Merge pull request #65 from jenkinsci/bugfix/remove-deprecations

This change removes deprecation warnings.

.gitpod.yml

@@ -9,11 +9,10 @@ tasks:
       sdk install java 8.0.322-tem
       sdk install java 11.0.14-tem
       sdk use maven 3.8.3
-      brew install gh xmlstarlet
+      brew install gh
 vscode:
   extensions:
     - bierner.markdown-preview-github-styles
-    - github.vscode-pull-request-github
     - redhat.fabric8-analytics
     - redhat.java
     - redhat.vscode-commons

README.md

@@ -160,7 +160,7 @@ The following changes and improvements are planned for the following releases
 
 ### 2.3.0
 
-* [ ] Update to latest libs
+* [x] Update to latest libs
 
 ### 3.x.x
 

pom.xml

@@ -50,7 +50,7 @@
     </contributors>
 
     <properties>
-        <revision>2.2.1</revision>
+        <revision>3.0.0</revision>
         <changelist>-SNAPSHOT</changelist>
         <gitHubRepo>jenkinsci/crowd2-plugin</gitHubRepo>
         <jenkins.version>2.303.1</jenkins.version>

src/main/java/de/theit/jenkins/crowd/CrowdAuthenticationManager.java

@@ -33,15 +33,15 @@
 import com.atlassian.crowd.exception.UserNotFoundException;
 import com.atlassian.crowd.model.user.User;
 import hudson.security.SecurityRealm;
-import org.acegisecurity.AccountExpiredException;
-import org.acegisecurity.Authentication;
-import org.acegisecurity.AuthenticationException;
-import org.acegisecurity.AuthenticationManager;
-import org.acegisecurity.AuthenticationServiceException;
-import org.acegisecurity.BadCredentialsException;
-import org.acegisecurity.CredentialsExpiredException;
-import org.acegisecurity.GrantedAuthority;
-import org.acegisecurity.InsufficientAuthenticationException;
+import org.springframework.security.authentication.AccountExpiredException;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationServiceException;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.CredentialsExpiredException;
+import org.springframework.security.authentication.InsufficientAuthenticationException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -87,7 +87,7 @@ public CrowdAuthenticationManager(CrowdConfigurationService pConfiguration) {
     /**
      * {@inheritDoc}
      *
-     * @see org.acegisecurity.AuthenticationManager#authenticate(org.acegisecurity.Authentication)
+     * @see org.springframework.security.authentication.AuthenticationManager#authenticate(org.springframework.security.core.Authentication)
      */
     @Override
     public Authentication authenticate(Authentication authentication)
@@ -156,7 +156,7 @@ public Authentication authenticate(Authentication authentication)
 
         // add the "authenticated" authority to the list of granted
         // authorities...
-        authorities.add(SecurityRealm.AUTHENTICATED_AUTHORITY);
+        authorities.add(SecurityRealm.AUTHENTICATED_AUTHORITY2);
         // ..and finally all authorities retrieved from the Crowd server
         authorities.addAll(this.configuration.getAuthoritiesForUser(username));
 

src/main/java/de/theit/jenkins/crowd/CrowdAuthenticationToken.java

@@ -28,9 +28,9 @@
 import java.util.List;
 
 import jenkins.model.Jenkins;
-import org.acegisecurity.GrantedAuthority;
-import org.acegisecurity.providers.AbstractAuthenticationToken;
-import org.acegisecurity.userdetails.UserDetails;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.authentication.AbstractAuthenticationToken;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.apache.commons.lang.StringUtils;
 
 /**
@@ -68,8 +68,8 @@ public class CrowdAuthenticationToken extends AbstractAuthenticationToken {
      */
     public CrowdAuthenticationToken(String pPrincipal, String pCredentials,
             List<GrantedAuthority> authorities, String pSsoToken) {
-        super(authorities.toArray(new GrantedAuthority[authorities.size()]));
-        this.principal = Jenkins.get().getSecurityRealm().loadUserByUsername(pPrincipal);
+        super(authorities);
+        this.principal = Jenkins.get().getSecurityRealm().loadUserByUsername2(pPrincipal);
         this.credentials = pCredentials;
         this.ssoToken = pSsoToken;
         super.setAuthenticated(true);
@@ -78,7 +78,7 @@ public CrowdAuthenticationToken(String pPrincipal, String pCredentials,
     /**
      * {@inheritDoc}
      *
-     * @see org.acegisecurity.Authentication#getCredentials()
+     * @see org.springframework.security.core.Authentication#getCredentials()
      */
     @Override
     public String getCredentials() {
@@ -88,7 +88,7 @@ public String getCredentials() {
     /**
      * {@inheritDoc}
      *
-     * @see org.acegisecurity.Authentication#getPrincipal()
+     * @see org.springframework.security.core.Authentication#getPrincipal()
      */
     @Override
     public UserDetails getPrincipal() {
@@ -108,7 +108,7 @@ public String getSSOToken() {
     /**
      * {@inheritDoc}
      *
-     * @see org.acegisecurity.providers.AbstractAuthenticationToken#getName()
+     * @see org.springframework.security.authentication.AbstractAuthenticationToken#getName()
      */
     @Override
     public String getName() {
@@ -127,6 +127,6 @@ public static void updateUserInfo(com.atlassian.crowd.model.user.User user) {
      * Gets the corresponding {@link hudson.model.User} object.
      */
     private static hudson.model.User getJenkinsUser(String username) {
-        return hudson.model.User.get(username);
+        return hudson.model.User.getById(username, false);
     }
 }

src/main/java/de/theit/jenkins/crowd/CrowdConfigurationService.java

@@ -47,8 +47,8 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.acegisecurity.GrantedAuthority;
-import org.acegisecurity.GrantedAuthorityImpl;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.apache.commons.lang.SystemUtils;
 
 import com.atlassian.crowd.exception.ApplicationAccessDeniedException;
@@ -396,7 +396,7 @@ public int compare(GrantedAuthority ga1,
 
         // now create the list of authorities
         for (String str : groupNames) {
-            authorities.add(new GrantedAuthorityImpl(str));
+            authorities.add(new SimpleGrantedAuthority(str));
         }
 
         // If correct object was returned save it to cache
@@ -748,7 +748,7 @@ public boolean isAuthenticated(HttpServletRequest httpServletRequest, HttpServle
             currentThread.setContextClassLoader(CrowdConfigurationService.class.getClassLoader());
         }
         try {
-            return crowdHttpAuthenticator.isAuthenticated(httpServletRequest, httpServletResponse);
+            return crowdHttpAuthenticator.checkAuthenticated(httpServletRequest, httpServletResponse).isAuthenticated();
         } finally {
             if (currentThread != null) {
                 currentThread.setContextClassLoader(orgContextClassLoader);

src/main/java/de/theit/jenkins/crowd/CrowdMailAddressResolverImpl.java

@@ -28,14 +28,15 @@
 import hudson.Extension;
 import hudson.model.User;
 import hudson.security.SecurityRealm;
+import hudson.security.UserMayOrMayNotExistException2;
 import hudson.tasks.MailAddressResolver;
 import jenkins.model.Jenkins;
 
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
-import org.acegisecurity.userdetails.UsernameNotFoundException;
-import org.springframework.dao.DataAccessException;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
 
 /**
  * This class resolves email addresses via lookup in Crowd.
@@ -61,21 +62,17 @@ public String findMailAddressFor(User u) {
 
         if (realm instanceof CrowdSecurityRealm) {
             try {
-                String userId = getUserIdFromDisplayName(u);
+                String userId = u.getId();
 
                 if (LOG.isLoggable(Level.FINE)) {
                     LOG.fine("Looking up mail address for user: " + userId);
                 }
-                CrowdUser details = (CrowdUser) realm.loadUserByUsername(userId);
+                CrowdUser details = (CrowdUser) realm.loadUserByUsername2(userId);
                 mail = details.getEmailAddress();
+            } catch (UserMayOrMayNotExistException2  ex) {
+                LOG.log(Level.SEVERE, "User do not exist, unable to look up email address", ex);
             } catch (UsernameNotFoundException ex) {
-                if (LOG.isLoggable(Level.INFO)) {
-                    LOG.info("Failed to look up email address in Crowd");
-                }
-            } catch (DataAccessException ex) {
-                LOG.log(Level.SEVERE,
-                        "Access exception trying to look up email address in Crowd",
-                        ex);
+                LOG.info("Failed to look up email address in Crowd");
             }
         }
 
@@ -95,7 +92,7 @@ public String findMailAddressFor(User u) {
      * @return the user id from display name
      */
     String getUserIdFromDisplayName(User user) {
-        String userId = user.getId();
+        String userId = user.getDisplayName();
         int pos = userId.lastIndexOf('(');
         if (pos > 0) {
             int pos2 = userId.indexOf(')', pos + 1);

src/main/java/de/theit/jenkins/crowd/CrowdRememberMeServices.java

@@ -35,9 +35,9 @@
 import com.atlassian.crowd.model.authentication.ValidationFactor;
 import com.atlassian.crowd.model.user.User;
 import hudson.security.SecurityRealm;
-import org.acegisecurity.Authentication;
-import org.acegisecurity.GrantedAuthority;
-import org.acegisecurity.ui.rememberme.RememberMeServices;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.web.authentication.RememberMeServices;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -83,7 +83,7 @@ public CrowdRememberMeServices(CrowdConfigurationService pConfiguration) {
     /**
      * {@inheritDoc}
      *
-     * @see org.acegisecurity.ui.rememberme.RememberMeServices#autoLogin(javax.servlet.http.HttpServletRequest,
+     * @see org.springframework.security.web.authentication.RememberMeServices#autoLogin(javax.servlet.http.HttpServletRequest,
      *      javax.servlet.http.HttpServletResponse)
      */
     @Override
@@ -126,7 +126,7 @@ public Authentication autoLogin(HttpServletRequest request,
                         // => create the user object and finalize the auto-login
                         // process
                         List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
-                        authorities.add(SecurityRealm.AUTHENTICATED_AUTHORITY);
+                        authorities.add(SecurityRealm.AUTHENTICATED_AUTHORITY2);
                         authorities.addAll(this.configuration.getAuthoritiesForUser(user.getName()));
                         result = new CrowdAuthenticationToken(user.getName(), null, authorities, ssoToken);
                     }
@@ -147,7 +147,7 @@ public Authentication autoLogin(HttpServletRequest request,
     /**
      * {@inheritDoc}
      *
-     * @see org.acegisecurity.ui.rememberme.RememberMeServices#loginFail(javax.servlet.http.HttpServletRequest,
+     * @see org.springframework.security.web.authentication.RememberMeServices#loginFail(javax.servlet.http.HttpServletRequest,
      *      javax.servlet.http.HttpServletResponse)
      */
     @Override
@@ -170,9 +170,9 @@ public void loginFail(HttpServletRequest request,
     /**
      * {@inheritDoc}
      *
-     * @see org.acegisecurity.ui.rememberme.RememberMeServices#loginSuccess(javax.servlet.http.HttpServletRequest,
+     * @see org.springframework.security.web.authentication.RememberMeServices#loginSuccess(javax.servlet.http.HttpServletRequest,
      *      javax.servlet.http.HttpServletResponse,
-     *      org.acegisecurity.Authentication)
+     *      org.springframework.security.core.Authentication)
      */
     @Override
     public void loginSuccess(HttpServletRequest request,