Upgrade to Spring Boot 3

italiangrid · Feb 24, 2025 · 527410b · 527410b
1 parent bcba7ce
commit 527410b
Show file tree

Hide file tree

Showing 133 changed files with 1,132 additions and 1,083 deletions.
diff --git a/compose/.env b/compose/.env
@@ -6,4 +6,4 @@ WEBDAV_IMAGE_TAG=latest
 TS_IMAGE=indigoiam/robot-framework
 TS_IMAGE_TAG=latest
 NGINX_IMAGE=baltig.infn.it:4567/cnafsd/ngx_http_voms_module/nginx-httpg-voms
-NGINX_IMAGE_TAG=latest
+NGINX_IMAGE_TAG=dc82caa1
diff --git a/doc/external-sessions.md b/doc/external-sessions.md
@@ -17,9 +17,10 @@ spring:
   session:
     store-type: redis
 
-  redis:
-    host: redis.host.example
-    port: 6379
+  data:
+    redis:
+      host: redis.host.example
+      port: 6379
 
 management:
   health:
@@ -30,4 +31,4 @@ management:
 For other redis connection configuration options, see the [Spring boot reference guide][spring-boot-reference].
 
 [redis]: https://redis.io/
-[spring-boot-reference]: https://docs.spring.io/spring-boot/docs/2.2.9.RELEASE/reference/htmlsingle/#data-properties
+[spring-boot-reference]: https://docs.spring.io/spring-boot/appendix/application-properties/index.html#appendix.application-properties.data
diff --git a/pom.xml b/pom.xml
@@ -11,53 +11,45 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <!-- Keep this aligned with the spring.boot-version property below! -->
-    <version>2.7.18</version>
+    <version>3.4.3</version>
     <relativePath />
   </parent>
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 
-    <plugin.compiler.version>3.8.0</plugin.compiler.version>
-
-    <plugin.jar.version>2.4</plugin.jar.version>
-    <plugin.assembly.version>2.4</plugin.assembly.version>
-    <plugin.shade.version>2.3</plugin.shade.version>
     <plugin.license.version>1.9.0</plugin.license.version>
-    <plugin.jacoco.version>0.8.8</plugin.jacoco.version>
+    <plugin.jacoco.version>0.8.12</plugin.jacoco.version>
 
     <java.version>17</java.version>
 
-    <!-- Keep this aligned with the parent project version! -->
-    <spring-boot.version>2.7.18</spring-boot.version>
-    <spring-security.version>5.8.15</spring-security.version>
-
     <!-- Sonarcloud.io properties -->
     <sonar.projectKey>italiangrid_storm-webdav</sonar.projectKey>
     <sonar.organization>italiangrid</sonar.organization>
     <sonar.host.url>https://sonarcloud.io</sonar.host.url>
 
     <voms-api-java.version>3.3.3</voms-api-java.version>
-    <milton.version>2.8.0.3</milton.version>
+    <milton.version>4.0.4.2305</milton.version>
+
+    <commons-csv.version>1.9.0</commons-csv.version>
+    <jimfs.version>1.3.0</jimfs.version>
 
-    <commons-lang.version>2.3</commons-lang.version>
-    <commons-cli.version>1.2</commons-cli.version>
-    <commons-csv.version>1.0</commons-csv.version>
-    <jimfs.version>1.1</jimfs.version>
+    <metrics.version>4.2.30</metrics.version>
+    <http-server.version>11.0.24</http-server.version>
+    <httpclient5.version>5.4.2</httpclient5.version>
 
-    <http-core.version>4.2.2</http-core.version>
-    <http-client.version>4.2.1</http-client.version>
+    <logback-access.version>2.0.6</logback-access.version>
 
-    <guava.version>32.0.0-jre</guava.version>
+    <guava.version>33.4.0-jre</guava.version>
 
-    <owner-config.version>1.0.5.1</owner-config.version>
+    <owner-config.version>1.0.12</owner-config.version>
 
-    <spring-security-oauth2.version>2.3.3.RELEASE</spring-security-oauth2.version>
     <nimbus-jose-jwt.version>6.0.2</nimbus-jose-jwt.version>
-    <mock-server.version>5.5.1</mock-server.version>
+    <mock-server.version>5.15.0</mock-server.version>
 
+    <!-- Fixed to 3.1.2 due to https://github.com/thymeleaf/thymeleaf/issues/1027, remove this property after the issue is fixed -->
+    <thymeleaf.version>3.1.2.RELEASE</thymeleaf.version>
   </properties>
 
   <build>
@@ -77,8 +69,8 @@
       </plugin>
 
       <plugin>
-        <groupId>pl.project13.maven</groupId>
-        <artifactId>git-commit-id-plugin</artifactId>
+        <groupId>io.github.git-commit-id</groupId>
+        <artifactId>git-commit-id-maven-plugin</artifactId>
       </plugin>
 
       <plugin>
@@ -313,11 +305,13 @@
     <dependency>
       <groupId>io.dropwizard.metrics</groupId>
       <artifactId>metrics-core</artifactId>
+      <version>${metrics.version}</version>
     </dependency>
 
     <dependency>
       <groupId>io.dropwizard.metrics</groupId>
-      <artifactId>metrics-jetty9</artifactId>
+      <artifactId>metrics-jetty12</artifactId>
+      <version>${metrics.version}</version>
       <exclusions>
         <exclusion>
           <groupId>org.eclipse.jetty</groupId>
@@ -328,12 +322,20 @@
 
     <dependency>
       <groupId>io.dropwizard.metrics</groupId>
-      <artifactId>metrics-servlets</artifactId>
+      <artifactId>metrics-jetty12-ee10</artifactId>
+      <version>${metrics.version}</version>
+    </dependency>
+
+    <dependency>
+      <groupId>io.dropwizard.metrics</groupId>
+      <artifactId>metrics-jakarta-servlets</artifactId>
+      <version>${metrics.version}</version>
     </dependency>
 
     <dependency>
       <groupId>org.eclipse.jetty.http2</groupId>
       <artifactId>http2-server</artifactId>
+      <version>${http-server.version}</version>
     </dependency>
 
     <dependency>
@@ -358,23 +360,15 @@
     </dependency>
 
     <dependency>
-      <groupId>ch.qos.logback</groupId>
-      <artifactId>logback-access</artifactId>
-    </dependency>
-
-    <dependency>
-      <groupId>ch.qos.logback</groupId>
-      <artifactId>logback-core</artifactId>
+      <groupId>ch.qos.logback.access</groupId>
+      <artifactId>logback-access-jetty12</artifactId>
+      <version>${logback-access.version}</version>
     </dependency>
 
     <dependency>
-      <groupId>ch.qos.logback</groupId>
-      <artifactId>logback-classic</artifactId>
-    </dependency>
-
-    <dependency>
-      <groupId>org.apache.httpcomponents</groupId>
-      <artifactId>httpclient</artifactId>
+      <groupId>org.apache.httpcomponents.client5</groupId>
+      <artifactId>httpclient5</artifactId>
+      <version>${httpclient5.version}</version>
       <exclusions>
         <exclusion>
           <groupId>commons-logging</groupId>
@@ -388,12 +382,6 @@
       <artifactId>jetty-rewrite</artifactId>
     </dependency>
 
-    <dependency>
-      <groupId>commons-lang</groupId>
-      <artifactId>commons-lang</artifactId>
-      <version>${commons-lang.version}</version>
-    </dependency>
-
     <dependency>
       <groupId>org.apache.commons</groupId>
       <artifactId>commons-csv</artifactId>
@@ -431,12 +419,6 @@
       <version>${milton.version}</version>
     </dependency>
 
-    <dependency>
-      <groupId>commons-cli</groupId>
-      <artifactId>commons-cli</artifactId>
-      <version>${commons-cli.version}</version>
-    </dependency>
-
     <dependency>
       <groupId>org.mockito</groupId>
       <artifactId>mockito-core</artifactId>

diff --git a/robot/test/partial_transfer.robot b/robot/test/partial_transfer.robot
@@ -30,14 +30,14 @@ Partial Get works
     [Tags]  voms  get
     [Setup]  Setup file  partial_works  test123456789
     ${url}  DAVS URL  partial_works
-    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: 0-3"
+    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: bytes=0-3"
     Should Contain  ${out}  test
     Should Not Contain  ${out}  123456789
     Should Contain  ${out}  Content-Length: 4
-    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: 4-7"
+    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: bytes=4-7"
     Should Contain  ${out}  1234
     Should Contain  ${out}  Content-Length: 4
-    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: 9-12"
+    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: bytes=9-12"
     Should Contain  ${out}  6789
     Should Contain  ${out}  Content-Length: 4
     [Teardown]  Teardown file  partial_works
@@ -46,7 +46,7 @@ Partial Get with multiple range
     [Tags]  voms  get
     [Setup]  Setup file  partial_works  test123456789
     ${url}  DAVS URL  partial_works
-    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: 1-3,5-7,10-11"
+    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: bytes=1-3,5-7,10-11"
     Should Contain  ${out}  Content-Range: bytes 1-3/13
     Should Contain  ${out}  est
     Should Contain  ${out}  Content-Range: bytes 5-7/13
@@ -59,7 +59,7 @@ Partial Get not entirely on range
     [Tags]  voms  get
     [Setup]  Setup file  partial_works  test123456789
     ${url}  DAVS URL  partial_works
-    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: 11-13"
+    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: bytes=11-13"
     Should Contain  ${out}  Content-Range: bytes 11-12/13
     Should Contain  ${out}  89
     Should Contain  ${out}  Content-Length: 2
@@ -69,15 +69,15 @@ Partial Get out of range
     [Tags]  voms  get
     [Setup]  Setup file  partial_works  test123456789
     ${url}  DAVS URL  partial_works
-    ${rc}  ${out}  Curl Voms Get Failure   ${url}  ${curl.opts.default} -H "Range: 20-24"
+    ${rc}  ${out}  Curl Voms Get Failure   ${url}  ${curl.opts.default} -H "Range: bytes=20-24"
     Should Match Regexp  ${out}  416 Requested Range Not Satisfiable|416 Range Not Satisfiable
     [Teardown]  Teardown file  partial_works
 
 Partial Get out in one of multiple range
     [Tags]  voms  get
     [Setup]  Setup file  partial_works  test123456789
     ${url}  DAVS URL  partial_works
-    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: 1-3,20-24"
+    ${rc}  ${out}  Curl Voms Get Success   ${url}  ${curl.opts.default} -H "Range: bytes=1-3,20-24"
     Should Contain  ${out}  Content-Range: bytes 1-3/13
     Should Contain  ${out}  est
     Should Contain  ${out}  Content-Length: 3
@@ -90,4 +90,4 @@ Partial Put works
     ${dest}  DAVS Url  pput_test
     ${rc}  ${out}  Curl Voms Put Success  ${TEMPDIR}/pput0_test  ${dest}  
     ${rc}  ${out}  Curl Voms Put Success  ${TEMPDIR}/pput1_test  ${dest}  ${opts}
-    [Teardown]  Partial Put Teardown
+    [Teardown]  Partial Put Teardown
diff --git a/robot/test/propfind.robot b/robot/test/propfind.robot
@@ -22,7 +22,7 @@ Get PROPFIND PROPNAME body
   [Return]  ${output}
 
 Get PROPFIND PROP body  [Arguments]  ${propname}
-  ${output}  Set variable  "<?xml version='1.0' encoding='utf-8' ?><D:propfind xmlns:D='DAV:'><D:prop><D:${propname}/><prop/></D:propfind>"
+  ${output}  Set variable  "<?xml version='1.0' encoding='utf-8' ?><D:propfind xmlns:D='DAV:'><D:prop/><D:${propname}/></D:propfind>"
   [Return]  ${output}
 
 
@@ -71,4 +71,4 @@ Propfind status property works
     ${body}  Get PROPFIND PROP body  status
     ${rc}  ${out}  Curl Voms PROPFIND  ${url}  ${body}
     Should Contain  ${out}  <d:status>HTTP/1.1 200 OK</d:status>
-    [Teardown]   Teardown file  propfind_works
+    [Teardown]   Teardown file  propfind_works
diff --git a/src/main/java/org/italiangrid/storm/webdav/authn/AuthenticationUtils.java b/src/main/java/org/italiangrid/storm/webdav/authn/AuthenticationUtils.java
@@ -32,8 +32,7 @@ private AuthenticationUtils() {
   public static String getPalatableSubject(Authentication authn) {
     if (authn == null || authn instanceof AnonymousAuthenticationToken) {
       return "Anonymous user";
-    } else if (authn instanceof OAuth2AuthenticationToken) {
-      OAuth2AuthenticationToken authToken = (OAuth2AuthenticationToken) authn;
+    } else if (authn instanceof OAuth2AuthenticationToken authToken) {
       Map<String, Object> attributes = authToken.getPrincipal().getAttributes();
 
       String subjectIssuer = String.format("%s @ %s", attributes.get("sub"), attributes.get("iss"));
@@ -46,8 +45,7 @@ public static String getPalatableSubject(Authentication authn) {
 
     } else if (authn instanceof PreAuthenticatedAuthenticationToken) {
       return authn.getName();
-    } else if (authn instanceof JwtAuthenticationToken) {
-      JwtAuthenticationToken jwtToken = (JwtAuthenticationToken) authn;
+    } else if (authn instanceof JwtAuthenticationToken jwtToken) {
       return String.format("%s @ %s", jwtToken.getToken().getSubject(),
           jwtToken.getToken().getIssuer());
     } else {

diff --git a/src/main/java/org/italiangrid/storm/webdav/authn/ErrorPageAuthenticationEntryPoint.java b/src/main/java/org/italiangrid/storm/webdav/authn/ErrorPageAuthenticationEntryPoint.java
@@ -19,10 +19,10 @@
 import java.util.LinkedHashMap;
 import java.util.Map;
 
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.RequestDispatcher;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 import org.springframework.http.HttpStatus;
 import org.springframework.security.core.AuthenticationException;
@@ -46,8 +46,8 @@ public void commence(HttpServletRequest request, HttpServletResponse response,
 
     response.setStatus(status.value());
 
-    if (authException instanceof OAuth2AuthenticationException) {
-      OAuth2Error error = ((OAuth2AuthenticationException) authException).getError();
+    if (authException instanceof OAuth2AuthenticationException oAuth2AuthenticationException) {
+      OAuth2Error error = oAuth2AuthenticationException.getError();
 
       parameters.put("error", error.getErrorCode());
 
@@ -59,14 +59,12 @@ public void commence(HttpServletRequest request, HttpServletResponse response,
         parameters.put("error_uri", error.getUri());
       }
 
-      if (error instanceof BearerTokenError) {
-        BearerTokenError bearerTokenError = (BearerTokenError) error;
-
+      if (error instanceof BearerTokenError bearerTokenError) {
         if (StringUtils.hasText(bearerTokenError.getScope())) {
           parameters.put("scope", bearerTokenError.getScope());
         }
 
-        status = ((BearerTokenError) error).getHttpStatus();
+        status = bearerTokenError.getHttpStatus();
         response.setStatus(status.value());
       }
     } else {

diff --git a/src/main/java/org/italiangrid/storm/webdav/authn/PrincipalHelper.java b/src/main/java/org/italiangrid/storm/webdav/authn/PrincipalHelper.java
@@ -44,14 +44,12 @@ public PrincipalHelper(ServiceConfigurationProperties config) throws MalformedUR
   public String getPrincipalAsString(Authentication authn) {
     if (authn == null || authn instanceof AnonymousAuthenticationToken) {
       return ANONYMOUS;
-    } else if (authn instanceof OAuth2AuthenticationToken) {
-      OAuth2AuthenticationToken authToken = (OAuth2AuthenticationToken) authn;
+    } else if (authn instanceof OAuth2AuthenticationToken authToken) {
       Map<String, Object> attributes = authToken.getPrincipal().getAttributes();
       return String.format("%s@%s", attributes.get("sub"), attributes.get("iss"));
     } else if (authn instanceof PreAuthenticatedAuthenticationToken) {
       return authn.getName();
-    } else if (authn instanceof JwtAuthenticationToken) {
-      JwtAuthenticationToken jwtToken = (JwtAuthenticationToken) authn;
+    } else if (authn instanceof JwtAuthenticationToken jwtToken) {
       if (localAuthzServerIssuer.isPresent()
           && localAuthzServerIssuer.get().equals(jwtToken.getToken().getIssuer())) {
         return jwtToken.getToken().getSubject();

diff --git a/src/main/java/org/italiangrid/storm/webdav/authz/Utils.java b/src/main/java/org/italiangrid/storm/webdav/authz/Utils.java
@@ -19,13 +19,13 @@
 import java.util.Optional;
 
 import javax.security.auth.x500.X500Principal;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 import eu.emi.security.authn.x509.proxy.ProxyUtils;
 
 public class Utils {
 
-  public static final String X509_CERT_REQ_ATTR = "javax.servlet.request.X509Certificate";
+  public static final String X509_CERT_REQ_ATTR = "jakarta.servlet.request.X509Certificate";
 
   private Utils() {
 

diff --git a/src/main/java/org/italiangrid/storm/webdav/authz/VOMSAuthenticationDetails.java b/src/main/java/org/italiangrid/storm/webdav/authz/VOMSAuthenticationDetails.java
@@ -18,17 +18,17 @@
 import java.util.Collection;
 import java.util.List;
 
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.italiangrid.voms.VOMSAttribute;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails;
 
 public class VOMSAuthenticationDetails
     extends PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails {
-  
+
   private static final long serialVersionUID = 1L;
-    
+
   // Transient here is due to the fact that VOMSAttributesImpl is not serializable!
   final transient List<VOMSAttribute> vomsAttributes;