From 5ef1fba34e43527cc7f559fae0a5a77b0ed10ea5 Mon Sep 17 00:00:00 2001 From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 23:16:20 +0000 Subject: [PATCH 1/2] Upgrade Spring Boot from 2.6.3 to 3.5.10 Major changes: - Update Spring Boot from 2.6.3 to 3.5.10 - Update Java compatibility from 11 to 17 - Migrate javax.* imports to jakarta.* namespace (Jakarta EE 10) - Update Spring Security configuration for Spring Security 6 - Replace WebSecurityConfigurerAdapter with SecurityFilterChain - Use new lambda-based configuration style - Replace antMatchers with requestMatchers - Update DGS framework from 4.9.21 to 9.2.2 - Update DGS codegen plugin from 5.0.6 to 6.3.0 - Update JJWT from 0.11.2 to 0.12.6 - Use new parser API (parser().verifyWith() instead of parserBuilder()) - Use Keys.hmacShaKeyFor() for key generation - Update MyBatis Spring Boot Starter from 2.2.2 to 4.0.1 - Update Gradle wrapper from 7.4 to 8.14 - Update other dependencies to compatible versions: - rest-assured: 4.5.1 -> 5.5.0 - joda-time: 2.10.13 -> 2.13.0 - sqlite-jdbc: 3.36.0.3 -> 3.47.2.0 - spotless: 6.2.1 -> 6.25.0 - dependency-management: 1.0.11.RELEASE -> 1.1.7 Code changes: - Fix GraphQLCustomizeExceptionHandler for new DataFetcherExceptionHandler API - Fix CustomizeExceptionHandler for HttpStatusCode parameter type - Fix ArticleDatafetcher and CommentDatafetcher to use generated PageInfo type - Add test configuration for Spring Boot 3 compatibility - Make DuplicatedUsernameValidator public for test imports Co-Authored-By: Sam Fertig --- build.gradle | 39 ++++++------ gradle/wrapper/gradle-wrapper.properties | 2 +- src/main/java/io/spring/api/ArticleApi.java | 2 +- src/main/java/io/spring/api/ArticlesApi.java | 2 +- src/main/java/io/spring/api/CommentsApi.java | 4 +- .../java/io/spring/api/CurrentUserApi.java | 2 +- src/main/java/io/spring/api/UsersApi.java | 6 +- .../exception/CustomizeExceptionHandler.java | 8 +-- .../spring/api/security/JwtTokenFilter.java | 8 +-- .../api/security/WebSecurityConfig.java | 63 ++++++++++--------- .../article/ArticleCommandService.java | 2 +- .../article/DuplicatedArticleConstraint.java | 4 +- .../article/DuplicatedArticleValidator.java | 4 +- .../application/article/NewArticleParam.java | 2 +- .../user/DuplicatedEmailConstraint.java | 4 +- .../user/DuplicatedEmailValidator.java | 4 +- .../user/DuplicatedUsernameConstraint.java | 4 +- .../user/DuplicatedUsernameValidator.java | 6 +- .../application/user/RegisterParam.java | 4 +- .../application/user/UpdateUserParam.java | 2 +- .../spring/application/user/UserService.java | 8 +-- .../io/spring/graphql/ArticleDatafetcher.java | 31 +++++---- .../io/spring/graphql/CommentDatafetcher.java | 23 +++---- .../java/io/spring/graphql/UserMutation.java | 2 +- .../GraphQLCustomizeExceptionHandler.java | 15 +++-- .../service/DefaultJwtService.java | 16 ++--- src/test/java/io/spring/api/UsersApiTest.java | 4 +- .../service/DefaultJwtServiceTest.java | 3 +- src/test/resources/application.properties | 18 ++++++ 29 files changed, 156 insertions(+), 136 deletions(-) create mode 100644 src/test/resources/application.properties diff --git a/build.gradle b/build.gradle index da384dc69..9a8a40ce4 100644 --- a/build.gradle +++ b/build.gradle @@ -1,14 +1,14 @@ plugins { - id 'org.springframework.boot' version '2.6.3' - id 'io.spring.dependency-management' version '1.0.11.RELEASE' + id 'org.springframework.boot' version '3.5.10' + id 'io.spring.dependency-management' version '1.1.7' id 'java' - id "com.netflix.dgs.codegen" version "5.0.6" - id "com.diffplug.spotless" version "6.2.1" + id "com.netflix.dgs.codegen" version "6.3.0" + id "com.diffplug.spotless" version "6.25.0" } version = '0.0.1-SNAPSHOT' -sourceCompatibility = '11' -targetCompatibility = '11' +sourceCompatibility = '17' +targetCompatibility = '17' spotless { java { @@ -22,6 +22,9 @@ spotless { repositories { mavenCentral() + maven { + url 'https://oss.sonatype.org/content/repositories/releases/' + } } configurations { @@ -35,25 +38,25 @@ dependencies { implementation 'org.springframework.boot:spring-boot-starter-validation' implementation 'org.springframework.boot:spring-boot-starter-hateoas' implementation 'org.springframework.boot:spring-boot-starter-security' - implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:2.2.2' - implementation 'com.netflix.graphql.dgs:graphql-dgs-spring-boot-starter:4.9.21' + implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:4.0.1' + implementation 'com.netflix.graphql.dgs:graphql-dgs-spring-boot-starter:9.2.2' implementation 'org.flywaydb:flyway-core' - implementation 'io.jsonwebtoken:jjwt-api:0.11.2' - runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.2', - 'io.jsonwebtoken:jjwt-jackson:0.11.2' - implementation 'joda-time:joda-time:2.10.13' - implementation 'org.xerial:sqlite-jdbc:3.36.0.3' + implementation 'io.jsonwebtoken:jjwt-api:0.12.6' + runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.6', + 'io.jsonwebtoken:jjwt-jackson:0.12.6' + implementation 'joda-time:joda-time:2.13.0' + implementation 'org.xerial:sqlite-jdbc:3.47.2.0' compileOnly 'org.projectlombok:lombok' annotationProcessor 'org.projectlombok:lombok' - testImplementation 'io.rest-assured:rest-assured:4.5.1' - testImplementation 'io.rest-assured:json-path:4.5.1' - testImplementation 'io.rest-assured:xml-path:4.5.1' - testImplementation 'io.rest-assured:spring-mock-mvc:4.5.1' + testImplementation 'io.rest-assured:rest-assured:5.5.0' + testImplementation 'io.rest-assured:json-path:5.5.0' + testImplementation 'io.rest-assured:xml-path:5.5.0' + testImplementation 'io.rest-assured:spring-mock-mvc:5.5.0' testImplementation 'org.springframework.security:spring-security-test' testImplementation 'org.springframework.boot:spring-boot-starter-test' - testImplementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter-test:2.2.2' + testImplementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter-test:4.0.1' } tasks.named('test') { diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 41dfb8790..5c82cb032 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-7.4-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.14-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/src/main/java/io/spring/api/ArticleApi.java b/src/main/java/io/spring/api/ArticleApi.java index c80afa31d..74b8234c4 100644 --- a/src/main/java/io/spring/api/ArticleApi.java +++ b/src/main/java/io/spring/api/ArticleApi.java @@ -10,9 +10,9 @@ import io.spring.core.article.ArticleRepository; import io.spring.core.service.AuthorizationService; import io.spring.core.user.User; +import jakarta.validation.Valid; import java.util.HashMap; import java.util.Map; -import javax.validation.Valid; import lombok.AllArgsConstructor; import org.springframework.http.ResponseEntity; import org.springframework.security.core.annotation.AuthenticationPrincipal; diff --git a/src/main/java/io/spring/api/ArticlesApi.java b/src/main/java/io/spring/api/ArticlesApi.java index 50584bd6d..3f96607e9 100644 --- a/src/main/java/io/spring/api/ArticlesApi.java +++ b/src/main/java/io/spring/api/ArticlesApi.java @@ -6,8 +6,8 @@ import io.spring.application.article.NewArticleParam; import io.spring.core.article.Article; import io.spring.core.user.User; +import jakarta.validation.Valid; import java.util.HashMap; -import javax.validation.Valid; import lombok.AllArgsConstructor; import org.springframework.http.ResponseEntity; import org.springframework.security.core.annotation.AuthenticationPrincipal; diff --git a/src/main/java/io/spring/api/CommentsApi.java b/src/main/java/io/spring/api/CommentsApi.java index c5f7e77e9..ff37833ec 100644 --- a/src/main/java/io/spring/api/CommentsApi.java +++ b/src/main/java/io/spring/api/CommentsApi.java @@ -11,11 +11,11 @@ import io.spring.core.comment.CommentRepository; import io.spring.core.service.AuthorizationService; import io.spring.core.user.User; +import jakarta.validation.Valid; +import jakarta.validation.constraints.NotBlank; import java.util.HashMap; import java.util.List; import java.util.Map; -import javax.validation.Valid; -import javax.validation.constraints.NotBlank; import lombok.AllArgsConstructor; import lombok.Getter; import lombok.NoArgsConstructor; diff --git a/src/main/java/io/spring/api/CurrentUserApi.java b/src/main/java/io/spring/api/CurrentUserApi.java index e096aec0b..a2ce43eb4 100644 --- a/src/main/java/io/spring/api/CurrentUserApi.java +++ b/src/main/java/io/spring/api/CurrentUserApi.java @@ -7,9 +7,9 @@ import io.spring.application.user.UpdateUserParam; import io.spring.application.user.UserService; import io.spring.core.user.User; +import jakarta.validation.Valid; import java.util.HashMap; import java.util.Map; -import javax.validation.Valid; import lombok.AllArgsConstructor; import org.springframework.http.ResponseEntity; import org.springframework.security.core.annotation.AuthenticationPrincipal; diff --git a/src/main/java/io/spring/api/UsersApi.java b/src/main/java/io/spring/api/UsersApi.java index d91321e82..71e39d4ab 100644 --- a/src/main/java/io/spring/api/UsersApi.java +++ b/src/main/java/io/spring/api/UsersApi.java @@ -12,12 +12,12 @@ import io.spring.core.service.JwtService; import io.spring.core.user.User; import io.spring.core.user.UserRepository; +import jakarta.validation.Valid; +import jakarta.validation.constraints.Email; +import jakarta.validation.constraints.NotBlank; import java.util.HashMap; import java.util.Map; import java.util.Optional; -import javax.validation.Valid; -import javax.validation.constraints.Email; -import javax.validation.constraints.NotBlank; import lombok.AllArgsConstructor; import lombok.Getter; import lombok.NoArgsConstructor; diff --git a/src/main/java/io/spring/api/exception/CustomizeExceptionHandler.java b/src/main/java/io/spring/api/exception/CustomizeExceptionHandler.java index ade3ff4ff..3e7c5c908 100644 --- a/src/main/java/io/spring/api/exception/CustomizeExceptionHandler.java +++ b/src/main/java/io/spring/api/exception/CustomizeExceptionHandler.java @@ -2,15 +2,15 @@ import static org.springframework.http.HttpStatus.UNPROCESSABLE_ENTITY; +import jakarta.validation.ConstraintViolation; +import jakarta.validation.ConstraintViolationException; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.stream.Collectors; -import javax.validation.ConstraintViolation; -import javax.validation.ConstraintViolationException; import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpStatus; +import org.springframework.http.HttpStatusCode; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.MethodArgumentNotValidException; @@ -63,7 +63,7 @@ public ResponseEntity handleInvalidAuthentication( protected ResponseEntity handleMethodArgumentNotValid( MethodArgumentNotValidException e, HttpHeaders headers, - HttpStatus status, + HttpStatusCode status, WebRequest request) { List errorResources = e.getBindingResult().getFieldErrors().stream() diff --git a/src/main/java/io/spring/api/security/JwtTokenFilter.java b/src/main/java/io/spring/api/security/JwtTokenFilter.java index 1b5c50146..b03e9d143 100644 --- a/src/main/java/io/spring/api/security/JwtTokenFilter.java +++ b/src/main/java/io/spring/api/security/JwtTokenFilter.java @@ -2,13 +2,13 @@ import io.spring.core.service.JwtService; import io.spring.core.user.UserRepository; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Collections; import java.util.Optional; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; diff --git a/src/main/java/io/spring/api/security/WebSecurityConfig.java b/src/main/java/io/spring/api/security/WebSecurityConfig.java index 3786959ef..ac825e1e4 100644 --- a/src/main/java/io/spring/api/security/WebSecurityConfig.java +++ b/src/main/java/io/spring/api/security/WebSecurityConfig.java @@ -8,10 +8,11 @@ import org.springframework.http.HttpStatus; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.HttpStatusEntryPoint; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.web.cors.CorsConfiguration; @@ -20,7 +21,7 @@ @Configuration @EnableWebSecurity -public class WebSecurityConfig extends WebSecurityConfigurerAdapter { +public class WebSecurityConfig { @Bean public JwtTokenFilter jwtTokenFilter() { @@ -32,36 +33,38 @@ public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } - @Override - protected void configure(HttpSecurity http) throws Exception { - - http.csrf() - .disable() - .cors() - .and() - .exceptionHandling() - .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)) - .and() - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.STATELESS) - .and() - .authorizeRequests() - .antMatchers(HttpMethod.OPTIONS) - .permitAll() - .antMatchers("/graphiql") - .permitAll() - .antMatchers("/graphql") - .permitAll() - .antMatchers(HttpMethod.GET, "/articles/feed") - .authenticated() - .antMatchers(HttpMethod.POST, "/users", "/users/login") - .permitAll() - .antMatchers(HttpMethod.GET, "/articles/**", "/profiles/**", "/tags") - .permitAll() - .anyRequest() - .authenticated(); + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http.csrf(AbstractHttpConfigurer::disable) + .cors(cors -> cors.configurationSource(corsConfigurationSource())) + .exceptionHandling( + exceptionHandling -> + exceptionHandling.authenticationEntryPoint( + new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))) + .sessionManagement( + sessionManagement -> + sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests( + authorizeRequests -> + authorizeRequests + .requestMatchers(HttpMethod.OPTIONS) + .permitAll() + .requestMatchers("/graphiql") + .permitAll() + .requestMatchers("/graphql") + .permitAll() + .requestMatchers(HttpMethod.GET, "/articles/feed") + .authenticated() + .requestMatchers(HttpMethod.POST, "/users", "/users/login") + .permitAll() + .requestMatchers(HttpMethod.GET, "/articles/**", "/profiles/**", "/tags") + .permitAll() + .anyRequest() + .authenticated()); http.addFilterBefore(jwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); + + return http.build(); } @Bean diff --git a/src/main/java/io/spring/application/article/ArticleCommandService.java b/src/main/java/io/spring/application/article/ArticleCommandService.java index 861bc22b2..2d88441b7 100644 --- a/src/main/java/io/spring/application/article/ArticleCommandService.java +++ b/src/main/java/io/spring/application/article/ArticleCommandService.java @@ -3,7 +3,7 @@ import io.spring.core.article.Article; import io.spring.core.article.ArticleRepository; import io.spring.core.user.User; -import javax.validation.Valid; +import jakarta.validation.Valid; import lombok.AllArgsConstructor; import org.springframework.stereotype.Service; import org.springframework.validation.annotation.Validated; diff --git a/src/main/java/io/spring/application/article/DuplicatedArticleConstraint.java b/src/main/java/io/spring/application/article/DuplicatedArticleConstraint.java index 0eb1eda84..a18d47cac 100644 --- a/src/main/java/io/spring/application/article/DuplicatedArticleConstraint.java +++ b/src/main/java/io/spring/application/article/DuplicatedArticleConstraint.java @@ -1,12 +1,12 @@ package io.spring.application.article; +import jakarta.validation.Constraint; +import jakarta.validation.Payload; import java.lang.annotation.Documented; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; -import javax.validation.Constraint; -import javax.validation.Payload; @Documented @Constraint(validatedBy = DuplicatedArticleValidator.class) diff --git a/src/main/java/io/spring/application/article/DuplicatedArticleValidator.java b/src/main/java/io/spring/application/article/DuplicatedArticleValidator.java index 0e3828e1e..e04853f26 100644 --- a/src/main/java/io/spring/application/article/DuplicatedArticleValidator.java +++ b/src/main/java/io/spring/application/article/DuplicatedArticleValidator.java @@ -2,8 +2,8 @@ import io.spring.application.ArticleQueryService; import io.spring.core.article.Article; -import javax.validation.ConstraintValidator; -import javax.validation.ConstraintValidatorContext; +import jakarta.validation.ConstraintValidator; +import jakarta.validation.ConstraintValidatorContext; import org.springframework.beans.factory.annotation.Autowired; class DuplicatedArticleValidator diff --git a/src/main/java/io/spring/application/article/NewArticleParam.java b/src/main/java/io/spring/application/article/NewArticleParam.java index 344d76c33..35586645d 100644 --- a/src/main/java/io/spring/application/article/NewArticleParam.java +++ b/src/main/java/io/spring/application/article/NewArticleParam.java @@ -1,8 +1,8 @@ package io.spring.application.article; import com.fasterxml.jackson.annotation.JsonRootName; +import jakarta.validation.constraints.NotBlank; import java.util.List; -import javax.validation.constraints.NotBlank; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Getter; diff --git a/src/main/java/io/spring/application/user/DuplicatedEmailConstraint.java b/src/main/java/io/spring/application/user/DuplicatedEmailConstraint.java index e41eb009e..8e0f3d53f 100644 --- a/src/main/java/io/spring/application/user/DuplicatedEmailConstraint.java +++ b/src/main/java/io/spring/application/user/DuplicatedEmailConstraint.java @@ -1,9 +1,9 @@ package io.spring.application.user; +import jakarta.validation.Constraint; +import jakarta.validation.Payload; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import javax.validation.Constraint; -import javax.validation.Payload; @Constraint(validatedBy = DuplicatedEmailValidator.class) @Retention(RetentionPolicy.RUNTIME) diff --git a/src/main/java/io/spring/application/user/DuplicatedEmailValidator.java b/src/main/java/io/spring/application/user/DuplicatedEmailValidator.java index e30711465..f7543976e 100644 --- a/src/main/java/io/spring/application/user/DuplicatedEmailValidator.java +++ b/src/main/java/io/spring/application/user/DuplicatedEmailValidator.java @@ -1,8 +1,8 @@ package io.spring.application.user; import io.spring.core.user.UserRepository; -import javax.validation.ConstraintValidator; -import javax.validation.ConstraintValidatorContext; +import jakarta.validation.ConstraintValidator; +import jakarta.validation.ConstraintValidatorContext; import org.springframework.beans.factory.annotation.Autowired; public class DuplicatedEmailValidator diff --git a/src/main/java/io/spring/application/user/DuplicatedUsernameConstraint.java b/src/main/java/io/spring/application/user/DuplicatedUsernameConstraint.java index 4f365b789..0e5498804 100644 --- a/src/main/java/io/spring/application/user/DuplicatedUsernameConstraint.java +++ b/src/main/java/io/spring/application/user/DuplicatedUsernameConstraint.java @@ -1,9 +1,9 @@ package io.spring.application.user; +import jakarta.validation.Constraint; +import jakarta.validation.Payload; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import javax.validation.Constraint; -import javax.validation.Payload; @Constraint(validatedBy = DuplicatedUsernameValidator.class) @Retention(RetentionPolicy.RUNTIME) diff --git a/src/main/java/io/spring/application/user/DuplicatedUsernameValidator.java b/src/main/java/io/spring/application/user/DuplicatedUsernameValidator.java index ae1fd21aa..7f143a665 100644 --- a/src/main/java/io/spring/application/user/DuplicatedUsernameValidator.java +++ b/src/main/java/io/spring/application/user/DuplicatedUsernameValidator.java @@ -1,11 +1,11 @@ package io.spring.application.user; import io.spring.core.user.UserRepository; -import javax.validation.ConstraintValidator; -import javax.validation.ConstraintValidatorContext; +import jakarta.validation.ConstraintValidator; +import jakarta.validation.ConstraintValidatorContext; import org.springframework.beans.factory.annotation.Autowired; -class DuplicatedUsernameValidator +public class DuplicatedUsernameValidator implements ConstraintValidator { @Autowired private UserRepository userRepository; diff --git a/src/main/java/io/spring/application/user/RegisterParam.java b/src/main/java/io/spring/application/user/RegisterParam.java index 3ba1234d3..d629268c6 100644 --- a/src/main/java/io/spring/application/user/RegisterParam.java +++ b/src/main/java/io/spring/application/user/RegisterParam.java @@ -1,8 +1,8 @@ package io.spring.application.user; import com.fasterxml.jackson.annotation.JsonRootName; -import javax.validation.constraints.Email; -import javax.validation.constraints.NotBlank; +import jakarta.validation.constraints.Email; +import jakarta.validation.constraints.NotBlank; import lombok.AllArgsConstructor; import lombok.Getter; import lombok.NoArgsConstructor; diff --git a/src/main/java/io/spring/application/user/UpdateUserParam.java b/src/main/java/io/spring/application/user/UpdateUserParam.java index 54cd77471..f0263a0bf 100644 --- a/src/main/java/io/spring/application/user/UpdateUserParam.java +++ b/src/main/java/io/spring/application/user/UpdateUserParam.java @@ -1,7 +1,7 @@ package io.spring.application.user; import com.fasterxml.jackson.annotation.JsonRootName; -import javax.validation.constraints.Email; +import jakarta.validation.constraints.Email; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Getter; diff --git a/src/main/java/io/spring/application/user/UserService.java b/src/main/java/io/spring/application/user/UserService.java index 48c6735b8..7772b32aa 100644 --- a/src/main/java/io/spring/application/user/UserService.java +++ b/src/main/java/io/spring/application/user/UserService.java @@ -2,12 +2,12 @@ import io.spring.core.user.User; import io.spring.core.user.UserRepository; +import jakarta.validation.Constraint; +import jakarta.validation.ConstraintValidator; +import jakarta.validation.ConstraintValidatorContext; +import jakarta.validation.Valid; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import javax.validation.Constraint; -import javax.validation.ConstraintValidator; -import javax.validation.ConstraintValidatorContext; -import javax.validation.Valid; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.security.crypto.password.PasswordEncoder; diff --git a/src/main/java/io/spring/graphql/ArticleDatafetcher.java b/src/main/java/io/spring/graphql/ArticleDatafetcher.java index 37c82939a..d853e1f9b 100644 --- a/src/main/java/io/spring/graphql/ArticleDatafetcher.java +++ b/src/main/java/io/spring/graphql/ArticleDatafetcher.java @@ -6,8 +6,6 @@ import com.netflix.graphql.dgs.DgsQuery; import com.netflix.graphql.dgs.InputArgument; import graphql.execution.DataFetcherResult; -import graphql.relay.DefaultConnectionCursor; -import graphql.relay.DefaultPageInfo; import graphql.schema.DataFetchingEnvironment; import io.spring.api.exception.ResourceNotFoundException; import io.spring.application.ArticleQueryService; @@ -26,6 +24,7 @@ import io.spring.graphql.types.Article; import io.spring.graphql.types.ArticleEdge; import io.spring.graphql.types.ArticlesConnection; +import io.spring.graphql.types.PageInfo; import io.spring.graphql.types.Profile; import java.util.HashMap; import java.util.stream.Collectors; @@ -64,7 +63,7 @@ public DataFetcherResult getFeed( current, new CursorPageParameter<>(DateTimeCursor.parse(before), last, Direction.PREV)); } - graphql.relay.PageInfo pageInfo = buildArticlePageInfo(articles); + PageInfo pageInfo = buildArticlePageInfo(articles); ArticlesConnection articlesConnection = ArticlesConnection.newBuilder() .pageInfo(pageInfo) @@ -114,7 +113,7 @@ public DataFetcherResult userFeed( target, new CursorPageParameter<>(DateTimeCursor.parse(before), last, Direction.PREV)); } - graphql.relay.PageInfo pageInfo = buildArticlePageInfo(articles); + PageInfo pageInfo = buildArticlePageInfo(articles); ArticlesConnection articlesConnection = ArticlesConnection.newBuilder() .pageInfo(pageInfo) @@ -167,7 +166,7 @@ public DataFetcherResult userFavorites( new CursorPageParameter<>(DateTimeCursor.parse(before), last, Direction.PREV), current); } - graphql.relay.PageInfo pageInfo = buildArticlePageInfo(articles); + PageInfo pageInfo = buildArticlePageInfo(articles); ArticlesConnection articlesConnection = ArticlesConnection.newBuilder() @@ -221,7 +220,7 @@ public DataFetcherResult userArticles( new CursorPageParameter<>(DateTimeCursor.parse(before), last, Direction.PREV), current); } - graphql.relay.PageInfo pageInfo = buildArticlePageInfo(articles); + PageInfo pageInfo = buildArticlePageInfo(articles); ArticlesConnection articlesConnection = ArticlesConnection.newBuilder() .pageInfo(pageInfo) @@ -276,7 +275,7 @@ public DataFetcherResult getArticles( new CursorPageParameter<>(DateTimeCursor.parse(before), last, Direction.PREV), current); } - graphql.relay.PageInfo pageInfo = buildArticlePageInfo(articles); + PageInfo pageInfo = buildArticlePageInfo(articles); ArticlesConnection articlesConnection = ArticlesConnection.newBuilder() .pageInfo(pageInfo) @@ -356,16 +355,14 @@ public DataFetcherResult
findArticleBySlug(@InputArgument("slug") Strin .build(); } - private DefaultPageInfo buildArticlePageInfo(CursorPager articles) { - return new DefaultPageInfo( - articles.getStartCursor() == null - ? null - : new DefaultConnectionCursor(articles.getStartCursor().toString()), - articles.getEndCursor() == null - ? null - : new DefaultConnectionCursor(articles.getEndCursor().toString()), - articles.hasPrevious(), - articles.hasNext()); + private PageInfo buildArticlePageInfo(CursorPager articles) { + return PageInfo.newBuilder() + .startCursor( + articles.getStartCursor() == null ? null : articles.getStartCursor().toString()) + .endCursor(articles.getEndCursor() == null ? null : articles.getEndCursor().toString()) + .hasPreviousPage(articles.hasPrevious()) + .hasNextPage(articles.hasNext()) + .build(); } private Article buildArticleResult(ArticleData articleData) { diff --git a/src/main/java/io/spring/graphql/CommentDatafetcher.java b/src/main/java/io/spring/graphql/CommentDatafetcher.java index 334a04c36..66cb3f998 100644 --- a/src/main/java/io/spring/graphql/CommentDatafetcher.java +++ b/src/main/java/io/spring/graphql/CommentDatafetcher.java @@ -5,8 +5,6 @@ import com.netflix.graphql.dgs.DgsDataFetchingEnvironment; import com.netflix.graphql.dgs.InputArgument; import graphql.execution.DataFetcherResult; -import graphql.relay.DefaultConnectionCursor; -import graphql.relay.DefaultPageInfo; import io.spring.application.CommentQueryService; import io.spring.application.CursorPageParameter; import io.spring.application.CursorPager; @@ -21,6 +19,7 @@ import io.spring.graphql.types.Comment; import io.spring.graphql.types.CommentEdge; import io.spring.graphql.types.CommentsConnection; +import io.spring.graphql.types.PageInfo; import java.util.HashMap; import java.util.Map; import java.util.stream.Collectors; @@ -78,7 +77,7 @@ public DataFetcherResult articleComments( current, new CursorPageParameter<>(DateTimeCursor.parse(before), last, Direction.PREV)); } - graphql.relay.PageInfo pageInfo = buildCommentPageInfo(comments); + PageInfo pageInfo = buildCommentPageInfo(comments); CommentsConnection result = CommentsConnection.newBuilder() .pageInfo(pageInfo) @@ -99,16 +98,14 @@ public DataFetcherResult articleComments( .build(); } - private DefaultPageInfo buildCommentPageInfo(CursorPager comments) { - return new DefaultPageInfo( - comments.getStartCursor() == null - ? null - : new DefaultConnectionCursor(comments.getStartCursor().toString()), - comments.getEndCursor() == null - ? null - : new DefaultConnectionCursor(comments.getEndCursor().toString()), - comments.hasPrevious(), - comments.hasNext()); + private PageInfo buildCommentPageInfo(CursorPager comments) { + return PageInfo.newBuilder() + .startCursor( + comments.getStartCursor() == null ? null : comments.getStartCursor().toString()) + .endCursor(comments.getEndCursor() == null ? null : comments.getEndCursor().toString()) + .hasPreviousPage(comments.hasPrevious()) + .hasNextPage(comments.hasNext()) + .build(); } private Comment buildCommentResult(CommentData comment) { diff --git a/src/main/java/io/spring/graphql/UserMutation.java b/src/main/java/io/spring/graphql/UserMutation.java index 581a5b7b5..216c50f9f 100644 --- a/src/main/java/io/spring/graphql/UserMutation.java +++ b/src/main/java/io/spring/graphql/UserMutation.java @@ -17,8 +17,8 @@ import io.spring.graphql.types.UpdateUserInput; import io.spring.graphql.types.UserPayload; import io.spring.graphql.types.UserResult; +import jakarta.validation.ConstraintViolationException; import java.util.Optional; -import javax.validation.ConstraintViolationException; import lombok.AllArgsConstructor; import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.core.Authentication; diff --git a/src/main/java/io/spring/graphql/exception/GraphQLCustomizeExceptionHandler.java b/src/main/java/io/spring/graphql/exception/GraphQLCustomizeExceptionHandler.java index bf4768b3b..a252a7261 100644 --- a/src/main/java/io/spring/graphql/exception/GraphQLCustomizeExceptionHandler.java +++ b/src/main/java/io/spring/graphql/exception/GraphQLCustomizeExceptionHandler.java @@ -11,14 +11,15 @@ import io.spring.api.exception.InvalidAuthenticationException; import io.spring.graphql.types.Error; import io.spring.graphql.types.ErrorItem; +import jakarta.validation.ConstraintViolation; +import jakarta.validation.ConstraintViolationException; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.concurrent.CompletableFuture; import java.util.stream.Collectors; -import javax.validation.ConstraintViolation; -import javax.validation.ConstraintViolationException; import org.springframework.stereotype.Component; @Component @@ -28,7 +29,7 @@ public class GraphQLCustomizeExceptionHandler implements DataFetcherExceptionHan new DefaultDataFetcherExceptionHandler(); @Override - public DataFetcherExceptionHandlerResult onException( + public CompletableFuture handleException( DataFetcherExceptionHandlerParameters handlerParameters) { if (handlerParameters.getException() instanceof InvalidAuthenticationException) { GraphQLError graphqlError = @@ -37,7 +38,8 @@ public DataFetcherExceptionHandlerResult onException( .message(handlerParameters.getException().getMessage()) .path(handlerParameters.getPath()) .build(); - return DataFetcherExceptionHandlerResult.newResult().error(graphqlError).build(); + return CompletableFuture.completedFuture( + DataFetcherExceptionHandlerResult.newResult().error(graphqlError).build()); } else if (handlerParameters.getException() instanceof ConstraintViolationException) { List errors = new ArrayList<>(); for (ConstraintViolation violation : @@ -61,9 +63,10 @@ public DataFetcherExceptionHandlerResult onException( .path(handlerParameters.getPath()) .extensions(errorsToMap(errors)) .build(); - return DataFetcherExceptionHandlerResult.newResult().error(graphqlError).build(); + return CompletableFuture.completedFuture( + DataFetcherExceptionHandlerResult.newResult().error(graphqlError).build()); } else { - return defaultHandler.onException(handlerParameters); + return defaultHandler.handleException(handlerParameters); } } diff --git a/src/main/java/io/spring/infrastructure/service/DefaultJwtService.java b/src/main/java/io/spring/infrastructure/service/DefaultJwtService.java index 515d66106..95316ed04 100644 --- a/src/main/java/io/spring/infrastructure/service/DefaultJwtService.java +++ b/src/main/java/io/spring/infrastructure/service/DefaultJwtService.java @@ -3,13 +3,12 @@ import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jws; import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.security.Keys; import io.spring.core.service.JwtService; import io.spring.core.user.User; import java.util.Date; import java.util.Optional; import javax.crypto.SecretKey; -import javax.crypto.spec.SecretKeySpec; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; @@ -17,22 +16,20 @@ @Component public class DefaultJwtService implements JwtService { private final SecretKey signingKey; - private final SignatureAlgorithm signatureAlgorithm; private int sessionTime; @Autowired public DefaultJwtService( @Value("${jwt.secret}") String secret, @Value("${jwt.sessionTime}") int sessionTime) { this.sessionTime = sessionTime; - signatureAlgorithm = SignatureAlgorithm.HS512; - this.signingKey = new SecretKeySpec(secret.getBytes(), signatureAlgorithm.getJcaName()); + this.signingKey = Keys.hmacShaKeyFor(secret.getBytes()); } @Override public String toToken(User user) { return Jwts.builder() - .setSubject(user.getId()) - .setExpiration(expireTimeFromNow()) + .subject(user.getId()) + .expiration(expireTimeFromNow()) .signWith(signingKey) .compact(); } @@ -40,9 +37,8 @@ public String toToken(User user) { @Override public Optional getSubFromToken(String token) { try { - Jws claimsJws = - Jwts.parserBuilder().setSigningKey(signingKey).build().parseClaimsJws(token); - return Optional.ofNullable(claimsJws.getBody().getSubject()); + Jws claimsJws = Jwts.parser().verifyWith(signingKey).build().parseSignedClaims(token); + return Optional.ofNullable(claimsJws.getPayload().getSubject()); } catch (Exception e) { return Optional.empty(); } diff --git a/src/test/java/io/spring/api/UsersApiTest.java b/src/test/java/io/spring/api/UsersApiTest.java index 9074f2edc..d43921beb 100644 --- a/src/test/java/io/spring/api/UsersApiTest.java +++ b/src/test/java/io/spring/api/UsersApiTest.java @@ -35,7 +35,9 @@ WebSecurityConfig.class, UserQueryService.class, BCryptPasswordEncoder.class, - JacksonCustomizations.class + JacksonCustomizations.class, + io.spring.application.user.DuplicatedUsernameValidator.class, + io.spring.application.user.DuplicatedEmailValidator.class }) public class UsersApiTest { @Autowired private MockMvc mvc; diff --git a/src/test/java/io/spring/infrastructure/service/DefaultJwtServiceTest.java b/src/test/java/io/spring/infrastructure/service/DefaultJwtServiceTest.java index 12929118a..b2261705e 100644 --- a/src/test/java/io/spring/infrastructure/service/DefaultJwtServiceTest.java +++ b/src/test/java/io/spring/infrastructure/service/DefaultJwtServiceTest.java @@ -13,7 +13,8 @@ public class DefaultJwtServiceTest { @BeforeEach public void setUp() { - jwtService = new DefaultJwtService("123123123123123123123123123123123123123123123123123123123123", 3600); + jwtService = + new DefaultJwtService("123123123123123123123123123123123123123123123123123123123123", 3600); } @Test diff --git a/src/test/resources/application.properties b/src/test/resources/application.properties new file mode 100644 index 000000000..21a69bc45 --- /dev/null +++ b/src/test/resources/application.properties @@ -0,0 +1,18 @@ +spring.main.allow-bean-definition-overriding=true +spring.datasource.url=jdbc:sqlite:test.db +spring.datasource.driver-class-name=org.sqlite.JDBC +spring.datasource.username= +spring.datasource.password= +spring.jackson.deserialization.UNWRAP_ROOT_VALUE=true + +image.default=https://static.productionready.io/images/smiley-cyrus.jpg + +jwt.secret=${JWT_SECRET:test-secret-key-for-testing-purposes-only-minimum-256-bits-required} +jwt.sessionTime=86400 + +mybatis.configuration.cache-enabled=true +mybatis.configuration.default-statement-timeout=3000 +mybatis.configuration.map-underscore-to-camel-case=true +mybatis.configuration.use-generated-keys=true +mybatis.type-handlers-package=io.spring.infrastructure.mybatis +mybatis.mapper-locations=mapper/*.xml From 46e944320fb87b66c3036583966debe4e70273a0 Mon Sep 17 00:00:00 2001 From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 23:24:47 +0000 Subject: [PATCH 2/2] Fix CI and MyBatis configuration for Spring Boot 3.5.10 - Update CI workflow to use Java 17 (required by Spring Boot 3) - Downgrade MyBatis Spring Boot Starter from 4.0.1 to 3.0.4 to fix NullPointerException in MybatisProperties.CoreConfiguration.applyTo - Remove mybatis.configuration.default-statement-timeout property - Add classpath: prefix to mybatis.mapper-locations - Add spring.main.allow-bean-definition-overriding=true for bean override Co-Authored-By: Sam Fertig --- .github/workflows/gradle.yml | 4 ++-- build.gradle | 4 ++-- src/main/resources/application.properties | 4 ++-- src/test/resources/application.properties | 3 +-- 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index 38bce4bbb..1dbc33528 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -17,11 +17,11 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Set up JDK 11 + - name: Set up JDK 17 uses: actions/setup-java@v4 with: distribution: zulu - java-version: '11' + java-version: '17' - uses: actions/cache@v4 with: path: | diff --git a/build.gradle b/build.gradle index 9a8a40ce4..d7acf2e08 100644 --- a/build.gradle +++ b/build.gradle @@ -38,7 +38,7 @@ dependencies { implementation 'org.springframework.boot:spring-boot-starter-validation' implementation 'org.springframework.boot:spring-boot-starter-hateoas' implementation 'org.springframework.boot:spring-boot-starter-security' - implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:4.0.1' + implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:3.0.4' implementation 'com.netflix.graphql.dgs:graphql-dgs-spring-boot-starter:9.2.2' implementation 'org.flywaydb:flyway-core' implementation 'io.jsonwebtoken:jjwt-api:0.12.6' @@ -56,7 +56,7 @@ dependencies { testImplementation 'io.rest-assured:spring-mock-mvc:5.5.0' testImplementation 'org.springframework.security:spring-security-test' testImplementation 'org.springframework.boot:spring-boot-starter-test' - testImplementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter-test:4.0.1' + testImplementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter-test:3.0.4' } tasks.named('test') { diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 7c1947fc2..236acc698 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,3 +1,4 @@ +spring.main.allow-bean-definition-overriding=true spring.datasource.url=jdbc:sqlite:dev.db spring.datasource.driver-class-name=org.sqlite.JDBC spring.datasource.username= @@ -10,11 +11,10 @@ jwt.secret=nRvyYC4soFxBdZ-F-5Nnzz5USXstR1YylsTd-mA0aKtI9HUlriGrtkf-TiuDapkLiUCog jwt.sessionTime=86400 mybatis.configuration.cache-enabled=true -mybatis.configuration.default-statement-timeout=3000 mybatis.configuration.map-underscore-to-camel-case=true mybatis.configuration.use-generated-keys=true mybatis.type-handlers-package=io.spring.infrastructure.mybatis -mybatis.mapper-locations=mapper/*.xml +mybatis.mapper-locations=classpath:mapper/*.xml logging.level.io.spring.infrastructure.mybatis.readservice.ArticleReadService=DEBUG logging.level.io.spring.infrastructure.mybatis.mapper=DEBUG diff --git a/src/test/resources/application.properties b/src/test/resources/application.properties index 21a69bc45..dec77c6ce 100644 --- a/src/test/resources/application.properties +++ b/src/test/resources/application.properties @@ -11,8 +11,7 @@ jwt.secret=${JWT_SECRET:test-secret-key-for-testing-purposes-only-minimum-256-bi jwt.sessionTime=86400 mybatis.configuration.cache-enabled=true -mybatis.configuration.default-statement-timeout=3000 mybatis.configuration.map-underscore-to-camel-case=true mybatis.configuration.use-generated-keys=true mybatis.type-handlers-package=io.spring.infrastructure.mybatis -mybatis.mapper-locations=mapper/*.xml +mybatis.mapper-locations=classpath:mapper/*.xml