Chore: Update CWA-Parent to 2.0.2 (#143)

* Update CWA-Parent to 2.0.1 * Update to Spring 3: - SecurityConfig adjusted - jakarta imports added - checkstyle fixes - deprecated fixes * Update to java 17 * Update ci-dependency-check.yml * Update ci-master.yml * Update ci-pull-request.yml * Delete ci-dependency-check.yml * Update CWA-Parent to 2.0.2 --------- Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Morphyum <zion@c-schwabe.de>
corona-warn-app · Mar 16, 2023 · d2068cc · d2068cc
1 parent 43e5bb5
commit d2068cc
Show file tree

Hide file tree

Showing 19 changed files with 101 additions and 116 deletions.
diff --git a/.github/workflows/ci-dependency-check.yml b/.github/workflows/ci-dependency-check.yml
diff --git a/.github/workflows/ci-master.yml b/.github/workflows/ci-master.yml
@@ -21,7 +21,7 @@ jobs:
         restore-keys: ${{ env.cache-name }}-
     - uses: actions/setup-java@v1
       with:
-        java-version: 11
+        java-version: 17
     - name: environment
       run: |
         sudo apt-get install --yes --no-install-recommends libxml-xpath-perl

diff --git a/.github/workflows/ci-pull-request.yml b/.github/workflows/ci-pull-request.yml
@@ -21,7 +21,7 @@ jobs:
         restore-keys: ${{ env.cache-name }}-
     - uses: actions/setup-java@v1
       with:
-        java-version: 11
+        java-version: 17
     - name: mvn package
       run: mvn --batch-mode package
       env:

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM gcr.io/distroless/java-debian10:11
+FROM gcr.io/distroless/java17-debian11
 COPY target/*.jar app.jar
 COPY scripts/Dpkg.java Dpkg.java
 RUN ["java", "Dpkg.java"]

diff --git a/pom.xml b/pom.xml
@@ -9,7 +9,7 @@
   <parent>
     <groupId>app.coronawarn</groupId>
     <artifactId>cwa-parent</artifactId>
-    <version>1.8</version>
+    <version>2.0.2</version>
     <relativePath/>
   </parent>
 

diff --git a/src/main/java/app/coronawarn/testresult/TestResultCleanup.java b/src/main/java/app/coronawarn/testresult/TestResultCleanup.java
@@ -23,9 +23,9 @@
 
 import app.coronawarn.testresult.config.TestResultConfig;
 import app.coronawarn.testresult.entity.TestResultEntity;
+import jakarta.transaction.Transactional;
 import java.time.LocalDateTime;
 import java.time.Period;
-import javax.transaction.Transactional;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import net.javacrumbs.shedlock.spring.annotation.SchedulerLock;

diff --git a/src/main/java/app/coronawarn/testresult/TestResultController.java b/src/main/java/app/coronawarn/testresult/TestResultController.java
@@ -34,8 +34,8 @@
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.parameters.RequestBody;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
-import javax.validation.Valid;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotNull;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;

diff --git a/src/main/java/app/coronawarn/testresult/config/LocalSecurityConfig.java b/src/main/java/app/coronawarn/testresult/config/LocalSecurityConfig.java
@@ -22,19 +22,25 @@
 package app.coronawarn.testresult.config;
 
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @ConditionalOnProperty(name = "server.ssl.client-auth", havingValue = "none", matchIfMissing = true)
-public class LocalSecurityConfig extends WebSecurityConfigurerAdapter {
+public class LocalSecurityConfig {
 
-  @Override
-  protected void configure(HttpSecurity http) throws Exception {
+  /**
+   * SecurityFilterChain.
+   *
+   */
+  @Bean
+  public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
     http
-      .authorizeRequests()
+      .authorizeHttpRequests()
       .anyRequest().permitAll()
       .and().csrf().disable();
+    return http.build();
   }
 }
diff --git a/src/main/java/app/coronawarn/testresult/config/MtlsSecurityConfig.java b/src/main/java/app/coronawarn/testresult/config/MtlsSecurityConfig.java
@@ -35,9 +35,9 @@
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor;
 import org.springframework.security.web.firewall.HttpFirewall;
 import org.springframework.security.web.firewall.StrictHttpFirewall;
@@ -47,7 +47,7 @@
 @Slf4j
 @RequiredArgsConstructor
 @ConditionalOnProperty(name = "server.ssl.client-auth", havingValue = "need")
-public class MtlsSecurityConfig extends WebSecurityConfigurerAdapter {
+public class MtlsSecurityConfig {
 
   private final TestResultConfig testResultConfig;
 
@@ -61,23 +61,30 @@ protected HttpFirewall strictFirewall() {
     return firewall;
   }
 
-  @Override
-  protected void configure(HttpSecurity http) throws Exception {
+  /**
+   * SecurityFilterChain.
+   */
+  @Bean
+  public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
     http
-      .authorizeRequests()
-      .mvcMatchers("/api/**").authenticated().and()
+      .authorizeHttpRequests()
+      .requestMatchers("/api/**").authenticated().and()
       .x509().x509PrincipalExtractor(new ThumbprintX509PrincipalExtractor()).userDetailsService(userDetailsService())
-      .and().authorizeRequests()
-      .mvcMatchers("/actuator/**").permitAll()
+      .and().authorizeHttpRequests()
+      .requestMatchers("/actuator/**").permitAll()
       .anyRequest().denyAll()
       .and().csrf().disable();
+    return http.build();
   }
 
-  @Override
+  /**
+   * UserDetailsService.
+   */
+  @Bean
   public UserDetailsService userDetailsService() {
     return hash -> {
       boolean allowed = Stream.of(testResultConfig.getAllowedClientCertificates()
-        .split(","))
+          .split(","))
         .map(String::trim)
         .anyMatch(entry -> entry.equalsIgnoreCase(hash));
 
@@ -97,7 +104,7 @@ public Object extractPrincipal(X509Certificate x509Certificate) {
 
       try {
         String hash = DigestUtils.sha256Hex(x509Certificate.getEncoded());
-        log.debug("Accessed by Subject {} Hash {}",x509Certificate.getSubjectDN().getName(), hash);
+        log.debug("Accessed by Subject {} Hash {}", x509Certificate.getSubjectX500Principal().getName(), hash);
         return hash;
       } catch (CertificateEncodingException e) {
         log.error("Failed to extract bytes from certificate");

diff --git a/src/main/java/app/coronawarn/testresult/entity/TestResultEntity.java b/src/main/java/app/coronawarn/testresult/entity/TestResultEntity.java
@@ -21,26 +21,28 @@
 
 package app.coronawarn.testresult.entity;
 
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.EntityListeners;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
+import jakarta.persistence.Version;
 import java.time.LocalDateTime;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.EntityListeners;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Table;
-import javax.persistence.Version;
 import lombok.AllArgsConstructor;
-import lombok.Data;
+import lombok.Getter;
 import lombok.NoArgsConstructor;
+import lombok.Setter;
 import org.springframework.data.annotation.CreatedDate;
 import org.springframework.data.annotation.LastModifiedDate;
 import org.springframework.data.jpa.domain.support.AuditingEntityListener;
 
 /**
  * This class represents the test result entity.
  */
-@Data
+@Getter
+@Setter
 @NoArgsConstructor
 @AllArgsConstructor
 @Entity

diff --git a/src/main/java/app/coronawarn/testresult/exception/TestResultExceptionHandler.java b/src/main/java/app/coronawarn/testresult/exception/TestResultExceptionHandler.java
@@ -21,7 +21,7 @@
 
 package app.coronawarn.testresult.exception;
 
-import javax.validation.ConstraintViolationException;
+import jakarta.validation.ConstraintViolationException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.MethodArgumentNotValidException;

diff --git a/src/main/java/app/coronawarn/testresult/model/PocNatResult.java b/src/main/java/app/coronawarn/testresult/model/PocNatResult.java
@@ -21,12 +21,14 @@
 
 package app.coronawarn.testresult.model;
 
+import static io.swagger.v3.oas.annotations.media.Schema.RequiredMode.REQUIRED;
+
 import io.swagger.v3.oas.annotations.media.Schema;
-import javax.validation.constraints.Max;
-import javax.validation.constraints.Min;
-import javax.validation.constraints.NotBlank;
-import javax.validation.constraints.NotNull;
-import javax.validation.constraints.Pattern;
+import jakarta.validation.constraints.Max;
+import jakarta.validation.constraints.Min;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Pattern;
 import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
@@ -65,7 +67,7 @@ public class PocNatResult {
   @Min(10)
   @Max(14)
   @NotNull
-  @Schema(description = "the result of the PoC-NAT", required = true)
+  @Schema(description = "the result of the PoC-NAT", requiredMode = REQUIRED)
   private Integer result;
 
   /**

diff --git a/src/main/java/app/coronawarn/testresult/model/PocNatResultList.java b/src/main/java/app/coronawarn/testresult/model/PocNatResultList.java
@@ -21,12 +21,14 @@
 
 package app.coronawarn.testresult.model;
 
+import static io.swagger.v3.oas.annotations.media.Schema.RequiredMode.REQUIRED;
+
 import com.fasterxml.jackson.annotation.JsonInclude;
 import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
 import java.util.List;
-import javax.validation.Valid;
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
 import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
@@ -53,15 +55,15 @@ public class PocNatResultList {
    */
   @NotNull
   @NotEmpty
-  @Schema(description = "array of PoC-NAT results", required = true)
+  @Schema(description = "array of PoC-NAT results", requiredMode = REQUIRED)
   private List<@Valid PocNatResult> testResults;
 
   /**
    * The labId of the uploader.
    */
   @Schema(description = "The id that identifies a lab. Every lab can choose its own labid, "
     + "but it must be unique over all labs, should be generated once via cryptographic hash function",
-    required = true, maxLength = 64)
+    requiredMode = REQUIRED, maxLength = 64)
   @JsonInclude(JsonInclude.Include.NON_NULL)
   private String labId;
 }
diff --git a/src/main/java/app/coronawarn/testresult/model/QuickTestResult.java b/src/main/java/app/coronawarn/testresult/model/QuickTestResult.java
@@ -21,12 +21,14 @@
 
 package app.coronawarn.testresult.model;
 
+import static io.swagger.v3.oas.annotations.media.Schema.RequiredMode.REQUIRED;
+
 import io.swagger.v3.oas.annotations.media.Schema;
-import javax.validation.constraints.Max;
-import javax.validation.constraints.Min;
-import javax.validation.constraints.NotBlank;
-import javax.validation.constraints.NotNull;
-import javax.validation.constraints.Pattern;
+import jakarta.validation.constraints.Max;
+import jakarta.validation.constraints.Min;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Pattern;
 import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
@@ -65,7 +67,7 @@ public class QuickTestResult {
   @Min(5)
   @Max(9)
   @NotNull
-  @Schema(description = "the result of the rapid antigen test", required = true)
+  @Schema(description = "the result of the rapid antigen test", requiredMode = REQUIRED)
   private Integer result;
 
   /**

diff --git a/src/main/java/app/coronawarn/testresult/model/QuickTestResultList.java b/src/main/java/app/coronawarn/testresult/model/QuickTestResultList.java
@@ -21,12 +21,14 @@
 
 package app.coronawarn.testresult.model;
 
+import static io.swagger.v3.oas.annotations.media.Schema.RequiredMode.REQUIRED;
+
 import com.fasterxml.jackson.annotation.JsonInclude;
 import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
 import java.util.List;
-import javax.validation.Valid;
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
 import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
@@ -51,15 +53,15 @@ public class QuickTestResultList {
    */
   @NotNull
   @NotEmpty
-  @Schema(description = "array of rapid antingen test results", required = true)
+  @Schema(description = "array of rapid antingen test results", requiredMode = REQUIRED)
   private List<@Valid QuickTestResult> testResults;
 
   /**
    * The labId of the uploader.
    */
   @Schema(description = "The id that identifies a lab. Every lab can choose its own labid, "
     + "but it must be unique over all labs, should be generated once via cryptographic hash function",
-    required = true, maxLength = 64)
+    requiredMode = REQUIRED, maxLength = 64)
   @JsonInclude(JsonInclude.Include.NON_NULL)
   private String labId;
 }