Merge pull request #406 from Consdata/IKC-424

IKC-424 Update backend dependencies
Consdata · Jan 22, 2025 · 0b342f7 · 0b342f7
2 parents 3a3952a + 4e8af8c
commit 0b342f7
Show file tree

Hide file tree

Showing 42 changed files with 312 additions and 294 deletions.
diff --git a/.mvn/wrapper/maven-wrapper.properties b/.mvn/wrapper/maven-wrapper.properties
@@ -1,2 +1,2 @@
-distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.1/apache-maven-3.6.1-bin.zip
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip
 wrapperUrl=https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.5/maven-wrapper-0.5.5.jar
diff --git a/kouncil-backend/pom.xml b/kouncil-backend/pom.xml
@@ -13,7 +13,7 @@
     </parent>
 
     <properties>
-        <confluent.version>7.2.3</confluent.version>
+        <confluent.version>7.7.1</confluent.version>
         <springdoc-openapi-ui.version>1.8.0</springdoc-openapi-ui.version>
         <swagger-annotations.version>2.2.6</swagger-annotations.version>
         <testcontainers.version>1.17.6</testcontainers.version>
@@ -160,6 +160,10 @@
             <artifactId>postgresql</artifactId>
             <version>${postgresql.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.flywaydb</groupId>
+            <artifactId>flyway-database-postgresql</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.flywaydb</groupId>
             <artifactId>flyway-core</artifactId>

diff --git a/kouncil-backend/src/main/java/com/consdata/kouncil/KafkaConnectionService.java b/kouncil-backend/src/main/java/com/consdata/kouncil/KafkaConnectionService.java
@@ -38,7 +38,7 @@ public KafkaConnectionService(KouncilConfiguration kouncilConfiguration) {
 
     public KafkaTemplate<Bytes, Bytes> getKafkaTemplate(String serverId) {
         return kafkaTemplates.computeIfAbsent(serverId, k -> {
-            Map<String, Object> props = kouncilConfiguration.getKafkaProperties(serverId).buildProducerProperties();
+            Map<String, Object> props = kouncilConfiguration.getKafkaProperties(serverId).buildProducerProperties(null);
             String serverByClusterId = this.kouncilConfiguration.getServerByClusterId(serverId);
 
             props.put(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, serverByClusterId);
@@ -54,7 +54,7 @@ public KafkaTemplate<Bytes, Bytes> getKafkaTemplate(String serverId) {
 
     public AdminClient getAdminClient(String serverId) {
         return adminClients.computeIfAbsent(serverId, k -> {
-            Map<String, Object> props = kouncilConfiguration.getKafkaProperties(serverId).buildAdminProperties();
+            Map<String, Object> props = kouncilConfiguration.getKafkaProperties(serverId).buildAdminProperties(null);
             String serverByClusterId = this.kouncilConfiguration.getServerByClusterId(serverId);
             props.put(AdminClientConfig.BOOTSTRAP_SERVERS_CONFIG, serverByClusterId);
             props.put(AdminClientConfig.RECONNECT_BACKOFF_MS_CONFIG, RECONNECT_BACKOFF_MS_CONFIG_CONSTANT_VALUE);
@@ -87,7 +87,7 @@ private void addJAASProperties(Map<String, Object> props, String serverByCluster
 
     //we cannot cache this ever
     public KafkaConsumer<Bytes, Bytes> getKafkaConsumer(String serverId, int limit) {
-        Map<String, Object> props = kouncilConfiguration.getKafkaProperties(serverId).buildConsumerProperties();
+        Map<String, Object> props = kouncilConfiguration.getKafkaProperties(serverId).buildConsumerProperties(null);
         String serverByClusterId = this.kouncilConfiguration.getServerByClusterId(serverId);
 
         props.put(ConsumerConfig.BOOTSTRAP_SERVERS_CONFIG, serverByClusterId);

diff --git a/kouncil-backend/src/main/java/com/consdata/kouncil/broker/BrokersController.java b/kouncil-backend/src/main/java/com/consdata/kouncil/broker/BrokersController.java
@@ -5,14 +5,14 @@
 import com.consdata.kouncil.config.BrokerConfig;
 import com.consdata.kouncil.config.KouncilConfiguration;
 import com.consdata.kouncil.logging.EntryExitLogger;
+import jakarta.annotation.security.RolesAllowed;
 import com.consdata.kouncil.model.admin.SystemFunctionNameConstants;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
-import javax.annotation.security.RolesAllowed;
 import javax.management.MalformedObjectNameException;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;

diff --git a/kouncil-backend/src/main/java/com/consdata/kouncil/clusters/ClusterController.java b/kouncil-backend/src/main/java/com/consdata/kouncil/clusters/ClusterController.java
@@ -2,7 +2,7 @@
 
 import com.consdata.kouncil.clusters.dto.ClusterDto;
 import com.consdata.kouncil.model.admin.SystemFunctionNameConstants;
-import javax.annotation.security.RolesAllowed;
+import jakarta.annotation.security.RolesAllowed;
 import lombok.AllArgsConstructor;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;

diff --git a/kouncil-backend/src/main/java/com/consdata/kouncil/clusters/ClustersController.java b/kouncil-backend/src/main/java/com/consdata/kouncil/clusters/ClustersController.java
@@ -2,7 +2,7 @@
 
 import com.consdata.kouncil.clusters.dto.ClustersDto;
 import com.consdata.kouncil.model.admin.SystemFunctionNameConstants;
-import javax.annotation.security.RolesAllowed;
+import jakarta.annotation.security.RolesAllowed;
 import lombok.AllArgsConstructor;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;

diff --git a/kouncil-backend/src/main/java/com/consdata/kouncil/config/KouncilConfiguration.java b/kouncil-backend/src/main/java/com/consdata/kouncil/config/KouncilConfiguration.java
@@ -4,6 +4,7 @@
 import com.consdata.kouncil.clusters.ClustersService;
 import com.consdata.kouncil.clusters.converter.ClusterConfigConverter;
 import com.consdata.kouncil.clusters.dto.ClustersDto;
+import jakarta.annotation.PostConstruct;
 import java.io.IOException;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
@@ -17,11 +18,10 @@
 import java.util.UUID;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
-import javax.annotation.PostConstruct;
 import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.boot.actuate.trace.http.HttpTraceRepository;
-import org.springframework.boot.actuate.trace.http.InMemoryHttpTraceRepository;
+import org.springframework.boot.actuate.web.exchanges.HttpExchangeRepository;
+import org.springframework.boot.actuate.web.exchanges.InMemoryHttpExchangeRepository;
 import org.springframework.boot.autoconfigure.kafka.KafkaProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.DependsOn;
@@ -112,8 +112,8 @@ private void generateInstallationId() {
     }
 
     @Bean
-    public HttpTraceRepository httpTraceRepository() {
-        return new InMemoryHttpTraceRepository();
+    public HttpExchangeRepository httpTraceRepository() {
+        return new InMemoryHttpExchangeRepository();
     }
 
     @Bean("fixedThreadPool")

diff --git a/...cil-backend/src/main/java/com/consdata/kouncil/config/KouncilConfigurationController.java b/...cil-backend/src/main/java/com/consdata/kouncil/config/KouncilConfigurationController.java
@@ -3,9 +3,9 @@
 import com.consdata.kouncil.KouncilRuntimeException;
 import com.consdata.kouncil.logging.EntryExitLogger;
 import com.consdata.kouncil.model.admin.SystemFunctionNameConstants;
+import jakarta.annotation.security.RolesAllowed;
 import java.util.Map;
 import java.util.stream.Collectors;
-import javax.annotation.security.RolesAllowed;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.GetMapping;

diff --git a/kouncil-backend/src/main/java/com/consdata/kouncil/config/cluster/ClusterConfigReader.java b/kouncil-backend/src/main/java/com/consdata/kouncil/config/cluster/ClusterConfigReader.java
@@ -20,6 +20,7 @@
 import com.consdata.kouncil.model.schemaregistry.SchemaRegistrySecurityConfig;
 import com.consdata.kouncil.model.schemaregistry.SchemaSecurityProtocol;
 import com.consdata.kouncil.model.schemaregistry.StoreType;
+import jakarta.annotation.PostConstruct;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.HashSet;
@@ -28,7 +29,6 @@
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import java.util.stream.StreamSupport;
-import javax.annotation.PostConstruct;
 import lombok.Data;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;

diff --git a/...il-backend/src/main/java/com/consdata/kouncil/config/security/UserGroupsConfigReader.java b/...il-backend/src/main/java/com/consdata/kouncil/config/security/UserGroupsConfigReader.java
@@ -6,6 +6,7 @@
 import com.consdata.kouncil.security.KouncilRole;
 import com.consdata.kouncil.security.function.SystemFunctionsRepository;
 import com.consdata.kouncil.security.group.UserGroupRepository;
+import jakarta.annotation.PostConstruct;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.EnumMap;
@@ -16,7 +17,6 @@
 import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.StreamSupport;
-import javax.annotation.PostConstruct;
 import lombok.Data;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;

diff --git a/...c/main/java/com/consdata/kouncil/config/security/ad/ActiveDirectoryWebSecurityConfig.java b/...c/main/java/com/consdata/kouncil/config/security/ad/ActiveDirectoryWebSecurityConfig.java
@@ -19,6 +19,7 @@
 import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
@@ -35,8 +36,11 @@ public class ActiveDirectoryWebSecurityConfig {
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
-                .csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
-                .cors().configurationSource(request -> {
+                .csrf(csrf -> csrf
+                        .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+                        .csrfTokenRequestHandler(new CsrfTokenRequestAttributeHandler())
+                )
+                .cors(cors -> cors.configurationSource(request -> {
                     CorsConfiguration configuration = new CorsConfiguration();
                     configuration.setAllowedOrigins(List.of("*"));
                     configuration.setAllowedMethods(List.of("*"));
@@ -45,11 +49,11 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
                     source.registerCorsConfiguration("/**", configuration);
                     return configuration;
-                })
-                .and()
-                .authorizeRequests()
-                .antMatchers("/api/info/version", "/api/login", "/api/activeProvider", "/api/context-path", "/*", "/assets/**").permitAll()
-                .anyRequest().authenticated();
+                }))
+                .authorizeHttpRequests(authorize -> authorize
+                        .requestMatchers("/api/info/version", "/api/login", "/api/activeProvider", "/api/context-path", "/*", "/assets/**").permitAll()
+                        .anyRequest().authenticated()
+                );
         return http.build();
     }
 
@@ -59,7 +63,7 @@ GrantedAuthorityDefaults grantedAuthorityDefaults() {
     }
 
     @Bean
-    public DefaultUserPermissionsReloader userPermissionsReloader(){
+    public DefaultUserPermissionsReloader userPermissionsReloader() {
         return new DefaultUserPermissionsReloader(eventSender);
     }
 

diff --git a/...rc/main/java/com/consdata/kouncil/config/security/inmemory/InMemoryWebSecurityConfig.java b/...rc/main/java/com/consdata/kouncil/config/security/inmemory/InMemoryWebSecurityConfig.java
@@ -34,7 +34,7 @@
 import org.springframework.context.annotation.DependsOn;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.core.GrantedAuthorityDefaults;
@@ -45,6 +45,7 @@
 import org.springframework.security.provisioning.UserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
@@ -53,7 +54,7 @@
 @Slf4j
 @RequiredArgsConstructor
 @ConditionalOnProperty(prefix = "kouncil.auth", name = "active-provider", havingValue = "inmemory")
-@EnableGlobalMethodSecurity(jsr250Enabled = true, securedEnabled = true, prePostEnabled = true)
+@EnableMethodSecurity(jsr250Enabled = true, securedEnabled = true)
 @DependsOn({"userGroupsConfigReader"})
 public class InMemoryWebSecurityConfig {
 
@@ -62,8 +63,11 @@ public class InMemoryWebSecurityConfig {
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
-                .csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
-                .cors().configurationSource(request -> {
+                .csrf(csrf -> csrf
+                        .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+                        .csrfTokenRequestHandler(new CsrfTokenRequestAttributeHandler())
+                )
+                .cors(cors -> cors.configurationSource(request -> {
                     CorsConfiguration configuration = new CorsConfiguration();
                     configuration.setAllowedOrigins(List.of("*"));
                     configuration.setAllowedMethods(List.of("*"));
@@ -72,12 +76,12 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
                     source.registerCorsConfiguration("/**", configuration);
                     return configuration;
-                })
-                .and()
-                .authorizeRequests()
-                .antMatchers("/api/info/version", "/api/firstTimeLogin", "/api/login", "/api/activeProvider", "/api/context-path","/*", "/assets/**")
-                .permitAll()
-                .anyRequest().authenticated();
+                }))
+                .authorizeHttpRequests(authorize -> authorize
+                        .requestMatchers("/api/info/version", "/api/firstTimeLogin", "/api/login", "/api/activeProvider", "/api/context-path", "/*",
+                                "/assets/**").permitAll()
+                        .anyRequest().authenticated()
+                );
         return http.build();
     }
 

diff --git a/...ackend/src/main/java/com/consdata/kouncil/config/security/ldap/LdapWebSecurityConfig.java b/...ackend/src/main/java/com/consdata/kouncil/config/security/ldap/LdapWebSecurityConfig.java
@@ -23,6 +23,7 @@
 import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
@@ -39,8 +40,11 @@ public class LdapWebSecurityConfig {
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
-                .csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
-                .cors().configurationSource(request -> {
+                .csrf(csrf -> csrf
+                        .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+                        .csrfTokenRequestHandler(new CsrfTokenRequestAttributeHandler())
+                )
+                .cors(cors -> cors.configurationSource(request -> {
                     CorsConfiguration configuration = new CorsConfiguration();
                     configuration.setAllowedOrigins(List.of("*"));
                     configuration.setAllowedMethods(List.of("*"));
@@ -49,11 +53,11 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
                     source.registerCorsConfiguration("/**", configuration);
                     return configuration;
-                })
-                .and()
-                .authorizeRequests()
-                .antMatchers("/api/info/version", "/api/login", "/api/activeProvider", "/api/context-path", "/*", "/assets/**").permitAll()
-                .anyRequest().authenticated();
+                }))
+                .authorizeHttpRequests(authorize -> authorize
+                        .requestMatchers("/api/info/version", "/api/login", "/api/activeProvider", "/api/context-path", "/*", "/assets/**").permitAll()
+                        .anyRequest().authenticated()
+                );
         return http.build();
     }
 
@@ -69,7 +73,7 @@ public AuthenticationManager authenticationManager(HttpSecurity http) throws Exc
     }
 
     @Bean
-    public DefaultUserPermissionsReloader userPermissionsReloader(){
+    public DefaultUserPermissionsReloader userPermissionsReloader() {
         return new DefaultUserPermissionsReloader(eventSender);
     }
 

diff --git a/...ackend/src/main/java/com/consdata/kouncil/config/security/sso/InMemoryAuthRepository.java b/...ackend/src/main/java/com/consdata/kouncil/config/security/sso/InMemoryAuthRepository.java
@@ -1,9 +1,9 @@
 package com.consdata.kouncil.config.security.sso;
 
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.util.HashMap;
 import java.util.Map;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
@@ -15,7 +15,7 @@ public class InMemoryAuthRepository implements AuthorizationRequestRepository<OA
     public OAuth2AuthorizationRequest loadAuthorizationRequest(HttpServletRequest request) {
         String state = request.getParameter("state");
         if (state != null) {
-            return removeAuthorizationRequest(request);
+            return removeAuthorizationRequest(request, null);
         }
         return null;
     }
@@ -27,7 +27,7 @@ public void saveAuthorizationRequest(OAuth2AuthorizationRequest authorizationReq
     }
 
     @Override
-    public OAuth2AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request) {
+    public OAuth2AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request, HttpServletResponse response) {
         String state = request.getParameter("state");
         if (state != null) {
             return cache.remove(state);