Playframework oauth small upgrade (#12332)

* update surefire to newer version

* small tweak to add support for "leeway" when verifying oauth tokens.

Co-authored-by: William Cheng <wing328hk@gmail.com>
Co-authored-by: Bruno Flamand <bflamand@stingray.com>

samples/server/petstore/java-play-framework-async/app/openapitools/SecurityAPIUtils.java

@@ -42,6 +42,7 @@ public class SecurityAPIUtils {
     private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
     private final String clientId;
     private final String clientSecret;
+    private final long leeway;
 
     // Offline validation
     private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@@ -54,6 +55,7 @@ public class SecurityAPIUtils {
 
         clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
         clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
+        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
 
         tokenIntrospectEndpoints.put("petstore_auth", "");
 
@@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                 Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                 tokenVerifier = JWT.require(algorithm)
                         .withIssuer(issuer)
+                        .acceptLeeway(leeway)
                         .build();
                 tokenKeyId = keyId;
             }