Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions .github/workflows/maven.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# This workflow will build a Java project with Maven
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven

name: Java CI with Maven

on:
push:
branches: [ master ]
pull_request:
branches: [ master ]

jobs:
call-workflow:
uses: 42BV/42-github-workflows/.github/workflows/maven-test.yml@main
Comment thread
jeroenvs marked this conversation as resolved.
with:
java-version: 21
secrets: inherit
24 changes: 24 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
name: Publish package to the Maven Central Repository

on:
workflow_dispatch:
inputs:
release-version:
required: false
description: Release-version (not required)
next-version:
required: false
description: Next development-version. (not required)
java-version:
required: true
default: '21'
description: Java-version to use for the deployment.

jobs:
call-workflow:
uses: 42BV/42-github-workflows/.github/workflows/maven-release.yml@main
secrets: inherit
with:
release-version: ${{ github.event.inputs.release-version }}
next-version: ${{ github.event.inputs.next-version }}
java-version: ${{ github.event.inputs.java-version }}
10 changes: 5 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,16 +17,16 @@ Add the Maven dependency:
<dependency>
<groupId>nl.42.restzilla</groupId>
<artifactId>restzilla</artifactId>
<version>2.0.0</version>
<version>5.0.0</version>
</dependency>
```

Required dependencies:

* Spring MVC (5.1+)
* Spring Data JPA (2.1+)
* Jackson (2.9+)
* Java (1.8+)
* Spring MVC (7+)
* Spring Data JPA (4+)
* Jackson (2.21+)
* Java (21+)

Annotate your Spring Configuration with `@EnableRest`:

Expand Down
4 changes: 4 additions & 0 deletions owasp-suppressions.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">

</suppressions>
188 changes: 111 additions & 77 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -36,12 +36,20 @@
<timestamp>${maven.build.timestamp}</timestamp>

<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>17</java.version>
<java.version>21</java.version>

<!-- Dependency versions -->
<spring.boot.version>3.0.5</spring.boot.version>
<spring.boot.version>4.0.6</spring.boot.version>
<beanmapper.version>5.0.0</beanmapper.version>
<commons-lang.version>3.18.0</commons-lang.version>

<!-- Plugin versions -->
<dependency-check-maven.version>12.2.2</dependency-check-maven.version>
<jacoco-maven-plugin.version>0.8.14</jacoco-maven-plugin.version>
<central-publishing-maven-plugin.version>0.9.0</central-publishing-maven-plugin.version>
<maven-gpg-plugin.version>3.2.8</maven-gpg-plugin.version>
<maven-source-plugin.version>3.4.0</maven-source-plugin.version>
<maven-javadoc-plugin.version>3.12.0</maven-javadoc-plugin.version>
</properties>

<scm>
Expand Down Expand Up @@ -74,6 +82,11 @@
<artifactId>commons-lang3</artifactId>
<version>${commons-lang.version}</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>33.6.0-jre</version>
</dependency>

<!-- Web -->
<dependency>
Expand Down Expand Up @@ -154,102 +167,123 @@
</dependencies>

<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.10.1</version>
<configuration>
<source>${java.version}</source>
<target>${java.version}</target>
<encoding>${project.build.sourceEncoding}</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.1</version>
</plugin>
<!-- When deploying activate the "sonatype-oss-release" profile -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<version>3.0.0</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.5.3</version>
</plugin>
</plugins>
</pluginManagement>
<plugins>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.13</version>
<extensions>true</extensions>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.15.0</version>
<configuration>
<serverId>sonatype-nexus-staging</serverId>
<nexusUrl>https://oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>false</autoReleaseAfterClose>
<release>${java.version}</release>
<source>${java.version}</source>
<target>${java.version}</target>
<annotationProcessorPaths>
<path>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</path>
</annotationProcessorPaths>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.4.1</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
<artifactId>maven-surefire-plugin</artifactId>
<version>3.5.5</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.2.1</version>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>${dependency-check-maven.version}</version>
<configuration>
<failBuildOnCVSS>0</failBuildOnCVSS>
<skipProvidedScope>true</skipProvidedScope>
<skipTestScope>true</skipTestScope>
<skipRuntimeScope>true</skipRuntimeScope>
<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
<suppressionFile>owasp-suppressions.xml</suppressionFile>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>${jacoco-maven-plugin.version}</version>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
<goal>prepare-agent</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>3.0.1</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<id>report</id>
<phase>test</phase>
<goals>
<goal>sign</goal>
<goal>report</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>8.1.2</version>
<configuration>
<failBuildOnAnyVulnerability>true</failBuildOnAnyVulnerability>
<skipProvidedScope>true</skipProvidedScope>
<skipTestScope>true</skipTestScope>
<skipRuntimeScope>true</skipRuntimeScope>
<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
<suppressionFile>owasp-suppressions.xml</suppressionFile>
</configuration>
</plugin>
</plugins>
</build>

<profiles>
<profile>
<id>release</id>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>${maven-javadoc-plugin.version}</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>${maven-source-plugin.version}</version>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>${maven-gpg-plugin.version}</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>

<plugin>
<groupId>org.sonatype.central</groupId>
<artifactId>central-publishing-maven-plugin</artifactId>
<version>${central-publishing-maven-plugin.version}</version>
<extensions>true</extensions>
<configuration>
<publishingServerId>central</publishingServerId>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>

</project>
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,14 @@
import org.springframework.expression.ExpressionParser;
import org.springframework.security.access.expression.ExpressionUtils;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authorization.AuthorizationResult;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
import org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler;
import org.springframework.security.web.access.expression.WebExpressionAuthorizationManager;
import org.springframework.security.web.access.intercept.RequestAuthorizationContext;

/**
* Implementation that evaluates SPEL expressions.
Expand All @@ -26,11 +29,6 @@
* @since Sep 8, 2015
*/
public class SpelSecurityProvider implements SecurityProvider {

/**
* Web security expression handler.
*/
private DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler();

/**
* {@inheritDoc}
Expand All @@ -39,13 +37,13 @@ public class SpelSecurityProvider implements SecurityProvider {
public boolean isAuthorized(String[] expressions, HttpServletRequest request) {
boolean authorized = true;
if (expressions.length > 0) {
RequestAuthorizationContext context = new RequestAuthorizationContext(request);
Authentication authentication = getAuthentication(request);
FilterInvocation invocation = new FilterInvocation(request.getServletPath(), request.getMethod());
EvaluationContext context = handler.createEvaluationContext(authentication, invocation);
for (String expression : expressions) {
if (StringUtils.isNotBlank(expression)) {
ExpressionParser parser = handler.getExpressionParser();
if (!ExpressionUtils.evaluateAsBoolean(parser.parseExpression(expression), context)) {
WebExpressionAuthorizationManager manager = new WebExpressionAuthorizationManager(expression);
AuthorizationResult result = manager.authorize(() -> authentication, context);
if (!result.isGranted()) {
return false;
}
}
Expand All @@ -56,8 +54,8 @@ public boolean isAuthorized(String[] expressions, HttpServletRequest request) {

private Authentication getAuthentication(HttpServletRequest request) {
Principal principal = request.getUserPrincipal();
if (principal instanceof Authentication) {
return (Authentication) principal;
if (principal instanceof Authentication authentication) {
return authentication;
} else {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null) {
Expand All @@ -70,14 +68,5 @@ private Authentication getAuthentication(HttpServletRequest request) {
private AnonymousAuthenticationToken annonymous() {
return new AnonymousAuthenticationToken("anonymousUser", "anonymousUser", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
}

/**
* Configure the default web security expression handler.
* @param handler the handler to set
*/
@Autowired(required = false)
public void setHandler(DefaultWebSecurityExpressionHandler handler) {
this.handler = handler;
}

}
Loading
Loading