From be379265990671b10e4b5d9c431686398284541d Mon Sep 17 00:00:00 2001 From: dragan-misita_goa Date: Fri, 31 Jan 2025 11:58:03 -0700 Subject: [PATCH] Upgrade to Spring Boot 3.4.2 --- libs/adsp-service-spring-sdk/pom.xml | 10 +---- .../AccessJwtGrantedAuthoritiesConverter.java | 43 ++++++++++--------- .../access/AccessSecurityConfiguration.java | 7 ++- .../sdk/tenant/RequestedTenantFilter.java | 12 +++--- .../tenant/RequestedTenantFilterTests.java | 8 ++-- 5 files changed, 37 insertions(+), 43 deletions(-) diff --git a/libs/adsp-service-spring-sdk/pom.xml b/libs/adsp-service-spring-sdk/pom.xml index 6a6bef2f4f..2faddb6a7c 100644 --- a/libs/adsp-service-spring-sdk/pom.xml +++ b/libs/adsp-service-spring-sdk/pom.xml @@ -7,7 +7,7 @@ org.springframework.boot spring-boot-starter-parent - 2.7.4 + 3.4.2 @@ -86,36 +86,31 @@ org.springframework.boot spring-boot-starter-actuator - 2.7.4 true org.springframework.boot spring-boot-starter-web - 2.7.4 true org.springframework.boot spring-boot-starter-security - 2.7.4 true + org.springframework.boot spring-boot-starter-webflux - 2.7.4 true org.springframework.security spring-security-oauth2-resource-server - 5.7.3 org.springframework.security spring-security-oauth2-jose - 5.7.3 org.springframework.boot @@ -151,7 +146,6 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.4.1 public diff --git a/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessJwtGrantedAuthoritiesConverter.java b/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessJwtGrantedAuthoritiesConverter.java index 2655d3908d..ec75830ec9 100644 --- a/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessJwtGrantedAuthoritiesConverter.java +++ b/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessJwtGrantedAuthoritiesConverter.java @@ -1,6 +1,9 @@ package ca.ab.gov.alberta.adsp.sdk.access; import java.util.Collection; +import java.util.List; +import java.util.Map; + import org.springframework.core.convert.converter.Converter; import org.springframework.lang.Nullable; import org.springframework.security.core.GrantedAuthority; @@ -8,9 +11,6 @@ import org.springframework.security.oauth2.jwt.Jwt; import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter; -import com.nimbusds.jose.shaded.json.JSONArray; -import com.nimbusds.jose.shaded.json.JSONObject; - import ca.ab.gov.alberta.adsp.sdk.AdspId; import reactor.core.publisher.Flux; @@ -33,27 +33,28 @@ public AccessJwtGrantedAuthoritiesConverter(AdspId serviceId, AccessIssuer issue public Collection convert(Jwt source) { Collection authorities = this.jwtConverter.convert(source); authorities.add((new AccessTenancyAuthority(this.issuer))); - - JSONObject realmAccess = source.getClaim(REALM_ACCESS_ROLES_CLAIM); + + Map> realmAccess = source.getClaim(REALM_ACCESS_ROLES_CLAIM); if (realmAccess != null) { - var realmRoles = (JSONArray) realmAccess.get("roles"); - if (realmRoles != null) { - realmRoles.forEach(role -> authorities.add(new SimpleGrantedAuthority(ROLE_AUTHORITY_PREFIX + role))); - } + List realmRoles = realmAccess.get("roles"); + if (realmRoles != null) { + realmRoles.forEach(role -> authorities.add(new SimpleGrantedAuthority(ROLE_AUTHORITY_PREFIX + role))); + } } - - JSONObject clientAccesses = source.getClaim(RESOURCE_ACCESS_CLAIM); + + Map>> clientAccesses = source.getClaim(RESOURCE_ACCESS_CLAIM); if (clientAccesses != null) { - var keys = clientAccesses.keySet(); - for (var key : keys) { - var clientAccess = (JSONObject) clientAccesses.get(key); - var clientRoles = (JSONArray) clientAccess.get("roles"); - if (clientRoles != null) { - clientRoles.forEach(role -> authorities.add( - new SimpleGrantedAuthority( - ROLE_AUTHORITY_PREFIX + (key.equals(this.serviceId) ? role : (key + ":" + role))))); - } - } + var keys = clientAccesses.keySet(); + for (var key : keys) { + Map> clientAccess = clientAccesses.get(key); + List clientRoles = clientAccess.get("roles"); + + if (clientRoles != null) { + clientRoles.forEach(role -> authorities.add( + new SimpleGrantedAuthority( + ROLE_AUTHORITY_PREFIX + (key.equals(this.serviceId) ? role : (key + ":" + role))))); + } + } } return authorities; diff --git a/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessSecurityConfiguration.java b/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessSecurityConfiguration.java index 72406d49b7..71b33f001c 100644 --- a/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessSecurityConfiguration.java +++ b/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/access/AccessSecurityConfiguration.java @@ -1,7 +1,5 @@ package ca.ab.gov.alberta.adsp.sdk.access; -import javax.servlet.http.HttpServletRequest; - import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; @@ -24,6 +22,7 @@ import ca.ab.gov.alberta.adsp.sdk.AdspConfiguration; import ca.ab.gov.alberta.adsp.sdk.AdspId; import ca.ab.gov.alberta.adsp.sdk.metadata.ApiDocsMetadata; +import jakarta.servlet.http.HttpServletRequest; @Configuration @ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET) @@ -59,9 +58,9 @@ protected HttpSecurity configureHttpSecurity(HttpSecurity http, .authorizeHttpRequests( authorize -> { if (this.docsMetadata != null) { - authorize = authorize.antMatchers(HttpMethod.GET, this.docsMetadata.getOpenApiPath()).permitAll(); + authorize.requestMatchers(HttpMethod.GET, this.docsMetadata.getOpenApiPath()).permitAll(); } - authorize.antMatchers(this.apiAntPatterns).authenticated(); + authorize.requestMatchers(this.apiAntPatterns).authenticated(); }) .oauth2ResourceServer( oauth2 -> oauth2.authenticationManagerResolver(authenticationManagerResolver)); diff --git a/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilter.java b/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilter.java index 5a465eb2de..736d85cba4 100644 --- a/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilter.java +++ b/libs/adsp-service-spring-sdk/src/main/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilter.java @@ -2,12 +2,12 @@ import java.io.IOException; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.Filter; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; diff --git a/libs/adsp-service-spring-sdk/src/test/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilterTests.java b/libs/adsp-service-spring-sdk/src/test/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilterTests.java index feb30dba84..c9e130e78e 100644 --- a/libs/adsp-service-spring-sdk/src/test/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilterTests.java +++ b/libs/adsp-service-spring-sdk/src/test/java/ca/ab/gov/alberta/adsp/sdk/tenant/RequestedTenantFilterTests.java @@ -9,10 +9,10 @@ import java.net.URI; import java.net.URISyntaxException; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith;