Skip to content

Commit c230316

Browse files
lakhr034github-actions[bot]vilasshelke-hmcts
authored
Rdcc 6225 spring boot upgrade 2.7.7 (#456)
* RDCC-6225 Spring Boot 2.7.7 upgrade * RDCC-6225 Spring Boot 2.7.7 upgrade * RDCC-6225 sonar build fixes * RDCC-6225 chart update version * RDCC-6225 update * RDCC-6225 update * Fixed below issues: 1. removed dynamic string on request parameter in swagger ui 2. Update getDynamicJwksResponse() as per new nimbus 3. Update AuthorizationEnabledIntegrationTest.java * Fixed below issues: 1. JrdUsersController.java fixes sonar and one response parameter missed * Fixed below issues: 1. JrdUsersController.java fixes sonar and one response parameter missed * Integration Test case failure fixes --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: m_659064 <vilas.shelke@HMCTS.NET>
1 parent 5f8cf13 commit c230316

24 files changed

+366
-231
lines changed

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
ARG APP_INSIGHTS_AGENT_VERSION=3.2.4
1+
ARG APP_INSIGHTS_AGENT_VERSION=3.4.8
22
ARG PLATFORM=""
33
FROM hmctspublic.azurecr.io/base/java${PLATFORM}:17-distroless
44

build.gradle

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,9 @@ plugins {
1010
id 'pmd'
1111
id 'com.github.ben-manes.versions' version '0.42.0'
1212
id "info.solidsoft.pitest" version '1.7.0'
13-
id 'io.spring.dependency-management' version '1.0.11.RELEASE'
13+
id 'io.spring.dependency-management' version '1.1.0'
1414
id 'org.sonarqube' version '3.3'
15-
id 'org.springframework.boot' version '2.4.12'
15+
id 'org.springframework.boot' version '2.7.7'
1616
id "org.flywaydb.flyway" version "8.4.2"
1717
id "io.freefair.lombok" version "5.3.3.3"
1818
id 'uk.gov.hmcts.java' version '0.12.12'
@@ -30,8 +30,7 @@ def versions = [
3030
pitest : '1.7.3',
3131
reformLogging : '5.1.9',
3232
serenity : '2.0.76',
33-
springBoot : '2.6.6',
34-
springfoxSwagger : '2.9.2',
33+
springBoot : '2.7.7',
3534
restAssured : '4.3.3',
3635
jackson : '2.14.0-rc1',
3736
launchDarklySdk : '5.10.2',
@@ -40,7 +39,7 @@ def versions = [
4039
springVersion : '5.3.20',
4140
logback : '1.2.11',
4241
bytebuddy : '1.12.7',
43-
testContainer_postgresql: '1.17.2'
42+
testContainer_postgresql: '1.17.6'
4443
]
4544

4645
mainClassName = 'uk.gov.hmcts.reform.judicialapi.JudicialApplication'
@@ -324,8 +323,8 @@ dependencies {
324323
implementation group: 'org.apache.logging.log4j', name: 'log4j-to-slf4j', version: versions.log4j
325324
implementation group: 'com.sun.xml.bind', name: 'jaxb-osgi', version: '3.0.2'
326325

327-
implementation group: 'io.springfox', name: 'springfox-swagger2', version: versions.springfoxSwagger
328-
implementation group: 'io.springfox', name: 'springfox-swagger-ui', version: versions.springfoxSwagger
326+
implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.6.8'
327+
implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-bootstrap', version: '3.1.5'
329328

330329
implementation 'com.github.hmcts:service-auth-provider-java-client:4.0.3'
331330

@@ -335,7 +334,7 @@ dependencies {
335334
implementation group: 'commons-lang', name: 'commons-lang', version: '2.6'
336335
implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.10'
337336
implementation group: 'io.jsonwebtoken', name: 'jjwt', version: '0.9.1'
338-
implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '8.20'
337+
implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.25'
339338
implementation 'org.springframework.boot:spring-boot-starter-validation'
340339
implementation group: 'ch.qos.logback', name: 'logback-core', version: versions.logback
341340
implementation group: 'ch.qos.logback', name: 'logback-classic', version: versions.logback

charts/rd-judicial-api/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,5 +7,5 @@ maintainers:
77
- name: Reference Data Team
88
dependencies:
99
- name: java
10-
version: 4.0.4
10+
version: 4.0.11
1111
repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/'

config/owasp/suppressions.xml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@
2828
<packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
2929
<cve>CVE-2021-4235</cve>
3030
<cve>CVE-2022-3064</cve>
31+
<cve>CVE-2021-22044</cve>
3132
</suppress>
3233
<suppress>
3334
<notes>CVE-2022-22978 suppression (false positive), because spring security already at (5.7.5) this is higher than the vulnerable versions

src/functionalTest/resources/application-functional.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,3 +11,9 @@ s2s-secret: ${JUDICIAL_API_S2S_SECRET:}
1111

1212
jrd.security.roles.hmcts-admin: jrd-admin
1313
jrd.security.roles.system-user: jrd-system-user
14+
15+
launchdarkly:
16+
sdk:
17+
key: ${LD_SDK_KEY:}
18+
environment: ${LAUNCH_DARKLY_ENV:preview}
19+
user: rd

src/integrationTest/java/uk/gov/hmcts/reform/judicialapi/FetchUsersIntegrationTest.java

Lines changed: 15 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ void setUp() {
4040
@ParameterizedTest
4141
@ValueSource(strings = {"jrd-system-user", "jrd-admin"})
4242
void retrieveJudicialProfileBasedOnId(String role) {
43-
43+
mockJwtToken(role);
4444
userRequest = new UserRequest(Arrays.asList("44862987-4b00-e2e7-4ff8-281b87f16bf9"));
4545
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(10, 0,
4646
userRequest, role, false);
@@ -53,7 +53,7 @@ void retrieveJudicialProfileBasedOnId(String role) {
5353
@ParameterizedTest
5454
@ValueSource(strings = {"jrd-system-user", "jrd-admin"})
5555
void shouldReturn200WithValidParameters(String role) {
56-
56+
mockJwtToken(role);
5757
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(10, 0,
5858
userRequest, role, false);
5959
assertThat(response).containsEntry("http_status", "200 OK");
@@ -66,7 +66,7 @@ void shouldReturn200WithValidParameters(String role) {
6666
@ParameterizedTest
6767
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
6868
void shouldReturn_200_ValidParameters_ccdPageNumber(String role) {
69-
69+
mockJwtToken(role);
7070
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(1, 1,
7171
userRequest, role, false);
7272
assertThat(response).containsEntry("http_status", "200 OK");
@@ -80,7 +80,7 @@ void shouldReturn_200_ValidParameters_ccdPageNumber(String role) {
8080
@ParameterizedTest
8181
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
8282
void shouldReturn_200_ValidParameters_PageSize(String role) {
83-
83+
mockJwtToken(role);
8484
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(2, 0,
8585
userRequest, role, false);
8686
assertThat(response).containsEntry("http_status", "200 OK");
@@ -94,7 +94,7 @@ void shouldReturn_200_ValidParameters_PageSize(String role) {
9494
@ParameterizedTest
9595
@ValueSource(strings = { "jrd-admin"})
9696
void shouldReturn_200_ValidParameters_ResponseHeader(String role) {
97-
97+
mockJwtToken(role);
9898
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(10, 0,
9999
userRequest, role, false);
100100
assertThat(response).containsEntry("http_status", "200 OK");
@@ -109,42 +109,46 @@ void shouldReturn_200_ValidParameters_ResponseHeader(String role) {
109109
@DisplayName("Scenario-UnauthorisedUsers")
110110
@Test
111111
void shouldReturn403ForUnauthorisedUsers() {
112+
mockJwtToken(INVALID_TEST_USER);
112113
JudicialReferenceDataClient.setBearerToken(EMPTY);
113114
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(10, 0,
114-
userRequest, "test-user-role", false);
115+
userRequest, INVALID_TEST_USER, false);
115116
assertThat(response).containsEntry("http_status", "403");
116117
JudicialReferenceDataClient.setBearerToken(EMPTY);
117118
}
118119

119120
@DisplayName("Scenario-InvalidTokens")
120121
@Test
121122
void shouldReturn401ForInvalidTokens() {
123+
mockJwtToken(JRD_SYSTEM_USER);
122124
JudicialReferenceDataClient.setBearerToken(EMPTY);
123125
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(10, 0,
124-
userRequest, "jrd-system-user", true);
126+
userRequest, JRD_SYSTEM_USER, true);
125127
assertThat(response).containsEntry("http_status", "401");
126128
JudicialReferenceDataClient.setBearerToken(EMPTY);
127129
}
128130

129131
@DisplayName("Scenario-EmptyUserIds")
130132
@Test
131133
void shouldReturn400ForEmptyUserIds() {
134+
mockJwtToken(JRD_SYSTEM_USER);
132135
JudicialReferenceDataClient.setBearerToken(EMPTY);
133136
userRequest = new UserRequest();
134137
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(10, 0,
135-
userRequest, "jrd-system-user", false);
138+
userRequest, JRD_SYSTEM_USER, false);
136139
assertThat(response).containsEntry("http_status", "400");
137140
JudicialReferenceDataClient.setBearerToken(EMPTY);
138141
}
139142

140143
@DisplayName("Scenario-NoUsersFound")
141144
@Test
142145
void shouldReturn404WhenNoUsersFound() {
146+
mockJwtToken(JRD_SYSTEM_USER);
143147
JudicialReferenceDataClient.setBearerToken(EMPTY);
144148
userRequest = new UserRequest(Collections.singletonList(UUID.randomUUID().toString()));
145149

146150
Map<String, Object> response = judicialReferenceDataClient.fetchJudicialProfilesById(10, 0,
147-
userRequest, "jrd-system-user", false);
151+
userRequest, JRD_SYSTEM_USER, false);
148152
assertThat(response).containsEntry("http_status", "404");
149153
JudicialReferenceDataClient.setBearerToken(EMPTY);
150154
}
@@ -153,12 +157,13 @@ void shouldReturn404WhenNoUsersFound() {
153157
@Test
154158
void shouldReturn403WhenLdFeatureDisabled() {
155159
Map<String, String> launchDarklyMap = new HashMap<>();
160+
mockJwtToken(JRD_SYSTEM_USER);
156161
launchDarklyMap.put("JrdUsersController.fetchUsers", "test-jrd-flag");
157162
when(featureToggleServiceImpl.isFlagEnabled(anyString())).thenReturn(false);
158163
when(featureToggleServiceImpl.getLaunchDarklyMap()).thenReturn(launchDarklyMap);
159164
Map<String, Object> errorResponseMap = judicialReferenceDataClient
160165
.fetchJudicialProfilesById(10, 0,
161-
userRequest, "jrd-system-user", false);
166+
userRequest, JRD_SYSTEM_USER, false);
162167

163168
assertThat(errorResponseMap).containsEntry("http_status", "403");
164169
assertThat((String) errorResponseMap.get("response_body"))

src/integrationTest/java/uk/gov/hmcts/reform/judicialapi/RefreshUserProfileIntegrationTest.java

Lines changed: 19 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ void setUp() {
4141
@ParameterizedTest
4242
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
4343
void shouldReturn_200_ValidParameters_objectIds_01(String role) {
44-
44+
mockJwtToken(role);
4545
RefreshRoleRequest refreshRoleRequest = RefreshRoleRequest.builder()
4646
.ccdServiceNames("")
4747
.sidamIds(Collections.emptyList())
@@ -69,7 +69,7 @@ void shouldReturn_200_ValidParameters_objectIds_01(String role) {
6969
@ParameterizedTest
7070
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
7171
void shouldReturn_200_ValidParameters_sidamIds_01(String role) {
72-
72+
mockJwtToken(role);
7373
refreshRoleRequest = RefreshRoleRequest.builder()
7474
.ccdServiceNames("")
7575
.sidamIds(Arrays.asList("1111"))
@@ -95,7 +95,7 @@ void shouldReturn_200_ValidParameters_sidamIds_01(String role) {
9595
@ParameterizedTest
9696
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
9797
void shouldReturn_200_ValidParameters_ccdPageSize(String role) {
98-
98+
mockJwtToken(role);
9999
refreshRoleRequest = RefreshRoleRequest.builder()
100100
.ccdServiceNames("")
101101
.sidamIds(Collections.emptyList())
@@ -114,7 +114,7 @@ void shouldReturn_200_ValidParameters_ccdPageSize(String role) {
114114
@ParameterizedTest
115115
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
116116
void shouldReturn_200_ValidParameters_sorted(String role) {
117-
117+
mockJwtToken(role);
118118
refreshRoleRequest = RefreshRoleRequest.builder()
119119
.ccdServiceNames("")
120120
.sidamIds(Collections.emptyList())
@@ -134,7 +134,7 @@ void shouldReturn_200_ValidParameters_sorted(String role) {
134134
@ParameterizedTest
135135
@ValueSource(strings = {"jrd-admin"})
136136
void sortedDescendingOrder(String role) {
137-
137+
mockJwtToken(role);
138138
refreshRoleRequest = RefreshRoleRequest.builder()
139139
.ccdServiceNames("")
140140
.sidamIds(Collections.emptyList())
@@ -154,7 +154,7 @@ void sortedDescendingOrder(String role) {
154154
@ParameterizedTest
155155
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
156156
void shouldReturn_400_ValidParameters_ccdServiceEmpty(String role) {
157-
157+
mockJwtToken(role);
158158
refreshRoleRequest = RefreshRoleRequest.builder().build();
159159

160160
var errorResponseMap = judicialReferenceDataClient.refreshUserProfile(refreshRoleRequest,3,
@@ -169,7 +169,7 @@ void shouldReturn_400_ValidParameters_ccdServiceEmpty(String role) {
169169
@ParameterizedTest
170170
@ValueSource(strings = { "jrd-admin"})
171171
void shouldReturn_400_ValidParameters_ResponseHeader(String role) {
172-
172+
mockJwtToken(role);
173173
refreshRoleRequest = RefreshRoleRequest.builder()
174174
.ccdServiceNames("ALL,all")
175175
.sidamIds(Arrays.asList(""))
@@ -187,7 +187,7 @@ void shouldReturn_400_ValidParameters_ResponseHeader(String role) {
187187
@ParameterizedTest
188188
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
189189
void shouldReturn_200_ValidParameters_objectIds_02(String role) {
190-
190+
mockJwtToken(role);
191191
refreshRoleRequest = RefreshRoleRequest.builder()
192192
.ccdServiceNames("")
193193
.sidamIds(Collections.emptyList())
@@ -220,7 +220,7 @@ void shouldReturn_200_ValidParameters_objectIds_02(String role) {
220220
@ParameterizedTest
221221
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
222222
void shouldReturn_200_ValidParameters_personalCodes_01(String role) {
223-
223+
mockJwtToken(role);
224224
refreshRoleRequest = RefreshRoleRequest.builder()
225225
.ccdServiceNames("")
226226
.sidamIds(Arrays.asList(""))
@@ -244,7 +244,7 @@ void shouldReturn_200_ValidParameters_personalCodes_01(String role) {
244244
@ParameterizedTest
245245
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
246246
void shouldReturn_404_InValid_personalCodes_01(String role) {
247-
247+
mockJwtToken(role);
248248
refreshRoleRequest = RefreshRoleRequest.builder()
249249
.ccdServiceNames("")
250250
.sidamIds(Arrays.asList(""))
@@ -262,6 +262,7 @@ void shouldReturn_404_InValid_personalCodes_01(String role) {
262262
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
263263
void shouldReturn403WhenLdFeatureDisabled(String role) {
264264
var launchDarklyMap = new HashMap<String, String>();
265+
mockJwtToken(role);
265266
launchDarklyMap.put("JrdUsersController.refreshUserProfile", "test-jrd-flag");
266267
when(featureToggleServiceImpl.isFlagEnabled(anyString())).thenReturn(false);
267268
when(featureToggleServiceImpl.getLaunchDarklyMap()).thenReturn(launchDarklyMap);
@@ -283,36 +284,39 @@ void shouldReturn403WhenLdFeatureDisabled(String role) {
283284
@DisplayName("Scenario-UnauthorisedUsers")
284285
@Test
285286
void shouldReturn_403_UnauthorisedUsers() {
287+
mockJwtToken(INVALID_TEST_USER);
286288
JudicialReferenceDataClient.setBearerToken(EMPTY);
287289
var response = judicialReferenceDataClient.refreshUserProfile(refreshRoleRequest,10,
288-
0,"ASC", "objectId", "test-user-role", false);
290+
0,"ASC", "objectId", INVALID_TEST_USER, false);
289291
assertThat(response).containsEntry("http_status", "403");
290292
JudicialReferenceDataClient.setBearerToken(EMPTY);
291293
}
292294

293295
@DisplayName("Scenario-InvalidTokens")
294296
@Test
295297
void shouldReturn_401_InvalidTokens() {
298+
mockJwtToken(INVALID_TEST_USER);
296299
JudicialReferenceDataClient.setBearerToken(EMPTY);
297300
var response = judicialReferenceDataClient.refreshUserProfile(refreshRoleRequest,10,
298-
0,"ASC", "objectId", "test-user-role", true);
301+
0,"ASC", "objectId", INVALID_TEST_USER, true);
299302
assertThat(response).containsEntry("http_status", "401");
300303
JudicialReferenceDataClient.setBearerToken(EMPTY);
301304
}
302305

303306
@DisplayName("Scenario-MultipleParameters")
304307
@Test
305308
void shouldReturn_400_WithMultipleParameters() {
309+
mockJwtToken(JRD_SYSTEM_USER);
306310
var response = judicialReferenceDataClient.refreshUserProfile(refreshRoleRequest,10,
307-
0,"ASC", "objectId", "jrd-system-user", false);
311+
0,"ASC", "objectId", JRD_SYSTEM_USER, false);
308312
assertThat(response).containsEntry("http_status", "400");
309313
}
310314

311315
@DisplayName("Validate soft delete service code scenario")
312316
@ParameterizedTest
313317
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
314318
void shouldReturn_200_ValidParameters_Mrd_Delete_time(String role) {
315-
319+
mockJwtToken(role);
316320
refreshRoleRequest = RefreshRoleRequest.builder()
317321
.ccdServiceNames("")
318322
.sidamIds(Collections.emptyList())
@@ -345,7 +349,7 @@ void shouldReturn_200_ValidParameters_Mrd_Delete_time(String role) {
345349
@ParameterizedTest
346350
@ValueSource(strings = { "jrd-system-user","jrd-admin"})
347351
void shouldReturn_200_Non_Tribunal_scenario_01(String role) {
348-
352+
mockJwtToken(role);
349353
RefreshRoleRequest refreshRoleRequest = RefreshRoleRequest.builder()
350354
.ccdServiceNames("")
351355
.sidamIds(Collections.emptyList())

0 commit comments

Comments
 (0)