Merge pull request #119 from cyberark/fix-missing-dependencies

Disable dependency reduced pom and release v3.0.5

CHANGELOG.md

@@ -6,11 +6,19 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+## [3.0.5] - 2023-06-08
+
+### Fixed
+- Fix dependency information stripped from non-shaded jar
+  [cyberark/conjur-api-java#119](https://github.com/cyberark/conjur-api-java/issues/119)
+
 ### Security
 - Update nginx to 1.24 in Dockerfile.nginx
   [cyberark/conjur-api-java#118](https://github.com/cyberark/conjur-api-java/issues/118)
 
 ### Changed
+- Migrate JAX-RS to latest Jakarta version
+  [cyberark/conjur-api-java#119](https://github.com/cyberark/conjur-api-java/issues/119)
 - Avoid calling `login` for host
   [cyberark/conjur-api-java#117](https://github.com/cyberark/conjur-api-java/pull/117)
 
@@ -101,7 +109,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Authn tokens now use the new Conjur 5 format - [PR #21](https://github.com/cyberark/conjur-api-java/pull/21)
 - Configuration change. When using environment variables, use `CONJUR_AUTHN_LOGIN` and `CONJUR_AUTHN_API_KEY` now instead of `CONJUR_CREDENTIALS` - https://github.com/cyberark/conjur-api-java/commit/60344308fc48cb5380c626e612b91e1e720c03fb
 
-[Unreleased]: https://github.com/cyberark/conjur-api-java/compare/v3.0.4...HEAD
+[Unreleased]: https://github.com/cyberark/conjur-api-java/compare/v3.0.5...HEAD
+[3.0.5]: https://github.com/cyberark/conjur-api-java/compare/v3.0.4...v3.0.5
 [3.0.4]: https://github.com/cyberark/conjur-api-java/compare/v3.0.3...v3.0.4
 [3.0.3]: https://github.com/cyberark/conjur-api-java/compare/v3.0.2...v3.0.3
 [3.0.2]: https://github.com/cyberark/conjur-api-java/compare/v3.0.1...v3.0.2

README.md

@@ -85,7 +85,7 @@ To do so from the source using Maven, following the setup steps below:
     <dependency>
       <groupId>com.cyberark.conjur.api</groupId>
       <artifactId>conjur-api</artifactId>
-      <version>3.0.4</version>
+      <version>3.0.5</version>
     </dependency>
 ```
 
@@ -637,7 +637,7 @@ to work around this:
 If you don't properly install the Conjur certificate into the Java keystore, you may encounter
 the folowing errors:
 - `org.apache.cxf.interceptor.Fault: Could not send Message.`
-- `javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException`
+- `jakarta.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException`
 - `javax.net.ssl.SSLHandshakeException: SSLHandshakeException`
 - `javax.net.ssl.SSLHandshakeException: PKIX path building failed`
 - `sun.security.validator.ValidatorException: PKIX path building failed`

bin/build.sh

@@ -3,5 +3,5 @@ set -eo pipefail
 
 docker run --rm \
   -v "$PWD:/cyberark/conjur-java-api" \
-  -w /cyberark/conjur-java-api maven:3-jdk-8 \
+  -w /cyberark/conjur-java-api maven:3-jdk-11 \
   /bin/bash -ec "mvn -X -e clean package -Dmaven.test.skip=true"

bin/deploy-release.sh

@@ -18,7 +18,7 @@ docker run --rm \
   -v "$PWD:/cyberark/conjur-java-api" \
   -v "$GPG_PASSWORD:/gpg_password" \
   -v "$GPG_PRIVATE_KEY:/gpg_key" \
-  -w /cyberark/conjur-java-api maven:3-jdk-8 \
+  -w /cyberark/conjur-java-api maven:3-jdk-11 \
   /bin/bash -ec "gpg --batch --passphrase-file /gpg_password --trust-model always --import /gpg_key
                 mvn versions:set -DnewVersion=${TAG}
                 mvn --settings settings.xml clean deploy -Dmaven.test.skip=true -P ossrh,sign

bin/deploy-snapshot.sh

@@ -13,6 +13,6 @@ docker run --rm \
   -v "$PWD:/cyberark/conjur-java-api" \
   -v "$GPG_PASSWORD:/gpg_password" \
   -v "$GPG_PRIVATE_KEY:/gpg_key" \
-  -w /cyberark/conjur-java-api maven:3-jdk-8 \
+  -w /cyberark/conjur-java-api maven:3-jdk-11 \
   /bin/bash -ec "gpg --batch --passphrase-file /gpg_password --trust-model always --import /gpg_key
                  mvn --settings settings.xml clean deploy -Dmaven.test.skip=true -P ossrh,sign"

pom.xml

@@ -5,7 +5,7 @@
   <artifactId>conjur-api</artifactId>
   <!-- Only bump version number,
   SNAPSHOT is automatically removed during release deployments -->
-  <version>3.0.4-SNAPSHOT</version>
+  <version>3.0.5-SNAPSHOT</version>
   <packaging>jar</packaging>
 
   <name>Conjur</name>
@@ -144,23 +144,34 @@
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-      <jaxrs.version>2.0</jaxrs.version>
     </properties>
     <dependencies>
-      <!--
-        JAXRS Implementation
-        You can change any of this, for example if you use Jersey 2.0 or a different implementation
-        (codehaus has one, I think).
-      -->
+
+      <!-- JAXRS Implementation -->
+      <dependency>
+        <groupId>jakarta.ws.rs</groupId>
+        <artifactId>jakarta.ws.rs-api</artifactId>
+        <version>3.1.0</version>
+      </dependency>
+      <dependency>
+        <groupId>jakarta.activation</groupId>
+        <artifactId>jakarta.activation-api</artifactId>
+        <version>2.1.2</version>
+      </dependency>
+      <dependency>
+        <groupId>org.glassfish.jersey.core</groupId>
+        <artifactId>jersey-client</artifactId>
+        <version>3.1.2</version>
+      </dependency>
       <dependency>
-        <groupId>javax.ws.rs</groupId>
-        <artifactId>javax.ws.rs-api</artifactId>
-        <version>${jaxrs.version}</version>
+        <groupId>org.glassfish.jersey.inject</groupId>
+        <artifactId>jersey-hk2</artifactId>
+        <version>3.1.2</version>
       </dependency>
       <dependency>
-        <groupId>org.apache.cxf</groupId>
-        <artifactId>cxf-rt-rs-client</artifactId>
-        <version>3.5.5</version>
+        <groupId>org.glassfish.jersey.media</groupId>
+        <artifactId>jersey-media-json-binding</artifactId>
+        <version>3.1.2</version>
       </dependency>
 
       <!-- JSON support -->
@@ -254,6 +265,7 @@
                   <goal>shade</goal>
                 </goals>
                 <configuration>
+                  <createDependencyReducedPom>false</createDependencyReducedPom>
                   <shadedClassifierName>with-dependencies</shadedClassifierName>
                   <shadedArtifactAttached>true</shadedArtifactAttached>
                   <transformers>

src/main/java/com/cyberark/conjur/api/clients/AuthnClient.java

@@ -3,12 +3,12 @@
 import static com.cyberark.conjur.util.EncodeUriComponent.encodeUriComponent;
 
 import javax.net.ssl.SSLContext;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.client.Client;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.client.Entity;
-import javax.ws.rs.client.WebTarget;
-import javax.ws.rs.core.Response;
+import jakarta.ws.rs.WebApplicationException;
+import jakarta.ws.rs.client.Client;
+import jakarta.ws.rs.client.ClientBuilder;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.client.WebTarget;
+import jakarta.ws.rs.core.Response;
 
 import com.cyberark.conjur.api.AuthnProvider;
 import com.cyberark.conjur.api.Credentials;
@@ -80,8 +80,11 @@ public String login(){
 
     private void init(final String username, final String password, final SSLContext sslContext) {
         final ClientBuilder builder = ClientBuilder.newBuilder()
-                .register(new HttpBasicAuthFilter(username, password))
-                .sslContext(sslContext);
+                .register(new HttpBasicAuthFilter(username, password));
+
+        if(sslContext != null) {
+            builder.sslContext(sslContext);
+        }
 
         Client client = builder.build();
         WebTarget root = client.target(endpoints.getAuthnUri());

src/main/java/com/cyberark/conjur/api/clients/ResourceClient.java

@@ -1,12 +1,12 @@
 package com.cyberark.conjur.api.clients;
 
 import javax.net.ssl.SSLContext;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.client.Client;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.client.Entity;
-import javax.ws.rs.client.WebTarget;
-import javax.ws.rs.core.Response;
+import jakarta.ws.rs.WebApplicationException;
+import jakarta.ws.rs.client.Client;
+import jakarta.ws.rs.client.ClientBuilder;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.client.WebTarget;
+import jakarta.ws.rs.core.Response;
 
 import com.cyberark.conjur.api.Credentials;
 import com.cyberark.conjur.api.Endpoints;
@@ -79,8 +79,12 @@ private Endpoints getEndpoints() {
 
     private void init(Credentials credentials, SSLContext sslContext){
         ClientBuilder builder = ClientBuilder.newBuilder()
-                .register(new TokenAuthFilter(new AuthnClient(credentials, endpoints, sslContext)))
-                .sslContext(sslContext);
+                .register(new TokenAuthFilter(new AuthnClient(credentials, endpoints, sslContext)));
+
+
+        if(sslContext != null) {
+            builder.sslContext(sslContext);
+        }
 
         Client client = builder.build();
 
@@ -89,8 +93,11 @@ private void init(Credentials credentials, SSLContext sslContext){
 
     private void init(Token token, SSLContext sslContext){
         ClientBuilder builder = ClientBuilder.newBuilder()
-                .register(new TokenAuthFilter(new AuthnTokenClient(token)))
-                .sslContext(sslContext);
+                .register(new TokenAuthFilter(new AuthnTokenClient(token)));
+
+        if(sslContext != null) {
+            builder.sslContext(sslContext);
+        }
 
         Client client = builder.build();
 

src/main/java/com/cyberark/conjur/util/rs/HttpBasicAuthFilter.java

@@ -2,9 +2,9 @@
 
 import org.apache.commons.codec.binary.Base64;
 
-import javax.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.ClientRequestFilter;
-import javax.ws.rs.core.MultivaluedMap;
+import jakarta.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.client.ClientRequestFilter;
+import jakarta.ws.rs.core.MultivaluedMap;
 import java.io.IOException;
 import java.nio.charset.Charset;
 

src/main/java/com/cyberark/conjur/util/rs/JsonBodyReader.java

@@ -2,11 +2,11 @@
 package com.cyberark.conjur.util.rs;
 
 import com.google.gson.Gson;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.ext.MessageBodyReader;
-import javax.ws.rs.ext.Provider;
+import jakarta.ws.rs.WebApplicationException;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.MultivaluedMap;
+import jakarta.ws.rs.ext.MessageBodyReader;
+import jakarta.ws.rs.ext.Provider;
 import java.io.*;
 import java.lang.annotation.Annotation;
 import java.lang.reflect.Type;

src/main/java/com/cyberark/conjur/util/rs/TokenAuthFilter.java

@@ -4,8 +4,8 @@
 import com.cyberark.conjur.api.Token;
 import com.cyberark.conjur.util.Args;
 
-import javax.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.ClientRequestFilter;
+import jakarta.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.client.ClientRequestFilter;
 import java.io.IOException;
 
 /**

src/test/java/com/cyberark/conjur/api/ConjurTest.java

@@ -5,8 +5,7 @@
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 
-import javax.ws.rs.ProcessingException;
-import javax.ws.rs.WebApplicationException;
+import jakarta.ws.rs.WebApplicationException;
 import java.util.UUID;
 
 /**
@@ -76,7 +75,7 @@ public void testSetVariableWithoutVariableInPolicy() {
 
     @Test
     public void testLogonWithAlterativeAuthenticator() {
-        expectedException.expect(ProcessingException.class);
+        expectedException.expect(WebApplicationException.class);
         expectedException.expectMessage(UNAUTHORIZED_STATUS_CODE);
 
         String authnUrl = System.getProperty(APPLIANCE_URL_PROPERTY) + ALTERNATIVE_AUTHN_ENDPOINT;