Merge pull request #39 from mirkoperillo/upgrade-spring-3

Upgrade to Spring Boot 3.4.1

Author: bfwg

pom.xml

@@ -15,7 +15,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.7.7</version>
+		<version>3.4.1</version>
 		<relativePath /> <!-- lookup parent from repository -->
 	</parent>
 
@@ -30,12 +30,12 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
 			<exclusions>
-			        <exclusion>
+				<exclusion>
 					<!-- bloated dependency -->
-					 <artifactId>tomcat-embed-el</artifactId>
-					 <groupId>org.apache.tomcat.embed</groupId>
-			         </exclusion>
-		        </exclusions>
+					<artifactId>tomcat-embed-el</artifactId>
+					<groupId>org.apache.tomcat.embed</groupId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
@@ -47,25 +47,27 @@
 			<exclusions>
 				<exclusion>
 					<!-- bloated dependency -->
-					 <artifactId>txw2</artifactId>
-					 <groupId>org.glassfish.jaxb</groupId>
+					<artifactId>txw2</artifactId>
+					<groupId>org.glassfish.jaxb</groupId>
 				</exclusion>
-		        </exclusions>
+			</exclusions>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.mobile</groupId>
-			<artifactId>spring-mobile-device</artifactId>
-			<version>1.1.5.RELEASE</version>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-api</artifactId>
+			<version>0.12.6</version>
 		</dependency>
-
 		<dependency>
 			<groupId>io.jsonwebtoken</groupId>
-			<artifactId>jjwt</artifactId>
-			<version>0.6.0</version>
+			<artifactId>jjwt-impl</artifactId>
+			<version>0.12.6</version>
+			<scope>runtime</scope>
 		</dependency>
 		<dependency>
-			<groupId>javax.xml.bind</groupId>
-			<artifactId>jaxb-api</artifactId>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-jackson</artifactId>
+			<version>0.12.6</version>
+			<scope>runtime</scope>
 		</dependency>
 
 		<dependency>
@@ -141,5 +143,4 @@
 		</plugins>
 	</build>
 
-
 </project>

src/main/java/com/bfwg/Application.java

@@ -9,6 +9,4 @@ public class Application {
 	public static void main(String[] args) {
 		SpringApplication.run(Application.class, args);
 	}
-}
-
-
+}

src/main/java/com/bfwg/common/DeviceProvider.java

@@ -11,9 +11,9 @@
 @Component
 public class TimeProvider implements Serializable {
 
-    private static final long serialVersionUID = -3301695478208950415L;
+	private static final long serialVersionUID = -3301695478208950415L;
 
-    public Date now() {
-        return new Date();
-    }
+	public Date now() {
+		return new Date();
+	}
 }

src/main/java/com/bfwg/common/TimeProvider.java

@@ -1,13 +1,15 @@
 package com.bfwg.config;
 
+import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.antMatcher;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
@@ -27,7 +29,7 @@
 
 @Configuration
 @EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true)
+@EnableMethodSecurity(prePostEnabled = true)
 public class WebSecurityConfig {
 
 	@Autowired
@@ -41,8 +43,7 @@ public class WebSecurityConfig {
 
 	@Autowired
 	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-		auth.userDetailsService(jwtUserDetailsService)
-				.passwordEncoder(passwordEncoder);
+		auth.userDetailsService(jwtUserDetailsService).passwordEncoder(passwordEncoder);
 	}
 
 	@Autowired
@@ -56,46 +57,32 @@ public AuthenticationManager authenticationManager(AuthenticationConfiguration a
 
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-		http
-				.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
-				.exceptionHandling().authenticationEntryPoint(restAuthenticationEntryPoint).and()
-				.authorizeRequests()
-				.antMatchers(
-						HttpMethod.GET,
-						"/",
-						"/auth/**",
-						"/webjars/**",
-						"/*.html",
-						"/favicon.ico",
-						"/**/*.html",
-						"/**/*.css",
-						"/**/*.js")
-				.permitAll()
-				.antMatchers("/auth/**").permitAll()
-				.anyRequest().authenticated().and()
-				.addFilterBefore(new TokenAuthenticationFilter(tokenHelper, jwtUserDetailsService),
-						BasicAuthenticationFilter.class);
 
-		http.csrf().disable();
+		http.addFilterBefore(new TokenAuthenticationFilter(tokenHelper, jwtUserDetailsService),
+				BasicAuthenticationFilter.class)
+				.authorizeHttpRequests(authorize -> authorize
+						.requestMatchers(antMatcher(HttpMethod.GET, "/"), antMatcher(HttpMethod.GET, "/auth/**"),
+								antMatcher(HttpMethod.GET, "/webjars/**"), antMatcher(HttpMethod.GET, "/*.html"),
+								antMatcher(HttpMethod.GET, "/favicon.ico"), antMatcher(HttpMethod.GET, "/**/*.html"),
+								antMatcher(HttpMethod.GET, "/**/*.css"), antMatcher(HttpMethod.GET, "/**/*.js"))
+						.permitAll().requestMatchers("/auth/**").permitAll().anyRequest().authenticated())
+				.sessionManagement(sec -> sec.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+				.exceptionHandling(
+						exceptionHandler -> exceptionHandler.authenticationEntryPoint(restAuthenticationEntryPoint))
+				.csrf(csrf -> csrf.disable());
+
 		return http.build();
 	}
 
 	@Bean
 	public WebSecurityCustomizer webSecurityCustomizer() {
 		// TokenAuthenticationFilter will ignore the below paths
 		return (web) -> {
-			web.ignoring().antMatchers(
-					HttpMethod.POST,
-					"/auth/login");
-			web.ignoring().antMatchers(
-					HttpMethod.GET,
-					"/",
-					"/webjars/**",
-					"/*.html",
-					"/favicon.ico",
-					"/**/*.html",
-					"/**/*.css",
-					"/**/*.js");
+			web.ignoring().requestMatchers(HttpMethod.POST, "/auth/login").requestMatchers(
+					antMatcher(HttpMethod.GET, "/"), antMatcher(HttpMethod.GET, "/webjars/**"),
+					antMatcher(HttpMethod.GET, "/*.html"), antMatcher(HttpMethod.GET, "/favicon.ico"),
+					antMatcher(HttpMethod.GET, "/**/*.html"), antMatcher(HttpMethod.GET, "/**path/*.css"),
+					antMatcher(HttpMethod.GET, "/**path/*.js"));
 		};
 	}
 }

src/main/java/com/bfwg/config/WebConfig.java

@@ -1,48 +1,56 @@
 package com.bfwg.model;
 
-import com.fasterxml.jackson.annotation.JsonIgnore;
 import org.springframework.security.core.GrantedAuthority;
 
-import javax.persistence.*;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
 
 /**
  * Created by fan.jin on 2016-11-03.
  */
 
 @Entity
-@Table(name="AUTHORITY")
+@Table(name = "AUTHORITY")
 public class Authority implements GrantedAuthority {
 
-    @Id
-    @Column(name="id")
-    @GeneratedValue(strategy = GenerationType.IDENTITY)
-    Long id;
-
-    @Enumerated( EnumType.STRING)
-    @Column(name="name")
-    UserRoleName name;
-
-    @Override
-    public String getAuthority() {
-        return name.name();
-    }
-
-    public void setName(UserRoleName name) {
-        this.name = name;
-    }
-
-    @JsonIgnore
-    public UserRoleName getName() {
-        return name;
-    }
-
-    @JsonIgnore
-    public Long getId() {
-        return id;
-    }
-
-    public void setId(Long id) {
-        this.id = id;
-    }
+	@Id
+	@Column(name = "id")
+	@GeneratedValue(strategy = GenerationType.IDENTITY)
+	Long id;
+
+	@Enumerated(EnumType.STRING)
+	@Column(name = "name")
+	UserRoleName name;
+
+	@Override
+	public String getAuthority() {
+		return name.name();
+	}
+
+	public void setName(UserRoleName name) {
+		this.name = name;
+	}
+
+	@JsonIgnore
+	public UserRoleName getName() {
+		return name;
+	}
+
+	@JsonIgnore
+	public Long getId() {
+		return id;
+	}
+
+	public void setId(Long id) {
+		this.id = id;
+	}
 
 }

src/main/java/com/bfwg/config/WebSecurityConfig.java

@@ -4,23 +4,23 @@
 import java.util.Collection;
 import java.util.List;
 
-import javax.persistence.CascadeType;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.FetchType;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.JoinColumn;
-import javax.persistence.JoinTable;
-import javax.persistence.ManyToMany;
-import javax.persistence.Table;
-
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
 
+import jakarta.persistence.CascadeType;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.JoinTable;
+import jakarta.persistence.ManyToMany;
+import jakarta.persistence.Table;
+
 /**
  * Created by fan.jin on 2016-10-15.
  */

src/main/java/com/bfwg/model/Authority.java

@@ -1,6 +1,5 @@
 package com.bfwg.model;
 
 public enum UserRoleName {
-    ROLE_USER,
-    ROLE_ADMIN
+	ROLE_USER, ROLE_ADMIN
 }