Merge pull request #664 from LukasLohoff/spring-boot-update

feat: update spring-boot to 3.x

pom.xml

@@ -22,7 +22,7 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>2.7.4</version>
+    <version>3.1.3</version>
   </parent>
 
   <groupId>de.terrestris</groupId>
@@ -102,24 +102,31 @@
     <jacoco-plugin.version>0.8.10</jacoco-plugin.version>
     <maven-project-info-reports-plugin.version>3.4.5</maven-project-info-reports-plugin.version>
     <jib-maven-plugin.version>3.3.2</jib-maven-plugin.version>
+    <git-commit-id-maven-plugin.version>6.0.0</git-commit-id-maven-plugin.version>
 
     <!-- Spring -->
-    <spring-boot.version>2.7.6</spring-boot.version>
-    <spring-data.version>2.7.6</spring-data.version>
+    <spring-boot.version>3.1.3</spring-boot.version>
+    <spring-data.version>3.1.3</spring-data.version>
 
+    <!-- Mail -->
+    <jakarta-mail.version>2.0.1</jakarta-mail.version>
+
+    <!-- Hibernate, Jackson, JAXB etc. -->
     <jackson-bom.version>2.13.2.20220328</jackson-bom.version>
+    <jackson-module-jakarta-xmlbind-annotations.version>2.13.2</jackson-module-jakarta-xmlbind-annotations.version>
+    <jaxb.version>2.3.1</jaxb.version>
 
     <!-- Security -->
-    <keycloak.version>19.0.3</keycloak.version>
+    <keycloak.version>22.0.1</keycloak.version>
 
     <!-- Database -->
-    <hibernate-extra-types.version>2.21.0</hibernate-extra-types.version>
+    <hypersistence-utils.version>3.5.2</hypersistence-utils.version>
 
     <!-- GraphQL -->
     <graphql-java-extended-scalars.version>21.0</graphql-java-extended-scalars.version>
 
     <!-- Swagger/REST -->
-    <springdoc-openapi.version>1.7.0</springdoc-openapi.version>
+    <springdoc-openapi.version>2.2.0</springdoc-openapi.version>
 
     <!-- JSON/Dataformats -->
     <jackson-datatype-jts.version>1.0-2.7</jackson-datatype-jts.version>
@@ -365,11 +372,16 @@
         <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
         <version>${spring-boot.version}</version>
       </dependency>
+      <dependency>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-validation</artifactId>
+        <version>${spring-boot.version}</version>
+      </dependency>
 
       <!-- Swagger -->
       <dependency>
         <groupId>org.springdoc</groupId>
-        <artifactId>springdoc-openapi-ui</artifactId>
+        <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
         <version>${springdoc-openapi.version}</version>
       </dependency>
 
@@ -412,9 +424,51 @@
 
       <!-- Hibernate -->
       <dependency>
-        <groupId>com.vladmihalcea</groupId>
-        <artifactId>hibernate-types-52</artifactId>
-        <version>${hibernate-extra-types.version}</version>
+        <groupId>io.hypersistence</groupId>
+        <artifactId>hypersistence-utils-hibernate-62</artifactId>
+        <version>${hypersistence-utils.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.hibernate.orm</groupId>
+        <artifactId>hibernate-core</artifactId>
+        <version>${hibernate.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.hibernate.orm</groupId>
+        <artifactId>hibernate-spatial</artifactId>
+        <version>${hibernate.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.hibernate.orm</groupId>
+        <artifactId>hibernate-jcache</artifactId>
+        <version>${hibernate.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.ehcache</groupId>
+        <artifactId>ehcache</artifactId>
+        <version>3.10.1</version>
+      </dependency>
+
+      <dependency>
+        <groupId>javax.xml.bind</groupId>
+        <artifactId>jaxb-api</artifactId>
+        <version>${jaxb.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>com.sun.xml.bind</groupId>
+        <artifactId>jaxb-impl</artifactId>
+        <version>${jaxb.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.glassfish.jaxb</groupId>
+        <artifactId>jaxb-runtime</artifactId>
+        <version>${jaxb.version}</version>
       </dependency>
 
       <!-- GraphQL -->
@@ -461,6 +515,11 @@
       </dependency>
 
       <!-- Jackson -->
+      <dependency>
+        <groupId>com.fasterxml.jackson.module</groupId>
+        <artifactId>jackson-module-jakarta-xmlbind-annotations</artifactId>
+        <version>${jackson-module-jakarta-xmlbind-annotations.version}</version>
+      </dependency>
       <dependency>
         <groupId>com.fasterxml.jackson.core</groupId>
         <artifactId>jackson-databind</artifactId>
@@ -504,8 +563,8 @@
 
       <dependency>
         <groupId>com.sun.mail</groupId>
-        <artifactId>javax.mail</artifactId>
-        <version>${javax-mail.version}</version>
+        <artifactId>jakarta.mail</artifactId>
+        <version>${jakarta-mail.version}</version>
       </dependency>
 
       <dependency>

shogun-boot/pom.xml

@@ -68,6 +68,10 @@
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-validation</artifactId>
+    </dependency>
 
     <!-- Spring -->
     <dependency>
@@ -97,8 +101,8 @@
 
     <!-- Hibernate -->
     <dependency>
-      <groupId>com.vladmihalcea</groupId>
-      <artifactId>hibernate-types-52</artifactId>
+      <groupId>io.hypersistence</groupId>
+      <artifactId>hypersistence-utils-hibernate-62</artifactId>
     </dependency>
 
     <!-- Lombok -->
@@ -110,7 +114,7 @@
     <!-- Swagger -->
     <dependency>
       <groupId>org.springdoc</groupId>
-      <artifactId>springdoc-openapi-ui</artifactId>
+      <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
     </dependency>
 
     <!-- GeoServer Manager-->
@@ -156,7 +160,6 @@
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-maven-plugin</artifactId>
         <configuration>
-          <fork>true</fork>
           <skip>false</skip>
         </configuration>
       </plugin>
@@ -178,7 +181,7 @@
       <plugin>
         <groupId>io.github.git-commit-id</groupId>
         <artifactId>git-commit-id-maven-plugin</artifactId>
-        <version>5.0.0</version>
+        <version>${git-commit-id-maven-plugin.version}</version>
         <executions>
           <execution>
             <id>get-the-git-infos</id>

shogun-boot/src/test/java/de/terrestris/shogun/boot/config/JdbcConfiguration.java

@@ -18,10 +18,10 @@
 
 import com.zaxxer.hikari.HikariConfig;
 import com.zaxxer.hikari.HikariDataSource;
+import org.hibernate.boot.model.naming.CamelCaseToUnderscoresNamingStrategy;
 import org.junit.AfterClass;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.orm.jpa.hibernate.SpringImplicitNamingStrategy;
-import org.springframework.boot.orm.jpa.hibernate.SpringPhysicalNamingStrategy;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
@@ -95,8 +95,9 @@ public LocalContainerEntityManagerFactoryBean entityManagerFactory() {
         jpaProperties.put("hibernate.format_sql", env.getProperty("hibernate.format_sql"));
         jpaProperties.put("hibernate.default_schema", env.getProperty("hibernate.default_schema"));
         jpaProperties.put("hibernate.integration.envers.enabled", false);
+        jpaProperties.put("hibernate.id.db_structure_naming_strategy", "single");
         jpaProperties.put("hibernate.implicit_naming_strategy", SpringImplicitNamingStrategy.class.getName());
-        jpaProperties.put("hibernate.physical_naming_strategy", SpringPhysicalNamingStrategy.class.getName());
+        jpaProperties.put("hibernate.physical_naming_strategy", CamelCaseToUnderscoresNamingStrategy.class.getName());
 
         result.setJpaPropertyMap(jpaProperties);
 

shogun-boot/src/test/resources/jdbc.properties

@@ -15,7 +15,7 @@
 #  limitations under the License.
 shogun.model.packages=de.terrestris.shogun.lib.model
 
-hibernate.dialect=org.hibernate.spatial.dialect.postgis.PostgisPG95Dialect
+hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
 hibernate.hbm2ddl.auto=none
 hibernate.show_sql=false
 hibernate.format_sql=false

shogun-config/pom.xml

@@ -74,7 +74,7 @@
     <!-- Swagger -->
     <dependency>
       <groupId>org.springdoc</groupId>
-      <artifactId>springdoc-openapi-ui</artifactId>
+      <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
     </dependency>
 
     <!-- Lombok -->

shogun-config/src/main/java/de/terrestris/shogun/config/DefaultWebSecurityConfig.java

@@ -19,6 +19,7 @@
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 
 public interface DefaultWebSecurityConfig extends WebSecurityConfig {
 
@@ -27,8 +28,8 @@ default void customHttpConfiguration(HttpSecurity http) throws Exception {
             .sessionManagement(session -> session
                 .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
             )
-            .authorizeRequests()
-                .antMatchers(
+            .authorizeHttpRequests()
+                .requestMatchers(
                     "/",
                     "/auth/**",
                     "/info/**",
@@ -45,7 +46,7 @@ default void customHttpConfiguration(HttpSecurity http) throws Exception {
                     "/graphiql/**"
                 )
                     .permitAll()
-                .antMatchers(
+                .requestMatchers(
                     "/actuator/**",
                     "/cache/**",
                     "/webhooks/**",
@@ -57,11 +58,16 @@ default void customHttpConfiguration(HttpSecurity http) throws Exception {
             .and()
                 .csrf()
                     .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+                    .csrfTokenRequestHandler(new CsrfTokenRequestAttributeHandler())
                     .ignoringRequestMatchers(csrfRequestMatcher)
-                    .ignoringAntMatchers("/graphql")
-                    .ignoringAntMatchers("/actuator/**")
-                    .ignoringAntMatchers("/sso/**")
-                    .ignoringAntMatchers("/ws/**");
+                    .ignoringRequestMatchers("/graphql")
+                    .ignoringRequestMatchers("/actuator/**")
+                    .ignoringRequestMatchers("/sso/**")
+                    .ignoringRequestMatchers("/ws/**");
+    }
+
+    default void configure(HttpSecurity http) throws Exception {
+        customHttpConfiguration(http);
     }
 
 }

shogun-config/src/main/java/de/terrestris/shogun/config/KeycloakConfig.java

@@ -17,7 +17,8 @@
 package de.terrestris.shogun.config;
 
 import de.terrestris.shogun.properties.KeycloakProperties;
-import org.jboss.resteasy.client.jaxrs.ResteasyClient;
+import jakarta.ws.rs.client.Client;
+import jakarta.ws.rs.client.ClientBuilder;
 import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
 import org.keycloak.admin.client.Keycloak;
 import org.keycloak.admin.client.KeycloakBuilder;
@@ -39,7 +40,7 @@ public abstract class KeycloakConfig {
 
     @Bean
     public Keycloak keycloakAdminClient() {
-        ResteasyClient restClient = new ResteasyClientBuilder()
+        Client restClient = ((ResteasyClientBuilder) ClientBuilder.newBuilder())
             .hostnameVerification(ResteasyClientBuilder.HostnameVerificationPolicy.ANY)
             .build();
 

shogun-config/src/main/java/de/terrestris/shogun/config/KeycloakWebSecurityConfig.java

@@ -18,21 +18,21 @@
 
 import de.terrestris.shogun.converter.KeycloakJwtAuthenticationConverter;
 import de.terrestris.shogun.properties.KeycloakProperties;
+import jakarta.annotation.PostConstruct;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.access.expression.WebExpressionAuthorizationManager;
 
-import javax.annotation.PostConstruct;
 import javax.net.ssl.HttpsURLConnection;
 
 @ConditionalOnExpression("${keycloak.enabled:true}")
 @Configuration
 @EnableWebSecurity
-public class KeycloakWebSecurityConfig extends WebSecurityConfigurerAdapter implements DefaultWebSecurityConfig {
+public class KeycloakWebSecurityConfig implements DefaultWebSecurityConfig {
 
     @Autowired
     private KeycloakProperties keycloakProperties;
@@ -50,12 +50,13 @@ public void init() {
 
     @Override
     public void configure(HttpSecurity http) throws Exception {
-        // allows access to `/webhooks/keycloak` for request from internal keycloak container
         http
-            .authorizeRequests()
-                .antMatchers("/webhooks/keycloak/**")
-                    .access("authenticated or hasIpAddress('%s')"
-                        .formatted(keycloakProperties.getInternalServerUrl()));
+            .authorizeHttpRequests((auths) -> auths
+                .requestMatchers("/webhooks/keycloak/**")
+                .access(new WebExpressionAuthorizationManager(
+                    "authenticated or hasIpAddress('%s')".formatted(keycloakProperties.getInternalServerUrl())
+                ))
+            );
 
         customHttpConfiguration(http);
 
@@ -66,11 +67,12 @@ public void configure(HttpSecurity http) throws Exception {
 
         http
             .csrf()
-                .ignoringAntMatchers("/webhooks/**")
+                .ignoringRequestMatchers("/webhooks/**")
             .and()
                 .oauth2ResourceServer()
                     .jwt()
                     .jwtAuthenticationConverter(authConverter);
+
     }
 
 }

shogun-config/src/main/java/de/terrestris/shogun/config/SimpleWebSecurityConfig.java

@@ -20,15 +20,13 @@
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
 
 @ConditionalOnExpression("${keycloak.enabled:false}")
 @Configuration
 @EnableWebSecurity
-public abstract class SimpleWebSecurityConfig extends WebSecurityConfigurerAdapter implements DefaultWebSecurityConfig {
+public abstract class SimpleWebSecurityConfig implements DefaultWebSecurityConfig {
 
     @Autowired
     public void configureGlobal(AuthenticationManagerBuilder auth) {
@@ -40,11 +38,4 @@ public void configureGlobal(AuthenticationManagerBuilder auth) {
         // TODO make this extendable
     }
 
-    @Override
-    public void configure(HttpSecurity http) throws Exception {
-        super.configure(http);
-
-        customHttpConfiguration(http);
-    }
-
 }