return (namePart == null || namePart.isEmpty() ? "" : " " + namePart.trim());
+  }
+
+}
diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BasicUser.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfoImpl.java
similarity index 77%
rename from Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BasicUser.java
rename to Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfoImpl.java
index d1ba239c..ba59cf40 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/BasicUser.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfoImpl.java
@@ -6,11 +6,12 @@
 import org.json.JSONObject;
 
 /**
- * Represents a VEupathDB user
+ * Represents a VEupathDB user's information.  However, cannot be used to act
+ * on the user's behalf since it does not contain an authentication token.
  *
  * @author rdoherty
  */
-public class BasicUser implements User {
+public class UserInfoImpl implements UserInfo {
 
   // immutable fields supplied by bearer token
   private final long _userId;
@@ -31,14 +32,14 @@ public class BasicUser implements User {
   private String _organizationType;
   private String _interests;
 
-  public BasicUser(long userId, boolean isGuest, String signature, String stableId) {
+  public UserInfoImpl(long userId, boolean isGuest, String signature, String stableId) {
     _userId = userId;
     _isGuest = isGuest;
     _signature = signature;
     _stableId = stableId;
   }
 
-  public BasicUser(JSONObject json) {
+  public UserInfoImpl(JSONObject json) {
     this(
         Long.valueOf(json.getString(IdTokenFields.sub.name())),
         json.getBoolean(IdTokenFields.is_guest.name()),
@@ -103,7 +104,7 @@ public String getEmail() {
   }
 
   @Override
-  public BasicUser setEmail(String email) {
+  public UserInfoImpl setEmail(String email) {
     _email = email;
     return this;
   }
@@ -115,7 +116,7 @@ public String getUsername() {
   }
 
   @Override
-  public BasicUser setUsername(String username) {
+  public UserInfoImpl setUsername(String username) {
     _username = username;
     return this;
   }
@@ -127,7 +128,7 @@ public String getFirstName() {
   }
 
   @Override
-  public BasicUser setFirstName(String firstName) {
+  public UserInfoImpl setFirstName(String firstName) {
     _firstName = firstName;
     return this;
   }
@@ -139,7 +140,7 @@ public String getMiddleName() {
   }
 
   @Override
-  public BasicUser setMiddleName(String middleName) {
+  public UserInfoImpl setMiddleName(String middleName) {
     _middleName = middleName;
     return this;
   }
@@ -151,7 +152,7 @@ public String getLastName() {
   }
 
   @Override
-  public BasicUser setLastName(String lastName) {
+  public UserInfoImpl setLastName(String lastName) {
     _lastName = lastName;
     return this;
   }
@@ -162,7 +163,7 @@ public String getCountry() {
   }
 
   @Override
-  public BasicUser setCountry(String country) {
+  public UserInfoImpl setCountry(String country) {
     _country = country;
     return this;
   }
@@ -174,7 +175,7 @@ public String getOrganization() {
   }
 
   @Override
-  public BasicUser setOrganization(String organization) {
+  public UserInfoImpl setOrganization(String organization) {
     _organization = organization;
     return this;
   }
@@ -185,7 +186,7 @@ public String getGroupName() {
   }
 
   @Override
-  public BasicUser setGroupName(String groupName) {
+  public UserInfoImpl setGroupName(String groupName) {
     _groupName = groupName;
     return this;
   }
@@ -196,7 +197,7 @@ public String getPosition() {
   }
 
   @Override
-  public BasicUser setPosition(String position) {
+  public UserInfoImpl setPosition(String position) {
     _position = position;
     return this;
   }
@@ -207,7 +208,7 @@ public String getOrganizationType() {
   }
 
   @Override
-  public BasicUser setOrganizationType(String organizationType) {
+  public UserInfoImpl setOrganizationType(String organizationType) {
     _organizationType = organizationType;
     return this;
   }
@@ -219,7 +220,7 @@ public String getInterests() {
   }
 
   @Override
-  public BasicUser setInterests(String interests) {
+  public UserInfoImpl setInterests(String interests) {
     _interests = interests;
     return this;
   }
@@ -236,10 +237,10 @@ public int hashCode() {
 
   @Override
   public boolean equals(Object obj) {
-    if (!(obj instanceof BasicUser)) {
+    if (!(obj instanceof UserInfoImpl)) {
       return false;
     }
-    return getUserId() == ((BasicUser)obj).getUserId();
+    return getUserId() == ((UserInfoImpl)obj).getUserId();
   }
 
 }
diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserProperty.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserProperty.java
index 371f6d6a..df2c75b2 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserProperty.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserProperty.java
@@ -20,10 +20,10 @@ public static enum InputType {
   private final boolean _isRequired;
   private final boolean _isPublic;
 
-  private final Function<User,String> _getter;
-  private final BiConsumer<User,String> _setter;
+  private final Function<UserInfo,String> _getter;
+  private final BiConsumer<UserInfo,String> _setter;
 
-  public UserProperty(String name, String displayName, String helpText, String suggest, String dbKey, boolean isRequired, boolean isPublic, InputType inputType, Function<User,String> getter, BiConsumer<User,String> setter) {
+  public UserProperty(String name, String displayName, String helpText, String suggest, String dbKey, boolean isRequired, boolean isPublic, InputType inputType, Function<UserInfo,String> getter, BiConsumer<UserInfo,String> setter) {
     _name = name;
     _dbKey = dbKey;
     _isRequired = isRequired;
@@ -36,11 +36,11 @@ public UserProperty(String name, String displayName, String helpText, String sug
     _setter = setter;
   }
 
-  public String getValue(User user) {
+  public String getValue(UserInfo user) {
     return _getter.apply(user);
   }
 
-  public void setValue(User user, String value) {
+  public void setValue(UserInfo user, String value) {
     _setter.accept(user, value);
   }
 
diff --git a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/AccountDbAuthenticator.java b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/AccountDbAuthenticator.java
index c9603ff4..4242c5bf 100644
--- a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/AccountDbAuthenticator.java
+++ b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/AccountDbAuthenticator.java
@@ -32,8 +32,8 @@
 import org.gusdb.fgputil.functional.Functions;
 import org.gusdb.oauth2.Authenticator;
 import org.gusdb.oauth2.InitializationException;
-import org.gusdb.oauth2.UserInfo;
-import org.gusdb.oauth2.client.veupathdb.User;
+import org.gusdb.oauth2.UserAccountInfo;
+import org.gusdb.oauth2.client.veupathdb.UserInfo;
 import org.gusdb.oauth2.client.veupathdb.UserProperty;
 import org.gusdb.oauth2.client.veupathdb.UserProperty.InputType;
 import org.gusdb.oauth2.exception.ConflictException;
@@ -59,7 +59,7 @@ private static enum JsonKey {
 
   // convert from new API to old
   private static final List<UserPropertyName> USER_PROPERTY_DEFS =
-      User.USER_PROPERTIES.values().stream()
+      UserInfo.USER_PROPERTIES.values().stream()
       .map(p -> new UserPropertyName(p.getName(), p.getDbKey(), p.isRequired()))
       .collect(Collectors.toList());
 
@@ -94,12 +94,12 @@ public Optional<String> isCredentialsValid(String username, String password) thr
   }
 
   @Override
-  public Optional<UserInfo> getUserInfoByLoginName(String loginName, DataScope scope) throws Exception {
+  public Optional<UserAccountInfo> getUserInfoByLoginName(String loginName, DataScope scope) throws Exception {
     return getUserInfo(new AccountManager(_accountDb, _schema, USER_PROPERTY_DEFS).getUserProfileByUsernameOrEmail(loginName), scope);
   }
 
   @Override
-  public Optional<UserInfo> getUserInfoByUserId(String userId, DataScope scope) throws Exception {
+  public Optional<UserAccountInfo> getUserInfoByUserId(String userId, DataScope scope) throws Exception {
     return getUserInfo(new AccountManager(_accountDb, _schema, USER_PROPERTY_DEFS).getUserProfile(Long.valueOf(userId)), scope);
   }
 
@@ -128,12 +128,12 @@ else if (value < 36) { // upper case letters
     return buffer.toString();
   }
 
-  Optional<UserInfo> getUserInfo(UserProfile profile, DataScope scope) {
+  Optional<UserAccountInfo> getUserInfo(UserProfile profile, DataScope scope) {
     return Optional.ofNullable(profile).map(p -> createUserInfoObject(p, true, scope));
   }
 
-  private UserInfo createUserInfoObject(UserProfile profile, boolean isEmailVerified, DataScope scope) {
-    return new UserInfo() {
+  private UserAccountInfo createUserInfoObject(UserProfile profile, boolean isEmailVerified, DataScope scope) {
+    return new UserAccountInfo() {
       @Override
       public String getUserId() {
         return String.valueOf(profile.getUserId());
@@ -166,12 +166,12 @@ public Map<String, JsonValue> getSupplementalFields() {
         Map<String,String> props = profile.getProperties();
         switch (scope) {
           case PROFILE:
-            for (String propName : User.USER_PROPERTIES.keySet()) {
+            for (String propName : UserInfo.USER_PROPERTIES.keySet()) {
               builder.add(propName, Optional.ofNullable(props.get(propName)).orElse(""));
             }
             break;
           case ID_TOKEN:
-            builder.add("name", User.formatDisplayName(
+            builder.add("name", UserInfo.formatDisplayName(
                 props.get("firstName"),
                 props.get("middleName"),
                 props.get("lastName")
@@ -265,7 +265,7 @@ private static String getHost(String uriStr) {
   }
 
   @Override
-  public UserInfo createUser(UserPropertiesRequest userProps, String initialPassword) throws ConflictException, InvalidPropertiesException {
+  public UserAccountInfo createUser(UserPropertiesRequest userProps, String initialPassword) throws ConflictException, InvalidPropertiesException {
     AccountManager accountMgr = new AccountManager(_accountDb, _schema, USER_PROPERTY_DEFS);
     validateUserProps(accountMgr, userProps, Optional.empty());
     UserProfile newUser = Functions.mapException(
@@ -298,7 +298,7 @@ private void validateUserProps(AccountManager accountMgr, UserPropertiesRequest
     }
 
     // property validation
-    for (UserProperty prop : User.USER_PROPERTIES.values()) {
+    for (UserProperty prop : UserInfo.USER_PROPERTIES.values()) {
       String value = userProps.get(prop.getName());
       boolean propPopulated = value != null && !value.isBlank();
 
@@ -345,7 +345,7 @@ private static void ensureUniqueValue(String valueName, UserProfile foundProfile
   }
 
   @Override
-  public UserInfo modifyUser(String userIdStr, UserPropertiesRequest userProps) throws ConflictException, InvalidPropertiesException {
+  public UserAccountInfo modifyUser(String userIdStr, UserPropertiesRequest userProps) throws ConflictException, InvalidPropertiesException {
     AccountManager accountMgr = new AccountManager(_accountDb, _schema, USER_PROPERTY_DEFS);
     Long userId = Long.valueOf(userIdStr);
     validateUserProps(accountMgr, userProps, Optional.of(userId));
@@ -358,7 +358,7 @@ public UserInfo modifyUser(String userIdStr, UserPropertiesRequest userProps) th
   }
 
   @Override
-  public Optional<UserInfo> getGuestProfileInfo(String userId) {
+  public Optional<UserAccountInfo> getGuestProfileInfo(String userId) {
     try {
       // FIXME: since this code directly accesses the DB, it should live in AccountManager;
       //   however that complicates FgpUtil releases prior to move to bearer tokens, so adding it here.
diff --git a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/UserInfoFetcher.java b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/UserInfoFetcher.java
index e9c06a13..d9d3f5b7 100644
--- a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/UserInfoFetcher.java
+++ b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/UserInfoFetcher.java
@@ -4,9 +4,9 @@
 import org.gusdb.oauth2.client.OAuthClient;
 import org.gusdb.oauth2.client.OAuthConfig;
 import org.gusdb.oauth2.client.ValidatedToken;
-import org.gusdb.oauth2.client.veupathdb.BasicUser;
-import org.gusdb.oauth2.client.veupathdb.BearerTokenUser;
-import org.gusdb.oauth2.client.veupathdb.User;
+import org.gusdb.oauth2.client.veupathdb.UserInfoImpl;
+import org.gusdb.oauth2.client.veupathdb.UserImpl;
+import org.gusdb.oauth2.client.veupathdb.UserInfo;
 import org.gusdb.oauth2.exception.ExpiredTokenException;
 import org.gusdb.oauth2.exception.InvalidTokenException;
 import org.json.JSONObject;
@@ -53,10 +53,10 @@ public void execute() throws InvalidTokenException, ExpiredTokenException {
     // first try BasicUser method
     JSONObject json = client.getUserData(oauthConfig.getOauthUrl(), token);
     System.out.println("Raw Token Data:\n" + json.toString(2));
-    System.out.println(new BasicUser(json).getDisplayName());
+    System.out.println(new UserInfoImpl(json).getDisplayName());
 
     // second try BearerTokenUser method
-    User user = new BearerTokenUser(client, oauthConfig.getOauthUrl(), token);
+    UserInfo user = new UserImpl(client, oauthConfig.getOauthUrl(), token);
     System.out.println(user.getDisplayName());
   }
 
diff --git a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/UserQueryHandler.java b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/UserQueryHandler.java
index cb31bf1a..7bf633c9 100644
--- a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/UserQueryHandler.java
+++ b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/UserQueryHandler.java
@@ -17,7 +17,7 @@
 import org.gusdb.fgputil.accountdb.AccountManager;
 import org.gusdb.fgputil.accountdb.UserProfile;
 import org.gusdb.oauth2.Authenticator.DataScope;
-import org.gusdb.oauth2.UserInfo;
+import org.gusdb.oauth2.UserAccountInfo;
 import org.gusdb.oauth2.service.OAuthRequestHandler;
 import org.gusdb.oauth2.shared.IdTokenFields;
 
@@ -95,7 +95,7 @@ private JsonObject getUserJsonByEmail(String requestedEmail) {
         .build();
     }
     else {
-      UserInfo user = _authenticator.getUserInfo(userProfile, DataScope.PROFILE).get();
+      UserAccountInfo user = _authenticator.getUserInfo(userProfile, DataScope.PROFILE).get();
       return OAuthRequestHandler.getUserInfoResponseJson(user, Optional.empty())
         .add(FOUND_KEY, true)
         .build();
@@ -105,7 +105,7 @@ private JsonObject getUserJsonByEmail(String requestedEmail) {
   private JsonObject getUserJsonById(long requestedUserId) {
     // look for registered user first
     UserProfile userProfile = _accountDb.getUserProfile(requestedUserId);
-    Optional<UserInfo> userOpt = userProfile == null
+    Optional<UserAccountInfo> userOpt = userProfile == null
       // no registered user found; look for guest
       ? _authenticator.getGuestProfileInfo(String.valueOf(requestedUserId))
       // convert profile to UserInfo
diff --git a/Server/src/main/java/org/gusdb/oauth2/Authenticator.java b/Server/src/main/java/org/gusdb/oauth2/Authenticator.java
index a527fc09..a9ccb19b 100644
--- a/Server/src/main/java/org/gusdb/oauth2/Authenticator.java
+++ b/Server/src/main/java/org/gusdb/oauth2/Authenticator.java
@@ -89,7 +89,7 @@ public static class RequestingUser extends AbstractMap.SimpleImmutableEntry<Stri
    * @return user information for the given scope, or empty optional if not found
    * @throws Exception if something goes wrong while fetching user info
    */
-  public Optional<UserInfo> getUserInfoByLoginName(String loginName, DataScope scope) throws Exception;
+  public Optional<UserAccountInfo> getUserInfoByLoginName(String loginName, DataScope scope) throws Exception;
 
   /**
    * Look up user information by user ID.
@@ -98,7 +98,7 @@ public static class RequestingUser extends AbstractMap.SimpleImmutableEntry<Stri
    * @return user information for the given scope, or empty optional if not found
    * @throws Exception if something goes wrong while fetching user info
    */
-  public Optional<UserInfo> getUserInfoByUserId(String userId, DataScope scope) throws Exception;
+  public Optional<UserAccountInfo> getUserInfoByUserId(String userId, DataScope scope) throws Exception;
 
   /**
    * Looks up the user ID (must be a guest) and returns the user profile (returned by
@@ -108,7 +108,7 @@ public static class RequestingUser extends AbstractMap.SimpleImmutableEntry<Stri
    * @param userId user ID of the guest user
    * @return user profile for a guest user with the passed ID, or empty if not found
    */
-  public default Optional<UserInfo> getGuestProfileInfo(String userId) {
+  public default Optional<UserAccountInfo> getGuestProfileInfo(String userId) {
     return Optional.empty();
   }
 
@@ -178,7 +178,7 @@ public default String getNextGuestId() {
    * @throws InvalidPropertiesException if input user props are invalid for another reason
    * @throws RuntimeException if unable to complete the operation
    */
-  public UserInfo createUser(UserPropertiesRequest userProps, String initialPassword) throws IllegalArgumentException, ConflictException, InvalidPropertiesException;
+  public UserAccountInfo createUser(UserPropertiesRequest userProps, String initialPassword) throws IllegalArgumentException, ConflictException, InvalidPropertiesException;
 
   /**
    * Modifies the user account for passed userId using the passed user props
@@ -190,7 +190,7 @@ public default String getNextGuestId() {
    * @throws InvalidPropertiesException if input user props are invalid for another reason
    * @throws RuntimeException if unable to complete the operation
    */
-  public UserInfo modifyUser(String userId, UserPropertiesRequest userProps) throws IllegalArgumentException, ConflictException, InvalidPropertiesException;
+  public UserAccountInfo modifyUser(String userId, UserPropertiesRequest userProps) throws IllegalArgumentException, ConflictException, InvalidPropertiesException;
 
   /**
    * Reset the password for the passed login to the passed password value
diff --git a/Server/src/main/java/org/gusdb/oauth2/UserInfo.java b/Server/src/main/java/org/gusdb/oauth2/UserAccountInfo.java
similarity index 98%
rename from Server/src/main/java/org/gusdb/oauth2/UserInfo.java
rename to Server/src/main/java/org/gusdb/oauth2/UserAccountInfo.java
index 88c5edb1..7fd1c25c 100644
--- a/Server/src/main/java/org/gusdb/oauth2/UserInfo.java
+++ b/Server/src/main/java/org/gusdb/oauth2/UserAccountInfo.java
@@ -9,7 +9,7 @@
  * 
  * @author rdoherty
  */
-public interface UserInfo {
+public interface UserAccountInfo {
   /**
    * Returns system-unique and static ID for a user; this identifier should be
    * suitable for representing a primary key for this user.  It will be
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/OAuthRequestHandler.java b/Server/src/main/java/org/gusdb/oauth2/service/OAuthRequestHandler.java
index 6de065d3..3b476c24 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/OAuthRequestHandler.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/OAuthRequestHandler.java
@@ -35,7 +35,7 @@
 import org.apache.oltu.oauth2.rs.response.OAuthRSResponse;
 import org.gusdb.oauth2.Authenticator;
 import org.gusdb.oauth2.Authenticator.DataScope;
-import org.gusdb.oauth2.UserInfo;
+import org.gusdb.oauth2.UserAccountInfo;
 import org.gusdb.oauth2.config.ApplicationConfig;
 import org.gusdb.oauth2.service.token.TokenFactory;
 import org.gusdb.oauth2.service.token.TokenStore;
@@ -198,7 +198,7 @@ public static Response handleUserInfoRequest(OAuthAccessResourceRequest oauthReq
 
   public static Response handleUserInfoRequest(Authenticator authenticator, String userId, boolean isGuest) {
     try {
-      Optional<UserInfo> user = isGuest
+      Optional<UserAccountInfo> user = isGuest
         // treat user ID as guest ID
         ? authenticator.getGuestProfileInfo(userId)
         : authenticator.getUserInfoByUserId(userId, DataScope.PROFILE);
@@ -218,14 +218,14 @@ public static Response handleUserInfoRequest(Authenticator authenticator, String
     }
   }
 
-  public static JsonObjectBuilder getUserInfoResponseJson(UserInfo user, Optional<String> password) {
+  public static JsonObjectBuilder getUserInfoResponseJson(UserAccountInfo user, Optional<String> password) {
     JsonObjectBuilder json = TokenFactory.getBaseJson(user);
     TokenFactory.appendProfileFields(json, user, DataScope.PROFILE);
     password.ifPresent(pw -> TokenFactory.appendPassword(json, pw));
     return json;
   }
 
-  public static String getUserInfoResponseString(UserInfo user, Optional<String> password) {
+  public static String getUserInfoResponseString(UserAccountInfo user, Optional<String> password) {
     return getUserInfoResponseJson(user, password).build().toString();
   }
 
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java b/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
index 0ec63d57..ff40a079 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
@@ -59,7 +59,7 @@
 import org.gusdb.oauth2.Authenticator;
 import org.gusdb.oauth2.Authenticator.DataScope;
 import org.gusdb.oauth2.Authenticator.RequestingUser;
-import org.gusdb.oauth2.UserInfo;
+import org.gusdb.oauth2.UserAccountInfo;
 import org.gusdb.oauth2.assets.StaticResource;
 import org.gusdb.oauth2.client.Endpoints;
 import org.gusdb.oauth2.client.HttpStatus;
@@ -434,7 +434,7 @@ public Response createAccount(String body) {
       UserPropertiesRequest userProps = new UserPropertiesRequest(input.getJsonObject("user"));
       Authenticator authenticator = OAuthServlet.getAuthenticator(_context);
       String initialPassword = authenticator.generateNewPassword();
-      UserInfo newUser = authenticator.createUser(userProps, initialPassword);
+      UserAccountInfo newUser = authenticator.createUser(userProps, initialPassword);
       return Response.ok(OAuthRequestHandler.getUserInfoResponseString(newUser, Optional.of(initialPassword))).build();
     }
     catch (JsonParsingException | ClassCastException e) {
@@ -472,7 +472,7 @@ public Response modifyAccount(String body) {
 
       // non guest user with proper credentials from an allowed client
       UserPropertiesRequest userProps = new UserPropertiesRequest(input.getJsonObject("user"));
-      UserInfo modifiedUser = authenticator.modifyUser(user.getUserId(), userProps);
+      UserAccountInfo modifiedUser = authenticator.modifyUser(user.getUserId(), userProps);
       return Response.ok(OAuthRequestHandler.getUserInfoResponseString(modifiedUser, Optional.empty())).build();
 
     }
@@ -504,7 +504,7 @@ public Response resetPassword(String body) {
       }
       String loginName = input.getString("loginName");
       Authenticator authenticator = OAuthServlet.getAuthenticator(_context);
-      Optional<UserInfo> userOpt = authenticator.getUserInfoByLoginName(loginName, DataScope.PROFILE);
+      Optional<UserAccountInfo> userOpt = authenticator.getUserInfoByLoginName(loginName, DataScope.PROFILE);
       return userOpt.map(user -> {
         String newPassword = authenticator.generateNewPassword();
         authenticator.resetPassword(user.getUserId(), newPassword);
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/token/TokenFactory.java b/Server/src/main/java/org/gusdb/oauth2/service/token/TokenFactory.java
index 836d6668..6c3c21f4 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/token/TokenFactory.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/token/TokenFactory.java
@@ -16,7 +16,7 @@
 import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
 import org.gusdb.oauth2.Authenticator;
 import org.gusdb.oauth2.Authenticator.DataScope;
-import org.gusdb.oauth2.UserInfo;
+import org.gusdb.oauth2.UserAccountInfo;
 import org.gusdb.oauth2.service.token.TokenStore.IdTokenParams;
 import org.gusdb.oauth2.shared.IdTokenFields;
 
@@ -30,11 +30,7 @@ public static JsonObject createTokenJson(Authenticator authenticator, String log
     assert(scope != DataScope.PROFILE);
 
     // get values from authenticator and use to populate fields
-    UserInfo user = getUserInfoForToken(authenticator, loginName, scope);
-    String userId = user.getUserId();
-    if (userId == null || userId.isEmpty())
-      throw OAuthProblemException.error("Authenticator returned null or empty " +
-          "user ID for login name [" + loginName + "].");
+    UserAccountInfo user = getUserInfoForToken(authenticator, userId, scope);
 
     // get base object (common to ID and guest tokens, and user profiles)
     JsonObjectBuilder json = getBaseJson(user);
@@ -43,13 +39,13 @@ public static JsonObject createTokenJson(Authenticator authenticator, String log
     return json.build();
   }
 
-  public static JsonObjectBuilder getBaseJson(UserInfo user) {
+  public static JsonObjectBuilder getBaseJson(UserAccountInfo user) {
     return Json.createObjectBuilder()
       .add(IdTokenFields.sub.name(), user.getUserId())
       .add(IdTokenFields.is_guest.name(), user.isGuest());
   }
 
-  public static JsonObjectBuilder appendProfileFields(JsonObjectBuilder jsonBuilder, UserInfo user, DataScope scope) {
+  public static JsonObjectBuilder appendProfileFields(JsonObjectBuilder jsonBuilder, UserAccountInfo user, DataScope scope) {
     // add user's email if returned by Authenticator
     String email = user.getEmail();
     if (scope != DataScope.BEARER_TOKEN && email != null && !email.isBlank()) {
@@ -121,13 +117,17 @@ public static JsonObject createGuestTokenJson(Authenticator authenticator, Strin
 
     // get base object (common to ID and guest tokens, and user profiles)
     String guestUserId = authenticator.getNextGuestId();
-    UserInfo guestUser = authenticator.getGuestProfileInfo(guestUserId).orElseThrow(); // just inserted on the last line
+    UserAccountInfo guestUser = authenticator.getGuestProfileInfo(guestUserId).orElseThrow(); // just inserted on the last line
     JsonObjectBuilder json = getBaseJson(guestUser);
     appendOidcFields(json, new IdTokenParams(clientId, null), issuer, expirationSecs);
     return json.build();
   }
 
+<<<<<<< HEAD
   private static UserInfo getUserInfoForToken(Authenticator authenticator, String loginName, DataScope scope) throws OAuthSystemException {
+=======
+  private static UserAccountInfo getUserInfoForToken(Authenticator authenticator, String userId, DataScope scope) throws OAuthSystemException {
+>>>>>>> f911f67... Rework user class hierarchy to support differentiating UserInfo vs User object roles (information vs action on user's behalf)
     try {
       return authenticator.getUserInfoByLoginName(loginName, scope).orElseThrow(() -> {
         LOG.warn("Request made to get user token for login '" + loginName + "', which does not seem to exist.");

From 7f39a2435d0f1a66dca145145432e88b9a6b7d0c Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Tue, 28 Jan 2025 20:45:54 -0500
Subject: [PATCH 29/51] [maven-release-plugin] prepare release v3.0.0-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 96ea0092..7dfde0fc 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>2.0.2-jakarta-SNAPSHOT</version>
+    <version>3.0.0-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index be7373fa..bb9755b7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>2.0.2-jakarta-SNAPSHOT</version>
+  <version>3.0.0-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v3.0.0-jakarta</tag>
   </scm>
 
   <distributionManagement>

From ec09691d0853ecec863abddc4cdce10d30727c3b Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Tue, 28 Jan 2025 20:45:56 -0500
Subject: [PATCH 30/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 7dfde0fc..8fff6ccb 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.0.0-jakarta</version>
+    <version>3.0.1-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index bb9755b7..7ca89974 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.0.0-jakarta</version>
+  <version>3.0.1-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v3.0.0-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From 6c475456d8fea1b674a25501d0ad38368943d62b Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 10 Feb 2025 10:48:26 -0500
Subject: [PATCH 31/51] [maven-release-plugin] prepare release v3.1.0-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index d77db649..39cc559f 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.1.0-jakarta-SNAPSHOT</version>
+    <version>3.1.0-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index a9945a74..ec8cec6c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.1.0-jakarta-SNAPSHOT</version>
+  <version>3.1.0-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v3.1.0-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 8b9a53af964723579158ed6f653a19ebf4790cf8 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 10 Feb 2025 10:48:32 -0500
Subject: [PATCH 32/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 39cc559f..8cfb7494 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.1.0-jakarta</version>
+    <version>3.1.1-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index ec8cec6c..fecae9f1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.1.0-jakarta</version>
+  <version>3.1.1-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v3.1.0-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From 97e3042bfb58e001e0ec693e41d7a07f70a7c452 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Thu, 13 Feb 2025 21:35:12 -0500
Subject: [PATCH 33/51] [maven-release-plugin] prepare release v3.1.1-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 8cfb7494..73afe7ac 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.1.1-jakarta-SNAPSHOT</version>
+    <version>3.1.1-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 7b1c9440..1b4a9c01 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.1.1-jakarta-SNAPSHOT</version>
+  <version>3.1.1-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v3.1.1-jakarta</tag>
   </scm>
 
   <distributionManagement>

From e0b3747b41fc2837213bb579ba9dd472852d46c2 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Thu, 13 Feb 2025 21:35:14 -0500
Subject: [PATCH 34/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 73afe7ac..25e27716 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.1.1-jakarta</version>
+    <version>3.1.2-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 1b4a9c01..1c05fbeb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.1.1-jakarta</version>
+  <version>3.1.2-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v3.1.1-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From 5d910d414dbe6838f23e6f0d83ccf8222fa03ca8 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 14 Feb 2025 14:58:18 -0500
Subject: [PATCH 35/51] base-pom upgrade (fixes java 11 builds)

---
 EuPathDB/pom.xml | 3 ++-
 pom.xml          | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/EuPathDB/pom.xml b/EuPathDB/pom.xml
index 53508eee..2827fdd1 100644
--- a/EuPathDB/pom.xml
+++ b/EuPathDB/pom.xml
@@ -16,7 +16,8 @@
     <!-- Expect this property to be passed in -->
     <oauthConfigFile>WEB-INF/OAuthSampleConfig.json</oauthConfigFile>
 
-    <fgputil.version>2.14.1-jakarta</fgputil.version>
+    <fgputil.version>2.15.2</fgputil.version>
+
   </properties>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 1c05fbeb..6ffd4dda 100644
--- a/pom.xml
+++ b/pom.xml
@@ -9,7 +9,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>base-pom</artifactId>
-    <version>2.23-jakarta</version>
+    <version>2.24-jakarta</version>
   </parent>
 
   <!-- Manage versions of libs specific to OAuth/tokens-->

From cd44845ac6e4570d760dafe786ebec14cbc28ef4 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 14 Feb 2025 15:10:57 -0500
Subject: [PATCH 36/51] [maven-release-plugin] prepare release v3.1.2-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 25e27716..f6784cb2 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.1.2-jakarta-SNAPSHOT</version>
+    <version>3.1.2-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 6ffd4dda..2cee9978 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.1.2-jakarta-SNAPSHOT</version>
+  <version>3.1.2-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v3.1.2-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 0888e66ff2aec93c31a17b548e3ad574835b6570 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 14 Feb 2025 15:10:59 -0500
Subject: [PATCH 37/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index f6784cb2..20b6cf1b 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.1.2-jakarta</version>
+    <version>3.1.3-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 2cee9978..73263d93 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.1.2-jakarta</version>
+  <version>3.1.3-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v3.1.2-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From cea0270e66f44776f95a4ceea73dc750c58e41c5 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 3 Mar 2025 08:39:38 -0500
Subject: [PATCH 38/51] [maven-release-plugin] prepare release v3.2.0-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index f8d0cb61..519f03eb 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.2.0-jakarta-SNAPSHOT</version>
+    <version>3.2.0-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 7e9cc022..397c3660 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.2.0-jakarta-SNAPSHOT</version>
+  <version>3.2.0-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v3.2.0-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 02d99e2079ef2344b0a7df78b89154805f3602d5 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 3 Mar 2025 08:39:40 -0500
Subject: [PATCH 39/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 519f03eb..7a8eb980 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.2.0-jakarta</version>
+    <version>3.2.1-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 397c3660..211fd872 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.2.0-jakarta</version>
+  <version>3.2.1-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v3.2.0-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From a8a62d0abda3345c3b9196b4d82673230bb946e3 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 3 Mar 2025 12:51:07 -0500
Subject: [PATCH 40/51] Move max-size constants into client class for external
 access

---
 .../main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java  | 3 +++
 .../java/org/gusdb/oauth2/eupathdb/accountdb/UserProfile.java  | 3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java
index ca67b0b6..284ebad0 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/veupathdb/UserInfo.java
@@ -17,6 +17,9 @@
  */
 public interface UserInfo {
 
+  public static final int MAX_EMAIL_LENGTH = 255;
+  public static final int MAX_PROPERTY_VALUE_SIZE = 4000;
+
   public static final Map<String,UserProperty> USER_PROPERTIES = createUserPropertyDefs();
 
   static final String USERNAME_HELP = "You are able to log in with this value or your email.";
diff --git a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/accountdb/UserProfile.java b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/accountdb/UserProfile.java
index 3941928d..516e9e9f 100644
--- a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/accountdb/UserProfile.java
+++ b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/accountdb/UserProfile.java
@@ -8,9 +8,6 @@
 
 public class UserProfile {
 
-  public static final int MAX_EMAIL_LENGTH = 255;
-  public static final int MAX_PROPERTY_VALUE_SIZE = 4000;
-
   private Long _userId;
   private String _email;
   private boolean _isGuest;

From 41e2e1989288186a839d2224c629b1a2f9974da3 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 3 Mar 2025 12:57:50 -0500
Subject: [PATCH 41/51] [maven-release-plugin] prepare release v3.2.1-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 7a8eb980..3c886c30 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.2.1-jakarta-SNAPSHOT</version>
+    <version>3.2.1-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 211fd872..d52c22f3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.2.1-jakarta-SNAPSHOT</version>
+  <version>3.2.1-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v3.2.1-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 21af4ac57d54a2c45044ea814b491ade879139f6 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 3 Mar 2025 12:57:53 -0500
Subject: [PATCH 42/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 3c886c30..06626890 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>3.2.1-jakarta</version>
+    <version>3.2.2-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index d52c22f3..753e553f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>3.2.1-jakarta</version>
+  <version>3.2.2-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v3.2.1-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From dac941e4521184037e2a9efd1f434d890011d3cf Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 5 Sep 2025 04:17:14 -0400
Subject: [PATCH 43/51] [maven-release-plugin] prepare release v4.0.0-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index a2bc838f..304f42ae 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>4.0.0-jakarta-SNAPSHOT</version>
+    <version>4.0.0-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index e819c825..7bc7cfdc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>4.0.0-jakarta-SNAPSHOT</version>
+  <version>4.0.0-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v4.0.0-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 27d582ff898747249492470c6173c5f85ff55351 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 5 Sep 2025 04:17:16 -0400
Subject: [PATCH 44/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 304f42ae..cd518b40 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>4.0.0-jakarta</version>
+    <version>4.0.1-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 7bc7cfdc..245485dc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>4.0.0-jakarta</version>
+  <version>4.0.1-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v4.0.0-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From b9948d9e62c4ccbe109dfa03c6b9426f21c9b3e0 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 5 Sep 2025 13:56:15 -0400
Subject: [PATCH 45/51] Add select grant on subscription tables to useraccts_w

---
 EuPathDB/data/create_subscription_tables_oracle.sql | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/EuPathDB/data/create_subscription_tables_oracle.sql b/EuPathDB/data/create_subscription_tables_oracle.sql
index 63bdcb8c..8c915983 100644
--- a/EuPathDB/data/create_subscription_tables_oracle.sql
+++ b/EuPathDB/data/create_subscription_tables_oracle.sql
@@ -73,13 +73,13 @@ CREATE SEQUENCE USERACCOUNTS.SUBSCRIPTION_GROUPS_PKSEQ
 
 -- permissions
 GRANT SELECT ON "USERACCOUNTS"."SUBSCRIPTIONS" TO "USERACCTS_R";
-GRANT INSERT, UPDATE, DELETE ON "USERACCOUNTS"."SUBSCRIPTIONS" TO "USERACCTS_W";
+GRANT SELECT, INSERT, UPDATE, DELETE ON "USERACCOUNTS"."SUBSCRIPTIONS" TO "USERACCTS_W";
 GRANT SELECT ON "USERACCOUNTS"."INVOICES" TO "USERACCTS_R";
-GRANT INSERT, UPDATE, DELETE ON "USERACCOUNTS"."INVOICES" TO "USERACCTS_W";
+GRANT SELECT, INSERT, UPDATE, DELETE ON "USERACCOUNTS"."INVOICES" TO "USERACCTS_W";
 GRANT SELECT ON "USERACCOUNTS"."SUBSCRIPTION_GROUPS" TO "USERACCTS_R";
-GRANT INSERT, UPDATE, DELETE ON "USERACCOUNTS"."SUBSCRIPTION_GROUPS" TO "USERACCTS_W";
+GRANT SELECT, INSERT, UPDATE, DELETE ON "USERACCOUNTS"."SUBSCRIPTION_GROUPS" TO "USERACCTS_W";
 GRANT SELECT ON "USERACCOUNTS"."SUBSCRIPTION_GROUP_LEADS" TO "USERACCTS_R";
-GRANT INSERT, UPDATE, DELETE ON "USERACCOUNTS"."SUBSCRIPTION_GROUP_LEADS" TO "USERACCTS_W";
+GRANT SELECT, INSERT, UPDATE, DELETE ON "USERACCOUNTS"."SUBSCRIPTION_GROUP_LEADS" TO "USERACCTS_W";
 
 GRANT SELECT ON "USERACCOUNTS"."SUBSCRIPTIONS_PKSEQ" TO "USERACCTS_R";
 GRANT SELECT ON "USERACCOUNTS"."SUBSCRIPTION_GROUPS_PKSEQ" TO "USERACCTS_R";

From 27904ca46dc1b716dc35e68b2a833191ebd40d72 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 8 Sep 2025 08:42:41 -0400
Subject: [PATCH 46/51] Read groups file in UTF-8 and allow admins to delete
 users

---
 .../eupathdb/AccountDbAuthenticator.java      |  2 ++
 .../SubscriptionGroupReloader.java            |  3 ++-
 .../java/org/gusdb/oauth2/Authenticator.java  |  8 ++++++
 .../gusdb/oauth2/service/OAuthService.java    | 25 ++++++++++++-------
 4 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/AccountDbAuthenticator.java b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/AccountDbAuthenticator.java
index 9df4c276..790da147 100644
--- a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/AccountDbAuthenticator.java
+++ b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/AccountDbAuthenticator.java
@@ -64,6 +64,8 @@ private static enum JsonKey {
 
   public DatabaseInstance getAccountDb() { return _accountDb; }
   public String getUserAccountsSchema() { return _schema; }
+
+  @Override
   public List<String> getAdminUserIds() { return _adminUserIds; }
 
   @Override
diff --git a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/subscriptions/SubscriptionGroupReloader.java b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/subscriptions/SubscriptionGroupReloader.java
index 81960306..f2308e09 100644
--- a/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/subscriptions/SubscriptionGroupReloader.java
+++ b/EuPathDB/src/main/java/org/gusdb/oauth2/eupathdb/subscriptions/SubscriptionGroupReloader.java
@@ -3,6 +3,7 @@
 import java.io.BufferedReader;
 import java.io.FileReader;
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.sql.Types;
@@ -154,7 +155,7 @@ public JSONObject loadSubscriptions(Path accountsFile, boolean returnGroupDetail
 
     // first load accounts file
     LOG.info("Opening accounts file");
-    try (BufferedReader in = new BufferedReader(new FileReader(accountsFile.toFile()))) {
+    try (BufferedReader in = new BufferedReader(new FileReader(accountsFile.toFile(), StandardCharsets.UTF_8))) {
       String[] headerTokens = in.readLine().split("\t"); // read header
 
       JSONArray discoveredColumns = new JSONArray();
diff --git a/Server/src/main/java/org/gusdb/oauth2/Authenticator.java b/Server/src/main/java/org/gusdb/oauth2/Authenticator.java
index 9808d23b..72efb27a 100644
--- a/Server/src/main/java/org/gusdb/oauth2/Authenticator.java
+++ b/Server/src/main/java/org/gusdb/oauth2/Authenticator.java
@@ -1,6 +1,7 @@
 package org.gusdb.oauth2;
 
 import java.util.AbstractMap;
+import java.util.List;
 import java.util.Optional;
 
 import javax.json.JsonObject;
@@ -223,4 +224,11 @@ public default String getNextGuestId() {
    */
   public void updateLastLoginTimestamp(String userId);
 
+  /**
+   * Provide a list of admin user IDs for users who can perform admin operations
+   *
+   * @return list of admin user IDs
+   */
+  public List<String> getAdminUserIds();
+
 }
diff --git a/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java b/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
index d0c89d4e..ae24d13f 100644
--- a/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
+++ b/Server/src/main/java/org/gusdb/oauth2/service/OAuthService.java
@@ -510,22 +510,29 @@ public Response deleteUser(String body) {
         return Response.status(Status.UNAUTHORIZED).build();
       }
       String token = OAuthClient.getTokenFromAuthHeader(authHeader);
-      RequestingUser user = parseRequestingUser(token);
-      if (user.isGuest()) {
-        LOG.warn("Denying deletion request for guest user: " + user.getUserId());
+      RequestingUser requestingUser = parseRequestingUser(token);
+      if (requestingUser.isGuest()) {
+        LOG.warn("Denying deletion request for guest user: " + requestingUser.getUserId());
         return Response.status(Status.FORBIDDEN).build();
       }
 
-      // make sure credentials match the user to be deleted
-      String userIdStr = input.getString("userId");
-      if (userIdStr == null || !user.getUserId().equals(userIdStr.toString())) {
-        LOG.warn("Denying deletion request.  Requesting user " + user.getUserId() + " asked to delete user " + userIdStr);
+      // make sure user ID is specified
+      String userToBeDeleted = input.getString("userId");
+      if (userToBeDeleted == null) {
+        LOG.warn("Request made to delete user but no ID provided.");
+        return Response.status(Status.BAD_REQUEST).entity("No user ID provided.").build();
+      }
+
+      // make sure credentials match the user to be deleted or an admin
+      String requestingUserId = requestingUser.getUserId();
+      if (!(requestingUserId.equals(userToBeDeleted.toString()) || authenticator.getAdminUserIds().contains(requestingUserId))) {
+        LOG.warn("Denying deletion request.  Requesting user " + requestingUser.getUserId() + " asked to delete user " + userToBeDeleted);
         return Response.status(Status.FORBIDDEN).build();
       }
 
       // non guest user with proper credentials from an allowed client; delete this user
-      LOG.info("Deleting user with ID " + user.getUserId());
-      authenticator.deleteUser(user.getUserId());
+      LOG.info("Deleting user with ID " + requestingUser.getUserId());
+      authenticator.deleteUser(requestingUser.getUserId());
 
       return Response.noContent().build();
     }

From 9278a957bc594c27076c21d3daa39ca73ea46e01 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 8 Sep 2025 21:40:43 -0400
Subject: [PATCH 47/51] Slight API change in deleteUser so any user can be
 deleted

---
 .../java/org/gusdb/oauth2/client/OAuthClient.java   | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java b/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
index 75a2c3eb..b247ef8d 100644
--- a/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
+++ b/Client/src/main/java/org/gusdb/oauth2/client/OAuthClient.java
@@ -459,12 +459,21 @@ public JSONObject modifyUser(OAuthConfig oauthConfig, ValidatedToken token, Map<
     ));
   }
 
-  public void deleteUser(OAuthConfig oauthConfig, ValidatedToken token) {
+  /**
+   * Attempts to delete the user with the passed ID.  On the OAuth Server,
+   * the token must represent the user to be deleted (user is deleting
+   * themselves) or must represent an admin user.
+   *
+   * @param oauthConfig configuration of OAuth client
+   * @param token valid bearer token for the user trying to perform this action
+   * @param userIdToDelete ID of the user to delete
+   */
+  public void deleteUser(OAuthConfig oauthConfig, ValidatedToken token, String userIdToDelete) {
     try {
       performCredentialsBasedRequest(
           Endpoints.USER_DELETE,
           oauthConfig,
-          json -> json.put("userId", token.getUserId()),
+          json -> json.put("userId", userIdToDelete),
           (builder,entity) -> builder
             .header(HttpHeaders.AUTHORIZATION, getAuthorizationHeaderValue(token))
             .post(entity)

From f02e695d2f89616c31597ba266c81b9c5aa650b1 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 8 Sep 2025 21:47:12 -0400
Subject: [PATCH 48/51] [maven-release-plugin] prepare release v4.0.1-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index cd518b40..2c0ef6a7 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>4.0.1-jakarta-SNAPSHOT</version>
+    <version>4.0.1-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 245485dc..8aa3fb3c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>4.0.1-jakarta-SNAPSHOT</version>
+  <version>4.0.1-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v4.0.1-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 13df676433810f5d94ff8caf631bd304acbfc030 Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Mon, 8 Sep 2025 21:47:14 -0400
Subject: [PATCH 49/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 2c0ef6a7..dd359ae9 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>4.0.1-jakarta</version>
+    <version>4.0.2-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index 8aa3fb3c..77c70d80 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>4.0.1-jakarta</version>
+  <version>4.0.2-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v4.0.1-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>

From efe6fbe5d6eae9b52959389dcec6d5036e7f790a Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 17 Oct 2025 09:26:28 -0400
Subject: [PATCH 50/51] [maven-release-plugin] prepare release v4.1.0-jakarta

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index ce846802..5557eb5a 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>4.1.0-jakarta-SNAPSHOT</version>
+    <version>4.1.0-jakarta</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index d94fb638..bef01cc5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>4.1.0-jakarta-SNAPSHOT</version>
+  <version>4.1.0-jakarta</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>HEAD</tag>
+    <tag>v4.1.0-jakarta</tag>
   </scm>
 
   <distributionManagement>

From 3b04dcb777298f5ce6e804c59126901c7df63a9f Mon Sep 17 00:00:00 2001
From: Ryan Doherty <tech@conical.org>
Date: Fri, 17 Oct 2025 09:26:30 -0400
Subject: [PATCH 51/51] [maven-release-plugin] prepare for next development
 iteration

---
 Client/pom.xml | 2 +-
 pom.xml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Client/pom.xml b/Client/pom.xml
index 5557eb5a..5d009313 100644
--- a/Client/pom.xml
+++ b/Client/pom.xml
@@ -8,7 +8,7 @@
   <parent>
     <groupId>org.gusdb</groupId>
     <artifactId>oauth2</artifactId>
-    <version>4.1.0-jakarta</version>
+    <version>4.1.1-jakarta-SNAPSHOT</version>
   </parent>
 
   <dependencies>
diff --git a/pom.xml b/pom.xml
index bef01cc5..e0c7716a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <name>OAuth2</name>
   <artifactId>oauth2</artifactId>
   <packaging>pom</packaging>
-  <version>4.1.0-jakarta</version>
+  <version>4.1.1-jakarta-SNAPSHOT</version>
 
   <parent>
     <groupId>org.gusdb</groupId>
@@ -31,7 +31,7 @@
 
   <scm>
     <developerConnection>scm:git:ssh://github.com/VEuPathDB/OAuth2Server</developerConnection>
-    <tag>v4.1.0-jakarta</tag>
+    <tag>HEAD</tag>
   </scm>
 
   <distributionManagement>