diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a7152a277..058a44c63 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -37,7 +37,7 @@ variables: &variables
# Build variables #
###########################
- BUILD_JAVA_VERSION: "system@1.11"
+ BUILD_JAVA_VERSION: "system@1.17"
JAVA_TOOL_OPTIONS: "-XX:+UnlockExperimentalVMOptions -XX:MaxRAM=3G -XX:MaxRAMFraction=3"
MAVEN_OPTS: "-Dmaven.repo.local=.m2/repository"
@@ -95,7 +95,7 @@ variables: &variables
#-------------------------------------------------------------------
Lint (Docker compose):
- image: maven:3.6-jdk-11-slim
+ image: maven:3.6.3-openjdk-17-slim
stage: "Lint"
except:
- schedules
@@ -157,7 +157,7 @@ Lint (Dockerfiles):
Lint (PMD check):
- image: maven:3.6-jdk-11-slim
+ image: maven:3.6.3-openjdk-17-slim
stage: "Lint"
except:
- schedules
@@ -182,6 +182,8 @@ Lint (PMD check):
Build Java (Ledgers):
stage: "Compile"
+ tags:
+ - aws
except:
- schedules
<<: *build_java
@@ -232,6 +234,8 @@ Test (Javadoc Check):
Test (Unit Tests):
stage: "Test"
+ tags:
+ - aws
except:
- schedules
script:
diff --git a/Dockerfile b/Dockerfile
index 25cff2dc6..6a66ed30b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM adorsys/java:11
+FROM adorsys/java:17
LABEL maintainer=https://git.adorsys.de/adorsys/xs2a/ledgers
ENV SERVER_PORT 8088
diff --git a/doc/Configuration properties.adoc b/doc/Configuration properties.adoc
index c050f6c99..29d95c60d 100644
--- a/doc/Configuration properties.adoc
+++ b/doc/Configuration properties.adoc
@@ -5,7 +5,7 @@
|===
|Property |Description |Default value
-|keycloak.auth-server-url | Link to IDP | http://localhost:8080
+|keycloak.auth-server-url | Link to IDP (Keycloak) | http://localhost:8080
|keycloak.realm | Realm in IDP | ledgers
|keycloak.resource | Client name | ledgers-client
|keycloak.public-client | Flag describes if client public | FALSE
@@ -19,6 +19,7 @@
|db.user | Ledgers datasource connection username | cms
|db.password | Ledgers datasource connection user password | cms
+|spring.security.oauth2.resourceserver.jwt.issuer-uri | IDP URL to a configured realm | http://localhost:8080/realms/ledgers
|spring.mail.host | Mail server host |
|spring.mail.port | Mail server port |
|spring.mail.username | Mail server login |
diff --git a/doc/deployment.md b/doc/deployment.md
index 2852fadf6..e3071f618 100644
--- a/doc/deployment.md
+++ b/doc/deployment.md
@@ -16,17 +16,3 @@ This will start the ledgers app with the embedded h2 database.
### Visiting the API
[http://localhost:8088/swagger-ui.html](http://localhost:8088/swagger-ui.html#/)
-
-### Testing API with Postman json collections
-
- For testing API of xs2a it is used Postman https://www.getpostman.com/
- Environment jsons with global parameter’s sets and Collections of jsons for imitation of processes flows are stored in /scripts/tests/postman folder.
- To import Postman collections and environments follow next steps:
- 1. Download Postman jsons with collections and environments to your local machine.
- 2. Open Postman, press button “Import”.
- 3. Choose “Import file” to import one json or “Import folder” to import all jsons within the folder, then press button “Choose Files” or “Choose Folders” and open necessary files/folders.
- 4. To change settings of environments - go to “Manage Environments”, press the environment name and change variables.
-
- To start testing with Postman collections it is necessary to have all services running.
-
-
diff --git a/doc/release-notes/v5.0.md b/doc/release-notes/v5.0.md
index d0cddc590..719b26c0a 100644
--- a/doc/release-notes/v5.0.md
+++ b/doc/release-notes/v5.0.md
@@ -4,7 +4,9 @@ v.5.0
#### Features:
-* Ledgers was moved onto new Keycloak version 20.0.5.
-* Version of Spring-Security was bumped to 5.7.8.
+* Project moved to Java 17.
+* New Keycloak version - 22.0.3.
+* Version of Spring Security was bumped to 6.0.5.
+* Version of Spring Boot was bumped to 3.0.7.
* Version of org.json was bumped to 20230227.
* Version of guava was bumped to 32.0.0-jre.
diff --git a/doc/release-notes/v5.1.md b/doc/release-notes/v5.1.md
deleted file mode 100644
index e44e60958..000000000
--- a/doc/release-notes/v5.1.md
+++ /dev/null
@@ -1,5 +0,0 @@
-# Release notes
-
-v.5.1
-
-#### Features:
diff --git a/docker-compose.yml b/docker-compose.yml
index 058d6239b..53907f58c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,6 +5,7 @@ networks:
volumes:
ledgers-data:
+ keycloak-data:
services:
ledgers-keycloak:
@@ -14,11 +15,14 @@ services:
build:
context: keycloak
dockerfile: Dockerfile
+ volumes:
+ - keycloak-data:/opt/keycloak/data
networks:
- ledgers-net
ports:
- "8080:8080"
environment:
+ - KC_HOSTNAME=ledgers-keycloak:8080
- KEYCLOAK_ADMIN=admin
- KEYCLOAK_ADMIN_PASSWORD=admin
- KC_PROXY=edge
@@ -47,7 +51,7 @@ services:
- DB_USER=ledgers
- DB_PASSWORD=ledgers
- LIQUIBASE_ENABLED=true
- - LEDGERS_SCA_MULTILEVEL_ENABLED=false
+ - LEDGERS_SCA_MULTILEVEL_ENABLED=true
- LEDGERS_SCA_AUTHORISATION_CONFIRMATION_ENABLED=false
- SPRING_MAIL_HOST=smtp.gmail.com
- SPRING_MAIL_PORT=465
diff --git a/keycloak/Dockerfile b/keycloak/Dockerfile
index ddcce718d..114107b59 100644
--- a/keycloak/Dockerfile
+++ b/keycloak/Dockerfile
@@ -1,4 +1,4 @@
-FROM quay.io/keycloak/keycloak:20.0.5
+FROM keycloak/keycloak:22.0.3
LABEL maintainer=https://git.adorsys.de/adorsys/xs2a/ledgers
COPY ./keycloak-token-exchange/target/keycloak-token-exchange.jar /opt/keycloak/providers/keycloak-token-exchange.jar
diff --git a/keycloak/keycloak-client/pom.xml b/keycloak/keycloak-client/pom.xml
index d4a2b31ea..1c567c646 100644
--- a/keycloak/keycloak-client/pom.xml
+++ b/keycloak/keycloak-client/pom.xml
@@ -10,7 +10,7 @@
keycloak
de.adorsys.ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
4.0.0
@@ -76,6 +76,16 @@
test
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+
+ org.springframework.boot
+ spring-boot-starter-oauth2-client
+
+
org.springframework.cloud
spring-cloud-starter-openfeign
diff --git a/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/config/KeycloakClientConfig.java b/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/config/KeycloakClientConfig.java
index a674aa221..55131c0f1 100644
--- a/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/config/KeycloakClientConfig.java
+++ b/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/config/KeycloakClientConfig.java
@@ -5,12 +5,12 @@
package de.adorsys.ledgers.keycloak.client.config;
+import jakarta.annotation.PostConstruct;
import lombok.Data;
import lombok.Getter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
-import javax.annotation.PostConstruct;
import java.util.HashMap;
import java.util.Map;
diff --git a/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakDataServiceImpl.java b/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakDataServiceImpl.java
index deff73883..2083f089f 100644
--- a/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakDataServiceImpl.java
+++ b/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakDataServiceImpl.java
@@ -13,6 +13,8 @@
import de.adorsys.ledgers.keycloak.client.model.KeycloakUser;
import de.adorsys.ledgers.keycloak.client.model.RequiredAction;
import de.adorsys.ledgers.keycloak.client.rest.KeycloakTokenRestClient;
+import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.core.Response;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.CollectionUtils;
@@ -24,8 +26,6 @@
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Service;
-import javax.ws.rs.NotFoundException;
-import javax.ws.rs.core.Response;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
diff --git a/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakTokenServiceImpl.java b/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakTokenServiceImpl.java
index 79205f5fd..1cc3d3c11 100644
--- a/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakTokenServiceImpl.java
+++ b/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakTokenServiceImpl.java
@@ -48,7 +48,7 @@ public BearerTokenTO login(String username, String password) {
formParams.add("client_id", clientId);
formParams.add("client_secret", clientSecret);
ResponseEntity> resp = keycloakTokenRestClient.login(formParams);
- HttpStatus statusCode = resp.getStatusCode();
+ HttpStatus statusCode = (HttpStatus) resp.getStatusCode();
if (HttpStatus.OK != statusCode) {
log.error("Could not obtain token by user credentials [{}]", username); //todo: throw specific exception
}
@@ -74,7 +74,7 @@ public BearerTokenTO validate(String token) {
formParams.add("client_id", clientId);
formParams.add("client_secret", clientSecret);
ResponseEntity resp = keycloakTokenRestClient.validate(formParams);
- HttpStatus statusCode = resp.getStatusCode();
+ HttpStatus statusCode = (HttpStatus) resp.getStatusCode();
if (HttpStatus.OK != statusCode) {
log.error("Could not validate token"); //todo: throw specific exception
}
@@ -95,7 +95,7 @@ public BearerTokenTO refreshToken(String refreshToken) {
formParams.add("client_secret", clientSecret);
formParams.add("refresh_token", refreshToken);
ResponseEntity> resp = keycloakTokenRestClient.login(formParams);
- HttpStatus statusCode = resp.getStatusCode();
+ HttpStatus statusCode = (HttpStatus) resp.getStatusCode();
if (HttpStatus.OK != statusCode) {
log.error("Could not obtain token by refresh token [{}]", refreshToken);
throw new AccessDeniedException("Invalid Refresh token");
diff --git a/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/mapper/KeycloakAuthMapper.java b/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/mapper/KeycloakAuthMapper.java
index 5a870e217..6a16dca9b 100644
--- a/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/mapper/KeycloakAuthMapper.java
+++ b/keycloak/keycloak-client/src/main/java/de/adorsys/ledgers/keycloak/client/mapper/KeycloakAuthMapper.java
@@ -7,14 +7,14 @@
import de.adorsys.ledgers.middleware.api.domain.um.AccessTokenTO;
import de.adorsys.ledgers.middleware.api.domain.um.BearerTokenTO;
+import de.adorsys.ledgers.middleware.api.domain.um.TokenUsageTO;
import de.adorsys.ledgers.middleware.api.domain.um.UserRoleTO;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.time.DateUtils;
-import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
import org.keycloak.representations.AccessToken;
-import org.keycloak.representations.AccessTokenResponse;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
+import org.springframework.security.oauth2.jwt.Jwt;
import java.util.*;
import java.util.stream.Collectors;
@@ -22,29 +22,27 @@
@Mapper(componentModel = "spring")
public interface KeycloakAuthMapper {
- @Mapping(target = "act", ignore = true)
- @Mapping(target = "scaId", ignore = true)
- @Mapping(target = "consent", ignore = true)
- @Mapping(target = "authorisationId", ignore = true)
- @Mapping(target = "iat", source = "source.token.issuedAt")
- @Mapping(target = "role", expression = "java(getLedgersUserRoles(source.getToken()))")
- @Mapping(target = "sub", source = "source.token.subject")
- @Mapping(target = "scopes", source = "source.token.scope")
- @Mapping(target = "login", source = "source.token.name")
- @Mapping(target = "exp", source = "source.token.exp")
- @Mapping(target = "jti", source = "source.token.id")
- @Mapping(target = "accessToken", source = "source.tokenString")
- @Mapping(target = "tokenUsage", expression = "java(de.adorsys.ledgers.middleware.api.domain.um.TokenUsageTO.DIRECT_ACCESS)")
-//TODO This is a stub!!!
- AccessTokenTO toAccessToken(RefreshableKeycloakSecurityContext source);
+ default AccessTokenTO toAccessTokenFromJwt(Jwt source) {
+ AccessTokenTO token = new AccessTokenTO();
+ token.setIat(Date.from(source.getIssuedAt()));
+ token.setRole(getLedgersUserRolesFromJwt(source));
+ token.setSub(source.getClaimAsString("sub"));
+ token.setScopes(new HashSet(Arrays.asList(source.getClaimAsString("scope").split(" "))));
+ token.setLogin(source.getClaimAsString("name"));
+ token.setExp(Date.from(source.getExpiresAt()));
+ token.setJti(source.getClaimAsString("jti"));
+ token.setAccessToken(source.getTokenValue());
+ token.setTokenUsage(TokenUsageTO.DIRECT_ACCESS);
- @Mapping(target = "accessTokenObject", ignore = true)
- @Mapping(target = "scopes", source = "source.scope")
- @Mapping(target = "access_token", source = "token")
- @Mapping(target = "expires_in", source = "expiresIn")
- @Mapping(target = "refresh_token", source = "refreshToken")
- @Mapping(target = "token_type", source = "tokenType")
- BearerTokenTO toBearerTokenTO(AccessTokenResponse source);
+ return token;
+ }
+
+ default BearerTokenTO toBearerTokenFromJwt(Jwt source) {
+ AccessTokenTO to = toAccessTokenFromJwt(source);
+ long ttl = (to.getExp().getTime() - new Date().getTime()) / DateUtils.MILLIS_PER_SECOND;
+
+ return new BearerTokenTO(source.getTokenValue(), "Bearer", (int) ttl, null, to, to.getScopes());
+ }
default Set toScopes(String scope) {
return Optional.ofNullable(scope)
@@ -95,4 +93,22 @@ default UserRoleTO getLedgersUserRoles(AccessToken token) {
: UserRoleTO.getByValue(roles.iterator().next().toString()).orElse(null);
}
+
+ default UserRoleTO getLedgersUserRolesFromJwt(Jwt token) {
+ List tokenizedRoles = (ArrayList) token.getClaimAsMap("realm_access").get("roles");
+
+ Collection roles = CollectionUtils.intersection(
+ tokenizedRoles
+ .stream()
+ .map(UserRoleTO::getByValue)
+ .filter(Optional::isPresent)
+ .map(Optional::get)
+ .toList(), Arrays.asList(UserRoleTO.values())
+ );
+
+ return roles.isEmpty()
+ ? null
+ : UserRoleTO.getByValue(roles.iterator().next().toString()).orElse(null);
+ }
+
}
diff --git a/keycloak/keycloak-client/src/test/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakDataServiceImplTest.java b/keycloak/keycloak-client/src/test/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakDataServiceImplTest.java
index da561e55a..92a2a4a95 100644
--- a/keycloak/keycloak-client/src/test/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakDataServiceImplTest.java
+++ b/keycloak/keycloak-client/src/test/java/de/adorsys/ledgers/keycloak/client/impl/KeycloakDataServiceImplTest.java
@@ -9,6 +9,8 @@
import de.adorsys.ledgers.keycloak.client.mapper.KeycloakDataMapper;
import de.adorsys.ledgers.keycloak.client.model.KeycloakUser;
import de.adorsys.ledgers.keycloak.client.rest.KeycloakTokenRestClient;
+import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.core.Response;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.keycloak.admin.client.Keycloak;
@@ -20,8 +22,6 @@
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
-import javax.ws.rs.NotFoundException;
-import javax.ws.rs.core.Response;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
@@ -96,7 +96,7 @@ void getUser() {
when(keycloak.realm(any())).thenReturn(realmResource);
UsersResource usersResource = mock(UsersResource.class);
when(realmResource.users()).thenReturn(usersResource);
- when(usersResource.search(any(),eq(true))).thenReturn(List.of(new UserRepresentation()));
+ when(usersResource.search(any(), eq(true))).thenReturn(List.of(new UserRepresentation()));
Optional user = service.getUser("testRealm", "login");
assertTrue(user.isEmpty());
@@ -124,7 +124,7 @@ void updateUser() {
when(keycloak.realm(any())).thenReturn(realmResource);
UsersResource usersResource = mock(UsersResource.class);
when(realmResource.users()).thenReturn(usersResource);
- when(usersResource.search(any(),eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
+ when(usersResource.search(any(), eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
UserResource userResource = mock(UserResource.class);
when(usersResource.get(any())).thenReturn(userResource);
when(userResource.toRepresentation()).thenReturn(new UserRepresentation());
@@ -141,7 +141,7 @@ void deleteUser() {
when(keycloak.realm(any())).thenReturn(realmResource);
UsersResource usersResource = mock(UsersResource.class);
when(realmResource.users()).thenReturn(usersResource);
- when(usersResource.search(any(),eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
+ when(usersResource.search(any(), eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
service.deleteUser("login");
verify(usersResource, times(1)).delete(any());
@@ -154,7 +154,7 @@ void userExists() {
UsersResource usersResource = mock(UsersResource.class);
when(realmResource.users()).thenReturn(usersResource);
UserResource userResource = mock(UserResource.class);
- when(usersResource.search(any(),eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
+ when(usersResource.search(any(), eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
boolean exists = service.userExists("login");
assertTrue(exists);
@@ -166,7 +166,7 @@ void resetPassword() {
when(keycloak.realm(any())).thenReturn(realmResource);
UsersResource usersResource = mock(UsersResource.class);
when(realmResource.users()).thenReturn(usersResource);
- when(usersResource.search(any(),eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
+ when(usersResource.search(any(), eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
UserResource userResource = mock(UserResource.class);
when(usersResource.get(any())).thenReturn(userResource);
@@ -196,7 +196,7 @@ void assignRealmRoleToUser() {
when(keycloak.realm(any())).thenReturn(realmResource);
UsersResource usersResource = mock(UsersResource.class);
when(realmResource.users()).thenReturn(usersResource);
- when(usersResource.search(any(),eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
+ when(usersResource.search(any(), eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
UserResource userResource = mock(UserResource.class);
when(usersResource.get(any())).thenReturn(userResource);
RoleMappingResource roleMappingResource = mock(RoleMappingResource.class);
@@ -218,7 +218,7 @@ void removeRealmRoleFromUser() {
when(keycloak.realm(any())).thenReturn(realmResource);
UsersResource usersResource = mock(UsersResource.class);
when(realmResource.users()).thenReturn(usersResource);
- when(usersResource.search(any(),eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
+ when(usersResource.search(any(), eq(true))).thenReturn(Collections.singletonList(new UserRepresentation()));
UserResource userResource = mock(UserResource.class);
when(usersResource.get(any())).thenReturn(userResource);
RoleMappingResource roleMappingResource = mock(RoleMappingResource.class);
diff --git a/keycloak/keycloak-client/src/test/java/de/adorsys/ledgers/keycloak/client/mapper/KeycloakAuthMapperTest.java b/keycloak/keycloak-client/src/test/java/de/adorsys/ledgers/keycloak/client/mapper/KeycloakAuthMapperTest.java
index 549fcd9c5..774d9c533 100644
--- a/keycloak/keycloak-client/src/test/java/de/adorsys/ledgers/keycloak/client/mapper/KeycloakAuthMapperTest.java
+++ b/keycloak/keycloak-client/src/test/java/de/adorsys/ledgers/keycloak/client/mapper/KeycloakAuthMapperTest.java
@@ -9,14 +9,12 @@
import de.adorsys.ledgers.middleware.api.domain.um.BearerTokenTO;
import de.adorsys.ledgers.middleware.api.domain.um.UserRoleTO;
import org.junit.jupiter.api.Test;
-import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
import org.keycloak.representations.AccessToken;
import org.mapstruct.factory.Mappers;
+import org.springframework.security.oauth2.jwt.Jwt;
import java.time.Instant;
-import java.util.Arrays;
-import java.util.Date;
-import java.util.HashSet;
+import java.util.*;
import static org.junit.jupiter.api.Assertions.assertEquals;
@@ -24,52 +22,75 @@ class KeycloakAuthMapperTest {
private final KeycloakAuthMapper mapper = Mappers.getMapper(KeycloakAuthMapper.class);
private static final Date NOW = Date.from(Instant.now());
+ private static final String NAME = "anton.brueckner";
+ private static final String TOKEN_STRING = "tokenString";
+ private static final String JTI = "id";
+ private static final String SUBJECT = "subj";
+
private static final int MILLIS_IN_SECOND = 1000;
@Test
void toAccessToken() {
- RefreshableKeycloakSecurityContext context = getTokenContext();
- AccessTokenTO token = mapper.toAccessToken(context);
- assertEquals("tokenString", token.getAccessToken());
- assertEquals(NOW.getTime() * MILLIS_IN_SECOND, token.getExp().getTime());
- assertEquals(new Date(615586932L).getTime() * MILLIS_IN_SECOND, token.getIat().getTime());
- assertEquals("id", token.getJti());
+ // Given
+ ArrayList rolesString = new ArrayList<>(List.of("CUSTOMER"));
+ Map roles = Map.of("roles", rolesString);
+
+ Jwt jwt = Jwt.withTokenValue(TOKEN_STRING)
+ .header("header", "value")
+ .claim("realm_access", roles)
+ .claim("jti", JTI)
+ .claim("name", NAME)
+ .claim("scope", "profile openId")
+ .subject(SUBJECT)
+ .issuedAt(NOW.toInstant())
+ .expiresAt(NOW.toInstant().plusSeconds(10))
+ .build();
+
+ // When
+ AccessTokenTO token = mapper.toAccessTokenFromJwt(jwt);
+
+ // Then
+ assertEquals(TOKEN_STRING, token.getAccessToken());
+ assertEquals(NOW.toInstant().plusSeconds(10), token.getExp().toInstant());
+ assertEquals(NOW.toInstant().toEpochMilli(), token.getIat().getTime());
+ assertEquals(JTI, token.getJti());
assertEquals(new HashSet<>(Arrays.asList("profile", "openId")), token.getScopes());
- assertEquals("anton.brueckner", token.getLogin());
- assertEquals("subj", token.getSub());
+ assertEquals(NAME, token.getLogin());
+ assertEquals(SUBJECT, token.getSub());
assertEquals(UserRoleTO.CUSTOMER, token.getRole());
}
- private RefreshableKeycloakSecurityContext getTokenContext() {
- return new RefreshableKeycloakSecurityContext(null, null, "tokenString", getAccessToken(), null, null, null);
+
+ @Test
+ void toBearer() {
+ // When
+ BearerTokenTO result = mapper.toBearer(getAccessToken(), TOKEN_STRING);
+
+ // Then
+ assertEquals(TOKEN_STRING, result.getAccess_token());
+ assertEquals(TOKEN_STRING, result.getAccessTokenObject().getAccessToken());
+ assertEquals(NOW.getTime() * MILLIS_IN_SECOND, result.getAccessTokenObject().getExp().getTime());
+ assertEquals(new Date(615586932L).getTime() * MILLIS_IN_SECOND, result.getAccessTokenObject().getIat().getTime());
+ assertEquals(JTI, result.getAccessTokenObject().getJti());
+ assertEquals(new HashSet<>(Arrays.asList("profile", "openId")), result.getScopes());
+ assertEquals(NAME, result.getAccessTokenObject().getLogin());
+ assertEquals(SUBJECT, result.getAccessTokenObject().getSub());
+ assertEquals(UserRoleTO.CUSTOMER, result.getAccessTokenObject().getRole());
+ System.out.println();
}
private AccessToken getAccessToken() {
AccessToken token = new AccessToken();
token.id("id");
- token.setName("anton.brueckner");
+ token.setName(NAME);
token.issuedAt(615586932);
token.exp(NOW.getTime());
token.setScope("profile openId");
- token.setPreferredUsername("anton.brueckner");
- token.setSubject("subj");
+ token.setPreferredUsername(NAME);
+ token.setSubject(SUBJECT);
token.setRealmAccess(new AccessToken.Access().addRole("CUSTOMER"));
return token;
}
- @Test
- void toBearer() {
- BearerTokenTO result = mapper.toBearer(getAccessToken(), "tokenString");
- assertEquals("tokenString", result.getAccess_token());
- assertEquals("tokenString", result.getAccessTokenObject().getAccessToken());
- assertEquals(NOW.getTime() * MILLIS_IN_SECOND, result.getAccessTokenObject().getExp().getTime());
- assertEquals(new Date(615586932L).getTime() * MILLIS_IN_SECOND, result.getAccessTokenObject().getIat().getTime());
- assertEquals("id", result.getAccessTokenObject().getJti());
- assertEquals(new HashSet<>(Arrays.asList("profile", "openId")), result.getScopes());
- assertEquals("anton.brueckner", result.getAccessTokenObject().getLogin());
- assertEquals("subj", result.getAccessTokenObject().getSub());
- assertEquals(UserRoleTO.CUSTOMER, result.getAccessTokenObject().getRole());
- System.out.println();
- }
}
\ No newline at end of file
diff --git a/keycloak/keycloak-token-exchange/pom.xml b/keycloak/keycloak-token-exchange/pom.xml
index fac792559..a8ea45dca 100644
--- a/keycloak/keycloak-token-exchange/pom.xml
+++ b/keycloak/keycloak-token-exchange/pom.xml
@@ -10,7 +10,7 @@
keycloak
de.adorsys.ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
4.0.0
@@ -52,12 +52,6 @@
${keycloak.version}
-
- org.jboss.spec.javax.ws.rs
- jboss-jaxrs-api_2.0_spec
- ${jboss-jaxrs-api_2.0_spec.version}
-
-
org.jboss.logging
jboss-logging
diff --git a/keycloak/keycloak-token-exchange/src/main/java/de/adorsys/ledgers/token/exchange/ConfigurableTokenResourceProvider.java b/keycloak/keycloak-token-exchange/src/main/java/de/adorsys/ledgers/token/exchange/ConfigurableTokenResourceProvider.java
index cf46b4682..e9e2fa7ae 100644
--- a/keycloak/keycloak-token-exchange/src/main/java/de/adorsys/ledgers/token/exchange/ConfigurableTokenResourceProvider.java
+++ b/keycloak/keycloak-token-exchange/src/main/java/de/adorsys/ledgers/token/exchange/ConfigurableTokenResourceProvider.java
@@ -5,35 +5,32 @@
package de.adorsys.ledgers.token.exchange;
+import jakarta.ws.rs.Consumes;
+import jakarta.ws.rs.OPTIONS;
+import jakarta.ws.rs.POST;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.core.Context;
+import jakarta.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.Response;
import org.jboss.logging.Logger;
-import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.TokenVerifier;
import org.keycloak.common.VerificationException;
import org.keycloak.crypto.SignatureProvider;
import org.keycloak.crypto.SignatureVerifierContext;
import org.keycloak.events.EventBuilder;
+import org.keycloak.http.HttpRequest;
import org.keycloak.models.*;
import org.keycloak.protocol.oidc.TokenManager;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.AccessTokenResponse;
-import org.keycloak.services.ErrorResponse;
import org.keycloak.services.Urls;
import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.resource.RealmResourceProvider;
import org.keycloak.services.resources.Cors;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.OPTIONS;
-import javax.ws.rs.POST;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.Response;
-
-import static javax.ws.rs.core.HttpHeaders.AUTHORIZATION;
-import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
-import static javax.ws.rs.core.MediaType.APPLICATION_JSON_TYPE;
-import static javax.ws.rs.core.Response.Status.BAD_REQUEST;
+import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON;
import static org.keycloak.services.resources.Cors.ACCESS_CONTROL_ALLOW_METHODS;
import static org.keycloak.services.resources.Cors.ACCESS_CONTROL_ALLOW_ORIGIN;
import static org.keycloak.services.util.DefaultClientSessionContext.fromClientSessionScopeParameter;
@@ -66,22 +63,30 @@ public void close() {
}
@OPTIONS
- public Response preflight(@Context HttpRequest request) {
- return Cors.add(request, Response.ok()).auth().preflight().allowedMethods("POST", "OPTIONS").build();
+ public Response preflight() {
+ KeycloakContext context = session.getContext();
+ return Cors.add(context.getHttpRequest(), Response.ok())
+ .auth()
+ .preflight()
+ .allowedMethods("POST", "OPTIONS")
+ .build();
}
@POST
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
- public Response createToken(TokenConfiguration tokenConfiguration, @Context HttpRequest request) {
+ public Response createToken(TokenConfiguration tokenConfiguration) {
try {
+ KeycloakContext context = session.getContext();
+ HttpRequest request = context.getHttpRequest();
AccessToken accessToken = validateTokenAndUpdateSession(request);
UserSessionModel userSession = this.findSession();
AccessTokenResponse response = this.createAccessToken(userSession, accessToken, tokenConfiguration);
+
return this.buildCorsResponse(request, response);
} catch (ConfigurableTokenException e) {
LOG.error("An error occurred when fetching an access token", e);
- return ErrorResponse.error(e.getMessage(), BAD_REQUEST);
+ return Response.status(Response.Status.BAD_REQUEST).build();
}
}
@@ -124,7 +129,7 @@ private AccessToken validateTokenAndUpdateSession(HttpRequest request) throws Co
}
private String readAccessTokenFrom(HttpRequest request) throws ConfigurableTokenException {
- String authorization = request.getHttpHeaders().getHeaderString(AUTHORIZATION);
+ String authorization = request.getHttpHeaders().getHeaderString(HttpHeaders.AUTHORIZATION);
if (authorization == null || !authorization.startsWith("Bearer ")) {
LOG.warn("Keycloak-ConfigurableToken: no authorization header with bearer token");
throw new ConfigurableTokenException("bearer_token_missing_in_authorization_header");
@@ -173,7 +178,7 @@ private Response buildCorsResponse(@Context HttpRequest request, AccessTokenResp
.auth()
.exposedHeaders(ACCESS_CONTROL_ALLOW_METHODS, ACCESS_CONTROL_ALLOW_ORIGIN)
.allowAllOrigins();
- return cors.builder(Response.ok(response).type(APPLICATION_JSON_TYPE)).build();
+ return cors.builder(Response.ok(response).type(MediaType.APPLICATION_JSON_TYPE)).build();
}
diff --git a/keycloak/pom.xml b/keycloak/pom.xml
index 4aaf022c6..9c55e0817 100644
--- a/keycloak/pom.xml
+++ b/keycloak/pom.xml
@@ -12,7 +12,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-app/pom.xml b/ledgers-app/pom.xml
index b9dc73133..6ad0457af 100755
--- a/ledgers-app/pom.xml
+++ b/ledgers-app/pom.xml
@@ -12,7 +12,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
@@ -54,6 +54,15 @@
${project.version}
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+ org.springframework.boot
+ spring-boot-starter-oauth2-resource-server
+
+
@@ -152,12 +161,6 @@
spring-boot-starter-data-jpa
-
- org.springframework
- spring-test
- test
-
-
org.keycloak
keycloak-spring-boot-starter
@@ -186,6 +189,12 @@
+
+ org.springframework
+ spring-test
+ test
+
+
org.assertj
assertj-core
diff --git a/ledgers-app/src/main/java/de/adorsys/ledgers/app/initiation/IdpConfigurationService.java b/ledgers-app/src/main/java/de/adorsys/ledgers/app/initiation/IdpConfigurationService.java
index ec8c7dcfb..84a92b28a 100644
--- a/ledgers-app/src/main/java/de/adorsys/ledgers/app/initiation/IdpConfigurationService.java
+++ b/ledgers-app/src/main/java/de/adorsys/ledgers/app/initiation/IdpConfigurationService.java
@@ -15,13 +15,13 @@
import de.adorsys.ledgers.um.api.domain.UserBO;
import de.adorsys.ledgers.um.api.service.UserService;
import de.adorsys.ledgers.util.exception.UserManagementModuleException;
+import jakarta.ws.rs.ProcessingException;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Service;
-import javax.ws.rs.ProcessingException;
import java.util.Collections;
import java.util.List;
diff --git a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/DisableEndpointFilter.java b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/DisableEndpointFilter.java
index 608530ef4..cc9e6ff94 100644
--- a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/DisableEndpointFilter.java
+++ b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/DisableEndpointFilter.java
@@ -6,6 +6,10 @@
package de.adorsys.ledgers.app.server.auth;
import de.adorsys.ledgers.middleware.rest.resource.DataMgmtStaffAPI;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.core.env.Environment;
@@ -13,10 +17,6 @@
import org.springframework.util.AntPathMatcher;
import org.springframework.web.filter.OncePerRequestFilter;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
diff --git a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/KeycloakJwtAuthenticationConverter.java b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/KeycloakJwtAuthenticationConverter.java
new file mode 100644
index 000000000..43b867e2c
--- /dev/null
+++ b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/KeycloakJwtAuthenticationConverter.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2018-2023 adorsys GmbH and Co. KG
+ * All rights are reserved.
+ */
+
+package de.adorsys.ledgers.app.server.auth;
+
+import de.adorsys.ledgers.middleware.api.domain.um.UserRoleTO;
+import org.springframework.core.convert.converter.Converter;
+import org.springframework.security.authentication.AbstractAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.oauth2.jwt.Jwt;
+import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Optional;
+
+public class KeycloakJwtAuthenticationConverter implements Converter {
+
+ // This is required for roles processing, because by default Spring boot uses scopes instead of roles.
+ @Override
+ public AbstractAuthenticationToken convert(Jwt source) {
+ List tokenizedRoles = (ArrayList) source.getClaimAsMap("realm_access").get("roles");
+
+ List authorities = tokenizedRoles.stream()
+ .map(UserRoleTO::getByValue)
+ .filter(Optional::isPresent)
+ .map(Optional::get)
+ .map(a -> "ROLE_" + a)
+ .map(SimpleGrantedAuthority::new)
+ .toList();
+
+ return new JwtAuthenticationToken(source, authorities, "sub");
+ }
+}
diff --git a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/MethodSecurityConfig.java b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/MethodSecurityConfig.java
deleted file mode 100644
index 9bbb22f3d..000000000
--- a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/MethodSecurityConfig.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright (c) 2018-2023 adorsys GmbH and Co. KG
- * All rights are reserved.
- */
-
-package de.adorsys.ledgers.app.server.auth;
-
-import de.adorsys.ledgers.keycloak.client.mapper.KeycloakAuthMapper;
-import de.adorsys.ledgers.middleware.api.service.MiddlewareAccountManagementService;
-import de.adorsys.ledgers.middleware.api.service.MiddlewarePaymentService;
-import de.adorsys.ledgers.middleware.api.service.MiddlewareRedirectScaService;
-import de.adorsys.ledgers.middleware.api.service.MiddlewareUserManagementService;
-import de.adorsys.ledgers.middleware.rest.security.AccountAccessMethodSecurityExpressionHandler;
-import lombok.RequiredArgsConstructor;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
-
-@Configuration
-@RequiredArgsConstructor
-@EnableGlobalMethodSecurity(prePostEnabled = true)
-public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
- private final MiddlewareAccountManagementService middlewareAccountService;
- private final MiddlewarePaymentService middlewareService;
- private final KeycloakAuthMapper authMapper;
- private final MiddlewareUserManagementService userManagementService;
- private final MiddlewareRedirectScaService scaService;
-
- @Override
- protected MethodSecurityExpressionHandler createExpressionHandler() {
- return new AccountAccessMethodSecurityExpressionHandler(middlewareAccountService, middlewareService, userManagementService, authMapper, scaService);
- }
-}
diff --git a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/PermittedResources.java b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/PermittedResources.java
index 2593dc99e..618da3d48 100644
--- a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/PermittedResources.java
+++ b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/PermittedResources.java
@@ -23,7 +23,8 @@ public class PermittedResources {
protected static final String[] INDEX_WHITELIST = {
"/index.css",
"/img/*",
- "/favicon.ico"
+ "/favicon.ico",
+ "/index.html"
};
protected static final String[] APP_WHITELIST = {
diff --git a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/WebSecurityConfigKeycloak.java b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/WebSecurityConfigKeycloak.java
index eeb6ae9e4..b33d26dbe 100644
--- a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/WebSecurityConfigKeycloak.java
+++ b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/WebSecurityConfigKeycloak.java
@@ -8,77 +8,90 @@
import de.adorsys.ledgers.keycloak.client.mapper.KeycloakAuthMapper;
import de.adorsys.ledgers.middleware.api.domain.um.AccessTokenTO;
import de.adorsys.ledgers.middleware.api.domain.um.BearerTokenTO;
+import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.KeycloakSecurityContext;
-import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
-import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
-import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
import org.keycloak.representations.AccessToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
-import org.springframework.core.env.Environment;
+import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.session.SessionRegistryImpl;
+import org.springframework.security.oauth2.jwt.Jwt;
+import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
-import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.web.context.annotation.RequestScope;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
-import javax.servlet.http.HttpServletRequest;
import java.security.Principal;
import java.util.Optional;
import static de.adorsys.ledgers.app.server.auth.PermittedResources.*;
-@KeycloakConfiguration
+@Configuration
+@EnableWebSecurity
@RequiredArgsConstructor
-public class WebSecurityConfigKeycloak extends KeycloakWebSecurityConfigurerAdapter {
+@EnableGlobalMethodSecurity(
+ securedEnabled = true,
+ jsr250Enabled = true,
+ prePostEnabled = true
+)
+public class WebSecurityConfigKeycloak {
+
private final KeycloakAuthMapper authMapper;
- private final Environment environment;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) {
- KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
+ KeycloakAuthenticationProvider keycloakAuthenticationProvider = new KeycloakAuthenticationProvider();
keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
auth.authenticationProvider(keycloakAuthenticationProvider);
}
+
@Bean
- @Override
- protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
- return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
- }
+ @SuppressWarnings("PMD.SignatureDeclareThrowsException")
+ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+
+ http
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- super.configure(http);
http
- .csrf().disable()//NOSONAR Reason -> we only work with our proprietary backend services
- .cors().disable()
- // .and()
- .authorizeRequests().antMatchers(APP_WHITELIST).permitAll()
- .and()
- .authorizeRequests().antMatchers(INDEX_WHITELIST).permitAll()
- .and()
- .authorizeRequests().antMatchers(SWAGGER_WHITELIST).permitAll()
- .and()
- .authorizeRequests().antMatchers(CONSOLE_WHITELIST).permitAll()
- .and()
- .authorizeRequests().antMatchers(ACTUATOR_WHITELIST).permitAll()
+ .authorizeHttpRequests()
+ .requestMatchers(INDEX_WHITELIST).permitAll()
+ .requestMatchers(SWAGGER_WHITELIST).permitAll()
+ .requestMatchers(CONSOLE_WHITELIST).permitAll()
+ .requestMatchers(ACTUATOR_WHITELIST).permitAll()
+ .requestMatchers(APP_WHITELIST).permitAll()
.anyRequest()
- .authenticated();
- http.addFilterBefore(new DisableEndpointFilter(environment), BasicAuthenticationFilter.class);
+ .authenticated()
+ .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+ .and().oauth2ResourceServer()
+ .jwt().jwtAuthenticationConverter(new KeycloakJwtAuthenticationConverter()).and()
+ .and().cors().disable() // by default uses a Bean by the name of corsConfigurationSource
+ .csrf().disable()
+ .formLogin().disable()
+ .httpBasic().disable();
+
+ return http.build();
}
+ @Bean
+ protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
+ return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
+ }
@Bean
@RequestScope
@@ -112,6 +125,12 @@ public Principal getPrincipal() {
return auth().orElse(null);
}
+ @Bean
+ @RequestScope
+ public Authentication getAuthentication() {
+ return auth().orElse(null);
+ }
+
/**
* Return Authentication or empty
*
@@ -124,12 +143,12 @@ private static Optional auth() {
}
private AccessTokenTO extractAccessToken(Authentication authentication) {
- RefreshableKeycloakSecurityContext credentials = (RefreshableKeycloakSecurityContext) authentication.getCredentials();
- return authMapper.toAccessToken(credentials);
+ Jwt credentials = (Jwt) authentication.getCredentials();
+ return authMapper.toAccessTokenFromJwt(credentials);
}
private BearerTokenTO extractBearerToken(Authentication authentication) {
- RefreshableKeycloakSecurityContext credentials = (RefreshableKeycloakSecurityContext) authentication.getCredentials();
- return authMapper.toBearer(credentials.getToken(), credentials.getTokenString());
+ Jwt credentials = (Jwt) authentication.getCredentials();
+ return authMapper.toBearerTokenFromJwt(credentials);
}
-}
+}
\ No newline at end of file
diff --git a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/WebSecurityConfigKeycloakAdditional.java b/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/WebSecurityConfigKeycloakAdditional.java
deleted file mode 100644
index 5fc1760d1..000000000
--- a/ledgers-app/src/main/java/de/adorsys/ledgers/app/server/auth/WebSecurityConfigKeycloakAdditional.java
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
- * Copyright (c) 2018-2023 adorsys GmbH and Co. KG
- * All rights are reserved.
- */
-
-package de.adorsys.ledgers.app.server.auth;
-
-import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
-import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
-import org.springframework.context.annotation.Bean;
-
-@KeycloakConfiguration
-public class WebSecurityConfigKeycloakAdditional {
-
- @Bean
- public KeycloakSpringBootConfigResolver getResolver() {
- return new KeycloakSpringBootConfigResolver();
- }
-
-}
diff --git a/ledgers-app/src/main/resources/application.yml b/ledgers-app/src/main/resources/application.yml
index 6ddb6be8f..4ce04896e 100644
--- a/ledgers-app/src/main/resources/application.yml
+++ b/ledgers-app/src/main/resources/application.yml
@@ -41,6 +41,11 @@ springdoc:
path: /swagger-ui.html
spring:
+ security:
+ oauth2:
+ resourceserver:
+ jwt:
+ issuer-uri: ${keycloak.auth-server-url}/realms/ledgers
mvc:
pathmatch:
matching-strategy: ant_path_matcher
@@ -91,7 +96,7 @@ spring:
logging:
level:
org:
- hibernate: WARN
+ springframework: INFO
ledgers:
users:
@@ -224,7 +229,9 @@ management:
enabled: false
---
spring:
- profiles: h2
+ config:
+ activate:
+ on-profile: h2
h2:
console:
enabled: true
@@ -238,7 +245,9 @@ db:
url: jdbc:h2:~/ledgersdbs/ledgers-app;DB_CLOSE_DELAY=-1
---
spring:
- profiles: postgres
+ config:
+ activate:
+ on-profile: postgres
datasource:
url: ${db.url}
username: ${db.user}
@@ -265,8 +274,11 @@ db:
# -> use the config docker-compose-postgres-5433.yml to start postgres on port 5433.
# -> Start db with: $ docker-compose -f docker-compose-postgres-5433.yml up
# -> make sure the existing volume is deleted if one.
+
spring:
- profiles: hibernate-ddl
+ config:
+ activate:
+ on-profile: hibernate-ddl
jpa:
show-sql: false
generate-ddl: true
@@ -283,15 +295,9 @@ db:
# ledgers.url: http://localhost:${server.port}
---
spring:
- profiles: dev
-
-logging:
- level:
- org:
- postgresql: INFO
- hibernate.SQL: DEBUG
- hibernate.type.descriptor.sql.BasicBinder: TRACE
- springframework: TRACE
+ config:
+ activate:
+ on-profile: dev
management.endpoints.web.exposure.include: "*"
management.endpoints.web.exposure.exclude: env,beans
diff --git a/ledgers-app/src/test/java/de/adorsys/ledgers/app/server/auth/DisableEndpointFilterTest.java b/ledgers-app/src/test/java/de/adorsys/ledgers/app/server/auth/DisableEndpointFilterTest.java
index 36d68fef8..a114e78f6 100644
--- a/ledgers-app/src/test/java/de/adorsys/ledgers/app/server/auth/DisableEndpointFilterTest.java
+++ b/ledgers-app/src/test/java/de/adorsys/ledgers/app/server/auth/DisableEndpointFilterTest.java
@@ -6,6 +6,7 @@
package de.adorsys.ledgers.app.server.auth;
import de.adorsys.ledgers.middleware.rest.resource.DataMgmtStaffAPI;
+import jakarta.servlet.ServletException;
import lombok.SneakyThrows;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
@@ -17,7 +18,6 @@
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
-import javax.servlet.ServletException;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
diff --git a/ledgers-cleanup-service/pom.xml b/ledgers-cleanup-service/pom.xml
index 9d5cbfdf6..ad1afe6b3 100644
--- a/ledgers-cleanup-service/pom.xml
+++ b/ledgers-cleanup-service/pom.xml
@@ -9,7 +9,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-cleanup-service/src/main/java/de/adorsys/ledgers/cleanup/repository/BaseCleanupRepository.java b/ledgers-cleanup-service/src/main/java/de/adorsys/ledgers/cleanup/repository/BaseCleanupRepository.java
index 11d2407cf..c076d5559 100644
--- a/ledgers-cleanup-service/src/main/java/de/adorsys/ledgers/cleanup/repository/BaseCleanupRepository.java
+++ b/ledgers-cleanup-service/src/main/java/de/adorsys/ledgers/cleanup/repository/BaseCleanupRepository.java
@@ -8,9 +8,9 @@
import org.apache.commons.io.IOUtils;
import org.springframework.core.io.ResourceLoader;
-import javax.persistence.EntityManager;
-import javax.persistence.PersistenceContext;
-import javax.persistence.Query;
+import jakarta.persistence.EntityManager;
+import jakarta.persistence.PersistenceContext;
+import jakarta.persistence.Query;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
diff --git a/ledgers-cleanup-service/src/main/java/de/adorsys/ledgers/cleanup/repository/DepositAccountCleanupRepositoryImpl.java b/ledgers-cleanup-service/src/main/java/de/adorsys/ledgers/cleanup/repository/DepositAccountCleanupRepositoryImpl.java
index 0279cca8a..9b633d861 100644
--- a/ledgers-cleanup-service/src/main/java/de/adorsys/ledgers/cleanup/repository/DepositAccountCleanupRepositoryImpl.java
+++ b/ledgers-cleanup-service/src/main/java/de/adorsys/ledgers/cleanup/repository/DepositAccountCleanupRepositoryImpl.java
@@ -11,7 +11,7 @@
import org.springframework.core.io.ResourceLoader;
import org.springframework.stereotype.Service;
-import javax.persistence.EntityManager;
+import jakarta.persistence.EntityManager;
import java.io.IOException;
import java.time.LocalDateTime;
import java.util.Map;
diff --git a/ledgers-cleanup-service/src/test/java/de/adorsys/ledgers/cleanup/repository/DepositAccountCleanupRepositoryImplTest.java b/ledgers-cleanup-service/src/test/java/de/adorsys/ledgers/cleanup/repository/DepositAccountCleanupRepositoryImplTest.java
index 1b0c491f9..65e4c8744 100644
--- a/ledgers-cleanup-service/src/test/java/de/adorsys/ledgers/cleanup/repository/DepositAccountCleanupRepositoryImplTest.java
+++ b/ledgers-cleanup-service/src/test/java/de/adorsys/ledgers/cleanup/repository/DepositAccountCleanupRepositoryImplTest.java
@@ -17,8 +17,8 @@
import org.springframework.core.io.Resource;
import org.springframework.core.io.ResourceLoader;
-import javax.persistence.EntityManager;
-import javax.persistence.Query;
+import jakarta.persistence.EntityManager;
+import jakarta.persistence.Query;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
diff --git a/ledgers-db/pom.xml b/ledgers-db/pom.xml
index 1a8e12476..691faa1c0 100644
--- a/ledgers-db/pom.xml
+++ b/ledgers-db/pom.xml
@@ -10,7 +10,7 @@
ledgers
de.adorsys.ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
4.0.0
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/pom.xml b/ledgers-deposit-account/ledgers-deposit-account-repository/pom.xml
index bcec4587c..d645c1d9f 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/pom.xml
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/pom.xml
@@ -17,7 +17,7 @@
de.adorsys.ledgers
ledgers-deposit-account
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/AccountReference.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/AccountReference.java
index 2e90159f3..c9dc2841c 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/AccountReference.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/AccountReference.java
@@ -7,8 +7,8 @@
import lombok.Data;
-import javax.persistence.Column;
-import javax.persistence.Embeddable;
+import jakarta.persistence.Column;
+import jakarta.persistence.Embeddable;
@Data
@Embeddable
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Address.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Address.java
index 97d81459d..caabaaed8 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Address.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Address.java
@@ -7,7 +7,7 @@
import lombok.Data;
-import javax.persistence.Embeddable;
+import jakarta.persistence.Embeddable;
@Data
@Embeddable
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Amount.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Amount.java
index 7f4c5a3f1..889095485 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Amount.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Amount.java
@@ -5,10 +5,10 @@
package de.adorsys.ledgers.deposit.db.domain;
+import jakarta.persistence.Column;
+import jakarta.persistence.Embeddable;
import lombok.Data;
-import javax.persistence.Column;
-import javax.persistence.Embeddable;
import java.math.BigDecimal;
@SuppressWarnings("java:S1700")
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/DepositAccount.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/DepositAccount.java
index b483bbb02..2a61cb59c 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/DepositAccount.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/DepositAccount.java
@@ -10,7 +10,7 @@
import lombok.NoArgsConstructor;
import org.hibernate.annotations.CreationTimestamp;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.math.BigDecimal;
import java.time.LocalDateTime;
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Payment.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Payment.java
index 6a19d7107..16e914054 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Payment.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/Payment.java
@@ -7,12 +7,12 @@
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateDeserializer;
+import jakarta.persistence.*;
import lombok.Data;
import org.hibernate.annotations.UpdateTimestamp;
import org.jetbrains.annotations.NotNull;
import org.springframework.data.jpa.convert.threeten.Jsr310JpaConverters.LocalDateConverter;
-import javax.persistence.*;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.time.LocalTime;
@@ -131,6 +131,9 @@ public class Payment {
@Transient
private TransactionStatus previousTransactionStatus;
+ public Payment() {
+ }
+
public boolean isLastExecuted(LocalDate nextPossibleExecutionDate) {
return endDate != null && nextPossibleExecutionDate.isAfter(endDate);
}
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/PaymentTarget.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/PaymentTarget.java
index ab9503969..15d2f697d 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/PaymentTarget.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/domain/PaymentTarget.java
@@ -8,7 +8,7 @@
import lombok.Data;
import lombok.ToString;
-import javax.persistence.*;
+import jakarta.persistence.*;
@Data
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/DepositAccountRepository.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/DepositAccountRepository.java
index 0c46d1d87..b50e2bf33 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/DepositAccountRepository.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/DepositAccountRepository.java
@@ -10,6 +10,7 @@
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.repository.Modifying;
import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.CrudRepository;
import org.springframework.data.repository.PagingAndSortingRepository;
import java.util.Collection;
@@ -17,7 +18,7 @@
import java.util.Optional;
import java.util.Set;
-public interface DepositAccountRepository extends PagingAndSortingRepository {
+public interface DepositAccountRepository extends PagingAndSortingRepository, CrudRepository {
List findByBranch(String branch);
Page findByBranchAndIbanContaining(String branch, String queryParam, Pageable pageable);
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/PaymentRepository.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/PaymentRepository.java
index 0261fc02d..1aa01cedc 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/PaymentRepository.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/PaymentRepository.java
@@ -11,6 +11,7 @@
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.CrudRepository;
import org.springframework.data.repository.PagingAndSortingRepository;
import org.springframework.transaction.annotation.Transactional;
@@ -18,7 +19,7 @@
import java.util.Optional;
import java.util.Set;
-public interface PaymentRepository extends PagingAndSortingRepository {
+public interface PaymentRepository extends PagingAndSortingRepository, CrudRepository {
Optional findByPaymentIdAndTransactionStatus(String paymentId, TransactionStatus status);
@Transactional
diff --git a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/PaymentTargetRepository.java b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/PaymentTargetRepository.java
index c847cc398..9673dd5a0 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/PaymentTargetRepository.java
+++ b/ledgers-deposit-account/ledgers-deposit-account-repository/src/main/java/de/adorsys/ledgers/deposit/db/repository/PaymentTargetRepository.java
@@ -6,7 +6,8 @@
package de.adorsys.ledgers.deposit.db.repository;
import de.adorsys.ledgers.deposit.db.domain.PaymentTarget;
+import org.springframework.data.repository.CrudRepository;
import org.springframework.data.repository.PagingAndSortingRepository;
-public interface PaymentTargetRepository extends PagingAndSortingRepository {
+public interface PaymentTargetRepository extends PagingAndSortingRepository, CrudRepository {
}
diff --git a/ledgers-deposit-account/ledgers-deposit-account-service-api/pom.xml b/ledgers-deposit-account/ledgers-deposit-account-service-api/pom.xml
index c393a008a..2f98fd0d8 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-service-api/pom.xml
+++ b/ledgers-deposit-account/ledgers-deposit-account-service-api/pom.xml
@@ -16,7 +16,7 @@
de.adorsys.ledgers
ledgers-deposit-account
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-deposit-account/ledgers-deposit-account-service-impl/pom.xml b/ledgers-deposit-account/ledgers-deposit-account-service-impl/pom.xml
index 708b2e10f..4dbeb7098 100644
--- a/ledgers-deposit-account/ledgers-deposit-account-service-impl/pom.xml
+++ b/ledgers-deposit-account/ledgers-deposit-account-service-impl/pom.xml
@@ -17,7 +17,7 @@
de.adorsys.ledgers
ledgers-deposit-account
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-deposit-account/pom.xml b/ledgers-deposit-account/pom.xml
index 322d2a8d0..652e5bbbd 100755
--- a/ledgers-deposit-account/pom.xml
+++ b/ledgers-deposit-account/pom.xml
@@ -12,7 +12,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-jaxb-api/pom.xml b/ledgers-jaxb-api/pom.xml
index d3e55af02..8fe0bb6be 100644
--- a/ledgers-jaxb-api/pom.xml
+++ b/ledgers-jaxb-api/pom.xml
@@ -10,7 +10,7 @@
ledgers
de.adorsys.ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
4.0.0
diff --git a/ledgers-middleware/ledgers-middleware-rest-api/pom.xml b/ledgers-middleware/ledgers-middleware-rest-api/pom.xml
index 7aeb1b831..cb7fb1eea 100644
--- a/ledgers-middleware/ledgers-middleware-rest-api/pom.xml
+++ b/ledgers-middleware/ledgers-middleware-rest-api/pom.xml
@@ -10,7 +10,7 @@
de.adorsys.ledgers
ledgers-middleware
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
@@ -69,7 +69,7 @@
org.springdoc
- springdoc-openapi-ui
+ springdoc-openapi-starter-webmvc-ui
diff --git a/ledgers-middleware/ledgers-middleware-rest-client/pom.xml b/ledgers-middleware/ledgers-middleware-rest-client/pom.xml
index a6d9e616d..5202a8e20 100644
--- a/ledgers-middleware/ledgers-middleware-rest-client/pom.xml
+++ b/ledgers-middleware/ledgers-middleware-rest-client/pom.xml
@@ -10,7 +10,7 @@
de.adorsys.ledgers
ledgers-middleware
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/pom.xml b/ledgers-middleware/ledgers-middleware-rest-server/pom.xml
index c8450a423..3fc5b6c94 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/pom.xml
+++ b/ledgers-middleware/ledgers-middleware-rest-server/pom.xml
@@ -10,7 +10,7 @@
de.adorsys.ledgers
ledgers-middleware
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
@@ -92,9 +92,14 @@
mapstruct
+
+ org.hibernate.validator
+ hibernate-validator
+
+
org.springdoc
- springdoc-openapi-ui
+ springdoc-openapi-starter-webmvc-ui
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/filter/MultiReadHttpServletRequest.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/filter/MultiReadHttpServletRequest.java
index ff7bad6f7..1432ca4b5 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/filter/MultiReadHttpServletRequest.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/filter/MultiReadHttpServletRequest.java
@@ -5,12 +5,12 @@
package de.adorsys.ledgers.middleware.rest.filter;
+import jakarta.servlet.ReadListener;
+import jakarta.servlet.ServletInputStream;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequestWrapper;
import lombok.extern.slf4j.Slf4j;
-import javax.servlet.ReadListener;
-import javax.servlet.ServletInputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletRequestWrapper;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/filter/ValidationFilter.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/filter/ValidationFilter.java
index 7fd51f93a..6c9e76b8e 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/filter/ValidationFilter.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/filter/ValidationFilter.java
@@ -16,10 +16,10 @@
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
import java.util.function.Predicate;
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AccountMgmStaffResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AccountMgmStaffResource.java
index 140772146..7bef38eb5 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AccountMgmStaffResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AccountMgmStaffResource.java
@@ -35,26 +35,26 @@ public class AccountMgmStaffResource implements AccountMgmStaffResourceAPI {
private final ScaInfoHolder scaInfoHolder;
@Override
- @PreAuthorize("hasManagerAccessToAccountIban(#iban)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToAccountIban(#iban)")
public ResponseEntity> getAccountsByIbanAndCurrency(String iban, String currency) {
return ResponseEntity.ok(middlewareAccountService.getAccountsByIbanAndCurrency(iban, currency));
}
@Override
- @PreAuthorize("hasManagerAccessToUser(#userId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToUser(#userId)")
public ResponseEntity createDepositAccountForUser(String userId, AccountDetailsTO accountDetailsTO) {
boolean created = middlewareAccountService.createDepositAccount(userId, scaInfoHolder.getScaInfo(), accountDetailsTO);
return ResponseEntity.ok(created);
}
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity> getListOfAccounts() {
return ResponseEntity.ok(middlewareAccountService.listDepositAccountsByBranch(scaInfoHolder.getUserId()));
}
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity> getListOfAccountsPaged(String queryParam, int page, int size, boolean withBalance) {
CustomPageableImpl pageable = new CustomPageableImpl(page, size);
CustomPageImpl details = middlewareAccountService.listDepositAccountsByBranchPaged(scaInfoHolder.getUserId(), queryParam, withBalance, pageable);
@@ -62,20 +62,20 @@ public ResponseEntity> getListOfAccountsPaged(S
}
@Override
- @PreAuthorize("hasManagerAccessToAccountId(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToAccountId(#accountId)")
public ResponseEntity getAccountDetailsById(String accountId) {
return ResponseEntity.ok(middlewareAccountService.getDepositAccountById(accountId, LocalDateTime.now(), true));
}
@Override
- @PreAuthorize("hasManagerAccessToAccountId(#accountId) && isEnabledAccount(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToAccountId(#accountId) && @accountAccessSecurityFilter.isEnabledAccount(#accountId)")
public ResponseEntity depositCash(String accountId, AmountTO amount) {
middlewareAccountService.depositCash(scaInfoHolder.getScaInfo(), accountId, amount);
return ResponseEntity.accepted().build();
}
@Override
- @PreAuthorize("hasManagerAccessToAccountId(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToAccountId(#accountId)")
public ResponseEntity getExtendedAccountDetailsById(String accountId) {
long start = System.nanoTime();
AccountReportTO accountReport = middlewareAccountService.getAccountReport(accountId);
@@ -84,13 +84,13 @@ public ResponseEntity getExtendedAccountDetailsById(String acco
}
@Override
- @PreAuthorize("hasManagerAccessToAccountId(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToAccountId(#accountId)")
public ResponseEntity changeStatus(String accountId) {
return ResponseEntity.ok(middlewareAccountService.changeStatus(accountId, false));
}
@Override
- @PreAuthorize("hasManagerAccessToAccountId(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToAccountId(#accountId)")
public ResponseEntity changeCreditLimit(String accountId, BigDecimal creditLimit) {
middlewareAccountService.changeCreditLimit(accountId, creditLimit);
return ResponseEntity.accepted().build();
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AccountResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AccountResource.java
index 9d8da5d1b..9f87cbdab 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AccountResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AccountResource.java
@@ -44,26 +44,26 @@ public class AccountResource implements AccountRestAPI {
* @return : the list of accounts linked with the current customer.
*/
@Override
- @PreAuthorize("hasAnyRole('CUSTOMER','SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('CUSTOMER','SYSTEM')")
public ResponseEntity> getListOfAccounts() {
return ResponseEntity.ok(middlewareAccountService.listDepositAccounts(scaInfoHolder.getUserId()));
}
@Override
- @PreAuthorize("hasAccessToAccount(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccount(#accountId)")
public ResponseEntity getAccountDetailsById(String accountId) {
return ResponseEntity.ok(middlewareAccountService.getDepositAccountById(accountId, LocalDateTime.now(), true));
}
@Override
- @PreAuthorize("hasAccessToAccount(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccount(#accountId)")
public ResponseEntity> getBalances(String accountId) {
AccountDetailsTO accountDetails = middlewareAccountService.getDepositAccountById(accountId, LocalDateTime.now(), true);
return ResponseEntity.ok(accountDetails.getBalances());
}
@Override
- @PreAuthorize("hasAccessToAccount(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccount(#accountId)")
public ResponseEntity> getTransactionByDates(String accountId, LocalDate dateFrom, LocalDate dateTo) {
dateChecker(dateFrom, dateTo);
List transactions = middlewareAccountService.getTransactionsByDates(accountId, validDate(dateFrom), validDate(dateTo));
@@ -71,7 +71,7 @@ public ResponseEntity> getTransactionByDates(String accountI
}
@Override
- @PreAuthorize("hasAccessToAccount(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccount(#accountId)")
public ResponseEntity> getTransactionByDatesPaged(String accountId, LocalDate dateFrom, LocalDate dateTo, int page, int size) {
dateChecker(dateFrom, dateTo);
CustomPageableImpl pageable = new CustomPageableImpl(page, size);
@@ -80,13 +80,13 @@ public ResponseEntity> getTransactionByDatesPaged(
}
@Override
- @PreAuthorize("hasAccessToAccount(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccount(#accountId)")
public ResponseEntity getTransactionById(String accountId, String transactionId) {
return ResponseEntity.ok(middlewareAccountService.getTransactionById(accountId, transactionId));
}
@Override
- @PreAuthorize("hasAccessToAccountWithIban(#request.psuAccount.iban)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountWithIban(#request.psuAccount.iban)")
public ResponseEntity fundsConfirmation(FundsConfirmationRequestTO request) {
if (request.getInstructedAmount().getAmount().compareTo(BigDecimal.ZERO) <= 0) { //TODO move to validation filter
throw MiddlewareModuleException.builder()
@@ -99,7 +99,7 @@ public ResponseEntity fundsConfirmation(FundsConfirmationRequestTO requ
}
@Override
- @PreAuthorize("accountInfoByIdentifier(#accountIdentifierType, #accountIdentifier)")
+ @PreAuthorize("@accountAccessSecurityFilter.accountInfoByIdentifier(#accountIdentifierType, #accountIdentifier)")
public ResponseEntity> getAdditionalAccountInfo(AccountIdentifierTypeTO accountIdentifierType, String accountIdentifier) {
return ResponseEntity.ok(userManagementService.getAdditionalInformation(scaInfoHolder.getScaInfo(), accountIdentifierType, accountIdentifier));
}
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AdminResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AdminResource.java
index cec737ed1..48e97c9a4 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AdminResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AdminResource.java
@@ -47,13 +47,13 @@ public class AdminResource implements AdminResourceAPI {
private final UserMapper userMapper;
@Override
- @PreAuthorize("hasAnyRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('SYSTEM')")
public ResponseEntity> getAllUsers() {
return ResponseEntity.ok(middlewareUserService.listUsers(0, Integer.MAX_VALUE));
}
@Override
- @PreAuthorize("hasRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM')")
public ResponseEntity> users(String countryCode, String branchId, String branchLogin, String userLogin, UserRoleTO role, Boolean blocked, int page, int size) {
CustomPageableImpl pageable = new CustomPageableImpl(page, size);
List roles = Optional.ofNullable(role).map(Collections::singletonList).orElseGet(() -> Arrays.asList(STAFF, CUSTOMER));
@@ -61,34 +61,34 @@ public ResponseEntity> users(String countryCode,
}
@Override
- @PreAuthorize("hasRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM')")
public ResponseEntity> admins(int page, int size) {
CustomPageableImpl pageable = new CustomPageableImpl(page, size);
return ResponseEntity.ok(middlewareUserService.getUsersByRoles(Collections.singletonList(SYSTEM), pageable));
}
@Override
- @PreAuthorize("hasRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM')")
public ResponseEntity> accounts(String countryCode, String branchId, String branchLogin, String iban, Boolean blocked, int page, int size) {
CustomPageableImpl pageable = new CustomPageableImpl(page, size);
return ResponseEntity.ok(accountManagementService.getAccountsByBranchAndMultipleParams(countryCode, branchId, branchLogin, iban, blocked, pageable));
}
@Override
- @PreAuthorize("hasRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM')")
public ResponseEntity updatePassword(String branchId, String password) {
middlewareUserService.updatePasswordById(branchId, password);
return ResponseEntity.accepted().build();
}
@Override
- @PreAuthorize("hasRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM')")
public ResponseEntity changeStatus(String userId) {
return ResponseEntity.ok(appManagementService.changeBlockedStatus(userId, false));
}
@Override
- @PreAuthorize("hasRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM')")
public ResponseEntity register(UserTO user) {
UserTO createdUser = middlewareUserService.create(user);
createdUser.setPin(null);
@@ -96,7 +96,7 @@ public ResponseEntity register(UserTO user) {
}
@Override
- @PreAuthorize("hasRole('SYSTEM') and isEnabledUser(#user.id)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM') and @accountAccessSecurityFilter.isEnabledUser(#user.id)")
public ResponseEntity user(UserTO user) {
checkUpdateData(user);
middlewareUserService.updateUser(user.getBranch(), user);
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AppMgmtResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AppMgmtResource.java
index 15d74a3d0..0d5bdb81b 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AppMgmtResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/AppMgmtResource.java
@@ -5,7 +5,6 @@
package de.adorsys.ledgers.middleware.rest.resource;
-import de.adorsys.ledgers.keycloak.client.api.KeycloakTokenService;
import de.adorsys.ledgers.middleware.api.domain.um.UserRoleTO;
import de.adorsys.ledgers.middleware.api.domain.um.UserTO;
import de.adorsys.ledgers.middleware.api.exception.MiddlewareModuleException;
@@ -35,7 +34,6 @@ public class AppMgmtResource implements AppMgmtRestAPI {
private final AppManagementService appManagementService;
private final MiddlewareUserManagementService userManagementService;
- private final KeycloakTokenService tokenService;
@Override
public ResponseEntity ping() {
@@ -43,7 +41,7 @@ public ResponseEntity ping() {
}
@Override
- @PreAuthorize("hasRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM')")
public ResponseEntity initApp() {
appManagementService.initApp();
return ResponseEntity.ok().build();
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/ConsentResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/ConsentResource.java
index 692973023..5dadba1a7 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/ConsentResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/ConsentResource.java
@@ -27,13 +27,13 @@ public class ConsentResource implements ConsentRestAPI {
private final MiddlewareAccountManagementService middlewareAccountService;
@Override
- @PreAuthorize("hasAnyRole('STAFF','CUSTOMER') and hasAccessToAccountsWithIbans(#aisConsent.access.listedAccountsIbans)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('STAFF','CUSTOMER') and @accountAccessSecurityFilter.hasAccessToAccountsWithIbans(#aisConsent.access.listedAccountsIbans)")
public ResponseEntity initiateAisConsent(String consentId, AisConsentTO aisConsent) {
return ResponseEntity.ok(middlewareAccountService.startAisConsent(scaInfoHolder.getScaInfo(), consentId, aisConsent));
}
@Override
- @PreAuthorize("hasAnyRole('STAFF','CUSTOMER') and hasAccessToAccountsWithIbans(#aisConsent.access.listedAccountsIbans)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('STAFF','CUSTOMER') and @accountAccessSecurityFilter.hasAccessToAccountsWithIbans(#aisConsent.access.listedAccountsIbans)")
public ResponseEntity initiatePiisConsent(AisConsentTO aisConsent) {
return ResponseEntity.ok(middlewareAccountService.startPiisConsent(scaInfoHolder.getScaInfo(), aisConsent));
}
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/DataMgmtStaffResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/DataMgmtStaffResource.java
index 7caac9983..6c90fef88 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/DataMgmtStaffResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/DataMgmtStaffResource.java
@@ -34,42 +34,42 @@ public class DataMgmtStaffResource implements DataMgmtStaffAPI {
private final MiddlewareRecoveryService recoveryService;
@Override
- @PreAuthorize("hasManagerAccessToAccountId(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToAccountId(#accountId)")
public ResponseEntity account(String accountId) {
cleanupService.deleteTransactions(scaInfoHolder.getUserId(), scaInfoHolder.getScaInfo().getUserRole(), accountId);
return ResponseEntity.ok().build();
}
@Override
- @PreAuthorize("hasManagerAccessToAccountId(#accountId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToAccountId(#accountId)")
public ResponseEntity depositAccount(String accountId) {
cleanupService.deleteAccount(scaInfoHolder.getUserId(), scaInfoHolder.getScaInfo().getUserRole(), accountId);
return ResponseEntity.ok().build();
}
@Override
- @PreAuthorize("hasManagerAccessToUser(#userId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToUser(#userId)")
public ResponseEntity user(String userId) {
cleanupService.deleteUser(scaInfoHolder.getUserId(), scaInfoHolder.getScaInfo().getUserRole(), userId);
return ResponseEntity.ok().build();
}
@Override
- @PreAuthorize("hasManagerAccessToUser(#branchId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToUser(#branchId)")
public ResponseEntity branch(String branchId) {
cleanupService.removeBranch(scaInfoHolder.getUserId(), scaInfoHolder.getScaInfo().getUserRole(), branchId);
return ResponseEntity.ok().build();
}
@Override
- @PreAuthorize("hasAnyRole('STAFF','SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('STAFF','SYSTEM')")
public ResponseEntity uploadData(UploadedDataTO data) {
appManagementService.uploadData(data, scaInfoHolder.getScaInfo());
return ResponseEntity.ok().build();
}
@Override
- @PreAuthorize("hasAnyRole('STAFF','SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('STAFF','SYSTEM')")
public ResponseEntity> currencies() {
return ResponseEntity.ok(currencyService.getSupportedCurrencies());
}
@@ -80,26 +80,26 @@ public ResponseEntity branchId(BbanStructure bbanStructure) {
}
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity createPoint(RecoveryPointTO recoveryPoint) {
recoveryService.createRecoveryPoint(scaInfoHolder.getUserId(), recoveryPoint);
return ResponseEntity.status(HttpStatus.CREATED).build();
}
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity> getAllPoints() {
return ResponseEntity.ok(recoveryService.getAll(scaInfoHolder.getUserId()));
}
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity getPoint(Long id) {
return ResponseEntity.ok(recoveryService.getPointById(scaInfoHolder.getUserId(), id));
}
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity deletePoint(Long id) {
recoveryService.deleteById(scaInfoHolder.getUserId(), id);
return ResponseEntity.status(HttpStatus.NO_CONTENT).build();
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/OperationInitiationResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/OperationInitiationResource.java
index cf0f23874..0d545e635 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/OperationInitiationResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/OperationInitiationResource.java
@@ -31,25 +31,25 @@ public class OperationInitiationResource implements OperationInitiationRestApi {
private final ScaInfoHolder scaInfoHolder;
@Override
- @PreAuthorize("hasAccessToAccountWithIban(#payment.debtorAccount.iban)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountWithIban(#payment.debtorAccount.iban)")
public ResponseEntity initiatePayment(PaymentTypeTO paymentType, PaymentTO payment) {
return new ResponseEntity<>(operationService.resolveInitiation(OpTypeTO.PAYMENT, null, payment, scaInfoHolder.getScaInfo()), HttpStatus.CREATED);
}
@Override
- @PreAuthorize("hasAccessToAccountByPaymentId(#opId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountByPaymentId(#opId)")
public ResponseEntity initiatePmtCancellation(String opId) {
return new ResponseEntity<>(operationService.resolveInitiation(OpTypeTO.CANCEL_PAYMENT, opId, null, scaInfoHolder.getScaInfo()), HttpStatus.CREATED);
}
@Override
- @PreAuthorize("hasAnyRole('STAFF','CUSTOMER') and hasAccessToAccountsWithIbans(#aisConsent.access.listedAccountsIbans)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('STAFF','CUSTOMER') and @accountAccessSecurityFilter.hasAccessToAccountsWithIbans(#aisConsent.access.listedAccountsIbans)")
public ResponseEntity initiateAisConsent(AisConsentTO aisConsent) {
return new ResponseEntity<>(operationService.resolveInitiation(OpTypeTO.CONSENT, null, aisConsent, scaInfoHolder.getScaInfo()), HttpStatus.CREATED);
}
@Override
- @PreAuthorize("hasPartialScope() and hasAccessToAccountByPaymentId(#opId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasPartialScope() and @accountAccessSecurityFilter.hasAccessToAccountByPaymentId(#opId)")
public ResponseEntity execution(OpTypeTO opType, String opId) {
return ResponseEntity.ok(operationService.execute(opType, opId, scaInfoHolder.getScaInfo()));
}
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/PaymentResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/PaymentResource.java
index da8ea64e6..2f2cb4655 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/PaymentResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/PaymentResource.java
@@ -33,57 +33,57 @@ public class PaymentResource implements PaymentRestAPI {
private final ScaInfoHolder scaInfoHolder;
@Override
- @PreAuthorize("hasAccessToAccountByPaymentId(#paymentId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountByPaymentId(#paymentId)")
public ResponseEntity getPaymentStatusById(String paymentId) {
return ResponseEntity.ok(paymentService.getPaymentStatusById(paymentId));
}
@Override
- @PreAuthorize("hasAccessToAccountByPaymentId(#paymentId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountByPaymentId(#paymentId)")
public ResponseEntity getPaymentById(String paymentId) {
return ResponseEntity.ok(paymentService.getPaymentById(paymentId));
}
@Override
- @PreAuthorize("hasRole('CUSTOMER')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('CUSTOMER')")
public ResponseEntity> getPendingPeriodicPayments() {
return ResponseEntity.ok(paymentService.getPendingPeriodicPayments(scaInfoHolder.getScaInfo()));
}
@Override
- @PreAuthorize("hasRole('CUSTOMER')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('CUSTOMER')")
public ResponseEntity> getPendingPeriodicPaymentsPaged(int page, int size) {
CustomPageableImpl pageable = new CustomPageableImpl(page, size);
return ResponseEntity.ok(paymentService.getPendingPeriodicPaymentsPaged(scaInfoHolder.getScaInfo(), pageable));
}
@Override
- @PreAuthorize("hasRole('CUSTOMER')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('CUSTOMER')")
public ResponseEntity> getAllPaymentsPaged(int page, int size) {
CustomPageableImpl pageable = new CustomPageableImpl(page, size);
return ResponseEntity.ok(paymentService.getAllPaymentsPaged(scaInfoHolder.getScaInfo(), pageable));
}
@Override
- @PreAuthorize("hasAccessToAccountWithIban(#payment.debtorAccount.iban)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountWithIban(#payment.debtorAccount.iban)")
public ResponseEntity initiatePayment(PaymentTO payment) {
return new ResponseEntity<>(paymentService.initiatePayment(scaInfoHolder.getScaInfo(), payment), HttpStatus.CREATED);
}
@Override
- @PreAuthorize("hasPartialScope() and hasAccessToAccountByPaymentId(#paymentId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasPartialScope() and @accountAccessSecurityFilter.hasAccessToAccountByPaymentId(#paymentId)")
public ResponseEntity executePayment(String paymentId) {
return ResponseEntity.accepted().body(paymentService.executePayment(scaInfoHolder.getScaInfo(), paymentId));
}
@Override
- @PreAuthorize("hasAccessToAccountByPaymentId(#paymentId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountByPaymentId(#paymentId)")
public ResponseEntity initiatePmtCancellation(String paymentId) {
return ResponseEntity.ok(paymentService.initiatePaymentCancellation(scaInfoHolder.getScaInfo(), paymentId));
}
@Override
- @PreAuthorize("hasPartialScope() and hasAccessToAccountByPaymentId(#paymentId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasPartialScope() and @accountAccessSecurityFilter.hasAccessToAccountByPaymentId(#paymentId)")
public ResponseEntity executeCancelPayment(String paymentId) {
return ResponseEntity.ok(paymentService.authorizeCancelPayment(scaInfoHolder.getScaInfo(), paymentId));
}
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/RedirectScaResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/RedirectScaResource.java
index 3118a588d..6ce3f8762 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/RedirectScaResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/RedirectScaResource.java
@@ -27,25 +27,25 @@ public class RedirectScaResource implements RedirectScaRestAPI {
private final MiddlewareRedirectScaService scaService;
@Override
- @PreAuthorize("hasScaScope() and hasAccessToAccountByScaOperation(#startScaOpr)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasScaScope() and @accountAccessSecurityFilter.hasAccessToAccountByScaOperation(#startScaOpr)")
public ResponseEntity startSca(StartScaOprTO startScaOpr) {
return ResponseEntity.ok(scaService.startScaOperation(startScaOpr, scaInfoHolder.getScaInfo()));
}
@Override
- @PreAuthorize("hasScaScope() and hasAccessToAccountByAuthorizationId(#authorisationId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasScaScope() and @accountAccessSecurityFilter.hasAccessToAccountByAuthorizationId(#authorisationId)")
public ResponseEntity getSCA(String authorisationId) {
return ResponseEntity.ok(scaService.getMethods(authorisationId, scaInfoHolder.getScaInfo()));
}
@Override
- @PreAuthorize("hasScaScope() and hasAccessToAccountByAuthorizationId(#authorisationId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasScaScope() and @accountAccessSecurityFilter.hasAccessToAccountByAuthorizationId(#authorisationId)")
public ResponseEntity selectMethod(String authorisationId, String scaMethodId) {
return ResponseEntity.ok(scaService.selectMethod(scaInfoHolder.getScaInfoWithScaMethodIdAndAuthorisationId(scaMethodId, authorisationId)));
}
@Override
- @PreAuthorize("hasScaScope() and hasAccessToAccountByAuthorizationId(#authorisationId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasScaScope() and @accountAccessSecurityFilter.hasAccessToAccountByAuthorizationId(#authorisationId)")
public ResponseEntity validateScaCode(String authorisationId, String authCode) {
return ResponseEntity.ok(scaService.confirmAuthorization(scaInfoHolder.getScaInfoWithAuthCodeAndAuthorisationId(authCode, authorisationId)));
}
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/TransactionsStaffResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/TransactionsStaffResource.java
index 9e03fb9a7..f88bfb076 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/TransactionsStaffResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/TransactionsStaffResource.java
@@ -29,7 +29,7 @@ public class TransactionsStaffResource implements TransactionsStaffResourceAPI {
private final MockTransactionMapper transactionMapper;
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity> transactions(List data) {
List dataBO = transactionMapper.toMockTransactionDetailsBO(data);
return new ResponseEntity<>(transactionService.bookMockTransaction(dataBO), HttpStatus.CREATED);
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/UserMgmtResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/UserMgmtResource.java
index 1ef2fae8c..fb329bd37 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/UserMgmtResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/UserMgmtResource.java
@@ -36,13 +36,13 @@ public class UserMgmtResource implements UserMgmtRestAPI {
private final ScaInfoHolder scaInfoHolder;
@Override
- @PreAuthorize("hasAccessToAccountByLogin(#login, #iban)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountByLogin(#login, #iban)")
public ResponseEntity multilevel(String login, String iban) {
return ResponseEntity.ok(middlewareUserService.checkMultilevelScaRequired(login, iban));
}
@Override
- @PreAuthorize("hasAccessToAccountsByLogin(#login, #references)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAccessToAccountsByLogin(#login, #references)")
public ResponseEntity multilevelAccounts(String login, List references) {
return ResponseEntity.ok(middlewareUserService.checkMultilevelScaRequired(login, references));
}
@@ -55,7 +55,7 @@ public ResponseEntity register(String login, String email, String pin, U
}
@Override
- @PreAuthorize("hasManagerAccessToUser(#userId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToUser(#userId)")
public ResponseEntity getUserById(String userId) {
return ResponseEntity.ok(middlewareUserService.findById(userId));
}
@@ -66,7 +66,7 @@ public ResponseEntity getUser() {
}
@Override
- @PreAuthorize("isSameUser(#user.id)")
+ @PreAuthorize("@accountAccessSecurityFilter.isSameUser(#user.id)")
public ResponseEntity editSelf(UserTO user) {
middlewareUserService.editBasicSelf(scaInfoHolder.getUserId(), user);
return ResponseEntity.accepted().build();
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/UserMgmtStaffResource.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/UserMgmtStaffResource.java
index 1571fc2cb..740618624 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/UserMgmtStaffResource.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/resource/UserMgmtStaffResource.java
@@ -40,7 +40,7 @@ public class UserMgmtStaffResource implements UserMgmtStaffResourceAPI {
private final MiddlewareRecoveryService middlewareRecoveryService;
@Override
- @PreAuthorize("isNewStaffUser(#branchStaff)")
+ @PreAuthorize("@accountAccessSecurityFilter.isNewStaffUser(#branchStaff)")
public ResponseEntity register(String branch, UserTO branchStaff) {
branchStaff.setBranch(branch);
branchStaff.setUserRoles(Collections.singletonList(UserRoleTO.STAFF));
@@ -51,13 +51,13 @@ public ResponseEntity register(String branch, UserTO branchStaff) {
}
@Override
- @PreAuthorize("hasManagerAccessToUser(#user.id)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToUser(#user.id)")
public ResponseEntity modifyUser(String branch, UserTO user) {
return ResponseEntity.ok(middlewareUserService.updateUser(branch, user));
}
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity createUser(UserTO user) {
UserTO branchStaff = middlewareUserService.findById(scaInfoHolder.getScaInfo().getUserId());
@@ -74,7 +74,7 @@ public ResponseEntity createUser(UserTO user) {
}
@Override
- @PreAuthorize("hasRole('STAFF')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('STAFF')")
public ResponseEntity> getBranchUsersByRoles(List roles, String queryParam, Boolean blockedParam, int page, int size) {
CustomPageableImpl pageable = new CustomPageableImpl(page, size);
UserTO branchStaff = middlewareUserService.findById(scaInfoHolder.getUserId());
@@ -83,7 +83,7 @@ public ResponseEntity> getBranchUsersByRoles(List> getBranchUserLogins() {
UserTO branchStaff = middlewareUserService.findById(scaInfoHolder.getUserId());
List users = middlewareUserService.getBranchUserLogins(branchStaff.getBranch());
@@ -91,7 +91,7 @@ public ResponseEntity> getBranchUserLogins() {
}
@Override
- @PreAuthorize("hasRole('SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasRole('SYSTEM')")
public ResponseEntity> getBranchUserLoginsByBranchId(String branchId) {
UserTO branchStaff = middlewareUserService.findById(branchId);
List users = middlewareUserService.getBranchUserLogins(branchStaff.getBranch());
@@ -99,14 +99,14 @@ public ResponseEntity> getBranchUserLoginsByBranchId(String branchI
}
@Override
- @PreAuthorize("hasManagerAccessToUser(#userId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToUser(#userId)")
public ResponseEntity getBranchUserById(String userId) {
UserTO user = middlewareUserService.findById(userId);
return ResponseEntity.ok(user);
}
@Override
- @PreAuthorize("hasManagerAccessToUser(#userId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToUser(#userId)")
public ResponseEntity updateUserScaData(String userId, List data) {
UserTO userWithUpdatedSca = middlewareUserService.updateScaData(middlewareUserService.findById(userId).getLogin(), data);
URI uri = UriComponentsBuilder.fromUriString("/staff-access" + UserMgmtRestAPI.BASE_PATH + "/" + userWithUpdatedSca.getId())
@@ -115,7 +115,7 @@ public ResponseEntity updateUserScaData(String userId, List
}
@Override
- @PreAuthorize("hasAnyRole('STAFF','SYSTEM')")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('STAFF','SYSTEM')")
//TODO Check Account enabled, check initiator has accessTo Account, Check Same Branch as User/Check user is not a branch!!!, AccountExists
public ResponseEntity updateAccountAccessForUser(String userId, AccountAccessTO access) {
ScaInfoTO scaInfo = scaInfoHolder.getScaInfo();
@@ -124,13 +124,13 @@ public ResponseEntity updateAccountAccessForUser(String userId, AccountAcc
}
@Override
- @PreAuthorize("hasManagerAccessToUser(#userId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasManagerAccessToUser(#userId)")
public ResponseEntity changeStatus(String userId) {
return ResponseEntity.ok(middlewareUserService.changeStatus(userId, false));
}
@Override
- @PreAuthorize("hasAnyRole('STAFF') and isSameUser(#request.branchId)")
+ @PreAuthorize("@accountAccessSecurityFilter.hasAnyRole('STAFF') and @accountAccessSecurityFilter.isSameUser(#request.branchId)")
public ResponseEntity revertDatabase(RevertRequestTO request) {
middlewareRecoveryService.revertDatabase(request.getBranchId(), request.getRecoveryPointId());
return new ResponseEntity<>(HttpStatus.OK);
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessMethodSecurityExpressionRoot.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessSecurityFilter.java
similarity index 79%
rename from ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessMethodSecurityExpressionRoot.java
rename to ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessSecurityFilter.java
index 7bad4ff1a..36d4ef2b9 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessMethodSecurityExpressionRoot.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessSecurityFilter.java
@@ -18,8 +18,9 @@
import de.adorsys.ledgers.middleware.api.service.MiddlewareRedirectScaService;
import de.adorsys.ledgers.middleware.api.service.MiddlewareUserManagementService;
import org.apache.commons.collections4.CollectionUtils;
-import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.jwt.Jwt;
+import org.springframework.stereotype.Component;
import java.time.LocalDateTime;
import java.util.*;
@@ -29,9 +30,14 @@
import static de.adorsys.ledgers.middleware.api.domain.um.UserRoleTO.STAFF;
import static de.adorsys.ledgers.middleware.api.domain.um.UserRoleTO.SYSTEM;
-public class AccountAccessMethodSecurityExpressionRoot extends SecurityExpressionAdapter {
+@Component
+@SuppressWarnings("PMD.TooManyMethods")
+public class AccountAccessSecurityFilter extends SecurityExpressionAdapter {
- public AccountAccessMethodSecurityExpressionRoot(Authentication authentication, MiddlewareAccountManagementService accountService, MiddlewarePaymentService paymentService, KeycloakAuthMapper authMapper, MiddlewareUserManagementService userManagementService, MiddlewareRedirectScaService scaService) {
+ public AccountAccessSecurityFilter(Authentication authentication, MiddlewareAccountManagementService accountService,
+ MiddlewarePaymentService paymentService, KeycloakAuthMapper authMapper,
+ MiddlewareUserManagementService userManagementService,
+ MiddlewareRedirectScaService scaService) {
super(authentication, accountService, paymentService, userManagementService, authMapper, scaService);
}
@@ -51,27 +57,18 @@ public boolean hasManagerAccessToAccountId(String accountId) {
return hasAnyRole(SYSTEM.name(), STAFF.name()) && user.isEnabled() && hasManagerAccessId(accountId, user);
}
- public boolean isNewAccountAndCanBeCreatedForUser(AccountDetailsTO account, String userId) {
- List accounts = accountService.getAccountsByIbanAndCurrency(account.getIban(), "");
- return CollectionUtils.isEmpty(accounts) || accounts.stream()
- .map(AccountDetailsTO::getCurrency)
- .noneMatch(c -> account.getCurrency() == c)
- && userManagementService.findById(userId)
- .hasAccessToAccountWithIban(account.getIban());
- }
-
//-- Manager User checks --//
public boolean hasManagerAccessToUser(String userId) {
UserTO user = user();
return hasAnyRole(SYSTEM.name(), STAFF.name()) && user.isEnabled() && hasAccessToUser(user, userId);
}
- public boolean isSameUser(String userId) { //TODO Used
+ public boolean isSameUser(String userId) {
return user().getId().equals(userId);
}
//--General Payment checks --//
- public boolean hasAccessToAccountByPaymentId(String paymentId) { //TODO Used
+ public boolean hasAccessToAccountByPaymentId(String paymentId) {
return hasAccessToAccount(getAccountIdFromPayment(paymentId));
}
@@ -104,11 +101,11 @@ public boolean accountInfoByIdentifier(AccountIdentifierTypeTO type, String acco
: hasAccessToAccount(accountIdentifier);
}
- public boolean isEnabledAccount(String accountId) { //TODO Used
+ public boolean isEnabledAccount(String accountId) {
return accountService.getDepositAccountById(accountId, LocalDateTime.now(), false).isEnabled();
}
- public boolean hasAccessToAccountByLogin(String login, String iban) { //TODO Used
+ public boolean hasAccessToAccountByLogin(String login, String iban) {
return userManagementService.findByUserLogin(login).hasAccessToAccountWithIban(iban);
}
@@ -137,14 +134,13 @@ public boolean hasAccessToAccountByScaOperation(StartScaOprTO opr) {
: hasAccessToAccountsWithIbans(accountService.getAccountsFromConsent(opr.getOprId()));
}
- public boolean hasAccessToAccountByAuthorizationId(String authorizationId) { //TODO Used
+ public boolean hasAccessToAccountByAuthorizationId(String authorizationId) {
return hasAccessToAccountByScaOperation(scaService.loadScaInformation(authorizationId));
}
- //-- -- --//
private AccessTokenTO getAccessTokenTO() {
- RefreshableKeycloakSecurityContext credentials = (RefreshableKeycloakSecurityContext) authentication.getCredentials();
- return authMapper.toAccessToken(credentials);
+ Jwt credentials = (Jwt) getAuthentication().getCredentials();
+ return authMapper.toAccessTokenFromJwt(credentials);
}
private UserTO user() {
@@ -158,10 +154,8 @@ private boolean hasAnyScope(String... scopes) {
}
private Set getScopes() {
- RefreshableKeycloakSecurityContext credentials = (RefreshableKeycloakSecurityContext) authentication.getCredentials();
- return new HashSet<>(Arrays.asList(credentials.getToken()
- .getScope()
- .split(" ")));
+ Jwt credentials = (Jwt) getAuthentication().getCredentials();
+ return new HashSet(Arrays.asList(credentials.getClaimAsString("scope").split(" ")));
}
private boolean isEnabledAccountIban(String iban) {
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessMethodSecurityExpressionHandler.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessSecurityFilterHandler.java
similarity index 85%
rename from ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessMethodSecurityExpressionHandler.java
rename to ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessSecurityFilterHandler.java
index 1b673dbd3..f5dcc61d7 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessMethodSecurityExpressionHandler.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/AccountAccessSecurityFilterHandler.java
@@ -19,7 +19,7 @@
import org.springframework.security.core.Authentication;
@RequiredArgsConstructor
-public class AccountAccessMethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler {
+public class AccountAccessSecurityFilterHandler extends DefaultMethodSecurityExpressionHandler {
private final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
private final MiddlewareAccountManagementService middlewareAccountService;
@@ -30,7 +30,7 @@ public class AccountAccessMethodSecurityExpressionHandler extends DefaultMethodS
@Override
protected MethodSecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, MethodInvocation invocation) {
- AccountAccessMethodSecurityExpressionRoot root = new AccountAccessMethodSecurityExpressionRoot(authentication, middlewareAccountService, middlewareService, authMapper, userManagementService, scaService);
+ AccountAccessSecurityFilter root = new AccountAccessSecurityFilter(authentication, middlewareAccountService, middlewareService, authMapper, userManagementService, scaService);
root.setPermissionEvaluator(getPermissionEvaluator());
root.setTrustResolver(this.trustResolver);
root.setRoleHierarchy(getRoleHierarchy());
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/ScaInfoHolderImpl.java b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/ScaInfoHolderImpl.java
index a4376010b..61573979f 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/ScaInfoHolderImpl.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/main/java/de/adorsys/ledgers/middleware/rest/security/ScaInfoHolderImpl.java
@@ -11,9 +11,9 @@
import de.adorsys.ledgers.middleware.api.domain.um.TokenUsageTO;
import de.adorsys.ledgers.um.api.service.UserService;
import lombok.RequiredArgsConstructor;
-import org.springframework.stereotype.Component;
+import org.springframework.stereotype.Service;
-@Component
+@Service
@RequiredArgsConstructor
public class ScaInfoHolderImpl implements ScaInfoHolder {
private final AccessTokenTO accessTokenTO;
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/test/java/de/adorsys/ledgers/middleware/rest/config/MethodSecurityConfig.java b/ledgers-middleware/ledgers-middleware-rest-server/src/test/java/de/adorsys/ledgers/middleware/rest/config/MethodSecurityConfig.java
index bb600b9d3..d0be0b9de 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/test/java/de/adorsys/ledgers/middleware/rest/config/MethodSecurityConfig.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/test/java/de/adorsys/ledgers/middleware/rest/config/MethodSecurityConfig.java
@@ -10,7 +10,7 @@
import de.adorsys.ledgers.middleware.api.service.MiddlewarePaymentService;
import de.adorsys.ledgers.middleware.api.service.MiddlewareRedirectScaService;
import de.adorsys.ledgers.middleware.api.service.MiddlewareUserManagementService;
-import de.adorsys.ledgers.middleware.rest.security.AccountAccessMethodSecurityExpressionHandler;
+import de.adorsys.ledgers.middleware.rest.security.AccountAccessSecurityFilterHandler;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
@@ -29,6 +29,6 @@ public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
- return new AccountAccessMethodSecurityExpressionHandler(middlewareAccountService, middlewareService, userManagementService, authMapper, scaService);
+ return new AccountAccessSecurityFilterHandler(middlewareAccountService, middlewareService, userManagementService, authMapper, scaService);
}
}
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/test/java/de/adorsys/ledgers/middleware/rest/mockbank/AppManagementResourceAdminIT.java b/ledgers-middleware/ledgers-middleware-rest-server/src/test/java/de/adorsys/ledgers/middleware/rest/mockbank/AppManagementResourceAdminIT.java
index 03813c065..9cef29905 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/test/java/de/adorsys/ledgers/middleware/rest/mockbank/AppManagementResourceAdminIT.java
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/test/java/de/adorsys/ledgers/middleware/rest/mockbank/AppManagementResourceAdminIT.java
@@ -19,6 +19,8 @@
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.mock.web.MockServletContext;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.TestExecutionListeners;
import org.springframework.test.context.junit.jupiter.SpringExtension;
@@ -32,7 +34,10 @@
import org.springframework.web.client.RestTemplate;
import org.springframework.web.context.WebApplicationContext;
-import javax.servlet.ServletContext;
+import jakarta.servlet.ServletContext;
+import org.springframework.web.context.annotation.RequestScope;
+
+import java.util.Optional;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -72,6 +77,17 @@ public RestTemplate restTemplate() {
return new RestTemplate();
}
+ @Bean
+ @RequestScope
+ public Authentication getAuthentication() {
+ return auth().orElse(null);
+ }
+
+ static Optional auth() {
+ return SecurityContextHolder.getContext() == null
+ ? Optional.empty()
+ : Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication());
+ }
}
@Autowired
diff --git a/ledgers-middleware/ledgers-middleware-rest-server/src/test/resources/application.yml b/ledgers-middleware/ledgers-middleware-rest-server/src/test/resources/application.yml
index c7d7df24c..fb990fa1f 100644
--- a/ledgers-middleware/ledgers-middleware-rest-server/src/test/resources/application.yml
+++ b/ledgers-middleware/ledgers-middleware-rest-server/src/test/resources/application.yml
@@ -92,7 +92,9 @@ ledgers:
---
spring:
- profiles: h2
+ config:
+ activate:
+ on-profile: h2
h2:
console:
enabled: true
@@ -107,7 +109,9 @@ db:
---
spring:
- profiles: dev
+ config:
+ activate:
+ on-profile: dev
logging.level.org.postgresql: INFO
logging.level.org.hibernate.SQL: DEBUG
diff --git a/ledgers-middleware/ledgers-middleware-service-api/pom.xml b/ledgers-middleware/ledgers-middleware-service-api/pom.xml
index 765803069..8da2101cb 100644
--- a/ledgers-middleware/ledgers-middleware-service-api/pom.xml
+++ b/ledgers-middleware/ledgers-middleware-service-api/pom.xml
@@ -10,7 +10,7 @@
de.adorsys.ledgers
ledgers-middleware
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
@@ -39,7 +39,7 @@
org.springdoc
- springdoc-openapi-ui
+ springdoc-openapi-starter-webmvc-ui
diff --git a/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/sca/StartScaOprTO.java b/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/sca/StartScaOprTO.java
index e6ce3ec92..3beeeeb66 100644
--- a/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/sca/StartScaOprTO.java
+++ b/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/sca/StartScaOprTO.java
@@ -6,8 +6,10 @@
package de.adorsys.ledgers.middleware.api.domain.sca;
import lombok.Data;
+import lombok.NoArgsConstructor;
@Data
+@NoArgsConstructor
public class StartScaOprTO {
private String oprId;
private String externalId;
diff --git a/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/AccountAccessTO.java b/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/AccountAccessTO.java
index 8ebde1d5c..2d7444e62 100644
--- a/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/AccountAccessTO.java
+++ b/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/AccountAccessTO.java
@@ -6,10 +6,10 @@
package de.adorsys.ledgers.middleware.api.domain.um;
import com.fasterxml.jackson.annotation.JsonIgnore;
+import jakarta.validation.constraints.NotNull;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
-import org.jetbrains.annotations.NotNull;
import java.util.Currency;
import java.util.EnumSet;
@@ -17,7 +17,7 @@
import static org.apache.commons.lang3.StringUtils.equalsIgnoreCase;
@Data
-@NoArgsConstructor
+@NoArgsConstructor(force = true)
@AllArgsConstructor
public class AccountAccessTO {
private String id;
diff --git a/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/ScaUserDataTO.java b/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/ScaUserDataTO.java
index 2d43572c1..6243b80d5 100644
--- a/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/ScaUserDataTO.java
+++ b/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/ScaUserDataTO.java
@@ -6,13 +6,13 @@
package de.adorsys.ledgers.middleware.api.domain.um;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import jakarta.validation.constraints.NotNull;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
-import org.jetbrains.annotations.NotNull;
@Data
-@NoArgsConstructor
+@NoArgsConstructor(force = true)
@AllArgsConstructor
@JsonIgnoreProperties(value = {"user"}, allowSetters = true)
public class ScaUserDataTO {
diff --git a/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/UserTO.java b/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/UserTO.java
index c0185d287..fc8e291c7 100644
--- a/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/UserTO.java
+++ b/ledgers-middleware/ledgers-middleware-service-api/src/main/java/de/adorsys/ledgers/middleware/api/domain/um/UserTO.java
@@ -6,15 +6,15 @@
package de.adorsys.ledgers.middleware.api.domain.um;
import com.fasterxml.jackson.annotation.JsonIgnore;
+import jakarta.validation.constraints.NotNull;
import lombok.*;
-import org.jetbrains.annotations.NotNull;
import java.util.*;
import java.util.stream.Collectors;
@Getter
@Setter
-@NoArgsConstructor
+@NoArgsConstructor(force = true)
@AllArgsConstructor
@EqualsAndHashCode
public class UserTO {
diff --git a/ledgers-middleware/ledgers-middleware-service-impl/pom.xml b/ledgers-middleware/ledgers-middleware-service-impl/pom.xml
index fa9008a75..04dfd461a 100644
--- a/ledgers-middleware/ledgers-middleware-service-impl/pom.xml
+++ b/ledgers-middleware/ledgers-middleware-service-impl/pom.xml
@@ -9,7 +9,7 @@
de.adorsys.ledgers
ledgers-middleware
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
@@ -102,8 +102,8 @@
- javax.servlet
- javax.servlet-api
+ jakarta.servlet
+ jakarta.servlet-api
provided
diff --git a/ledgers-middleware/ledgers-middleware-service-impl/src/main/java/de/adorsys/ledgers/middleware/impl/service/MiddlewareRecoveryPointServiceImpl.java b/ledgers-middleware/ledgers-middleware-service-impl/src/main/java/de/adorsys/ledgers/middleware/impl/service/MiddlewareRecoveryPointServiceImpl.java
index 35338388e..50be9a527 100644
--- a/ledgers-middleware/ledgers-middleware-service-impl/src/main/java/de/adorsys/ledgers/middleware/impl/service/MiddlewareRecoveryPointServiceImpl.java
+++ b/ledgers-middleware/ledgers-middleware-service-impl/src/main/java/de/adorsys/ledgers/middleware/impl/service/MiddlewareRecoveryPointServiceImpl.java
@@ -18,7 +18,7 @@
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
-import javax.transaction.Transactional;
+import jakarta.transaction.Transactional;
import java.util.List;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutorService;
diff --git a/ledgers-middleware/ledgers-middleware-service-impl/src/test/java/de/adorsys/ledgers/middleware/impl/service/SCAUtilsTest.java b/ledgers-middleware/ledgers-middleware-service-impl/src/test/java/de/adorsys/ledgers/middleware/impl/service/SCAUtilsTest.java
index 055297cf1..dffd87139 100644
--- a/ledgers-middleware/ledgers-middleware-service-impl/src/test/java/de/adorsys/ledgers/middleware/impl/service/SCAUtilsTest.java
+++ b/ledgers-middleware/ledgers-middleware-service-impl/src/test/java/de/adorsys/ledgers/middleware/impl/service/SCAUtilsTest.java
@@ -8,7 +8,7 @@
import de.adorsys.ledgers.middleware.api.domain.sca.ScaInfoTO;
import de.adorsys.ledgers.middleware.api.domain.um.*;
import de.adorsys.ledgers.middleware.impl.converter.UserMapper;
-import de.adorsys.ledgers.sca.service.SCAOperationService;
+import de.adorsys.ledgers.um.api.domain.ScaMethodTypeBO;
import de.adorsys.ledgers.um.api.domain.ScaUserDataBO;
import de.adorsys.ledgers.um.api.domain.UserBO;
import de.adorsys.ledgers.um.api.service.UserService;
@@ -28,32 +28,36 @@
@ExtendWith(MockitoExtension.class)
class SCAUtilsTest {
+
+ private static final String ID = "id";
+ private static final String LOGIN = "login";
+ private static final String EMAIL = "email";
+ private static final String PIN = "pin";
+
@InjectMocks
private SCAUtils utils;
@Mock
private UserService userService;
@Mock
- private SCAOperationService scaOperationService;
- @Mock
private UserMapper userMapper;
@Test
void getScaMethod_TO() {
- ScaUserDataTO result = utils.getScaMethod(getUserTO(), "id");
+ ScaUserDataTO result = utils.getScaMethod(getUserTO(), ID);
assertThat(result).isEqualTo(getScaUserDataTO());
}
private UserTO getUserTO() {
- return new UserTO("id", "login", "email", "pin", Collections.singletonList(getScaUserDataTO()), Collections.singletonList(getAccess()), Collections.singletonList(UserRoleTO.CUSTOMER), "branch", false, false);
+ return new UserTO(ID, LOGIN, EMAIL, PIN, Collections.singletonList(getScaUserDataTO()), Collections.singletonList(getAccess()), Collections.singletonList(UserRoleTO.CUSTOMER), "branch", false, false);
}
private AccountAccessTO getAccess() {
- return new AccountAccessTO("id", "DE123", Currency.getInstance("EUR"), AccessTypeTO.OWNER, 100, "id");
+ return new AccountAccessTO(ID, "DE123", Currency.getInstance("EUR"), AccessTypeTO.OWNER, 100, ID);
}
private ScaUserDataTO getScaUserDataTO() {
- return new ScaUserDataTO("id", ScaMethodTypeTO.SMTP_OTP, "anton.brueckner@de.de", null, false, "staticTan", false, true);
+ return new ScaUserDataTO(ID, ScaMethodTypeTO.SMTP_OTP, "anton.brueckner@de.de", new UserTO(LOGIN, EMAIL, PIN), false, "staticTan", false, true);
}
@Test
@@ -64,9 +68,9 @@ void getScaMethod_BO_null_sca_method() {
@Test
void user() {
- when(userService.findByLogin(anyString())).thenReturn(new UserBO());
+ when(userService.findByLogin(anyString())).thenReturn(getUserBO());
when(userMapper.toUserTO(any())).thenReturn(getUserTO());
- UserTO result = utils.user("id");
+ UserTO result = utils.user(ID);
assertThat(result).isEqualToComparingFieldByFieldRecursively(getUserTO());
}
@@ -76,19 +80,19 @@ void hasSCA() {
assertThat(result).isTrue();
}
- private UserBO getUserBO() {
- UserBO bo = new UserBO("login", "email", "pin");
- bo.setScaUserData(Collections.singletonList(new ScaUserDataBO()));
- return bo;
- }
-
@Test
void authorisationId() {
String result = utils.authorisationId(getScaInfo());
assertThat(result).isEqualTo("authId");
}
+ private UserBO getUserBO() {
+ UserBO bo = new UserBO(LOGIN, EMAIL, PIN);
+ bo.setScaUserData(Collections.singletonList(new ScaUserDataBO(ScaMethodTypeBO.SMTP_OTP, "anton.brueckner@de.de")));
+ return bo;
+ }
+
private ScaInfoTO getScaInfo() {
- return new ScaInfoTO("userId", "scaId", "authId", UserRoleTO.CUSTOMER, "methodId", "authCode", TokenUsageTO.LOGIN, "login", null, null);
+ return new ScaInfoTO("userId", "scaId", "authId", UserRoleTO.CUSTOMER, "methodId", "authCode", TokenUsageTO.LOGIN, LOGIN, null, null);
}
}
\ No newline at end of file
diff --git a/ledgers-middleware/ledgers-middleware-service-impl/src/test/resources/application.yml b/ledgers-middleware/ledgers-middleware-service-impl/src/test/resources/application.yml
index 9e414d3cc..448770c0a 100644
--- a/ledgers-middleware/ledgers-middleware-service-impl/src/test/resources/application.yml
+++ b/ledgers-middleware/ledgers-middleware-service-impl/src/test/resources/application.yml
@@ -85,7 +85,7 @@ ledgers:
ext_base_path: http://localhost:8088
endpoint: /emails/email
-#TanEncryption
+ #TanEncryption
application:
security:
masterPassword: $VoL973@sd
@@ -94,7 +94,9 @@ ledgers:
---
spring:
- profiles: h2
+ config:
+ activate:
+ on-profile: h2
h2:
console:
enabled: true
@@ -106,7 +108,9 @@ db:
---
spring:
- profiles: dev
+ config:
+ activate:
+ on-profile: dev
jpa:
hibernate:
ddl-auto: create-drop
diff --git a/ledgers-middleware/ledgers-middleware-service-impl/src/test/resources/de/adorsys/ledgers/middleware/impl/service/user.yml b/ledgers-middleware/ledgers-middleware-service-impl/src/test/resources/de/adorsys/ledgers/middleware/impl/service/user.yml
index dcccfa903..08d778106 100644
--- a/ledgers-middleware/ledgers-middleware-service-impl/src/test/resources/de/adorsys/ledgers/middleware/impl/service/user.yml
+++ b/ledgers-middleware/ledgers-middleware-service-impl/src/test/resources/de/adorsys/ledgers/middleware/impl/service/user.yml
@@ -13,7 +13,10 @@ accountAccesses:
- id: 1
accessType: OWNER
iban: 1234567
+ currency: EUR
+ accountId: qwerty
- id: 2
accessType: READ
iban: 7777777
-
\ No newline at end of file
+ currency: EUR
+ accountId: qwerty
diff --git a/ledgers-middleware/pom.xml b/ledgers-middleware/pom.xml
index c0189024a..5f4ed618f 100755
--- a/ledgers-middleware/pom.xml
+++ b/ledgers-middleware/pom.xml
@@ -12,7 +12,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-postings/ledgers-postings-repository/pom.xml b/ledgers-postings/ledgers-postings-repository/pom.xml
index 164ce01a5..4a839b357 100644
--- a/ledgers-postings/ledgers-postings-repository/pom.xml
+++ b/ledgers-postings/ledgers-postings-repository/pom.xml
@@ -17,7 +17,7 @@
de.adorsys.ledgers
ledgers-postings
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/AccountStmt.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/AccountStmt.java
index 0b40c9d05..d6c74ab68 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/AccountStmt.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/AccountStmt.java
@@ -10,7 +10,7 @@
import lombok.NoArgsConstructor;
import lombok.Setter;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.math.BigDecimal;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Amount.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Amount.java
index 2e2bc42f9..2e1f83177 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Amount.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Amount.java
@@ -10,8 +10,8 @@
import lombok.NoArgsConstructor;
import lombok.Setter;
-import javax.persistence.Column;
-import javax.persistence.Embeddable;
+import jakarta.persistence.Column;
+import jakarta.persistence.Embeddable;
import java.math.BigDecimal;
@Getter
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/BaseEntity.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/BaseEntity.java
index b69f298fe..c3d2cc052 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/BaseEntity.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/BaseEntity.java
@@ -12,7 +12,7 @@
import org.springframework.data.jpa.convert.threeten.Jsr310JpaConverters.LocalDateTimeConverter;
import org.springframework.data.jpa.domain.support.AuditingEntityListener;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.time.LocalDateTime;
/**
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/ChartOfAccount.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/ChartOfAccount.java
index bbdd004de..39fc84518 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/ChartOfAccount.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/ChartOfAccount.java
@@ -5,11 +5,11 @@
package de.adorsys.ledgers.postings.db.domain;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Table;
+import jakarta.persistence.UniqueConstraint;
import lombok.EqualsAndHashCode;
-import javax.persistence.Entity;
-import javax.persistence.Table;
-import javax.persistence.UniqueConstraint;
import java.time.LocalDateTime;
/**
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/FinancialStmt.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/FinancialStmt.java
index bac7f7c91..e27b2d92b 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/FinancialStmt.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/FinancialStmt.java
@@ -11,7 +11,7 @@
import lombok.Setter;
import org.springframework.data.jpa.convert.threeten.Jsr310JpaConverters.LocalDateTimeConverter;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.time.LocalDateTime;
/**
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/HashRecord.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/HashRecord.java
index 99cce2e46..e49797568 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/HashRecord.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/HashRecord.java
@@ -7,13 +7,12 @@
import com.fasterxml.jackson.annotation.JsonIgnore;
import de.adorsys.ledgers.util.hash.HashItem;
+import jakarta.persistence.MappedSuperclass;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
-import javax.persistence.MappedSuperclass;
-
@Getter
@Setter
@EqualsAndHashCode
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Ledger.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Ledger.java
index a971fe397..4fdbe4a06 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Ledger.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Ledger.java
@@ -5,15 +5,15 @@
package de.adorsys.ledgers.postings.db.domain;
+import jakarta.persistence.Entity;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+import jakarta.persistence.UniqueConstraint;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
-import javax.persistence.Entity;
-import javax.persistence.ManyToOne;
-import javax.persistence.Table;
-import javax.persistence.UniqueConstraint;
import java.time.LocalDateTime;
@Getter
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/LedgerAccount.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/LedgerAccount.java
index d4ac38683..c37a42045 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/LedgerAccount.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/LedgerAccount.java
@@ -9,7 +9,7 @@
import lombok.Getter;
import lombok.Setter;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.time.LocalDateTime;
/**
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/LedgerStmt.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/LedgerStmt.java
index 834c334a2..145252bf1 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/LedgerStmt.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/LedgerStmt.java
@@ -5,14 +5,14 @@
package de.adorsys.ledgers.postings.db.domain;
+import jakarta.persistence.Entity;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.PrePersist;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
-import javax.persistence.Entity;
-import javax.persistence.ManyToOne;
-import javax.persistence.PrePersist;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
import java.util.Optional;
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/NamedEntity.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/NamedEntity.java
index 2d6cd7080..7406d39ce 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/NamedEntity.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/NamedEntity.java
@@ -9,8 +9,8 @@
import lombok.Getter;
import lombok.Setter;
-import javax.persistence.Column;
-import javax.persistence.MappedSuperclass;
+import jakarta.persistence.Column;
+import jakarta.persistence.MappedSuperclass;
import java.time.LocalDateTime;
/**
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/OpNote.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/OpNote.java
index c3f158398..cbb4f95de 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/OpNote.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/OpNote.java
@@ -12,7 +12,7 @@
import org.springframework.data.jpa.convert.threeten.Jsr310JpaConverters.LocalDateTimeConverter;
import org.springframework.data.jpa.domain.support.AuditingEntityListener;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.time.LocalDateTime;
@Getter
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/OperationDetails.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/OperationDetails.java
index 728b545c8..5cc8c8f03 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/OperationDetails.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/OperationDetails.java
@@ -6,14 +6,15 @@
package de.adorsys.ledgers.postings.db.domain;
import de.adorsys.ledgers.util.Ids;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Lob;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
-
-import javax.persistence.Entity;
-import javax.persistence.Id;
-import javax.persistence.Lob;
+import org.hibernate.annotations.JdbcTypeCode;
+import org.hibernate.type.SqlTypes;
@Getter
@Setter
@@ -24,7 +25,7 @@ public class OperationDetails {
@Id
private String id;
@Lob
- @org.hibernate.annotations.Type( type = "text" )
+ @JdbcTypeCode(SqlTypes.LONGVARCHAR)
private String opDetails;
public OperationDetails(String opDetails) {
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Posting.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Posting.java
index 78601d15f..8e343046e 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Posting.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/Posting.java
@@ -16,7 +16,7 @@
import lombok.Setter;
import org.springframework.data.jpa.convert.threeten.Jsr310JpaConverters.LocalDateTimeConverter;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.List;
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/PostingLine.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/PostingLine.java
index ca2770d37..3f06b7d2f 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/PostingLine.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/PostingLine.java
@@ -12,7 +12,7 @@
import lombok.Setter;
import org.springframework.data.jpa.convert.threeten.Jsr310JpaConverters.LocalDateTimeConverter;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.math.BigDecimal;
import java.time.LocalDateTime;
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/PostingTrace.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/PostingTrace.java
index ee32114e3..5cd2ccae5 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/PostingTrace.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/domain/PostingTrace.java
@@ -11,7 +11,7 @@
import lombok.Setter;
import org.springframework.data.jpa.convert.threeten.Jsr310JpaConverters.LocalDateTimeConverter;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.math.BigDecimal;
import java.time.LocalDateTime;
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/AccountStmtRepository.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/AccountStmtRepository.java
index 25761c3a6..ebbf7b3ef 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/AccountStmtRepository.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/AccountStmtRepository.java
@@ -5,16 +5,16 @@
package de.adorsys.ledgers.postings.db.repository;
-import java.time.LocalDateTime;
-import java.util.Optional;
-
-import org.springframework.data.repository.PagingAndSortingRepository;
-
import de.adorsys.ledgers.postings.db.domain.AccountStmt;
import de.adorsys.ledgers.postings.db.domain.LedgerAccount;
import de.adorsys.ledgers.postings.db.domain.StmtStatus;
+import org.springframework.data.repository.CrudRepository;
+import org.springframework.data.repository.PagingAndSortingRepository;
+
+import java.time.LocalDateTime;
+import java.util.Optional;
-public interface AccountStmtRepository extends PagingAndSortingRepository {
+public interface AccountStmtRepository extends PagingAndSortingRepository, CrudRepository {
/**
* Select the latest statement for the given reference time.
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/ChartOfAccountRepository.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/ChartOfAccountRepository.java
index 66724e00d..03f7d074c 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/ChartOfAccountRepository.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/ChartOfAccountRepository.java
@@ -5,11 +5,12 @@
package de.adorsys.ledgers.postings.db.repository;
-import java.util.Optional;
-
import de.adorsys.ledgers.postings.db.domain.ChartOfAccount;
+import org.springframework.data.repository.CrudRepository;
+
+import java.util.Optional;
-public interface ChartOfAccountRepository extends NamedEntityRepository {
+public interface ChartOfAccountRepository extends NamedEntityRepository, CrudRepository {
/**
* Find a chart of account with this name.
*
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerAccountRepository.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerAccountRepository.java
index 1635bebe2..00505eb72 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerAccountRepository.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerAccountRepository.java
@@ -8,12 +8,13 @@
import de.adorsys.ledgers.postings.db.domain.Ledger;
import de.adorsys.ledgers.postings.db.domain.LedgerAccount;
import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.CrudRepository;
import java.util.List;
import java.util.Optional;
import java.util.Set;
-public interface LedgerAccountRepository extends NamedEntityRepository {
+public interface LedgerAccountRepository extends NamedEntityRepository, CrudRepository {
Optional findOptionalByLedgerAndName(Ledger ledger, String name);
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerRepository.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerRepository.java
index f75657617..5c76a177e 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerRepository.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerRepository.java
@@ -5,13 +5,14 @@
package de.adorsys.ledgers.postings.db.repository;
-import java.util.List;
-import java.util.Optional;
-
import de.adorsys.ledgers.postings.db.domain.ChartOfAccount;
import de.adorsys.ledgers.postings.db.domain.Ledger;
+import org.springframework.data.repository.CrudRepository;
+
+import java.util.List;
+import java.util.Optional;
-public interface LedgerRepository extends NamedEntityRepository {
+public interface LedgerRepository extends NamedEntityRepository, CrudRepository {
/**
* Find a ledger with this name.
*
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerStmtRepository.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerStmtRepository.java
index 8ec801656..c94dca78f 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerStmtRepository.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/LedgerStmtRepository.java
@@ -8,13 +8,14 @@
import java.time.LocalDateTime;
import java.util.Optional;
+import org.springframework.data.repository.CrudRepository;
import org.springframework.data.repository.PagingAndSortingRepository;
import de.adorsys.ledgers.postings.db.domain.Ledger;
import de.adorsys.ledgers.postings.db.domain.LedgerStmt;
import de.adorsys.ledgers.postings.db.domain.StmtStatus;
-public interface LedgerStmtRepository extends PagingAndSortingRepository {
+public interface LedgerStmtRepository extends PagingAndSortingRepository, CrudRepository {
/**
* Select the latest statement for the given reference time.
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/PostingRepository.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/PostingRepository.java
index f4928c18c..83ffe6dca 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/PostingRepository.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/PostingRepository.java
@@ -7,12 +7,13 @@
import de.adorsys.ledgers.postings.db.domain.Ledger;
import de.adorsys.ledgers.postings.db.domain.Posting;
+import org.springframework.data.repository.CrudRepository;
import org.springframework.data.repository.PagingAndSortingRepository;
import java.util.List;
import java.util.Optional;
-public interface PostingRepository extends PagingAndSortingRepository {
+public interface PostingRepository extends PagingAndSortingRepository, CrudRepository {
/**
* Load the non discaded posting.
*
diff --git a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/PostingTraceRepository.java b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/PostingTraceRepository.java
index b35842a3c..288f28930 100644
--- a/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/PostingTraceRepository.java
+++ b/ledgers-postings/ledgers-postings-repository/src/main/java/de/adorsys/ledgers/postings/db/repository/PostingTraceRepository.java
@@ -5,9 +5,10 @@
package de.adorsys.ledgers.postings.db.repository;
+import org.springframework.data.repository.CrudRepository;
import org.springframework.data.repository.PagingAndSortingRepository;
import de.adorsys.ledgers.postings.db.domain.PostingTrace;
-public interface PostingTraceRepository extends PagingAndSortingRepository {
+public interface PostingTraceRepository extends PagingAndSortingRepository, CrudRepository {
}
diff --git a/ledgers-postings/ledgers-postings-rest-server/pom.xml b/ledgers-postings/ledgers-postings-rest-server/pom.xml
index 3f73ff24f..6f153e00c 100644
--- a/ledgers-postings/ledgers-postings-rest-server/pom.xml
+++ b/ledgers-postings/ledgers-postings-rest-server/pom.xml
@@ -9,7 +9,7 @@
de.adorsys.ledgers
ledgers-postings
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
ledgers-postings-rest-server
@@ -50,7 +50,7 @@
org.springdoc
- springdoc-openapi-ui
+ springdoc-openapi-starter-webmvc-ui
diff --git a/ledgers-postings/ledgers-postings-service-api/pom.xml b/ledgers-postings/ledgers-postings-service-api/pom.xml
index bbfccf1ef..73bc3571e 100644
--- a/ledgers-postings/ledgers-postings-service-api/pom.xml
+++ b/ledgers-postings/ledgers-postings-service-api/pom.xml
@@ -16,7 +16,7 @@
de.adorsys.ledgers
ledgers-postings
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-postings/ledgers-postings-service-impl/pom.xml b/ledgers-postings/ledgers-postings-service-impl/pom.xml
index 2234af1e1..53d53401a 100644
--- a/ledgers-postings/ledgers-postings-service-impl/pom.xml
+++ b/ledgers-postings/ledgers-postings-service-impl/pom.xml
@@ -17,7 +17,7 @@
de.adorsys.ledgers
ledgers-postings
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-postings/ledgers-postings-service-impl/src/main/java/de/adorsys/ledgers/postings/impl/converter/LocalDateTimeAttributeConverter.java b/ledgers-postings/ledgers-postings-service-impl/src/main/java/de/adorsys/ledgers/postings/impl/converter/LocalDateTimeAttributeConverter.java
index d0b476b38..971bf0f1f 100644
--- a/ledgers-postings/ledgers-postings-service-impl/src/main/java/de/adorsys/ledgers/postings/impl/converter/LocalDateTimeAttributeConverter.java
+++ b/ledgers-postings/ledgers-postings-service-impl/src/main/java/de/adorsys/ledgers/postings/impl/converter/LocalDateTimeAttributeConverter.java
@@ -8,8 +8,8 @@
import java.sql.Timestamp;
import java.time.LocalDateTime;
-import javax.persistence.AttributeConverter;
-import javax.persistence.Converter;
+import jakarta.persistence.AttributeConverter;
+import jakarta.persistence.Converter;
@Converter(autoApply = true)
public class LocalDateTimeAttributeConverter implements AttributeConverter {
diff --git a/ledgers-postings/pom.xml b/ledgers-postings/pom.xml
index 090b49128..d695159da 100755
--- a/ledgers-postings/pom.xml
+++ b/ledgers-postings/pom.xml
@@ -12,7 +12,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-sca/ledgers-sca-repository/pom.xml b/ledgers-sca/ledgers-sca-repository/pom.xml
index b7adf55c4..77a38a9b0 100644
--- a/ledgers-sca/ledgers-sca-repository/pom.xml
+++ b/ledgers-sca/ledgers-sca-repository/pom.xml
@@ -9,7 +9,7 @@
de.adorsys.ledgers
ledgers-sca
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-sca/ledgers-sca-repository/src/main/java/de/adorsys/ledgers/sca/db/domain/RecoveryPointEntity.java b/ledgers-sca/ledgers-sca-repository/src/main/java/de/adorsys/ledgers/sca/db/domain/RecoveryPointEntity.java
index 68a69307a..3d7692beb 100644
--- a/ledgers-sca/ledgers-sca-repository/src/main/java/de/adorsys/ledgers/sca/db/domain/RecoveryPointEntity.java
+++ b/ledgers-sca/ledgers-sca-repository/src/main/java/de/adorsys/ledgers/sca/db/domain/RecoveryPointEntity.java
@@ -8,7 +8,7 @@
import lombok.Data;
import org.hibernate.annotations.CreationTimestamp;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.time.LocalDateTime;
@Entity
diff --git a/ledgers-sca/ledgers-sca-repository/src/main/java/de/adorsys/ledgers/sca/db/domain/SCAOperationEntity.java b/ledgers-sca/ledgers-sca-repository/src/main/java/de/adorsys/ledgers/sca/db/domain/SCAOperationEntity.java
index e344cf6be..7c13c908b 100644
--- a/ledgers-sca/ledgers-sca-repository/src/main/java/de/adorsys/ledgers/sca/db/domain/SCAOperationEntity.java
+++ b/ledgers-sca/ledgers-sca-repository/src/main/java/de/adorsys/ledgers/sca/db/domain/SCAOperationEntity.java
@@ -5,11 +5,12 @@
package de.adorsys.ledgers.sca.db.domain;
+import jakarta.persistence.*;
import lombok.Data;
+import lombok.NoArgsConstructor;
import org.hibernate.annotations.UpdateTimestamp;
import org.springframework.data.jpa.convert.threeten.Jsr310JpaConverters.LocalDateTimeConverter;
-import javax.persistence.*;
import java.time.LocalDateTime;
import java.util.EnumSet;
@@ -32,6 +33,7 @@
@Entity
@Data
@Table(name = "sca_operation")
+@NoArgsConstructor
public class SCAOperationEntity {
/**
diff --git a/ledgers-sca/ledgers-sca-service-api/pom.xml b/ledgers-sca/ledgers-sca-service-api/pom.xml
index cc4c03664..2ed7c3eb2 100644
--- a/ledgers-sca/ledgers-sca-service-api/pom.xml
+++ b/ledgers-sca/ledgers-sca-service-api/pom.xml
@@ -9,7 +9,7 @@
de.adorsys.ledgers
ledgers-sca
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
ledgers-sca-service-api
diff --git a/ledgers-sca/ledgers-sca-service-impl/pom.xml b/ledgers-sca/ledgers-sca-service-impl/pom.xml
index 5e126844e..5a40da563 100644
--- a/ledgers-sca/ledgers-sca-service-impl/pom.xml
+++ b/ledgers-sca/ledgers-sca-service-impl/pom.xml
@@ -9,7 +9,7 @@
de.adorsys.ledgers
ledgers-sca
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
ledgers-sca-service-impl
diff --git a/ledgers-sca/ledgers-sca-service-impl/src/main/java/de/adorsys/ledgers/sca/service/impl/message/PushOtpMessageHandler.java b/ledgers-sca/ledgers-sca-service-impl/src/main/java/de/adorsys/ledgers/sca/service/impl/message/PushOtpMessageHandler.java
index 55f9fdf31..c3e50a670 100644
--- a/ledgers-sca/ledgers-sca-service-impl/src/main/java/de/adorsys/ledgers/sca/service/impl/message/PushOtpMessageHandler.java
+++ b/ledgers-sca/ledgers-sca-service-impl/src/main/java/de/adorsys/ledgers/sca/service/impl/message/PushOtpMessageHandler.java
@@ -21,6 +21,7 @@
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.List;
+import java.util.Optional;
import java.util.stream.Collectors;
@Slf4j
@@ -81,10 +82,11 @@ private URI getUri(List split) {
}
private HttpMethod getHttpMethod(List split) {
- try {
- return HttpMethod.valueOf(split.get(0));
- } catch (IllegalArgumentException e) {
- throw ScaModuleException.buildScaSenderException(String.format(ERROR_REASON_2_MATCHERS, "Inappropriate HttpMethod", split.get(0)));
- }
+ // Such funny validation is required because they don't throw an exception on invalid HTTP method name in Spring 6.
+ Optional optionalMethod = Arrays.stream(HttpMethod.values())
+ .filter(v -> v.name().equalsIgnoreCase(split.get(0)))
+ .findFirst();
+ return Optional.of(optionalMethod).get()
+ .orElseThrow(() -> ScaModuleException.buildScaSenderException(String.format(ERROR_REASON_2_MATCHERS, "Inappropriate HttpMethod", split.get(0))));
}
}
diff --git a/ledgers-sca/pom.xml b/ledgers-sca/pom.xml
index 25babf8bd..143b575ba 100755
--- a/ledgers-sca/pom.xml
+++ b/ledgers-sca/pom.xml
@@ -12,7 +12,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-security/pom.xml b/ledgers-security/pom.xml
index e74efdeff..6f4001a00 100644
--- a/ledgers-security/pom.xml
+++ b/ledgers-security/pom.xml
@@ -10,7 +10,7 @@
ledgers
de.adorsys.ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
4.0.0
diff --git a/ledgers-user-management/ledgers-user-management-repository/pom.xml b/ledgers-user-management/ledgers-user-management-repository/pom.xml
index c66ad2301..63f4a4eba 100644
--- a/ledgers-user-management/ledgers-user-management-repository/pom.xml
+++ b/ledgers-user-management/ledgers-user-management-repository/pom.xml
@@ -12,7 +12,7 @@
de.adorsys.ledgers
ledgers-user-management
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/AccountAccess.java b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/AccountAccess.java
index ecee657b5..c5041cb31 100644
--- a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/AccountAccess.java
+++ b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/AccountAccess.java
@@ -6,16 +6,18 @@
package de.adorsys.ledgers.um.db.domain;
import de.adorsys.ledgers.util.Ids;
+import jakarta.persistence.*;
import lombok.Data;
+import lombok.NoArgsConstructor;
import org.hibernate.annotations.CreationTimestamp;
import org.jetbrains.annotations.NotNull;
-import javax.persistence.*;
import java.time.LocalDateTime;
//Todo clarify unique constrains iban & access_type
@Entity
@Data
+@NoArgsConstructor(force = true)
@Table(name = "account_accesses")
public class AccountAccess {
diff --git a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/AisConsentEntity.java b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/AisConsentEntity.java
index 03c1fda55..5176952e1 100644
--- a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/AisConsentEntity.java
+++ b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/AisConsentEntity.java
@@ -5,20 +5,12 @@
package de.adorsys.ledgers.um.db.domain;
+import jakarta.persistence.*;
import lombok.Data;
import java.time.LocalDate;
import java.util.List;
-import javax.persistence.CollectionTable;
-import javax.persistence.ElementCollection;
-import javax.persistence.Entity;
-import javax.persistence.EnumType;
-import javax.persistence.Enumerated;
-import javax.persistence.Id;
-import javax.persistence.JoinColumn;
-import javax.persistence.Table;
-
@Entity
@Data
@Table(name = "sca_ais_consent")
diff --git a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/EmailVerificationEntity.java b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/EmailVerificationEntity.java
index 435a072a7..684b6af4f 100644
--- a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/EmailVerificationEntity.java
+++ b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/EmailVerificationEntity.java
@@ -5,9 +5,11 @@
package de.adorsys.ledgers.um.db.domain;
-import lombok.*;
+import jakarta.persistence.*;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.Setter;
-import javax.persistence.*;
import java.time.LocalDateTime;
@Entity
diff --git a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/OauthCodeEntity.java b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/OauthCodeEntity.java
index 3de47b3e6..811804526 100644
--- a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/OauthCodeEntity.java
+++ b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/OauthCodeEntity.java
@@ -5,11 +5,13 @@
package de.adorsys.ledgers.um.db.domain;
+import jakarta.persistence.*;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
+import org.hibernate.annotations.JdbcTypeCode;
+import org.hibernate.type.SqlTypes;
-import javax.persistence.*;
import java.time.OffsetDateTime;
@Setter
@@ -35,7 +37,7 @@ public class OauthCodeEntity {
private boolean used;
@Lob
- @org.hibernate.annotations.Type( type = "text" )
+ @JdbcTypeCode(SqlTypes.LONGVARCHAR)
@Column(name = "token", nullable = false)
private String token;
diff --git a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/ScaUserDataEntity.java b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/ScaUserDataEntity.java
index e1f14a9bf..16b5983c3 100644
--- a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/ScaUserDataEntity.java
+++ b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/ScaUserDataEntity.java
@@ -8,7 +8,7 @@
import de.adorsys.ledgers.util.Ids;
import lombok.Data;
-import javax.persistence.*;
+import jakarta.persistence.*;
@Entity
@Table(name = "sca_data")
diff --git a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/UserEntity.java b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/UserEntity.java
index f1a646d49..0771ef3f7 100644
--- a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/UserEntity.java
+++ b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/domain/UserEntity.java
@@ -9,7 +9,7 @@
import lombok.Setter;
import org.hibernate.annotations.CreationTimestamp;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Collection;
diff --git a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/repository/UserRepository.java b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/repository/UserRepository.java
index b4df29e71..ffca3662c 100644
--- a/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/repository/UserRepository.java
+++ b/ledgers-user-management/ledgers-user-management-repository/src/main/java/de/adorsys/ledgers/um/db/repository/UserRepository.java
@@ -12,6 +12,7 @@
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.repository.Modifying;
import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.CrudRepository;
import org.springframework.data.repository.PagingAndSortingRepository;
import java.time.LocalDateTime;
@@ -19,7 +20,7 @@
import java.util.List;
import java.util.Optional;
-public interface UserRepository extends PagingAndSortingRepository {
+public interface UserRepository extends PagingAndSortingRepository, CrudRepository {
/**
* Finds user by its login if exists
diff --git a/ledgers-user-management/ledgers-user-management-rest-server/pom.xml b/ledgers-user-management/ledgers-user-management-rest-server/pom.xml
index b7a6f39b8..1572e4d47 100644
--- a/ledgers-user-management/ledgers-user-management-rest-server/pom.xml
+++ b/ledgers-user-management/ledgers-user-management-rest-server/pom.xml
@@ -10,7 +10,7 @@
de.adorsys.ledgers
ledgers-user-management
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
@@ -53,7 +53,7 @@
org.springdoc
- springdoc-openapi-ui
+ springdoc-openapi-starter-webmvc-ui
diff --git a/ledgers-user-management/ledgers-user-management-service-api/pom.xml b/ledgers-user-management/ledgers-user-management-service-api/pom.xml
index bccbababb..731ba5da6 100644
--- a/ledgers-user-management/ledgers-user-management-service-api/pom.xml
+++ b/ledgers-user-management/ledgers-user-management-service-api/pom.xml
@@ -10,7 +10,7 @@
de.adorsys.ledgers
ledgers-user-management
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-user-management/ledgers-user-management-service-impl/pom.xml b/ledgers-user-management/ledgers-user-management-service-impl/pom.xml
index a943fcdc7..846078cf9 100644
--- a/ledgers-user-management/ledgers-user-management-service-impl/pom.xml
+++ b/ledgers-user-management/ledgers-user-management-service-impl/pom.xml
@@ -10,7 +10,7 @@
de.adorsys.ledgers
ledgers-user-management
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-user-management/pom.xml b/ledgers-user-management/pom.xml
index d5eb04191..908e227bf 100755
--- a/ledgers-user-management/pom.xml
+++ b/ledgers-user-management/pom.xml
@@ -12,7 +12,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-utils/pom.xml b/ledgers-utils/pom.xml
index 29e834fe5..63cb9dc15 100644
--- a/ledgers-utils/pom.xml
+++ b/ledgers-utils/pom.xml
@@ -10,7 +10,7 @@
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
../pom.xml
diff --git a/ledgers-utils/src/main/java/de/adorsys/ledgers/util/tan/encriptor/EncryptorConfiguration.java b/ledgers-utils/src/main/java/de/adorsys/ledgers/util/tan/encriptor/EncryptorConfiguration.java
index a47aad2aa..d7bd36081 100644
--- a/ledgers-utils/src/main/java/de/adorsys/ledgers/util/tan/encriptor/EncryptorConfiguration.java
+++ b/ledgers-utils/src/main/java/de/adorsys/ledgers/util/tan/encriptor/EncryptorConfiguration.java
@@ -23,7 +23,7 @@ public class EncryptorConfiguration {
public StandardPBEStringEncryptor stringEncryptor() {
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
log.info("Algorithm: {}", encryptorAlgorithm);
- log.info("masterPass: {}", masterPassword);
+ log.debug("masterPass: {}", masterPassword);
encryptor.setPassword(masterPassword);
encryptor.setAlgorithm(encryptorAlgorithm);
return encryptor;
diff --git a/pom.xml b/pom.xml
index 85b4ccf6e..c57ed122d 100755
--- a/pom.xml
+++ b/pom.xml
@@ -11,7 +11,7 @@
4.0.0
de.adorsys.ledgers
ledgers
- 5.1-SNAPSHOT
+ 5.0-SNAPSHOT
ledgers-app
@@ -96,7 +96,7 @@
- 11
+ 17
${java.version}
${java.version}
${project.basedir}
@@ -105,52 +105,53 @@
UTF-8
- 3.0.0-M3
- 3.0.0-M6
- 2.7
- 2.1.1.RELEASE
+ 3.4.0
+ 3.1.2
+ 3.3.0
+ 3.0.7
3.7.0.1746
- 0.8.6
- 3.0.0-M6
- 3.10.1
+ 0.8.10
+ 3.1.2
+ 3.11.0
3.0.1
- 1.6
- 3.13.0
+ 3.0.1
+ 3.21.0
- 2.7.10
- 3.1.6
- 5.7.8
+ 3.0.7
+ 4.0.4
+ 6.0.5
3.0.0
- 5.3.26
+ 6.0.7
- 1.5.12
+ 2.2.0
4.3
2.8.0
15.0
2.6.0
- 20.0.5
- 1.4.1.Final
- 1.16.22
+ 22.0.3
+ 1.5.5.Final
+ 0.2.0
0.7
- 2.1.214
- 42.3.3
+ 2.2.220
+ 42.3.8
1.4.0
1.4.0
2.5.0
20230227
2.13.2
+ 8.0.1.Final
10.7.4
- 1.15.1
+ 1.17.3
1.3.3
1.0.1.Final
3.3.1.Final
4.8.139
- 5.8.2
- 3.11.2
+ 5.9.3
+ 5.2.0
32.0.0-jre
1.3
1.3.0
@@ -158,12 +159,12 @@
1.7
jdt_apt
- 1.7.25
+ 2.0.9
7.9
4.9.0
3.1.7
2.13.2
- 1.18.8
+ 1.18.24
1.9.3
@@ -209,7 +210,7 @@
spring-milestones
Spring Milestones
- http://repo.spring.io/milestone
+ https://repo.spring.io/milestone
false
@@ -241,6 +242,30 @@
${spring-security.version}
+
+ org.springframework.boot
+ spring-boot-starter-web
+ ${spring-boot-dependencies.version}
+
+
+
+ org.springframework.boot
+ spring-boot-starter-oauth2-client
+ ${spring-boot-dependencies.version}
+
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+ ${spring-boot-dependencies.version}
+
+
+
+ org.springframework.plugin
+ spring-plugin-core
+ ${spring-plugin.version}
+
+
@@ -278,17 +303,11 @@
${keycloak.version}
-
- org.springframework.plugin
- spring-plugin-core
- ${spring-plugin.version}
-
-
org.springdoc
- springdoc-openapi-ui
+ springdoc-openapi-starter-webmvc-ui
${springdoc-openapi-ui.version}
@@ -314,6 +333,12 @@
${commons-validator.version}
+
+ org.hibernate.validator
+ hibernate-validator
+ ${hibernate-validator.version}
+
+
com.google.guava
guava
@@ -496,9 +521,8 @@
org.apache.maven.plugins
maven-pmd-plugin
- ${pmd.plugin.version}
+ ${maven-pmd-plugin.version}
- ${project.build.sourceEncoding}
100
${java.version}
true
@@ -539,13 +563,18 @@
org.projectlombok
lombok
- ${lombok-plugin.version}
+ ${lombok.version}
org.mapstruct
mapstruct-processor
${org.mapstruct.version}
+
+ org.projectlombok
+ lombok-mapstruct-binding
+ ${lombok-mapstruct-binding.version}
+