diff --git a/.github/workflows/branch-ci.yml b/.github/workflows/branch-ci.yml
index b639968..5787348 100644
--- a/.github/workflows/branch-ci.yml
+++ b/.github/workflows/branch-ci.yml
@@ -14,22 +14,23 @@ jobs:
name: Branch CI
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
- - uses: actions/cache@v1
+ - uses: actions/checkout@v4
+ - uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- - name: Set up JDK 1.8
- uses: actions/setup-java@v1
+ - name: Set up JDK
+ uses: actions/setup-java@v4
with:
- java-version: 1.8
+ java-version: 17
+ distribution: zulu
server-id: github
server-username: GITHUB_ACTOR
server-password: GITHUB_TOKEN
- name: Maven Build
- run: mvn clean install -DskipTests=true -Dmaven.javadoc.skip=true -Ddockerfile.skip=true -B -V
+ run: mvn clean install -DskipTests=true -Dmaven.javadoc.skip=true -B -V
env:
GITHUB_TOKEN: ${{ secrets.ORGANIZATION_TOKEN }}
- name: Maven Verify
diff --git a/.github/workflows/pre-release-ci.yml b/.github/workflows/pre-release-ci.yml
index a7f3588..245e4d4 100644
--- a/.github/workflows/pre-release-ci.yml
+++ b/.github/workflows/pre-release-ci.yml
@@ -9,17 +9,18 @@ jobs:
name: Pre-release CI
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
- - uses: actions/cache@v1
+ - uses: actions/checkout@v4
+ - uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Set up Java for publishing to GitHub Packages
- uses: actions/setup-java@v1
+ uses: actions/setup-java@v4
with:
- java-version: 1.8
+ java-version: 17
+ distribution: zulu
server-id: github
server-username: GITHUB_ACTOR
server-password: GITHUB_TOKEN
@@ -33,9 +34,10 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.ORGANIZATION_TOKEN }}
- name: Set up Java for publishing to Maven Central Repository
- uses: actions/setup-java@v1
+ uses: actions/setup-java@v4
with:
- java-version: 1.8
+ java-version: 17
+ distribution: zulu
server-id: ossrh
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
diff --git a/.github/workflows/release-ci.yml b/.github/workflows/release-ci.yml
index a4f9266..4924f52 100644
--- a/.github/workflows/release-ci.yml
+++ b/.github/workflows/release-ci.yml
@@ -9,25 +9,26 @@ jobs:
name: Release CI
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v4
with:
fetch-depth: 0
- run: git checkout ${{ github.event.release.target_commitish }}
- - uses: actions/cache@v1
+ - uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Set up Java for publishing to GitHub Packages
- uses: actions/setup-java@v1
+ uses: actions/setup-java@v4
with:
- java-version: 1.8
+ java-version: 17
+ distribution: zulu
server-id: github
server-username: GITHUB_ACTOR
server-password: GITHUB_TOKEN
- name: Maven Build
- run: mvn clean install -DskipTests=true -Ddockerfile.skip=true -B -V
+ run: mvn clean install -DskipTests=true -B -V
env:
GITHUB_TOKEN: ${{ secrets.ORGANIZATION_TOKEN }}
- name: Maven Verify
@@ -41,17 +42,18 @@ jobs:
run: |
mvn -B build-helper:parse-version release:prepare \
-DreleaseVersion=\${parsedVersion.majorVersion}.\${parsedVersion.minorVersion}.\${parsedVersion.incrementalVersion} \
- -Darguments="-DskipTests=true -Ddockerfile.skip=true"
+ -Darguments="-DskipTests=true"
echo release_tag=$(git describe --tags --abbrev=0) >> $GITHUB_OUTPUT
- name: Perform release
- run: mvn -B release:perform -Pdeploy2Github -Darguments="-DskipTests=true -Ddockerfile.skip=true -Pdeploy2Github"
+ run: mvn -B release:perform -Pdeploy2Github -Darguments="-DskipTests=true -Pdeploy2Github"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REPOSITORY: ${{ secrets.GITHUB_REPOSITORY }}
- name: Set up Java for publishing to Maven Central Repository
- uses: actions/setup-java@v1
+ uses: actions/setup-java@v4
with:
- java-version: 1.8
+ java-version: 17
+ distribution: zulu
server-id: ossrh
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
diff --git a/checkstyle-suppressions.xml b/checkstyle-suppressions.xml
new file mode 100644
index 0000000..dbd0fdb
--- /dev/null
+++ b/checkstyle-suppressions.xml
@@ -0,0 +1,14 @@
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/pom.xml b/pom.xml
index a8b40f8..5978ffb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,11 +1,13 @@
-
+
4.0.0
io.scalecube
scalecube-parent
- 0.2.20
+ 0.3.1
scalecube-security-parent
@@ -41,17 +43,18 @@
2020.0.32
5.1.0
- 2.15.1
- 2.0.7
+ 2.18.0
0.11.2
4.6.1
5.8.2
1.3
1.20.1
+ 2.0.7
https://maven.pkg.github.com/scalecube/scalecube-security
+ checkstyle-suppressions.xml
diff --git a/tokens/pom.xml b/tokens/pom.xml
index f8cc898..078c297 100644
--- a/tokens/pom.xml
+++ b/tokens/pom.xml
@@ -27,10 +27,6 @@
io.jsonwebtoken
jjwt-jackson
-
- org.slf4j
- slf4j-api
-
org.testcontainers
diff --git a/tokens/src/main/java/io/scalecube/security/tokens/jwt/JwksKeyProvider.java b/tokens/src/main/java/io/scalecube/security/tokens/jwt/JwksKeyProvider.java
index af4ab56..02016a8 100644
--- a/tokens/src/main/java/io/scalecube/security/tokens/jwt/JwksKeyProvider.java
+++ b/tokens/src/main/java/io/scalecube/security/tokens/jwt/JwksKeyProvider.java
@@ -20,16 +20,12 @@
import java.util.Base64;
import java.util.Base64.Decoder;
import java.util.Optional;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import reactor.core.Exceptions;
import reactor.core.publisher.Mono;
import reactor.core.scheduler.Schedulers;
public final class JwksKeyProvider implements KeyProvider {
- private static final Logger LOGGER = LoggerFactory.getLogger(JwksKeyProvider.class);
-
private static final ObjectMapper OBJECT_MAPPER = newObjectMapper();
private String jwksUri;
@@ -101,7 +97,6 @@ private JwkInfoList computeKeyList() throws IOException {
int responseCode = httpClient.getResponseCode();
if (responseCode != 200) {
- LOGGER.error("[computeKey][{}] Not expected response code: {}", jwksUri, responseCode);
throw new KeyProviderException("Not expected response code: " + responseCode);
}
@@ -112,7 +107,6 @@ private static JwkInfoList toKeyList(InputStream stream) {
try (InputStream inputStream = new BufferedInputStream(stream)) {
return OBJECT_MAPPER.readValue(inputStream, JwkInfoList.class);
} catch (IOException e) {
- LOGGER.error("[toKeyList] Exception occurred: {}", e.toString());
throw Exceptions.propagate(e);
}
}
diff --git a/tokens/src/main/java/io/scalecube/security/tokens/jwt/JwtTokenResolverImpl.java b/tokens/src/main/java/io/scalecube/security/tokens/jwt/JwtTokenResolverImpl.java
index 72c679e..79190b3 100644
--- a/tokens/src/main/java/io/scalecube/security/tokens/jwt/JwtTokenResolverImpl.java
+++ b/tokens/src/main/java/io/scalecube/security/tokens/jwt/JwtTokenResolverImpl.java
@@ -1,6 +1,8 @@
package io.scalecube.security.tokens.jwt;
import io.scalecube.security.tokens.jwt.jsonwebtoken.JsonwebtokenParserFactory;
+import java.lang.System.Logger;
+import java.lang.System.Logger.Level;
import java.security.Key;
import java.time.Duration;
import java.util.Map;
@@ -8,15 +10,13 @@
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import reactor.core.publisher.Mono;
import reactor.core.scheduler.Scheduler;
import reactor.core.scheduler.Schedulers;
public final class JwtTokenResolverImpl implements JwtTokenResolver {
- private static final Logger LOGGER = LoggerFactory.getLogger(JwtTokenResolver.class);
+ private static final Logger LOGGER = System.getLogger(JwtTokenResolver.class.getName());
private KeyProvider keyProvider;
private JwtTokenParserFactory tokenParserFactory = new JsonwebtokenParserFactory();
@@ -100,7 +100,7 @@ public Mono> resolve(String token) {
String kid = (String) header.get("kid");
Objects.requireNonNull(kid, "kid is missing");
- LOGGER.debug("[resolveToken][kid:{}] Resolving token {}", kid, mask(token));
+ LOGGER.log(Level.DEBUG, "[resolveToken][kid:{0}] Resolving token {1}", kid, mask(token));
// workaround to remove safely on errors
AtomicReference> computedValueHolder = new AtomicReference<>();
@@ -110,13 +110,19 @@ public Mono> resolve(String token) {
.doOnError(throwable -> cleanup(kid, computedValueHolder))
.doOnError(
throwable ->
- LOGGER.error(
- "[resolveToken][kid:{}][{}] Exception occurred: {}",
+ LOGGER.log(
+ Level.ERROR,
+ "[resolveToken][kid:{0}][{1}] Exception occurred: {2}",
kid,
mask(token),
throwable.toString()))
.doOnSuccess(
- s -> LOGGER.debug("[resolveToken][kid:{}] Resolved token {}", kid, mask(token)));
+ s ->
+ LOGGER.log(
+ Level.DEBUG,
+ "[resolveToken][kid:{0}] Resolved token {1}",
+ kid,
+ mask(token)));
});
}
diff --git a/vault/pom.xml b/vault/pom.xml
index 5c3e073..8192a3f 100644
--- a/vault/pom.xml
+++ b/vault/pom.xml
@@ -17,10 +17,6 @@
com.bettercloud
vault-java-driver
-
- org.slf4j
- slf4j-api
-
com.fasterxml.jackson.dataformat
jackson-dataformat-yaml
diff --git a/vault/src/main/java/io/scalecube/security/vault/VaultServiceRolesInstaller.java b/vault/src/main/java/io/scalecube/security/vault/VaultServiceRolesInstaller.java
index 74d3c95..25cc31f 100644
--- a/vault/src/main/java/io/scalecube/security/vault/VaultServiceRolesInstaller.java
+++ b/vault/src/main/java/io/scalecube/security/vault/VaultServiceRolesInstaller.java
@@ -13,6 +13,8 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
+import java.lang.System.Logger;
+import java.lang.System.Logger.Level;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collections;
@@ -21,12 +23,10 @@
import java.util.StringJoiner;
import java.util.function.Function;
import java.util.function.Supplier;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
public class VaultServiceRolesInstaller {
- private static final Logger LOGGER = LoggerFactory.getLogger(VaultServiceRolesInstaller.class);
+ private static final Logger LOGGER = System.getLogger(VaultServiceRolesInstaller.class.getName());
private static final String VAULT_TOKEN_HEADER = "X-Vault-Token";
@@ -58,23 +58,19 @@ private VaultServiceRolesInstaller(Builder builder) {
this.roleTtl = builder.roleTtl;
}
- public static Builder builder() {
- return new Builder();
- }
-
/**
* Builds vault oidc micro-infrastructure (identity roles and keys) to use it for
* machine-to-machine authentication.
*/
public void install() {
if (isNullOrNoneOrEmpty(vaultAddress)) {
- LOGGER.debug("Skipping serviceRoles installation, vaultAddress not set");
+ LOGGER.log(Level.DEBUG, "Skipping serviceRoles installation, vaultAddress not set");
return;
}
final ServiceRoles serviceRoles = loadServiceRoles();
if (serviceRoles == null || serviceRoles.roles.isEmpty()) {
- LOGGER.debug("Skipping serviceRoles installation, serviceRoles not set");
+ LOGGER.log(Level.DEBUG, "Skipping serviceRoles installation, serviceRoles not set");
return;
}
@@ -90,7 +86,7 @@ public void install() {
rest.url(buildVaultIdentityRoleUri(roleName)), keyName, roleName, role.permissions);
}
- LOGGER.debug("Installed serviceRoles ({})", serviceRoles);
+ LOGGER.log(Level.DEBUG, "Installed serviceRoles ({0})", serviceRoles);
}
private ServiceRoles loadServiceRoles() {
@@ -108,15 +104,14 @@ private ServiceRoles loadServiceRoles() {
return null;
}
- private static void verifyOk(int status, String operation) {
+ private static void verifyOk(int status) {
if (status != 200 && status != 204) {
- LOGGER.error("Not expected status ({}) returned on [{}]", status, operation);
throw new IllegalStateException("Not expected status returned, status=" + status);
}
}
private void createVaultIdentityKey(Rest rest, String keyName) {
- LOGGER.debug("[createVaultIdentityKey] {}", keyName);
+ LOGGER.log(Level.DEBUG, "[createVaultIdentityKey] {0}", keyName);
byte[] body =
Json.object()
@@ -128,7 +123,7 @@ private void createVaultIdentityKey(Rest rest, String keyName) {
.getBytes();
try {
- verifyOk(rest.body(body).post().getStatus(), "createVaultIdentityKey");
+ verifyOk(rest.body(body).post().getStatus());
} catch (RestException e) {
throw new RuntimeException(e);
}
@@ -136,7 +131,7 @@ private void createVaultIdentityKey(Rest rest, String keyName) {
private void createVaultIdentityRole(
Rest rest, String keyName, String roleName, List permissions) {
- LOGGER.debug("[createVaultIdentityRole] {}", roleName);
+ LOGGER.log(Level.DEBUG, "[createVaultIdentityRole] {0}", roleName);
byte[] body =
Json.object()
@@ -147,7 +142,7 @@ private void createVaultIdentityRole(
.getBytes();
try {
- verifyOk(rest.body(body).post().getStatus(), "createVaultIdentityRole");
+ verifyOk(rest.body(body).post().getStatus());
} catch (RestException e) {
throw new RuntimeException(e);
}
@@ -352,7 +347,7 @@ public static class Builder {
private String keyVerificationTtl = "1h";
private String roleTtl = "1m";
- private Builder() {}
+ public Builder() {}
public Builder vaultAddress(String vaultAddress) {
this.vaultAddress = vaultAddress;
diff --git a/vault/src/main/java/io/scalecube/security/vault/VaultServiceTokenSupplier.java b/vault/src/main/java/io/scalecube/security/vault/VaultServiceTokenSupplier.java
index 2c766b4..159fee4 100644
--- a/vault/src/main/java/io/scalecube/security/vault/VaultServiceTokenSupplier.java
+++ b/vault/src/main/java/io/scalecube/security/vault/VaultServiceTokenSupplier.java
@@ -4,17 +4,17 @@
import com.bettercloud.vault.rest.Rest;
import com.bettercloud.vault.rest.RestException;
import com.bettercloud.vault.rest.RestResponse;
+import java.lang.System.Logger;
+import java.lang.System.Logger.Level;
import java.util.Map;
import java.util.Objects;
import java.util.StringJoiner;
import java.util.function.BiFunction;
import java.util.function.Supplier;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
public class VaultServiceTokenSupplier {
- private static final Logger LOGGER = LoggerFactory.getLogger(VaultServiceTokenSupplier.class);
+ private static final Logger LOGGER = System.getLogger(VaultServiceTokenSupplier.class.getName());
private static final String VAULT_TOKEN_HEADER = "X-Vault-Token";
@@ -32,10 +32,6 @@ private VaultServiceTokenSupplier(Builder builder) {
Objects.requireNonNull(builder.serviceTokenNameBuilder, "serviceTokenNameBuilder");
}
- public static Builder builder() {
- return new Builder();
- }
-
/**
* Obtains vault service token (aka identity token or oidc token).
*
@@ -48,10 +44,10 @@ public String getToken(Map tags) {
final String vaultToken = vaultTokenSupplier.get();
final String uri = toServiceTokenUri(tags);
final String token = rpcGetToken(uri, vaultToken);
- LOGGER.debug("[getToken][success] uri={}, tags={}, result={}", uri, tags, mask(token));
+ LOGGER.log(
+ Level.DEBUG, "[getToken][success] uri={0}, tags={1}, result={2}", uri, tags, mask(token));
return token;
} catch (Exception ex) {
- LOGGER.error("[getToken][error] tags={}, cause: {}", tags, ex.toString());
throw new RuntimeException(ex);
}
}
@@ -76,7 +72,6 @@ private static String rpcGetToken(String uri, String vaultToken) {
private static void verifyOk(int status) {
if (status != 200) {
- LOGGER.error("[rpcGetToken] Not expected status ({}) returned", status);
throw new IllegalStateException("Not expected status returned, status=" + status);
}
}
@@ -102,7 +97,7 @@ public static class Builder {
private Supplier vaultTokenSupplier;
private BiFunction, String> serviceTokenNameBuilder;
- private Builder() {}
+ public Builder() {}
public Builder vaultAddress(String vaultAddress) {
this.vaultAddress = vaultAddress;