From 7fe16ec6159e9796572d1dd1337da66a1be8edf0 Mon Sep 17 00:00:00 2001
From: Petr Dvorak <petr@wultra.com>
Date: Tue, 8 Jun 2021 20:00:13 +0200
Subject: [PATCH 01/36] Fix #283: Remove the "base" project since it is no
 longer needed

---
 pom.xml                                       |  1 -
 powerauth-restful-security-base/pom.xml       | 75 -------------------
 .../PowerAuthAnnotationInterceptor.java       | 14 ++--
 .../PowerAuthEncryptionArgumentResolver.java  | 10 ++-
 .../PowerAuthWebArgumentResolver.java         |  7 +-
 .../PowerAuthApiAuthentication.java           |  2 +-
 .../PowerAuthAuthentication.java              |  2 +-
 .../PowerAuthSignatureAuthentication.java     |  2 +-
 .../PowerAuthTokenAuthentication.java         |  2 +-
 .../PowerAuthApiAuthenticationImpl.java       |  4 +-
 .../PowerAuthSignatureAuthenticationImpl.java |  4 +-
 .../PowerAuthTokenAuthenticationImpl.java     |  4 +-
 .../encryption/EciesEncryptionContext.java    |  2 +-
 .../spring/encryption/EncryptorFactory.java   |  3 +-
 .../PowerAuthEciesDecryptorParameters.java    |  2 +-
 .../encryption/PowerAuthEciesEncryption.java  |  2 +-
 .../PowerAuthNonPersonalizedEncryptor.java    |  2 +-
 .../PowerAuthActivationException.java         |  2 +-
 .../PowerAuthAuthenticationException.java     |  2 +-
 .../PowerAuthEncryptionException.java         |  2 +-
 .../exception/PowerAuthRecoveryException.java |  2 +-
 .../PowerAuthSecureVaultException.java        |  2 +-
 .../exception/PowerAuthUpgradeException.java  |  2 +-
 .../PowerAuthHeaderMissingException.java      |  4 +-
 .../PowerAuthInvalidRequestException.java     |  4 +-
 ...owerAuthRecoveryConfirmationException.java |  4 +-
 .../PowerAuthRequestFilterException.java      |  4 +-
 .../PowerAuthSignatureErrorException.java     |  4 +-
 .../PowerAuthSignatureInvalidException.java   |  4 +-
 ...owerAuthSignatureTypeInvalidException.java |  4 +-
 .../PowerAuthTokenErrorException.java         |  4 +-
 .../PowerAuthTokenInvalidException.java       |  4 +-
 .../filter/EncryptionResponseBodyAdvice.java  |  4 +-
 .../spring/filter/PowerAuthRequestFilter.java |  1 -
 .../filter/PowerAuthRequestFilterBase.java    |  6 +-
 .../ResettableStreamHttpServletRequest.java   |  2 +-
 .../spring}/model/PowerAuthRequestBody.java   |  2 +-
 .../model/PowerAuthRequestObjects.java        |  2 +-
 .../provider/CustomActivationProvider.java    |  4 +-
 .../PowerAuthAuthenticationProvider.java      | 20 +++--
 .../PowerAuthAuthenticationProviderBase.java  | 14 ++--
 .../provider/PowerAuthEncryptionProvider.java |  5 +-
 .../PowerAuthEncryptionProviderBase.java      | 14 ++--
 .../PowerAuthApplicationConfiguration.java    |  2 +-
 .../controller/v2/ActivationController.java   | 10 +--
 .../controller/v2/SecureVaultController.java  |  8 +-
 .../controller/v2/SignatureController.java    |  8 +-
 .../spring/controller/v2/TokenController.java |  8 +-
 .../controller/v3/ActivationController.java   | 14 ++--
 .../controller/v3/RecoveryController.java     |  8 +-
 .../controller/v3/SecureVaultController.java  |  8 +-
 .../controller/v3/SignatureController.java    |  8 +-
 .../spring/controller/v3/TokenController.java |  8 +-
 .../controller/v3/UpgradeController.java      |  6 +-
 .../exception/PowerAuthExceptionHandler.java  |  1 -
 .../spring/service/v2/ActivationService.java  |  2 +-
 .../spring/service/v2/SecureVaultService.java |  8 +-
 .../api/spring/service/v2/TokenService.java   |  6 +-
 .../spring/service/v3/ActivationService.java  | 14 ++--
 .../spring/service/v3/RecoveryService.java    |  8 +-
 .../spring/service/v3/SecureVaultService.java |  8 +-
 .../api/spring/service/v3/TokenService.java   |  8 +-
 .../api/spring/service/v3/UpgradeService.java | 10 +--
 .../ApplicationConfiguration.java             |  2 +-
 .../configuration/WebApplicationConfig.java   |  6 +-
 .../controller/AuthenticationController.java  |  6 +-
 .../v2/CustomActivationController.java        |  6 +-
 .../v2/EncryptedDataExchangeController.java   |  4 +-
 .../v3/EncryptedDataExchangeController.java   | 10 +--
 .../DefaultCustomActivationProvider.java      |  2 +-
 70 files changed, 187 insertions(+), 262 deletions(-)
 delete mode 100644 powerauth-restful-security-base/pom.xml
 rename powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/{ => support}/PowerAuthAnnotationInterceptor.java (94%)
 rename powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/{ => support}/PowerAuthEncryptionArgumentResolver.java (92%)
 rename powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/{ => support}/PowerAuthWebArgumentResolver.java (89%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/authentication/PowerAuthApiAuthentication.java (98%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/authentication/PowerAuthAuthentication.java (93%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/authentication/PowerAuthSignatureAuthentication.java (98%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/authentication/PowerAuthTokenAuthentication.java (97%)
 rename powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/{ => impl}/PowerAuthApiAuthenticationImpl.java (98%)
 rename powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/{ => impl}/PowerAuthSignatureAuthenticationImpl.java (98%)
 rename powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/{ => impl}/PowerAuthTokenAuthenticationImpl.java (97%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/encryption/EciesEncryptionContext.java (98%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/encryption/PowerAuthEciesDecryptorParameters.java (96%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/encryption/PowerAuthEciesEncryption.java (98%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/encryption/PowerAuthNonPersonalizedEncryptor.java (99%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/PowerAuthActivationException.java (97%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/PowerAuthAuthenticationException.java (97%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/PowerAuthEncryptionException.java (97%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/PowerAuthRecoveryException.java (98%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/PowerAuthSecureVaultException.java (97%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/PowerAuthUpgradeException.java (96%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthHeaderMissingException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthInvalidRequestException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthRecoveryConfirmationException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthRequestFilterException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthSignatureErrorException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthSignatureInvalidException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthSignatureTypeInvalidException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthTokenErrorException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/exception/authentication/PowerAuthTokenInvalidException.java (91%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/filter/PowerAuthRequestFilterBase.java (95%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/filter/ResettableStreamHttpServletRequest.java (98%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/model/PowerAuthRequestBody.java (96%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/model/PowerAuthRequestObjects.java (92%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/provider/CustomActivationProvider.java (98%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/provider/PowerAuthAuthenticationProviderBase.java (94%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring}/provider/PowerAuthEncryptionProviderBase.java (96%)
 rename {powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base => powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring}/application/PowerAuthApplicationConfiguration.java (95%)

diff --git a/pom.xml b/pom.xml
index a533d9c8..a3cd153e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -69,7 +69,6 @@
 
     <modules>
         <module>powerauth-restful-model</module>
-        <module>powerauth-restful-security-base</module>
         <module>powerauth-restful-security-spring</module>
         <module>powerauth-restful-security-spring-annotation</module>
         <module>powerauth-restful-server-spring</module>
diff --git a/powerauth-restful-security-base/pom.xml b/powerauth-restful-security-base/pom.xml
deleted file mode 100644
index 4bd59fec..00000000
--- a/powerauth-restful-security-base/pom.xml
+++ /dev/null
@@ -1,75 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-~ PowerAuth integration libraries for RESTful API applications, examples and
-~ related software components
-~
-~ Copyright (C) 2018 Wultra s.r.o.
-~
-~ This program is free software: you can redistribute it and/or modify
-~ it under the terms of the GNU Affero General Public License as published
-~ by the Free Software Foundation, either version 3 of the License, or
-~ (at your option) any later version.
-~
-~ This program is distributed in the hope that it will be useful,
-~ but WITHOUT ANY WARRANTY; without even the implied warranty of
-~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-~ GNU Affero General Public License for more details.
-~
-~ You should have received a copy of the GNU Affero General Public License
-~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-
-    <modelVersion>4.0.0</modelVersion>
-    <artifactId>powerauth-restful-security-base</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
-
-    <parent>
-        <artifactId>powerauth-restful-integration-parent</artifactId>
-        <groupId>io.getlime.security</groupId>
-        <version>1.1.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
-    </parent>
-
-    <dependencies>
-
-        <!-- PowerAuth Dependencies -->
-        <dependency>
-            <groupId>io.getlime.security</groupId>
-            <artifactId>powerauth-java-crypto</artifactId>
-            <version>1.1.0-SNAPSHOT</version>
-        </dependency>
-        <dependency>
-            <groupId>io.getlime.security</groupId>
-            <artifactId>powerauth-java-http</artifactId>
-            <version>1.1.0-SNAPSHOT</version>
-        </dependency>
-        <dependency>
-            <groupId>io.getlime.security</groupId>
-            <artifactId>powerauth-restful-model</artifactId>
-            <version>1.1.0-SNAPSHOT</version>
-        </dependency>
-
-        <!-- Other Dependencies -->
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${javax.servlet-api.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>com.fasterxml.jackson.core</groupId>
-            <artifactId>jackson-databind</artifactId>
-            <version>${jackson-databind.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.commons</groupId>
-            <artifactId>commons-text</artifactId>
-            <version>${commons-text.version}</version>
-        </dependency>
-
-    </dependencies>
-
-</project>
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthAnnotationInterceptor.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
similarity index 94%
rename from powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthAnnotationInterceptor.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
index 715b76a0..afbbb84b 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthAnnotationInterceptor.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
@@ -17,15 +17,19 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.annotation;
+package io.getlime.security.powerauth.rest.api.spring.annotation.support;
 
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
 import io.getlime.security.powerauth.http.PowerAuthTokenHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthEncryptionException;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
+import io.getlime.security.powerauth.rest.api.spring.annotation.EncryptedRequestBody;
+import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
+import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryption;
+import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthToken;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 import io.getlime.security.powerauth.rest.api.spring.provider.PowerAuthAuthenticationProvider;
 import io.getlime.security.powerauth.rest.api.spring.provider.PowerAuthEncryptionProvider;
 import org.apache.commons.text.StringSubstitutor;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthEncryptionArgumentResolver.java
similarity index 92%
rename from powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthEncryptionArgumentResolver.java
index 99258508..99f7e8ea 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthEncryptionArgumentResolver.java
@@ -17,12 +17,14 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.annotation;
+package io.getlime.security.powerauth.rest.api.spring.annotation.support;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
-import io.getlime.security.powerauth.rest.api.base.encryption.EciesEncryptionContext;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthEciesEncryption;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
+import io.getlime.security.powerauth.rest.api.spring.annotation.EncryptedRequestBody;
+import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryption;
+import io.getlime.security.powerauth.rest.api.spring.encryption.EciesEncryptionContext;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEciesEncryption;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.core.MethodParameter;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthWebArgumentResolver.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
similarity index 89%
rename from powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthWebArgumentResolver.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
index ea62d731..2f2f8285 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthWebArgumentResolver.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
@@ -17,10 +17,11 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.annotation;
+package io.getlime.security.powerauth.rest.api.spring.annotation.support;
 
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
+import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 import org.springframework.core.MethodParameter;
 import org.springframework.lang.NonNull;
 import org.springframework.web.bind.support.WebDataBinderFactory;
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthApiAuthentication.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
similarity index 98%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthApiAuthentication.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
index b4bcd9c1..7f1e4127 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthApiAuthentication.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.authentication;
+package io.getlime.security.powerauth.rest.api.spring.authentication;
 
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthAuthentication.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthAuthentication.java
similarity index 93%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthAuthentication.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthAuthentication.java
index 9e684a4a..d6b42475 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthAuthentication.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthAuthentication.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.authentication;
+package io.getlime.security.powerauth.rest.api.spring.authentication;
 
 /**
  * Base interface for all PowerAuth inbound authentication interfaces.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthSignatureAuthentication.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthSignatureAuthentication.java
similarity index 98%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthSignatureAuthentication.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthSignatureAuthentication.java
index a9ac45e7..506d0e9c 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthSignatureAuthentication.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthSignatureAuthentication.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.authentication;
+package io.getlime.security.powerauth.rest.api.spring.authentication;
 
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
 
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthTokenAuthentication.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthTokenAuthentication.java
similarity index 97%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthTokenAuthentication.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthTokenAuthentication.java
index 3c96042f..7d58d15c 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/authentication/PowerAuthTokenAuthentication.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthTokenAuthentication.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.authentication;
+package io.getlime.security.powerauth.rest.api.spring.authentication;
 
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
 
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthenticationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
similarity index 98%
rename from powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthenticationImpl.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
index c150b188..ae261b9a 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthenticationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
@@ -17,11 +17,11 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.authentication;
+package io.getlime.security.powerauth.rest.api.spring.authentication.impl;
 
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthSignatureAuthenticationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthSignatureAuthenticationImpl.java
similarity index 98%
rename from powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthSignatureAuthenticationImpl.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthSignatureAuthenticationImpl.java
index c9bf4d3b..70cc1c50 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthSignatureAuthenticationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthSignatureAuthenticationImpl.java
@@ -17,10 +17,10 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.authentication;
+package io.getlime.security.powerauth.rest.api.spring.authentication.impl;
 
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthSignatureAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthSignatureAuthentication;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 
 /**
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthTokenAuthenticationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthTokenAuthenticationImpl.java
similarity index 97%
rename from powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthTokenAuthenticationImpl.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthTokenAuthenticationImpl.java
index b2659d81..c444eec1 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthTokenAuthenticationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthTokenAuthenticationImpl.java
@@ -17,10 +17,10 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.authentication;
+package io.getlime.security.powerauth.rest.api.spring.authentication.impl;
 
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthTokenAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthTokenAuthentication;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 
 /**
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/EciesEncryptionContext.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/EciesEncryptionContext.java
similarity index 98%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/EciesEncryptionContext.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/EciesEncryptionContext.java
index 2ea5b66c..a02c9382 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/EciesEncryptionContext.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/EciesEncryptionContext.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.encryption;
+package io.getlime.security.powerauth.rest.api.spring.encryption;
 
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesScope;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/EncryptorFactory.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/EncryptorFactory.java
index 7e81b2fb..2d99fc9f 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/EncryptorFactory.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/EncryptorFactory.java
@@ -23,9 +23,8 @@
 import com.wultra.security.powerauth.client.model.error.PowerAuthClientException;
 import com.wultra.security.powerauth.client.v2.GetNonPersonalizedEncryptionKeyResponse;
 import io.getlime.core.rest.model.base.request.ObjectRequest;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthNonPersonalizedEncryptor;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthEncryptionException;
 import io.getlime.security.powerauth.rest.api.model.entity.NonPersonalizedEncryptedPayloadModel;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesDecryptorParameters.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthEciesDecryptorParameters.java
similarity index 96%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesDecryptorParameters.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthEciesDecryptorParameters.java
index 2536cf66..acdc2aa6 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesDecryptorParameters.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthEciesDecryptorParameters.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.encryption;
+package io.getlime.security.powerauth.rest.api.spring.encryption;
 
 /**
  * Class used for storing ECIES decryptor parameters.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesEncryption.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthEciesEncryption.java
similarity index 98%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesEncryption.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthEciesEncryption.java
index a45f5834..34d8bbf9 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesEncryption.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthEciesEncryption.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.encryption;
+package io.getlime.security.powerauth.rest.api.spring.encryption;
 
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.EciesDecryptor;
 
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthNonPersonalizedEncryptor.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthNonPersonalizedEncryptor.java
similarity index 99%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthNonPersonalizedEncryptor.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthNonPersonalizedEncryptor.java
index 820722cc..c36e8cd2 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthNonPersonalizedEncryptor.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/encryption/PowerAuthNonPersonalizedEncryptor.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.encryption;
+package io.getlime.security.powerauth.rest.api.spring.encryption;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthActivationException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthActivationException.java
similarity index 97%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthActivationException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthActivationException.java
index 89ef2b76..fa201ca5 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthActivationException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthActivationException.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception;
+package io.getlime.security.powerauth.rest.api.spring.exception;
 
 /**
  * Exception related to processes during a new activation process.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthAuthenticationException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthAuthenticationException.java
similarity index 97%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthAuthenticationException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthAuthenticationException.java
index a77cf89f..cbd8b8a8 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthAuthenticationException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthAuthenticationException.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception;
+package io.getlime.security.powerauth.rest.api.spring.exception;
 
 /**
  * Exception raised in case PowerAuth authentication fails.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthEncryptionException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthEncryptionException.java
similarity index 97%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthEncryptionException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthEncryptionException.java
index 87111890..64ae1c04 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthEncryptionException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthEncryptionException.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception;
+package io.getlime.security.powerauth.rest.api.spring.exception;
 
 /**
  * Exception raised in case encryption or decryption fails.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthRecoveryException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthRecoveryException.java
similarity index 98%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthRecoveryException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthRecoveryException.java
index 33bed644..80721ccc 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthRecoveryException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthRecoveryException.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception;
+package io.getlime.security.powerauth.rest.api.spring.exception;
 
 /**
  * Exception thrown in case PowerAuth recovery fails, with optional current PUK index.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthSecureVaultException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthSecureVaultException.java
similarity index 97%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthSecureVaultException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthSecureVaultException.java
index ee0d6232..e676947c 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthSecureVaultException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthSecureVaultException.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception;
+package io.getlime.security.powerauth.rest.api.spring.exception;
 
 /**
  * Exception related to processes during a new secure vault unlocking.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthUpgradeException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthUpgradeException.java
similarity index 96%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthUpgradeException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthUpgradeException.java
index 91eb3ab0..d5af05f7 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/PowerAuthUpgradeException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthUpgradeException.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception;
+package io.getlime.security.powerauth.rest.api.spring.exception;
 
 /**
  * Exception raised in case PowerAuth upgrade fails.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthHeaderMissingException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthHeaderMissingException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthHeaderMissingException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthHeaderMissingException.java
index 6ac87fbd..cc2a8652 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthHeaderMissingException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthHeaderMissingException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth HTTP header is missing.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthInvalidRequestException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthInvalidRequestException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthInvalidRequestException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthInvalidRequestException.java
index e3b95a4e..42ab5a21 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthInvalidRequestException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthInvalidRequestException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth authentication request is invalid.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthRecoveryConfirmationException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthRecoveryConfirmationException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthRecoveryConfirmationException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthRecoveryConfirmationException.java
index c6238b24..5fd70d88 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthRecoveryConfirmationException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthRecoveryConfirmationException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth recovery confirmation fails with an error.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthRequestFilterException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthRequestFilterException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthRequestFilterException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthRequestFilterException.java
index b2df43ac..571368b1 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthRequestFilterException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthRequestFilterException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth authentication request filter is missing.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureErrorException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureErrorException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureErrorException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureErrorException.java
index 638ea253..0a818b8e 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureErrorException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureErrorException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth signature validation fails with an error.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureInvalidException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureInvalidException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureInvalidException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureInvalidException.java
index 53964857..253ca895 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureInvalidException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureInvalidException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth signature validation fails.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureTypeInvalidException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureTypeInvalidException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureTypeInvalidException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureTypeInvalidException.java
index 49b3d40c..678a7849 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthSignatureTypeInvalidException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthSignatureTypeInvalidException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth signature type is invalid.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthTokenErrorException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthTokenErrorException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthTokenErrorException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthTokenErrorException.java
index 922feacd..7d386678 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthTokenErrorException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthTokenErrorException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth token validation fails with an error.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthTokenInvalidException.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthTokenInvalidException.java
similarity index 91%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthTokenInvalidException.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthTokenInvalidException.java
index 59478a83..50596161 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/exception/authentication/PowerAuthTokenInvalidException.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/authentication/PowerAuthTokenInvalidException.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.exception.authentication;
+package io.getlime.security.powerauth.rest.api.spring.exception.authentication;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 
 /**
  * Exception raised in case PowerAuth token validation fails.
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
index c3488ea9..ca9ea687 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
@@ -23,8 +23,8 @@
 import com.google.common.io.BaseEncoding;
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.EciesDecryptor;
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesCryptogram;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthEciesEncryption;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEciesEncryption;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryption;
 import org.slf4j.Logger;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/PowerAuthRequestFilter.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/PowerAuthRequestFilter.java
index 26f733b7..dcb9fb55 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/PowerAuthRequestFilter.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/PowerAuthRequestFilter.java
@@ -19,7 +19,6 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.filter;
 
-import io.getlime.security.powerauth.rest.api.base.filter.PowerAuthRequestFilterBase;
 import org.springframework.lang.NonNull;
 import org.springframework.web.filter.OncePerRequestFilter;
 
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/filter/PowerAuthRequestFilterBase.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/PowerAuthRequestFilterBase.java
similarity index 95%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/filter/PowerAuthRequestFilterBase.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/PowerAuthRequestFilterBase.java
index bb1a3ad6..58c68d98 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/filter/PowerAuthRequestFilterBase.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/PowerAuthRequestFilterBase.java
@@ -17,13 +17,13 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.filter;
+package io.getlime.security.powerauth.rest.api.spring.filter;
 
 import io.getlime.security.powerauth.http.PowerAuthEncryptionHttpHeader;
 import io.getlime.security.powerauth.http.PowerAuthRequestCanonizationUtils;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestBody;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestBody;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/filter/ResettableStreamHttpServletRequest.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/ResettableStreamHttpServletRequest.java
similarity index 98%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/filter/ResettableStreamHttpServletRequest.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/ResettableStreamHttpServletRequest.java
index 40dcd6b4..fadc265a 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/filter/ResettableStreamHttpServletRequest.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/ResettableStreamHttpServletRequest.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.filter;
+package io.getlime.security.powerauth.rest.api.spring.filter;
 
 import com.google.common.io.ByteStreams;
 
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/model/PowerAuthRequestBody.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestBody.java
similarity index 96%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/model/PowerAuthRequestBody.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestBody.java
index f1f29e5a..8c50acac 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/model/PowerAuthRequestBody.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestBody.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.model;
+package io.getlime.security.powerauth.rest.api.spring.model;
 
 /**
  * Class representing HTTP request body.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/model/PowerAuthRequestObjects.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
similarity index 92%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/model/PowerAuthRequestObjects.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
index 083e2f69..195d36a4 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/model/PowerAuthRequestObjects.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
@@ -1,4 +1,4 @@
-package io.getlime.security.powerauth.rest.api.base.model;
+package io.getlime.security.powerauth.rest.api.spring.model;
 
 /**
  * Class defining request objects stored in HTTP servlet request.
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/CustomActivationProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/CustomActivationProvider.java
similarity index 98%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/CustomActivationProvider.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/CustomActivationProvider.java
index 125eb735..afb6c8d8 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/CustomActivationProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/CustomActivationProvider.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.provider;
+package io.getlime.security.powerauth.rest.api.spring.provider;
 
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthActivationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException;
 import io.getlime.security.powerauth.rest.api.model.entity.ActivationType;
 
 import java.util.Collections;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
index 3a54dfc7..fec6ded2 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
@@ -31,17 +31,15 @@
 import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
 import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
 import io.getlime.security.powerauth.http.validator.PowerAuthTokenHttpHeaderValidator;
-import io.getlime.security.powerauth.rest.api.base.application.PowerAuthApplicationConfiguration;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthHeaderMissingException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureTypeInvalidException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthTokenInvalidException;
-import io.getlime.security.powerauth.rest.api.base.provider.PowerAuthAuthenticationProviderBase;
-import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthenticationImpl;
-import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthSignatureAuthenticationImpl;
-import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthTokenAuthenticationImpl;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthApiAuthenticationImpl;
+import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthSignatureAuthenticationImpl;
+import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthTokenAuthenticationImpl;
 import io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthAuthenticationProviderBase.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
similarity index 94%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthAuthenticationProviderBase.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
index 9f21f113..a09bc18e 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthAuthenticationProviderBase.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
@@ -17,15 +17,15 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.provider;
+package io.getlime.security.powerauth.rest.api.spring.provider;
 
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthEciesEncryption;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthRequestFilterException;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestBody;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEciesEncryption;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthRequestFilterException;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestBody;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java
index 9c575d04..423e23da 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java
@@ -22,9 +22,8 @@
 import com.wultra.security.powerauth.client.PowerAuthClient;
 import com.wultra.security.powerauth.client.v3.GetEciesDecryptorRequest;
 import com.wultra.security.powerauth.client.v3.GetEciesDecryptorResponse;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthEciesDecryptorParameters;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthEncryptionException;
-import io.getlime.security.powerauth.rest.api.base.provider.PowerAuthEncryptionProviderBase;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEciesDecryptorParameters;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java
similarity index 96%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java
index 904ade93..88b9a941 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.provider;
+package io.getlime.security.powerauth.rest.api.spring.provider;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -32,12 +32,12 @@
 import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
 import io.getlime.security.powerauth.http.validator.PowerAuthEncryptionHttpHeaderValidator;
 import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
-import io.getlime.security.powerauth.rest.api.base.encryption.EciesEncryptionContext;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthEciesDecryptorParameters;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthEciesEncryption;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthEncryptionException;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestBody;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
+import io.getlime.security.powerauth.rest.api.spring.encryption.EciesEncryptionContext;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEciesDecryptorParameters;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEciesEncryption;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestBody;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
 import org.slf4j.Logger;
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/application/PowerAuthApplicationConfiguration.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/application/PowerAuthApplicationConfiguration.java
similarity index 95%
rename from powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/application/PowerAuthApplicationConfiguration.java
rename to powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/application/PowerAuthApplicationConfiguration.java
index 228153de..00a6ba79 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/application/PowerAuthApplicationConfiguration.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/application/PowerAuthApplicationConfiguration.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.base.application;
+package io.getlime.security.powerauth.rest.api.spring.application;
 
 import java.util.Map;
 
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
index 2f1457af..2001b3a8 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
@@ -22,11 +22,11 @@
 import io.getlime.core.rest.model.base.request.ObjectRequest;
 import io.getlime.core.rest.model.base.response.ObjectResponse;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthActivationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v2.ActivationCreateRequest;
 import io.getlime.security.powerauth.rest.api.model.request.v3.ActivationStatusRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v2.ActivationCreateResponse;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SecureVaultController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SecureVaultController.java
index 7397fb63..bfd57d36 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SecureVaultController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SecureVaultController.java
@@ -24,10 +24,10 @@
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
 import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
 import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthSecureVaultException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v2.VaultUnlockRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v2.VaultUnlockResponse;
 import io.getlime.security.powerauth.rest.api.spring.service.v2.SecureVaultService;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
index 88986ffc..f1ab389e 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
@@ -21,10 +21,10 @@
 
 import io.getlime.core.rest.model.base.response.Response;
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
index 1a38dae2..f5ab39a6 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
@@ -22,10 +22,10 @@
 import io.getlime.core.rest.model.base.request.ObjectRequest;
 import io.getlime.core.rest.model.base.response.ObjectResponse;
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v2.TokenCreateRequest;
 import io.getlime.security.powerauth.rest.api.model.request.v3.TokenRemoveRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v2.TokenCreateResponse;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
index 4e54ce4a..10551718 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
@@ -23,13 +23,13 @@
 import io.getlime.core.rest.model.base.response.ObjectResponse;
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesScope;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.encryption.EciesEncryptionContext;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthActivationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthRecoveryException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.encryption.EciesEncryptionContext;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthRecoveryException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.ActivationLayer1Request;
 import io.getlime.security.powerauth.rest.api.model.request.v3.ActivationStatusRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.ActivationLayer1Response;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
index 41aada3b..443a6348 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
@@ -20,10 +20,10 @@
 package io.getlime.security.powerauth.rest.api.spring.controller.v3;
 
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SecureVaultController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SecureVaultController.java
index d41ebc8b..d74593f3 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SecureVaultController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SecureVaultController.java
@@ -22,10 +22,10 @@
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
 import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
 import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthSecureVaultException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
 import io.getlime.security.powerauth.rest.api.spring.service.v3.SecureVaultService;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
index 77809eb5..41769ad8 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
@@ -21,10 +21,10 @@
 
 import io.getlime.core.rest.model.base.response.Response;
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
index b353bc98..0a8976ab 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
@@ -22,10 +22,10 @@
 import io.getlime.core.rest.model.base.request.ObjectRequest;
 import io.getlime.core.rest.model.base.response.ObjectResponse;
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.request.v3.TokenRemoveRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/UpgradeController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/UpgradeController.java
index 4c5ce2f1..f0938ffd 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/UpgradeController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/UpgradeController.java
@@ -25,9 +25,9 @@
 import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
 import io.getlime.security.powerauth.http.validator.PowerAuthEncryptionHttpHeaderValidator;
 import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthUpgradeException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthUpgradeException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
 import io.getlime.security.powerauth.rest.api.spring.service.v3.UpgradeService;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthExceptionHandler.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthExceptionHandler.java
index 1ec4e4b6..c1a0967d 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthExceptionHandler.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/exception/PowerAuthExceptionHandler.java
@@ -20,7 +20,6 @@
 package io.getlime.security.powerauth.rest.api.spring.exception;
 
 import io.getlime.core.rest.model.base.response.ErrorResponse;
-import io.getlime.security.powerauth.rest.api.base.exception.*;
 import io.getlime.security.powerauth.rest.api.model.exception.RecoveryErrorResponse;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/ActivationService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/ActivationService.java
index dea94d87..d012da36 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/ActivationService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/ActivationService.java
@@ -21,7 +21,7 @@
 
 import com.wultra.security.powerauth.client.PowerAuthClient;
 import com.wultra.security.powerauth.client.v2.PrepareActivationResponse;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthActivationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException;
 import io.getlime.security.powerauth.rest.api.model.request.v2.ActivationCreateRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v2.ActivationCreateResponse;
 import org.slf4j.Logger;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/SecureVaultService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/SecureVaultService.java
index a8cf4fae..29dc6bcf 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/SecureVaultService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/SecureVaultService.java
@@ -26,10 +26,10 @@
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
 import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
 import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthSecureVaultException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureTypeInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v2.VaultUnlockRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v2.VaultUnlockResponse;
 import io.getlime.security.powerauth.rest.api.spring.converter.v2.SignatureTypeConverter;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
index 51f7718c..bf2de75d 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
@@ -22,9 +22,9 @@
 import com.wultra.security.powerauth.client.PowerAuthClient;
 import com.wultra.security.powerauth.client.v2.CreateTokenResponse;
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthTokenErrorException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenErrorException;
 import io.getlime.security.powerauth.rest.api.model.request.v2.TokenCreateRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v2.TokenCreateResponse;
 import io.getlime.security.powerauth.rest.api.spring.converter.v2.SignatureTypeConverter;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
index 7a97234a..02e1312d 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
@@ -23,13 +23,13 @@
 import com.wultra.security.powerauth.client.model.error.PowerAuthClientException;
 import com.wultra.security.powerauth.client.model.error.PowerAuthErrorRecovery;
 import com.wultra.security.powerauth.client.v3.*;
-import io.getlime.security.powerauth.rest.api.base.application.PowerAuthApplicationConfiguration;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.encryption.EciesEncryptionContext;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthActivationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthRecoveryException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.provider.CustomActivationProvider;
+import io.getlime.security.powerauth.rest.api.spring.application.PowerAuthApplicationConfiguration;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.encryption.EciesEncryptionContext;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthRecoveryException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.provider.CustomActivationProvider;
 import io.getlime.security.powerauth.rest.api.model.entity.ActivationType;
 import io.getlime.security.powerauth.rest.api.model.request.v3.ActivationLayer1Request;
 import io.getlime.security.powerauth.rest.api.model.request.v3.ActivationStatusRequest;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
index bc6e0054..34a4dda5 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
@@ -22,10 +22,10 @@
 import com.wultra.security.powerauth.client.PowerAuthClient;
 import com.wultra.security.powerauth.client.v3.ConfirmRecoveryCodeResponse;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthRecoveryConfirmationException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthRecoveryConfirmationException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
 import org.slf4j.Logger;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/SecureVaultService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/SecureVaultService.java
index 6941eda9..3a8d513e 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/SecureVaultService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/SecureVaultService.java
@@ -25,10 +25,10 @@
 import com.wultra.security.powerauth.client.v3.VaultUnlockResponse;
 import io.getlime.security.powerauth.http.PowerAuthHttpBody;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthSecureVaultException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureTypeInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
 import io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
index ec28f210..5c6e2ece 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
@@ -24,10 +24,10 @@
 import com.wultra.security.powerauth.client.v3.SignatureType;
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureTypeInvalidException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthTokenErrorException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenErrorException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.request.v3.TokenRemoveRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
index ea59ec39..fdae43ca 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
@@ -26,11 +26,11 @@
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthEncryptionHttpHeader;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthUpgradeException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthInvalidRequestException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthUpgradeException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
 import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
 import io.getlime.security.powerauth.rest.api.spring.provider.PowerAuthAuthenticationProvider;
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
index ecee2ae2..2eb88a80 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
@@ -19,7 +19,7 @@
  */
 package io.getlime.security.powerauth.app.rest.api.spring.configuration;
 
-import io.getlime.security.powerauth.rest.api.base.application.PowerAuthApplicationConfiguration;
+import io.getlime.security.powerauth.rest.api.spring.application.PowerAuthApplicationConfiguration;
 import org.springframework.context.annotation.Configuration;
 
 import java.util.Map;
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
index cb468dad..107ae2c0 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
@@ -19,9 +19,9 @@
  */
 package io.getlime.security.powerauth.app.rest.api.spring.configuration;
 
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthAnnotationInterceptor;
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryptionArgumentResolver;
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthWebArgumentResolver;
+import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthAnnotationInterceptor;
+import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthEncryptionArgumentResolver;
+import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthWebArgumentResolver;
 import io.getlime.security.powerauth.rest.api.spring.filter.PowerAuthRequestFilter;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
index f50d665a..1b5f9df0 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
@@ -20,9 +20,9 @@
 package io.getlime.security.powerauth.app.rest.api.spring.controller;
 
 import io.getlime.core.rest.model.base.response.ObjectResponse;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java
index ce12e42f..8ca69db2 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java
@@ -23,9 +23,9 @@
 import com.wultra.security.powerauth.client.v2.CreateActivationResponse;
 import io.getlime.core.rest.model.base.request.ObjectRequest;
 import io.getlime.core.rest.model.base.response.ObjectResponse;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthNonPersonalizedEncryptor;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthActivationException;
-import io.getlime.security.powerauth.rest.api.base.provider.CustomActivationProvider;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthNonPersonalizedEncryptor;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException;
+import io.getlime.security.powerauth.rest.api.spring.provider.CustomActivationProvider;
 import io.getlime.security.powerauth.rest.api.model.entity.ActivationType;
 import io.getlime.security.powerauth.rest.api.model.entity.NonPersonalizedEncryptedPayloadModel;
 import io.getlime.security.powerauth.rest.api.model.request.v2.ActivationCreateCustomRequest;
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java
index efb308c4..8e262fb5 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java
@@ -23,8 +23,8 @@
 import io.getlime.core.rest.model.base.response.ObjectResponse;
 import io.getlime.security.powerauth.crypto.lib.model.exception.CryptoProviderException;
 import io.getlime.security.powerauth.crypto.lib.model.exception.GenericCryptoException;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthNonPersonalizedEncryptor;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthEncryptionException;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthNonPersonalizedEncryptor;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException;
 import io.getlime.security.powerauth.rest.api.model.entity.NonPersonalizedEncryptedPayloadModel;
 import io.getlime.security.powerauth.rest.api.spring.encryption.EncryptorFactory;
 import org.slf4j.Logger;
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
index 5c3aa594..39bd6e67 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
@@ -22,11 +22,11 @@
 import io.getlime.security.powerauth.app.rest.api.spring.model.request.DataExchangeRequest;
 import io.getlime.security.powerauth.app.rest.api.spring.model.response.DataExchangeResponse;
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesScope;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.encryption.EciesEncryptionContext;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthEncryptionException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.encryption.EciesEncryptionContext;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
+import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException;
+import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.spring.annotation.EncryptedRequestBody;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryption;
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java
index c6e0289f..0dae5622 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java
@@ -19,7 +19,7 @@
  */
 package io.getlime.security.powerauth.app.rest.api.spring.provider;
 
-import io.getlime.security.powerauth.rest.api.base.provider.CustomActivationProvider;
+import io.getlime.security.powerauth.rest.api.spring.provider.CustomActivationProvider;
 import io.getlime.security.powerauth.rest.api.model.entity.ActivationType;
 import org.springframework.stereotype.Component;
 

From c384cf259b5b259f64f3b04553a8b1c11eeb6479 Mon Sep 17 00:00:00 2001
From: Petr Dvorak <petr@wultra.com>
Date: Tue, 8 Jun 2021 20:03:50 +0200
Subject: [PATCH 02/36] Bump version in pom.xml

---
 pom.xml                                              | 2 +-
 powerauth-restful-model/pom.xml                      | 4 ++--
 powerauth-restful-security-spring-annotation/pom.xml | 4 ++--
 powerauth-restful-security-spring/pom.xml            | 6 +++---
 powerauth-restful-server-spring/pom.xml              | 2 +-
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/pom.xml b/pom.xml
index a3cd153e..4b6879d0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@
 
     <groupId>io.getlime.security</groupId>
     <artifactId>powerauth-restful-integration-parent</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.2.0-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <inceptionYear>2017</inceptionYear>
diff --git a/powerauth-restful-model/pom.xml b/powerauth-restful-model/pom.xml
index 22affa7c..99859667 100644
--- a/powerauth-restful-model/pom.xml
+++ b/powerauth-restful-model/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-model</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.2.0-SNAPSHOT</version>
     <name>powerauth-restful-model</name>
     <description>Model classes PowerAuth Standard RESTful API</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.1.0-SNAPSHOT</version>
+        <version>1.2.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/powerauth-restful-security-spring-annotation/pom.xml b/powerauth-restful-security-spring-annotation/pom.xml
index d8f58463..25855ad8 100644
--- a/powerauth-restful-security-spring-annotation/pom.xml
+++ b/powerauth-restful-security-spring-annotation/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-security-spring-annotation</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.2.0-SNAPSHOT</version>
     <name>powerauth-restful-security-spring-annotation</name>
     <description>PowerAuth RESTful API Security Annotations for Spring</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.1.0-SNAPSHOT</version>
+        <version>1.2.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/powerauth-restful-security-spring/pom.xml b/powerauth-restful-security-spring/pom.xml
index 2684f6dd..9289eb1e 100644
--- a/powerauth-restful-security-spring/pom.xml
+++ b/powerauth-restful-security-spring/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-security-spring</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.2.0-SNAPSHOT</version>
     <name>powerauth-restful-security-spring</name>
     <description>PowerAuth RESTful API Security Additions for Spring</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.1.0-SNAPSHOT</version>
+        <version>1.2.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -41,7 +41,7 @@
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-restful-security-spring-annotation</artifactId>
-            <version>1.1.0-SNAPSHOT</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
diff --git a/powerauth-restful-server-spring/pom.xml b/powerauth-restful-server-spring/pom.xml
index 8e6c8e96..00661d95 100644
--- a/powerauth-restful-server-spring/pom.xml
+++ b/powerauth-restful-server-spring/pom.xml
@@ -72,7 +72,7 @@
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-restful-security-spring</artifactId>
-            <version>1.1.0-SNAPSHOT</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
 
         <!-- Other Dependencies -->

From 7c2038f7895d46b0810deb363671856e8228a0ec Mon Sep 17 00:00:00 2001
From: Petr Dvorak <petr@wultra.com>
Date: Tue, 8 Jun 2021 20:37:05 +0200
Subject: [PATCH 03/36] Fix #95: Allow filling custom object in
 /pa/activation/status with activation specific data

---
 .../api/spring/model/ActivationContext.java   | 254 ++++++++++++++++++
 .../PowerAuthApplicationConfiguration.java    |  11 +-
 .../spring/service/v3/ActivationService.java  |  19 +-
 .../ApplicationConfiguration.java             |   8 +-
 4 files changed, 286 insertions(+), 6 deletions(-)
 create mode 100644 powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
new file mode 100644
index 00000000..031c756d
--- /dev/null
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
@@ -0,0 +1,254 @@
+package io.getlime.security.powerauth.rest.api.spring.model;
+
+import com.wultra.security.powerauth.client.v3.ActivationStatus;
+
+import javax.xml.datatype.XMLGregorianCalendar;
+import java.util.List;
+
+/**
+ * Class representing the activation context data. It maps detailed activation attributes
+ * to a class that is supposed to be used by the developers in various scenarios.
+ *
+ * @author Petr Dvorak, petr@wultra.com
+ */
+public class ActivationContext {
+    
+    private String activationId;
+    private String activationName;
+    private List<String> activationFlags;
+    private ActivationStatus activationStatus;
+    private String blockedReason;
+    private long applicationId;
+    private String userId;
+    private long version;
+    private XMLGregorianCalendar timestampCreated;
+    private XMLGregorianCalendar timestampLastUsed;
+    private XMLGregorianCalendar timestampLastChange;
+    private String platform;
+    private String deviceInfo;
+    private String extras;
+
+    /**
+     * Set activation ID.
+     * @param activationId Activation ID.
+     */
+    public void setActivationId(String activationId) {
+        this.activationId = activationId;
+    }
+
+    /**
+     * Get activation ID.
+     * @return Activation ID.
+     */
+    public String getActivationId() {
+        return activationId;
+    }
+
+    /**
+     * Set activation name.
+     * @param activationName Activation name.
+     */
+    public void setActivationName(String activationName) {
+        this.activationName = activationName;
+    }
+
+    /**
+     * Get activation name.
+     * @return Activation name.
+     */
+    public String getActivationName() {
+        return activationName;
+    }
+
+    /**
+     * Set activation flags.
+     * @param activationFlags Activation flags.
+     */
+    public void setActivationFlags(List<String> activationFlags) {
+        this.activationFlags = activationFlags;
+    }
+
+    /**
+     * Get activation flags.
+     * @return Activation flags.
+     */
+    public List<String> getActivationFlags() {
+        return activationFlags;
+    }
+
+    /**
+     * Set activation status.
+     * @param activationStatus Activation status.
+     */
+    public void setActivationStatus(ActivationStatus activationStatus) {
+        this.activationStatus = activationStatus;
+    }
+
+    /**
+     * Get activation status.
+     * @return Activation status.
+     */
+    public ActivationStatus getActivationStatus() {
+        return activationStatus;
+    }
+
+    /**
+     * Set blocked reason.
+     * @param blockedReason Blocked reason.
+     */
+    public void setBlockedReason(String blockedReason) {
+        this.blockedReason = blockedReason;
+    }
+
+    /**
+     * Get blocked reason.
+     * @return Blocked reason.
+     */
+    public String getBlockedReason() {
+        return blockedReason;
+    }
+
+    /**
+     * Set application ID.
+     * @param applicationId Application ID.
+     */
+    public void setApplicationId(long applicationId) {
+        this.applicationId = applicationId;
+    }
+
+    /**
+     * Get application ID.
+     * @return Application ID.
+     */
+    public long getApplicationId() {
+        return applicationId;
+    }
+
+    /**
+     * Set user ID.
+     * @param userId User ID.
+     */
+    public void setUserId(String userId) {
+        this.userId = userId;
+    }
+
+    /**
+     * Get user ID.
+     * @return User ID.
+     */
+    public String getUserId() {
+        return userId;
+    }
+
+    /**
+     * Set version.
+     * @param version Version.
+     */
+    public void setVersion(long version) {
+        this.version = version;
+    }
+
+    /**
+     * Get version.
+     * @return Version.
+     */
+    public long getVersion() {
+        return version;
+    }
+
+    /**
+     * Set timestamp created.
+     * @param timestampCreated Timestamp created.
+     */
+    public void setTimestampCreated(XMLGregorianCalendar timestampCreated) {
+        this.timestampCreated = timestampCreated;
+    }
+
+    /**
+     * Get timestamp created.
+     * @return Timestamp created.
+     */
+    public XMLGregorianCalendar getTimestampCreated() {
+        return timestampCreated;
+    }
+
+    /**
+     * Set timestamp last used.
+     * @param timestampLastUsed Timestamp last used.
+     */
+    public void setTimestampLastUsed(XMLGregorianCalendar timestampLastUsed) {
+        this.timestampLastUsed = timestampLastUsed;
+    }
+
+    /**
+     * Get timestamp last used.
+     * @return Timestamp last used.
+     */
+    public XMLGregorianCalendar getTimestampLastUsed() {
+        return timestampLastUsed;
+    }
+
+    /**
+     * Set timestamp last change.
+     * @param timestampLastChange Timestamp last change.
+     */
+    public void setTimestampLastChange(XMLGregorianCalendar timestampLastChange) {
+        this.timestampLastChange = timestampLastChange;
+    }
+
+    /**
+     * Get timestamp last change.
+     * @return Timestamp last change.
+     */
+    public XMLGregorianCalendar getTimestampLastChange() {
+        return timestampLastChange;
+    }
+
+    /**
+     * Set platform.
+     * @param platform Platform.
+     */
+    public void setPlatform(String platform) {
+        this.platform = platform;
+    }
+
+    /**
+     * Get platform.
+     * @return Platform.
+     */
+    public String getPlatform() {
+        return platform;
+    }
+
+    /**
+     * Set device info.
+     * @param deviceInfo Device info.
+     */
+    public void setDeviceInfo(String deviceInfo) {
+        this.deviceInfo = deviceInfo;
+    }
+
+    /**
+     * Get device info.
+     * @return Device info.
+     */
+    public String getDeviceInfo() {
+        return deviceInfo;
+    }
+
+    /**
+     * Set extras.
+     * @param extras Extras.
+     */
+    public void setExtras(String extras) {
+        this.extras = extras;
+    }
+
+    /**
+     * Get extras.
+     * @return Extras.
+     */
+    public String getExtras() {
+        return extras;
+    }
+}
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/application/PowerAuthApplicationConfiguration.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/application/PowerAuthApplicationConfiguration.java
index 00a6ba79..d830ef80 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/application/PowerAuthApplicationConfiguration.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/application/PowerAuthApplicationConfiguration.java
@@ -19,6 +19,8 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.application;
 
+import io.getlime.security.powerauth.rest.api.spring.model.ActivationContext;
+
 import java.util.Map;
 
 /**
@@ -32,9 +34,14 @@ public interface PowerAuthApplicationConfiguration {
     /**
      * In order to minimize number of up-front request, /pa/activation/status end-point may return
      * any custom state-less object with an information about the service (such as current timestamp,
-     * service outage info, etc.). Default implementation may simply return null.
+     * service outage info, etc.), or an activation-scoped object. When fetching the activation scoped
+     * object, developers should pay attention to the performance. Status endpoint is a frequently called
+     * endpoint and hence any queries should use low-latency services. Default implementation may simply
+     * return null.
+     *
+     * @param activationContext Activation context.
      * @return Custom object with state-less information about the API server status.
      */
-    Map<String, Object> statusServiceCustomObject();
+    Map<String, Object> statusServiceCustomObject(ActivationContext activationContext);
 
 }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
index 02e1312d..40575a5e 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
@@ -29,6 +29,7 @@
 import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException;
 import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthRecoveryException;
 import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
+import io.getlime.security.powerauth.rest.api.spring.model.ActivationContext;
 import io.getlime.security.powerauth.rest.api.spring.provider.CustomActivationProvider;
 import io.getlime.security.powerauth.rest.api.model.entity.ActivationType;
 import io.getlime.security.powerauth.rest.api.model.request.v3.ActivationLayer1Request;
@@ -353,7 +354,23 @@ public ActivationStatusResponse getActivationStatus(ActivationStatusRequest requ
             response.setEncryptedStatusBlob(paResponse.getEncryptedStatusBlob());
             response.setNonce(paResponse.getEncryptedStatusBlobNonce());
             if (applicationConfiguration != null) {
-                response.setCustomObject(applicationConfiguration.statusServiceCustomObject());
+                final ActivationContext activationContext = new ActivationContext();
+                activationContext.setActivationId(paResponse.getActivationId());
+                activationContext.setActivationName(paResponse.getActivationName());
+                activationContext.setActivationFlags(paResponse.getActivationFlags());
+                activationContext.setActivationStatus(paResponse.getActivationStatus());
+                activationContext.setBlockedReason(paResponse.getBlockedReason());
+                activationContext.setApplicationId(paResponse.getApplicationId());
+                activationContext.setUserId(paResponse.getUserId());
+                activationContext.setVersion(paResponse.getVersion());
+                activationContext.setTimestampCreated(paResponse.getTimestampCreated());
+                activationContext.setTimestampLastUsed(paResponse.getTimestampLastUsed());
+                activationContext.setTimestampLastChange(paResponse.getTimestampLastChange());
+                activationContext.setPlatform(paResponse.getPlatform());
+                activationContext.setDeviceInfo(paResponse.getDeviceInfo());
+                activationContext.setExtras(paResponse.getExtras());
+
+                response.setCustomObject(applicationConfiguration.statusServiceCustomObject(activationContext));
             }
             return response;
         } catch (Exception ex) {
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
index 2eb88a80..ca3b5575 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
@@ -20,20 +20,22 @@
 package io.getlime.security.powerauth.app.rest.api.spring.configuration;
 
 import io.getlime.security.powerauth.rest.api.spring.application.PowerAuthApplicationConfiguration;
+import io.getlime.security.powerauth.rest.api.spring.model.ActivationContext;
 import org.springframework.context.annotation.Configuration;
 
 import java.util.Map;
 
 /**
- * Default implementation of PowerAuthApplicationConfiguration interface. 
- * @author Petr Dvorak
+ * Default implementation of PowerAuthApplicationConfiguration interface.
+ *
+ * @author Petr Dvorak, petr@wultra.com
  *
  */
 @Configuration
 public class ApplicationConfiguration implements PowerAuthApplicationConfiguration {
 
     @Override
-    public Map<String, Object> statusServiceCustomObject() {
+    public Map<String, Object> statusServiceCustomObject(ActivationContext context) {
         return null;
     }
 

From bab49e820e1e0c350c53b6bd5d2c363fe828bd6e Mon Sep 17 00:00:00 2001
From: Petr Dvorak <petr@wultra.com>
Date: Tue, 8 Jun 2021 20:44:07 +0200
Subject: [PATCH 04/36] Add converter class

---
 .../v3/ActivationContextConverter.java        | 40 +++++++++++++++++++
 .../spring/service/v3/ActivationService.java  | 29 ++++++--------
 2 files changed, 53 insertions(+), 16 deletions(-)
 create mode 100644 powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
new file mode 100644
index 00000000..b2be0ab5
--- /dev/null
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
@@ -0,0 +1,40 @@
+package io.getlime.security.powerauth.rest.api.spring.converter.v3;
+
+import com.wultra.security.powerauth.client.v3.GetActivationStatusResponse;
+import io.getlime.security.powerauth.rest.api.spring.model.ActivationContext;
+import org.springframework.stereotype.Component;
+
+/**
+ * Converter class for conversions of activation context.
+ *
+ * @author Petr Dvorak, petr@wultra.com
+ */
+@Component
+public class ActivationContextConverter {
+
+    /**
+     * Convert new activation context from activation status response.
+     *
+     * @param source Activation status response.
+     * @return Activation context.
+     */
+    public ActivationContext fromActivationDetailResponse(GetActivationStatusResponse source) {
+        final ActivationContext destination = new ActivationContext();
+        destination.setActivationId(source.getActivationId());
+        destination.setActivationName(source.getActivationName());
+        destination.setActivationFlags(source.getActivationFlags());
+        destination.setActivationStatus(source.getActivationStatus());
+        destination.setBlockedReason(source.getBlockedReason());
+        destination.setApplicationId(source.getApplicationId());
+        destination.setUserId(source.getUserId());
+        destination.setVersion(source.getVersion());
+        destination.setTimestampCreated(source.getTimestampCreated());
+        destination.setTimestampLastUsed(source.getTimestampLastUsed());
+        destination.setTimestampLastChange(source.getTimestampLastChange());
+        destination.setPlatform(source.getPlatform());
+        destination.setDeviceInfo(source.getDeviceInfo());
+        destination.setExtras(source.getExtras());
+        return destination;
+    }
+
+}
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
index 40575a5e..a8bbed66 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
@@ -25,6 +25,7 @@
 import com.wultra.security.powerauth.client.v3.*;
 import io.getlime.security.powerauth.rest.api.spring.application.PowerAuthApplicationConfiguration;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.converter.v3.ActivationContextConverter;
 import io.getlime.security.powerauth.rest.api.spring.encryption.EciesEncryptionContext;
 import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException;
 import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthRecoveryException;
@@ -66,6 +67,8 @@ public class ActivationService {
 
     private CustomActivationProvider activationProvider;
 
+    private ActivationContextConverter activationContextConverter;
+
     private static final Logger logger = LoggerFactory.getLogger(ActivationService.class);
 
     /**
@@ -95,6 +98,15 @@ public void setPowerAuthActivationProvider(CustomActivationProvider activationPr
         this.activationProvider = activationProvider;
     }
 
+    /**
+     * Set activation context converter via setter injection.
+     * @param activationContextConverter Activation context converter.
+     */
+    @Autowired
+    public void setActivationContextConverter(ActivationContextConverter activationContextConverter) {
+        this.activationContextConverter = activationContextConverter;
+    }
+
     /**
      * Create activation.
      *
@@ -354,22 +366,7 @@ public ActivationStatusResponse getActivationStatus(ActivationStatusRequest requ
             response.setEncryptedStatusBlob(paResponse.getEncryptedStatusBlob());
             response.setNonce(paResponse.getEncryptedStatusBlobNonce());
             if (applicationConfiguration != null) {
-                final ActivationContext activationContext = new ActivationContext();
-                activationContext.setActivationId(paResponse.getActivationId());
-                activationContext.setActivationName(paResponse.getActivationName());
-                activationContext.setActivationFlags(paResponse.getActivationFlags());
-                activationContext.setActivationStatus(paResponse.getActivationStatus());
-                activationContext.setBlockedReason(paResponse.getBlockedReason());
-                activationContext.setApplicationId(paResponse.getApplicationId());
-                activationContext.setUserId(paResponse.getUserId());
-                activationContext.setVersion(paResponse.getVersion());
-                activationContext.setTimestampCreated(paResponse.getTimestampCreated());
-                activationContext.setTimestampLastUsed(paResponse.getTimestampLastUsed());
-                activationContext.setTimestampLastChange(paResponse.getTimestampLastChange());
-                activationContext.setPlatform(paResponse.getPlatform());
-                activationContext.setDeviceInfo(paResponse.getDeviceInfo());
-                activationContext.setExtras(paResponse.getExtras());
-
+                final ActivationContext activationContext = activationContextConverter.fromActivationDetailResponse(paResponse);
                 response.setCustomObject(applicationConfiguration.statusServiceCustomObject(activationContext));
             }
             return response;

From 918b104f3ef4b7ee72272fde413648b9254f94d7 Mon Sep 17 00:00:00 2001
From: Petr Dvorak <petr@wultra.com>
Date: Tue, 8 Jun 2021 23:13:29 +0200
Subject: [PATCH 05/36] Resolve comments from code review

---
 .../v3/ActivationContextConverter.java        | 27 ++++++++--
 .../api/spring/model/ActivationContext.java   | 54 ++++++++++++-------
 2 files changed, 59 insertions(+), 22 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
index b2be0ab5..cf13e775 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
@@ -1,3 +1,22 @@
+/*
+ * PowerAuth integration libraries for RESTful API applications, examples and
+ * related software components
+ *
+ * Copyright (C) 2021 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
 package io.getlime.security.powerauth.rest.api.spring.converter.v3;
 
 import com.wultra.security.powerauth.client.v3.GetActivationStatusResponse;
@@ -22,15 +41,15 @@ public ActivationContext fromActivationDetailResponse(GetActivationStatusRespons
         final ActivationContext destination = new ActivationContext();
         destination.setActivationId(source.getActivationId());
         destination.setActivationName(source.getActivationName());
-        destination.setActivationFlags(source.getActivationFlags());
+        destination.getActivationFlags().addAll(source.getActivationFlags());
         destination.setActivationStatus(source.getActivationStatus());
         destination.setBlockedReason(source.getBlockedReason());
         destination.setApplicationId(source.getApplicationId());
         destination.setUserId(source.getUserId());
         destination.setVersion(source.getVersion());
-        destination.setTimestampCreated(source.getTimestampCreated());
-        destination.setTimestampLastUsed(source.getTimestampLastUsed());
-        destination.setTimestampLastChange(source.getTimestampLastChange());
+        destination.setTimestampCreated(source.getTimestampCreated().toGregorianCalendar().toInstant());
+        destination.setTimestampLastUsed(source.getTimestampLastUsed().toGregorianCalendar().toInstant());
+        destination.setTimestampLastChange(source.getTimestampLastChange().toGregorianCalendar().toInstant());
         destination.setPlatform(source.getPlatform());
         destination.setDeviceInfo(source.getDeviceInfo());
         destination.setExtras(source.getExtras());
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
index 031c756d..b24c1f00 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
@@ -1,8 +1,30 @@
+/*
+ * PowerAuth integration libraries for RESTful API applications, examples and
+ * related software components
+ *
+ * Copyright (C) 2021 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
 package io.getlime.security.powerauth.rest.api.spring.model;
 
 import com.wultra.security.powerauth.client.v3.ActivationStatus;
 
 import javax.xml.datatype.XMLGregorianCalendar;
+import java.time.Instant;
+import java.util.ArrayList;
+import java.util.Date;
 import java.util.List;
 
 /**
@@ -15,19 +37,23 @@ public class ActivationContext {
     
     private String activationId;
     private String activationName;
-    private List<String> activationFlags;
+    private final List<String> activationFlags;
     private ActivationStatus activationStatus;
     private String blockedReason;
     private long applicationId;
     private String userId;
     private long version;
-    private XMLGregorianCalendar timestampCreated;
-    private XMLGregorianCalendar timestampLastUsed;
-    private XMLGregorianCalendar timestampLastChange;
+    private Instant timestampCreated;
+    private Instant timestampLastUsed;
+    private Instant timestampLastChange;
     private String platform;
     private String deviceInfo;
     private String extras;
 
+    public ActivationContext() {
+        this.activationFlags = new ArrayList<>();
+    }
+
     /**
      * Set activation ID.
      * @param activationId Activation ID.
@@ -60,14 +86,6 @@ public String getActivationName() {
         return activationName;
     }
 
-    /**
-     * Set activation flags.
-     * @param activationFlags Activation flags.
-     */
-    public void setActivationFlags(List<String> activationFlags) {
-        this.activationFlags = activationFlags;
-    }
-
     /**
      * Get activation flags.
      * @return Activation flags.
@@ -160,7 +178,7 @@ public long getVersion() {
      * Set timestamp created.
      * @param timestampCreated Timestamp created.
      */
-    public void setTimestampCreated(XMLGregorianCalendar timestampCreated) {
+    public void setTimestampCreated(Instant timestampCreated) {
         this.timestampCreated = timestampCreated;
     }
 
@@ -168,7 +186,7 @@ public void setTimestampCreated(XMLGregorianCalendar timestampCreated) {
      * Get timestamp created.
      * @return Timestamp created.
      */
-    public XMLGregorianCalendar getTimestampCreated() {
+    public Instant getTimestampCreated() {
         return timestampCreated;
     }
 
@@ -176,7 +194,7 @@ public XMLGregorianCalendar getTimestampCreated() {
      * Set timestamp last used.
      * @param timestampLastUsed Timestamp last used.
      */
-    public void setTimestampLastUsed(XMLGregorianCalendar timestampLastUsed) {
+    public void setTimestampLastUsed(Instant timestampLastUsed) {
         this.timestampLastUsed = timestampLastUsed;
     }
 
@@ -184,7 +202,7 @@ public void setTimestampLastUsed(XMLGregorianCalendar timestampLastUsed) {
      * Get timestamp last used.
      * @return Timestamp last used.
      */
-    public XMLGregorianCalendar getTimestampLastUsed() {
+    public Instant getTimestampLastUsed() {
         return timestampLastUsed;
     }
 
@@ -192,7 +210,7 @@ public XMLGregorianCalendar getTimestampLastUsed() {
      * Set timestamp last change.
      * @param timestampLastChange Timestamp last change.
      */
-    public void setTimestampLastChange(XMLGregorianCalendar timestampLastChange) {
+    public void setTimestampLastChange(Instant timestampLastChange) {
         this.timestampLastChange = timestampLastChange;
     }
 
@@ -200,7 +218,7 @@ public void setTimestampLastChange(XMLGregorianCalendar timestampLastChange) {
      * Get timestamp last change.
      * @return Timestamp last change.
      */
-    public XMLGregorianCalendar getTimestampLastChange() {
+    public Instant getTimestampLastChange() {
         return timestampLastChange;
     }
 

From eaf74cf79afbcb5443cbcd5e5770a0b6e2dd6c90 Mon Sep 17 00:00:00 2001
From: Petr Dvorak <petr@wultra.com>
Date: Tue, 8 Jun 2021 23:16:30 +0200
Subject: [PATCH 06/36] Prevent possible NPEs

---
 .../v3/ActivationContextConverter.java        | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
index cf13e775..338e29c7 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
@@ -23,6 +23,9 @@
 import io.getlime.security.powerauth.rest.api.spring.model.ActivationContext;
 import org.springframework.stereotype.Component;
 
+import javax.xml.datatype.XMLGregorianCalendar;
+import java.util.List;
+
 /**
  * Converter class for conversions of activation context.
  *
@@ -41,18 +44,30 @@ public ActivationContext fromActivationDetailResponse(GetActivationStatusRespons
         final ActivationContext destination = new ActivationContext();
         destination.setActivationId(source.getActivationId());
         destination.setActivationName(source.getActivationName());
-        destination.getActivationFlags().addAll(source.getActivationFlags());
         destination.setActivationStatus(source.getActivationStatus());
         destination.setBlockedReason(source.getBlockedReason());
         destination.setApplicationId(source.getApplicationId());
         destination.setUserId(source.getUserId());
         destination.setVersion(source.getVersion());
-        destination.setTimestampCreated(source.getTimestampCreated().toGregorianCalendar().toInstant());
-        destination.setTimestampLastUsed(source.getTimestampLastUsed().toGregorianCalendar().toInstant());
-        destination.setTimestampLastChange(source.getTimestampLastChange().toGregorianCalendar().toInstant());
         destination.setPlatform(source.getPlatform());
         destination.setDeviceInfo(source.getDeviceInfo());
         destination.setExtras(source.getExtras());
+        final List<String> activationFlags = source.getActivationFlags();
+        if (activationFlags != null) {
+            destination.getActivationFlags().addAll(activationFlags);
+        }
+        final XMLGregorianCalendar timestampCreated = source.getTimestampCreated();
+        if (timestampCreated != null) {
+            destination.setTimestampCreated(timestampCreated.toGregorianCalendar().toInstant());
+        }
+        final XMLGregorianCalendar timestampLastUsed = source.getTimestampLastUsed();
+        if (timestampLastUsed != null) {
+            destination.setTimestampLastUsed(timestampLastUsed.toGregorianCalendar().toInstant());
+        }
+        final XMLGregorianCalendar timestampLastChange = source.getTimestampLastChange();
+        if (timestampLastChange != null) {
+            destination.setTimestampLastChange(timestampLastChange.toGregorianCalendar().toInstant());
+        }
         return destination;
     }
 

From 9d6dbfac528d0cdc67a423ae7d1acfe21e433ddd Mon Sep 17 00:00:00 2001
From: Petr Dvorak <petr@wultra.com>
Date: Tue, 8 Jun 2021 23:18:26 +0200
Subject: [PATCH 07/36] Remove unused imports

---
 .../powerauth/rest/api/spring/model/ActivationContext.java      | 2 --
 1 file changed, 2 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
index b24c1f00..2e13dedd 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
@@ -21,10 +21,8 @@
 
 import com.wultra.security.powerauth.client.v3.ActivationStatus;
 
-import javax.xml.datatype.XMLGregorianCalendar;
 import java.time.Instant;
 import java.util.ArrayList;
-import java.util.Date;
 import java.util.List;
 
 /**

From 570702406289ec677b144c2efa591f59c88869a3 Mon Sep 17 00:00:00 2001
From: Petr Dvorak <petr@wultra.com>
Date: Fri, 11 Jun 2021 17:16:05 +0200
Subject: [PATCH 08/36] Fix #288: Add both packages to the documentation guides

---
 docs/RESTful-API-for-Spring.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/RESTful-API-for-Spring.md b/docs/RESTful-API-for-Spring.md
index 44e27375..595bd037 100644
--- a/docs/RESTful-API-for-Spring.md
+++ b/docs/RESTful-API-for-Spring.md
@@ -51,11 +51,15 @@ public class ServletInitializer extends SpringBootServletInitializer {
 
 ## Configure PowerAuth REST Client
 
+<!-- begin box warning -->
+Make sure to add both `io.getlime.security.powerauth` and `com.wultra.security.powerauth` packages in the `@ComponentScan` annotation. At this moment, both packages need to be scanned. We are already the process of package name migration. In the future library versions, we will only use the `com.wultra.security.powerauth`.
+<!-- end -->
+
 In order to connect to the correct PowerAuth Server, you need to add following configuration:
 
 ```java
 @Configuration
-@ComponentScan(basePackages = {"com.wultra.security.powerauth"})
+@ComponentScan(basePackages = {"io.getlime.security.powerauth","com.wultra.security.powerauth"})
 public class PowerAuthWebServiceConfiguration {
 
     @Value("${powerauth.rest.url}")

From e04d72747841370cce1b74dca7321c4e764b9c81 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Thu, 26 Aug 2021 17:44:52 +0200
Subject: [PATCH 09/36] Fix #291: Switch to pgp-maven-plugin for artifact
 signing

---
 pom.xml                                              | 10 ++++------
 powerauth-restful-model/pom.xml                      |  4 ++--
 powerauth-restful-security-base/pom.xml              | 10 +++++-----
 powerauth-restful-security-spring-annotation/pom.xml |  8 ++++----
 powerauth-restful-security-spring/pom.xml            |  8 ++++----
 powerauth-restful-server-spring/pom.xml              |  4 ++--
 6 files changed, 21 insertions(+), 23 deletions(-)

diff --git a/pom.xml b/pom.xml
index 9d44a3b4..ffa67738 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@
 
     <groupId>io.getlime.security</groupId>
     <artifactId>powerauth-restful-integration-parent</artifactId>
-    <version>1.1.0</version>
+    <version>1.2.0-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <inceptionYear>2017</inceptionYear>
@@ -154,13 +154,11 @@
             <build>
                 <plugins>
                     <plugin>
-                        <groupId>org.apache.maven.plugins</groupId>
-                        <artifactId>maven-gpg-plugin</artifactId>
-                        <version>1.6</version>
+                        <groupId>org.kohsuke</groupId>
+                        <artifactId>pgp-maven-plugin</artifactId>
+                        <version>1.1</version>
                         <executions>
                             <execution>
-                                <id>sign-artifacts</id>
-                                <phase>verify</phase>
                                 <goals>
                                     <goal>sign</goal>
                                 </goals>
diff --git a/powerauth-restful-model/pom.xml b/powerauth-restful-model/pom.xml
index 549e74f8..99859667 100644
--- a/powerauth-restful-model/pom.xml
+++ b/powerauth-restful-model/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-model</artifactId>
-    <version>1.1.0</version>
+    <version>1.2.0-SNAPSHOT</version>
     <name>powerauth-restful-model</name>
     <description>Model classes PowerAuth Standard RESTful API</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.1.0</version>
+        <version>1.2.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/powerauth-restful-security-base/pom.xml b/powerauth-restful-security-base/pom.xml
index 2f2a8acf..91e6dc58 100644
--- a/powerauth-restful-security-base/pom.xml
+++ b/powerauth-restful-security-base/pom.xml
@@ -25,12 +25,12 @@
 
     <modelVersion>4.0.0</modelVersion>
     <artifactId>powerauth-restful-security-base</artifactId>
-    <version>1.1.0</version>
+    <version>1.2.0-SNAPSHOT</version>
 
     <parent>
         <artifactId>powerauth-restful-integration-parent</artifactId>
         <groupId>io.getlime.security</groupId>
-        <version>1.1.0</version>
+        <version>1.2.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -40,17 +40,17 @@
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-java-crypto</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-java-http</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-restful-model</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
 
         <!-- Other Dependencies -->
diff --git a/powerauth-restful-security-spring-annotation/pom.xml b/powerauth-restful-security-spring-annotation/pom.xml
index 6285bcd2..677a17d6 100644
--- a/powerauth-restful-security-spring-annotation/pom.xml
+++ b/powerauth-restful-security-spring-annotation/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-security-spring-annotation</artifactId>
-    <version>1.1.0</version>
+    <version>1.2.0-SNAPSHOT</version>
     <name>powerauth-restful-security-spring-annotation</name>
     <description>PowerAuth RESTful API Security Annotations for Spring</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.1.0</version>
+        <version>1.2.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -53,12 +53,12 @@
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-restful-security-base</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-rest-client-spring</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
 
     </dependencies>
diff --git a/powerauth-restful-security-spring/pom.xml b/powerauth-restful-security-spring/pom.xml
index fdc1afcf..f0ab7008 100644
--- a/powerauth-restful-security-spring/pom.xml
+++ b/powerauth-restful-security-spring/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-security-spring</artifactId>
-    <version>1.1.0</version>
+    <version>1.2.0-SNAPSHOT</version>
     <name>powerauth-restful-security-spring</name>
     <description>PowerAuth RESTful API Security Additions for Spring</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.1.0</version>
+        <version>1.2.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -41,12 +41,12 @@
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-restful-security-spring-annotation</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-rest-client-spring</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
 
     </dependencies>
diff --git a/powerauth-restful-server-spring/pom.xml b/powerauth-restful-server-spring/pom.xml
index e0a1fe87..b630e646 100644
--- a/powerauth-restful-server-spring/pom.xml
+++ b/powerauth-restful-server-spring/pom.xml
@@ -26,7 +26,7 @@
     <name>powerauth-restful-server-spring</name>
     <description>PowerAuth Standard RESTful API</description>
     <artifactId>powerauth-restful-server-spring</artifactId>
-    <version>1.1.0</version>
+    <version>1.2.0-SNAPSHOT</version>
     <packaging>war</packaging>
 
     <parent>
@@ -72,7 +72,7 @@
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-restful-security-spring</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0-SNAPSHOT</version>
         </dependency>
 
         <!-- Other Dependencies -->

From 28ebfbadfd5498d8a67d06d1d7b8278f1c2c56fb Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Tue, 31 Aug 2021 17:03:03 +0200
Subject: [PATCH 10/36] Include Bouncy Castle dependency

---
 powerauth-restful-server-spring/pom.xml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/powerauth-restful-server-spring/pom.xml b/powerauth-restful-server-spring/pom.xml
index e0a1fe87..cc3dc7a1 100644
--- a/powerauth-restful-server-spring/pom.xml
+++ b/powerauth-restful-server-spring/pom.xml
@@ -85,7 +85,6 @@
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcprov-jdk15on</artifactId>
             <version>1.68</version>
-            <scope>provided</scope>
         </dependency>
 
     </dependencies>

From 0447a11fa9d08695d87e12d094b36e06f4d1bb27 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Wed, 8 Sep 2021 14:22:20 +0200
Subject: [PATCH 11/36] Fix #293: Add support for generified encrypted requests
 in ECIES

---
 .../encryption/PowerAuthEciesEncryption.java  |  8 +--
 .../PowerAuthAuthenticationProviderBase.java  |  2 +-
 .../PowerAuthEncryptionProviderBase.java      | 27 +++++----
 .../PowerAuthAnnotationInterceptor.java       |  9 +--
 .../PowerAuthEncryptionArgumentResolver.java  | 14 +++--
 .../filter/EncryptionResponseBodyAdvice.java  |  2 +-
 .../v3/EncryptedDataExchangeController.java   | 60 ++++++++++++++++---
 7 files changed, 87 insertions(+), 35 deletions(-)

diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesEncryption.java b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesEncryption.java
index a45f5834..79009148 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesEncryption.java
+++ b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/encryption/PowerAuthEciesEncryption.java
@@ -29,13 +29,13 @@
  *
  * @author Roman Strobl, roman.strobl@wultra.com
  */
-public class PowerAuthEciesEncryption<T> {
+public class PowerAuthEciesEncryption {
 
     private final EciesEncryptionContext context;
     private EciesDecryptor eciesDecryptor;
     private byte[] encryptedRequest;
     private byte[] decryptedRequest;
-    private T requestObject;
+    private Object requestObject;
 
     /**
      * Initialize ECIES encryption object from either encryption or signature HTTP header.
@@ -106,7 +106,7 @@ public void setDecryptedRequest(byte[] decryptedRequest) {
      * Get decrypted request object.
      * @return Decrypted request object.
      */
-    public T getRequestObject() {
+    public Object getRequestObject() {
         return requestObject;
     }
 
@@ -114,7 +114,7 @@ public T getRequestObject() {
      * Set decrypted request object.
      * @param requestObject Decrypted request object.
      */
-    public void setRequestObject(T requestObject) {
+    public void setRequestObject(Object requestObject) {
         this.requestObject = requestObject;
     }
 
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthAuthenticationProviderBase.java b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthAuthenticationProviderBase.java
index 9f21f113..2f67ddcd 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthAuthenticationProviderBase.java
+++ b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthAuthenticationProviderBase.java
@@ -156,7 +156,7 @@ public PowerAuthApiAuthentication validateToken(String tokenHeader) throws Power
     public byte[] extractRequestBodyBytes(HttpServletRequest servletRequest) throws PowerAuthAuthenticationException {
         if (servletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT) != null) {
             // Implementation of sign-then-encrypt - in case the encryption object is present and signature is validate, use decrypted request data
-            PowerAuthEciesEncryption<?> eciesEncryption = (PowerAuthEciesEncryption<?>) servletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT);
+            PowerAuthEciesEncryption eciesEncryption = (PowerAuthEciesEncryption) servletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT);
             return eciesEncryption.getDecryptedRequest();
         } else {
             // Request data was not encrypted - use regular PowerAuth request body for signature validation
diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
index 904ade93..a878bca2 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
+++ b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
@@ -20,7 +20,9 @@
 package io.getlime.security.powerauth.rest.api.base.provider;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JavaType;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.type.TypeFactory;
 import com.google.common.io.BaseEncoding;
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.EciesDecryptor;
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.EciesEnvelopeKey;
@@ -45,6 +47,7 @@
 
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
+import java.lang.reflect.Type;
 
 /**
  * Abstract class for PowerAuth encryption provider with common HTTP header parsing logic. The class is available for
@@ -75,14 +78,13 @@ public abstract class PowerAuthEncryptionProviderBase {
      * Decrypt HTTP request body and construct object with ECIES data. Use the requestType parameter to specify
      * the type of decrypted object.
      *
-     * @param <T> Generic request object type.
      * @param request HTTP request.
      * @param requestType Class of request object.
      * @param eciesScope ECIES scope.
      * @return Object with ECIES data.
      * @throws PowerAuthEncryptionException In case request decryption fails.
      */
-    public <T> PowerAuthEciesEncryption<T> decryptRequest(HttpServletRequest request, Class<T> requestType, EciesScope eciesScope) throws PowerAuthEncryptionException {
+    public PowerAuthEciesEncryption decryptRequest(HttpServletRequest request, Type requestType, EciesScope eciesScope) throws PowerAuthEncryptionException {
         // Only POST HTTP method is supported for ECIES
         if (!"POST".equals(request.getMethod())) {
             logger.warn("Invalid HTTP method: {}", request.getMethod());
@@ -93,7 +95,7 @@ public <T> PowerAuthEciesEncryption<T> decryptRequest(HttpServletRequest request
         final EciesEncryptionContext encryptionContext = extractEciesEncryptionContext(request);
 
         // Construct ECIES encryption object from HTTP header
-        final PowerAuthEciesEncryption<T> eciesEncryption = new PowerAuthEciesEncryption<>(encryptionContext);
+        final PowerAuthEciesEncryption eciesEncryption = new PowerAuthEciesEncryption(encryptionContext);
 
         // Save ECIES scope in context
         eciesEncryption.getContext().setEciesScope(eciesScope);
@@ -192,7 +194,7 @@ public <T> PowerAuthEciesEncryption<T> decryptRequest(HttpServletRequest request
      * @param eciesEncryption PowerAuth encryption object.
      * @return ECIES encrypted response.
      */
-    public EciesEncryptedResponse encryptResponse(Object responseObject, PowerAuthEciesEncryption<?> eciesEncryption) {
+    public EciesEncryptedResponse encryptResponse(Object responseObject, PowerAuthEciesEncryption eciesEncryption) {
         try {
             final byte[] responseData = serializeResponseData(responseObject);
             // Encrypt response using decryptor and return ECIES cryptogram
@@ -210,20 +212,19 @@ public EciesEncryptedResponse encryptResponse(Object responseObject, PowerAuthEc
      * Convert byte[] request data to Object with given type.
      *
      * @param requestData Raw request data.
-     * @param requestType Class specifying request type.
-     * @param <T> Type of request object.
+     * @param requestType Request type.
      * @return Request object.
      * @throws IOException In case request object could not be deserialized.
      */
-    @SuppressWarnings("unchecked") // byte[] conversion to T is unchecked, detected when compiling with new Java
-    private <T> T deserializeRequestData(byte[] requestData, Class<T> requestType) throws IOException {
+    private Object deserializeRequestData(byte[] requestData, Type requestType) throws IOException {
         if (requestType.equals(byte[].class)) {
-            // Raw data without deserialization from JSON
-            return (T) requestData;
-        } else {
-            // Object is deserialized from JSON based on request type
-            return objectMapper.readValue(requestData, requestType);
+            // Raw byte[] data without deserialization from JSON
+            return requestData;
         }
+        // Object is deserialized from JSON based on request type
+        TypeFactory typeFactory = objectMapper.getTypeFactory();
+        JavaType requestJavaType = typeFactory.constructType(requestType);
+        return objectMapper.readValue(requestData, requestJavaType);
     }
 
     /**
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthAnnotationInterceptor.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthAnnotationInterceptor.java
index 715b76a0..c23a7ab8 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthAnnotationInterceptor.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthAnnotationInterceptor.java
@@ -43,6 +43,7 @@
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.lang.reflect.Type;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
@@ -105,10 +106,10 @@ public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServl
             // Resolve @PowerAuthEncryption annotation. The order of processing is important, PowerAuth expects
             // sign-then-encrypt sequence in case both authorization and encryption are used.
             if (powerAuthEncryptionAnnotation != null) {
-                final Class<?> requestType = resolveGenericParameterTypeForEcies(handlerMethod);
+                final Type requestType = resolveGenericParameterTypeForEcies(handlerMethod);
                 try {
                     encryptionProvider.decryptRequest(request, requestType, powerAuthEncryptionAnnotation.scope());
-                    // Encryption object is saved in HTTP servlet request by encryption provider, so that it is available for both Spring and Java EE
+                    // Encryption object is saved in HTTP servlet request by encryption provider, so that it is available for Spring
                 } catch (PowerAuthEncryptionException ex) {
                     logger.warn("Decryption failed, error: {}", ex.getMessage());
                     logger.debug("Error details", ex);
@@ -158,10 +159,10 @@ public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServl
      * @param handlerMethod Handler method.
      * @return Resolved type of request object.
      */
-    private Class<?> resolveGenericParameterTypeForEcies(HandlerMethod handlerMethod) {
+    private Type resolveGenericParameterTypeForEcies(HandlerMethod handlerMethod) {
         for (MethodParameter parameter: handlerMethod.getMethodParameters()) {
             if (parameter.hasParameterAnnotation(EncryptedRequestBody.class)) {
-                return parameter.getParameterType();
+                return parameter.getGenericParameterType();
             }
         }
         return Object.class;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java
index 99258508..5d05238c 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java
@@ -19,7 +19,9 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.annotation;
 
+import com.fasterxml.jackson.databind.JavaType;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.type.TypeFactory;
 import io.getlime.security.powerauth.rest.api.base.encryption.EciesEncryptionContext;
 import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthEciesEncryption;
 import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
@@ -34,6 +36,7 @@
 
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
+import java.lang.reflect.Type;
 
 /**
  * Argument resolver for {@link PowerAuthEciesEncryption} objects. It enables automatic
@@ -56,15 +59,18 @@ public boolean supportsParameter(@NonNull MethodParameter parameter) {
     @Override
     public Object resolveArgument(@NonNull MethodParameter parameter, ModelAndViewContainer mavContainer, @NonNull NativeWebRequest webRequest, WebDataBinderFactory binderFactory) {
         final HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
-        final PowerAuthEciesEncryption<?> eciesObject = (PowerAuthEciesEncryption<?>) request.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT);
+        final PowerAuthEciesEncryption eciesObject = (PowerAuthEciesEncryption) request.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT);
         // Decrypted object is inserted into parameter annotated by @EncryptedRequestBody annotation
         if (parameter.hasParameterAnnotation(EncryptedRequestBody.class) && eciesObject != null && eciesObject.getDecryptedRequest() != null) {
-            final Class<?> parameterType = parameter.getParameterType();
-            if (parameterType.equals(byte[].class)) {
+            final Type requestType = parameter.getGenericParameterType();
+            if (requestType.equals(byte[].class)) {
                 return eciesObject.getDecryptedRequest();
             } else {
                 try {
-                    return objectMapper.readValue(eciesObject.getDecryptedRequest(), parameterType);
+                    // Object is deserialized from JSON based on request type
+                    TypeFactory typeFactory = objectMapper.getTypeFactory();
+                    JavaType requestJavaType = typeFactory.constructType(requestType);
+                    return objectMapper.readValue(eciesObject.getDecryptedRequest(), requestJavaType);
                 } catch (IOException ex) {
                     logger.warn("Invalid request, error: {}", ex.getMessage());
                     logger.debug("Error details", ex);
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
index c3488ea9..6f313ca5 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
@@ -111,7 +111,7 @@ public Object beforeBodyWrite(Object response, @NonNull MethodParameter methodPa
 
         // Extract ECIES encryption object from HTTP request
         final HttpServletRequest httpServletRequest = ((ServletServerHttpRequest) serverHttpRequest).getServletRequest();
-        final PowerAuthEciesEncryption<?> eciesEncryption = (PowerAuthEciesEncryption<?>) httpServletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT);
+        final PowerAuthEciesEncryption eciesEncryption = (PowerAuthEciesEncryption) httpServletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT);
         if (eciesEncryption == null) {
             return null;
         }
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
index 5c3aa594..da253e2e 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
@@ -19,6 +19,8 @@
  */
 package io.getlime.security.powerauth.app.rest.api.spring.controller.v3;
 
+import io.getlime.core.rest.model.base.request.ObjectRequest;
+import io.getlime.core.rest.model.base.response.ObjectResponse;
 import io.getlime.security.powerauth.app.rest.api.spring.model.request.DataExchangeRequest;
 import io.getlime.security.powerauth.app.rest.api.spring.model.response.DataExchangeResponse;
 import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesScope;
@@ -66,7 +68,7 @@ public DataExchangeResponse exchangeInApplicationScope(@EncryptedRequestBody Dat
                                              EciesEncryptionContext eciesContext) throws PowerAuthEncryptionException {
 
         if (eciesContext == null) {
-            logger.debug("Encryption failed");
+            logger.error("Encryption failed");
             throw new PowerAuthEncryptionException();
         }
 
@@ -88,7 +90,7 @@ public DataExchangeResponse exchangeInActivationScope(@EncryptedRequestBody Data
                                             EciesEncryptionContext eciesContext) throws PowerAuthEncryptionException {
 
         if (eciesContext == null) {
-            logger.debug("Encryption failed");
+            logger.error("Encryption failed");
             throw new PowerAuthEncryptionException();
         }
 
@@ -114,12 +116,12 @@ public DataExchangeResponse exchangeSignedAndEncryptedData(@EncryptedRequestBody
                                                                 PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
 
         if (auth == null || auth.getUserId() == null) {
-            logger.debug("Signature validation failed");
+            logger.error("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
 
         if (eciesContext == null) {
-            logger.debug("Encryption failed");
+            logger.error("Encryption failed");
             throw new PowerAuthEncryptionException();
         }
 
@@ -145,12 +147,12 @@ public String exchangeSignedAndEncryptedDataString(@EncryptedRequestBody String
                                                                        PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
 
         if (auth == null || auth.getUserId() == null) {
-            logger.debug("Signature validation failed");
+            logger.error("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
 
         if (eciesContext == null) {
-            logger.debug("Encryption failed");
+            logger.error("Encryption failed");
             throw new PowerAuthEncryptionException();
         }
 
@@ -176,12 +178,12 @@ public byte[] exchangeSignedAndEncryptedDataRaw(@EncryptedRequestBody byte[] req
                                                                PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
 
         if (auth == null || auth.getUserId() == null) {
-            logger.debug("Signature validation failed");
+            logger.error("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
 
         if (eciesContext == null) {
-            logger.debug("Encryption failed");
+            logger.error("Encryption failed");
             throw new PowerAuthEncryptionException();
         }
 
@@ -189,4 +191,46 @@ public byte[] exchangeSignedAndEncryptedDataRaw(@EncryptedRequestBody byte[] req
         return requestData;
     }
 
+    /**
+     * Sample signed and encrypted data exchange of generified request.
+     *
+     * @param request Request with generified request data.
+     * @param eciesContext ECIES context.
+     * @param auth PowerAuth authentication object.
+     * @return Generified data exchange response.
+     * @throws PowerAuthAuthenticationException In case signature validation fails.
+     * @throws PowerAuthEncryptionException In case encryption or decryption fails.
+     */
+    @RequestMapping(value = "v3/signed/generics", method = RequestMethod.POST)
+    @PowerAuth(resourceId = "/exchange/v3/signed/generics")
+    @PowerAuthEncryption(scope = EciesScope.ACTIVATION_SCOPE)
+    public ObjectResponse<DataExchangeResponse> exchangeSignedAndEncryptedDataGenerics(@EncryptedRequestBody ObjectRequest<DataExchangeRequest> request,
+                                                                                       EciesEncryptionContext eciesContext,
+                                                                                       PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
+        if (auth == null || auth.getUserId() == null) {
+            logger.error("Signature validation failed");
+            throw new PowerAuthSignatureInvalidException();
+        }
+
+        if (eciesContext == null) {
+            logger.error("Encryption failed");
+            throw new PowerAuthEncryptionException();
+        }
+
+        if (request == null) {
+            logger.error("Missing request");
+            throw new PowerAuthEncryptionException();
+        }
+
+        if (request.getRequestObject() == null) {
+            logger.error("Invalid request");
+            throw new PowerAuthEncryptionException();
+        }
+
+        // Return generified data back for verification
+        DataExchangeResponse response = new DataExchangeResponse();
+        response.setData(request.getRequestObject().getData());
+        return new ObjectResponse<>(response);
+    }
+
 }

From 6985e8408ea24461052c35df55b37781ce529a4d Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Thu, 9 Sep 2021 13:58:28 +0200
Subject: [PATCH 12/36] Fix issues found in pull request review

---
 .../base/provider/PowerAuthEncryptionProviderBase.java    | 4 ++--
 .../annotation/PowerAuthEncryptionArgumentResolver.java   | 4 ++--
 .../controller/v3/EncryptedDataExchangeController.java    | 8 ++++----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
index a878bca2..49a943ed 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
+++ b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
@@ -222,8 +222,8 @@ private Object deserializeRequestData(byte[] requestData, Type requestType) thro
             return requestData;
         }
         // Object is deserialized from JSON based on request type
-        TypeFactory typeFactory = objectMapper.getTypeFactory();
-        JavaType requestJavaType = typeFactory.constructType(requestType);
+        final TypeFactory typeFactory = objectMapper.getTypeFactory();
+        final JavaType requestJavaType = typeFactory.constructType(requestType);
         return objectMapper.readValue(requestData, requestJavaType);
     }
 
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java
index 5d05238c..8f7d12fc 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthEncryptionArgumentResolver.java
@@ -68,8 +68,8 @@ public Object resolveArgument(@NonNull MethodParameter parameter, ModelAndViewCo
             } else {
                 try {
                     // Object is deserialized from JSON based on request type
-                    TypeFactory typeFactory = objectMapper.getTypeFactory();
-                    JavaType requestJavaType = typeFactory.constructType(requestType);
+                    final TypeFactory typeFactory = objectMapper.getTypeFactory();
+                    final JavaType requestJavaType = typeFactory.constructType(requestType);
                     return objectMapper.readValue(eciesObject.getDecryptedRequest(), requestJavaType);
                 } catch (IOException ex) {
                     logger.warn("Invalid request, error: {}", ex.getMessage());
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
index da253e2e..6cd7ac2f 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
@@ -116,7 +116,7 @@ public DataExchangeResponse exchangeSignedAndEncryptedData(@EncryptedRequestBody
                                                                 PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
 
         if (auth == null || auth.getUserId() == null) {
-            logger.error("Signature validation failed");
+            logger.info("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
 
@@ -147,7 +147,7 @@ public String exchangeSignedAndEncryptedDataString(@EncryptedRequestBody String
                                                                        PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
 
         if (auth == null || auth.getUserId() == null) {
-            logger.error("Signature validation failed");
+            logger.info("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
 
@@ -178,7 +178,7 @@ public byte[] exchangeSignedAndEncryptedDataRaw(@EncryptedRequestBody byte[] req
                                                                PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
 
         if (auth == null || auth.getUserId() == null) {
-            logger.error("Signature validation failed");
+            logger.info("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
 
@@ -208,7 +208,7 @@ public ObjectResponse<DataExchangeResponse> exchangeSignedAndEncryptedDataGeneri
                                                                                        EciesEncryptionContext eciesContext,
                                                                                        PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
         if (auth == null || auth.getUserId() == null) {
-            logger.error("Signature validation failed");
+            logger.info("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
 

From 45094f15a8e496310b37bf21b730d4b929d9553c Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Wed, 22 Sep 2021 14:37:37 +0200
Subject: [PATCH 13/36] Fix #295: Invalid message in header extraction for
 ECIES

---
 .../rest/api/base/provider/PowerAuthEncryptionProviderBase.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
index 49a943ed..6c8a0c3d 100644
--- a/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
+++ b/powerauth-restful-security-base/src/main/java/io/getlime/security/powerauth/rest/api/base/provider/PowerAuthEncryptionProviderBase.java
@@ -257,7 +257,7 @@ private EciesEncryptionContext extractEciesEncryptionContext(HttpServletRequest
 
         // Check that at least one PowerAuth HTTP header with parameters for ECIES is present
         if (encryptionHttpHeader == null && signatureHttpHeader == null) {
-            logger.warn("Signature HTTP header is invalid");
+            logger.warn("Neither signature nor encryption HTTP header is present");
             throw new PowerAuthEncryptionException();
         }
 

From 3a2cc52a3ba3c8feb97911b0048c5b242f6c4c83 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 18 Oct 2021 11:10:52 +0200
Subject: [PATCH 14/36] Fix #297: Remove project
 powerauth-restful-server-spring

---
 ...eploying-PowerAuth-Standard-RESTful-API.md |  28 ++-
 powerauth-restful-server-spring/.gitignore    |   2 -
 powerauth-restful-server-spring/pom.xml       | 117 ---------
 .../spring/PowerAuthApiJavaApplication.java   |  38 ---
 .../rest/api/spring/ServletInitializer.java   |  39 ---
 .../ApplicationConfiguration.java             |  40 ---
 .../PowerAuthWebServiceConfiguration.java     | 101 --------
 .../spring/configuration/SecurityConfig.java  |  55 ----
 .../configuration/WebApplicationConfig.java   | 104 --------
 .../controller/AuthenticationController.java  | 118 ---------
 .../spring/controller/ServiceController.java  |  73 ------
 .../v2/CustomActivationController.java        | 175 -------------
 .../v2/EncryptedDataExchangeController.java   | 118 ---------
 .../v3/EncryptedDataExchangeController.java   | 236 ------------------
 .../DefaultExceptionHandler.java              |  55 ----
 .../model/request/DataExchangeRequest.java    |  41 ---
 .../model/response/DataExchangeResponse.java  |  41 ---
 .../DefaultCustomActivationProvider.java      |  73 ------
 .../src/main/resources/application.properties |  28 ---
 19 files changed, 15 insertions(+), 1467 deletions(-)
 delete mode 100644 powerauth-restful-server-spring/.gitignore
 delete mode 100644 powerauth-restful-server-spring/pom.xml
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/PowerAuthApiJavaApplication.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/ServletInitializer.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/PowerAuthWebServiceConfiguration.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/SecurityConfig.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/ServiceController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/errorhandling/DefaultExceptionHandler.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/model/request/DataExchangeRequest.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/model/response/DataExchangeResponse.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java
 delete mode 100644 powerauth-restful-server-spring/src/main/resources/application.properties

diff --git a/docs/Deploying-PowerAuth-Standard-RESTful-API.md b/docs/Deploying-PowerAuth-Standard-RESTful-API.md
index 922a308d..4559cbc3 100644
--- a/docs/Deploying-PowerAuth-Standard-RESTful-API.md
+++ b/docs/Deploying-PowerAuth-Standard-RESTful-API.md
@@ -1,20 +1,22 @@
-# Deploying PowerAuth Standard RESTful API Bootstrap
+# Deploying PowerAuth RESTful API
 
 This chapter explains how to deploy PowerAuth Standard RESTful API.
 
-PowerAuth Standard RESTful API is a Java EE application (packaged as an executable WAR file) responsible for exposing the [RESTful API according to the specification](https://github.com/wultra/powerauth-crypto/blob/develop/docs/Standard-RESTful-API.md). It exposes services for end-user applications (PowerAuth Clients), such as the mobile banking app or mobile token app.
+Enrollment Server is a Spring application (packaged as an executable WAR file) responsible for exposing the [RESTful API according to the specification](https://github.com/wultra/powerauth-crypto/blob/develop/docs/Standard-RESTful-API.md). It exposes services for end-user applications (PowerAuth Clients), such as the mobile banking app or mobile token app.
 
 You can use this application in case you need to use PowerAuth and cannot integrate it in your own API using our integration libraries.
 
-## Downloading PowerAuth Standard RESTful API
+## Downloading Enrollment Server
 
-You can download the latest `powerauth-restful-server.war` at the releases page:
+You can download the latest `enrollment-server.war` at the releases page:
 
-- https://github.com/wultra/powerauth-restful-integration/releases
+- https://github.com/wultra/enrollment-server/releases
 
-## Configuring PowerAuth Standard RESTful API
+_Note: The enrollment server component will need to be customized in case you need to customize the activation process. The customization is described in the tutorial [Implementing the Server-Side for Authentication in Mobile Banking Apps (SCA)](https://developers.wultra.com/products/mobile-token/2021-05/tutorials/Authentication-in-Mobile-Apps/Server-Side-Tutorial#deploying-the-enrollment-server)._
 
-The default implementation of a PowerAuth Standard RESTful API has only one compulsory configuration parameter `powerauth.service.url` that configures the REST endpoint location of a PowerAuth Server. The default value for this property points to `localhost`:
+## Configuring Enrollment Server
+
+The default implementation of Enrollment server has only one compulsory configuration parameter `powerauth.service.url` that configures the REST endpoint location of a PowerAuth Server. The default value for this property points to `localhost`:
 
 ```bash
 powerauth.service.url=http://localhost:8080/powerauth-java-server/rest
@@ -33,20 +35,20 @@ The credentials are stored in the `pa_integration` table.
 
 _Note: The RESTful interface is secured using Basic HTTP Authentication (pre-emptive). For SOAP interface used in the Java EE integration, PowerAuth Server uses WS-Security, `UsernameToken` validation (plain text password)._ 
 
-## Deploying PowerAuth Standard RESTful API
+## Deploying Enrollment Server
 
-You can deploy PowerAuth Standard RESTful API WAR into any Java EE container.
+You can deploy Enrollment Server WAR into any Java EE container.
 
-The default configuration works best with Apache Tomcat server running on default port 8080. In this case, the deployed server is accessible on `http://localhost:8080/powerauth-restful-server/`.
+The default configuration works best with Apache Tomcat server running on default port 8080. In this case, the deployed server is accessible on `http://localhost:8080/enrollment-server/`.
 
-To deploy PowerAuth Standard RESTful API to Apache Tomcat, simply copy the WAR file in your `webapps` folder or deploy it using the "Tomcat Web Application Manager" application (usually deployed on default Tomcat address `http://localhost:8080/manager`).
+To deploy Enrollment Server to Apache Tomcat, simply copy the WAR file in your `webapps` folder or deploy it using the "Tomcat Web Application Manager" application (usually deployed on default Tomcat address `http://localhost:8080/manager`).
 
-## Deploying PowerAuth Standard RESTful API Outside the Container
+## Deploying Enrollment Server Outside the Container
 
 You can also execute WAR file directly using the following command:
 
 ```bash
-java -jar powerauth-restful-server.war
+java -jar enrollment-server.war
 ```
 
 _Note: You can overwrite the port using `-Dserver.port=8090` parameter to avoid port conflicts._
diff --git a/powerauth-restful-server-spring/.gitignore b/powerauth-restful-server-spring/.gitignore
deleted file mode 100644
index 99d2bb15..00000000
--- a/powerauth-restful-server-spring/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-/target/
-/build/
diff --git a/powerauth-restful-server-spring/pom.xml b/powerauth-restful-server-spring/pom.xml
deleted file mode 100644
index b86f988b..00000000
--- a/powerauth-restful-server-spring/pom.xml
+++ /dev/null
@@ -1,117 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-~ PowerAuth integration libraries for RESTful API applications, examples and
-~ related software components
-~
-~ Copyright (C) 2018 Wultra s.r.o.
-~
-~ This program is free software: you can redistribute it and/or modify
-~ it under the terms of the GNU Affero General Public License as published
-~ by the Free Software Foundation, either version 3 of the License, or
-~ (at your option) any later version.
-~
-~ This program is distributed in the hope that it will be useful,
-~ but WITHOUT ANY WARRANTY; without even the implied warranty of
-~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-~ GNU Affero General Public License for more details.
-~
-~ You should have received a copy of the GNU Affero General Public License
-~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-
-    <name>powerauth-restful-server-spring</name>
-    <description>PowerAuth Standard RESTful API</description>
-    <artifactId>powerauth-restful-server-spring</artifactId>
-    <version>1.2.0-SNAPSHOT</version>
-    <packaging>war</packaging>
-
-    <parent>
-        <groupId>org.springframework.boot</groupId>
-        <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.4.5</version>
-        <relativePath/> <!-- lookup parent from repository -->
-    </parent>
-
-    <dependencies>
-
-        <!-- Spring Dependencies -->
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-tomcat</artifactId>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-test</artifactId>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.ws</groupId>
-            <artifactId>spring-ws-security</artifactId>
-            <exclusions>
-                <exclusion>
-                    <artifactId>bcprov-jdk15on</artifactId>
-                    <groupId>org.bouncycastle</groupId>
-                </exclusion>
-                <exclusion>
-                    <artifactId>ehcache</artifactId>
-                    <groupId>net.sf.ehcache</groupId>
-                </exclusion>
-                <exclusion>
-                    <artifactId>geronimo-javamail_1.4_mail</artifactId>
-                    <groupId>org.apache.geronimo.javamail</groupId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-
-        <!-- PowerAuth Dependencies -->
-        <dependency>
-            <groupId>io.getlime.security</groupId>
-            <artifactId>powerauth-restful-security-spring</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
-        </dependency>
-
-        <!-- Other Dependencies -->
-        <dependency>
-            <groupId>com.google.guava</groupId>
-            <artifactId>guava</artifactId>
-            <version>30.1.1-jre</version>
-        </dependency>
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcprov-jdk15on</artifactId>
-            <version>1.68</version>
-        </dependency>
-
-    </dependencies>
-
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.springframework.boot</groupId>
-                <artifactId>spring-boot-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>build-info</id>
-                        <goals>
-                            <goal>build-info</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-deploy-plugin</artifactId>
-                <version>3.0.0-M1</version>
-                <configuration>
-                    <skip>true</skip>
-                </configuration>
-            </plugin>
-        </plugins>
-    </build>
-
-</project>
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/PowerAuthApiJavaApplication.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/PowerAuthApiJavaApplication.java
deleted file mode 100644
index d43ba90a..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/PowerAuthApiJavaApplication.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-/**
- * Spring Boot main class
- */
-@SpringBootApplication
-public class PowerAuthApiJavaApplication {
-
-    /**
-     * Main method
-     * @param args Arguments
-     */
-    public static void main(String[] args) {
-        SpringApplication.run(PowerAuthApiJavaApplication.class, args);
-    }
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/ServletInitializer.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/ServletInitializer.java
deleted file mode 100644
index c3aac79d..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/ServletInitializer.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.springframework.boot.builder.SpringApplicationBuilder;
-import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
-
-import java.security.Security;
-
-/**
- * Servlet initializer 
- */
-public class ServletInitializer extends SpringBootServletInitializer {
-
-    @Override
-    protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
-        Security.addProvider(new BouncyCastleProvider());
-        return application.sources(PowerAuthApiJavaApplication.class);
-    }
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
deleted file mode 100644
index ecee2ae2..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.configuration;
-
-import io.getlime.security.powerauth.rest.api.base.application.PowerAuthApplicationConfiguration;
-import org.springframework.context.annotation.Configuration;
-
-import java.util.Map;
-
-/**
- * Default implementation of PowerAuthApplicationConfiguration interface. 
- * @author Petr Dvorak
- *
- */
-@Configuration
-public class ApplicationConfiguration implements PowerAuthApplicationConfiguration {
-
-    @Override
-    public Map<String, Object> statusServiceCustomObject() {
-        return null;
-    }
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/PowerAuthWebServiceConfiguration.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/PowerAuthWebServiceConfiguration.java
deleted file mode 100644
index ec311933..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/PowerAuthWebServiceConfiguration.java
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.configuration;
-
-import com.wultra.security.powerauth.client.PowerAuthClient;
-import com.wultra.security.powerauth.client.model.error.PowerAuthClientException;
-import com.wultra.security.powerauth.rest.client.PowerAuthRestClient;
-import com.wultra.security.powerauth.rest.client.PowerAuthRestClientConfiguration;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Configuration;
-
-/**
- * Default PowerAuth Service configuration.
- *
- * @author Petr Dvorak
- *
- */
-@Configuration
-@ComponentScan(basePackages = {"io.getlime.security.powerauth"})
-public class PowerAuthWebServiceConfiguration {
-
-    private static final Logger logger = LoggerFactory.getLogger(PowerAuthWebServiceConfiguration.class);
-
-    @Value("${powerauth.service.url}")
-    private String powerAuthRestUrl;
-
-    @Value("${powerauth.service.security.clientToken}")
-    private String clientToken;
-
-    @Value("${powerauth.service.security.clientSecret}")
-    private String clientSecret;
-
-    @Value("${powerauth.integration.service.applicationName}")
-    private String applicationName;
-
-    @Value("${powerauth.integration.service.applicationDisplayName}")
-    private String applicationDisplayName;
-
-    @Value("${powerauth.integration.service.applicationEnvironment}")
-    private String applicationEnvironment;
-
-    @Bean
-    public PowerAuthClient powerAuthClient() {
-        PowerAuthRestClientConfiguration config = new PowerAuthRestClientConfiguration();
-        config.setPowerAuthClientToken(clientToken);
-        config.setPowerAuthClientSecret(clientSecret);
-        try {
-            return new PowerAuthRestClient(powerAuthRestUrl, config);
-        } catch (PowerAuthClientException ex) {
-            // Log the error in case Rest client initialization failed
-            logger.error(ex.getMessage(), ex);
-            return null;
-        }
-    }
-
-    public String getApplicationName() {
-        return applicationName;
-    }
-
-    public void setApplicationName(String applicationName) {
-        this.applicationName = applicationName;
-    }
-
-    public String getApplicationDisplayName() {
-        return applicationDisplayName;
-    }
-
-    public void setApplicationDisplayName(String applicationDisplayName) {
-        this.applicationDisplayName = applicationDisplayName;
-    }
-
-    public String getApplicationEnvironment() {
-        return applicationEnvironment;
-    }
-
-    public void setApplicationEnvironment(String applicationEnvironment) {
-        this.applicationEnvironment = applicationEnvironment;
-    }
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/SecurityConfig.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/SecurityConfig.java
deleted file mode 100644
index 0c8ef0c5..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/SecurityConfig.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.configuration;
-
-import io.getlime.security.powerauth.rest.api.spring.entrypoint.PowerAuthApiAuthenticationEntryPoint;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-
-/**
- * Spring Security default configuration maps the default "entry-point" to all
- * end-points on /secured/** context path, disables HTTP basic and disables CSRF.
- *
- * @author Petr Dvorak
- *
- */
-@Configuration
-@EnableWebSecurity
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
-
-    private PowerAuthApiAuthenticationEntryPoint apiAuthenticationEntryPoint;
-
-    @Autowired
-    public void setApiAuthenticationEntryPoint(PowerAuthApiAuthenticationEntryPoint apiAuthenticationEntryPoint) {
-        this.apiAuthenticationEntryPoint = apiAuthenticationEntryPoint;
-    }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.httpBasic().disable();
-        http.csrf().disable();
-        http.authorizeRequests().antMatchers("/secured/**").fullyAuthenticated();
-        http.exceptionHandling().authenticationEntryPoint(apiAuthenticationEntryPoint);
-    }
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
deleted file mode 100644
index cb468dad..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.configuration;
-
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthAnnotationInterceptor;
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryptionArgumentResolver;
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthWebArgumentResolver;
-import io.getlime.security.powerauth.rest.api.spring.filter.PowerAuthRequestFilter;
-import org.springframework.boot.web.servlet.FilterRegistrationBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.method.support.HandlerMethodArgumentResolver;
-import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-import java.util.List;
-
-/**
- * Default implementation of WebMvcConfigurer, maps PowerAuthRequestFilter instance
- * (that passes HTTP request body to the request as an attribute, so that it's available
- * in the controller) to /pa/signature/validate demo end-point.
- *
- * @author Petr Dvorak
- *
- */
-@Configuration
-public class WebApplicationConfig implements WebMvcConfigurer {
-
-    /**
-     * Register a new @PowerAuth annotation interceptor.
-     * @return New annotation interceptor bean.
-     */
-    @Bean
-    public PowerAuthAnnotationInterceptor powerAuthInterceptor() {
-        return new PowerAuthAnnotationInterceptor();
-    }
-
-    /**
-     * Register new method argument resolvers.
-     * @return New PowerAuthWebArgumentResolver bean.
-     */
-    @Bean
-    public PowerAuthWebArgumentResolver powerAuthWebArgumentResolver() {
-        return new PowerAuthWebArgumentResolver();
-    }
-
-    /**
-     * Register new method argument resolver for encryption.
-     * @return New PowerAuthEncryptionArgumentResolver bean.
-     */
-    @Bean
-    public PowerAuthEncryptionArgumentResolver powerAuthEncryptionArgumentResolver() {
-        return new PowerAuthEncryptionArgumentResolver();
-    }
-
-    /**
-     * Register a new PowerAuthRequestFilter and map it to /* end-point.
-     * @return PowerAuthRequestFilter instance.
-     */
-    @Bean
-    public FilterRegistrationBean<PowerAuthRequestFilter> powerAuthFilterRegistration() {
-        FilterRegistrationBean<PowerAuthRequestFilter> registrationBean = new FilterRegistrationBean<>();
-        registrationBean.setFilter(new PowerAuthRequestFilter());
-        registrationBean.setMatchAfter(true);
-        return registrationBean;
-    }
-
-    /**
-     * Add method argument resolver for PowerAuthApiAuthentication.
-     * @param argumentResolvers List of argument resolvers.
-     */
-    @Override
-    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
-        argumentResolvers.add(powerAuthWebArgumentResolver());
-        argumentResolvers.add(powerAuthEncryptionArgumentResolver());
-    }
-
-    /**
-     * Add annotation interceptor.
-     * @param registry Registry of annotation interceptors.
-     */
-    @Override
-    public void addInterceptors(InterceptorRegistry registry) {
-        registry.addInterceptor(powerAuthInterceptor());
-    }
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
deleted file mode 100644
index f50d665a..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.controller;
-
-import io.getlime.core.rest.model.base.response.ObjectResponse;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.*;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * Sample end-point demonstrating how PowerAuth signature validation works.
- *
- * @author Petr Dvorak
- *
- */
-@Controller
-public class AuthenticationController {
-
-    /**
-     * Validate any data sent to this end-point.
-     * @param auth Automatically injected PowerAuth authentication object.
-     * @return API response with success.
-     * @throws PowerAuthAuthenticationException In case any error occurs, including during signature validation.
-     */
-    @RequestMapping(value = "login", method = RequestMethod.POST)
-    @PowerAuth(resourceId = "/login")
-    public @ResponseBody ObjectResponse<String> login(PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
-
-        // ##EXAMPLE: Here, we could store the authentication in the session like this:
-        // ##EXAMPLE: SecurityContextHolder.getContext().setAuthentication(apiAuthentication);
-        // ##EXAMPLE: ... or you can grab a user ID like this and use it for querying back-end:
-        // ##EXAMPLE: String userId = apiAuthentication.getUserId();
-
-        if (auth == null || auth.getUserId() == null) {
-            throw new PowerAuthSignatureInvalidException();
-        }
-        return new ObjectResponse<>("Hooray! "
-                + " User: " + auth.getUserId()
-                + " (activation: " + auth.getActivationId() + ")"
-                + " successfully verified via app with ID: " + auth.getApplicationId()
-                + " using factor: " + auth.getSignatureFactors()
-        );
-    }
-
-    /**
-     * Validate any data sent to this end-point.
-     * @param auth Automatically injected PowerAuth authentication object.
-     * @return API response with success.
-     * @throws PowerAuthAuthenticationException In case any error occurs, including during signature validation.
-     */
-    @RequestMapping(value = "login", method = RequestMethod.GET)
-    @PowerAuth(resourceId = "/login")
-    public @ResponseBody ObjectResponse<String> getLogin(PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
-
-        // ##EXAMPLE: Here, we could store the authentication in the session like this:
-        // ##EXAMPLE: SecurityContextHolder.getContext().setAuthentication(apiAuthentication);
-        // ##EXAMPLE: ... or you can grab a user ID like this and use it for querying back-end:
-        // ##EXAMPLE: String userId = apiAuthentication.getUserId();
-
-        if (auth == null || auth.getUserId() == null) {
-            throw new PowerAuthSignatureInvalidException();
-        }
-        return new ObjectResponse<>("Hooray! User: " + auth.getUserId());
-    }
-
-    /**
-     * Validate any data sent to this end-point, uses substitutes in resource ID.
-     * @param id Identifier - testing object for @PathVariable annotation.
-     * @param value Value - testing object for @RequestParam annotation.
-     * @param auth Automatically injected PowerAuth authentication object.
-     * @return API response with success.
-     * @throws PowerAuthAuthenticationException In case any error occurs, including during signature validation.
-     */
-    @RequestMapping(value = "submit/{id}/test", method = RequestMethod.POST)
-    @PowerAuth(resourceId = "/submit/${id}/test?value=${value}")
-    public @ResponseBody ObjectResponse<?> dynamicResourceId(@PathVariable("id") String id, @RequestParam("value") String value, PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
-
-        // ##EXAMPLE: Here, we could store the authentication in the session like this:
-        // ##EXAMPLE: SecurityContextHolder.getContext().setAuthentication(apiAuthentication);
-        // ##EXAMPLE: ... or you can grab a user ID like this and use it for querying back-end:
-        // ##EXAMPLE: String userId = apiAuthentication.getUserId();
-
-        if (auth == null || auth.getUserId() == null) {
-            throw new PowerAuthSignatureInvalidException();
-        }
-
-        final Map<String, String> map = new HashMap<>();
-        map.put("user", auth.getUserId());
-        map.put("id", id);
-        map.put("value", value);
-
-        return new ObjectResponse<>(map);
-    }
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/ServiceController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/ServiceController.java
deleted file mode 100644
index 5353af86..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/ServiceController.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.controller;
-
-import io.getlime.core.rest.model.base.response.ObjectResponse;
-import io.getlime.security.powerauth.app.rest.api.spring.configuration.PowerAuthWebServiceConfiguration;
-import io.getlime.security.powerauth.rest.api.model.response.v3.ServiceStatusResponse;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.info.BuildProperties;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
-
-import java.util.Date;
-
-/**
- * Class representing controller used for service and maintenance purpose.
- *
- * @author Roman Strobl, roman.strobl@wultra.com
- */
-@Controller
-@RequestMapping(value = "/api/service")
-public class ServiceController {
-
-    private final PowerAuthWebServiceConfiguration powerAuthWebServiceConfiguration;
-    private BuildProperties buildProperties;
-
-    @Autowired
-    public ServiceController(PowerAuthWebServiceConfiguration powerAuthWebServiceConfiguration) {
-        this.powerAuthWebServiceConfiguration = powerAuthWebServiceConfiguration;
-    }
-
-    @Autowired(required = false)
-    public void setBuildProperties(BuildProperties buildProperties) {
-        this.buildProperties = buildProperties;
-    }
-
-    /**
-     * Controller resource with system information.
-     * @return System status info.
-     */
-    @RequestMapping(value = "status", method = RequestMethod.GET)
-    public @ResponseBody ObjectResponse<ServiceStatusResponse> getServiceStatus() {
-        ServiceStatusResponse response = new ServiceStatusResponse();
-        response.setApplicationName(powerAuthWebServiceConfiguration.getApplicationName());
-        response.setApplicationDisplayName(powerAuthWebServiceConfiguration.getApplicationDisplayName());
-        response.setApplicationEnvironment(powerAuthWebServiceConfiguration.getApplicationEnvironment());
-        if (buildProperties != null) {
-            response.setVersion(buildProperties.getVersion());
-            response.setBuildTime(Date.from(buildProperties.getTime()));
-        }
-        response.setTimestamp(new Date());
-        return new ObjectResponse<>(response);
-    }
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java
deleted file mode 100644
index ce12e42f..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.controller.v2;
-
-import com.wultra.security.powerauth.client.PowerAuthClient;
-import com.wultra.security.powerauth.client.v2.CreateActivationResponse;
-import io.getlime.core.rest.model.base.request.ObjectRequest;
-import io.getlime.core.rest.model.base.response.ObjectResponse;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthNonPersonalizedEncryptor;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthActivationException;
-import io.getlime.security.powerauth.rest.api.base.provider.CustomActivationProvider;
-import io.getlime.security.powerauth.rest.api.model.entity.ActivationType;
-import io.getlime.security.powerauth.rest.api.model.entity.NonPersonalizedEncryptedPayloadModel;
-import io.getlime.security.powerauth.rest.api.model.request.v2.ActivationCreateCustomRequest;
-import io.getlime.security.powerauth.rest.api.model.request.v2.ActivationCreateRequest;
-import io.getlime.security.powerauth.rest.api.model.response.v2.ActivationCreateResponse;
-import io.getlime.security.powerauth.rest.api.spring.encryption.EncryptorFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RestController;
-
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-/**
- * Sample controller for a custom activation implementation.
- *
- * <p><b>PowerAuth protocol versions:</b>
- * <ul>
- *     <li>2.0</li>
- *     <li>2.1</li>
- * </ul>
- *
- * @author Petr Dvorak, petr@wultra.com
- */
-@RestController("customActivationControllerV2")
-@RequestMapping(value = "/pa/activation/direct")
-public class CustomActivationController {
-
-    private static final Logger logger = LoggerFactory.getLogger(CustomActivationController.class);
-
-    private PowerAuthClient powerAuthClient;
-
-    private EncryptorFactory encryptorFactory;
-
-    private CustomActivationProvider activationProvider;
-
-    @Autowired
-    public void setPowerAuthClient(PowerAuthClient powerAuthClient) {
-        this.powerAuthClient = powerAuthClient;
-    }
-
-    @Autowired
-    public void setEncryptorFactory(EncryptorFactory encryptorFactory) {
-        this.encryptorFactory = encryptorFactory;
-    }
-
-    @Autowired(required = false)
-    public void setPowerAuthActivationProvider(CustomActivationProvider activationProvider) {
-        this.activationProvider = activationProvider;
-    }
-
-    /**
-     * Sample custom activation implementation for version 2 of activations.
-     *
-     * @param encryptedRequest Activation request encrypted using non-personalised end-to-end encryption.
-     * @return Encrypted activation response.
-     * @throws PowerAuthActivationException In case custom activation fails.
-     */
-    @RequestMapping(value = "create", method = RequestMethod.POST)
-    public ObjectResponse<NonPersonalizedEncryptedPayloadModel> createActivationV2(
-            @RequestBody ObjectRequest<NonPersonalizedEncryptedPayloadModel> encryptedRequest
-    ) throws PowerAuthActivationException {
-        try {
-
-            // Check if there is any user provider to be autowired
-            if (activationProvider == null) {
-                logger.warn("Activation provider is missing");
-                throw new PowerAuthActivationException();
-            }
-
-            // Prepare an encryptor
-            final PowerAuthNonPersonalizedEncryptor encryptor = encryptorFactory.buildNonPersonalizedEncryptor(encryptedRequest);
-            if (encryptor == null) {
-                logger.warn("Encryptor is not available");
-                throw new PowerAuthActivationException();
-            }
-
-            // Decrypt the request object
-            ActivationCreateCustomRequest request = encryptor.decrypt(encryptedRequest, ActivationCreateCustomRequest.class);
-
-            if (request == null) {
-                logger.warn("Invalid request in activation create");
-                throw new PowerAuthActivationException();
-            }
-
-            // Create context for passing parameters between activation provider calls
-            Map<String, Object> context = new LinkedHashMap<>();
-
-            // Lookup user ID using a provided identity
-            final Map<String, String> identity = request.getIdentity();
-            String userId = activationProvider.lookupUserIdForAttributes(identity, context);
-
-            // If no user was found or user ID is invalid, return error
-            if (userId == null || userId.equals("") || userId.length() > 255) {
-                logger.warn("User ID is invalid: {}", userId);
-                throw new PowerAuthActivationException();
-            }
-
-            // Create activation for a looked up user and application related to the given application key
-            ActivationCreateRequest acr = request.getPowerauth();
-            CreateActivationResponse response = powerAuthClient.v2().createActivation(
-                    acr.getApplicationKey(),
-                    userId,
-                    acr.getActivationIdShort(),
-                    acr.getActivationName(),
-                    acr.getActivationNonce(),
-                    acr.getEphemeralPublicKey(),
-                    acr.getEncryptedDevicePublicKey(),
-                    acr.getExtras(),
-                    acr.getApplicationSignature()
-            );
-
-            // Process custom attributes using a custom logic
-            final Map<String, Object> customAttributes = request.getCustomAttributes();
-            activationProvider.processCustomActivationAttributes(customAttributes, response.getActivationId(), userId, null, ActivationType.CUSTOM, context);
-
-            // Prepare the created activation response data
-            ActivationCreateResponse createResponse = new ActivationCreateResponse();
-            createResponse.setActivationId(response.getActivationId());
-            createResponse.setEphemeralPublicKey(response.getEphemeralPublicKey());
-            createResponse.setActivationNonce(response.getActivationNonce());
-            createResponse.setEncryptedServerPublicKey(response.getEncryptedServerPublicKey());
-            createResponse.setEncryptedServerPublicKeySignature(response.getEncryptedServerPublicKeySignature());
-
-            // Encrypt response object
-            final ObjectResponse<NonPersonalizedEncryptedPayloadModel> powerAuthApiResponse = encryptor.encrypt(createResponse);
-
-            // Check if activation should be committed instantly and if yes, perform commit
-            if (activationProvider.shouldAutoCommitActivation(identity, customAttributes, response.getActivationId(), userId, null, ActivationType.CUSTOM, context)) {
-                powerAuthClient.commitActivation(response.getActivationId(), null);
-            }
-
-            // Return response
-            return powerAuthApiResponse;
-
-        } catch (Exception ex) {
-            logger.warn("Create activation failed, error: {}", ex.getMessage());
-            logger.debug(ex.getMessage(), ex);
-            throw new PowerAuthActivationException();
-        }
-
-    }
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java
deleted file mode 100644
index efb308c4..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.controller.v2;
-
-import io.getlime.core.rest.model.base.request.ObjectRequest;
-import io.getlime.core.rest.model.base.response.ObjectResponse;
-import io.getlime.security.powerauth.crypto.lib.model.exception.CryptoProviderException;
-import io.getlime.security.powerauth.crypto.lib.model.exception.GenericCryptoException;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthNonPersonalizedEncryptor;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthEncryptionException;
-import io.getlime.security.powerauth.rest.api.model.entity.NonPersonalizedEncryptedPayloadModel;
-import io.getlime.security.powerauth.rest.api.spring.encryption.EncryptorFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RestController;
-
-import java.security.InvalidKeyException;
-
-/**
- * Sample end-point demonstrating how to receive and send encrypted data.
- *
- * <p><b>PowerAuth protocol versions:</b>
- * <ul>
- *     <li>2.0</li>
- *     <li>2.1</li>
- * </ul>
- *
- * @author Roman Strobl, roman.strobl@wultra.com
- */
-@RestController("encryptedDataExchangeControllerV2")
-public class EncryptedDataExchangeController {
-
-    private static final Logger logger = LoggerFactory.getLogger(EncryptedDataExchangeController.class);
-
-    private EncryptorFactory encryptorFactory;
-
-    @Autowired
-    public void setEncryptorFactory(EncryptorFactory encryptorFactory) {
-        this.encryptorFactory = encryptorFactory;
-    }
-
-    /**
-     * Sample encrypted data exchange.
-     *
-     * @param request Encrypted request.
-     * @return Encrypted response.
-     * @throws PowerAuthEncryptionException In case encryption or decryption fails.
-     */
-    @RequestMapping(value = "exchange", method = RequestMethod.POST)
-    public ObjectResponse<NonPersonalizedEncryptedPayloadModel> exchange(@RequestBody ObjectRequest<NonPersonalizedEncryptedPayloadModel> request) throws PowerAuthEncryptionException {
-        if (request == null) {
-            logger.warn("Invalid request in exchange method");
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Prepare an encryptor
-        final PowerAuthNonPersonalizedEncryptor encryptor = encryptorFactory.buildNonPersonalizedEncryptor(request);
-        if (encryptor == null) {
-            logger.warn("Encryptor is not available");
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Decrypt the request object
-        byte[] requestDataBytes;
-        try {
-            requestDataBytes = encryptor.decrypt(request);
-        } catch (GenericCryptoException | CryptoProviderException | InvalidKeyException ex) {
-            logger.warn("Encryption failed, error: {}", ex.getMessage());
-            logger.debug(ex.getMessage(), ex);
-            throw new PowerAuthEncryptionException();
-        }
-
-        if (requestDataBytes == null) {
-            logger.warn("Invalid request data in exchange method");
-            throw new PowerAuthEncryptionException();
-        }
-
-        String requestData = new String(requestDataBytes);
-
-        // Return a slightly different String containing original data in response
-        String responseData = "Server successfully decrypted data: " + requestData;
-
-        // Encrypt response data
-        ObjectResponse<NonPersonalizedEncryptedPayloadModel> encryptedResponse;
-        try {
-            encryptedResponse = encryptor.encrypt(responseData.getBytes());
-        } catch (GenericCryptoException | CryptoProviderException | InvalidKeyException ex) {
-            logger.warn("Encryption failed, error: {}", ex.getMessage());
-            logger.debug(ex.getMessage(), ex);
-            throw new PowerAuthEncryptionException();
-        }
-
-        return encryptedResponse;
-    }
-
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
deleted file mode 100644
index 6cd7ac2f..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
+++ /dev/null
@@ -1,236 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.controller.v3;
-
-import io.getlime.core.rest.model.base.request.ObjectRequest;
-import io.getlime.core.rest.model.base.response.ObjectResponse;
-import io.getlime.security.powerauth.app.rest.api.spring.model.request.DataExchangeRequest;
-import io.getlime.security.powerauth.app.rest.api.spring.model.response.DataExchangeResponse;
-import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesScope;
-import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
-import io.getlime.security.powerauth.rest.api.base.encryption.EciesEncryptionContext;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
-import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthEncryptionException;
-import io.getlime.security.powerauth.rest.api.base.exception.authentication.PowerAuthSignatureInvalidException;
-import io.getlime.security.powerauth.rest.api.spring.annotation.EncryptedRequestBody;
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryption;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RestController;
-
-/**
- * Sample end-point demonstrating how to receive and send encrypted data.
- *
- * <p><b>PowerAuth protocol versions:</b>
- * <ul>
- *     <li>3.0</li>
- * </ul>
- *
- * @author Roman Strobl, roman.strobl@wultra.com
- */
-@RestController("encryptedDataExchangeControllerV3")
-@RequestMapping(value = "/exchange")
-public class EncryptedDataExchangeController {
-
-    private final static Logger logger = LoggerFactory.getLogger(EncryptedDataExchangeController.class);
-
-    /**
-     * Sample encrypted data exchange in application scope.
-     *
-     * @param request Data exchange request.
-     * @param eciesContext ECIES context.
-     * @return Data exchange response.
-     * @throws PowerAuthEncryptionException In case encryption or decryption fails.
-     */
-    @RequestMapping(value = "v3/application", method = RequestMethod.POST)
-    @PowerAuthEncryption(scope = EciesScope.APPLICATION_SCOPE)
-    public DataExchangeResponse exchangeInApplicationScope(@EncryptedRequestBody DataExchangeRequest request,
-                                             EciesEncryptionContext eciesContext) throws PowerAuthEncryptionException {
-
-        if (eciesContext == null) {
-            logger.error("Encryption failed");
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Return a slightly different String containing original data in response
-        return new DataExchangeResponse("Server successfully decrypted signed data: " + (request == null ? "''" : request.getData()) + ", scope: " + eciesContext.getEciesScope());
-    }
-
-    /**
-     * Sample encrypted data exchange in activation scope.
-     *
-     * @param request Data exchange request.
-     * @param eciesContext ECIES context.
-     * @return Data exchange response.
-     * @throws PowerAuthEncryptionException In case encryption or decryption fails.
-     */
-    @RequestMapping(value = "v3/activation", method = RequestMethod.POST)
-    @PowerAuthEncryption(scope = EciesScope.ACTIVATION_SCOPE)
-    public DataExchangeResponse exchangeInActivationScope(@EncryptedRequestBody DataExchangeRequest request,
-                                            EciesEncryptionContext eciesContext) throws PowerAuthEncryptionException {
-
-        if (eciesContext == null) {
-            logger.error("Encryption failed");
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Return a slightly different String containing original data in response
-        return new DataExchangeResponse("Server successfully decrypted signed data: " + (request == null ? "''" : request.getData()) + ", scope: " + eciesContext.getEciesScope());
-    }
-
-    /**
-     * Sample signed and encrypted data exchange.
-     *
-     * @param request Data exchange request.
-     * @param eciesContext ECIES context.
-     * @param auth PowerAuth authentication object.
-     * @return Data exchange response.
-     * @throws PowerAuthAuthenticationException In case signature validation fails.
-     * @throws PowerAuthEncryptionException In case encryption or decryption fails.
-     */
-    @RequestMapping(value = "v3/signed", method = RequestMethod.POST)
-    @PowerAuth(resourceId = "/exchange/v3/signed")
-    @PowerAuthEncryption(scope = EciesScope.ACTIVATION_SCOPE)
-    public DataExchangeResponse exchangeSignedAndEncryptedData(@EncryptedRequestBody DataExchangeRequest request,
-                                                                EciesEncryptionContext eciesContext,
-                                                                PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
-
-        if (auth == null || auth.getUserId() == null) {
-            logger.info("Signature validation failed");
-            throw new PowerAuthSignatureInvalidException();
-        }
-
-        if (eciesContext == null) {
-            logger.error("Encryption failed");
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Return a slightly different String containing original data in response
-        return new DataExchangeResponse("Server successfully decrypted data and verified signature, request data: " + (request == null ? "''" : request.getData()) + ", user ID: " + auth.getUserId());
-    }
-
-    /**
-     * Sample signed and encrypted data exchange of String data.
-     *
-     * @param requestData Request with String data.
-     * @param eciesContext ECIES context.
-     * @param auth PowerAuth authentication object.
-     * @return Data exchange response.
-     * @throws PowerAuthAuthenticationException In case signature validation fails.
-     * @throws PowerAuthEncryptionException In case encryption or decryption fails.
-     */
-    @RequestMapping(value = "v3/signed/string", method = RequestMethod.POST)
-    @PowerAuth(resourceId = "/exchange/v3/signed/string")
-    @PowerAuthEncryption(scope = EciesScope.ACTIVATION_SCOPE)
-    public String exchangeSignedAndEncryptedDataString(@EncryptedRequestBody String requestData,
-                                                                       EciesEncryptionContext eciesContext,
-                                                                       PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
-
-        if (auth == null || auth.getUserId() == null) {
-            logger.info("Signature validation failed");
-            throw new PowerAuthSignatureInvalidException();
-        }
-
-        if (eciesContext == null) {
-            logger.error("Encryption failed");
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Return a slightly different String containing original data in response
-        return "Server successfully decrypted data and verified signature, request data: " + requestData + ", user ID: " + auth.getUserId();
-    }
-
-    /**
-     * Sample signed and encrypted data exchange of raw data as byte[].
-     *
-     * @param requestData Request with raw byte[] data.
-     * @param eciesContext ECIES context.
-     * @param auth PowerAuth authentication object.
-     * @return Data exchange response.
-     * @throws PowerAuthAuthenticationException In case signature validation fails.
-     * @throws PowerAuthEncryptionException In case encryption or decryption fails.
-     */
-    @RequestMapping(value = "v3/signed/raw", method = RequestMethod.POST)
-    @PowerAuth(resourceId = "/exchange/v3/signed/raw")
-    @PowerAuthEncryption(scope = EciesScope.ACTIVATION_SCOPE)
-    public byte[] exchangeSignedAndEncryptedDataRaw(@EncryptedRequestBody byte[] requestData,
-                                                               EciesEncryptionContext eciesContext,
-                                                               PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
-
-        if (auth == null || auth.getUserId() == null) {
-            logger.info("Signature validation failed");
-            throw new PowerAuthSignatureInvalidException();
-        }
-
-        if (eciesContext == null) {
-            logger.error("Encryption failed");
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Return data back for verification
-        return requestData;
-    }
-
-    /**
-     * Sample signed and encrypted data exchange of generified request.
-     *
-     * @param request Request with generified request data.
-     * @param eciesContext ECIES context.
-     * @param auth PowerAuth authentication object.
-     * @return Generified data exchange response.
-     * @throws PowerAuthAuthenticationException In case signature validation fails.
-     * @throws PowerAuthEncryptionException In case encryption or decryption fails.
-     */
-    @RequestMapping(value = "v3/signed/generics", method = RequestMethod.POST)
-    @PowerAuth(resourceId = "/exchange/v3/signed/generics")
-    @PowerAuthEncryption(scope = EciesScope.ACTIVATION_SCOPE)
-    public ObjectResponse<DataExchangeResponse> exchangeSignedAndEncryptedDataGenerics(@EncryptedRequestBody ObjectRequest<DataExchangeRequest> request,
-                                                                                       EciesEncryptionContext eciesContext,
-                                                                                       PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException, PowerAuthEncryptionException {
-        if (auth == null || auth.getUserId() == null) {
-            logger.info("Signature validation failed");
-            throw new PowerAuthSignatureInvalidException();
-        }
-
-        if (eciesContext == null) {
-            logger.error("Encryption failed");
-            throw new PowerAuthEncryptionException();
-        }
-
-        if (request == null) {
-            logger.error("Missing request");
-            throw new PowerAuthEncryptionException();
-        }
-
-        if (request.getRequestObject() == null) {
-            logger.error("Invalid request");
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Return generified data back for verification
-        DataExchangeResponse response = new DataExchangeResponse();
-        response.setData(request.getRequestObject().getData());
-        return new ObjectResponse<>(response);
-    }
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/errorhandling/DefaultExceptionHandler.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/errorhandling/DefaultExceptionHandler.java
deleted file mode 100644
index 66fe3d9a..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/errorhandling/DefaultExceptionHandler.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.errorhandling;
-
-import io.getlime.core.rest.model.base.entity.Error;
-import io.getlime.core.rest.model.base.response.ErrorResponse;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.http.HttpStatus;
-import org.springframework.web.bind.annotation.ControllerAdvice;
-import org.springframework.web.bind.annotation.ExceptionHandler;
-import org.springframework.web.bind.annotation.ResponseBody;
-import org.springframework.web.bind.annotation.ResponseStatus;
-
-/**
- * Implementation of a default exception handler for the demo server.
- *
- * @author Petr Dvorak, petr@wultra.com
- *
- */
-@ControllerAdvice
-public class DefaultExceptionHandler {
-
-    private static final Logger logger = LoggerFactory.getLogger(DefaultExceptionHandler.class);
-
-    /**
-     * Handle Exception exceptions.
-     * @param exception Exception instance.
-     * @return Error response.
-     */
-    @ExceptionHandler(value = Exception.class)
-    @ResponseStatus(value = HttpStatus.BAD_REQUEST)
-    public @ResponseBody ErrorResponse handleException(Exception exception) {
-        logger.warn(exception.getMessage(), exception);
-        return new ErrorResponse(Error.Code.ERROR_GENERIC, exception);
-    }
-
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/model/request/DataExchangeRequest.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/model/request/DataExchangeRequest.java
deleted file mode 100644
index 9211e3b0..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/model/request/DataExchangeRequest.java
+++ /dev/null
@@ -1,41 +0,0 @@
-package io.getlime.security.powerauth.app.rest.api.spring.model.request;
-
-/**
- * Sample model class with request data.
- *
- * @author Roman Strobl, roman.strobl@wultra.com
- */
-public class DataExchangeRequest {
-
-    private String data;
-
-    /**
-     * Default constructor.
-     */
-    public DataExchangeRequest() {
-    }
-
-    /**
-     * Constructor with data.
-     * @param data Data.
-     */
-    public DataExchangeRequest(String data) {
-        this.data = data;
-    }
-
-    /**
-     * Get data.
-     * @return Data.
-     */
-    public String getData() {
-        return data;
-    }
-
-    /**
-     * Set data.
-     * @param data Data.
-     */
-    public void setData(String data) {
-        this.data = data;
-    }
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/model/response/DataExchangeResponse.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/model/response/DataExchangeResponse.java
deleted file mode 100644
index ca791ae6..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/model/response/DataExchangeResponse.java
+++ /dev/null
@@ -1,41 +0,0 @@
-package io.getlime.security.powerauth.app.rest.api.spring.model.response;
-
-/**
- * Sample model class with response data.
- *
- * @author Roman Strobl, roman.strobl@wultra.com
- */
-public class DataExchangeResponse {
-
-    private String data;
-
-    /**
-     * Default constructor.
-     */
-    public DataExchangeResponse() {
-    }
-
-    /**
-     * Constructor with data.
-     * @param data Data.
-     */
-    public DataExchangeResponse(String data) {
-        this.data = data;
-    }
-
-    /**
-     * Get data.
-     * @return Data.
-     */
-    public String getData() {
-        return data;
-    }
-
-    /**
-     * Set data.
-     * @param data Data.
-     */
-    public void setData(String data) {
-        this.data = data;
-    }
-}
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java
deleted file mode 100644
index c6e0289f..00000000
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * PowerAuth integration libraries for RESTful API applications, examples and
- * related software components
- *
- * Copyright (C) 2018 Wultra s.r.o.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published
- * by the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package io.getlime.security.powerauth.app.rest.api.spring.provider;
-
-import io.getlime.security.powerauth.rest.api.base.provider.CustomActivationProvider;
-import io.getlime.security.powerauth.rest.api.model.entity.ActivationType;
-import org.springframework.stereotype.Component;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * Default implementation of CustomActivationProvider interface.
- *
- * @author Roman Strobl, roman.strobl@wultra.com
- */
-@Component
-public class DefaultCustomActivationProvider implements CustomActivationProvider {
-
-    @Override
-    public String lookupUserIdForAttributes(Map<String, String> identityAttributes, Map<String, Object> context) {
-        return identityAttributes.get("username");
-    }
-
-    @Override
-    public Map<String, Object> processCustomActivationAttributes(Map<String, Object> customAttributes, String activationId, String userId, Long applId, ActivationType activationType, Map<String, Object> context) {
-        if (customAttributes != null) {
-            // Copy custom attributes
-            return new HashMap<>(customAttributes);
-        } else {
-            return Collections.emptyMap();
-        }
-    }
-
-    @Override
-    public boolean shouldAutoCommitActivation(Map<String, String> identityAttributes, Map<String, Object> customAttributes, String activationId, String userId, Long applId, ActivationType activationType, Map<String, Object> context) {
-        return true;
-    }
-
-    @Override
-    public void activationWasCommitted(Map<String, String> identityAttributes, Map<String, Object> customAttributes, String activationId, String userId, Long applId, ActivationType activationType, Map<String, Object> context) {
-    }
-
-    @Override
-    public Integer getMaxFailedAttemptCount(Map<String, String> identityAttributes, Map<String, Object> customAttributes, String userId, ActivationType activationType, Map<String, Object> context) {
-        // Null value means use value configured on PowerAuth server
-        return null;
-    }
-
-    @Override
-    public Long getValidityPeriodDuringActivation(Map<String, String> identityAttributes, Map<String, Object> customAttributes, String userId, ActivationType activationType, Map<String, Object> context) {
-        // Null value means use value configured on PowerAuth server
-        return null;
-    }
-}
diff --git a/powerauth-restful-server-spring/src/main/resources/application.properties b/powerauth-restful-server-spring/src/main/resources/application.properties
deleted file mode 100644
index 2de95eb4..00000000
--- a/powerauth-restful-server-spring/src/main/resources/application.properties
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# PowerAuth integration libraries for RESTful API applications, examples and
-# related software components
-#
-# Copyright (C) 2018 Wultra s.r.o.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published
-# by the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-powerauth.service.url=http://localhost:8080/powerauth-java-server/rest
-powerauth.service.security.clientToken=
-powerauth.service.security.clientSecret=
-
-# PowerAuth Push Service Configuration
-powerauth.integration.service.applicationName=powerauth-restful-server-spring
-powerauth.integration.service.applicationDisplayName=PowerAuth Restful Server (Spring)
-powerauth.integration.service.applicationEnvironment=

From a27dbe29941b0da4e20ab7f7a8799111dab3af68 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 18 Oct 2021 11:14:08 +0200
Subject: [PATCH 15/36] Update pom.xml

---
 pom.xml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index ffa67738..156856bb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -72,7 +72,6 @@
         <module>powerauth-restful-security-base</module>
         <module>powerauth-restful-security-spring</module>
         <module>powerauth-restful-security-spring-annotation</module>
-        <module>powerauth-restful-server-spring</module>
     </modules>
 
     <properties>

From 6d06a5262f183b4c1a7fb77a275ba3fdead1f810 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 18 Oct 2021 17:23:20 +0200
Subject: [PATCH 16/36] Merge changes from develop

---
 .../app/rest/api/spring/configuration/WebApplicationConfig.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
index 107ae2c0..9c3d04e4 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
@@ -19,8 +19,8 @@
  */
 package io.getlime.security.powerauth.app.rest.api.spring.configuration;
 
+import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryptionArgumentResolver;
 import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthAnnotationInterceptor;
-import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthEncryptionArgumentResolver;
 import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthWebArgumentResolver;
 import io.getlime.security.powerauth.rest.api.spring.filter.PowerAuthRequestFilter;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;

From 494d9510281303e51a755fb7fd07e807f9d25391 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 18 Oct 2021 18:02:50 +0200
Subject: [PATCH 17/36] Merge of base project removal

---
 powerauth-restful-security-base/pom.xml       | 75 -------------------
 .../pom.xml                                   |  5 --
 2 files changed, 80 deletions(-)
 delete mode 100644 powerauth-restful-security-base/pom.xml

diff --git a/powerauth-restful-security-base/pom.xml b/powerauth-restful-security-base/pom.xml
deleted file mode 100644
index 91e6dc58..00000000
--- a/powerauth-restful-security-base/pom.xml
+++ /dev/null
@@ -1,75 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-~ PowerAuth integration libraries for RESTful API applications, examples and
-~ related software components
-~
-~ Copyright (C) 2018 Wultra s.r.o.
-~
-~ This program is free software: you can redistribute it and/or modify
-~ it under the terms of the GNU Affero General Public License as published
-~ by the Free Software Foundation, either version 3 of the License, or
-~ (at your option) any later version.
-~
-~ This program is distributed in the hope that it will be useful,
-~ but WITHOUT ANY WARRANTY; without even the implied warranty of
-~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-~ GNU Affero General Public License for more details.
-~
-~ You should have received a copy of the GNU Affero General Public License
-~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-
-    <modelVersion>4.0.0</modelVersion>
-    <artifactId>powerauth-restful-security-base</artifactId>
-    <version>1.2.0-SNAPSHOT</version>
-
-    <parent>
-        <artifactId>powerauth-restful-integration-parent</artifactId>
-        <groupId>io.getlime.security</groupId>
-        <version>1.2.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
-    </parent>
-
-    <dependencies>
-
-        <!-- PowerAuth Dependencies -->
-        <dependency>
-            <groupId>io.getlime.security</groupId>
-            <artifactId>powerauth-java-crypto</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
-        </dependency>
-        <dependency>
-            <groupId>io.getlime.security</groupId>
-            <artifactId>powerauth-java-http</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
-        </dependency>
-        <dependency>
-            <groupId>io.getlime.security</groupId>
-            <artifactId>powerauth-restful-model</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
-        </dependency>
-
-        <!-- Other Dependencies -->
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${javax.servlet-api.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>com.fasterxml.jackson.core</groupId>
-            <artifactId>jackson-databind</artifactId>
-            <version>${jackson-databind.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.commons</groupId>
-            <artifactId>commons-text</artifactId>
-            <version>${commons-text.version}</version>
-        </dependency>
-
-    </dependencies>
-
-</project>
diff --git a/powerauth-restful-security-spring-annotation/pom.xml b/powerauth-restful-security-spring-annotation/pom.xml
index 677a17d6..8d24dd6f 100644
--- a/powerauth-restful-security-spring-annotation/pom.xml
+++ b/powerauth-restful-security-spring-annotation/pom.xml
@@ -50,11 +50,6 @@
         </dependency>
 
         <!-- PowerAuth Dependencies -->
-        <dependency>
-            <groupId>io.getlime.security</groupId>
-            <artifactId>powerauth-restful-security-base</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
-        </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-rest-client-spring</artifactId>

From 23c28af45e02069e3e56408614f92906cb52c253 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 18 Oct 2021 18:16:51 +0200
Subject: [PATCH 18/36] Fix imports and update dependencies after removal of
 base project

---
 .../pom.xml                                   | 22 +++++++++++++++++++
 .../PowerAuthEncryptionArgumentResolver.java  | 10 +++++----
 .../configuration/WebApplicationConfig.java   |  2 +-
 3 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/pom.xml b/powerauth-restful-security-spring-annotation/pom.xml
index 8d24dd6f..939b1a41 100644
--- a/powerauth-restful-security-spring-annotation/pom.xml
+++ b/powerauth-restful-security-spring-annotation/pom.xml
@@ -50,12 +50,34 @@
         </dependency>
 
         <!-- PowerAuth Dependencies -->
+        <dependency>
+            <groupId>io.getlime.security</groupId>
+            <artifactId>powerauth-java-crypto</artifactId>
+            <version>1.2.0-SNAPSHOT</version>
+        </dependency>
+        <dependency>
+            <groupId>io.getlime.security</groupId>
+            <artifactId>powerauth-java-http</artifactId>
+            <version>1.2.0-SNAPSHOT</version>
+        </dependency>
+        <dependency>
+            <groupId>io.getlime.security</groupId>
+            <artifactId>powerauth-restful-model</artifactId>
+            <version>1.2.0-SNAPSHOT</version>
+        </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-rest-client-spring</artifactId>
             <version>1.2.0-SNAPSHOT</version>
         </dependency>
 
+        <!-- Other dependencies -->
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-text</artifactId>
+            <version>${commons-text.version}</version>
+        </dependency>
+
     </dependencies>
 
 </project>
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthEncryptionArgumentResolver.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthEncryptionArgumentResolver.java
index 8f7d12fc..4774c998 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthEncryptionArgumentResolver.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthEncryptionArgumentResolver.java
@@ -17,14 +17,16 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.annotation;
+package io.getlime.security.powerauth.rest.api.spring.annotation.support;
 
 import com.fasterxml.jackson.databind.JavaType;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.type.TypeFactory;
-import io.getlime.security.powerauth.rest.api.base.encryption.EciesEncryptionContext;
-import io.getlime.security.powerauth.rest.api.base.encryption.PowerAuthEciesEncryption;
-import io.getlime.security.powerauth.rest.api.base.model.PowerAuthRequestObjects;
+import io.getlime.security.powerauth.rest.api.spring.annotation.EncryptedRequestBody;
+import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryption;
+import io.getlime.security.powerauth.rest.api.spring.encryption.EciesEncryptionContext;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEciesEncryption;
+import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.core.MethodParameter;
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
index 9c3d04e4..07fcab5f 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
@@ -19,7 +19,7 @@
  */
 package io.getlime.security.powerauth.app.rest.api.spring.configuration;
 
-import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthEncryptionArgumentResolver;
+import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthEncryptionArgumentResolver;
 import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthAnnotationInterceptor;
 import io.getlime.security.powerauth.rest.api.spring.annotation.support.PowerAuthWebArgumentResolver;
 import io.getlime.security.powerauth.rest.api.spring.filter.PowerAuthRequestFilter;

From 248dc16dd11e802a38b584849af6d0286b2746a2 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 18 Oct 2021 19:04:06 +0200
Subject: [PATCH 19/36] Remove Java EE documentation, update
 statusServiceCustomObject method call in documentation

---
 docs/Introduction.md           |   1 -
 docs/RESTful-API-for-JavaEE.md | 433 ---------------------------------
 docs/RESTful-API-for-Spring.md |   2 +-
 docs/Readme.md                 |   1 -
 docs/_Sidebar.md               |   1 -
 5 files changed, 1 insertion(+), 437 deletions(-)
 delete mode 100644 docs/RESTful-API-for-JavaEE.md

diff --git a/docs/Introduction.md b/docs/Introduction.md
index be983cf2..ce3fe15e 100644
--- a/docs/Introduction.md
+++ b/docs/Introduction.md
@@ -5,4 +5,3 @@ Mobile banking applications usually connect to a RESTful APIs with some end-poin
 In order to integrate PowerAuth Server with your RESTful API, follow one of these tutorials:
 
 - [Integration with RESTful API (Spring)](./RESTful-API-for-Spring.md)
-- [Integration with RESTful API (JAX-RS)](./RESTful-API-for-JavaEE.md)
diff --git a/docs/RESTful-API-for-JavaEE.md b/docs/RESTful-API-for-JavaEE.md
deleted file mode 100644
index 0a9a7f04..00000000
--- a/docs/RESTful-API-for-JavaEE.md
+++ /dev/null
@@ -1,433 +0,0 @@
-# Integration Libraries for Java EE (JAX-RS)
-
-This tutorial shows the way mobile API developers who build their applications with JAX-RS integrate with PowerAuth Server.
-
-## Prerequisites for the tutorial
-
-- Running PowerAuth Server with available SOAP interface.
-- Knowledge of Java EE applications based on JAX-RS.
-- Software: IDE - Spring Tool Suite, Java EE Application Server (Pivotal Server, Tomcat, ...)
-
-## Add Maven Dependency
-
-To add PowerAuth support in your RESTful API, add Maven dependency for PowerAuth RESTful Security module in your `pom.xml` file:
-
-```xml
-<dependency>
-    <groupId>io.getlime.security</groupId>
-    <artifactId>powerauth-restful-security-javaee</artifactId>
-    <version>${powerauth.version}</version>
-</dependency>
-```
-
-## Register Bouncy Castle Provider
-
-This step is technically required only in case your server uses end-to-end encryption, but performing it anyway will not cause any harm. First, make sure you include Bouncy Castle libraries in your dependencies:
-
-```xml
-<dependency>
-    <groupId>org.bouncycastle</groupId>
-    <artifactId>bcprov-ext-jdk15on</artifactId>
-    <version>${bouncycastle.version}</version>
-</dependency>
-```
-
-Then, you can then register Bouncy Castle provider in your `Application` class (or an equivalent class in case you use Jersey or some similar technology):
-
-```java
-@ApplicationPath("/")
-public class JavaEEApplication extends Application {
-
-    public JavaEEApplication() {
-        super();
-
-        // Register BC provider
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    @Override
-    public Set<Class<?>> getClasses() {
-        // ... see more information below
-        return resources;
-    }
-}
-```
-
-## Produce Required Beans
-
-In order to connect to the correct PowerAuth Server, you need to add a producer that configures SOAP service endpoint and default application configuration.
-
-```java
-@Dependent
-public class PowerAuthBeanFactory {
-
-    @Produces
-    public PowerAuthServiceClient buildClient() {
-        try {
-            return new PowerAuthServiceClient("http://localhost:8080/powerauth-java-server/soap");
-        } catch (AxisFault axisFault) {
-            return null;
-        }
-    }
-
-    @Produces
-    public PowerAuthApplicationConfiguration buildApplicationConfiguration() {
-        return new DefaultApplicationConfiguration();
-    }
-
-}
-```
-
-## Setting Up Credentials
-
-// TODO: Describe SOAP client WS-Security configuration
-
-_Note: For SOAP interface, PowerAuth Server uses WS-Security, `UsernameToken` validation (plain text password). The RESTful interface is secured using Basic HTTP Authentication (pre-emptive)._
-
-## Register Resources
-
-In order to automatically use resources, exception resolvers and filters, you need to register them in your application. For plain JAX-RS application, this is how to do it:
-
-```java
-@ApplicationPath("/")
-public class JavaEEApplication extends Application {
-
-    @Override
-    public Set<Class<?>> getClasses() {
-        Set<Class<?>> resources = new HashSet<>();
-
-        // Your resources
-        // ...
-        // ...
-
-        // PowerAuth Controllers
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v3.ActivationController.class);
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v3.SecureVaultController.class);
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v3.SignatureController.class);
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v3.TokenController.class);
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v3.UpgradeController.class);
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v3.RecoveryController.class);
-        
-        // PowerAuth Exception Resolvers
-        resources.add(PowerAuthActivationExceptionResolver.class);
-        resources.add(PowerAuthRecoveryExceptionResolver.class);
-        resources.add(PowerAuthAuthenticationExceptionResolver.class);
-        resources.add(PowerAuthEncryptionExceptionResolver.class);
-        resources.add(PowerAuthSecureVaultExceptionResolver.class);
-        resources.add(PowerAuthUpgradeExceptionResolver.class);
-        
-        // PowerAuth Filters
-        resources.add(PowerAuthRequestFilter.class);
-
-        return resources;
-    }
-
-}
-```
-
-In case you still need to use legacy `v2` controllers, you can also register these controllers:
-```java
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v2.ActivationController.class);
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v2.SignatureController.class);
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v2.SecureVaultController.class);
-        resources.add(io.getlime.security.powerauth.rest.api.jaxrs.controller.v2.TokenController.class);
-```
-
-
-Note that Jersey uses `ResourceConfig` subclass for a similar purpose...
-
-## Custom PowerAuth Application Configuration
-
-_(optional)_
-
-PowerAuth uses the concept of `application ID` and `application secret`. While `applicationId` attribute is transmitted with requests in `X-PowerAuth-Authorization` header, `applicationSecret` is shared implicitly between client and server and is a part of the actual signature value. Applications are a first class citizen in PowerAuth protocol. Intermediate application, however, may influence which applications are accepted by implementing following configuration.
-
-```java
-public class ApplicationConfiguration implements PowerAuthApplicationConfiguration {
-
-  @Override
-  public Map<String, Object> statusServiceCustomObject() {
-    return null; // default implementation
-  }
-
-}
-```
-
-You can then return instance of this class in the producer method mentioned above, instead of `DefaultApplicationConfiguration` instance.
-
-## Validate Signatures
-
-In order to validate request signatures, you need to:
-
-- inject a `HttpServletRequest` instance using the `@Context` annotation
-- inject a `PowerAuthAuthenticationProvider` instance
-- add `@HeaderParam(value = PowerAuthSignatureHttpHeader.HEADER_NAME) String authHeader` in resource methods
-
-Then, you can process the header and request using the authentication provider.
-
-Here is the source code example:
-
-```java
-@Path("pa/signature")
-@Produces(MediaType.APPLICATION_JSON)
-public class AuthenticationController {
-
-    @Context
-    private HttpServletRequest request;
-
-    @Inject
-    private PowerAuthAuthenticationProvider authenticationProvider;
-
-    @POST
-    @Path("validate")
-    @Consumes("*/*")
-    @Produces(MediaType.APPLICATION_JSON)
-    public PowerAuthApiResponse<String> login(String body, @HeaderParam(value = PowerAuthSignatureHttpHeader.HEADER_NAME) String authHeader) throws PowerAuthAuthenticationException {
-
-        // ##EXAMPLE: Here, we could store the authentication in the session like this:
-        // ##EXAMPLE: SecurityContextHolder.getContext().setAuthentication(apiAuthentication);
-        // ##EXAMPLE: ... or you can grab a user ID like this and use it for querying back-end:
-        // ##EXAMPLE: String userId = apiAuthentication.getUserId();
-
-        PowerAuthApiAuthentication auth = authenticationProvider.validateRequestSignature(
-                request,
-                "/pa/signature/validate",
-                authHeader
-        );
-
-        if (auth == null || auth.getUserId() == null) {
-            return new PowerAuthApiResponse<>("ERROR", "Authentication failed.");
-        }
-        return new PowerAuthApiResponse<>("OK", "Hooray! User: " + auth.getUserId());
-    }
-}
-```
-
-### Use Token Based Authentication
-
-This sample resource implementation illustrates how to use simple token based authentication. In case the authentication is not successful, the `PowerAuthApiAuthentication` object is null.
-
-Please note that token based authentication should be used only for endpoints with lower sensitivity, such as simplified account information for widgets or smart watch, that are also not prone to replay attack.
-
-```java
-@Path("secure/account")
-@Produces(MediaType.APPLICATION_JSON)
-public class AuthenticationController {
-
-    @Inject
-    private PowerAuthAuthenticationProvider authenticationProvider;
-
-    @Inject
-    private CustomService service;
-
-    @POST
-    @Path("widget/balance")
-    @Consumes("*/*")
-    @Produces(MediaType.APPLICATION_JSON)
-    public PowerAuthApiResponse<String> getBalance(@HeaderParam(value = PowerAuthTokenHttpHeader.HEADER_NAME) String tokenHeader) throws PowerAuthAuthenticationException {
-        PowerAuthApiAuthentication auth = authenticationProvider.validateToken(tokenHeader);
-        if (apiAuthentication == null) {
-            throw new PowerAuthTokenInvalidException();
-        } else {
-            String userId = apiAuthentication.getUserId();
-            String balance = service.getBalanceForUser(userId);
-            return new PowerAuthAPIResponse<String>("OK", balance);
-        }
-    }
-
-}
-```
-
-## Use End-To-End Encryption
-
-You can use end-to-end encryption to add an additional encryption layer on top of the basic HTTPS encryption to protect the request body contents better.
-
-End-to-end encryption provided by PowerAuth uses `POST` method for all data transport and it requires predefined request / response structure.
-
-### Encryption in Application Scope
-
-You can encrypt data in `application` scope (non-personalized) using following pattern:
- 
-```java
-@Path("/exchange")
-@Produces(MediaType.APPLICATION_JSON)
-public class EncryptedDataExchangeController {
-
-    @Inject
-    private PowerAuthEncryptionProvider encryptionProvider;
-
-    @POST
-    @Path("application")
-    @Consumes(MediaType.APPLICATION_JSON)
-    @Produces(MediaType.APPLICATION_JSON)
-    public EciesEncryptedResponse exchangeInApplicationScope() throws PowerAuthEncryptionException {
-        // Decrypt request
-        PowerAuthEciesEncryption<DataExchangeRequest> eciesEncryption = encryptionProvider.decryptRequest(httpServletRequest,
-                DataExchangeRequest.class, EciesScope.APPLICATION_SCOPE);
-        DataExchangeRequest request = eciesEncryption.getRequestObject();
-        EciesEncryptionContext eciesContext = eciesEncryption.getContext();
-
-        if (eciesContext == null) {
-            throw new PowerAuthEncryptionException();
-        }
-
-        // Prepare response object
-        DataExchangeResponse exchangeResponse = new DataExchangeResponse("Server successfully decrypted signed data: " + (request == null ? "''" : request.getData()) + ", scope: " + eciesContext.getEciesScope());
-
-        // Encrypt response
-        return encryptionProvider.encryptResponse(exchangeResponse, eciesEncryption);
-    }
-}
-```
-
-The encryption provider decrypts the request data using ECIES decryptor in `application` scope. In case the decryption succeeds, a response object is created and encrypted using previously created ECIES decryptor.
-
-### Encryption in Activation Scope
-
-You can encrypt data in `activation` scope (personalized) using following pattern:
- 
-```java
-@Path("/exchange")
-@Produces(MediaType.APPLICATION_JSON)
-public class EncryptedDataExchangeController {
-
-    @Inject
-    private PowerAuthEncryptionProvider encryptionProvider;
-    
-    @POST
-    @Path("activation")
-    @Consumes(MediaType.APPLICATION_JSON)
-    @Produces(MediaType.APPLICATION_JSON)
-    public EciesEncryptedResponse exchangeInActivationScope() throws PowerAuthEncryptionException {
-        // Decrypt request
-        PowerAuthEciesEncryption<DataExchangeRequest> eciesEncryption = encryptionProvider.decryptRequest(httpServletRequest,
-                    DataExchangeRequest.class, EciesScope.ACTIVATION_SCOPE);
-        DataExchangeRequest request = eciesEncryption.getRequestObject();
-        EciesEncryptionContext eciesContext = eciesEncryption.getContext();
-    
-        if (eciesContext == null) {
-            throw new PowerAuthEncryptionException();
-        }
-    
-        // Prepare response object
-        DataExchangeResponse exchangeResponse = new DataExchangeResponse("Server successfully decrypted signed data: " + (request == null ? "''" : request.getData()) + ", scope: " + eciesContext.getEciesScope());
-    
-        // Encrypt response
-        return encryptionProvider.encryptResponse(exchangeResponse, eciesEncryption);
-    }
-}
-``` 
-
-The encryption provider decrypts the request data using ECIES decryptor in `activation` scope. In case the decryption succeeds, a response object is created and encrypted using previously created ECIES decryptor.
-
-### Signed and Encrypted Requests
-
-You can also sign the data before encryption and perform signature verification of decrypted data using following pattern:
-
-```java
-@RestController
-@RequestMapping(value = "/exchange")
-public class EncryptedDataExchangeController {
-
-    @Inject
-    private PowerAuthEncryptionProvider encryptionProvider;
-    
-    @Inject
-    private PowerAuthAuthenticationProvider authenticationProvider;
-
-    @POST
-    @Path("signed")
-    @Consumes(MediaType.APPLICATION_JSON)
-    @Produces(MediaType.APPLICATION_JSON)
-    public EciesEncryptedResponse exchangeSignedAndEncryptedData(@HeaderParam(value = PowerAuthSignatureHttpHeader.HEADER_NAME) String authHeader) throws PowerAuthEncryptionException, PowerAuthAuthenticationException {
-        // Decrypt request
-        PowerAuthEciesEncryption<DataExchangeRequest> eciesEncryption = encryptionProvider.decryptRequest(httpServletRequest,
-                    DataExchangeRequest.class, EciesScope.ACTIVATION_SCOPE);
-        DataExchangeRequest request = eciesEncryption.getRequestObject();
-    
-        if (eciesEncryption.getContext() == null) {
-            throw new PowerAuthEncryptionException();
-        }
-    
-        // Verify PowerAuth signature
-        PowerAuthApiAuthentication auth = authenticationProvider.validateRequestSignature(
-                    httpServletRequest,
-                    "/exchange/signed",
-                    authHeader
-        );
-                
-        if (auth == null || auth.getUserId() == null) {
-            throw new PowerAuthSignatureInvalidException();
-        }
-        // Prepare response object
-        DataExchangeResponse exchangeResponse = new DataExchangeResponse("Server successfully decrypted data and verified signature, request data: " + (request == null ? "''" : request.getData()) + ", user ID: " + auth.getUserId());
-    
-        // Encrypt response
-        return encryptionProvider.encryptResponse(exchangeResponse, eciesEncryption);
-    }
-}
-```
-
-The encryption provider decrypts the request data using ECIES decryptor in `activation` scope. In case the decryption succeeds, the signature received in PowerAuth HTTP signature header is verified. 
-If the signature verification succeeds a response is encrypted using previously created ECIES decryptor.
-
-_Note: You can also use `String` or `byte[]` data types instead of using request/response objects for encryption of raw data._
-
-### Non-Personalized End-To-End Encryption (v2 - legacy)
-
-To use legacy non-personalized (application specific) encryption, use following pattern:
-
-```java
-@Path("pa/custom/activation")
-@Produces(MediaType.APPLICATION_JSON)
-public class EncryptedController {
-
-    @Inject
-    private EncryptorFactory encryptorFactory;
-
-    @POST
-    @Path("create")
-    @Consumes(MediaType.APPLICATION_JSON)
-    @Produces(MediaType.APPLICATION_JSON)
-    public PowerAuthApiResponse<NonPersonalizedEncryptedPayloadModel> createNewActivation( PowerAuthApiRequest<NonPersonalizedEncryptedPayloadModel> encryptedRequest) throws PowerAuthActivationException {
-        try {
-
-            // Prepare an encryptor
-            final PowerAuthNonPersonalizedEncryptor encryptor = encryptorFactory.buildNonPersonalizedEncryptor(encryptedRequest);
-            if (encryptor == null) {
-                throw new PowerAuthEncryptionException();
-            }
-
-            // Decrypt the request object
-            OriginalRequest request = encryptor.decrypt(object, OriginalRequest.class);
-
-            if (request == null) {
-                throw new PowerAuthEncryptionException();
-            }
-
-            // ... do your business logic with OriginalRequest instance
-
-            // Create original response object
-            OriginalResponse response = new OriginalResponse();
-            response.setAttribute1("attribute1");
-            response.setAttribute2("attribute2");
-            response.setAttribute3("attribute3");
-
-            // Encrypt response object
-            final PowerAuthApiResponse<NonPersonalizedEncryptedPayloadModel> encryptedResponse = encryptor.encrypt(response);
-
-            if (encryptedResponse == null) {
-                throw new PowerAuthEncryptionException();
-            }
-
-            // Return response
-            return encryptedResponse;
-
-        } catch (IOException ex) {
-            throw new PowerAuthActivationException();
-        }
-
-    }
-
-}
-```
diff --git a/docs/RESTful-API-for-Spring.md b/docs/RESTful-API-for-Spring.md
index 595bd037..b8979677 100644
--- a/docs/RESTful-API-for-Spring.md
+++ b/docs/RESTful-API-for-Spring.md
@@ -174,7 +174,7 @@ PowerAuth uses the concept of `application ID` and `application secret`. While `
 public class ApplicationConfiguration implements PowerAuthApplicationConfiguration {
 
     @Override
-    public Map<String, Object> statusServiceCustomObject() {
+    public Map<String, Object> statusServiceCustomObject(ActivationContext context) {
         return null; // suggested default implementation
     }
 
diff --git a/docs/Readme.md b/docs/Readme.md
index d7c48c3e..2d1b8b95 100644
--- a/docs/Readme.md
+++ b/docs/Readme.md
@@ -6,7 +6,6 @@ In order to easily secure your RESTful APIs with PowerAuth, you can use our easy
 
 - [Introduction](./Introduction.md)
 - [Build Secure RESTful API (Spring)](./RESTful-API-for-Spring.md)
-- [Build Secure RESTful API (JAX-RS)](./RESTful-API-for-JavaEE.md)
 
 **Deployment Tutorials**
 
diff --git a/docs/_Sidebar.md b/docs/_Sidebar.md
index 1332a928..55301862 100644
--- a/docs/_Sidebar.md
+++ b/docs/_Sidebar.md
@@ -6,4 +6,3 @@
 
 - [Introduction](./Introduction.md)
 - [RESTful API (Spring)](./RESTful-API-for-Spring.md)
-- [RESTful API (JAX-RS)](./RESTful-API-for-JavaEE.md)

From 64122dac93130cbc18cc24808dda81c48ace819e Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Thu, 21 Oct 2021 11:25:12 +0200
Subject: [PATCH 20/36] Add custom object processing documentation

---
 docs/RESTful-API-for-Spring.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/RESTful-API-for-Spring.md b/docs/RESTful-API-for-Spring.md
index b8979677..aafb4450 100644
--- a/docs/RESTful-API-for-Spring.md
+++ b/docs/RESTful-API-for-Spring.md
@@ -167,7 +167,7 @@ Finally, the `FilterRegistrationBean` (with the `PowerAuthRequestFilter` filter)
 
 _(optional)_
 
-PowerAuth uses the concept of `application ID` and `application secret`. While `applicationId` attribute is transmitted with requests in `X-PowerAuth-Authorization` header, `applicationSecret` is shared implicitly between the client and server and is a part of the actual signature value. Applications are a first class citizen in PowerAuth protocol. Intermediate application, however, may influence which applications are accepted by implementing following configuration.
+PowerAuth application configuration can be used to customize additional data returned in activation status calls. Attributes obtained from activation detail are available in the activation context for additional processing. These attributes can be used to return any custom attributes to the mobile application using the `customObject` map. Note that such processing of activation attributes can have impact on performance because it is executed during each activation status call.
 
 ```java
 @Configuration

From de123be2e6b2882aeab652b95f2e6cda84b5ef21 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 25 Oct 2021 17:14:14 +0200
Subject: [PATCH 21/36] Fix #300: Implement PowerAuthActivation interface

---
 .../activation/PowerAuthActivation.java       | 121 ++++++++++++++
 .../impl/PowerAuthActivationImpl.java         | 149 ++++++++++++++++++
 .../PowerAuthAnnotationInterceptor.java       |  10 +-
 .../support/PowerAuthWebArgumentResolver.java |  15 +-
 .../PowerAuthApiAuthentication.java           |  30 ++--
 .../impl/PowerAuthApiAuthenticationImpl.java  |  32 +++-
 .../v3/ActivationContextConverter.java        |  12 +-
 .../v3/ActivationStatusConverter.java         |  67 ++++++++
 .../api/spring/model/ActivationContext.java   |   2 -
 .../api/spring/model/ActivationStatus.java    |  54 +++++++
 .../spring/model/AuthenticationContext.java   |  83 ++++++++++
 .../spring/model/PowerAuthRequestObjects.java |   5 +
 .../PowerAuthAuthenticationProvider.java      | 107 +++++++++----
 .../api/spring/service/v2/TokenService.java   |   2 +-
 .../api/spring/service/v3/TokenService.java   |   2 +-
 .../controller/AuthenticationController.java  |   2 +-
 16 files changed, 638 insertions(+), 55 deletions(-)
 create mode 100644 powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java
 create mode 100644 powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/impl/PowerAuthActivationImpl.java
 create mode 100644 powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationStatusConverter.java
 create mode 100644 powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationStatus.java
 create mode 100644 powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/AuthenticationContext.java

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java
new file mode 100644
index 00000000..956ffa59
--- /dev/null
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java
@@ -0,0 +1,121 @@
+/*
+ * PowerAuth integration libraries for RESTful API applications, examples and
+ * related software components
+ *
+ * Copyright (C) 2021 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package io.getlime.security.powerauth.rest.api.spring.activation;
+
+import io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus;
+import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
+
+import java.util.List;
+
+/**
+ * Interface for obtaining PowerAuth activation detail during signature verification.
+ *
+ * @author Petr Dvorak, petr@wultra.com
+ *
+ */
+public interface PowerAuthActivation {
+
+    /**
+     * Get user ID.
+     * @return User ID.
+     */
+    String getUserId();
+
+    /**
+     * Set user ID.
+     * @param userId User ID.
+     */
+    void setUserId(String userId);
+
+    /**
+     * Get activation ID.
+     * @return Activation ID.
+     */
+    String getActivationId();
+
+    /**
+     * Set activation ID.
+     * @param activationId Activation ID.
+     */
+    void setActivationId(String activationId);
+
+    /**
+     * Get activation status.
+     * @return Activation status.
+     */
+    ActivationStatus getActivationStatus();
+
+    /**
+     * Set activation status.
+     * @param activationStatus Activation status.
+     */
+    void setActivationStatus(ActivationStatus activationStatus);
+
+    /**
+     * Get the reason why activation was blocked.
+     * @return Reason why activation was blocked.
+     */
+    String getBlockedReason();
+
+    /**
+     * Set the reason why activation was blocked.
+     * @param blockedReason Reason why activation was blocked.
+     */
+    void setBlockedReason(String blockedReason);
+
+    /**
+     * Get activation flags.
+     * @return Activation flags.
+     */
+    List<String> getActivationFlags();
+
+    /**
+     * Set activation flags.
+     * @param activationFlags Activation flags.
+     */
+    void setActivationFlags(List<String> activationFlags);
+
+    /**
+     * Get PowerAuth authentication context.
+     * @return PowerAuth authentication context.
+     */
+    AuthenticationContext getAuthenticationContext();
+
+    /**
+     * Set PowerAuth authentication context.
+      * @param authenticationContext PowerAuth authentication context.
+     */
+    void setAuthenticationContext(AuthenticationContext authenticationContext);
+
+    /**
+     * Get PowerAuth protocol version.
+     *
+     * @return PowerAuth protocol version.
+     */
+    String getVersion();
+
+    /**
+     * Set PowerAuth protocol version.
+     *
+     * @param version PowerAuth protocol version.
+     */
+    void setVersion(String version);
+
+}
\ No newline at end of file
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/impl/PowerAuthActivationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/impl/PowerAuthActivationImpl.java
new file mode 100644
index 00000000..a07f9d11
--- /dev/null
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/impl/PowerAuthActivationImpl.java
@@ -0,0 +1,149 @@
+/*
+ * PowerAuth integration libraries for RESTful API applications, examples and
+ * related software components
+ *
+ * Copyright (C) 2021 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package io.getlime.security.powerauth.rest.api.spring.activation.impl;
+
+import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
+import io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus;
+import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Class representing PowerAuth activation detail in context of signature verification.
+ *
+ * @author Roman Strobl, roman.strobl@wultra.com
+ *
+ */
+public class PowerAuthActivationImpl implements PowerAuthActivation, Serializable {
+
+    private static final long serialVersionUID = -2171754572617130041L;
+
+    /**
+     * User ID.
+     */
+    private String userId;
+
+    /**
+     * Activation ID.
+     */
+    private String activationId;
+
+    /**
+     * Activation status.
+     */
+    private ActivationStatus activationStatus;
+
+    /**
+     * Activation blocked reason.
+     */
+    private String blockedReason;
+
+    /**
+     * Activation flags.
+     */
+    private List<String> activationFlags;
+
+    /**
+     * PowerAuth authentication context.
+     */
+    private AuthenticationContext authenticationContext;
+
+    /**
+     * PowerAuth version.
+     */
+    private String version;
+
+    @Override
+    public String getUserId() {
+        return userId;
+    }
+
+    @Override
+    public void setUserId(String userId) {
+        this.userId = userId;
+    }
+
+    @Override
+    public String getActivationId() {
+        return activationId;
+    }
+
+    @Override
+    public void setActivationId(String activationId) {
+        this.activationId = activationId;
+    }
+
+    @Override
+    public ActivationStatus getActivationStatus() {
+        return activationStatus;
+    }
+
+    @Override
+    public void setActivationStatus(ActivationStatus activationStatus) {
+        this.activationStatus = activationStatus;
+    }
+
+    @Override
+    public String getBlockedReason() {
+        return blockedReason;
+    }
+
+    @Override
+    public void setBlockedReason(String blockedReason) {
+        this.blockedReason = blockedReason;
+    }
+
+    @Override
+    public List<String> getActivationFlags() {
+        return activationFlags;
+    }
+
+    @Override
+    public void setActivationFlags(List<String> activationFlags) {
+        if (activationFlags == null) {
+            this.activationFlags = null;
+        } else {
+            this.activationFlags = new ArrayList<>(activationFlags);
+        }
+    }
+
+    @Override
+    public AuthenticationContext getAuthenticationContext() {
+        return authenticationContext;
+    }
+
+    @Override
+    public void setAuthenticationContext(AuthenticationContext authenticationContext) {
+        this.authenticationContext = authenticationContext;
+    }
+
+    @Override
+    public String getVersion() {
+        return version;
+    }
+
+    @Override
+    public void setVersion(String version) {
+        this.version = version;
+    }
+
+}
\ No newline at end of file
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
index ab38f7c0..589ce040 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
@@ -129,7 +129,10 @@ public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServl
                     final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignature(
                             request, resourceId, header, signatureTypes
                     );
-                    request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
+                    if (authentication.getAuthenticationContext().isValid()) {
+                        request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
+                    }
+                    request.setAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT, authentication.getActivationObject());
                 } catch (PowerAuthAuthenticationException ex) {
                     logger.warn("Invalid request signature, authentication object was removed");
                     request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, null);
@@ -144,7 +147,10 @@ public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServl
                     final PowerAuthApiAuthentication authentication = authenticationProvider.validateToken(
                             header, signatureTypes
                     );
-                    request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
+                    if (authentication.getAuthenticationContext().isValid()) {
+                        request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
+                    }
+                    request.setAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT, authentication.getActivationObject());
                 } catch (PowerAuthAuthenticationException ex) {
                     logger.warn("Invalid token, authentication object was removed");
                     request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, null);
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
index 2f2f8285..a77fc4e4 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
@@ -19,6 +19,7 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.annotation.support;
 
+import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
 import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
@@ -41,13 +42,21 @@ public class PowerAuthWebArgumentResolver implements HandlerMethodArgumentResolv
 
     @Override
     public boolean supportsParameter(@NonNull MethodParameter parameter) {
-        return PowerAuthApiAuthentication.class.isAssignableFrom(parameter.getParameterType());
+        return PowerAuthApiAuthentication.class.isAssignableFrom(parameter.getParameterType())
+                || PowerAuthActivation.class.isAssignableFrom(parameter.getParameterType());
     }
 
     @Override
     public Object resolveArgument(@NonNull MethodParameter parameter, ModelAndViewContainer mavContainer, @NonNull NativeWebRequest webRequest, WebDataBinderFactory binderFactory) {
-        HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
-        return request.getAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT);
+        if (parameter.getParameterType().isAssignableFrom(PowerAuthApiAuthentication.class)) {
+            HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
+            return request.getAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT);
+        }
+        if (parameter.getParameterType().isAssignableFrom(PowerAuthActivation.class)) {
+            HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
+            return request.getAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT);
+        }
+        return null;
     }
 
 }
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
index 7f1e4127..6cab4613 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
@@ -19,8 +19,9 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.authentication;
 
-import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
+import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
+import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
 
 import java.util.List;
 
@@ -94,18 +95,16 @@ public interface PowerAuthApiAuthentication {
     void setActivationFlags(List<String> activationFlags);
 
     /**
-     * Return authentication factors related to the signature that was used to produce
-     * this authentication object.
-     * @return Signature type (signature factors).
+     * Get PowerAuth authentication context.
+     * @return PowerAuth authentication context.
      */
-    PowerAuthSignatureTypes getSignatureFactors();
+    AuthenticationContext getAuthenticationContext();
 
     /**
-     * Set authentication factors related to the signature that was used to produce
-     * this authentication object.
-     * @param factors Signature type (signature factors).
+     * Set PowerAuth authentication context.
+     * @param authenticationContext PowerAuth authentication context.
      */
-    void setSignatureFactors(PowerAuthSignatureTypes factors);
+    void setAuthenticationContext(AuthenticationContext authenticationContext);
 
     /**
      * Get PowerAuth protocol version.
@@ -130,4 +129,17 @@ public interface PowerAuthApiAuthentication {
      * @param httpHeader PowerAuth HTTP header.
      */
     void setHttpHeader(PowerAuthHttpHeader httpHeader);
+
+    /**
+     * Get the activation object.
+     * @return Activation object.
+     */
+    PowerAuthActivation getActivationObject();
+
+    /**
+     * Set the activation object.
+     * @param activationObject Activaiton object.
+     */
+    void setActivationObject(PowerAuthActivation activationObject);
+
 }
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
index ae261b9a..25f8cdd6 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
@@ -21,7 +21,9 @@
 
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
+import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -68,6 +70,11 @@ public class PowerAuthApiAuthenticationImpl extends AbstractAuthenticationToken
      */
     private List<String> activationFlags;
 
+    /**
+     * PowerAuth authentication context,.
+     */
+    private AuthenticationContext authenticationContext;
+
     /**
      * Signature type, representing used authentication factor.
      */
@@ -83,6 +90,11 @@ public class PowerAuthApiAuthenticationImpl extends AbstractAuthenticationToken
      */
     private PowerAuthHttpHeader httpHeader;
 
+    /**
+     * Activation object representing activation detail.
+     */
+    private PowerAuthActivation activationObject;
+
     /**
      * Default constructor
      */
@@ -178,15 +190,14 @@ public void setActivationFlags(List<String> activationFlags) {
         this.activationFlags = activationFlags;
     }
 
-
     @Override
-    public PowerAuthSignatureTypes getSignatureFactors() {
-        return factors;
+    public AuthenticationContext getAuthenticationContext() {
+        return authenticationContext;
     }
 
     @Override
-    public void setSignatureFactors(PowerAuthSignatureTypes factors) {
-        this.factors = factors;
+    public void setAuthenticationContext(AuthenticationContext authenticationContext) {
+        this.authenticationContext = authenticationContext;
     }
 
     @Override
@@ -208,4 +219,15 @@ public PowerAuthHttpHeader getHttpHeader() {
     public void setHttpHeader(PowerAuthHttpHeader httpHeader) {
         this.httpHeader = httpHeader;
     }
+
+    @Override
+    public PowerAuthActivation getActivationObject() {
+        return activationObject;
+    }
+
+    @Override
+    public void setActivationObject(PowerAuthActivation activationObject) {
+        this.activationObject = activationObject;
+    }
+
 }
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
index 338e29c7..c140f9eb 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationContextConverter.java
@@ -34,6 +34,16 @@
 @Component
 public class ActivationContextConverter {
 
+    private final ActivationStatusConverter activationStatusConverter;
+
+    /**
+     * Converter constructor.
+     * @param activationStatusConverter Activation status converter.
+     */
+    public ActivationContextConverter(ActivationStatusConverter activationStatusConverter) {
+        this.activationStatusConverter = activationStatusConverter;
+    }
+
     /**
      * Convert new activation context from activation status response.
      *
@@ -44,7 +54,7 @@ public ActivationContext fromActivationDetailResponse(GetActivationStatusRespons
         final ActivationContext destination = new ActivationContext();
         destination.setActivationId(source.getActivationId());
         destination.setActivationName(source.getActivationName());
-        destination.setActivationStatus(source.getActivationStatus());
+        destination.setActivationStatus(activationStatusConverter.convertFrom(source.getActivationStatus()));
         destination.setBlockedReason(source.getBlockedReason());
         destination.setApplicationId(source.getApplicationId());
         destination.setUserId(source.getUserId());
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationStatusConverter.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationStatusConverter.java
new file mode 100644
index 00000000..dd974ff0
--- /dev/null
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/converter/v3/ActivationStatusConverter.java
@@ -0,0 +1,67 @@
+/*
+ * PowerAuth integration libraries for RESTful API applications, examples and
+ * related software components
+ *
+ * Copyright (C) 2021 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package io.getlime.security.powerauth.rest.api.spring.converter.v3;
+
+import io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+/**
+ * Converter class for conversions of activation status.
+ *
+ * @author Roman Strobl, roman.strobl@wultra.com
+ */
+@Component
+public class ActivationStatusConverter {
+
+    private static final Logger logger = LoggerFactory.getLogger(ActivationStatusConverter.class);
+
+    /**
+     * Convert {@link ActivationStatus} from a {@link com.wultra.security.powerauth.client.v3.ActivationStatus} value.
+     * @param activationStatus Activation status from PowerAuth client model.
+     * @return Activation status from Restful integration model.
+     */
+    public ActivationStatus convertFrom(com.wultra.security.powerauth.client.v3.ActivationStatus activationStatus) {
+        if (activationStatus == null) {
+            return null;
+        }
+
+        switch (activationStatus) {
+            case CREATED:
+                return ActivationStatus.CREATED;
+
+            case PENDING_COMMIT:
+                return ActivationStatus.PENDING_COMMIT;
+
+            case ACTIVE:
+                return ActivationStatus.ACTIVE;
+
+            case BLOCKED:
+                return ActivationStatus.BLOCKED;
+
+            case REMOVED:
+                return ActivationStatus.REMOVED;
+        }
+
+        return null;
+    }
+
+}
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
index 2e13dedd..e462a4fc 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationContext.java
@@ -19,8 +19,6 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.model;
 
-import com.wultra.security.powerauth.client.v3.ActivationStatus;
-
 import java.time.Instant;
 import java.util.ArrayList;
 import java.util.List;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationStatus.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationStatus.java
new file mode 100644
index 00000000..2be20e04
--- /dev/null
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/ActivationStatus.java
@@ -0,0 +1,54 @@
+/*
+ * PowerAuth integration libraries for RESTful API applications, examples and
+ * related software components
+ *
+ * Copyright (C) 2021 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package io.getlime.security.powerauth.rest.api.spring.model;
+
+/**
+ * Activation status enumeration.
+ *
+ * @author Roman Strobl, roman.strobl@wultra.com
+ */
+public enum ActivationStatus {
+
+    /**
+     * CREATED - status after the activation record was initialized.
+     */
+    CREATED,
+
+    /**
+     * PENDING_COMMIT - status after key exchange, the activation is waiting for commit.
+     */
+    PENDING_COMMIT,
+
+    /**
+     * ACTIVE - the activation was committed, and it is ready for signature verification.
+     */
+    ACTIVE,
+
+    /**
+     * BLOCKED - the activation is blocked.
+     */
+    BLOCKED,
+
+    /**
+     * REMOVED - the activation is removed.
+     */
+    REMOVED
+
+}
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/AuthenticationContext.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/AuthenticationContext.java
new file mode 100644
index 00000000..8738014c
--- /dev/null
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/AuthenticationContext.java
@@ -0,0 +1,83 @@
+/*
+ * PowerAuth integration libraries for RESTful API applications, examples and
+ * related software components
+ *
+ * Copyright (C) 2021 Wultra s.r.o.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published
+ * by the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package io.getlime.security.powerauth.rest.api.spring.model;
+
+import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
+
+/**
+ * Class representing PowerAuth authentication context.
+ *
+ * @author Roman Strobl, roman.strobl@wultra.com
+ */
+public class AuthenticationContext {
+
+    private boolean isValid;
+    private Integer remainingAttempts;
+    private PowerAuthSignatureTypes signatureType;
+
+    /**
+     * Get whether PowerAuth authentication succeeded.
+     * @return Whether PowerAuth authentication succeeded.
+     */
+    public boolean isValid() {
+        return isValid;
+    }
+
+    /**
+     * Set whether PowerAuth authentication succeeded.
+     * @param signatureValid Whether PowerAuth authentication succeeded.
+     */
+    public void setValid(boolean signatureValid) {
+        this.isValid = signatureValid;
+    }
+
+    /**
+     * Get remaining attempts for signature verification before activation gets blocked.
+     * @return Remaining attempts for signature verification before activation gets blocked.
+     */
+    public Integer getRemainingAttempts() {
+        return remainingAttempts;
+    }
+
+    /**
+     * Set remaining attempts for signature verification before activation gets blocked.
+     * @param remainingAttempts Remaining attempts for signature verification before activation gets blocked.
+     */
+    public void setRemainingAttempts(Integer remainingAttempts) {
+        this.remainingAttempts = remainingAttempts;
+    }
+
+    /**
+     * Get PowerAuth signature type.
+     * @return PowerAuth signature type.
+     */
+    public PowerAuthSignatureTypes getSignatureType() {
+        return signatureType;
+    }
+
+    /**
+     * Set PowerAuth signature type.
+     * @param signatureType PowerAuth signature type.
+     */
+    public void setSignatureType(PowerAuthSignatureTypes signatureType) {
+        this.signatureType = signatureType;
+    }
+
+}
\ No newline at end of file
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
index 195d36a4..37eced10 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
@@ -17,6 +17,11 @@ public class PowerAuthRequestObjects {
      */
     public static final String AUTHENTICATION_OBJECT = "X-PowerAuth-Authentication-Object";
 
+    /**
+     * Constant for the request attribute name "X-PowerAuth-Activation-Object".
+     */
+    public static final String ACTIVATION_OBJECT = "X-PowerAuth-Activation-Object";
+
     /**
      * Constant for the request attribute name "X-PowerAuth-Encryption-Object".
      */
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
index fec6ded2..1f0951f6 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
@@ -31,7 +31,10 @@
 import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
 import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
 import io.getlime.security.powerauth.http.validator.PowerAuthTokenHttpHeaderValidator;
+import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
+import io.getlime.security.powerauth.rest.api.spring.activation.impl.PowerAuthActivationImpl;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.converter.v3.ActivationStatusConverter;
 import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException;
 import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
@@ -41,6 +44,8 @@
 import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthSignatureAuthenticationImpl;
 import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthTokenAuthenticationImpl;
 import io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter;
+import io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus;
+import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -62,16 +67,18 @@ public class PowerAuthAuthenticationProvider extends PowerAuthAuthenticationProv
 
     private static final Logger logger = LoggerFactory.getLogger(PowerAuthAuthenticationProvider.class);
 
-    private PowerAuthClient powerAuthClient;
+    private final PowerAuthClient powerAuthClient;
+    private final ActivationStatusConverter activationStatusConverter;
 
     /**
-     * Set PowerAuth service client via setter injection.
-     *
-     * @param powerAuthClient PowerAuth service client.
+     * Provider constructor.
+     * @param powerAuthClient PowerAuth client.
+     * @param activationStatusConverter Activation status converter.
      */
     @Autowired
-    public void setPowerAuthClient(PowerAuthClient powerAuthClient) {
+    public PowerAuthAuthenticationProvider(PowerAuthClient powerAuthClient, ActivationStatusConverter activationStatusConverter) {
         this.powerAuthClient = powerAuthClient;
+        this.activationStatusConverter = activationStatusConverter;
     }
 
     /**
@@ -137,14 +144,17 @@ private PowerAuthApiAuthenticationImpl validateSignatureAuthentication(PowerAuth
                 logger.debug("Error details", ex);
                 return null;
             }
-            if (response.isSignatureValid()) {
-                return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(),
-                        response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(), PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()),
-                        authentication.getVersion(), authentication.getHttpHeader());
-            } else {
-                return null;
-            }
-
+            final AuthenticationContext authenticationContext = new AuthenticationContext();
+            authenticationContext.setValid(response.isSignatureValid());
+            authenticationContext.setRemainingAttempts(response.getRemainingAttempts() != null ? response.getRemainingAttempts().intValue() : null);
+            authenticationContext.setSignatureType(PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()));
+            final PowerAuthActivation activationObject = copyActivationAttributes(response.getActivationId(), response.getUserId(),
+                    activationStatusConverter.convertFrom(response.getActivationStatus()), response.getBlockedReason(),
+                    response.getActivationFlags(), authenticationContext, authentication.getVersion());
+            return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(),
+                    response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(),
+                    authenticationContext, authentication.getVersion(), authentication.getHttpHeader(),
+                    activationObject);
         } else {
             return null;
         }
@@ -158,20 +168,31 @@ private PowerAuthApiAuthenticationImpl validateSignatureAuthentication(PowerAuth
      */
     private PowerAuthApiAuthenticationImpl validateTokenAuthentication(PowerAuthTokenAuthenticationImpl authentication) {
         try {
-            final ValidateTokenRequest soapRequest = new ValidateTokenRequest();
-            soapRequest.setTokenId(authentication.getTokenId());
-            soapRequest.setTokenDigest(authentication.getTokenDigest());
-            soapRequest.setNonce(authentication.getNonce());
-            soapRequest.setTimestamp(Long.parseLong(authentication.getTimestamp()));
-
-            final ValidateTokenResponse soapResponse = powerAuthClient.validateToken(soapRequest);
-            if (soapResponse.isTokenValid()) {
-                return copyAuthenticationAttributes(soapResponse.getActivationId(), soapResponse.getUserId(),
-                        soapResponse.getApplicationId(), soapResponse.getApplicationRoles(), soapResponse.getActivationFlags(), PowerAuthSignatureTypes.getEnumFromString(soapResponse.getSignatureType().value()),
-                        authentication.getVersion(), authentication.getHttpHeader());
+            final ValidateTokenRequest request = new ValidateTokenRequest();
+            request.setTokenId(authentication.getTokenId());
+            request.setTokenDigest(authentication.getTokenDigest());
+            request.setNonce(authentication.getNonce());
+            request.setTimestamp(Long.parseLong(authentication.getTimestamp()));
+
+            final ValidateTokenResponse response = powerAuthClient.validateToken(request);
+            ActivationStatus activationStatus;
+            if (response.isTokenValid()) {
+                activationStatus = ActivationStatus.ACTIVE;
             } else {
-                return null;
+                // Detailed activation status in case of token authentication failure needs to be obtained from PA server
+                activationStatus = null;
             }
+            final AuthenticationContext authenticationContext = new AuthenticationContext();
+            authenticationContext.setValid(response.isTokenValid());
+            authenticationContext.setRemainingAttempts(null);
+            authenticationContext.setSignatureType(PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()));
+            final PowerAuthActivation activationObject = copyActivationAttributes(response.getActivationId(), response.getUserId(),
+                    activationStatus, null,
+                    response.getActivationFlags(), authenticationContext, authentication.getVersion());
+            return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(),
+                    response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(),
+                    authenticationContext, authentication.getVersion(), authentication.getHttpHeader(),
+                    activationObject);
         } catch (NumberFormatException ex) {
             logger.warn("Invalid timestamp format, error: {}", ex.getMessage());
             logger.debug("Error details", ex);
@@ -190,27 +211,53 @@ private PowerAuthApiAuthenticationImpl validateTokenAuthentication(PowerAuthToke
      * @param applicationId Application ID.
      * @param applicationRoles Application roles.
      * @param activationFlags Activation flags.
-     * @param signatureType Signature Type.
+     * @param authenticationContext Authentication context.
      * @param version PowerAuth protocol version.
      * @param httpHeader Raw PowerAuth http header.
+     * @param activationObject PowerAuth activation object.
      * @return Initialized instance of API authentication.
      */
     private PowerAuthApiAuthenticationImpl copyAuthenticationAttributes(String activationId, String userId, Long applicationId, List<String> applicationRoles,
-                                                                        List<String> activationFlags, PowerAuthSignatureTypes signatureType, String version,
-                                                                        PowerAuthHttpHeader httpHeader) {
+                                                                        List<String> activationFlags, AuthenticationContext authenticationContext,
+                                                                        String version, PowerAuthHttpHeader httpHeader, PowerAuthActivation activationObject) {
         final PowerAuthApiAuthenticationImpl apiAuthentication = new PowerAuthApiAuthenticationImpl();
         apiAuthentication.setActivationId(activationId);
         apiAuthentication.setUserId(userId);
         apiAuthentication.setApplicationId(applicationId);
         apiAuthentication.setApplicationRoles(applicationRoles);
         apiAuthentication.setActivationFlags(activationFlags);
-        apiAuthentication.setSignatureFactors(signatureType);
+        apiAuthentication.setAuthenticationContext(authenticationContext);
         apiAuthentication.setAuthenticated(true);
         apiAuthentication.setVersion(version);
         apiAuthentication.setHttpHeader(httpHeader);
+        apiAuthentication.setActivationObject(activationObject);
         return apiAuthentication;
     }
 
+    /**
+     * Prepare activation detail with provided attributes.
+     * @param activationId Activation ID.
+     * @param userId User ID.
+     * @param activationStatus Activation status.
+     * @param blockedReason Reason why activation was blocked.
+     * @param activationFlags Activation flags.
+     * @param authenticationContext Authentication context.
+     * @param version PowerAuth protocol version.
+     * @return Initialized instance of API authentication.
+     */
+    private PowerAuthActivationImpl copyActivationAttributes(String activationId, String userId, ActivationStatus activationStatus, String blockedReason,
+                                                             List<String> activationFlags, AuthenticationContext authenticationContext, String version) {
+        final PowerAuthActivationImpl activationDetail = new PowerAuthActivationImpl();
+        activationDetail.setActivationId(activationId);
+        activationDetail.setUserId(userId);
+        activationDetail.setActivationStatus(activationStatus);
+        activationDetail.setBlockedReason(blockedReason);
+        activationDetail.setActivationFlags(activationFlags);
+        activationDetail.setAuthenticationContext(authenticationContext);
+        activationDetail.setVersion(version);
+        return activationDetail;
+    }
+
     /**
      * Validate the signature from the PowerAuth HTTP header against the provided HTTP method, request body and URI identifier.
      * Make sure to accept only allowed signatures.
@@ -330,7 +377,7 @@ public PowerAuthApiAuthentication validateToken(String tokenHeader, List<PowerAu
         }
 
         // Check if the signature type is allowed
-        final PowerAuthSignatureTypes expectedSignatureType = auth.getSignatureFactors();
+        final PowerAuthSignatureTypes expectedSignatureType = auth.getAuthenticationContext().getSignatureType();
         if (expectedSignatureType == null || !allowedSignatureTypes.contains(expectedSignatureType)) {
             logger.warn("Invalid signature type in token validation: {}", expectedSignatureType);
             throw new PowerAuthSignatureTypeInvalidException();
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
index bf2de75d..36b4d1ea 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
@@ -72,7 +72,7 @@ public TokenCreateResponse createToken(TokenCreateRequest request, PowerAuthApiA
         try {
             // Fetch activation ID and signature type
             final String activationId = authentication.getActivationId();
-            final PowerAuthSignatureTypes signatureFactors = authentication.getSignatureFactors();
+            final PowerAuthSignatureTypes signatureFactors = authentication.getAuthenticationContext().getSignatureType();
 
             // Fetch data from the request
             final String ephemeralPublicKey = request.getEphemeralPublicKey();
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
index 5c6e2ece..455e206c 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
@@ -77,7 +77,7 @@ public EciesEncryptedResponse createToken(EciesEncryptedRequest request,
             throws PowerAuthAuthenticationException {
         try {
             // Fetch activation ID and signature type
-            final PowerAuthSignatureTypes signatureFactors = authentication.getSignatureFactors();
+            final PowerAuthSignatureTypes signatureFactors = authentication.getAuthenticationContext().getSignatureType();
 
             // Fetch data from the request
             final String ephemeralPublicKey = request.getEphemeralPublicKey();
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
index 1b5f9df0..a3420842 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
@@ -61,7 +61,7 @@ public class AuthenticationController {
                 + " User: " + auth.getUserId()
                 + " (activation: " + auth.getActivationId() + ")"
                 + " successfully verified via app with ID: " + auth.getApplicationId()
-                + " using factor: " + auth.getSignatureFactors()
+                + " using factor: " + auth.getAuthenticationContext().getSignatureType()
         );
     }
 

From e5a8a4fb9f166b384e2c6c8529454d0869fa8d32 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 25 Oct 2021 17:37:41 +0200
Subject: [PATCH 22/36] API authentication code cleanup

---
 .../impl/PowerAuthApiAuthenticationImpl.java  | 37 ++++++++++++-------
 1 file changed, 24 insertions(+), 13 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
index 25f8cdd6..ccb04629 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
@@ -63,23 +63,18 @@ public class PowerAuthApiAuthenticationImpl extends AbstractAuthenticationToken
     /**
      * List of application roles.
      */
-    private List<String> applicationRoles;
+    private List<String> applicationRoles = new ArrayList<>();
 
     /**
      * List of activation flags.
      */
-    private List<String> activationFlags;
+    private List<String> activationFlags = new ArrayList<>();
 
     /**
-     * PowerAuth authentication context,.
+     * PowerAuth authentication context.
      */
     private AuthenticationContext authenticationContext;
 
-    /**
-     * Signature type, representing used authentication factor.
-     */
-    private PowerAuthSignatureTypes factors;
-
     /**
      * Signature version.
      */
@@ -108,14 +103,22 @@ public PowerAuthApiAuthenticationImpl() {
      * @param userId User ID.
      * @param applicationId Application ID.
      * @param applicationRoles Application roles.
-     * @param factors Authentication factors.
+     * @param activationFlags Activation flags.
+     * @param authenticationContext Authentication context.
      */
-    public PowerAuthApiAuthenticationImpl(String activationId, String userId, Long applicationId, List<String> applicationRoles, PowerAuthSignatureTypes factors) {
+    public PowerAuthApiAuthenticationImpl(String activationId, String userId, Long applicationId, List<String> applicationRoles,
+                                          List<String> activationFlags, AuthenticationContext authenticationContext) {
         super(null);
         this.activationId = activationId;
         this.userId = userId;
         this.applicationId = applicationId;
-        this.factors = factors;
+        if (applicationRoles != null) {
+            this.applicationRoles = new ArrayList<>(applicationRoles);
+        }
+        if (activationFlags != null) {
+            this.activationFlags = new ArrayList<>(activationFlags);
+        }
+        this.authenticationContext = authenticationContext;
     }
 
     @Override
@@ -177,7 +180,11 @@ public List<String> getApplicationRoles() {
 
     @Override
     public void setApplicationRoles(List<String> applicationRoles) {
-        this.applicationRoles = applicationRoles;
+        if (applicationRoles == null) {
+            this.applicationRoles = Collections.emptyList();
+        } else {
+            this.applicationRoles = new ArrayList<>(applicationRoles);
+        }
     }
 
     @Override
@@ -187,7 +194,11 @@ public List<String> getActivationFlags() {
 
     @Override
     public void setActivationFlags(List<String> activationFlags) {
-        this.activationFlags = activationFlags;
+        if (activationFlags == null) {
+            this.activationFlags = Collections.emptyList();
+        } else {
+            this.activationFlags = new ArrayList<>(activationFlags);
+        }
     }
 
     @Override

From 26e6cc0a66571eb38659a53f11f85b089fbbb9da Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 25 Oct 2021 18:18:09 +0200
Subject: [PATCH 23/36] Deprecate duplicate activation parameters, migrate to
 activation object

---
 .../PowerAuthApiAuthentication.java           | 20 +++++++++++++------
 .../controller/v2/ActivationController.java   |  2 +-
 .../controller/v2/SignatureController.java    |  2 +-
 .../spring/controller/v2/TokenController.java |  4 ++--
 .../controller/v3/ActivationController.java   |  2 +-
 .../controller/v3/RecoveryController.java     |  2 +-
 .../controller/v3/SignatureController.java    |  2 +-
 .../spring/controller/v3/TokenController.java |  4 ++--
 .../api/spring/service/v2/TokenService.java   |  2 +-
 .../spring/service/v3/ActivationService.java  |  2 +-
 .../spring/service/v3/RecoveryService.java    |  2 +-
 .../api/spring/service/v3/TokenService.java   |  4 ++--
 .../api/spring/service/v3/UpgradeService.java |  4 ++--
 13 files changed, 30 insertions(+), 22 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
index 6cab4613..6456a929 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
@@ -35,8 +35,8 @@
 public interface PowerAuthApiAuthentication {
 
     /**
-     * Get user ID
-     * @return User ID
+     * Get user ID.
+     * @return User ID.
      */
     String getUserId();
 
@@ -47,15 +47,19 @@ public interface PowerAuthApiAuthentication {
     void setUserId(String userId);
 
     /**
-     * Get activation ID
-     * @return Activation ID
+     * Get activation ID.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationObject()} instead.
+     * @return Activation ID.
      */
+    @Deprecated
     String getActivationId();
 
     /**
-     * Set activation ID
-     * @param activationId Activation ID
+     * Set activation ID.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationObject()} instead.
+     * @param activationId Activation ID.
      */
+    @Deprecated
     void setActivationId(String activationId);
 
     /**
@@ -84,14 +88,18 @@ public interface PowerAuthApiAuthentication {
 
     /**
      * Get activation flags.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationObject()} instead.
      * @return Activation flags.
      */
+    @Deprecated
     List<String> getActivationFlags();
 
     /**
      * Set activation flags.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationObject()} instead.
      * @param activationFlags Activation flags.
      */
+    @Deprecated
     void setActivationFlags(List<String> activationFlags);
 
     /**
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
index 2001b3a8..0ac7c6f5 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
@@ -138,7 +138,7 @@ public ObjectResponse<ActivationRemoveResponse> removeActivation(
     ) throws PowerAuthActivationException, PowerAuthAuthenticationException {
         // Request body needs to be set to null because the SDK uses null for the signature, although {} is sent as request body
         PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignature("POST", null, "/pa/activation/remove", signatureHeader);
-        if (apiAuthentication == null || apiAuthentication.getActivationId() == null) {
+        if (apiAuthentication == null || apiAuthentication.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
index f1ab389e..d954e65b 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
@@ -64,7 +64,7 @@ public class SignatureController {
     })
     public Response validateSignature(PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
 
-        if (auth == null || auth.getActivationId() == null) {
+        if (auth == null || auth.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
index f5ab39a6..6215af74 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
@@ -97,7 +97,7 @@ public ObjectResponse<TokenCreateResponse> createToken(
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationId() == null) {
+        if (authentication == null || authentication.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
@@ -128,7 +128,7 @@ public ObjectResponse<TokenRemoveResponse> removeToken(@RequestBody ObjectReques
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationId() == null) {
+        if (authentication == null || authentication.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
index 10551718..06e0da27 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
@@ -137,7 +137,7 @@ public ObjectResponse<ActivationRemoveResponse> removeActivation(
             throws PowerAuthActivationException, PowerAuthAuthenticationException {
         byte[] requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
         PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignature("POST", requestBodyBytes, "/pa/activation/remove", signatureHeader);
-        if (apiAuthentication == null || apiAuthentication.getActivationId() == null) {
+        if (apiAuthentication == null || apiAuthentication.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
index 443a6348..9474bcf2 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
@@ -80,7 +80,7 @@ public EciesEncryptedResponse confirmRecoveryCode(@RequestBody EciesEncryptedReq
             logger.warn("Invalid request object in confirm recovery");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationId() == null) {
+        if (authentication == null || authentication.getActivationObject() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         if (!"3.0".equals(authentication.getVersion()) && !"3.1".equals(authentication.getVersion())) {
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
index 41769ad8..f7ca3d9c 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
@@ -64,7 +64,7 @@ public class SignatureController {
     })
     public Response validateSignature(PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
 
-        if (auth == null || auth.getActivationId() == null) {
+        if (auth == null || auth.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
index 0a8976ab..26b13d9b 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
@@ -88,7 +88,7 @@ public EciesEncryptedResponse createToken(@RequestBody EciesEncryptedRequest req
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationId() == null) {
+        if (authentication == null || authentication.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
@@ -123,7 +123,7 @@ public ObjectResponse<TokenRemoveResponse> removeToken(@RequestBody ObjectReques
             logger.warn("Invalid request object in remove token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationId() == null) {
+        if (authentication == null || authentication.getActivationObject() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         if (!"3.0".equals(authentication.getVersion()) && !"3.1".equals(authentication.getVersion())) {
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
index 36b4d1ea..aab1d254 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
@@ -71,7 +71,7 @@ public void setPowerAuthClient(PowerAuthClient powerAuthClient) {
     public TokenCreateResponse createToken(TokenCreateRequest request, PowerAuthApiAuthentication authentication) throws PowerAuthAuthenticationException {
         try {
             // Fetch activation ID and signature type
-            final String activationId = authentication.getActivationId();
+            final String activationId = authentication.getActivationObject().getActivationId();
             final PowerAuthSignatureTypes signatureFactors = authentication.getAuthenticationContext().getSignatureType();
 
             // Fetch data from the request
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
index a8bbed66..f5799396 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
@@ -388,7 +388,7 @@ public ActivationRemoveResponse removeActivation(PowerAuthApiAuthentication apiA
         try {
 
             // Fetch context information
-            final String activationId = apiAuthentication.getActivationId();
+            final String activationId = apiAuthentication.getActivationObject().getActivationId();
             final String userId = apiAuthentication.getUserId();
             final Long applicationId = apiAuthentication.getApplicationId();
 
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
index 34a4dda5..b40da0d8 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
@@ -69,7 +69,7 @@ public RecoveryService(PowerAuthClient powerAuthClient) {
     public EciesEncryptedResponse confirmRecoveryCode(EciesEncryptedRequest request,
                                                       PowerAuthApiAuthentication authentication) throws PowerAuthAuthenticationException {
         try {
-            final String activationId = authentication.getActivationId();
+            final String activationId = authentication.getActivationObject().getActivationId();
             final PowerAuthSignatureHttpHeader httpHeader = (PowerAuthSignatureHttpHeader) authentication.getHttpHeader();
             final String applicationKey = httpHeader.getApplicationKey();
             if (activationId == null || applicationKey == null || request.getEphemeralPublicKey() == null
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
index 455e206c..c963cfef 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
@@ -94,7 +94,7 @@ public EciesEncryptedResponse createToken(EciesEncryptedRequest request,
             }
 
             // Get ECIES headers
-            final String activationId = authentication.getActivationId();
+            final String activationId = authentication.getActivationObject().getActivationId();
             final PowerAuthSignatureHttpHeader httpHeader = (PowerAuthSignatureHttpHeader) authentication.getHttpHeader();
             final String applicationKey = httpHeader.getApplicationKey();
 
@@ -125,7 +125,7 @@ public EciesEncryptedResponse createToken(EciesEncryptedRequest request,
     public TokenRemoveResponse removeToken(TokenRemoveRequest request, PowerAuthApiAuthentication authentication) throws PowerAuthAuthenticationException {
         try {
             // Fetch activation ID
-            final String activationId = authentication.getActivationId();
+            final String activationId = authentication.getActivationObject().getActivationId();
 
             // Fetch token ID from the request
             final String tokenId = request.getTokenId();
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
index fdae43ca..28378185 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
@@ -142,13 +142,13 @@ public Response upgradeCommit(String signatureHeader,
             final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignature("POST", requestBodyBytes, "/pa/upgrade/commit", signatureHeader, allowedSignatureTypes, 3);
 
             // In case signature verification fails, upgrade fails, too
-            if (authentication == null || authentication.getActivationId() == null) {
+            if (authentication == null || authentication.getActivationObject() == null) {
                 logger.debug("Signature validation failed");
                 throw new PowerAuthSignatureInvalidException();
             }
 
             // Get signature HTTP headers
-            final String activationId = authentication.getActivationId();
+            final String activationId = authentication.getActivationObject().getActivationId();
             final PowerAuthSignatureHttpHeader httpHeader = (PowerAuthSignatureHttpHeader) authentication.getHttpHeader();
             final String applicationKey = httpHeader.getApplicationKey();
 

From d701e23600141c06a91370992dfc04ac37d3de81 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 25 Oct 2021 19:21:05 +0200
Subject: [PATCH 24/36] Fix null pointer exception, check authentication result

---
 .../api/spring/provider/PowerAuthAuthenticationProvider.java  | 4 ++--
 .../powerauth/rest/api/spring/service/v3/UpgradeService.java  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
index 1f0951f6..2b364d70 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
@@ -147,7 +147,7 @@ private PowerAuthApiAuthenticationImpl validateSignatureAuthentication(PowerAuth
             final AuthenticationContext authenticationContext = new AuthenticationContext();
             authenticationContext.setValid(response.isSignatureValid());
             authenticationContext.setRemainingAttempts(response.getRemainingAttempts() != null ? response.getRemainingAttempts().intValue() : null);
-            authenticationContext.setSignatureType(PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()));
+            authenticationContext.setSignatureType(response.getSignatureType() != null ? PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()) : null);
             final PowerAuthActivation activationObject = copyActivationAttributes(response.getActivationId(), response.getUserId(),
                     activationStatusConverter.convertFrom(response.getActivationStatus()), response.getBlockedReason(),
                     response.getActivationFlags(), authenticationContext, authentication.getVersion());
@@ -185,7 +185,7 @@ private PowerAuthApiAuthenticationImpl validateTokenAuthentication(PowerAuthToke
             final AuthenticationContext authenticationContext = new AuthenticationContext();
             authenticationContext.setValid(response.isTokenValid());
             authenticationContext.setRemainingAttempts(null);
-            authenticationContext.setSignatureType(PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()));
+            authenticationContext.setSignatureType(response.getSignatureType() != null ? PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()) : null);
             final PowerAuthActivation activationObject = copyActivationAttributes(response.getActivationId(), response.getUserId(),
                     activationStatus, null,
                     response.getActivationFlags(), authenticationContext, authentication.getVersion());
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
index 28378185..bc10b4e3 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
@@ -142,7 +142,7 @@ public Response upgradeCommit(String signatureHeader,
             final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignature("POST", requestBodyBytes, "/pa/upgrade/commit", signatureHeader, allowedSignatureTypes, 3);
 
             // In case signature verification fails, upgrade fails, too
-            if (authentication == null || authentication.getActivationObject() == null) {
+            if (authentication == null || !authentication.getAuthenticationContext().isValid() || authentication.getActivationObject() == null) {
                 logger.debug("Signature validation failed");
                 throw new PowerAuthSignatureInvalidException();
             }

From 795d1613e69beea5a072602d447f0de5780250c7 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 25 Oct 2021 22:31:29 +0200
Subject: [PATCH 25/36] Code review, minor updates

---
 .../rest/api/spring/activation/PowerAuthActivation.java        | 3 +--
 .../authentication/impl/PowerAuthApiAuthenticationImpl.java    | 1 -
 .../api/spring/provider/PowerAuthAuthenticationProvider.java   | 2 +-
 .../rest/api/spring/controller/AuthenticationController.java   | 2 +-
 4 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java
index 956ffa59..0f7fffd4 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java
@@ -27,8 +27,7 @@
 /**
  * Interface for obtaining PowerAuth activation detail during signature verification.
  *
- * @author Petr Dvorak, petr@wultra.com
- *
+ * @author Roman Strobl, roman.strobl@wultra.com
  */
 public interface PowerAuthActivation {
 
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
index ccb04629..18b4de8e 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
@@ -19,7 +19,6 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.authentication.impl;
 
-import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
 import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
index 2b364d70..6cff9eca 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
@@ -175,7 +175,7 @@ private PowerAuthApiAuthenticationImpl validateTokenAuthentication(PowerAuthToke
             request.setTimestamp(Long.parseLong(authentication.getTimestamp()));
 
             final ValidateTokenResponse response = powerAuthClient.validateToken(request);
-            ActivationStatus activationStatus;
+            final ActivationStatus activationStatus;
             if (response.isTokenValid()) {
                 activationStatus = ActivationStatus.ACTIVE;
             } else {
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
index a3420842..56c7a0c5 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
@@ -59,7 +59,7 @@ public class AuthenticationController {
         }
         return new ObjectResponse<>("Hooray! "
                 + " User: " + auth.getUserId()
-                + " (activation: " + auth.getActivationId() + ")"
+                + " (activation: " + auth.getActivationObject().getActivationId() + ")"
                 + " successfully verified via app with ID: " + auth.getApplicationId()
                 + " using factor: " + auth.getAuthenticationContext().getSignatureType()
         );

From 171f6c44dd0fbcc339873142bb2eafd8784b85d2 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 25 Oct 2021 23:20:18 +0200
Subject: [PATCH 26/36] Update low level usages of authentication provider

---
 docs/RESTful-API-for-Spring.md                                  | 2 +-
 .../rest/api/spring/controller/v2/ActivationController.java     | 2 +-
 .../rest/api/spring/controller/v3/ActivationController.java     | 2 +-
 .../powerauth/rest/api/spring/service/v3/UpgradeService.java    | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/RESTful-API-for-Spring.md b/docs/RESTful-API-for-Spring.md
index aafb4450..59c177da 100644
--- a/docs/RESTful-API-for-Spring.md
+++ b/docs/RESTful-API-for-Spring.md
@@ -304,7 +304,7 @@ public class AuthenticationController {
             signatureHeader
         );
 
-        if (apiAuthentication == null || apiAuthentication.getUserId() == null) {
+        if (!apiAuthentication.getAuthenticationContext().isValid() || apiAuthentication.getUserId() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         SecurityContextHolder.getContext().setAuthentication((Authentication) apiAuthentication);
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
index 0ac7c6f5..e5086dd3 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
@@ -138,7 +138,7 @@ public ObjectResponse<ActivationRemoveResponse> removeActivation(
     ) throws PowerAuthActivationException, PowerAuthAuthenticationException {
         // Request body needs to be set to null because the SDK uses null for the signature, although {} is sent as request body
         PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignature("POST", null, "/pa/activation/remove", signatureHeader);
-        if (apiAuthentication == null || apiAuthentication.getActivationObject() == null) {
+        if (!apiAuthentication.getAuthenticationContext().isValid() || apiAuthentication.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
index 06e0da27..5f77145f 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
@@ -137,7 +137,7 @@ public ObjectResponse<ActivationRemoveResponse> removeActivation(
             throws PowerAuthActivationException, PowerAuthAuthenticationException {
         byte[] requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
         PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignature("POST", requestBodyBytes, "/pa/activation/remove", signatureHeader);
-        if (apiAuthentication == null || apiAuthentication.getActivationObject() == null) {
+        if (!apiAuthentication.getAuthenticationContext().isValid() || apiAuthentication.getActivationObject() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
index bc10b4e3..57b0d3de 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
@@ -142,7 +142,7 @@ public Response upgradeCommit(String signatureHeader,
             final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignature("POST", requestBodyBytes, "/pa/upgrade/commit", signatureHeader, allowedSignatureTypes, 3);
 
             // In case signature verification fails, upgrade fails, too
-            if (authentication == null || !authentication.getAuthenticationContext().isValid() || authentication.getActivationObject() == null) {
+            if (!authentication.getAuthenticationContext().isValid() || authentication.getActivationObject() == null) {
                 logger.debug("Signature validation failed");
                 throw new PowerAuthSignatureInvalidException();
             }

From 515a71a2ffc012df33dfba1bf8384301112b4c73 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Tue, 2 Nov 2021 10:59:24 +0100
Subject: [PATCH 27/36] Ensure compatibility with previous releases, update
 documentation, add information about nullability, code cleanup

---
 docs/RESTful-API-for-Spring.md                | 32 +++++++++-
 .../PowerAuthAnnotationInterceptor.java       |  8 +--
 .../PowerAuthApiAuthentication.java           | 39 +++++++++---
 .../impl/PowerAuthApiAuthenticationImpl.java  | 40 ++++++++++--
 .../PowerAuthAuthenticationProvider.java      | 51 +++++++++++-----
 .../PowerAuthAuthenticationProviderBase.java  | 61 ++++++++++++++++---
 .../provider/PowerAuthEncryptionProvider.java |  5 +-
 .../PowerAuthEncryptionProviderBase.java      |  8 ++-
 .../controller/v2/ActivationController.java   |  2 +-
 .../controller/v2/SignatureController.java    |  2 +-
 .../spring/controller/v2/TokenController.java |  4 +-
 .../controller/v3/ActivationController.java   |  2 +-
 .../controller/v3/RecoveryController.java     |  2 +-
 .../controller/v3/SignatureController.java    |  2 +-
 .../spring/controller/v3/TokenController.java |  4 +-
 .../api/spring/service/v2/TokenService.java   |  2 +-
 .../spring/service/v3/ActivationService.java  |  2 +-
 .../spring/service/v3/RecoveryService.java    |  2 +-
 .../api/spring/service/v3/TokenService.java   |  4 +-
 .../api/spring/service/v3/UpgradeService.java |  8 +--
 .../controller/AuthenticationController.java  |  2 +-
 21 files changed, 211 insertions(+), 71 deletions(-)

diff --git a/docs/RESTful-API-for-Spring.md b/docs/RESTful-API-for-Spring.md
index 59c177da..59db8401 100644
--- a/docs/RESTful-API-for-Spring.md
+++ b/docs/RESTful-API-for-Spring.md
@@ -263,7 +263,7 @@ public class AuthenticationController {
     @PowerAuth(resourceId = "/secured/account/${id}?filter=${filter}")
     @ResponseBody
     public MyAccountApiResponse changeAccountSettings(
-            @PathVariable("id") String accountId, @RequestParam("filter") String filter,  PowerAuthApiAuthentication auth) {
+            @PathVariable("id") String accountId, @RequestParam("filter") String filter,  PowerAuthApiAuthentication auth, PowerAuthActivation activation) {
         
         if (auth == null) {
             // handle authentication failure
@@ -272,7 +272,9 @@ public class AuthenticationController {
         
         // use userId for business logic ...
         final String userId = auth.getUserId();
-        final Account account = myService.updateAccount(accountId, userId, filter);
+        final String activationId = activation.getActivationId();
+        final List<String> activationFlags = activation.getActivationFlags();
+        final Account account = myService.updateAccount(accountId, userId, filter, activationId, activationFlags);
         
         // return OK response
         return new MyAccountApiResponse(Status.OK, userId);
@@ -304,7 +306,7 @@ public class AuthenticationController {
             signatureHeader
         );
 
-        if (!apiAuthentication.getAuthenticationContext().isValid() || apiAuthentication.getUserId() == null) {
+        if (apiAuthentication == null || apiAuthentication.getActivationContext() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         SecurityContextHolder.getContext().setAuthentication((Authentication) apiAuthentication);
@@ -314,6 +316,30 @@ public class AuthenticationController {
 }
 ```
 
+In case you want to process the failed signature verification results and obtain additional information about the activation, you can use the `authenticationProvider.validateRequestSignatureWithActivationDetails()` method:
+
+```java
+        final PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignatureWithActivationDetails(
+            "POST",
+            "Any data".getBytes(StandardCharsets.UTF_8),
+            "/session/login",
+            signatureHeader
+        );
+
+        final AuthenticationContext auth = apiAuthentication.getAuthenticationContext();
+        final PowerAuthActivation activation = apiAuthentication.getActivationContext();
+        
+        if (!auth.isValid() || activation == null) {
+            throw new PowerAuthSignatureInvalidException();
+        }
+        
+        Integer remainingAttempts = auth.getRemainingAttempts();
+        String activationId = activation.getActivationId();
+        ActivationStatus activationStatus = activation.getActivationStatus();
+        ...
+
+```
+
 ### Use Token Based Authentication
 
 This sample `@Controller` implementation illustrates how to use `@PowerAuthToken` annotation to verify simple token based authentication headers. In case the authentication is not successful, the `PowerAuthApiAuthentication` object is null.
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
index 589ce040..de213acf 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
@@ -126,13 +126,13 @@ public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServl
                     final String resourceId = expandResourceId(powerAuthSignatureAnnotation.resourceId(), request, handlerMethod);
                     final String header = request.getHeader(PowerAuthSignatureHttpHeader.HEADER_NAME);
                     final List<PowerAuthSignatureTypes> signatureTypes = Arrays.asList(powerAuthSignatureAnnotation.signatureType());
-                    final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignature(
+                    final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignatureWithActivationDetails(
                             request, resourceId, header, signatureTypes
                     );
                     if (authentication.getAuthenticationContext().isValid()) {
                         request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
                     }
-                    request.setAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT, authentication.getActivationObject());
+                    request.setAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT, authentication.getActivationContext());
                 } catch (PowerAuthAuthenticationException ex) {
                     logger.warn("Invalid request signature, authentication object was removed");
                     request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, null);
@@ -144,13 +144,13 @@ public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServl
                 try {
                     final String header = request.getHeader(PowerAuthTokenHttpHeader.HEADER_NAME);
                     final List<PowerAuthSignatureTypes> signatureTypes = Arrays.asList(powerAuthTokenAnnotation.signatureType());
-                    final PowerAuthApiAuthentication authentication = authenticationProvider.validateToken(
+                    final PowerAuthApiAuthentication authentication = authenticationProvider.validateTokenWithActivationDetails(
                             header, signatureTypes
                     );
                     if (authentication.getAuthenticationContext().isValid()) {
                         request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
                     }
-                    request.setAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT, authentication.getActivationObject());
+                    request.setAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT, authentication.getActivationContext());
                 } catch (PowerAuthAuthenticationException ex) {
                     logger.warn("Invalid token, authentication object was removed");
                     request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, null);
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
index 6456a929..92980b51 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
@@ -19,6 +19,7 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.authentication;
 
+import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
 import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
@@ -48,7 +49,7 @@ public interface PowerAuthApiAuthentication {
 
     /**
      * Get activation ID.
-     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationObject()} instead.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationContext()} instead.
      * @return Activation ID.
      */
     @Deprecated
@@ -56,7 +57,7 @@ public interface PowerAuthApiAuthentication {
 
     /**
      * Set activation ID.
-     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationObject()} instead.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationContext()} instead.
      * @param activationId Activation ID.
      */
     @Deprecated
@@ -88,7 +89,7 @@ public interface PowerAuthApiAuthentication {
 
     /**
      * Get activation flags.
-     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationObject()} instead.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationContext()} instead.
      * @return Activation flags.
      */
     @Deprecated
@@ -96,12 +97,30 @@ public interface PowerAuthApiAuthentication {
 
     /**
      * Set activation flags.
-     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationObject()} instead.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getActivationContext()} instead.
      * @param activationFlags Activation flags.
      */
     @Deprecated
     void setActivationFlags(List<String> activationFlags);
 
+    /**
+     * Return authentication factors related to the signature that was used to produce
+     * this authentication object.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getAuthenticationContext()} ()} instead.
+     * @return Signature type (signature factors).
+     */
+    @Deprecated
+    PowerAuthSignatureTypes getSignatureFactors();
+
+    /**
+     * Set authentication factors related to the signature that was used to produce
+     * this authentication object.
+     * This method is deprecated, use {@link PowerAuthApiAuthentication#getAuthenticationContext()} ()} instead.
+     * @param factors Signature type (signature factors).
+     */
+    @Deprecated
+    void setSignatureFactors(PowerAuthSignatureTypes factors);
+
     /**
      * Get PowerAuth authentication context.
      * @return PowerAuth authentication context.
@@ -139,15 +158,15 @@ public interface PowerAuthApiAuthentication {
     void setHttpHeader(PowerAuthHttpHeader httpHeader);
 
     /**
-     * Get the activation object.
-     * @return Activation object.
+     * Get the activation context.
+     * @return Activation context.
      */
-    PowerAuthActivation getActivationObject();
+    PowerAuthActivation getActivationContext();
 
     /**
-     * Set the activation object.
-     * @param activationObject Activaiton object.
+     * Set the activation context.
+     * @param activationContext Activation context.
      */
-    void setActivationObject(PowerAuthActivation activationObject);
+    void setActivationContext(PowerAuthActivation activationContext);
 
 }
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
index 18b4de8e..60008c2c 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
@@ -19,6 +19,7 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.authentication.impl;
 
+import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
 import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
@@ -69,6 +70,11 @@ public class PowerAuthApiAuthenticationImpl extends AbstractAuthenticationToken
      */
     private List<String> activationFlags = new ArrayList<>();
 
+    /**
+     * Signature type, representing used authentication factor.
+     */
+    private PowerAuthSignatureTypes factors;
+
     /**
      * PowerAuth authentication context.
      */
@@ -85,9 +91,9 @@ public class PowerAuthApiAuthenticationImpl extends AbstractAuthenticationToken
     private PowerAuthHttpHeader httpHeader;
 
     /**
-     * Activation object representing activation detail.
+     * PowerAuth activation instance representing activation context.
      */
-    private PowerAuthActivation activationObject;
+    private PowerAuthActivation activationContext;
 
     /**
      * Default constructor
@@ -118,6 +124,9 @@ public PowerAuthApiAuthenticationImpl(String activationId, String userId, Long a
             this.activationFlags = new ArrayList<>(activationFlags);
         }
         this.authenticationContext = authenticationContext;
+        if (authenticationContext != null) {
+            this.factors = authenticationContext.getSignatureType();
+        }
     }
 
     @Override
@@ -200,6 +209,16 @@ public void setActivationFlags(List<String> activationFlags) {
         }
     }
 
+    @Override
+    public PowerAuthSignatureTypes getSignatureFactors() {
+        return factors;
+    }
+
+    @Override
+    public void setSignatureFactors(PowerAuthSignatureTypes factors) {
+        this.factors = factors;
+    }
+
     @Override
     public AuthenticationContext getAuthenticationContext() {
         return authenticationContext;
@@ -208,6 +227,10 @@ public AuthenticationContext getAuthenticationContext() {
     @Override
     public void setAuthenticationContext(AuthenticationContext authenticationContext) {
         this.authenticationContext = authenticationContext;
+        // Update deprecated signatureFactors to ensure compatibility
+        if (authenticationContext != null) {
+            setSignatureFactors(authenticationContext.getSignatureType());
+        }
     }
 
     @Override
@@ -231,13 +254,18 @@ public void setHttpHeader(PowerAuthHttpHeader httpHeader) {
     }
 
     @Override
-    public PowerAuthActivation getActivationObject() {
-        return activationObject;
+    public PowerAuthActivation getActivationContext() {
+        return activationContext;
     }
 
     @Override
-    public void setActivationObject(PowerAuthActivation activationObject) {
-        this.activationObject = activationObject;
+    public void setActivationContext(PowerAuthActivation activationContext) {
+        this.activationContext = activationContext;
+        // Update deprecated activationId and activationFlags to ensure compatibility
+        if (activationContext != null) {
+            setActivationId(activationContext.getActivationId());
+            setActivationFlags(activationContext.getActivationFlags());
+        }
     }
 
 }
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
index 6cff9eca..7eaaaa69 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
@@ -53,6 +53,7 @@
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.stereotype.Component;
 
+import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import java.util.List;
 
@@ -148,13 +149,13 @@ private PowerAuthApiAuthenticationImpl validateSignatureAuthentication(PowerAuth
             authenticationContext.setValid(response.isSignatureValid());
             authenticationContext.setRemainingAttempts(response.getRemainingAttempts() != null ? response.getRemainingAttempts().intValue() : null);
             authenticationContext.setSignatureType(response.getSignatureType() != null ? PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()) : null);
-            final PowerAuthActivation activationObject = copyActivationAttributes(response.getActivationId(), response.getUserId(),
+            final PowerAuthActivation activationContext = copyActivationAttributes(response.getActivationId(), response.getUserId(),
                     activationStatusConverter.convertFrom(response.getActivationStatus()), response.getBlockedReason(),
                     response.getActivationFlags(), authenticationContext, authentication.getVersion());
             return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(),
                     response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(),
                     authenticationContext, authentication.getVersion(), authentication.getHttpHeader(),
-                    activationObject);
+                    activationContext);
         } else {
             return null;
         }
@@ -186,13 +187,13 @@ private PowerAuthApiAuthenticationImpl validateTokenAuthentication(PowerAuthToke
             authenticationContext.setValid(response.isTokenValid());
             authenticationContext.setRemainingAttempts(null);
             authenticationContext.setSignatureType(response.getSignatureType() != null ? PowerAuthSignatureTypes.getEnumFromString(response.getSignatureType().value()) : null);
-            final PowerAuthActivation activationObject = copyActivationAttributes(response.getActivationId(), response.getUserId(),
+            final PowerAuthActivation activationContext = copyActivationAttributes(response.getActivationId(), response.getUserId(),
                     activationStatus, null,
                     response.getActivationFlags(), authenticationContext, authentication.getVersion());
             return copyAuthenticationAttributes(response.getActivationId(), response.getUserId(),
                     response.getApplicationId(), response.getApplicationRoles(), response.getActivationFlags(),
                     authenticationContext, authentication.getVersion(), authentication.getHttpHeader(),
-                    activationObject);
+                    activationContext);
         } catch (NumberFormatException ex) {
             logger.warn("Invalid timestamp format, error: {}", ex.getMessage());
             logger.debug("Error details", ex);
@@ -214,12 +215,12 @@ private PowerAuthApiAuthenticationImpl validateTokenAuthentication(PowerAuthToke
      * @param authenticationContext Authentication context.
      * @param version PowerAuth protocol version.
      * @param httpHeader Raw PowerAuth http header.
-     * @param activationObject PowerAuth activation object.
+     * @param activationContext PowerAuth activation context.
      * @return Initialized instance of API authentication.
      */
     private PowerAuthApiAuthenticationImpl copyAuthenticationAttributes(String activationId, String userId, Long applicationId, List<String> applicationRoles,
                                                                         List<String> activationFlags, AuthenticationContext authenticationContext,
-                                                                        String version, PowerAuthHttpHeader httpHeader, PowerAuthActivation activationObject) {
+                                                                        String version, PowerAuthHttpHeader httpHeader, PowerAuthActivation activationContext) {
         final PowerAuthApiAuthenticationImpl apiAuthentication = new PowerAuthApiAuthenticationImpl();
         apiAuthentication.setActivationId(activationId);
         apiAuthentication.setUserId(userId);
@@ -230,7 +231,7 @@ private PowerAuthApiAuthenticationImpl copyAuthenticationAttributes(String activ
         apiAuthentication.setAuthenticated(true);
         apiAuthentication.setVersion(version);
         apiAuthentication.setHttpHeader(httpHeader);
-        apiAuthentication.setActivationObject(activationObject);
+        apiAuthentication.setActivationContext(activationContext);
         return apiAuthentication;
     }
 
@@ -271,16 +272,25 @@ private PowerAuthActivationImpl copyActivationAttributes(String activationId, St
      * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
      */
     public PowerAuthApiAuthentication validateRequestSignature(
-            String httpMethod,
-            byte[] httpBody,
-            String requestUriIdentifier,
-            String httpAuthorizationHeader,
-            List<PowerAuthSignatureTypes> allowedSignatureTypes,
+            @Nonnull String httpMethod,
+            @Nullable byte[] httpBody,
+            @Nonnull String requestUriIdentifier,
+            @Nonnull String httpAuthorizationHeader,
+            @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes,
             @Nullable Integer forcedSignatureVersion
     ) throws PowerAuthAuthenticationException {
+        final PowerAuthApiAuthentication apiAuthentication = validateRequestSignatureWithActivationDetails(httpMethod, httpBody, requestUriIdentifier, httpAuthorizationHeader, allowedSignatureTypes, forcedSignatureVersion);
+        if (!apiAuthentication.getAuthenticationContext().isValid()) {
+            // Traditionally, failed signature validation returns null value for PowerAuthApiAuthentication
+            return null;
+        }
+       return apiAuthentication;
+    }
 
+    @Override
+    public @Nonnull PowerAuthApiAuthentication validateRequestSignatureWithActivationDetails(@Nonnull String httpMethod, @Nullable byte[] httpBody, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes, @Nullable Integer forcedSignatureVersion) throws PowerAuthAuthenticationException {
         // Check for HTTP PowerAuth signature header
-        if (httpAuthorizationHeader == null || httpAuthorizationHeader.equals("undefined")) {
+        if (httpAuthorizationHeader.equals("undefined")) {
             logger.warn("Signature HTTP header is missing");
             throw new PowerAuthHeaderMissingException();
         }
@@ -338,10 +348,20 @@ public PowerAuthApiAuthentication validateRequestSignature(
      * @return Authentication object in case authentication is correctly obtained.
      * @throws PowerAuthAuthenticationException In case of authentication failure.
      */
-    public PowerAuthApiAuthentication validateToken(String tokenHeader, List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException {
+    public @Nullable PowerAuthApiAuthentication validateToken(@Nonnull String tokenHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException {
+        final PowerAuthApiAuthentication apiAuthentication = validateTokenWithActivationDetails(tokenHeader, allowedSignatureTypes);
+        if (!apiAuthentication.getAuthenticationContext().isValid()) {
+            // Traditionally, failed token validation returns null value for PowerAuthApiAuthentication
+            return null;
+        }
+        return apiAuthentication;
+    }
 
+    @Nonnull
+    @Override
+    public PowerAuthApiAuthentication validateTokenWithActivationDetails(@Nonnull String tokenHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException {
         // Check for HTTP PowerAuth signature header
-        if (tokenHeader == null || tokenHeader.equals("undefined")) {
+        if (tokenHeader.equals("undefined")) {
             logger.warn("Token HTTP header is missing");
             throw new PowerAuthHeaderMissingException();
         }
@@ -384,7 +404,6 @@ public PowerAuthApiAuthentication validateToken(String tokenHeader, List<PowerAu
         }
 
         return auth;
-
     }
 
 }
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
index 9aa5e055..1270c2e8 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
@@ -29,6 +29,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import javax.servlet.http.HttpServletRequest;
 import java.util.ArrayList;
@@ -46,7 +47,24 @@ public abstract class PowerAuthAuthenticationProviderBase {
 
     /**
      * Validate the signature from the PowerAuth HTTP header against the provided HTTP method, request body and URI identifier.
-     * Make sure to accept only allowed signatures.
+     * Make sure to accept only allowed signatures. Return an instance of PowerAuthApiAuthentication on successful authorization,
+     * null value is returned on failed authorization. A check of null return value is used to determine the authorization result.
+     * @param httpMethod HTTP method (GET, POST, ...)
+     * @param httpBody Body of the HTTP request.
+     * @param requestUriIdentifier Request URI identifier.
+     * @param httpAuthorizationHeader PowerAuth HTTP authorization header.
+     * @param allowedSignatureTypes Allowed types of the signature.
+     * @param forcedSignatureVersion Forced signature version during upgrade.
+     * @return Instance of a PowerAuthApiAuthentication on successful authorization, null value on failed authorization.
+     * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
+     */
+    public abstract @Nullable PowerAuthApiAuthentication validateRequestSignature(@Nonnull String httpMethod, @Nullable byte[] httpBody, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes, @Nullable Integer forcedSignatureVersion) throws PowerAuthAuthenticationException;
+
+    /**
+     * Validate the signature from the PowerAuth HTTP header against the provided HTTP method, request body and URI identifier.
+     * Make sure to accept only allowed signatures. Return an instance of PowerAuthApiAuthentication on both successful and
+     * failed authorization. A check of null return value cannot be used to determine the authorization result, the actual
+     * result is available in the authorization context.
      * @param httpMethod HTTP method (GET, POST, ...)
      * @param httpBody Body of the HTTP request.
      * @param requestUriIdentifier Request URI identifier.
@@ -56,7 +74,7 @@ public abstract class PowerAuthAuthenticationProviderBase {
      * @return Instance of a PowerAuthApiAuthentication on successful authorization.
      * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
      */
-    public abstract PowerAuthApiAuthentication validateRequestSignature(String httpMethod, byte[] httpBody, String requestUriIdentifier, String httpAuthorizationHeader, List<PowerAuthSignatureTypes> allowedSignatureTypes, @Nullable Integer forcedSignatureVersion) throws PowerAuthAuthenticationException;
+    public abstract @Nonnull PowerAuthApiAuthentication validateRequestSignatureWithActivationDetails(@Nonnull String httpMethod, @Nullable byte[] httpBody, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes, @Nullable Integer forcedSignatureVersion) throws PowerAuthAuthenticationException;
 
     /**
      * Validate the token digest from PowerAuth authentication header.
@@ -65,7 +83,16 @@ public abstract class PowerAuthAuthenticationProviderBase {
      * @return Instance of a PowerAuthApiAuthentication on successful authorization.
      * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
      */
-    public abstract PowerAuthApiAuthentication validateToken(String httpAuthorizationHeader, List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException;
+    public abstract @Nullable PowerAuthApiAuthentication validateToken(@Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException;
+
+    /**
+     * Validate the token digest from PowerAuth authentication header.
+     * @param httpAuthorizationHeader HTTP header with token digest.
+     * @param allowedSignatureTypes Allowed types of the signature.
+     * @return Instance of a PowerAuthApiAuthentication on successful authorization.
+     * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
+     */
+    public abstract @Nonnull PowerAuthApiAuthentication validateTokenWithActivationDetails(@Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException;
 
     /**
      * The same as {{@link #validateRequestSignature(String, byte[], String, String, List, Integer)} but uses default accepted signature type (2FA or 3FA) and does not specify forced signature version.
@@ -76,7 +103,7 @@ public abstract class PowerAuthAuthenticationProviderBase {
      * @return Instance of a PowerAuthApiAuthentication on successful authorization.
      * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
      */
-    public PowerAuthApiAuthentication validateRequestSignature(String httpMethod, byte[] httpBody, String requestUriIdentifier, String httpAuthorizationHeader) throws PowerAuthAuthenticationException {
+    public @Nullable PowerAuthApiAuthentication validateRequestSignature(@Nonnull String httpMethod, @Nullable byte[] httpBody, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader) throws PowerAuthAuthenticationException {
         List<PowerAuthSignatureTypes> defaultAllowedSignatureTypes = new ArrayList<>();
         defaultAllowedSignatureTypes.add(PowerAuthSignatureTypes.POSSESSION_KNOWLEDGE);
         defaultAllowedSignatureTypes.add(PowerAuthSignatureTypes.POSSESSION_BIOMETRY);
@@ -93,13 +120,29 @@ public PowerAuthApiAuthentication validateRequestSignature(String httpMethod, by
      * @return Instance of a PowerAuthApiAuthentication on successful authorization.
      * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
      */
-    public PowerAuthApiAuthentication validateRequestSignature(HttpServletRequest servletRequest, String requestUriIdentifier, String httpAuthorizationHeader, List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException {
+    public @Nullable PowerAuthApiAuthentication validateRequestSignature(@Nonnull HttpServletRequest servletRequest, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException {
         // Get HTTP method and body bytes
         String requestMethod = servletRequest.getMethod().toUpperCase();
         byte[] requestBodyBytes = extractRequestBodyBytes(servletRequest);
         return this.validateRequestSignature(requestMethod, requestBodyBytes, requestUriIdentifier, httpAuthorizationHeader, allowedSignatureTypes, null);
     }
 
+    /**
+     * Validate a request signature, make sure only supported signature types are used, do not use forced signature version during upgrade.
+     * @param servletRequest HTTPServletRequest with signed data.
+     * @param requestUriIdentifier Request URI identifier.
+     * @param httpAuthorizationHeader PowerAuth HTTP authorization header.
+     * @param allowedSignatureTypes Allowed types of signatures.
+     * @return Instance of a PowerAuthApiAuthentication on successful authorization.
+     * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
+     */
+    public @Nonnull PowerAuthApiAuthentication validateRequestSignatureWithActivationDetails(@Nonnull HttpServletRequest servletRequest, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException {
+        // Get HTTP method and body bytes
+        String requestMethod = servletRequest.getMethod().toUpperCase();
+        byte[] requestBodyBytes = extractRequestBodyBytes(servletRequest);
+        return this.validateRequestSignatureWithActivationDetails(requestMethod, requestBodyBytes, requestUriIdentifier, httpAuthorizationHeader, allowedSignatureTypes, null);
+    }
+
     /**
      * Validate a request signature, make sure only supported signature types are used and allow specification of forced signature version.
      * @param servletRequest HTTPServletRequest with signed data.
@@ -110,7 +153,7 @@ public PowerAuthApiAuthentication validateRequestSignature(HttpServletRequest se
      * @return Instance of a PowerAuthApiAuthentication on successful authorization.
      * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
      */
-    public PowerAuthApiAuthentication validateRequestSignature(HttpServletRequest servletRequest, String requestUriIdentifier, String httpAuthorizationHeader, List<PowerAuthSignatureTypes> allowedSignatureTypes, @Nullable Integer forcedSignatureVersion) throws PowerAuthAuthenticationException {
+    public @Nullable PowerAuthApiAuthentication validateRequestSignature(@Nonnull HttpServletRequest servletRequest, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes, @Nullable Integer forcedSignatureVersion) throws PowerAuthAuthenticationException {
         // Get HTTP method and body bytes
         String requestMethod = servletRequest.getMethod().toUpperCase();
         byte[] requestBodyBytes = extractRequestBodyBytes(servletRequest);
@@ -125,7 +168,7 @@ public PowerAuthApiAuthentication validateRequestSignature(HttpServletRequest se
      * @return Instance of a PowerAuthApiAuthentication on successful authorization.
      * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
      */
-    public PowerAuthApiAuthentication validateRequestSignature(HttpServletRequest servletRequest, String requestUriIdentifier, String httpAuthorizationHeader) throws PowerAuthAuthenticationException {
+    public @Nullable PowerAuthApiAuthentication validateRequestSignature(@Nonnull HttpServletRequest servletRequest, @Nonnull String requestUriIdentifier, @Nonnull String httpAuthorizationHeader) throws PowerAuthAuthenticationException {
         List<PowerAuthSignatureTypes> defaultAllowedSignatureTypes = new ArrayList<>();
         defaultAllowedSignatureTypes.add(PowerAuthSignatureTypes.POSSESSION_KNOWLEDGE);
         defaultAllowedSignatureTypes.add(PowerAuthSignatureTypes.POSSESSION_BIOMETRY);
@@ -139,7 +182,7 @@ public PowerAuthApiAuthentication validateRequestSignature(HttpServletRequest se
      * @return Instance of a PowerAuthApiAuthentication on successful authorization.
      * @throws PowerAuthAuthenticationException In case authorization fails, exception is raised.
      */
-    public PowerAuthApiAuthentication validateToken(String tokenHeader) throws PowerAuthAuthenticationException {
+    public @Nullable PowerAuthApiAuthentication validateToken(@Nonnull String tokenHeader) throws PowerAuthAuthenticationException {
         List<PowerAuthSignatureTypes> defaultAllowedSignatureTypes = new ArrayList<>();
         defaultAllowedSignatureTypes.add(PowerAuthSignatureTypes.POSSESSION_KNOWLEDGE);
         defaultAllowedSignatureTypes.add(PowerAuthSignatureTypes.POSSESSION_BIOMETRY);
@@ -153,7 +196,7 @@ public PowerAuthApiAuthentication validateToken(String tokenHeader) throws Power
      * @return Request body bytes.
      * @throws PowerAuthAuthenticationException In case request body is invalid.
      */
-    public byte[] extractRequestBodyBytes(HttpServletRequest servletRequest) throws PowerAuthAuthenticationException {
+    public @Nonnull byte[] extractRequestBodyBytes(@Nonnull HttpServletRequest servletRequest) throws PowerAuthAuthenticationException {
         if (servletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT) != null) {
             // Implementation of sign-then-encrypt - in case the encryption object is present and signature is validate, use decrypted request data
             PowerAuthEciesEncryption eciesEncryption = (PowerAuthEciesEncryption) servletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT);
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java
index 423e23da..422a59b6 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java
@@ -29,6 +29,9 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
 /**
  * Implementation of PowerAuth encryption provider.
  *
@@ -53,7 +56,7 @@ public void setPowerAuthClient(PowerAuthClient powerAuthClient) {
     }
 
     @Override
-    public PowerAuthEciesDecryptorParameters getEciesDecryptorParameters(String activationId, String applicationKey, String ephemeralPublicKey) throws PowerAuthEncryptionException {
+    public @Nonnull PowerAuthEciesDecryptorParameters getEciesDecryptorParameters(@Nullable String activationId, @Nonnull String applicationKey, @Nonnull String ephemeralPublicKey) throws PowerAuthEncryptionException {
         try {
             GetEciesDecryptorRequest eciesDecryptorRequest = new GetEciesDecryptorRequest();
             eciesDecryptorRequest.setActivationId(activationId);
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java
index 875c602b..bd68f626 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java
@@ -45,6 +45,8 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.lang.reflect.Type;
@@ -72,7 +74,7 @@ public abstract class PowerAuthEncryptionProviderBase {
      * @return ECIES decryptor parameters.
      * @throws PowerAuthEncryptionException In case PowerAuth server call fails.
      */
-    public abstract PowerAuthEciesDecryptorParameters getEciesDecryptorParameters(String activationId, String applicationKey, String ephemeralPublicKey) throws PowerAuthEncryptionException;
+    public abstract @Nonnull PowerAuthEciesDecryptorParameters getEciesDecryptorParameters(@Nullable String activationId, @Nonnull String applicationKey, @Nonnull String ephemeralPublicKey) throws PowerAuthEncryptionException;
 
     /**
      * Decrypt HTTP request body and construct object with ECIES data. Use the requestType parameter to specify
@@ -84,7 +86,7 @@ public abstract class PowerAuthEncryptionProviderBase {
      * @return Object with ECIES data.
      * @throws PowerAuthEncryptionException In case request decryption fails.
      */
-    public PowerAuthEciesEncryption decryptRequest(HttpServletRequest request, Type requestType, EciesScope eciesScope) throws PowerAuthEncryptionException {
+    public @Nonnull PowerAuthEciesEncryption decryptRequest(@Nonnull HttpServletRequest request, @Nonnull Type requestType, @Nonnull EciesScope eciesScope) throws PowerAuthEncryptionException {
         // Only POST HTTP method is supported for ECIES
         if (!"POST".equals(request.getMethod())) {
             logger.warn("Invalid HTTP method: {}", request.getMethod());
@@ -194,7 +196,7 @@ public PowerAuthEciesEncryption decryptRequest(HttpServletRequest request, Type
      * @param eciesEncryption PowerAuth encryption object.
      * @return ECIES encrypted response.
      */
-    public EciesEncryptedResponse encryptResponse(Object responseObject, PowerAuthEciesEncryption eciesEncryption) {
+    public @Nullable EciesEncryptedResponse encryptResponse(@Nonnull Object responseObject, @Nonnull PowerAuthEciesEncryption eciesEncryption) {
         try {
             final byte[] responseData = serializeResponseData(responseObject);
             // Encrypt response using decryptor and return ECIES cryptogram
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
index e5086dd3..bdc36dff 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
@@ -138,7 +138,7 @@ public ObjectResponse<ActivationRemoveResponse> removeActivation(
     ) throws PowerAuthActivationException, PowerAuthAuthenticationException {
         // Request body needs to be set to null because the SDK uses null for the signature, although {} is sent as request body
         PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignature("POST", null, "/pa/activation/remove", signatureHeader);
-        if (!apiAuthentication.getAuthenticationContext().isValid() || apiAuthentication.getActivationObject() == null) {
+        if (apiAuthentication == null || apiAuthentication.getActivationContext() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
index d954e65b..e1944128 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
@@ -64,7 +64,7 @@ public class SignatureController {
     })
     public Response validateSignature(PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
 
-        if (auth == null || auth.getActivationObject() == null) {
+        if (auth == null || auth.getActivationContext() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
index 6215af74..fb0f55b8 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
@@ -97,7 +97,7 @@ public ObjectResponse<TokenCreateResponse> createToken(
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationObject() == null) {
+        if (authentication == null || authentication.getActivationContext() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
@@ -128,7 +128,7 @@ public ObjectResponse<TokenRemoveResponse> removeToken(@RequestBody ObjectReques
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationObject() == null) {
+        if (authentication == null || authentication.getActivationContext() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
index 5f77145f..b3c90308 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
@@ -137,7 +137,7 @@ public ObjectResponse<ActivationRemoveResponse> removeActivation(
             throws PowerAuthActivationException, PowerAuthAuthenticationException {
         byte[] requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
         PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignature("POST", requestBodyBytes, "/pa/activation/remove", signatureHeader);
-        if (!apiAuthentication.getAuthenticationContext().isValid() || apiAuthentication.getActivationObject() == null) {
+        if (apiAuthentication == null || apiAuthentication.getActivationContext() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
index 9474bcf2..17cc3f95 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
@@ -80,7 +80,7 @@ public EciesEncryptedResponse confirmRecoveryCode(@RequestBody EciesEncryptedReq
             logger.warn("Invalid request object in confirm recovery");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationObject() == null) {
+        if (authentication == null || authentication.getActivationContext() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         if (!"3.0".equals(authentication.getVersion()) && !"3.1".equals(authentication.getVersion())) {
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
index f7ca3d9c..192efb2b 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
@@ -64,7 +64,7 @@ public class SignatureController {
     })
     public Response validateSignature(PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
 
-        if (auth == null || auth.getActivationObject() == null) {
+        if (auth == null || auth.getActivationContext() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
index 26b13d9b..f8a7c5ab 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
@@ -88,7 +88,7 @@ public EciesEncryptedResponse createToken(@RequestBody EciesEncryptedRequest req
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationObject() == null) {
+        if (authentication == null || authentication.getActivationContext() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
@@ -123,7 +123,7 @@ public ObjectResponse<TokenRemoveResponse> removeToken(@RequestBody ObjectReques
             logger.warn("Invalid request object in remove token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationObject() == null) {
+        if (authentication == null || authentication.getActivationContext() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         if (!"3.0".equals(authentication.getVersion()) && !"3.1".equals(authentication.getVersion())) {
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
index aab1d254..1b3fcf5c 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v2/TokenService.java
@@ -71,7 +71,7 @@ public void setPowerAuthClient(PowerAuthClient powerAuthClient) {
     public TokenCreateResponse createToken(TokenCreateRequest request, PowerAuthApiAuthentication authentication) throws PowerAuthAuthenticationException {
         try {
             // Fetch activation ID and signature type
-            final String activationId = authentication.getActivationObject().getActivationId();
+            final String activationId = authentication.getActivationContext().getActivationId();
             final PowerAuthSignatureTypes signatureFactors = authentication.getAuthenticationContext().getSignatureType();
 
             // Fetch data from the request
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
index f5799396..b25b7d65 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/ActivationService.java
@@ -388,7 +388,7 @@ public ActivationRemoveResponse removeActivation(PowerAuthApiAuthentication apiA
         try {
 
             // Fetch context information
-            final String activationId = apiAuthentication.getActivationObject().getActivationId();
+            final String activationId = apiAuthentication.getActivationContext().getActivationId();
             final String userId = apiAuthentication.getUserId();
             final Long applicationId = apiAuthentication.getApplicationId();
 
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
index b40da0d8..cef2733a 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/RecoveryService.java
@@ -69,7 +69,7 @@ public RecoveryService(PowerAuthClient powerAuthClient) {
     public EciesEncryptedResponse confirmRecoveryCode(EciesEncryptedRequest request,
                                                       PowerAuthApiAuthentication authentication) throws PowerAuthAuthenticationException {
         try {
-            final String activationId = authentication.getActivationObject().getActivationId();
+            final String activationId = authentication.getActivationContext().getActivationId();
             final PowerAuthSignatureHttpHeader httpHeader = (PowerAuthSignatureHttpHeader) authentication.getHttpHeader();
             final String applicationKey = httpHeader.getApplicationKey();
             if (activationId == null || applicationKey == null || request.getEphemeralPublicKey() == null
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
index c963cfef..92e51b12 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/TokenService.java
@@ -94,7 +94,7 @@ public EciesEncryptedResponse createToken(EciesEncryptedRequest request,
             }
 
             // Get ECIES headers
-            final String activationId = authentication.getActivationObject().getActivationId();
+            final String activationId = authentication.getActivationContext().getActivationId();
             final PowerAuthSignatureHttpHeader httpHeader = (PowerAuthSignatureHttpHeader) authentication.getHttpHeader();
             final String applicationKey = httpHeader.getApplicationKey();
 
@@ -125,7 +125,7 @@ public EciesEncryptedResponse createToken(EciesEncryptedRequest request,
     public TokenRemoveResponse removeToken(TokenRemoveRequest request, PowerAuthApiAuthentication authentication) throws PowerAuthAuthenticationException {
         try {
             // Fetch activation ID
-            final String activationId = authentication.getActivationObject().getActivationId();
+            final String activationId = authentication.getActivationContext().getActivationId();
 
             // Fetch token ID from the request
             final String tokenId = request.getTokenId();
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
index 57b0d3de..150fd7e5 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
@@ -131,7 +131,7 @@ public Response upgradeCommit(String signatureHeader,
         try {
             // Extract request body
             final byte[] requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
-            if (requestBodyBytes == null || requestBodyBytes.length == 0) {
+            if (requestBodyBytes.length == 0) {
                 // Expected request body is {}, do not accept empty body
                 logger.warn("Empty request body");
                 throw new PowerAuthInvalidRequestException();
@@ -139,16 +139,16 @@ public Response upgradeCommit(String signatureHeader,
 
             // Verify signature, force signature version during upgrade to version 3
             final List<PowerAuthSignatureTypes> allowedSignatureTypes = Collections.singletonList(PowerAuthSignatureTypes.POSSESSION);
-            final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignature("POST", requestBodyBytes, "/pa/upgrade/commit", signatureHeader, allowedSignatureTypes, 3);
+            final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignatureWithActivationDetails("POST", requestBodyBytes, "/pa/upgrade/commit", signatureHeader, allowedSignatureTypes, 3);
 
             // In case signature verification fails, upgrade fails, too
-            if (!authentication.getAuthenticationContext().isValid() || authentication.getActivationObject() == null) {
+            if (!authentication.getAuthenticationContext().isValid() || authentication.getActivationContext() == null) {
                 logger.debug("Signature validation failed");
                 throw new PowerAuthSignatureInvalidException();
             }
 
             // Get signature HTTP headers
-            final String activationId = authentication.getActivationObject().getActivationId();
+            final String activationId = authentication.getActivationContext().getActivationId();
             final PowerAuthSignatureHttpHeader httpHeader = (PowerAuthSignatureHttpHeader) authentication.getHttpHeader();
             final String applicationKey = httpHeader.getApplicationKey();
 
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
index 56c7a0c5..79799864 100644
--- a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
+++ b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
@@ -59,7 +59,7 @@ public class AuthenticationController {
         }
         return new ObjectResponse<>("Hooray! "
                 + " User: " + auth.getUserId()
-                + " (activation: " + auth.getActivationObject().getActivationId() + ")"
+                + " (activation: " + auth.getActivationContext().getActivationId() + ")"
                 + " successfully verified via app with ID: " + auth.getApplicationId()
                 + " using factor: " + auth.getAuthenticationContext().getSignatureType()
         );

From c9df7cb6474fcdca05fd246921a940e4267d776a Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Tue, 2 Nov 2021 11:07:59 +0100
Subject: [PATCH 28/36] Improve error handling consistency

---
 docs/RESTful-API-for-Spring.md                                | 4 ++--
 .../rest/api/spring/controller/v2/ActivationController.java   | 2 +-
 .../rest/api/spring/controller/v2/SignatureController.java    | 2 +-
 .../rest/api/spring/controller/v2/TokenController.java        | 4 ++--
 .../rest/api/spring/controller/v3/ActivationController.java   | 2 +-
 .../rest/api/spring/controller/v3/RecoveryController.java     | 2 +-
 .../rest/api/spring/controller/v3/SignatureController.java    | 2 +-
 .../rest/api/spring/controller/v3/TokenController.java        | 4 ++--
 .../powerauth/rest/api/spring/service/v3/UpgradeService.java  | 2 +-
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/docs/RESTful-API-for-Spring.md b/docs/RESTful-API-for-Spring.md
index 59db8401..829834b4 100644
--- a/docs/RESTful-API-for-Spring.md
+++ b/docs/RESTful-API-for-Spring.md
@@ -306,7 +306,7 @@ public class AuthenticationController {
             signatureHeader
         );
 
-        if (apiAuthentication == null || apiAuthentication.getActivationContext() == null) {
+        if (apiAuthentication == null || apiAuthentication.getUserId() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         SecurityContextHolder.getContext().setAuthentication((Authentication) apiAuthentication);
@@ -329,7 +329,7 @@ In case you want to process the failed signature verification results and obtain
         final AuthenticationContext auth = apiAuthentication.getAuthenticationContext();
         final PowerAuthActivation activation = apiAuthentication.getActivationContext();
         
-        if (!auth.isValid() || activation == null) {
+        if (!auth.isValid() || auth.getUserId() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
index bdc36dff..145335b0 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/ActivationController.java
@@ -138,7 +138,7 @@ public ObjectResponse<ActivationRemoveResponse> removeActivation(
     ) throws PowerAuthActivationException, PowerAuthAuthenticationException {
         // Request body needs to be set to null because the SDK uses null for the signature, although {} is sent as request body
         PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignature("POST", null, "/pa/activation/remove", signatureHeader);
-        if (apiAuthentication == null || apiAuthentication.getActivationContext() == null) {
+        if (apiAuthentication == null || apiAuthentication.getActivationContext().getActivationId() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
index e1944128..751b6166 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/SignatureController.java
@@ -64,7 +64,7 @@ public class SignatureController {
     })
     public Response validateSignature(PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
 
-        if (auth == null || auth.getActivationContext() == null) {
+        if (auth == null || auth.getActivationContext().getActivationId() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
index fb0f55b8..837be333 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v2/TokenController.java
@@ -97,7 +97,7 @@ public ObjectResponse<TokenCreateResponse> createToken(
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationContext() == null) {
+        if (authentication == null || authentication.getActivationContext().getActivationId() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
@@ -128,7 +128,7 @@ public ObjectResponse<TokenRemoveResponse> removeToken(@RequestBody ObjectReques
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationContext() == null) {
+        if (authentication == null || authentication.getActivationContext().getActivationId() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
index b3c90308..ab6f80a9 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/ActivationController.java
@@ -137,7 +137,7 @@ public ObjectResponse<ActivationRemoveResponse> removeActivation(
             throws PowerAuthActivationException, PowerAuthAuthenticationException {
         byte[] requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
         PowerAuthApiAuthentication apiAuthentication = authenticationProvider.validateRequestSignature("POST", requestBodyBytes, "/pa/activation/remove", signatureHeader);
-        if (apiAuthentication == null || apiAuthentication.getActivationContext() == null) {
+        if (apiAuthentication == null || apiAuthentication.getActivationContext().getActivationId() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
index 17cc3f95..b4794e98 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/RecoveryController.java
@@ -80,7 +80,7 @@ public EciesEncryptedResponse confirmRecoveryCode(@RequestBody EciesEncryptedReq
             logger.warn("Invalid request object in confirm recovery");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationContext() == null) {
+        if (authentication == null || authentication.getActivationContext().getActivationId() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         if (!"3.0".equals(authentication.getVersion()) && !"3.1".equals(authentication.getVersion())) {
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
index 192efb2b..242cc9d8 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/SignatureController.java
@@ -64,7 +64,7 @@ public class SignatureController {
     })
     public Response validateSignature(PowerAuthApiAuthentication auth) throws PowerAuthAuthenticationException {
 
-        if (auth == null || auth.getActivationContext() == null) {
+        if (auth == null || auth.getActivationContext().getActivationId() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
index f8a7c5ab..48f3d8e7 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/controller/v3/TokenController.java
@@ -88,7 +88,7 @@ public EciesEncryptedResponse createToken(@RequestBody EciesEncryptedRequest req
             logger.warn("Invalid request object in create token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationContext() == null) {
+        if (authentication == null || authentication.getActivationContext().getActivationId() == null) {
             logger.debug("Signature validation failed");
             throw new PowerAuthSignatureInvalidException();
         }
@@ -123,7 +123,7 @@ public ObjectResponse<TokenRemoveResponse> removeToken(@RequestBody ObjectReques
             logger.warn("Invalid request object in remove token");
             throw new PowerAuthInvalidRequestException();
         }
-        if (authentication == null || authentication.getActivationContext() == null) {
+        if (authentication == null || authentication.getActivationContext().getActivationId() == null) {
             throw new PowerAuthSignatureInvalidException();
         }
         if (!"3.0".equals(authentication.getVersion()) && !"3.1".equals(authentication.getVersion())) {
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
index 150fd7e5..2d809f01 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
@@ -142,7 +142,7 @@ public Response upgradeCommit(String signatureHeader,
             final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignatureWithActivationDetails("POST", requestBodyBytes, "/pa/upgrade/commit", signatureHeader, allowedSignatureTypes, 3);
 
             // In case signature verification fails, upgrade fails, too
-            if (!authentication.getAuthenticationContext().isValid() || authentication.getActivationContext() == null) {
+            if (!authentication.getAuthenticationContext().isValid() || authentication.getActivationContext().getActivationId() == null) {
                 logger.debug("Signature validation failed");
                 throw new PowerAuthSignatureInvalidException();
             }

From 8e18f03bcd7c67af71c195f94561ab2dfa1f575c Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Tue, 2 Nov 2021 11:12:26 +0100
Subject: [PATCH 29/36] Allow null request data for encryption

---
 .../spring/provider/PowerAuthAuthenticationProviderBase.java    | 2 +-
 .../powerauth/rest/api/spring/service/v3/UpgradeService.java    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
index 1270c2e8..c5798279 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
@@ -196,7 +196,7 @@ public abstract class PowerAuthAuthenticationProviderBase {
      * @return Request body bytes.
      * @throws PowerAuthAuthenticationException In case request body is invalid.
      */
-    public @Nonnull byte[] extractRequestBodyBytes(@Nonnull HttpServletRequest servletRequest) throws PowerAuthAuthenticationException {
+    public @Nullable byte[] extractRequestBodyBytes(@Nonnull HttpServletRequest servletRequest) throws PowerAuthAuthenticationException {
         if (servletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT) != null) {
             // Implementation of sign-then-encrypt - in case the encryption object is present and signature is validate, use decrypted request data
             PowerAuthEciesEncryption eciesEncryption = (PowerAuthEciesEncryption) servletRequest.getAttribute(PowerAuthRequestObjects.ENCRYPTION_OBJECT);
diff --git a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
index 2d809f01..57f9711d 100644
--- a/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
+++ b/powerauth-restful-security-spring/src/main/java/io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.java
@@ -131,7 +131,7 @@ public Response upgradeCommit(String signatureHeader,
         try {
             // Extract request body
             final byte[] requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
-            if (requestBodyBytes.length == 0) {
+            if (requestBodyBytes == null || requestBodyBytes.length == 0) {
                 // Expected request body is {}, do not accept empty body
                 logger.warn("Empty request body");
                 throw new PowerAuthInvalidRequestException();

From 5c73e79d814d08beed9d9f09e742b0cc02b57c99 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Tue, 9 Nov 2021 15:27:54 +0100
Subject: [PATCH 30/36] Use only one object stored in session, code cleanup

---
 .../PowerAuthAnnotationInterceptor.java       | 10 ++-----
 .../support/PowerAuthWebArgumentResolver.java | 12 ++++++--
 .../PowerAuthActivation.java                  |  2 +-
 .../PowerAuthApiAuthentication.java           |  1 -
 .../impl/PowerAuthActivationImpl.java         |  4 +--
 .../impl/PowerAuthApiAuthenticationImpl.java  | 13 ++++++--
 .../spring/model/PowerAuthRequestObjects.java |  5 ----
 .../PowerAuthAuthenticationProvider.java      | 30 +++++++++----------
 8 files changed, 40 insertions(+), 37 deletions(-)
 rename powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/{activation => authentication}/PowerAuthActivation.java (97%)
 rename powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/{activation => authentication}/impl/PowerAuthActivationImpl.java (95%)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
index de213acf..1e6b9e2a 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthAnnotationInterceptor.java
@@ -129,10 +129,7 @@ public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServl
                     final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignatureWithActivationDetails(
                             request, resourceId, header, signatureTypes
                     );
-                    if (authentication.getAuthenticationContext().isValid()) {
-                        request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
-                    }
-                    request.setAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT, authentication.getActivationContext());
+                    request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
                 } catch (PowerAuthAuthenticationException ex) {
                     logger.warn("Invalid request signature, authentication object was removed");
                     request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, null);
@@ -147,10 +144,7 @@ public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServl
                     final PowerAuthApiAuthentication authentication = authenticationProvider.validateTokenWithActivationDetails(
                             header, signatureTypes
                     );
-                    if (authentication.getAuthenticationContext().isValid()) {
-                        request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
-                    }
-                    request.setAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT, authentication.getActivationContext());
+                    request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
                 } catch (PowerAuthAuthenticationException ex) {
                     logger.warn("Invalid token, authentication object was removed");
                     request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, null);
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
index a77fc4e4..2176dc3d 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
@@ -19,8 +19,8 @@
  */
 package io.getlime.security.powerauth.rest.api.spring.annotation.support;
 
-import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuth;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
 import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
 import org.springframework.core.MethodParameter;
@@ -50,11 +50,17 @@ public boolean supportsParameter(@NonNull MethodParameter parameter) {
     public Object resolveArgument(@NonNull MethodParameter parameter, ModelAndViewContainer mavContainer, @NonNull NativeWebRequest webRequest, WebDataBinderFactory binderFactory) {
         if (parameter.getParameterType().isAssignableFrom(PowerAuthApiAuthentication.class)) {
             HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
-            return request.getAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT);
+            PowerAuthApiAuthentication apiAuthentication = (PowerAuthApiAuthentication) request.getAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT);
+            if (apiAuthentication.getAuthenticationContext().isValid()) {
+                // Return PowerAuthApiAuthentication instance only for successful authentication due to compatibility reasons
+                return apiAuthentication;
+            }
         }
         if (parameter.getParameterType().isAssignableFrom(PowerAuthActivation.class)) {
             HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
-            return request.getAttribute(PowerAuthRequestObjects.ACTIVATION_OBJECT);
+            PowerAuthApiAuthentication apiAuthentication = (PowerAuthApiAuthentication) request.getAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT);
+            // Activation context is returned for both successful and failed authentication
+            return apiAuthentication.getActivationContext();
         }
         return null;
     }
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthActivation.java
similarity index 97%
rename from powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthActivation.java
index 0f7fffd4..7a96969a 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/PowerAuthActivation.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthActivation.java
@@ -17,7 +17,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.activation;
+package io.getlime.security.powerauth.rest.api.spring.authentication;
 
 import io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus;
 import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
index 92980b51..cfdef49e 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/PowerAuthApiAuthentication.java
@@ -21,7 +21,6 @@
 
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
-import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
 
 import java.util.List;
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/impl/PowerAuthActivationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthActivationImpl.java
similarity index 95%
rename from powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/impl/PowerAuthActivationImpl.java
rename to powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthActivationImpl.java
index a07f9d11..52becd95 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/activation/impl/PowerAuthActivationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthActivationImpl.java
@@ -17,9 +17,9 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package io.getlime.security.powerauth.rest.api.spring.activation.impl;
+package io.getlime.security.powerauth.rest.api.spring.authentication.impl;
 
-import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus;
 import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
 
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
index 60008c2c..62c6053e 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/authentication/impl/PowerAuthApiAuthenticationImpl.java
@@ -21,7 +21,7 @@
 
 import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
 import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
-import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
 import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
@@ -114,6 +114,7 @@ public PowerAuthApiAuthenticationImpl() {
     public PowerAuthApiAuthenticationImpl(String activationId, String userId, Long applicationId, List<String> applicationRoles,
                                           List<String> activationFlags, AuthenticationContext authenticationContext) {
         super(null);
+        // Deprecated field, updated for compatibility reason
         this.activationId = activationId;
         this.userId = userId;
         this.applicationId = applicationId;
@@ -121,12 +122,20 @@ public PowerAuthApiAuthenticationImpl(String activationId, String userId, Long a
             this.applicationRoles = new ArrayList<>(applicationRoles);
         }
         if (activationFlags != null) {
+            // Deprecated field, updated for compatibility reason
             this.activationFlags = new ArrayList<>(activationFlags);
         }
         this.authenticationContext = authenticationContext;
         if (authenticationContext != null) {
+            // Deprecated field, updated for compatibility reason
             this.factors = authenticationContext.getSignatureType();
         }
+        this.activationContext = new PowerAuthActivationImpl();
+        activationContext.setActivationId(activationId);
+        activationContext.setUserId(userId);
+        activationContext.setActivationFlags(activationFlags);
+        activationContext.setAuthenticationContext(authenticationContext);
+        activationContext.setVersion(version);
     }
 
     @Override
@@ -227,8 +236,8 @@ public AuthenticationContext getAuthenticationContext() {
     @Override
     public void setAuthenticationContext(AuthenticationContext authenticationContext) {
         this.authenticationContext = authenticationContext;
-        // Update deprecated signatureFactors to ensure compatibility
         if (authenticationContext != null) {
+            // Update deprecated signatureFactors to ensure compatibility
             setSignatureFactors(authenticationContext.getSignatureType());
         }
     }
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
index 37eced10..195d36a4 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/model/PowerAuthRequestObjects.java
@@ -17,11 +17,6 @@ public class PowerAuthRequestObjects {
      */
     public static final String AUTHENTICATION_OBJECT = "X-PowerAuth-Authentication-Object";
 
-    /**
-     * Constant for the request attribute name "X-PowerAuth-Activation-Object".
-     */
-    public static final String ACTIVATION_OBJECT = "X-PowerAuth-Activation-Object";
-
     /**
      * Constant for the request attribute name "X-PowerAuth-Encryption-Object".
      */
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
index 7eaaaa69..f588a3bc 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
@@ -31,19 +31,19 @@
 import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
 import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
 import io.getlime.security.powerauth.http.validator.PowerAuthTokenHttpHeaderValidator;
-import io.getlime.security.powerauth.rest.api.spring.activation.PowerAuthActivation;
-import io.getlime.security.powerauth.rest.api.spring.activation.impl.PowerAuthActivationImpl;
+import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthActivation;
 import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
+import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthActivationImpl;
+import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthApiAuthenticationImpl;
+import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthSignatureAuthenticationImpl;
+import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthTokenAuthenticationImpl;
 import io.getlime.security.powerauth.rest.api.spring.converter.v3.ActivationStatusConverter;
+import io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter;
 import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
 import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthHeaderMissingException;
 import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
 import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException;
 import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenInvalidException;
-import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthApiAuthenticationImpl;
-import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthSignatureAuthenticationImpl;
-import io.getlime.security.powerauth.rest.api.spring.authentication.impl.PowerAuthTokenAuthenticationImpl;
-import io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter;
 import io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus;
 import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
 import org.slf4j.Logger;
@@ -248,15 +248,15 @@ private PowerAuthApiAuthenticationImpl copyAuthenticationAttributes(String activ
      */
     private PowerAuthActivationImpl copyActivationAttributes(String activationId, String userId, ActivationStatus activationStatus, String blockedReason,
                                                              List<String> activationFlags, AuthenticationContext authenticationContext, String version) {
-        final PowerAuthActivationImpl activationDetail = new PowerAuthActivationImpl();
-        activationDetail.setActivationId(activationId);
-        activationDetail.setUserId(userId);
-        activationDetail.setActivationStatus(activationStatus);
-        activationDetail.setBlockedReason(blockedReason);
-        activationDetail.setActivationFlags(activationFlags);
-        activationDetail.setAuthenticationContext(authenticationContext);
-        activationDetail.setVersion(version);
-        return activationDetail;
+        final PowerAuthActivationImpl activationContext = new PowerAuthActivationImpl();
+        activationContext.setActivationId(activationId);
+        activationContext.setUserId(userId);
+        activationContext.setActivationStatus(activationStatus);
+        activationContext.setBlockedReason(blockedReason);
+        activationContext.setActivationFlags(activationFlags);
+        activationContext.setAuthenticationContext(authenticationContext);
+        activationContext.setVersion(version);
+        return activationContext;
     }
 
     /**

From ff8317763efebf99ecf965a53532ad484bd4c620 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Tue, 9 Nov 2021 17:26:12 +0100
Subject: [PATCH 31/36] Merge changes from develop

---
 .../rest/api/spring/configuration/ApplicationConfiguration.java   | 0
 .../app/rest/api/spring/configuration/WebApplicationConfig.java   | 0
 .../app/rest/api/spring/controller/AuthenticationController.java  | 0
 .../rest/api/spring/controller/v2/CustomActivationController.java | 0
 .../api/spring/controller/v2/EncryptedDataExchangeController.java | 0
 .../api/spring/controller/v3/EncryptedDataExchangeController.java | 0
 .../rest/api/spring/provider/DefaultCustomActivationProvider.java | 0
 7 files changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
 delete mode 100644 powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java

diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/ApplicationConfiguration.java
deleted file mode 100644
index e69de29b..00000000
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/configuration/WebApplicationConfig.java
deleted file mode 100644
index e69de29b..00000000
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/AuthenticationController.java
deleted file mode 100644
index e69de29b..00000000
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/CustomActivationController.java
deleted file mode 100644
index e69de29b..00000000
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v2/EncryptedDataExchangeController.java
deleted file mode 100644
index e69de29b..00000000
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/controller/v3/EncryptedDataExchangeController.java
deleted file mode 100644
index e69de29b..00000000
diff --git a/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java b/powerauth-restful-server-spring/src/main/java/io/getlime/security/powerauth/app/rest/api/spring/provider/DefaultCustomActivationProvider.java
deleted file mode 100644
index e69de29b..00000000

From 764f70d9f37f0babbd09af5ccb03e925ba93dc57 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Wed, 10 Nov 2021 11:17:36 +0100
Subject: [PATCH 32/36] Fix null pointer exception

---
 .../annotation/support/PowerAuthWebArgumentResolver.java    | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
index 2176dc3d..e3b9260c 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/annotation/support/PowerAuthWebArgumentResolver.java
@@ -51,6 +51,9 @@ public Object resolveArgument(@NonNull MethodParameter parameter, ModelAndViewCo
         if (parameter.getParameterType().isAssignableFrom(PowerAuthApiAuthentication.class)) {
             HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
             PowerAuthApiAuthentication apiAuthentication = (PowerAuthApiAuthentication) request.getAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT);
+            if (apiAuthentication == null) {
+                return null;
+            }
             if (apiAuthentication.getAuthenticationContext().isValid()) {
                 // Return PowerAuthApiAuthentication instance only for successful authentication due to compatibility reasons
                 return apiAuthentication;
@@ -59,6 +62,9 @@ public Object resolveArgument(@NonNull MethodParameter parameter, ModelAndViewCo
         if (parameter.getParameterType().isAssignableFrom(PowerAuthActivation.class)) {
             HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
             PowerAuthApiAuthentication apiAuthentication = (PowerAuthApiAuthentication) request.getAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT);
+            if (apiAuthentication == null) {
+                return null;
+            }
             // Activation context is returned for both successful and failed authentication
             return apiAuthentication.getActivationContext();
         }

From 20bda883b991e60892161f58fda7feb6d6e5a0e9 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Wed, 10 Nov 2021 16:44:22 +0100
Subject: [PATCH 33/36] Move documentation related to Enrollment Server into
 the Enrollment Server repository

---
 ...eploying-PowerAuth-Standard-RESTful-API.md | 47 +------------------
 1 file changed, 1 insertion(+), 46 deletions(-)

diff --git a/docs/Deploying-PowerAuth-Standard-RESTful-API.md b/docs/Deploying-PowerAuth-Standard-RESTful-API.md
index 4559cbc3..7774d90a 100644
--- a/docs/Deploying-PowerAuth-Standard-RESTful-API.md
+++ b/docs/Deploying-PowerAuth-Standard-RESTful-API.md
@@ -6,49 +6,4 @@ Enrollment Server is a Spring application (packaged as an executable WAR file) r
 
 You can use this application in case you need to use PowerAuth and cannot integrate it in your own API using our integration libraries.
 
-## Downloading Enrollment Server
-
-You can download the latest `enrollment-server.war` at the releases page:
-
-- https://github.com/wultra/enrollment-server/releases
-
-_Note: The enrollment server component will need to be customized in case you need to customize the activation process. The customization is described in the tutorial [Implementing the Server-Side for Authentication in Mobile Banking Apps (SCA)](https://developers.wultra.com/products/mobile-token/2021-05/tutorials/Authentication-in-Mobile-Apps/Server-Side-Tutorial#deploying-the-enrollment-server)._
-
-## Configuring Enrollment Server
-
-The default implementation of Enrollment server has only one compulsory configuration parameter `powerauth.service.url` that configures the REST endpoint location of a PowerAuth Server. The default value for this property points to `localhost`:
-
-```bash
-powerauth.service.url=http://localhost:8080/powerauth-java-server/rest
-```
-
-## Setting Up Credentials
-
-_(optional)_ In case PowerAuth Server uses a [restricted access flag in the server configuration](https://github.com/wultra/powerauth-server/blob/develop/docs/Deploying-PowerAuth-Server.md#enabling-powerauth-server-security), you need to configure credentials for the PowerAuth Standard RESTful API so that it can connect to the service:
-
-```sh
-powerauth.service.security.clientToken=
-powerauth.service.security.clientSecret=
-```
-
-The credentials are stored in the `pa_integration` table.
-
-_Note: The RESTful interface is secured using Basic HTTP Authentication (pre-emptive). For SOAP interface used in the Java EE integration, PowerAuth Server uses WS-Security, `UsernameToken` validation (plain text password)._ 
-
-## Deploying Enrollment Server
-
-You can deploy Enrollment Server WAR into any Java EE container.
-
-The default configuration works best with Apache Tomcat server running on default port 8080. In this case, the deployed server is accessible on `http://localhost:8080/enrollment-server/`.
-
-To deploy Enrollment Server to Apache Tomcat, simply copy the WAR file in your `webapps` folder or deploy it using the "Tomcat Web Application Manager" application (usually deployed on default Tomcat address `http://localhost:8080/manager`).
-
-## Deploying Enrollment Server Outside the Container
-
-You can also execute WAR file directly using the following command:
-
-```bash
-java -jar enrollment-server.war
-```
-
-_Note: You can overwrite the port using `-Dserver.port=8090` parameter to avoid port conflicts._
+Detailed information about deploying Enrollment Server is available in [Enrollment Server documentation](https://github.com/wultra/enrollment-server/blob/develop/docs/Deploying-Enrollment-Server.md).

From 48c12f942d81628167d13420f89a6a7a9516dde0 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Mon, 13 Dec 2021 16:46:03 +0100
Subject: [PATCH 34/36] Fix #302: Upgrade Spring Boot to 2.6

---
 pom.xml                                                   | 8 ++++----
 .../api/spring/filter/EncryptionResponseBodyAdvice.java   | 3 ++-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/pom.xml b/pom.xml
index 425414a4..662446a2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -83,11 +83,11 @@
         <maven-source-plugin.version>3.2.1</maven-source-plugin.version>
         <maven-war-plugin.version>3.3.1</maven-war-plugin.version>
         <javax.servlet-api.version>4.0.1</javax.servlet-api.version>
-        <spring-boot.version>2.4.5</spring-boot.version>
+        <spring-boot.version>2.6.1</spring-boot.version>
         <commons-text.version>1.9</commons-text.version>
-        <jackson-databind.version>2.12.3</jackson-databind.version>
-        <bcprov.version>1.68</bcprov.version>
-        <rest-model-base.version>1.3.0</rest-model-base.version>
+        <jackson-databind.version>2.13.0</jackson-databind.version>
+        <bcprov.version>1.69</bcprov.version>
+        <rest-model-base.version>1.4.0</rest-model-base.version>
     </properties>
 
     <build>
diff --git a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
index ed13174f..fe13db0f 100644
--- a/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
+++ b/powerauth-restful-security-spring-annotation/src/main/java/io/getlime/security/powerauth/rest/api/spring/filter/EncryptionResponseBodyAdvice.java
@@ -30,6 +30,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
 import org.springframework.core.MethodParameter;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpOutputMessage;
@@ -73,7 +74,7 @@ public class EncryptionResponseBodyAdvice implements ResponseBodyAdvice<Object>
      * @param requestMappingHandlerAdapter Request mapping handler adapter.
      */
     @Autowired
-    public void setRequestMappingHandlerAdapter(RequestMappingHandlerAdapter requestMappingHandlerAdapter) {
+    public void setRequestMappingHandlerAdapter(@Lazy RequestMappingHandlerAdapter requestMappingHandlerAdapter) {
         this.requestMappingHandlerAdapter = requestMappingHandlerAdapter;
     }
 

From ebafd881be7a32e7622faba71c0ae62676fc51f0 Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Wed, 15 Dec 2021 15:59:03 +0100
Subject: [PATCH 35/36] Fix #304: Exclude log4j-api dependency

---
 powerauth-restful-security-spring-annotation/pom.xml | 6 ++++++
 powerauth-restful-security-spring/pom.xml            | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/powerauth-restful-security-spring-annotation/pom.xml b/powerauth-restful-security-spring-annotation/pom.xml
index 939b1a41..4725c47e 100644
--- a/powerauth-restful-security-spring-annotation/pom.xml
+++ b/powerauth-restful-security-spring-annotation/pom.xml
@@ -42,6 +42,12 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
             <version>${spring-boot.version}</version>
+            <exclusions>
+                <exclusion>
+                    <artifactId>log4j-to-slf4j</artifactId>
+                    <groupId>org.apache.logging.log4j</groupId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
diff --git a/powerauth-restful-security-spring/pom.xml b/powerauth-restful-security-spring/pom.xml
index f0ab7008..fb5d122a 100644
--- a/powerauth-restful-security-spring/pom.xml
+++ b/powerauth-restful-security-spring/pom.xml
@@ -47,6 +47,12 @@
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-rest-client-spring</artifactId>
             <version>1.2.0-SNAPSHOT</version>
+            <exclusions>
+                <exclusion>
+                    <artifactId>log4j-to-slf4j</artifactId>
+                    <groupId>org.apache.logging.log4j</groupId>
+                </exclusion>
+            </exclusions>
         </dependency>
 
     </dependencies>

From f374943b324a2c2d668bde20e2b9cc5bde33cf2d Mon Sep 17 00:00:00 2001
From: Roman Strobl <roman.strobl@wultra.com>
Date: Tue, 21 Dec 2021 15:58:14 +0100
Subject: [PATCH 36/36] Fix #306: Update version to 1.2.0

---
 pom.xml                                              |  6 +++---
 powerauth-restful-model/pom.xml                      |  4 ++--
 powerauth-restful-security-spring-annotation/pom.xml | 12 ++++++------
 powerauth-restful-security-spring/pom.xml            |  8 ++++----
 4 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/pom.xml b/pom.xml
index 662446a2..18416349 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@
 
     <groupId>io.getlime.security</groupId>
     <artifactId>powerauth-restful-integration-parent</artifactId>
-    <version>1.2.0-SNAPSHOT</version>
+    <version>1.2.0</version>
     <packaging>pom</packaging>
 
     <inceptionYear>2017</inceptionYear>
@@ -79,9 +79,9 @@
         <maven.compiler.target>1.8</maven.compiler.target>
         <maven-jar-plugin.version>3.2.0</maven-jar-plugin.version>
         <maven-deploy-plugin.version>3.0.0-M1</maven-deploy-plugin.version>
-        <maven-javadoc-plugin.version>3.3.0</maven-javadoc-plugin.version>
+        <maven-javadoc-plugin.version>3.3.1</maven-javadoc-plugin.version>
         <maven-source-plugin.version>3.2.1</maven-source-plugin.version>
-        <maven-war-plugin.version>3.3.1</maven-war-plugin.version>
+        <maven-war-plugin.version>3.3.2</maven-war-plugin.version>
         <javax.servlet-api.version>4.0.1</javax.servlet-api.version>
         <spring-boot.version>2.6.1</spring-boot.version>
         <commons-text.version>1.9</commons-text.version>
diff --git a/powerauth-restful-model/pom.xml b/powerauth-restful-model/pom.xml
index 99859667..92c08f27 100644
--- a/powerauth-restful-model/pom.xml
+++ b/powerauth-restful-model/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-model</artifactId>
-    <version>1.2.0-SNAPSHOT</version>
+    <version>1.2.0</version>
     <name>powerauth-restful-model</name>
     <description>Model classes PowerAuth Standard RESTful API</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.2.0-SNAPSHOT</version>
+        <version>1.2.0</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
diff --git a/powerauth-restful-security-spring-annotation/pom.xml b/powerauth-restful-security-spring-annotation/pom.xml
index 4725c47e..68e91702 100644
--- a/powerauth-restful-security-spring-annotation/pom.xml
+++ b/powerauth-restful-security-spring-annotation/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-security-spring-annotation</artifactId>
-    <version>1.2.0-SNAPSHOT</version>
+    <version>1.2.0</version>
     <name>powerauth-restful-security-spring-annotation</name>
     <description>PowerAuth RESTful API Security Annotations for Spring</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.2.0-SNAPSHOT</version>
+        <version>1.2.0</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -59,22 +59,22 @@
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-java-crypto</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
+            <version>1.2.0</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-java-http</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
+            <version>1.2.0</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-restful-model</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
+            <version>1.2.0</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-rest-client-spring</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
+            <version>1.2.0</version>
         </dependency>
 
         <!-- Other dependencies -->
diff --git a/powerauth-restful-security-spring/pom.xml b/powerauth-restful-security-spring/pom.xml
index fb5d122a..f69f019e 100644
--- a/powerauth-restful-security-spring/pom.xml
+++ b/powerauth-restful-security-spring/pom.xml
@@ -24,14 +24,14 @@
     <modelVersion>4.0.0</modelVersion>
 
     <artifactId>powerauth-restful-security-spring</artifactId>
-    <version>1.2.0-SNAPSHOT</version>
+    <version>1.2.0</version>
     <name>powerauth-restful-security-spring</name>
     <description>PowerAuth RESTful API Security Additions for Spring</description>
 
     <parent>
         <groupId>io.getlime.security</groupId>
         <artifactId>powerauth-restful-integration-parent</artifactId>
-        <version>1.2.0-SNAPSHOT</version>
+        <version>1.2.0</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -41,12 +41,12 @@
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-restful-security-spring-annotation</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
+            <version>1.2.0</version>
         </dependency>
         <dependency>
             <groupId>io.getlime.security</groupId>
             <artifactId>powerauth-rest-client-spring</artifactId>
-            <version>1.2.0-SNAPSHOT</version>
+            <version>1.2.0</version>
             <exclusions>
                 <exclusion>
                     <artifactId>log4j-to-slf4j</artifactId>