IS-41 Port to OpenSAML 5 and updates of dependencies

swedenconnect · Sep 28, 2023 · ddb64b0 · ddb64b0
1 parent aac41fa
commit ddb64b0
Show file tree

Hide file tree

Showing 41 changed files with 439 additions and 531 deletions.
diff --git a/pom.xml b/pom.xml
@@ -6,7 +6,7 @@
 
   <groupId>se.swedenconnect.security</groupId>
   <artifactId>credentials-support</artifactId>
-  <version>1.2.6</version>
+  <version>1.3.0-SNAPSHOT</version>
 
   <name>Sweden Connect :: PKI credentials support library</name>
   <description>Support for credentials (including PKCS11 based keys and HSM:s)</description>
@@ -49,11 +49,13 @@
   <properties>
 
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <java.version>11</java.version>
+    <java.version>17</java.version>
 
-    <!-- Versions on dependencies -->
-    <slf4j.version>1.7.36</slf4j.version>
-    <bc.version>1.72</bc.version>
+    <slf4j.version>2.0.7</slf4j.version>
+    <bc.version>1.76</bc.version>
+
+    <spring.version>6.0.12</spring.version>
+    <spring.boot.version>3.1.4</spring.boot.version>
 
   </properties>
 
@@ -80,44 +82,37 @@
       <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
     </repository>
   </distributionManagement>
+
+  <dependencyManagement>
+    <dependencies>
+
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-framework-bom</artifactId>
+        <type>pom</type>
+        <version>${spring.version}</version>
+        <scope>import</scope>
+      </dependency>
+
+    </dependencies>
+  </dependencyManagement>
 
   <dependencies>
 
     <dependency>
       <groupId>org.springframework</groupId>
       <artifactId>spring-core</artifactId>
-      <version>[5.3.0, 6.0.0)</version>
-      <scope>compile</scope>
     </dependency>
 
     <dependency>
       <groupId>org.springframework</groupId>
       <artifactId>spring-beans</artifactId>
-      <version>[5.3.0, 6.0.0)</version>
-      <scope>compile</scope>
-      <exclusions>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-core</artifactId>        
-        </exclusion>
-      </exclusions>
     </dependency>
 
     <dependency>
       <groupId>org.springframework</groupId>
       <artifactId>spring-context</artifactId>
-      <version>[5.3.0, 6.0.0)</version>
       <scope>compile</scope>
-      <exclusions>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-core</artifactId>        
-        </exclusion>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-beans</artifactId>
-        </exclusion>
-      </exclusions>      
     </dependency>
 
     <dependency>
@@ -126,67 +121,13 @@
       <version>${bc.version}</version>
     </dependency>
 
-    <dependency>
-      <groupId>org.bouncycastle</groupId>
-      <artifactId>bcutil-jdk18on</artifactId>
-      <version>${bc.version}</version>
-    </dependency>
-
-    <dependency>
-      <groupId>org.bouncycastle</groupId>
-      <artifactId>bcpkix-jdk18on</artifactId>
-      <version>${bc.version}</version>
-    </dependency>    
-
-    <dependency>
-      <groupId>org.cryptacular</groupId>
-      <artifactId>cryptacular</artifactId>
-      <version>1.2.5</version>
-      <exclusions>
-        <exclusion>
-          <groupId>org.bouncycastle</groupId>
-          <artifactId>bcprov-jdk18on</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-
     <dependency>
       <groupId>org.opensaml</groupId>
       <artifactId>opensaml-security-api</artifactId>
-      <version>[4.2.0, 5.0.0)</version>
+      <version>5.0.0</version>
       <type>jar</type>
       <scope>compile</scope>
       <optional>true</optional>
-      <exclusions>
-        <exclusion>
-          <groupId>commons-codec</groupId>
-          <artifactId>commons-codec</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-core</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.bouncycastle</groupId>
-          <artifactId>bcprov-jdk15on</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.bouncycastle</groupId>
-          <artifactId>bcpkix-jdk15on</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.bouncycastle</groupId>
-          <artifactId>bcutil-jdk15on</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.opensaml</groupId>
-          <artifactId>opensaml-messaging-api</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.slf4j</groupId>
-          <artifactId>slf4j-api</artifactId>
-        </exclusion>
-      </exclusions>
     </dependency>
 
     <dependency>
@@ -199,35 +140,31 @@
     <dependency>
       <groupId>org.projectlombok</groupId>
       <artifactId>lombok</artifactId>
-      <version>1.18.26</version>
+      <version>1.18.30</version>
       <scope>provided</scope>
     </dependency>
 
     <!-- For testing -->
     <dependency>
       <groupId>org.junit.jupiter</groupId>
-      <artifactId>junit-jupiter-api</artifactId>
-      <version>5.9.0</version>
+      <artifactId>junit-jupiter</artifactId>
+      <version>5.10.0</version>
       <scope>test</scope>
     </dependency>
 
     <dependency>
       <groupId>org.mockito</groupId>
       <artifactId>mockito-core</artifactId>
-      <version>[3.6.0,)</version>
+      <version>5.5.0</version>
       <scope>test</scope>
     </dependency>
 
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-test</artifactId>
-      <version>[2.6.0,3.0.0)</version>
+      <version>${spring.boot.version}</version>
       <scope>test</scope>
       <exclusions>
-        <exclusion>
-          <groupId>org.springframework</groupId>
-          <artifactId>spring-core</artifactId>
-        </exclusion>
         <exclusion>
           <groupId>org.slf4j</groupId>
           <artifactId>slf4j-api</artifactId>
@@ -242,7 +179,7 @@
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-configuration-processor</artifactId>
-      <version>[2.6.0,3.0.0)</version>
+      <version>${spring.boot.version}</version>
       <scope>test</scope>
     </dependency>
 
@@ -258,11 +195,7 @@
   <build>
 
     <plugins>
-      <plugin>
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-surefire-plugin</artifactId>
-        <version>3.0.0-M7</version>
-      </plugin>
+
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-compiler-plugin</artifactId>
@@ -291,12 +224,38 @@
           </filesets>
         </configuration>
       </plugin>
+
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-enforcer-plugin</artifactId>
+        <version>3.1.0</version>
+        <executions>
+          <execution>
+            <id>enforce</id>
+            <configuration>
+              <rules>
+                <dependencyConvergence />
+              </rules>
+            </configuration>
+            <goals>
+              <goal>enforce</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+
 
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-project-info-reports-plugin</artifactId>
         <version>3.4.1</version>
       </plugin>
+
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <version>3.1.2</version>
+      </plugin>      
 
       <!-- run mvn jacoco:report -->
       <plugin>
@@ -326,25 +285,6 @@
       <build>
         <plugins>
 
-          <plugin>
-            <groupId>org.apache.maven.plugins</groupId>
-            <artifactId>maven-enforcer-plugin</artifactId>
-            <version>3.1.0</version>
-            <executions>
-              <execution>
-                <id>enforce</id>
-                <configuration>
-                  <rules>
-                    <dependencyConvergence />
-                  </rules>
-                </configuration>
-                <goals>
-                  <goal>enforce</goal>
-                </goals>
-              </execution>
-            </executions>
-          </plugin>
-
           <plugin>
             <groupId>org.sonatype.plugins</groupId>
             <artifactId>nexus-staging-maven-plugin</artifactId>
@@ -365,7 +305,7 @@
           <plugin>
             <groupId>org.apache.maven.plugins</groupId>
             <artifactId>maven-gpg-plugin</artifactId>
-            <version>1.6</version>
+            <version>3.0.1</version>
             <executions>
               <execution>
                 <id>sign-artifacts</id>
@@ -414,11 +354,6 @@
               <windowtitle>Sweden Connect - PKI credentials support library - ${project.version}</windowtitle>
               <detectJavaApiLink>true</detectJavaApiLink>
               <doclint>all,-missing</doclint>
-              <additionalOptions>-Xdoclint:all -Xdoclint:-missing</additionalOptions>
-              <additionalJOptions>
-                <additionalJOption>-Xdoclint:all</additionalJOption>
-                <additionalJOption>-Xdoclint:-missing</additionalJOption>
-              </additionalJOptions>
               <links>
                 <link>https://docs.spring.io/spring-framework/docs/current/javadoc-api/</link>
               </links>

diff --git a/src/main/java/se/swedenconnect/security/credential/AbstractPkiCredential.java b/src/main/java/se/swedenconnect/security/credential/AbstractPkiCredential.java
@@ -64,7 +64,7 @@ public AbstractPkiCredential() {
   public PublicKey getPublicKey() {
     return Optional.ofNullable(this.getCertificate())
         .map(X509Certificate::getPublicKey)
-        .orElse(this.publicKey);
+        .orElseGet(() -> this.publicKey);
   }
 
   /**
@@ -119,7 +119,8 @@ public void setCertificate(final Resource certificateResource) throws Certificat
   /** {@inheritDoc} */
   @Override
   public List<X509Certificate> getCertificateChain() {
-    return Optional.ofNullable(this.certificates).orElse(Collections.emptyList());
+    return Optional.ofNullable(this.certificates)
+        .orElseGet(() -> Collections.emptyList());
   }
 
   /** {@inheritDoc} */
@@ -156,7 +157,7 @@ public void setPrivateKey(final PrivateKey privateKey) {
 
   /**
    * Assigns a private key resource.
-   * 
+   *
    * @param privateKeyResource a resource holding the key in DER, PEM, or unencrypted PKCS#8 format.
    * @throws KeyException if the key decode fails
    */
@@ -170,7 +171,7 @@ public void setPrivateKey(final Resource privateKeyResource) throws KeyException
    * <li>DER or PEM encoded PKCS#8 format</li>
    * <li>PEM encoded OpenSSL "traditional" format</li>
    * </ul>
-   * 
+   *
    * @param privateKeyResource a resource holding the key in DER, PEM, or PKCS#8 format.
    * @param password the key password
    * @throws KeyException if the key decode/decrypt fails
@@ -180,7 +181,7 @@ public void setPrivateKey(final Resource privateKeyResource, final char[] passwo
       this.setPrivateKey(privateKeyResource);
     }
     else {
-      
+
       try (final InputStream is = privateKeyResource.getInputStream()) {
         this.privateKey = KeyPairUtil.readPrivateKey(is, password);
       }

diff --git a/src/main/java/se/swedenconnect/security/credential/AbstractReloadablePkiCredential.java b/src/main/java/se/swedenconnect/security/credential/AbstractReloadablePkiCredential.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2022 Sweden Connect
+ * Copyright 2020-2023 Sweden Connect
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -20,7 +20,7 @@
 
 /**
  * Abstract base class for reloadable credentials.
- * 
+ *
  * @author Martin Lindström ([email protected])
  * @author Stefan Santesson ([email protected])
  */
@@ -46,10 +46,10 @@ public Supplier<Exception> getTestFunction() {
       return null;
     }
   }
-  
+
   /**
    * Assigns a test function for this credential.
-   * 
+   *
    * @param testFunction
    *          the function
    */