From 7558549a5f242bf1590db5580cea03bee80e5275 Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Sun, 8 Nov 2020 10:50:13 +0100 Subject: [PATCH 01/12] update changelog --- CHANGELOG.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 600ed927..4657c93c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,11 @@ # Changelog -### 4.4.1 (unreleased) +### 4.4.2 (unreleased) * (none) so far +### 4.4.1 (2020-11-08) +* (all) Dependencies upgraded to latest + ### 4.4.0 (2020-07-15) * (all) Migrate tests from Junit4 to Junit5 * (base) Some minor internal changes and optimizations From d4466b4c7526b6292df327a705b219f566cf65fe Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Sun, 8 Nov 2020 10:50:43 +0100 Subject: [PATCH 02/12] set version to next snapshot --- version.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version.txt b/version.txt index cca25a93..6be5f1e4 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -4.4.1 +4.4.2-SNAPSHOT From d120455752e615562bf608661697b2835872cfca Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Sun, 8 Nov 2020 10:56:22 +0100 Subject: [PATCH 03/12] enhance changelog with links to version diffs --- CHANGELOG.md | 56 +++++++++++++++++++++++++++++++++++----------------- 1 file changed, 38 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4657c93c..60a86668 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,42 +1,42 @@ # Changelog -### 4.4.2 (unreleased) +### [4.4.2] (unreleased) * (none) so far -### 4.4.1 (2020-11-08) +### [4.4.1] (2020-11-08) * (all) Dependencies upgraded to latest -### 4.4.0 (2020-07-15) +### [4.4.0] (2020-07-15) * (all) Migrate tests from Junit4 to Junit5 * (base) Some minor internal changes and optimizations * (base) Remove springfox and integrate springdoc (OpenApi 3) -### 4.3.0 (2020-05-28) +### [4.3.0] (2020-05-28) * (all) Update dependencies * (all) Refactoring of gradle build scripts * (all) Remove module-info again (wasn't working correctly anyway) * (memcache) Fix bug when running against memcached >= 1.5 which made this plugin effectively useless -### 4.2.0 (2020-02-08) +### [4.2.0] (2020-02-08) * (all) Update dependencies -### 4.1.1 (2019-09-21) +### [4.1.1] (2019-09-21) * (all) Update dependencies -### 4.1.0 (2019-03-29) +### [4.1.0] (2019-03-29) * (all) Cleanup gradle build scripts * (all) Fix compile / build with Java 11 * (all) Separate modules for usage (java 9+) * (hibernate): Use IDENTITY as strategy for entity -### 4.0.0 (2018-09-28) +### [4.0.0] (2018-09-28) * (redis) Add support for redis as backend * (files) Add support for filesystem as backend * (base) TimeWithPeriod is now serializable with Jackson * (base) Split the all-mighty rest controller into separate ones and extract logic into services (which you may override now) * (base) Refactoring of base to ease overriding specific behaviour -### 3.0.0 (2018-04-17) +### [3.0.0] (2018-04-17) * (all) Add support for spring boot 2 * (all) Set minimum required boot version to 2.x * (base) Update nimbus library to at least 5.7 @@ -46,11 +46,11 @@ * (base) TimeWithPeriod and expiresIn in Auth-Responses now use long instead of int * (base) Lombok is no longer a runtime dependency -### 2.0.1 (2017-12-09) +### [2.0.1] (2017-12-09) * (all) Replaced beans constructor-based autowiring with setters * (all) Project is now compatible with DCEVM and Hotswap agent -### 2.0.0 (2017-11-30) +### [2.0.0] (2017-11-30) * (base) Another great refactoring: * Remove deviceId from everywhere * Clients do no longer need any deviceId for refresh tokens @@ -65,14 +65,14 @@ * (base) Add support for tokens sent as cookies (both access and refresh) * (base) Make JwtTokenService.getToken() deprecated -### 1.1.0 (2017-11-30) +### [1.1.0] (2017-11-30) * (base) Make JwtUser extendable (#20) * (base) Make rest endpoints configurable (#19) * (base) Mark JwtTokenService.getExpiration as deprecated * (base) Mark RefreshTokenStore.getRefreshExpiration as deprecated * (doc) Create a plantuml sequence diagram for README -### 1.0.0 (2017-09-05) +### [1.0.0] (2017-09-05) * (all) Add spring configuration properties support for IDE auto-completion * (all) Renamed / moved some properties * ```fraho.jwt.refresh.cache.impl``` to ```fraho.jwt.refresh.cache-impl``` @@ -86,7 +86,7 @@ * (base) Rename ```WebSecurityConfig``` to ```JwtSecurityConfig``` * (base) Delete ```JwtAuthenticationEntryPoint``` -### 0.8.1 (2017-08-17) +### [0.8.1] (2017-08-17) * (all) Some minor cleanup (code smells) * (all) Add Jetbrains Annotations for Nullable and NotNull constraints * (all) Prefer constructor based autowiring over field injection @@ -97,22 +97,42 @@ * (hibernate) Ensure that "created" is a timestamp column * (hibernate) Do not register DateTime-Converter globally -### 0.8.0 (2017-06-06) +### [0.8.0] (2017-06-06) * (base) Fix JwtTokenService.isRefreshTokenSupported() not working as expected (always returning true) * (doc) Add a changelog file (#13) * (base) Support multiple roles for JwtUser (#2) * (memcache, internal) Delimiter for map keys are now configurable (#14) -### 0.7.0 (2017-06-02) +### [0.7.0] (2017-06-02) * (hibernate) Add hibernate module (Support storage of refresh tokens in a jdbc database) * (base) Add jackson java8 module to compile path (#1) * (base) Add Insomnia project as an example on how to interact with login / refresh * (test) Huge refactoring of testcode, removed a lot of redundancy * (test)First publication of abstract testclases for other modules -### 0.6.0 (2017-05-19) +### [0.6.0] (2017-05-19) * Somehow messed up my git repository, so this release will be the base for all further releases * Many untracked changes (sorry) -### 0.5.2 (2017-05-17) +### [0.5.2] (2017-05-17) * Initial release to github and maven central + + +[4.4.2]: https://github.com/bratkartoffel/security-jwt/compare/4.4.1...develop +[4.4.1]: https://github.com/bratkartoffel/security-jwt/compare/4.4.0...4.4.1 +[4.4.0]: https://github.com/bratkartoffel/security-jwt/compare/4.3.0...4.4.0 +[4.3.0]: https://github.com/bratkartoffel/security-jwt/compare/4.2.0...4.3.0 +[4.2.0]: https://github.com/bratkartoffel/security-jwt/compare/4.1.1...4.2.0 +[4.1.1]: https://github.com/bratkartoffel/security-jwt/compare/4.1.0...4.1.1 +[4.1.0]: https://github.com/bratkartoffel/security-jwt/compare/4.0.0...4.1.0 +[4.0.0]: https://github.com/bratkartoffel/security-jwt/compare/3.0.0...4.0.0 +[3.0.0]: https://github.com/bratkartoffel/security-jwt/compare/2.0.1...3.0.0 +[2.0.1]: https://github.com/bratkartoffel/security-jwt/compare/2.0.0...2.0.1 +[2.0.0]: https://github.com/bratkartoffel/security-jwt/compare/1.1.0...2.0.0 +[1.1.0]: https://github.com/bratkartoffel/security-jwt/compare/1.0.0...1.1.0 +[1.0.0]: https://github.com/bratkartoffel/security-jwt/compare/0.8.1...1.0.0 +[0.8.1]: https://github.com/bratkartoffel/security-jwt/compare/0.8.0...0.8.1 +[0.8.0]: https://github.com/bratkartoffel/security-jwt/compare/0.7.0...0.8.0 +[0.7.0]: https://github.com/bratkartoffel/security-jwt/compare/0.6.0...0.7.0 +[0.6.0]: https://github.com/bratkartoffel/security-jwt/compare/0.5.2...0.6.0 +[0.5.2]: https://github.com/bratkartoffel/security-jwt/tree/0.5.2 From c92dec4cf213c0e1885c3a3cfe10c53d98701c9c Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Sun, 8 Nov 2020 10:57:58 +0100 Subject: [PATCH 04/12] upgrade readme with new versions --- README.md | 14 +++++++------- files/README.md | 2 +- hibernate/README.md | 2 +- internal/README.md | 2 +- memcache/README.md | 2 +- redis/README.md | 2 +- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 721154a0..2446d37f 100644 --- a/README.md +++ b/README.md @@ -43,13 +43,13 @@ The default configuration should be sufficient for the most use cases. eu.fraho.spring security-jwt-base - 4.4.0 + 4.4.1 eu.fraho.spring security-jwt-base-spring-boot-starter - 4.4.0 + 4.4.1 ``` @@ -60,27 +60,27 @@ When you want to add refresh token support, then choose one of the following dep eu.fraho.spring security-jwt-internal - 4.4.0 + 4.4.1 eu.fraho.spring security-jwt-memcache - 4.4.0 + 4.4.1 eu.fraho.spring security-jwt-hibernate - 4.4.0 + 4.4.1 eu.fraho.spring security-jwt-redis - 4.4.0 + 4.4.1 eu.fraho.spring security-jwt-files - 4.4.0 + 4.4.1 ``` diff --git a/files/README.md b/files/README.md index 451cddd1..7b7bcec7 100644 --- a/files/README.md +++ b/files/README.md @@ -7,7 +7,7 @@ This module adds support for storing refresh tokens within an simple json docume eu.fraho.spring security-jwt-files - 4.4.0 + 4.4.1 ``` diff --git a/hibernate/README.md b/hibernate/README.md index 932f6319..37ad92f8 100644 --- a/hibernate/README.md +++ b/hibernate/README.md @@ -13,7 +13,7 @@ for rows you have to regularly cleanup the token table, e.g. by using a cronjob. eu.fraho.spring security-jwt-hibernate - 4.4.0 + 4.4.1 ``` diff --git a/internal/README.md b/internal/README.md index 73319002..c1a0fe49 100644 --- a/internal/README.md +++ b/internal/README.md @@ -7,7 +7,7 @@ This module adds support for storing refresh tokens within an in-memory storage. eu.fraho.spring security-jwt-internal - 4.4.0 + 4.4.1 ``` diff --git a/memcache/README.md b/memcache/README.md index ad8a0941..fa714615 100644 --- a/memcache/README.md +++ b/memcache/README.md @@ -9,7 +9,7 @@ Please note that the memcache-plugin needs an external memcached server. eu.fraho.spring security-jwt-memcache - 4.4.0 + 4.4.1 ``` diff --git a/redis/README.md b/redis/README.md index 5c68756f..681827dc 100644 --- a/redis/README.md +++ b/redis/README.md @@ -9,7 +9,7 @@ Please note that the redis-plugin needs an external redisd server. eu.fraho.spring security-jwt-redis - 4.4.0 + 4.4.1 ``` From 3f1d1f6038d2902d17973a0c845c1cadf2c69fe7 Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Sun, 8 Nov 2020 11:04:42 +0100 Subject: [PATCH 05/12] update readme with minimum required spring boot version --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 2446d37f..ea0dbfc3 100644 --- a/README.md +++ b/README.md @@ -97,6 +97,7 @@ To see this library "in action", please take a look at [the examples](https://gi # Spring boot and library versions * The 2.x versions are compatible with spring boot 1.5.x * The 3.x versions are compatible with spring boot 2.x +* Starting with 4.4.1, the minumum required spring boot version is 2.2.0 ## Spring Boot Autoconfig (recommended): * Use any *-spring-boot-starter dependency you like From 6a03ad4c7ee6fe26bed638be18b2fae692b7d5c0 Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Wed, 21 Apr 2021 07:13:17 +0200 Subject: [PATCH 06/12] upgrade dependencies --- gradle.properties | 18 +++++++++--------- gradle/wrapper/gradle-wrapper.jar | Bin 58910 -> 59203 bytes gradle/wrapper/gradle-wrapper.properties | 2 +- gradlew | 2 +- gradlew.bat | 21 +++------------------ 5 files changed, 14 insertions(+), 29 deletions(-) diff --git a/gradle.properties b/gradle.properties index 7716ea5e..c617524d 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,20 +1,20 @@ # plugins springBootVersion=2.2.0.RELEASE springDependencyManagementPluginVersion=1.0.10.RELEASE -lombokPluginVersion=5.3.0 -testLoggerPluginVersion=2.1.1 -versionsPluginVersion=0.35.0 +lombokPluginVersion=5.3.3.3 +testLoggerPluginVersion=3.0.0 +versionsPluginVersion=0.38.0 # dependencies -bouncyCastleVersion=1.67 +bouncyCastleVersion=1.68 commonsCodecVersion=1.15 expiringMapVersion=0.5.9 h2Version=1.4.200 jacocoVersion=0.8.5 -jacksonVersion=2.11.3 -jedisVersion=3.3.0 -jupiterVersion=5.7.0 +jacksonVersion=2.12.3 +jedisVersion=3.6.0 +jupiterVersion=5.7.1 lombokVersion=1.18.12 -nimbusJwtVersion=9.1.2 -openApiVersion=1.4.8 +nimbusJwtVersion=9.8.1 +openApiVersion=1.5.7 powerMockVersion=2.0.9 spyMemcachedVersion=2.12.3 diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar index 62d4c053550b91381bbd28b1afc82d634bf73a8a..e708b1c023ec8b20f512888fe07c5bd3ff77bb8f 100644 GIT binary patch delta 6656 zcmY+Ibx_pN*Z*PZ4(U#j1qtbvrOTyO8fghZ8kYJfEe%U|$dV!@ASKczEZq$fg48M@ z;LnHO_j#Uq?%bL4dY^md%$$4Y+&@nKC|1uHR&59YNhubGh72|a#ylPdh9V+akp|I; zPk^W-a00GrFMkz_NSADdv2G2-i6rb=cB_@WnG(**4ZO$=96R=t|NZ@|0_z&q3GwO^ ziUFcuj$a9QaZ3j?xt`5#q`sT-ufrtBP0nt3IA&dr*+VCsBzBVW?vZ6eZr0oD%t33z zm~-5IVsjy(F>;S~Pm@bxX85>Z*@(QL6i3JQc?1ryQFcC@X^2^mZWhFv|v? z49>l|nA&XNQ6#OvccUTyBMB*WO#NA;FW5|eE_K6dtVYP2G?uUZ09!`Iq1IF2gA(aS zLu@G^cQJmh=x?-YsYa@E6QnE5+1@ds&0f#OQRDl^GnIT_m84G5XY%W z;Ck6bk^Oeu*Ma-XmxI5GjqzWNbJMsQF4)WfMZEA{oxW0E32e)*JfG}3otPishIQBw zkBe6N#4pKPN>q1R6G1@5&(u#5yPEToMBB6_oEK|q z@(i5j!?;NNCv~=HvW%zF&1yWBq(nJa_#``G&SRmQvE|jePUPs{J!$TacM|e}Fsceb zx+76|mDp6@w>)^DIl{8?)6XYNRU|2plG8Jy&7(^9SdOWNKKJK&>0!z6XiN4J*Jkao z=E1y5x-XDC==Ub+8fLb#OW&{2ww{h^xlJFYAMOUd)}Xg@j?ak{7Kno6?9S~F?|6Df zHo|ijXX~`Sp;Vf!nR;m%vUhq>zvlRXsL0u*Tt?F#yR}3tF0#of{(UjitqST|!{aBA zicWh+URU}Jnc*sg9iMkf0pggpd?3TI*C-q$2QOdCC7rV+CHBmjS3O%a3VeZ$ZSs5ubJuJp%e%$LHgrj0niYjX;4kt z&2~j%@q3MO)-QGCA{>o%eZu){ou^MgC6~Z8Y=tc!qF=|TOlG3wJXbaLYr-;$Ch=2J z_UcE59Xzq&h0LsjLrcZrQSa}#=0~Lk|4?e4M z6d;v->NCC1oMti)RRc`Ys0?JXQjsZ@VdCy%Z)TptCrI>0Tte$pR!@yJesoU2dtyuW z7iFsE8)CkbiJP+OP28;(%?!9WddQZcAid@R@`*e%3W65$g9ee`zvwb(VPO+uVBq6p z{QDR%CR(2z@?&9Obm3xPi2lzvfip`7q`_7UDD|lRS}4=bsl3xQIOi0@GSvMuDQX}* z4B^(DI<${qUhcLqO`itJU;e<%%iS+R3I^_xIV1O%sp*x~;-dn` zt$8>RnSUh#rU3{-47067W^WNwTdq-t$-U>Hj%r!GD!gLa;kV zW5g6pCqV+!q8LgrI49(}fIc5K_`FLV4_E#XZ6{<>w8wzc%V9k!!Byg5-0WY+J?1*z%9~Aj4WQr1Jsn2(G!U8fFpi(wsy@JLg^d+IB0kl89 z0@Ssqf!L9JjYKK$J=978+NO*5^C)GPH2a%4hm$HROjM|N3g9ch9kDLh*nlwqy{mVM z`P(l#>3NnK%#O8tSb(VmZrG+`dRD#=Cc1P%(y5S?*Hj5E{vg&Eiw!YV>S#7_WRDVoFxT5m=gFi4)}y5V%KT8!xbsH_rmR& zsmM?%J}K$1l8d?2+m(}2c}-G`x>CY%Y&QBJRC$sKM}zN<9{IlF@yJEG<^0={$+`Hc zDodJ)gCADJ_bD#am(c2ojXKb|j+ENJ#58PAA&pZXufrFzBwnuuo+khfMgd!DMlU#v z9|JelQO~E2;d^w!RZJbt%IANIudpKSP)cssoWhq)>({nvcfCr0=9=FAIMuZm8Eo=} z|DND}8_PB5HqG(QwDvaM@orYBZ9kCkHV*rxKTy>q7n~0emErUwLbhq;VN<2nKT&*a2Ajz z;lKBzU2i8KLV`d)Y&ae)!HcGk$dO}Or%8KF@kE@jU1h@zwpw{6p4ME|uC$Za-ERR2 ztQvL&uOZLe(k{w_+J^ng+l}~N8MP>F1Z$fLu}D-WWaeu#XduP@#8JpmH(X>rIL)k3 zyXNyTIB1(IH%S&pQ{rWaTVfB$~-;RnlY z^(y7mR>@=brI>!TrA)BQsQ={b*6$=1Eqbuu6IdhJ&$YD$08AwtNr9*J?%-WT<;O1< zPl1<@yeqfZ>@s4azqTf<=I4(kU^+^Qkstm%WM-0_VLm({jFc8`5Df2Q1Y9zMZu0^! zsO_yh2Sz9K>Jq6fkYbBZocEJ6C!SdEzYDkiEtNJs{?!tA#e|oiN+VaaAobwKef_kUup&4scD?1+}Q8)DaekkMYn-FOS{J%NY za^mmJ^n`t*1p@hF*gl#L+5wr40*(ub4J#L|@oCl~@|4UvCjHBYDQv&S zhyGMAkRO^tF_dyi&XM)4mQ;k>kj?RgRo@-?==oD+ns*>bf@&fPXF|4U0&ib2 zo~1ZdmCPWf!W9#sGP@9X$;Rc`tjbz^&JY}z{}j9bl?;VC{x)TfQH$D^WowKL&4Zx@ zdSn+QV7H(e0xRfN6aBfH)Q=@weoD?dvu6^ZS)zqb>GwMmIuS8zJfaMUQx9>%k~w34 z3}_B2Jj~u=SnJ~vZPj*)UoDi_FtT=UAb#J^b4B%R6z3H%cj-1OCjU5F$ky>By1zsg z>2A0ccp29(Y<;my|J_g-r{1I@+*O$>!R3`_sFNP4e}LD1e1mM&SA`;;TR0I`_hESV zh4U*9ecK$0=lYk`{SR_cm$}iS*?yQR(}T-5ub?Wn^#RTe*^1~ya%`!xWq-F*WH@%nnZTNREA z3eUX2uM9b_w!Zo$nVTotEtzuL(88N)H~v_G=89|(@IFz~Wq6ME);z(!2^PkR2B&kE zxR)xV8PE|Hszyjp#jNf=ZIQ7JR~4Ls#Vd@mPF(7R5VO$akUq8JM+sn>ZVg(lJZ)5qjqdw(*7tuwjY#0tx+|!sTz9yV~%HOdrb#!5w9>*0LrCS z%wF$Yc6~hqVQZzoC^D<(-h0aOtk}kn<<*xF61HQr<5}efY{zXXA+PaJG7vT&{Oz(@Uu!V#Fp9%Ht!~@;6AcD z$lvlPu&yd(YnAHfpN51*)JN0aYw9gGk{NE7!Oqu4rBp}F30669;{zcH-a7w9KSpDQPIE_f9T zit? zJSjTKWbe{f{9BmSDAFO1(K0oqB4578tU0(oRBE^28X>xDA!1C&VJEiYak4_ZTM*7M`hv_ zw3;2ndv3X$zT!wa7TrId{gNE`Vxf}j5wsyX+;Kn<^$EJT`NzznjyYx=pYMkZjizEU zb;Gg8Pl_pqxg)9P)C)Hxh_-mQ;u-I_Ol>d^>q08zFF!>Z3j1-HmuME_TGZ*Ev;O0O z%e(edJfV<6t3&FKwtInnj9EeQhq9;o5oLJoiKwWF5bP2~Feh#P4oN()JT0pdq!9x* ze3D-1%AV#{G=Op$6q?*Z>s{qFn}cl@9#m@DK_Bs@fdwSN`Qe18_WnveRB583mdMG- z?<3pJC!YljOnO8=M=|Cg)jw;4>4sna`uI>Kh&F20jNOk9HX&}Ry|mHJ+?emHnbYLJ zwfkx@slh31+3nq-9G5FVDQBHWWY}&hJ-fpDf!lQdmw8dlTt#=)20X74S>c&kR(?PT zBg)Y%)q&|hW1K;`nJPAGF*c3{3`FvrhD9=Ld{3M*K&5$jRhXNsq$0CLXINax1AmXX ziF39vkNtcK6i^+G^AEY!WalGazOQ$_#tx?BQ{YY$&V&42sICVl8@AI6yv;sGnT;@f zL=}rZcJqNwrEEA=GDdEe8Z=f9>^?($oS8xGdFf1eUWTYtZF<3tu2V%noPBnd=thZ+ zO&xoc?jvXG7Xt!RTw#5VN50UjgqSntw9Y35*~pxz=8OzkXg{@S2J%+{l3Q>B_qbnl z20Deb7JM&ZSp`%X>xWpb>FF8q7Nq&4#a1}A-(-!aMDmVbz05D!NpUzVe{~72h%cOh zwQFNai2a$K|hFgDk(oPF_tuf{BV!=m0*xqSzGAJ(~XUh8rk#{YOg0ReK>4eJl z;-~u5v$}DM)#vER>F)-}y(X6rGkp<{AkiPM7rFgAV^)FUX8XmCKKaWlS4;MSEagj$ z#pvH`vLX1q{&eOm>htnk4hmv=_)ao!MCp}9ql5yfre&Py!~hBAGNBa}PH&J8K=~<% z&?!J-QaH|0bq_uo6rt*r-M>d7jm1cbW^T>s)S?L{n8v`^?VIPA+qi^6e@cM|5boqEO!p1e|_{7U3Yl6K?0xMN1bbjf0@$TE-T))w> zFe?E?g$PUT-)AJ(PS^By^D^Ed!K5iv$*_eW~VA(I3~UMy*ZcgVu0$XZC*_0PgDmUL)qTCn927LD~p$yXR_GCJ&iQ; z4*`%l-dC5pALH!y*nmhdHRh02QjW1vZL4ySucz*w3f|#`=u@@YvMV1?i!&DIa2+S< z8z!gvN3FV4I;%fl;ruFeV{jKjI~?GlgkmGBuJ<7vY|l3xMOc?S@Q#C(zo*m&JLrjT2rU9PYOniB8O~yO5<1CCcQz# z17B2m1Z{R!Y)UO#CU-Y&mOlv4*Gz%rC_YkRcO)jTUEWHDvv!GWmEihE>OKPx1J?Av z8J{-#7NsT>>R#*7**=QL)1@IR77G9JGZZiVt!=jD+i(oRV;I`JkiTSZkAXuHm-VG1 z+2-LD!!2dNEk@1@Rp|C$MD9mH^)H*G*wI(i*Rc6Vvdik+BDycYQ*=0JA3dxxha|Zg zCIW1Ye-DdpMGTEwbA^6hVC<(@0FL4dkDOYcxxC5c%MJQ^)zpA%>>~Q|Y=@)XW!px; z_Fx+xOo7>sz4QX|Ef~igE+uFnzFWP<-#||*V0`0p7E*+n5+awuOWmvR{-M*chIXgo zYiZvQMond#{F8+4Zh_;>MsaZUuhp=onH@P!7W>sq|CWv|u}Wg0vo&f4UtmLzhCwwu zJaR=IO;sQxS}h(K>9VZjnED+>9rGgB3ks+AwTy_EYH{oc)mo`451n&YH%A1@WC{;1 z=fB6n zIYp46_&u`COM&Di?$P}pPAlAF*Ss<)2Xc?=@_2|EMO?(A1u!Vc=-%bDAP#zDiYQvJ z0}+}3GaLxsMIlh6?f=iRs0K=RyvMOcWl*xqe-IBLv?K{S^hP)@K|$I+h_)pdD9r~! zxhw2u66+F(E`&6hY}B_qe>wil|#*0R0B;<@E?L zVrhXKfwRg0l8r>LuNs1QqW&39ME0sOXe8zycivGVqUOjEWpU)h|9fwp@d(8=M-WxY zeazSz6x5e`k821fgylLIbdqx~Kdh^Oj`Q!4vc*Km)^Tr-qRxPHozdvvU^#xNsKVr6aw8={70&S4y*5xeoF@Q^y596*09`XF56-N z1=Rm5?-An178o?$ix}y7gizQ9gEmGHF5AW+92DYaOcwEHnjAr~!vI>CK%h`E_tO8L Yte!%o?r4GTrVtxD61Ym!|5fq-1K$0e!T1w z1SC8j)_dObefzK9b=~*c&wBRW>;B{VGKiBofK!FMN5oJBE0V;;!kWUz!jc1W?5KdY zyZ3mCBHprpchz-9{ASiJJh&&h1|4rdw6wxD2+9= z#6#}Uq8&^1F3wgvGFoNDo?bIeEQXpcuAR0-+w$JWoK-@yUal1M&~W_O)r+Rx;{@hWH5n^oQWR36GMYBDDZyPK4L@WVjRrF+XlSzi4X4!_!U%Uujl6LHQ#|l(sUU%{ zefYd8jnVYP91K}Qn-OmmSLYFK1h~_}RPS~>+Xdz%dpvpJ{ll!IKX=JN99qowqslbO zV3DmqPZ}6>KB!9>jEObpi$u5oGPfO3O5!o3N2Mn`ozpje<}1I1H)m2rJDcB7AwXc6 z6j)tnPiql7#)r+b+p9?MVahp&=qJ^$oG+a^C*);FoJ!+V*^W+|2Olx5{*&$bXth)U zejc7mU6cBp?^Rj|dd{GL-0eHRTBi6_yJ&GLP5kIncv^z{?=0AVy^5{S8_n=rtua!J zFGY=A(yV^ZhB}1J_y(F`3QTu+zkHlw;1GiFeP&pw0N1k%NShHlO(4W+(!wy5phcg4 zA-|}(lE_1@@e6y`veg;v7m;q%(PFG&K3#}eRhJioXUU0jg_8{kn$;KVwf;zpL2X_( zC*_R#5*PaBaY73(x*oZ}oE#HPLJQRQ7brNK=v!lsu==lSG1(&q>F)`adBT~d*lMS| z%!%7(p~<7kWNmpZ5-N31*e=8`kih|g5lVrI%2wnLF-2D+G4k6@FrYsJ_80AJ}KMRi>) z-kIeHp{maorNWkF81v0FKgB==_6blyaF$5GaW)B!i4v*jNk6r)vU6?G$0pV8(Y+UK z5lgRVt%;N_gWp)^osv=h+^07UY6+$4^#t=M3>0i0`{`aEkFLL#a)93uXhYO+aKTtu zckg2T9S&GKNtZmdAS^8PzvDva-%-K&g9eqPXQ4$dM^inr@6Zl z{!Cq&C_+V;g*{>!0cZP}?ogDb$#ZS=n@NHE{>k@84lOkl&$Bt2NF)W%GClViJq14_ zQIfa^q+0aq){}CO8j%g%R9|;G0uJuND*HO$2i&U_uW_a5xJ33~(Vy?;%6_(2_Cuq1 zLhThN@xH7-BaNtkKTn^taQHrs$<<)euc6z(dhps>SM;^Wx=7;O&IfNVJq3wk4<1VS z-`*7W4DR_i^W4=dRh>AXi~J$K>`UqP>CKVVH&+T(ODhRJZO7DScU$F7D)di-%^8?O z6)Ux`zdrVOe1GNkPo0FgrrxSu1AGQkJe@pqu}8LkBDm+V!N_1l}`tjLW8${rgDLv3m@E*#zappt-Mm zSC<$o+6UO~w0C=(0$&*y**@nKe_Q{|eAuD!(0YL0_a{z%+sdfSyP={Nyd$re6Rzbp zvsgTY7~VflX0^Vf7qqomYZ_$ryrFVV2$sFyzw2r%Q8*uYDA+)iQdfKms_5(>!s#!( z!P5S(N0i9CKQKaqg(U%Gk#V3*?)lO6dLv`8KB~F<-%VhbtL8Rl>mEz+PN=qx&t*|= zQHV=qG)YKlPk4iCyWIUGjC?kpeA>hIBK*A?B0)rB=RqAal#D%1C9yVQwBcz${#Jb5 zR{TRmMrOrJsLc&6x9qDo@FJ^=do_Y?3oU0G^nV5_EU&+DS+VA7Tp{^TAF>yZbyM3c zf*1CqHY9T|aL_lyY7c)i!_MtGPA!sdy3|mrsKVj1mi&>dms@-ozSa}OZ?2I*tAndg z@S7er$t^d^-;!wLQbG60nWd@1pQVD7tw-G_B#OscoYyremiZ_hj8*sXqQdchuD^!R zpXGuSj5psk+jR>3rWu3^`17>j&*^9^rWbszP=Mf@5KIEj%b=z98v=Ymp%$FYt>%Ld zm8})EDbNOJu9n)gwhz_RS``#Ag)fr)3<*?(!9O~mTQWeh;8c;0@o=iBLQNqx3d_2#W7S9#FXzr6VXfs>4 z;QXw}-STvK9_-7H=uqgal2{GkbjVLN+=D5ddd)4^WvX;(NYA*X*(JxTdiUzqVJopd zQg#~psX4o<)cF>r=rxP`(Xsf<+HG-pf&7aFPL8z|-&B*P?Vmsu5d>Nlg^2$WRY!S@#`g2{81;(1w#o5HsvN}5pFZi});>|VK^kL{Zkx~wgn ztlZp;HW`H8(GdRfIwc~?#N6}o#h158ohI*GIsK%56I_9sf2k_K@4vD!l{(dX9E7PJ;w>$|Y;-VBJSO4@){07bo-89^LZ9g<<%;dOl zyIq{s8`8Ltp*GDwu(l_Z$6sA2nam$BM$Q~6TpZg)w2TtW?G5whV(lRwaf$6EU86is zBP9Rs&vS_~sk?Nn_b}^HkM8LiO@>J}=g(T4hLmvH@5Jj#2aHa~K)lD9VB0k>$V2BP zgh;(=y9Op(KQ=H5vj+%qs>?s4tYN~-Q|fyQePA)s?HrF~;l!+@t8VMzqUpqMLudFT z)=o~s!MM4XkgbetIsODwtQ=FF$IcIp&!pjh6Q6{tL+l*7GQ%8Wsg(tC#qU3oW$~n) zL=>XIxI}Hi7HS0F_mmi+(c%1HDuKiWm>|6Xa}nW7ei55ggru9)xjBvC#JcEIN*#cp zv*ACvr=HTC?dX9NNo9Yhulu_gX5Z~}QQ2&QZ&C77{(>Y3_ z6j5Z1Uc5FtPEpS_31HsgmSLHZijGb_p$WlRJ1p^_1!ZLP8kr6OtCEK7Qh267o$H>e zf<4cNGQRk{g5h$XfvTFQ@`qm@iju83-~}ebAYpZryARHVR$AEt3229U{y@Fp4 z-8FBBtGG&(hTyUdx5ZOfiz`c=<0F%+w|Fl=rWk{K7>70k04SN?RU(^mrKSeKDqA!K^Hsv8C?#ioj4@WUL zC*?{hTai6q0%_oBTqDHygp_Kl;({sAScYQIwMDM1U>{x0ww zve?_}E;DG?+|zsUrsph5X_G7l#Y~vqkq3@NNDabbw7|`eJBmn`Qrlr%?`va=mm$Mc{+FBbQbogAZ6{MuzT|P%QZZotd21eb1hfj|;GYAX&>bx#D5EB+=XMj2XJkpnyMUykaVo) zj3ZLqEl1&)Rturc8m@+uUuD^vaNaSxGwP4dq0-OSb~62lPv8E_K4usLvG{Qg zdR%z8dd2H!{JaT|X_bfm{##*W$YM;_J8Y8&Z)*ImOAf4+| zEyi)qK%Ld1bHuqD+}-WiCnjszDeC-%8g+8JRpG1bOc!xUGB?@?6f~FTrI%U#5R~YF z%t5(S2Q>?0`(XNHa8xKdTEZ~Z4SJOheit#ldfdg63}#W6j8kO;SjQD`vftxS+#x1B zYu|5szEvkyz|}|B3x|DNlyi$;+n+cW$Hu+?)=X1!sa%{H-^;oBO9XACZJ}wkQ!sTa zQ#J3h|HX{{&WwIG3h7d6aWktuJaO)ie6&=KJBoX@w(rBWfin`*a6OmCC5M0HzL(gv zY<*e4hmW>SWVhxk-`UGOAbD%Hk+uu<^7zJ_ytVXamfqCd0$g+W08>?QAB}Cv{b}eM z@X}ILg+uT%>-6`A25p@uhS3%;u>ccSq}8|H_^o&`nBT5S0y z;2H0I^(4MO*S+(4l$gULc4KSeKvidto5Nl0P|%9CqQ*ikY!w_GUlo}sb9HYB=L^oFpJ zfTQskXW!LFVnUo4(OHPDaZSf3zB|3{RGu1>ueE$(+dr?tT zp!SGlqDU8vu{5xLWSvj+j$arHglg54#Lx&TvuO3LIIU>hF9Uoj&=-b*Q?uYr`#V?xz?2 zhirZrv^eA{k%{hFh%9LYVXEYWd5#PuUd1QqaqB*J!CMXEM>fEB$@#1>mtB`Bfil}t zhhTIObqh5HRvT+4q_Do$Q*Jika?qV=Np-DtPkU z(KoXyWLfPwr@UY1)hBAvR3nCBZgd|CevTG?H~HqDF}dzy%2sd2`f{^CBbTk*^K~RO zN~O0+2EjAJlywF%SjgYz810l&G5AqzI<=Ber{912^PpSPRJl3dm8W@dKHL}7_@k3)Y!SXYkyxQy>Q4I2o zr`ev7fLF$1t96h|sH<-#*YzGD-b^3$_!#wsh(Yw;)b@udLz9mm`mFYh z1Zz24KIQJ(*_-E0(3&1InqG;U?wF)GYd>DFo(em`#|UaaYmkA9;GTX7b?0@C@QkTVpGD#mf$dQoRNV=n{^Zi_W*ps;3?^$s`0;ER7;==~OmQ~9 zS5P=FjxE5%|;xq6h4@!_h?@|aK&FYI2IT(OHXv2%1 zWEo-v!L7x^YT(xLVHlpJttcwaF@1Y;-S*q3CRa!g7xdzl|Jan>2#dI0`LKl!T1GMk zRKe4|bQO&ET}Z^Aiym*HII>cSxIzl|F~JEUGxz;+DB=8fxXhnBI4R12q6ews$lA`Jfi}r@A@-)6TOAUMNYFYJ zZ-Zd?lxFTyjN3mXnL!%#>Z%$0gJ4*9g;e;@zSmQ{eGGDaRRNM3s@6!;hYuVc=c+3B z=qzNNS~n^EsJU4aOGE|mdy={C^lPKEfPL-IJAsTpQsDgZ@~s+eHZYmp9yb=YW_4r?lqQaYZQ`nau){W`LY#P)>i zq^wHEuOYs#FlPZeMuT@Etb@~A6feCebq`miJE3w+gAL%bVF_s*5e*@)?xmKSo%I3? zLELHVdWia$}~s6 zr!^LfxSSB4Td&9iTXrzQpl5ZDo#SdmNr;23QsPHQ!x!UT9xtb!Ycz^JF8x)%cFOXK z^EXw%dRz_VD}7?RU^4{)1+xFO=z!EI8IUa3U*rag=1BpHX$Xi<__kSbS{y_xa*MJv z_`thq0Z^sPzjAk48ssDQj}!$N8Q$XC84(bU$t_Bm69Jf+C!h_}ep zwzpQj9sRA94<{x3{~z&ix-DwX;RAzka)4-#6ZHJqKh|SVuO|>Yrv+m30+!|sK<-|E z=)5E->#y<_1V|T1f%Af!ZYqXg}`O zI$qKOWdnclF`%_Z`WGOe{`A`l-#a?s=Q1a#@BOWmExH2;Wl`OB!B-%lq3nO{4=WO& z#k_x|N&(qzm*6S{G*|GCegF2N2ulC+(58z2DG~yUs}i8zvRf&$CJCaexJ6Xu!`qz( z)*v8*kAE#D0KCo*s{8^Rbg=`*E2MzeIt0|x55%n-gO&yX#$l=3W7-_~&(G8j1E(XB hw}tl`5K!1C(72%nnjQrp<7@!WCh47rWB+@R{{wClNUHz< diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index be52383e..442d9132 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-6.7-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-6.8.3-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/gradlew b/gradlew index fbd7c515..4f906e0c 100755 --- a/gradlew +++ b/gradlew @@ -130,7 +130,7 @@ fi if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then APP_HOME=`cygpath --path --mixed "$APP_HOME"` CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` - + JAVACMD=`cygpath --unix "$JAVACMD"` # We build the pattern for arguments to be converted via cygpath diff --git a/gradlew.bat b/gradlew.bat index a9f778a7..ac1b06f9 100755 --- a/gradlew.bat +++ b/gradlew.bat @@ -40,7 +40,7 @@ if defined JAVA_HOME goto findJavaFromJavaHome set JAVA_EXE=java.exe %JAVA_EXE% -version >NUL 2>&1 -if "%ERRORLEVEL%" == "0" goto init +if "%ERRORLEVEL%" == "0" goto execute echo. echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. @@ -54,7 +54,7 @@ goto fail set JAVA_HOME=%JAVA_HOME:"=% set JAVA_EXE=%JAVA_HOME%/bin/java.exe -if exist "%JAVA_EXE%" goto init +if exist "%JAVA_EXE%" goto execute echo. echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% @@ -64,21 +64,6 @@ echo location of your Java installation. goto fail -:init -@rem Get command-line arguments, handling Windows variants - -if not "%OS%" == "Windows_NT" goto win9xME_args - -:win9xME_args -@rem Slurp the command line arguments. -set CMD_LINE_ARGS= -set _SKIP=2 - -:win9xME_args_slurp -if "x%~1" == "x" goto execute - -set CMD_LINE_ARGS=%* - :execute @rem Setup the command line @@ -86,7 +71,7 @@ set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar @rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* :end @rem End local scope for the variables with windows NT shell From 618655a9c1f8aecac69b0fbb3ddcabe313458e8a Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Wed, 21 Apr 2021 07:24:01 +0200 Subject: [PATCH 07/12] fix JwtAuthenticationTokenFilterTest --- .../ut/JwtAuthenticationTokenFilterTest.java | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/base/src/test/java/eu/fraho/spring/securityJwt/tests/ut/JwtAuthenticationTokenFilterTest.java b/base/src/test/java/eu/fraho/spring/securityJwt/tests/ut/JwtAuthenticationTokenFilterTest.java index 7c629619..fa3cc720 100644 --- a/base/src/test/java/eu/fraho/spring/securityJwt/tests/ut/JwtAuthenticationTokenFilterTest.java +++ b/base/src/test/java/eu/fraho/spring/securityJwt/tests/ut/JwtAuthenticationTokenFilterTest.java @@ -21,6 +21,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.lang.reflect.Method; import java.util.Optional; public class JwtAuthenticationTokenFilterTest { @@ -40,7 +41,7 @@ public void cleanSecurityContext() { } @Test - public void testRegularAuthentication() throws ServletException, IOException { + public void testRegularAuthentication() throws ServletException, IOException, ReflectiveOperationException { JwtTokenService service = getService(); Mockito.when(service.getAccessToken(Mockito.any())).thenReturn(Optional.of("foobar")); Mockito.when(service.parseUser(Mockito.any())).thenReturn(Optional.of(new JwtUser())); @@ -50,14 +51,16 @@ public void testRegularAuthentication() throws ServletException, IOException { HttpServletResponse response = Mockito.mock(HttpServletResponse.class); JwtAuthenticationTokenFilter instance = getNewInstance(service); - instance.doFilter(request, response, chain); + Method method = JwtAuthenticationTokenFilter.class.getDeclaredMethod("doFilterInternal", HttpServletRequest.class, HttpServletResponse.class, FilterChain.class); + method.setAccessible(true); + method.invoke(instance, request, response, chain); Mockito.verify(chain).doFilter(request, response); Assertions.assertNotNull(SecurityContextHolder.getContext().getAuthentication(), "Authentication failed"); } @Test - public void testNoTokenPresent() throws ServletException, IOException { + public void testNoTokenPresent() throws ServletException, IOException, ReflectiveOperationException { JwtTokenService service = getService(); Mockito.when(service.getAccessToken(Mockito.any())).thenReturn(Optional.empty()); @@ -66,14 +69,16 @@ public void testNoTokenPresent() throws ServletException, IOException { HttpServletResponse response = Mockito.mock(HttpServletResponse.class); JwtAuthenticationTokenFilter instance = getNewInstance(service); - instance.doFilter(request, response, chain); + Method method = JwtAuthenticationTokenFilter.class.getDeclaredMethod("doFilterInternal", HttpServletRequest.class, HttpServletResponse.class, FilterChain.class); + method.setAccessible(true); + method.invoke(instance, request, response, chain); Mockito.verify(chain).doFilter(request, response); Assertions.assertNull(SecurityContextHolder.getContext().getAuthentication(), "Authentication succeeded"); } @Test - public void testParseFailed() throws ServletException, IOException { + public void testParseFailed() throws ServletException, IOException, ReflectiveOperationException { JwtTokenService service = getService(); Mockito.when(service.getAccessToken(Mockito.any())).thenReturn(Optional.of("foobar")); Mockito.when(service.parseUser(Mockito.any())).thenReturn(Optional.empty()); @@ -83,7 +88,9 @@ public void testParseFailed() throws ServletException, IOException { HttpServletResponse response = Mockito.mock(HttpServletResponse.class); JwtAuthenticationTokenFilter instance = getNewInstance(service); - instance.doFilter(request, response, chain); + Method method = JwtAuthenticationTokenFilter.class.getDeclaredMethod("doFilterInternal", HttpServletRequest.class, HttpServletResponse.class, FilterChain.class); + method.setAccessible(true); + method.invoke(instance, request, response, chain); Mockito.verify(chain).doFilter(request, response); Assertions.assertNull(SecurityContextHolder.getContext().getAuthentication(), "Authentication succeeded"); From 1b6ea36045bd2b4d625c61b2d0776cace9b0c41f Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Thu, 6 May 2021 16:37:19 +0200 Subject: [PATCH 08/12] upgrade dependencies --- CHANGELOG.md | 2 +- gradle.properties | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 60a86668..131beed2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,7 @@ # Changelog ### [4.4.2] (unreleased) -* (none) so far +* (all) Dependencies upgraded to latest ### [4.4.1] (2020-11-08) * (all) Dependencies upgraded to latest diff --git a/gradle.properties b/gradle.properties index c617524d..d0f7079b 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,6 +1,5 @@ # plugins springBootVersion=2.2.0.RELEASE -springDependencyManagementPluginVersion=1.0.10.RELEASE lombokPluginVersion=5.3.3.3 testLoggerPluginVersion=3.0.0 versionsPluginVersion=0.38.0 @@ -13,8 +12,7 @@ jacocoVersion=0.8.5 jacksonVersion=2.12.3 jedisVersion=3.6.0 jupiterVersion=5.7.1 -lombokVersion=1.18.12 -nimbusJwtVersion=9.8.1 -openApiVersion=1.5.7 +nimbusJwtVersion=9.9.2 +openApiVersion=1.5.8 powerMockVersion=2.0.9 spyMemcachedVersion=2.12.3 From df11f9c06a0fc0e2413680e8cbd34a54ea8ef09e Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Thu, 6 May 2021 17:49:33 +0200 Subject: [PATCH 09/12] use spring dependency management gradle plugin --- build.gradle | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build.gradle b/build.gradle index 8e393328..9014e9ac 100644 --- a/build.gradle +++ b/build.gradle @@ -2,6 +2,7 @@ plugins { id 'io.freefair.lombok' version "$lombokPluginVersion" apply false id 'com.adarshr.test-logger' version "$testLoggerPluginVersion" apply false id 'com.github.ben-manes.versions' version "$versionsPluginVersion" + id 'org.springframework.boot' version "$springBootVersion" apply false } subprojects { @@ -9,6 +10,7 @@ subprojects { apply plugin: 'java-test-fixtures' apply plugin: 'io.freefair.lombok' apply plugin: 'com.adarshr.test-logger' + apply plugin: 'io.spring.dependency-management' repositories { mavenLocal() From 76b07448896feeb773ca39ef7f0286306fcf5d4a Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Thu, 6 May 2021 17:49:46 +0200 Subject: [PATCH 10/12] cleanup HibernateTokenStore --- .../service/HibernateTokenStore.java | 34 +++++++++---------- 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/hibernate/src/main/java/eu/fraho/spring/securityJwt/hibernate/service/HibernateTokenStore.java b/hibernate/src/main/java/eu/fraho/spring/securityJwt/hibernate/service/HibernateTokenStore.java index 0502a15f..00cd44a8 100644 --- a/hibernate/src/main/java/eu/fraho/spring/securityJwt/hibernate/service/HibernateTokenStore.java +++ b/hibernate/src/main/java/eu/fraho/spring/securityJwt/hibernate/service/HibernateTokenStore.java @@ -25,7 +25,12 @@ import javax.persistence.TypedQuery; import java.time.ZonedDateTime; import java.time.temporal.ChronoUnit; -import java.util.*; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Optional; import java.util.stream.Collectors; @SuppressWarnings({"SpringJavaAutowiredMembersInspection", "JpaQlInspection"}) @@ -44,8 +49,7 @@ public class HibernateTokenStore implements RefreshTokenStore { @SuppressWarnings("unchecked") public Optional useToken(String token) { // first load the token from the database - final TypedQuery queryLoad = entityManager.createQuery("SELECT o FROM RefreshTokenEntity o WHERE " + - "o.token = :token AND o.created >= :expiration", RefreshTokenEntity.class); + TypedQuery queryLoad = entityManager.createQuery("SELECT o FROM RefreshTokenEntity o WHERE o.token = :token AND o.created >= :expiration", RefreshTokenEntity.class); queryLoad.setParameter("token", token); setQueryExpiration(queryLoad); List loadResultList = queryLoad.getResultList(); @@ -57,7 +61,7 @@ public Optional useToken(String token) { Optional resultUser = Optional.ofNullable((T) userDetailsService.loadUserByUsername(refreshToken.getUsername())); if (resultUser.isPresent()) { - final Query query = entityManager.createQuery("DELETE FROM RefreshTokenEntity o WHERE o.id = :id"); + Query query = entityManager.createQuery("DELETE FROM RefreshTokenEntity o WHERE o.id = :id"); query.setParameter("id", refreshToken.getId()); if (query.executeUpdate() == 0) { @@ -72,8 +76,7 @@ public Optional useToken(String token) { @Override @Transactional(readOnly = true) public List listTokens(JwtUser user) { - final TypedQuery query = entityManager.createQuery("SELECT o FROM RefreshTokenEntity o WHERE " + - "o.userId = :userId AND o.created >= :expiration", RefreshTokenEntity.class); + TypedQuery query = entityManager.createQuery("SELECT o FROM RefreshTokenEntity o WHERE o.userId = :userId AND o.created >= :expiration", RefreshTokenEntity.class); query.setParameter("userId", user.getId()); setQueryExpiration(query); @@ -91,7 +94,7 @@ private int calculateExpiration(ZonedDateTime created) { } private void setQueryExpiration(Query query) { - final ZonedDateTime expiration = ZonedDateTime.now().minusSeconds(refreshProperties.getExpiration().toSeconds()); + ZonedDateTime expiration = ZonedDateTime.now().minusSeconds(refreshProperties.getExpiration().toSeconds()); query.setParameter("expiration", expiration); } @@ -109,12 +112,11 @@ public void saveToken(JwtUser user, String token) { @Override @Transactional(readOnly = true) public Map> listTokens() { - final TypedQuery query = entityManager.createQuery("SELECT o FROM RefreshTokenEntity o WHERE " + - "o.created >= :expiration", RefreshTokenEntity.class); + TypedQuery query = entityManager.createQuery("SELECT o FROM RefreshTokenEntity o WHERE o.created >= :expiration", RefreshTokenEntity.class); setQueryExpiration(query); - final List tokens = query.getResultList(); - final Map> result = new HashMap<>(); + List tokens = query.getResultList(); + Map> result = new HashMap<>(); tokens.forEach(e -> result.computeIfAbsent(e.getUserId(), s -> new ArrayList<>()) @@ -130,27 +132,23 @@ public Map> listTokens() { @Override @Transactional public boolean revokeToken(String token) { - final Query query = entityManager.createQuery("DELETE FROM RefreshTokenEntity o WHERE " + - "o.token = :token "); + Query query = entityManager.createQuery("DELETE FROM RefreshTokenEntity o WHERE o.token = :token "); query.setParameter("token", token); - return query.executeUpdate() != 0; } @Override @Transactional public int revokeTokens(JwtUser user) { - final Query query = entityManager.createQuery("DELETE FROM RefreshTokenEntity o WHERE " + - "o.userId = :userId"); + Query query = entityManager.createQuery("DELETE FROM RefreshTokenEntity o WHERE o.userId = :userId"); query.setParameter("userId", user.getId()); - return query.executeUpdate(); } @Override @Transactional public int revokeTokens() { - final Query query = entityManager.createQuery("DELETE FROM RefreshTokenEntity o"); + Query query = entityManager.createQuery("DELETE FROM RefreshTokenEntity o"); return query.executeUpdate(); } From ad595d089ee59ea76746d284922a1711cc06531c Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Thu, 6 May 2021 17:50:15 +0200 Subject: [PATCH 11/12] correctly setup security configuration, fixes #32 --- CHANGELOG.md | 1 + .../SecurityJwtBaseAutoConfiguration.java | 21 +++++++++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 131beed2..935bcc94 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ ### [4.4.2] (unreleased) * (all) Dependencies upgraded to latest +* (all) Fixes "Found WebSecurityConfigurerAdapter as well as SecurityFilterChain"-error (#32) ### [4.4.1] (2020-11-08) * (all) Dependencies upgraded to latest diff --git a/base-spring-boot-starter/src/main/java/eu/fraho/spring/securityJwt/base/starter/SecurityJwtBaseAutoConfiguration.java b/base-spring-boot-starter/src/main/java/eu/fraho/spring/securityJwt/base/starter/SecurityJwtBaseAutoConfiguration.java index 8f64b648..a9ef5286 100644 --- a/base-spring-boot-starter/src/main/java/eu/fraho/spring/securityJwt/base/starter/SecurityJwtBaseAutoConfiguration.java +++ b/base-spring-boot-starter/src/main/java/eu/fraho/spring/securityJwt/base/starter/SecurityJwtBaseAutoConfiguration.java @@ -7,15 +7,28 @@ package eu.fraho.spring.securityJwt.base.starter; import eu.fraho.spring.securityJwt.base.JwtAuthenticationEntryPoint; -import eu.fraho.spring.securityJwt.base.config.*; +import eu.fraho.spring.securityJwt.base.config.JwtSecurityConfig; +import eu.fraho.spring.securityJwt.base.config.RefreshCookieProperties; +import eu.fraho.spring.securityJwt.base.config.RefreshProperties; +import eu.fraho.spring.securityJwt.base.config.TokenCookieProperties; +import eu.fraho.spring.securityJwt.base.config.TokenHeaderProperties; +import eu.fraho.spring.securityJwt.base.config.TokenProperties; +import eu.fraho.spring.securityJwt.base.config.TotpProperties; import eu.fraho.spring.securityJwt.base.controller.LoginRestController; import eu.fraho.spring.securityJwt.base.controller.LogoutRestController; import eu.fraho.spring.securityJwt.base.dto.JwtUser; -import eu.fraho.spring.securityJwt.base.service.*; +import eu.fraho.spring.securityJwt.base.service.JwtTokenService; +import eu.fraho.spring.securityJwt.base.service.JwtTokenServiceImpl; +import eu.fraho.spring.securityJwt.base.service.LoginService; +import eu.fraho.spring.securityJwt.base.service.LoginServiceImpl; +import eu.fraho.spring.securityJwt.base.service.RefreshService; +import eu.fraho.spring.securityJwt.base.service.RefreshServiceImpl; +import eu.fraho.spring.securityJwt.base.service.TotpService; +import eu.fraho.spring.securityJwt.base.service.TotpServiceImpl; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.boot.autoconfigure.AutoConfigureAfter; +import org.springframework.boot.autoconfigure.AutoConfigureBefore; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration; @@ -31,7 +44,7 @@ import org.springframework.security.crypto.password.PasswordEncoder; @Configuration -@AutoConfigureAfter(SecurityAutoConfiguration.class) +@AutoConfigureBefore(SecurityAutoConfiguration.class) @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true) @Slf4j From 79b8f11caf92655cf6df17d42ec66d5894d68389 Mon Sep 17 00:00:00 2001 From: Simon Frankenberger Date: Thu, 6 May 2021 18:58:31 +0200 Subject: [PATCH 12/12] update versions to release --- CHANGELOG.md | 8 ++++++-- README.md | 14 +++++++------- files/README.md | 2 +- hibernate/README.md | 2 +- internal/README.md | 2 +- memcache/README.md | 2 +- redis/README.md | 2 +- version.txt | 2 +- 8 files changed, 19 insertions(+), 15 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 935bcc94..16405a08 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,9 @@ # Changelog -### [4.4.2] (unreleased) +### [unreleased] +* no changes yet + +### [4.4.2] (2021-05-06) * (all) Dependencies upgraded to latest * (all) Fixes "Found WebSecurityConfigurerAdapter as well as SecurityFilterChain"-error (#32) @@ -119,7 +122,8 @@ * Initial release to github and maven central -[4.4.2]: https://github.com/bratkartoffel/security-jwt/compare/4.4.1...develop +[unreleased]: https://github.com/bratkartoffel/security-jwt/compare/4.4.2...develop +[4.4.2]: https://github.com/bratkartoffel/security-jwt/compare/4.4.1...4.4.2 [4.4.1]: https://github.com/bratkartoffel/security-jwt/compare/4.4.0...4.4.1 [4.4.0]: https://github.com/bratkartoffel/security-jwt/compare/4.3.0...4.4.0 [4.3.0]: https://github.com/bratkartoffel/security-jwt/compare/4.2.0...4.3.0 diff --git a/README.md b/README.md index ea0dbfc3..fbb76af4 100644 --- a/README.md +++ b/README.md @@ -43,13 +43,13 @@ The default configuration should be sufficient for the most use cases. eu.fraho.spring security-jwt-base - 4.4.1 + 4.4.2 eu.fraho.spring security-jwt-base-spring-boot-starter - 4.4.1 + 4.4.2 ``` @@ -60,27 +60,27 @@ When you want to add refresh token support, then choose one of the following dep eu.fraho.spring security-jwt-internal - 4.4.1 + 4.4.2 eu.fraho.spring security-jwt-memcache - 4.4.1 + 4.4.2 eu.fraho.spring security-jwt-hibernate - 4.4.1 + 4.4.2 eu.fraho.spring security-jwt-redis - 4.4.1 + 4.4.2 eu.fraho.spring security-jwt-files - 4.4.1 + 4.4.2 ``` diff --git a/files/README.md b/files/README.md index 7b7bcec7..a7178543 100644 --- a/files/README.md +++ b/files/README.md @@ -7,7 +7,7 @@ This module adds support for storing refresh tokens within an simple json docume eu.fraho.spring security-jwt-files - 4.4.1 + 4.4.2 ``` diff --git a/hibernate/README.md b/hibernate/README.md index 37ad92f8..781364c8 100644 --- a/hibernate/README.md +++ b/hibernate/README.md @@ -13,7 +13,7 @@ for rows you have to regularly cleanup the token table, e.g. by using a cronjob. eu.fraho.spring security-jwt-hibernate - 4.4.1 + 4.4.2 ``` diff --git a/internal/README.md b/internal/README.md index c1a0fe49..f9d5e2c9 100644 --- a/internal/README.md +++ b/internal/README.md @@ -7,7 +7,7 @@ This module adds support for storing refresh tokens within an in-memory storage. eu.fraho.spring security-jwt-internal - 4.4.1 + 4.4.2 ``` diff --git a/memcache/README.md b/memcache/README.md index fa714615..5bb14949 100644 --- a/memcache/README.md +++ b/memcache/README.md @@ -9,7 +9,7 @@ Please note that the memcache-plugin needs an external memcached server. eu.fraho.spring security-jwt-memcache - 4.4.1 + 4.4.2 ``` diff --git a/redis/README.md b/redis/README.md index 681827dc..f1d96d4b 100644 --- a/redis/README.md +++ b/redis/README.md @@ -9,7 +9,7 @@ Please note that the redis-plugin needs an external redisd server. eu.fraho.spring security-jwt-redis - 4.4.1 + 4.4.2 ``` diff --git a/version.txt b/version.txt index 6be5f1e4..1d068c6e 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -4.4.2-SNAPSHOT +4.4.2