Merge pull request #6248 from ORCID/migrationJava11_new

Migration java11 new
ORCID · Jun 8, 2021 · 997d5fa · 997d5fa
2 parents f6de658 + d6c6d15
commit 997d5fa
Show file tree

Hide file tree

Showing 109 changed files with 998 additions and 302 deletions.
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
@@ -10,14 +10,16 @@ on:
 jobs:
   build-and-test:
 
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
 
-    steps:
+    steps:    
     - uses: actions/checkout@v2
-    - name: Set up JDK 1.8
-      uses: actions/setup-java@v1
+    - name: Set up Open JDK 11
+      uses: actions/setup-java@v2
       with:
-        java-version: 1.8
+        distribution: 'adopt'
+        java-version: '11'
+        check-latest: true
     - name: Cache Maven packages
       uses: actions/cache@v2
       with:

diff --git a/orcid-activemq/pom.xml b/orcid-activemq/pom.xml
@@ -9,7 +9,7 @@
 		<groupId>org.orcid</groupId>
 		<artifactId>orcid-parent</artifactId>        
 		<relativePath>../pom.xml</relativePath>
-		<version>release-1.289.0</version>
+		<version>release-2.0.0</version>
 	</parent>
 
 	<properties>    	
@@ -38,6 +38,23 @@
 	    <version>5.13.3</version>
 	</dependency>
 
+	<!-- javax.xml -->
+    <dependency>
+    <groupId>jakarta.xml.bind</groupId>
+    <artifactId>jakarta.xml.bind-api</artifactId>
+    <version>2.3.3</version>
+</dependency>
+<dependency>
+<groupId>com.sun.xml.bind</groupId>
+<artifactId>jaxb-impl</artifactId>
+<version>2.3.3</version>
+</dependency>
+	<dependency>
+         <groupId>javax.annotation</groupId>
+         <artifactId>javax.annotation-api</artifactId>
+         <version>1.3.2</version>
+    </dependency>
+
      <!-- Test dependencies -->
     <dependency>
         <groupId>org.orcid</groupId>

diff --git a/orcid-api-common/pom.xml b/orcid-api-common/pom.xml
@@ -8,7 +8,7 @@
 		<groupId>org.orcid</groupId>
 		<artifactId>orcid-parent</artifactId>        
 		<relativePath>../pom.xml</relativePath>
-		<version>release-1.289.0</version>
+		<version>release-2.0.0</version>
 	</parent>
 
 	<properties>
@@ -92,9 +92,9 @@
             <artifactId>validation-api</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.hibernate</groupId>
-            <artifactId>hibernate-validator</artifactId>
-        </dependency>
+			  <groupId>org.hibernate</groupId>
+			  <artifactId>hibernate-agroal</artifactId>
+		</dependency>
         <dependency>
             <groupId>org.apache.jena</groupId>
             <artifactId>jena-arq</artifactId>

diff --git a/...mon/src/main/java/org/orcid/api/common/exception/OrcidOAuth2AuthenticationEntryPoint.java b/...mon/src/main/java/org/orcid/api/common/exception/OrcidOAuth2AuthenticationEntryPoint.java
@@ -53,7 +53,7 @@ public void handle(HttpServletRequest request, HttpServletResponse response, Acc
     public void handleAsOrcidError(HttpServletRequest request, HttpServletResponse response, Exception authException) throws IOException, ServletException {
         try {
             ResponseEntity<OAuth2Exception> result = exceptionTranslator.translate(authException);
-            result = enhanceResponse(result, authException);
+            result = (ResponseEntity<OAuth2Exception>) enhanceResponse(result, authException);
             OrcidError orcidError = new OrcidError();
             orcidError.setResponseCode(result.getStatusCode().value());
             orcidError.setDeveloperMessage(result.getBody().getLocalizedMessage());

diff --git a/...mon/src/main/java/org/orcid/api/common/security/oauth/OrcidOauth2TokenEndPointFilter.java b/...mon/src/main/java/org/orcid/api/common/security/oauth/OrcidOauth2TokenEndPointFilter.java
@@ -63,7 +63,7 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
         }
 
         clientId = clientId.trim();
-        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, clientSecret);
+        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, "{noop}"+clientSecret);
 
         authentication = this.getAuthenticationManager().authenticate(authRequest);
 

diff --git a/...n/src/main/java/org/orcid/api/common/security/oauth/OrcidT1Oauth2TokenEndPointFilter.java b/...n/src/main/java/org/orcid/api/common/security/oauth/OrcidT1Oauth2TokenEndPointFilter.java
@@ -59,7 +59,7 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
         }
 
         clientId = clientId.trim();
-        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, clientSecret);
+        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, "{noop}"+clientSecret);
 
         Authentication authenticationResult = this.getAuthenticationManager().authenticate(authRequest);
         if (authenticationResult != null) {

diff --git a/.../src/main/java/org/orcid/api/common/security/oauth/OrcidWebOauth2TokenEndPointFilter.java b/.../src/main/java/org/orcid/api/common/security/oauth/OrcidWebOauth2TokenEndPointFilter.java
@@ -60,9 +60,9 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
         }
 
         clientId = clientId.trim();
-        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, clientSecret);
-
-        return this.getAuthenticationManager().authenticate(authRequest);
+        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, "{noop}"+clientSecret);
+        authentication = this.getAuthenticationManager().authenticate(authRequest);
+        return authentication;
     }
 
 }
diff --git a/...i-common/src/main/java/org/orcid/api/common/security/oauth/RevokeTokenEndpointFilter.java b/...i-common/src/main/java/org/orcid/api/common/security/oauth/RevokeTokenEndpointFilter.java
@@ -45,7 +45,7 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
                 clientSecret = "";
             }
 
-            UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, clientSecret);
+            UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, "{noop}"+clientSecret);
 
             try {
                 Authentication auth = clientAuthenticationProvider.authenticate(authRequest);    

diff --git a/orcid-api-web/pom.xml b/orcid-api-web/pom.xml
@@ -8,7 +8,7 @@
 	<parent>
 		<groupId>org.orcid</groupId>
 		<artifactId>orcid-parent</artifactId>
-		<version>release-1.289.0</version>
+		<version>release-2.0.0</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 

diff --git a/orcid-api-web/src/main/resources/orcid-api-security-context.xml b/orcid-api-web/src/main/resources/orcid-api-security-context.xml
@@ -4,7 +4,7 @@
        xmlns:sec="http://www.springframework.org/schema/security"
        xmlns:oauth2="http://www.springframework.org/schema/security/oauth2"
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
-       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-5.3.xsd
        http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd">
 
 	<import resource="classpath*:orcid-oauth2-common-config.xml"/>

diff --git a/orcid-api-web/src/main/webapp/WEB-INF/web.xml b/orcid-api-web/src/main/webapp/WEB-INF/web.xml
@@ -12,10 +12,7 @@
     <listener>
         <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
     </listener>
-
-    <listener>
-        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-    </listener>
+
 
     <!-- Tell Spring where to find the context file -->
     <context-param>

diff --git a/orcid-core/pom.xml b/orcid-core/pom.xml
@@ -7,7 +7,7 @@
     <parent>
         <groupId>org.orcid</groupId>
         <artifactId>orcid-parent</artifactId>
-        <version>release-1.289.0</version>
+        <version>release-2.0.0</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
@@ -176,6 +176,7 @@
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>javax.servlet-api</artifactId>
+            <scope>compile</scope>
         </dependency>
         <dependency>
             <groupId>net.sf.opencsv</groupId>
@@ -296,8 +297,14 @@
 			<artifactId>commons-net</artifactId>
 			<version>3.6</version>
 		</dependency>
+
+		<dependency>
+    <groupId>javax.jms</groupId>
+    <artifactId>javax.jms-api</artifactId>
+    <version>2.0.1</version>
+</dependency>
+
 
-        <!-- Test dependencies -->
 
     </dependencies>
 </project>
diff --git a/orcid-core/src/main/java/org/orcid/core/manager/impl/EncryptionManagerImpl.java b/orcid-core/src/main/java/org/orcid/core/manager/impl/EncryptionManagerImpl.java
@@ -16,9 +16,9 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Required;
-import org.springframework.security.authentication.encoding.PasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 
-public class EncryptionManagerImpl implements EncryptionManager, PasswordEncoder, InitializingBean {
+public class EncryptionManagerImpl implements EncryptionManager,PasswordEncoder, InitializingBean  {
 
     private String passPhraseForInternalEncryption;
 
@@ -166,8 +166,8 @@ public String decryptForLegacyExternalUse(String stringToDecrypt) {
      * @return encoded password
      */
     @Override
-    public String encodePassword(String rawPass, Object salt) {
-        return hashForInternalUse(rawPass);
+    public String encode(CharSequence rawPass) {
+        return hashForInternalUse(rawPass.toString());
     }
 
     /**
@@ -195,7 +195,6 @@ public String encodePassword(String rawPass, Object salt) {
      *            password before encoding. A <code>null</code> value is legal.
      * @return true if the password is valid , false otherwise
      */
-    @Override
     public boolean isPasswordValid(String encPass, String rawPass, Object salt) {
         LOGGER.debug("About to start password check");
         StopWatch stopWatch = new StopWatch();
@@ -224,5 +223,16 @@ public String getEmailHash(String email) {
         } catch(NoSuchAlgorithmException nsae) {
             throw new RuntimeException(nsae);
         }
-    } 
+    }
+
+	@Override
+	public boolean matches(CharSequence rawPass, String encPass) {
+	        LOGGER.debug("About to start password check");
+	        StopWatch stopWatch = new StopWatch();
+	        stopWatch.start();
+	        boolean result = hashMatches(rawPass.toString(), encPass);
+	        stopWatch.stop();
+	        LOGGER.debug("Password check took {} ms", stopWatch.getTime());
+	        return result;
+	    } 
 }
diff --git a/orcid-core/src/main/java/org/orcid/core/oauth/OrcidMultiSecretAuthenticationProvider.java b/orcid-core/src/main/java/org/orcid/core/oauth/OrcidMultiSecretAuthenticationProvider.java
@@ -11,6 +11,7 @@
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 
 /**
  * 
@@ -35,9 +36,13 @@ protected void additionalAuthenticationChecks(UserDetails userDetails, UsernameP
         }
 
         String presentedPassword = authentication.getCredentials().toString();
+
         ClientDetailsEntity clientDetailsEntity = clientDetailsManager.findByClientId(userDetails.getUsername());
         for (ClientSecretEntity clientSecretEntity : clientDetailsEntity.getClientSecrets()) {
-            if (getPasswordEncoder().isPasswordValid(encryptionManager.decryptForInternalUse(clientSecretEntity.getClientSecret()), presentedPassword, null)) {
+            if(!presentedPassword.startsWith("{noop}")){
+                presentedPassword = "{noop}" + presentedPassword;
+            }
+            if (getPasswordEncoder().matches(encryptionManager.decryptForInternalUse(clientSecretEntity.getClientSecret()), presentedPassword)) {
                 return;
             }
         }

diff --git a/orcid-core/src/main/java/org/orcid/core/web/filters/FilterServletOutputStream.java b/orcid-core/src/main/java/org/orcid/core/web/filters/FilterServletOutputStream.java
@@ -5,6 +5,7 @@
 import java.io.OutputStream;
 
 import javax.servlet.ServletOutputStream;
+import javax.servlet.WriteListener;
 
 /**
  * Extends ServletOutputStream for JsonpCallbackFilter 
@@ -32,4 +33,16 @@ public void write(byte[] b, int off, int len) throws IOException {
         stream.write(b, off, len);
     }
 
+    //TODO:Cami Do we need to overwrite those 2 methods and change the OutputStream to ServletOutputStream ?
+    @Override
+    public boolean isReady() {
+        //do nothing
+        return true;
+    }
+
+    @Override
+    public void setWriteListener(WriteListener writeListener) {
+        //do nothing  
+    }
+
 }
diff --git a/orcid-core/src/test/java/org/orcid/core/oauth/OrcidRefreshTokenTokenGranterTest.java b/orcid-core/src/test/java/org/orcid/core/oauth/OrcidRefreshTokenTokenGranterTest.java
@@ -413,7 +413,7 @@ public void tryToCreateRefreshTokenWithInvalidParentTokenValueTest() {
         String tokenValue = "parent-token-" + time;
         String refreshTokenValue = "refresh-token-" + time;
         Boolean revokeOld = true;
-        Date parentTokenExpiration = new Date(time + 10000);
+        Date parentTokenExpiration = new Date(time + 15000);
         Long expireIn = null;
 
         OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, parentScope);

diff --git a/orcid-integration-test/pom.xml b/orcid-integration-test/pom.xml
@@ -8,7 +8,7 @@
     <parent>
         <groupId>org.orcid</groupId>
         <artifactId>orcid-parent</artifactId>
-        <version>release-1.289.0</version>
+        <version>release-2.0.0</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/orcid-internal-api/pom.xml b/orcid-internal-api/pom.xml
@@ -9,7 +9,7 @@
 		<groupId>org.orcid</groupId>
 		<artifactId>orcid-parent</artifactId>
 		<relativePath>../pom.xml</relativePath>
-		<version>release-1.289.0</version>		
+		<version>release-2.0.0</version>		
 	</parent>
 
 	<properties>

diff --git a/orcid-internal-api/src/main/resources/orcid-internal-api-security-context.xml b/orcid-internal-api/src/main/resources/orcid-internal-api-security-context.xml
@@ -4,7 +4,7 @@
        xmlns:sec="http://www.springframework.org/schema/security"
        xmlns:oauth2="http://www.springframework.org/schema/security/oauth2"
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
-       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-5.3.xsd
        http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd">
 
 	<sec:http pattern="/resources/**" security="none"/>		

diff --git a/orcid-internal-api/src/main/webapp/WEB-INF/web.xml b/orcid-internal-api/src/main/webapp/WEB-INF/web.xml
@@ -13,10 +13,6 @@
         <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
     </listener>
 
-    <listener>
-        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-    </listener>
-
     <!-- Tell Spring where to find the context file -->
     <context-param>
         <param-name>contextConfigLocation</param-name>