diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index e1439fd..f415292 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -13,11 +13,11 @@ jobs:
steps:
- uses: actions/checkout@v4
- - name: Set up JDK 11
+ - name: Set up JDK 21
uses: actions/setup-java@v4
with:
distribution: 'temurin' # See 'Supported distributions' for available options
- java-version: '11'
+ java-version: '21'
- name: Build with Maven
run: mvn -B package --file pom.xml
- name: Codecov
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 23725d1..e225268 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -19,10 +19,10 @@ jobs:
- name: Check out code
uses: actions/checkout@v4
- - name: Set up JAVA 11
+ - name: Set up JAVA 21
uses: actions/setup-java@v4
with:
- java-version: 11
+ java-version: 21
distribution: "temurin"
- name: Determine the version
@@ -41,10 +41,10 @@ jobs:
exit 1
if: github.event_name != 'workflow_dispatch' && steps.versioncheck.outputs.version != github.ref_name
- - name: Set up JDK 11 for snapshots
+ - name: Set up JDK 21 for snapshots
uses: actions/setup-java@v4
with:
- java-version: "11"
+ java-version: "21"
distribution: "temurin"
cache: "maven"
server-id: openconext-snapshots
@@ -52,10 +52,10 @@ jobs:
server-password: MAVEN_PASSWORD
if: ( endsWith(steps.versioncheck.outputs.version, '-SNAPSHOT'))
- - name: Set up JDK 11 for releases
+ - name: Set up JDK 21 for releases
uses: actions/setup-java@v4
with:
- java-version: "11"
+ java-version: "21"
distribution: "temurin"
cache: "maven"
server-id: openconext-releases
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 3954ed2..fd7900b 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM eclipse-temurin:11-jdk-alpine
+FROM eclipse-temurin:21-jdk-alpine
RUN apk --update upgrade && apk add openssl openssl-dev ca-certificates libgcc && update-ca-certificates
COPY target/*.jar app.jar
ENTRYPOINT ["java","-jar","/app.jar"]
diff --git a/pom.xml b/pom.xml
index a55fe14..aade36f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,19 +4,19 @@
org.springframework.boot
spring-boot-starter-parent
- 2.4.0
+ 2.7.18
org.surfnet
student-mobility-home-institution-mock
- 0.2.14-SNAPSHOT
+ 0.3.0-SNAPSHOT
home-institution-mock
home-institution-mock
- 11
- 11
- 11
+ 21
+ 21
+ 21
@@ -26,7 +26,7 @@
org.springframework.boot
spring-boot-starter-oauth2-resource-server
- 2.4.0
+ 2.7.18
org.springframework.boot
@@ -64,7 +64,7 @@
com.github.spullara.mustache.java
compiler
- 0.9.6
+ 0.9.14
org.projectlombok
@@ -75,19 +75,19 @@
io.rest-assured
rest-assured
- 4.2.0
+ 5.5.0
test
io.rest-assured
json-path
- 4.2.0
+ 5.5.0
test
io.rest-assured
xml-path
- 4.2.0
+ 5.5.0
test
@@ -122,10 +122,41 @@
org.springframework.boot
spring-boot-maven-plugin
+
+ org.apache.maven.plugins
+ maven-compiler-plugin
+ 3.13.0
+
+ 21
+
+
+
+ org.apache.maven.plugins
+ maven-enforcer-plugin
+ 3.5.0
+
+
+ enforce-versions
+
+ enforce
+
+
+
+
+ 3.8.4
+
+
+ 21
+
+
+
+
+
+
pl.project13.maven
git-commit-id-plugin
- 4.0.2
+ 4.9.10
true
@@ -133,7 +164,7 @@
org.jacoco
jacoco-maven-plugin
- 0.8.5
+ 0.8.12
**/*MockMailBox.*
@@ -159,7 +190,7 @@
org.apache.maven.wagon
wagon-webdav-jackrabbit
- 3.3.4
+ 3.5.3
diff --git a/src/main/java/home/SecurityConfiguration.java b/src/main/java/home/SecurityConfiguration.java
index fa33476..b9925fa 100644
--- a/src/main/java/home/SecurityConfiguration.java
+++ b/src/main/java/home/SecurityConfiguration.java
@@ -27,7 +27,8 @@ public static class OAuth2SecurityConfigurationAdapter extends WebSecurityConfig
protected void configure(HttpSecurity http) throws Exception {
DefaultBearerTokenResolver tokenResolver = new DefaultBearerTokenResolver();
tokenResolver.setAllowFormEncodedBodyParameter(true);
- http.requestMatchers().antMatchers("/persons/**", "/associations/**", "/oauth2/offerings/**")
+ http.requestMatchers()
+ .antMatchers("/persons/**", "/associations/**", "/oauth2/offerings/**")
.and()
.authorizeRequests(authz -> authz
.antMatchers(HttpMethod.GET)
@@ -35,6 +36,7 @@ protected void configure(HttpSecurity http) throws Exception {
.anyRequest().authenticated())
.sessionManagement(sessionManagement ->
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+ .csrf().disable()
.oauth2ResourceServer().bearerTokenResolver(tokenResolver).opaqueToken();
}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 8f489ac..ff5193e 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -3,6 +3,7 @@ logging:
root: warn
home: debug
org.springframework: info
+ org.springframework.security: trace
delay:
enabled: true
diff --git a/src/test/java/home/api/PersonEndpointTest.java b/src/test/java/home/api/PersonEndpointTest.java
index ee8619d..603bc93 100644
--- a/src/test/java/home/api/PersonEndpointTest.java
+++ b/src/test/java/home/api/PersonEndpointTest.java
@@ -1,7 +1,10 @@
package home.api;
import home.AbstractIntegrationTest;
+import io.restassured.config.EncoderConfig;
+import io.restassured.config.RestAssuredConfig;
import org.junit.jupiter.api.Test;
+import org.springframework.http.MediaType;
import java.io.IOException;
@@ -31,8 +34,13 @@ void persons() throws Exception {
void personsPost() throws Exception {
String accessToken = opaqueAccessToken(true);
given()
+ .config(RestAssuredConfig.config()
+ .encoderConfig(EncoderConfig.encoderConfig()
+ ///Bugfix for the DefaultBearerTokenResolver being strict in content type checking
+ .appendDefaultContentCharsetToContentTypeIfUndefined(false)))
.when()
.formParam("access_token", accessToken)
+ .contentType(MediaType.APPLICATION_FORM_URLENCODED_VALUE)
.post("/persons/me")
.then()
.statusCode(SC_OK)
diff --git a/src/test/resources/logback-test.xml b/src/test/resources/logback-test.xml
index b27eb62..dbe5d64 100644
--- a/src/test/resources/logback-test.xml
+++ b/src/test/resources/logback-test.xml
@@ -9,5 +9,6 @@
+
\ No newline at end of file