Skip to content

Commit 283d8f4

Browse files
petrukipetruki
committed
Bump Springboot@4, switcher-client@2.5.2
1 parent d707b8e commit 283d8f4

5 files changed

Lines changed: 23 additions & 28 deletions

File tree

pom.xml

Lines changed: 5 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
<parent>
2323
<groupId>org.springframework.boot</groupId>
2424
<artifactId>spring-boot-starter-parent</artifactId>
25-
<version>3.5.7</version>
25+
<version>4.0.0</version>
2626
<relativePath/>
2727
</parent>
2828

@@ -34,8 +34,8 @@
3434
<maven.compiler.target>${java.version}</maven.compiler.target>
3535

3636
<jsonwebtoken.version>0.13.0</jsonwebtoken.version>
37-
<springdoc-openapi-starter-webmvc-ui.version>2.8.14</springdoc-openapi-starter-webmvc-ui.version>
38-
<switcher-client.version>2.5.1</switcher-client.version>
37+
<springdoc-openapi-starter-webmvc-ui.version>3.0.0</springdoc-openapi-starter-webmvc-ui.version>
38+
<switcher-client.version>2.5.2</switcher-client.version>
3939

4040
<maven-compiler-plugin.version>3.14.1</maven-compiler-plugin.version>
4141
</properties>
@@ -70,8 +70,8 @@
7070
</dependency>
7171

7272
<dependency>
73-
<groupId>org.springframework.kafka</groupId>
74-
<artifactId>spring-kafka</artifactId>
73+
<groupId>org.springframework.boot</groupId>
74+
<artifactId>spring-boot-starter-kafka</artifactId>
7575
</dependency>
7676

7777
<dependency>
@@ -127,17 +127,6 @@
127127
</dependency>
128128
</dependencies>
129129

130-
<dependencyManagement>
131-
<dependencies>
132-
<!-- Patches Uncontrolled Recursion [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-10734078]-->
133-
<dependency>
134-
<groupId>org.apache.commons</groupId>
135-
<artifactId>commons-lang3</artifactId>
136-
<version>3.18.0</version>
137-
</dependency>
138-
</dependencies>
139-
</dependencyManagement>
140-
141130
<build>
142131
<plugins>
143132
<plugin>

src/main/java/com/trackerforce/queue/config/SecurityConfig.java

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
import org.springframework.context.annotation.Bean;
55
import org.springframework.context.annotation.Configuration;
66
import org.springframework.security.authorization.AuthorizationDecision;
7+
import org.springframework.security.authorization.AuthorizationResult;
78
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
89
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
910
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -28,16 +29,21 @@ public class SecurityConfig {
2829
protected String[] allowedEndpoint;
2930

3031
@Bean
31-
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
32+
public SecurityFilterChain filterChain(HttpSecurity http) {
3233
return http.authorizeHttpRequests(auth -> auth.requestMatchers(allowedEndpoint).permitAll()
3334
.anyRequest().access(this::authorize))
3435
.sessionManagement(auth -> auth.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
3536
.csrf(AbstractHttpConfigurer::disable).build();
3637
}
3738

38-
private AuthorizationDecision authorize(Supplier<Authentication> authentication, RequestAuthorizationContext object) {
39-
final var remoteAddress = object.getRequest().getRemoteAddr();
40-
var decision = new AuthorizationDecision(authentication.get().isAuthenticated());
39+
protected AuthorizationResult authorize(Supplier<? extends Authentication> supplier, RequestAuthorizationContext requestAuthorizationContext) {
40+
final var authentication = supplier.get();
41+
42+
if (authentication == null || !authentication.isAuthenticated()) {
43+
return new AuthorizationDecision(false);
44+
}
45+
46+
final var remoteAddress = requestAuthorizationContext.getRequest().getRemoteAddr();
4147

4248
boolean isAllowed = false;
4349
for (String address : allowedAddresses) {
@@ -49,10 +55,10 @@ private AuthorizationDecision authorize(Supplier<Authentication> authentication,
4955
}
5056

5157
if (!isAllowed) {
52-
decision = new AuthorizationDecision(false);
58+
return new AuthorizationDecision(false);
5359
}
5460

55-
return decision;
61+
return new AuthorizationDecision(true);
5662
}
5763

5864
}

src/main/resources/application-dev.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ service:
88
127.0.0.1,
99
10.0.0.2
1010
allowed-endpoints: >
11-
/v3/api-docs,
12-
/*/swagger*/**,
11+
/v3/api-docs.*,
12+
/swagger.*,
1313
/queue/session/v1
1414
management:
1515
url: http://127.0.0.1:8090

src/main/resources/application-prod.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,8 @@ service:
77
127.0.0.1,
88
10.0.0.2
99
allowed-endpoints: >
10-
/v3/api-docs,
11-
/*/swagger*/**,
10+
/v3/api-docs.*,
11+
/swagger.*,
1212
/queue/session/v1
1313
management:
1414
url: http://127.0.0.1:8090

src/test/resources/application-test.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ service:
88
127.0.0.1,
99
10.0.0.2
1010
allowed-endpoints: >
11-
/v3/api-docs,
12-
/**/swagger*/**,
11+
/v3/api-docs.*,
12+
/swagger.*,
1313
/queue/session/v1
1414
management:
1515
url: http://127.0.0.1:8090

0 commit comments

Comments
 (0)