Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: upgrade to spring boot 2.6.X #115

Merged
merged 2 commits into from
May 10, 2024
Merged

chore: upgrade to spring boot 2.6.X #115

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e19f74f
chore: upgrade to spring boot 2.6.X
tkuzynow May 10, 2024
0dd1fa0
chore: upgrade to spring boot 2.7.X
tkuzynow May 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
79 changes: 57 additions & 22 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,12 @@
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.5.14</version>
<version>2.7.14</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>

<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hehe I think this whitespace is not needed ;)

<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>11</java.version>
<!-- force at least version 2.16 due to https://logging.apache.org/log4j/2.x/security.html -->
Expand Down Expand Up @@ -50,7 +50,7 @@
<hibernate-validator.version>6.1.6.Final</hibernate-validator.version>
<spring-security-test.version>5.5.7</spring-security-test.version>
<spring-boot-starter-data-mongodb.version>2.7.5</spring-boot-starter-data-mongodb.version>
<spring-boot-starter.version>2.5.14</spring-boot-starter.version>
<spring-boot-starter.version>2.6.15</spring-boot-starter.version>
<spring-data-mongodb.version>3.3.5</spring-data-mongodb.version>
<ehcache.version>2.10.9.2</ehcache.version>
</properties>
Expand All @@ -70,6 +70,10 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
Expand Down Expand Up @@ -116,20 +120,23 @@
<version>${jackson-databind-nullable.version}</version>
</dependency>
<!-- SpringFox: generate YAML file from POJOs and generate documentation -->

<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>${springfox-swagger2.version}</version>
<groupId>javax.validation</groupId>
<artifactId>validation-api</artifactId>
</dependency>

<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-bean-validators</artifactId>
<version>${springfox-bean-validators.version}</version>
<groupId>io.swagger.core.v3</groupId>
<artifactId>swagger-annotations</artifactId>
<version>2.2.15</version>
</dependency>
<!-- SpringFox: generate YAML file from POJOs and generate documentation -->

<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>${springfox-swagger-ui.version}</version>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-ui</artifactId>
<version>1.8.0</version>
</dependency>

<!-- Lombok dependencies -->
Expand All @@ -146,6 +153,12 @@
<version>${commons-lang3.version}</version>
</dependency>

<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.8.0</version> <!-- Or the latest version -->
</dependency>

<dependency>
<groupId>com.github.jknack</groupId>
<artifactId>handlebars</artifactId>
Expand Down Expand Up @@ -202,21 +215,21 @@
<scope>test</scope>
</dependency>
<dependency>
<artifactId>powermock-module-junit4</artifactId>
<groupId>org.powermock</groupId>
<groupId>de.flapdoodle.embed</groupId>
<artifactId>de.flapdoodle.embed.mongo</artifactId>
<version>4.13.0</version>
<scope>test</scope>
<version>${powermock-module-junit4.version}</version>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you could also remove the proberties for the not used dependencies

</dependency>
<dependency>
<artifactId>powermock-api-mockito2</artifactId>
<groupId>org.powermock</groupId>
<scope>test</scope>
<version>${powermock-api-mockito2.version}</version>
<groupId>de.flapdoodle.embed</groupId>
<artifactId>de.flapdoodle.embed.mongo.spring26x</artifactId>
<version>4.13.0</version>
</dependency>

<dependency>
<groupId>de.flapdoodle.embed</groupId>
<artifactId>de.flapdoodle.embed.mongo</artifactId>
<scope>test</scope>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
<version>1.25.0</version> <!-- A version compatible with your Apache Commons IO version -->
</dependency>

<!-- EasyRandom -->
Expand Down Expand Up @@ -320,6 +333,11 @@
<artifactId>h2</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
</dependencies>

<repositories>
Expand Down Expand Up @@ -606,6 +624,23 @@
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.openrewrite.maven</groupId>
<artifactId>rewrite-maven-plugin</artifactId>
<version>5.30.0</version>
<configuration>
<activeRecipes>
<recipe>org.openrewrite.java.spring.boot2.UpgradeSpringBoot_2_6</recipe>
</activeRecipes>
</configuration>
<dependencies>
<dependency>
<groupId>org.openrewrite.recipe</groupId>
<artifactId>rewrite-spring</artifactId>
<version>5.9.0</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</build>
<profiles>
Expand Down
18 changes: 0 additions & 18 deletions ...n/java/de/caritas/cob/consultingtypeservice/api/controller/CustomSwaggerUIController.java
View file
Open in desktop

This file was deleted.

7 changes: 7 additions & 0 deletions src/main/java/de/caritas/cob/consultingtypeservice/config/KeycloakConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@
import javax.validation.constraints.NotNull;
import lombok.Data;
import org.hibernate.validator.constraints.URL;
import org.keycloak.adapters.KeycloakConfigResolver;
import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
Expand Down Expand Up @@ -64,6 +66,11 @@ public AuthenticatedUser authenticatedUser(HttpServletRequest request) {
return authenticatedUser;
}

@Bean
public KeycloakConfigResolver keycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}

@URL private String authServerUrl;

@NotBlank private String realm;
Expand Down
22 changes: 14 additions & 8 deletions src/main/java/de/caritas/cob/consultingtypeservice/config/SecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,10 @@
import de.caritas.cob.consultingtypeservice.filter.HttpTenantFilter;
import de.caritas.cob.consultingtypeservice.filter.StatelessCsrfFilter;
import javax.annotation.Nullable;
import org.keycloak.adapters.KeycloakConfigResolver;
import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
Expand Down Expand Up @@ -42,6 +39,20 @@ public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
@Autowired(required = false)
private @Nullable HttpTenantFilter tenantFilter;

public static final String[] WHITE_LIST =
new String[] {
"/consultingtypes/docs",
"/consultingtypes/docs/**",
"/v2/api-docs",
"/configuration/ui",
"/swagger-resources/**",
"/configuration/security",
"/swagger-ui.html",
"/webjars/**",
"/actuator/health",
"/actuator/health/**"
};

/** Configure spring security filter chain */
@Override
protected void configure(final HttpSecurity http) throws Exception {
Expand Down Expand Up @@ -113,11 +124,6 @@ private HttpSecurity enableTenantFilterIfMultitenancyEnabled(HttpSecurity httpSe
return httpSecurity;
}

@Bean
public KeycloakConfigResolver keycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}

@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new NullAuthenticatedSessionStrategy();
Expand Down
136 changes: 0 additions & 136 deletions src/main/java/de/caritas/cob/consultingtypeservice/config/SpringFoxConfig.java
View file
Open in desktop

This file was deleted.

4 changes: 2 additions & 2 deletions src/main/java/de/caritas/cob/consultingtypeservice/filter/StatelessCsrfFilter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
import static java.util.Objects.isNull;
import static java.util.Objects.nonNull;

import de.caritas.cob.consultingtypeservice.config.SpringFoxConfig;
import de.caritas.cob.consultingtypeservice.config.SecurityConfig;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
Expand Down Expand Up @@ -73,7 +73,7 @@ public static final class DefaultRequiresCsrfMatcher implements RequestMatcher {
public boolean matches(HttpServletRequest request) {

// Allow specific whitelist items to disable CSRF protection for Swagger UI documentation
List<String> csrfWhitelist = new ArrayList<>(Arrays.asList(SpringFoxConfig.WHITE_LIST));
List<String> csrfWhitelist = new ArrayList<>(Arrays.asList(SecurityConfig.WHITE_LIST));
csrfWhitelist.add("/topic");
if (csrfWhitelist.parallelStream()
.anyMatch(request.getRequestURI().toLowerCase()::contains)) {
Expand Down
Loading
Loading