Skip to content

Commit

Permalink
Upgrade to Spring Boot 3
Browse files Browse the repository at this point in the history
  • Loading branch information
Luca Bassi committed Dec 10, 2024
1 parent 6812d87 commit 9b577b3
Show file tree
Hide file tree
Showing 112 changed files with 1,161 additions and 965 deletions.
9 changes: 5 additions & 4 deletions doc/external-sessions.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,10 @@ spring:
session:
store-type: redis

redis:
host: redis.host.example
port: 6379
data:
redis:
host: redis.host.example
port: 6379

management:
health:
Expand All @@ -30,4 +31,4 @@ management:
For other redis connection configuration options, see the [Spring boot reference guide][spring-boot-reference].
[redis]: https://redis.io/
[spring-boot-reference]: https://docs.spring.io/spring-boot/docs/2.2.9.RELEASE/reference/htmlsingle/#data-properties
[spring-boot-reference]: https://docs.spring.io/spring-boot/appendix/application-properties/index.html#appendix.application-properties.data
79 changes: 65 additions & 14 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<!-- Keep this aligned with the spring.boot-version property below! -->
<version>2.7.18</version>
<version>3.4.0</version>
<relativePath />
</parent>

Expand All @@ -26,29 +26,33 @@
<plugin.assembly.version>2.4</plugin.assembly.version>
<plugin.shade.version>2.3</plugin.shade.version>
<plugin.license.version>1.9.0</plugin.license.version>
<plugin.git-commit-id.version>9.0.1</plugin.git-commit-id.version>
<plugin.jacoco.version>0.8.8</plugin.jacoco.version>

<java.version>17</java.version>

<!-- Keep this aligned with the parent project version! -->
<spring-boot.version>2.7.18</spring-boot.version>
<spring-security.version>5.8.15</spring-security.version>
<spring-boot.version>3.4.0</spring-boot.version>

<!-- Sonarcloud.io properties -->
<sonar.projectKey>italiangrid_storm-webdav</sonar.projectKey>
<sonar.organization>italiangrid</sonar.organization>
<sonar.host.url>https://sonarcloud.io</sonar.host.url>

<voms-api-java.version>3.3.3</voms-api-java.version>
<milton.version>2.7.1.7</milton.version>
<milton.version>4.0.5.2400</milton.version>

<commons-lang.version>2.3</commons-lang.version>
<commons-cli.version>1.2</commons-cli.version>
<commons-csv.version>1.0</commons-csv.version>
<jimfs.version>1.1</jimfs.version>

<http-core.version>4.2.2</http-core.version>
<http-client.version>4.2.1</http-client.version>
<metrics.version>4.2.28</metrics.version>
<http-server.version>11.0.24</http-server.version>
<httpclient5.version>5.4.1</httpclient5.version>

<logback-access.version>2.0.3</logback-access.version>
<logback-access-jetty12.version>2.0.4</logback-access-jetty12.version>

<guava.version>32.0.0-jre</guava.version>

Expand Down Expand Up @@ -77,8 +81,20 @@
</plugin>

<plugin>
<groupId>pl.project13.maven</groupId>
<artifactId>git-commit-id-plugin</artifactId>
<groupId>io.github.git-commit-id</groupId>
<artifactId>git-commit-id-maven-plugin</artifactId>
<version>${plugin.git-commit-id.version}</version>
</plugin>

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<parameters>true</parameters>
<compilerArgs>
<arg>-parameters</arg>
</compilerArgs>
</configuration>
</plugin>

<plugin>
Expand Down Expand Up @@ -171,6 +187,23 @@
</build>

<dependencies>
<dependency>
<groupId>org.apache.groovy</groupId>
<artifactId>groovy</artifactId>
<version>4.0.21</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-properties-migrator</artifactId>
<scope>runtime</scope>
<exclusions>
<exclusion>
<groupId>com.vaadin.external.google</groupId>
<artifactId>android-json</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
<groupId>com.google.jimfs</groupId>
<artifactId>jimfs</artifactId>
Expand Down Expand Up @@ -314,11 +347,13 @@
<dependency>
<groupId>io.dropwizard.metrics</groupId>
<artifactId>metrics-core</artifactId>
<version>${metrics.version}</version>
</dependency>

<dependency>
<groupId>io.dropwizard.metrics</groupId>
<artifactId>metrics-jetty9</artifactId>
<artifactId>metrics-jetty12</artifactId>
<version>${metrics.version}</version>
<exclusions>
<exclusion>
<groupId>org.eclipse.jetty</groupId>
Expand All @@ -329,12 +364,20 @@

<dependency>
<groupId>io.dropwizard.metrics</groupId>
<artifactId>metrics-servlets</artifactId>
<artifactId>metrics-jetty12-ee10</artifactId>
<version>${metrics.version}</version>
</dependency>

<dependency>
<groupId>io.dropwizard.metrics</groupId>
<artifactId>metrics-jakarta-servlets</artifactId>
<version>${metrics.version}</version>
</dependency>

<dependency>
<groupId>org.eclipse.jetty.http2</groupId>
<artifactId>http2-server</artifactId>
<version>${http-server.version}</version>
</dependency>

<dependency>
Expand All @@ -359,8 +402,9 @@
</dependency>

<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-access</artifactId>
<groupId>ch.qos.logback.access</groupId>
<artifactId>common</artifactId>
<version>${logback-access.version}</version>
</dependency>

<dependency>
Expand All @@ -374,8 +418,15 @@
</dependency>

<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<groupId>ch.qos.logback.access</groupId>
<artifactId>logback-access-jetty12</artifactId>
<version>${logback-access-jetty12.version}</version>
</dependency>

<dependency>
<groupId>org.apache.httpcomponents.client5</groupId>
<artifactId>httpclient5</artifactId>
<version>${httpclient5.version}</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,10 @@
import java.util.LinkedHashMap;
import java.util.Map;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jakarta.servlet.RequestDispatcher;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import org.springframework.http.HttpStatus;
import org.springframework.security.core.AuthenticationException;
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/org/italiangrid/storm/webdav/authz/Utils.java
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,13 @@
import java.util.Optional;

import javax.security.auth.x500.X500Principal;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;

import eu.emi.security.authn.x509.proxy.ProxyUtils;

public class Utils {

public static final String X509_CERT_REQ_ATTR = "javax.servlet.request.X509Certificate";
public static final String X509_CERT_REQ_ATTR = "jakarta.servlet.request.X509Certificate";

private Utils() {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,17 +18,17 @@
import java.util.Collection;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;

import org.italiangrid.voms.VOMSAttribute;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails;

public class VOMSAuthenticationDetails
extends PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails {

private static final long serialVersionUID = 1L;

// Transient here is due to the fact that VOMSAttributesImpl is not serializable!
final transient List<VOMSAttribute> vomsAttributes;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
import java.security.cert.X509Certificate;
import java.util.Optional;

import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;

import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
import java.util.Set;

import javax.security.auth.x500.X500Principal;
import javax.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequest;

import org.italiangrid.storm.webdav.authz.vomap.VOMapDetailsService;
import org.italiangrid.voms.VOMSAttribute;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,16 +18,21 @@
import org.italiangrid.storm.webdav.authz.VOMSVOAuthority;
import org.italiangrid.storm.webdav.authz.VOMSVOMapAuthority;
import org.springframework.security.core.Authentication;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class StormSecurityExpressionMethods {

private static final Logger LOG = LoggerFactory.getLogger(StormSecurityExpressionMethods.class);

final Authentication authentication;

public StormSecurityExpressionMethods(Authentication authn) {
this.authentication = authn;
}

public boolean isVOMSAuthenticated() {
LOG.warn("isVOMSAuthenticated: {}", authentication.getAuthorities().stream().anyMatch(VOMSVOAuthority.class::isInstance));
return authentication.getAuthorities().stream().anyMatch(VOMSVOAuthority.class::isInstance);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import org.slf4j.LoggerFactory;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.authorization.AuthorizationResult;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.access.intercept.RequestAuthorizationContext;

Expand All @@ -39,14 +40,25 @@ public ConsensusBasedManager(String name,
this.managers = managers;
}

@Deprecated
@Override
public AuthorizationDecision check(Supplier<Authentication> authentication,
RequestAuthorizationContext requestAuthorizationContext) {
if (authorize(authentication,
requestAuthorizationContext) instanceof AuthorizationDecision authorizationDecision) {
return authorizationDecision;
}
return null;
}

@Override
public AuthorizationResult authorize(Supplier<Authentication> authentication,
RequestAuthorizationContext requestAuthorizationContext) {
int grant = 0;
int notGrant = 0;

for (AuthorizationManager<RequestAuthorizationContext> manager : managers) {
AuthorizationDecision result = manager.check(authentication, requestAuthorizationContext);
AuthorizationResult result = manager.authorize(authentication, requestAuthorizationContext);

if (LOG.isDebugEnabled()) {
LOG.debug("Voter: {}, returned: {}", manager, result);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationResult;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.access.intercept.RequestAuthorizationContext;

Expand All @@ -40,9 +41,20 @@ public FineGrainedAuthzManager(ServiceConfigurationProperties config, PathResolv
super(config, resolver, pdp, localUrlService, true);
}

@Deprecated
@Override
public AuthorizationDecision check(Supplier<Authentication> authentication,
RequestAuthorizationContext requestAuthorizationContext) {
if (authorize(authentication,
requestAuthorizationContext) instanceof AuthorizationDecision authorizationDecision) {
return authorizationDecision;
}
return null;
}

@Override
public AuthorizationResult authorize(Supplier<Authentication> authentication,
RequestAuthorizationContext requestAuthorizationContext) {

final String requestPath = getRequestPath(requestAuthorizationContext.getRequest());
StorageAreaInfo sa = resolver.resolveStorageArea(requestPath);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationResult;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.access.intercept.RequestAuthorizationContext;

Expand All @@ -44,9 +45,20 @@ public FineGrainedCopyMoveAuthzManager(ServiceConfigurationProperties config,
super(config, resolver, pdp, localUrlService, true);
}

@Deprecated
@Override
public AuthorizationDecision check(Supplier<Authentication> authentication,
RequestAuthorizationContext requestAuthorizationContext) {
if (authorize(authentication,
requestAuthorizationContext) instanceof AuthorizationDecision authorizationDecision) {
return authorizationDecision;
}
return null;
}

@Override
public AuthorizationResult authorize(Supplier<Authentication> authentication,
RequestAuthorizationContext requestAuthorizationContext) {

if (!isCopyOrMoveRequest(requestAuthorizationContext.getRequest())) {
return null;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationResult;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.security.web.access.intercept.RequestAuthorizationContext;
Expand All @@ -56,9 +57,20 @@ private boolean isLocalAuthzToken(JwtAuthenticationToken token) {
&& !isNullOrEmpty(token.getToken().getClaimAsString(DefaultJwtTokenIssuer.PATH_CLAIM));
}

@Deprecated
@Override
public AuthorizationDecision check(Supplier<Authentication> authentication,
RequestAuthorizationContext requestAuthorizationContext) {
if (authorize(authentication,
requestAuthorizationContext) instanceof AuthorizationDecision authorizationDecision) {
return authorizationDecision;
}
return null;
}

@Override
public AuthorizationResult authorize(Supplier<Authentication> authentication,
RequestAuthorizationContext requestAuthorizationContext) {

if (!(authentication.get() instanceof JwtAuthenticationToken)) {
return null;
Expand Down
Loading

0 comments on commit 9b577b3

Please sign in to comment.