From f37f4e31b7985c86b637cf28c44afd291709d33a Mon Sep 17 00:00:00 2001 From: Maximilian Rehberger Date: Fri, 30 Aug 2024 14:11:16 +0200 Subject: [PATCH] issue-42851: port resteasy fix for sub-resources from resteasy/resteasy-microprofile PR #241 --- .mvn/maven.config | 1 - bom/application/pom.xml | 6 +- .../logging/LoggingResourceProcessor.java | 1 + .../NativeImageBuildContainerRunner.java | 2 +- .../pkg/steps/NativeImageBuildStep.java | 2 +- .../pkg/steps/UpxCompressionBuildStep.java | 2 +- .../steps/CompiledJavaVersionBuildStep.java | 82 +++++++------- .../discovery/DiscoveryConfigProperty.java | 43 ++++--- .../config/discovery/ParsedJavadoc.java | 4 +- .../discovery/ParsedJavadocSection.java | 6 +- .../config/discovery/ResolvedType.java | 6 +- .../JavadocToAsciidocTransformer.java | 22 +++- .../config/model/AbstractConfigItem.java | 20 +++- .../config/model/ConfigProperty.java | 6 +- .../config/model/ConfigRoot.java | 4 +- .../config/model/ConfigSection.java | 14 +-- .../config/model/Deprecation.java | 5 + .../config/model/JavadocElements.java | 2 +- .../config/model/SourceType.java | 7 ++ .../config/resolver/ConfigResolver.java | 37 +++--- .../scanner/AbstractConfigListener.java | 7 ++ .../AbstractJavadocConfigListener.java | 3 +- .../scanner/ConfigAnnotationScanner.java | 7 +- .../config/scanner/ConfigMappingListener.java | 11 +- .../scanner/JavadocConfigMappingListener.java | 6 +- .../JavadocLegacyConfigRootListener.java | 6 +- .../scanner/LegacyConfigRootListener.java | 11 +- .../config/util/JavadocUtil.java | 2 +- .../processor/util/ElementUtil.java | 28 +++++ .../io/quarkus/gradle/tasks/QuarkusDev.java | 2 +- .../gradle/tasks/QuarkusGradleUtils.java | 63 +++++------ .../io/quarkus/maven/CreateProjectMojo.java | 2 +- .../src/main/asciidoc/writing-extensions.adoc | 12 +- .../runtime/CodeAuthenticationMechanism.java | 17 ++- .../io/quarkus/oidc/runtime/OidcUtils.java | 3 +- .../deployment/tracing/TracerProcessor.java | 23 +++- .../runtime/tracing/TracerRecorder.java | 33 +++--- .../runtime/tracing/cdi/TracerProducer.java | 6 - .../QuarkusProxyInvocationHandler.java | 107 +++++++++++++++++- .../runtime/QuarkusRestClientBuilder.java | 16 +-- .../processor/JacksonSerializerFactory.java | 37 +++++- .../reactive/jackson/deployment/test/Cat.java | 4 + .../jackson/deployment/test/ContainerDTO.java | 4 + .../deployment/test/NestedInterface.java | 28 +++++ .../deployment/test/SimpleJsonResource.java | 6 + .../deployment/test/SimpleJsonTest.java | 17 ++- ...JsonWithReflectionFreeSerializersTest.java | 3 +- .../deployment/HttpRootPathBuildItem.java | 5 +- .../deployment/HttpRootPathBuildItemTest.java | 2 + independent-projects/bootstrap/pom.xml | 4 +- .../resteasy-reactive/pom.xml | 2 +- .../src/main/resources/application.properties | 2 +- .../io/quarkus/it/keycloak/CodeFlowTest.java | 39 ++++++- .../RabbitMQConnectorDynCredsTest.java | 2 +- pom.xml | 4 +- .../DefaultDockerContainerLauncher.java | 2 +- .../test/junit/IntegrationTestUtil.java | 2 +- 57 files changed, 548 insertions(+), 252 deletions(-) delete mode 100644 .mvn/maven.config create mode 100644 core/processor/src/main/java/io/quarkus/annotation/processor/documentation/config/model/Deprecation.java create mode 100644 core/processor/src/main/java/io/quarkus/annotation/processor/documentation/config/model/SourceType.java create mode 100644 extensions/resteasy-reactive/rest-jackson/deployment/src/test/java/io/quarkus/resteasy/reactive/jackson/deployment/test/ContainerDTO.java create mode 100644 extensions/resteasy-reactive/rest-jackson/deployment/src/test/java/io/quarkus/resteasy/reactive/jackson/deployment/test/NestedInterface.java diff --git a/.mvn/maven.config b/.mvn/maven.config deleted file mode 100644 index 0f4fa3c8a6eaee..00000000000000 --- a/.mvn/maven.config +++ /dev/null @@ -1 +0,0 @@ --Dmaven.multiModuleProjectDirectory=${session.rootDirectory} \ No newline at end of file diff --git a/bom/application/pom.xml b/bom/application/pom.xml index 870611dbc73347..9f4508ab51cf37 100644 --- a/bom/application/pom.xml +++ b/bom/application/pom.xml @@ -51,7 +51,7 @@ 2.1 2.0 3.1.1 - 2.5.0 + 2.6.0 3.9.1 4.1.0 4.0.0 @@ -95,7 +95,7 @@ 1.8.0 2.17.2 1.0.0.Final - 3.14.0 + 3.17.0 1.17.1 1.7.0 2.8 @@ -70,7 +70,7 @@ 1.26 2.0 3.5.1 - 2.5.0 + 2.6.0 1.5.2 8.9 0.0.10 diff --git a/independent-projects/resteasy-reactive/pom.xml b/independent-projects/resteasy-reactive/pom.xml index 36c412d48459c1..f953417f1f0b8c 100644 --- a/independent-projects/resteasy-reactive/pom.xml +++ b/independent-projects/resteasy-reactive/pom.xml @@ -57,7 +57,7 @@ 3.1.0 2.6.2 - 2.5.0 + 2.6.0 4.5.9 5.5.0 1.0.0.Final diff --git a/integration-tests/oidc-code-flow/src/main/resources/application.properties b/integration-tests/oidc-code-flow/src/main/resources/application.properties index 41372ae76857a7..273e767de65836 100644 --- a/integration-tests/oidc-code-flow/src/main/resources/application.properties +++ b/integration-tests/oidc-code-flow/src/main/resources/application.properties @@ -173,7 +173,7 @@ quarkus.oidc.tenant-split-tokens.token-state-manager.encryption-secret=eUk1p7UB3 quarkus.oidc.tenant-split-tokens.application-type=web-app quarkus.oidc.tenant-split-tokens.authentication.cookie-same-site=strict -quarkus.http.auth.permission.roles1.paths=/index.html +quarkus.http.auth.permission.roles1.paths=/index.html,/index.html;/checktterer quarkus.http.auth.permission.roles1.policy=authenticated quarkus.http.auth.permission.logout.paths=/tenant-logout diff --git a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java b/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java index 9629c61ce5dab8..a2f28e11d8593c 100644 --- a/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java +++ b/integration-tests/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/CodeFlowTest.java @@ -1081,6 +1081,29 @@ public void testAccessTokenInjection() throws IOException { } } + @Test + public void testInvalidPath() throws IOException { + try (final WebClient webClient = createWebClient()) { + HtmlPage page = webClient.getPage("http://localhost:8081/index.html;/checktterer"); + assertEquals("/index.html;/checktterer", getStateCookieSavedPath(webClient, null)); + + assertEquals("Sign in to quarkus", page.getTitleText()); + + HtmlForm loginForm = page.getForms().get(0); + + loginForm.getInputByName("username").setValueAttribute("alice"); + loginForm.getInputByName("password").setValueAttribute("alice"); + + try { + page = loginForm.getInputByName("login").click(); + } catch (FailingHttpStatusCodeException ex) { + assertEquals(404, ex.getStatusCode()); + } + + webClient.getCookieManager().clearCookies(); + } + } + @Test public void testAccessAndRefreshTokenInjection() throws IOException { try (final WebClient webClient = createWebClient()) { @@ -1386,8 +1409,8 @@ public void testAccessAndRefreshTokenInjectionWithoutIndexHtmlAndListenerMultiTa @Test public void testAccessAndRefreshTokenInjectionWithQuery() throws Exception { try (final WebClient webClient = createWebClient()) { - HtmlPage page = webClient.getPage("http://localhost:8081/web-app/refresh-query?a=aValue"); - assertEquals("/web-app/refresh-query?a=aValue", getStateCookieSavedPath(webClient, null)); + HtmlPage page = webClient.getPage("http://localhost:8081/web-app/refresh-query?a=aValue%"); + assertEquals("/web-app/refresh-query?a=aValue%25", getStateCookieSavedPath(webClient, null)); assertEquals("Sign in to quarkus", page.getTitleText()); @@ -1398,7 +1421,8 @@ public void testAccessAndRefreshTokenInjectionWithQuery() throws Exception { page = loginForm.getInputByName("login").click(); - assertEquals("RT injected:aValue", page.getBody().asNormalizedText()); + // Query parameters are decoded by the time they reach the JAX-RS endpoint + assertEquals("RT injected:aValue%", page.getBody().asNormalizedText()); webClient.getCookieManager().clearCookies(); } } @@ -1561,12 +1585,17 @@ private String getStateCookieStateParam(Cookie stateCookie) { private String getStateCookieSavedPath(WebClient webClient, String tenantId) { String[] parts = getStateCookie(webClient, tenantId).getValue().split("\\|"); - return parts.length == 2 ? parts[1] : null; + return parts.length == 2 ? getSavedPathFromJson(parts[1]) : null; } private String getStateCookieSavedPath(Cookie stateCookie) { String[] parts = stateCookie.getValue().split("\\|"); - return parts.length == 2 ? parts[1] : null; + return parts.length == 2 ? getSavedPathFromJson(parts[1]) : null; + } + + private String getSavedPathFromJson(String value) { + JsonObject json = new JsonObject(OidcUtils.base64UrlDecode(value)); + return json.getString(OidcUtils.STATE_COOKIE_RESTORE_PATH); } private Cookie getSessionCookie(WebClient webClient, String tenantId) { diff --git a/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java b/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java index eab9ad69c8765b..c05c6304c1242d 100644 --- a/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java +++ b/integration-tests/reactive-messaging-rabbitmq-dyn/src/test/java/io/quarkus/it/rabbitmq/RabbitMQConnectorDynCredsTest.java @@ -31,7 +31,7 @@ public static class RabbitMQResource implements QuarkusTestResourceLifecycleMana @Override public Map start() { String username = "tester"; - String password = RandomStringUtils.random(10); + String password = RandomStringUtils.insecure().next(10); rabbit = new RabbitMQContainer(DockerImageName.parse("rabbitmq:3.12-management")) .withNetwork(Network.SHARED) diff --git a/pom.xml b/pom.xml index 45f8b17982219e..1bdde83985a03e 100644 --- a/pom.xml +++ b/pom.xml @@ -77,7 +77,7 @@ 7.0.1.Final 2.4.0.Final 8.0.1.Final - 7.2.0.Final + 7.2.1.Final 1.65.1 @@ -183,7 +183,7 @@ io.quarkus.bot build-reporter-maven-extension - 3.9.1 + 3.9.2 diff --git a/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java b/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java index 533048d7959349..50295407fa505c 100644 --- a/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java +++ b/test-framework/common/src/main/java/io/quarkus/test/common/DefaultDockerContainerLauncher.java @@ -50,7 +50,7 @@ public class DefaultDockerContainerLauncher implements DockerContainerArtifactLa private Map labels; private final Map systemProps = new HashMap<>(); private boolean isSsl; - private final String containerName = "quarkus-integration-test-" + RandomStringUtils.random(5, true, false); + private final String containerName = "quarkus-integration-test-" + RandomStringUtils.insecure().next(5, true, false); private String containerRuntimeBinaryName; private final ExecutorService executorService = Executors.newSingleThreadExecutor(); private Optional entryPoint; diff --git a/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java b/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java index a29edfc4a04883..b44f78c962cf55 100644 --- a/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java +++ b/test-framework/junit5/src/main/java/io/quarkus/test/junit/IntegrationTestUtil.java @@ -319,7 +319,7 @@ public void accept(String s, String s2) { if (networkIdOpt.isPresent()) { networkId = networkIdOpt.get(); } else { - networkId = "quarkus-integration-test-" + RandomStringUtils.random(5, true, false); + networkId = "quarkus-integration-test-" + RandomStringUtils.insecure().next(5, true, false); manageNetwork = true; } }