feat(adsp-service-spring-sdk): upgrade to Spring Boot 3.4.2

BREAKING CHANGE: Requires Spring Boot 3 and Java 17

.github/workflows/delivery-ci.yml

@@ -31,7 +31,7 @@ jobs:
           dotnet-version: '9'
       - uses: actions/setup-java@v4
         with:
-          java-version: '11'
+          java-version: '17'
           distribution: temurin
           cache: maven
       - uses: actions/setup-python@v5

.github/workflows/pull-request.yml

@@ -22,7 +22,7 @@ jobs:
           dotnet-version: '9'
       - uses: actions/setup-java@v4
         with:
-          java-version: '11'
+          java-version: '17'
           distribution: temurin
           cache: maven
       - uses: actions/setup-python@v5

libs/adsp-service-spring-sdk/pom.xml

@@ -7,7 +7,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.7.4</version>
+		<version>3.4.2</version>
 		<relativePath />
 		<!-- lookup parent from repository -->
 	</parent>
@@ -39,7 +39,7 @@
 	</scm>
 
 	<properties>
-		<java.version>11</java.version>
+		<java.version>17</java.version>
 	</properties>
 
 	<profiles>
@@ -86,36 +86,31 @@
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-actuator</artifactId>
-			<version>2.7.4</version>
 			<optional>true</optional>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
-			<version>2.7.4</version>
 			<optional>true</optional>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-security</artifactId>
-			<version>2.7.4</version>
 			<optional>true</optional>
 		</dependency>
+
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-webflux</artifactId>
-			<version>2.7.4</version>
 			<optional>true</optional>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-oauth2-resource-server</artifactId>
-			<version>5.7.3</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-oauth2-jose</artifactId>
-			<version>5.7.3</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
@@ -151,7 +146,6 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-javadoc-plugin</artifactId>
-				<version>3.4.1</version>
 				<configuration>
 					<show>public</show>
 				</configuration>

libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessJwtGrantedAuthoritiesConverter.java

@@ -1,16 +1,16 @@
 package ca.ab.gov.alberta.adsp.sdk.access;
 
 import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+
 import org.springframework.core.convert.converter.Converter;
 import org.springframework.lang.Nullable;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
 
-import com.nimbusds.jose.shaded.json.JSONArray;
-import com.nimbusds.jose.shaded.json.JSONObject;
-
 import ca.ab.gov.alberta.adsp.sdk.AdspId;
 import reactor.core.publisher.Flux;
 
@@ -33,27 +33,28 @@ public AccessJwtGrantedAuthoritiesConverter(AdspId serviceId, AccessIssuer issue
   public Collection<GrantedAuthority> convert(Jwt source) {
     Collection<GrantedAuthority> authorities = this.jwtConverter.convert(source);
     authorities.add((new AccessTenancyAuthority(this.issuer)));
-
-    JSONObject realmAccess = source.getClaim(REALM_ACCESS_ROLES_CLAIM);
+    
+    Map<String, List<String>> realmAccess = source.getClaim(REALM_ACCESS_ROLES_CLAIM);
     if (realmAccess != null) {
-        var realmRoles = (JSONArray) realmAccess.get("roles");
-        if (realmRoles != null) {
-          realmRoles.forEach(role -> authorities.add(new SimpleGrantedAuthority(ROLE_AUTHORITY_PREFIX + role)));
-        }
+    	List<String> realmRoles = realmAccess.get("roles");
+	    if (realmRoles != null) {
+	    	realmRoles.forEach(role -> authorities.add(new SimpleGrantedAuthority(ROLE_AUTHORITY_PREFIX + role)));
+	    }
     }
-
-    JSONObject clientAccesses = source.getClaim(RESOURCE_ACCESS_CLAIM);
+    
+    Map<String, Map<String, List<String>>> clientAccesses = source.getClaim(RESOURCE_ACCESS_CLAIM);
     if (clientAccesses != null) {
-        var keys = clientAccesses.keySet();
-        for (var key : keys) {
-          var clientAccess = (JSONObject) clientAccesses.get(key);
-          var clientRoles = (JSONArray) clientAccess.get("roles");
-          if (clientRoles != null) {
-            clientRoles.forEach(role -> authorities.add(
-                new SimpleGrantedAuthority(
-                    ROLE_AUTHORITY_PREFIX + (key.equals(this.serviceId) ? role : (key + ":" + role)))));
-          }
-        }
+    	var keys = clientAccesses.keySet();
+    	for (var key : keys) {
+    		Map<String, List<String>> clientAccess = clientAccesses.get(key);
+    		List<String> clientRoles = clientAccess.get("roles");
+
+    		if (clientRoles != null) {
+    			clientRoles.forEach(role -> authorities.add(
+    					new SimpleGrantedAuthority(
+    							ROLE_AUTHORITY_PREFIX + (key.equals(this.serviceId) ? role : (key + ":" + role)))));
+    		}
+    	}
     }
 
     return authorities;

libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessSecurityConfiguration.java

@@ -1,7 +1,5 @@
 package ca.ab.gov.alberta.adsp.sdk.access;
 
-import javax.servlet.http.HttpServletRequest;
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
@@ -24,6 +22,7 @@
 import ca.ab.gov.alberta.adsp.sdk.AdspConfiguration;
 import ca.ab.gov.alberta.adsp.sdk.AdspId;
 import ca.ab.gov.alberta.adsp.sdk.metadata.ApiDocsMetadata;
+import jakarta.servlet.http.HttpServletRequest;
 
 @Configuration
 @ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
@@ -59,9 +58,9 @@ protected HttpSecurity configureHttpSecurity(HttpSecurity http,
         .authorizeHttpRequests(
             authorize -> {
               if (this.docsMetadata != null) {
-                authorize = authorize.antMatchers(HttpMethod.GET, this.docsMetadata.getOpenApiPath()).permitAll();
+                authorize.requestMatchers(HttpMethod.GET, this.docsMetadata.getOpenApiPath()).permitAll();
               }
-              authorize.antMatchers(this.apiAntPatterns).authenticated();
+              authorize.requestMatchers(this.apiAntPatterns).authenticated();
             })
         .oauth2ResourceServer(
             oauth2 -> oauth2.authenticationManagerResolver(authenticationManagerResolver));

libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilter.java

@@ -2,12 +2,12 @@
 
 import java.io.IOException;
 
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;

libs/adsp-service-spring-sdk/src/test/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilterTests.java

@@ -9,10 +9,10 @@
 import java.net.URI;
 import java.net.URISyntaxException;
 
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;