From b9d8ebf45766dd8f79bff4d964f0d6012fd57fc6 Mon Sep 17 00:00:00 2001 From: Glen Johnson Date: Wed, 7 Jun 2023 13:55:26 -0600 Subject: [PATCH 1/3] Disable dependency reduced pom --- CHANGELOG.md | 4 ++++ pom.xml | 1 + 2 files changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4509371..dc02e1c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +### Fixed +- Fix dependency information stripped from non-shaded jar + [cyberark/conjur-api-java#119](https://github.com/cyberark/conjur-api-java/issues/119) + ### Security - Update nginx to 1.24 in Dockerfile.nginx [cyberark/conjur-api-java#118](https://github.com/cyberark/conjur-api-java/issues/118) diff --git a/pom.xml b/pom.xml index b9b1436..e652512 100644 --- a/pom.xml +++ b/pom.xml @@ -254,6 +254,7 @@ shade + false with-dependencies true From eb7467669beff035d6d36ec46ac328007ec347d8 Mon Sep 17 00:00:00 2001 From: Glen Johnson Date: Wed, 7 Jun 2023 14:04:36 -0600 Subject: [PATCH 2/3] Bump version to 3.0.5 --- CHANGELOG.md | 5 ++++- README.md | 2 +- pom.xml | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index dc02e1c..62aaf11 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +## [3.0.5] - 2023-06-07 + ### Fixed - Fix dependency information stripped from non-shaded jar [cyberark/conjur-api-java#119](https://github.com/cyberark/conjur-api-java/issues/119) @@ -105,7 +107,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - Authn tokens now use the new Conjur 5 format - [PR #21](https://github.com/cyberark/conjur-api-java/pull/21) - Configuration change. When using environment variables, use `CONJUR_AUTHN_LOGIN` and `CONJUR_AUTHN_API_KEY` now instead of `CONJUR_CREDENTIALS` - https://github.com/cyberark/conjur-api-java/commit/60344308fc48cb5380c626e612b91e1e720c03fb -[Unreleased]: https://github.com/cyberark/conjur-api-java/compare/v3.0.4...HEAD +[Unreleased]: https://github.com/cyberark/conjur-api-java/compare/v3.0.5...HEAD +[3.0.5]: https://github.com/cyberark/conjur-api-java/compare/v3.0.4...v3.0.5 [3.0.4]: https://github.com/cyberark/conjur-api-java/compare/v3.0.3...v3.0.4 [3.0.3]: https://github.com/cyberark/conjur-api-java/compare/v3.0.2...v3.0.3 [3.0.2]: https://github.com/cyberark/conjur-api-java/compare/v3.0.1...v3.0.2 diff --git a/README.md b/README.md index e564be3..6f5a888 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,7 @@ To do so from the source using Maven, following the setup steps below: com.cyberark.conjur.api conjur-api - 3.0.4 + 3.0.5 ``` diff --git a/pom.xml b/pom.xml index e652512..8d9ecd6 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ conjur-api - 3.0.4-SNAPSHOT + 3.0.5-SNAPSHOT jar Conjur From 7458db01226d11923244102ddd633dc77067eaa0 Mon Sep 17 00:00:00 2001 From: Glen Johnson Date: Thu, 8 Jun 2023 11:10:05 -0600 Subject: [PATCH 3/3] Upgrade JAX-RS implementation --- CHANGELOG.md | 4 ++- README.md | 2 +- bin/build.sh | 2 +- bin/deploy-release.sh | 2 +- bin/deploy-snapshot.sh | 2 +- pom.xml | 35 ++++++++++++------- .../conjur/api/clients/AuthnClient.java | 19 +++++----- .../conjur/api/clients/ResourceClient.java | 27 ++++++++------ .../conjur/util/rs/HttpBasicAuthFilter.java | 6 ++-- .../conjur/util/rs/JsonBodyReader.java | 10 +++--- .../conjur/util/rs/TokenAuthFilter.java | 4 +-- .../com/cyberark/conjur/api/ConjurTest.java | 5 ++- 12 files changed, 70 insertions(+), 48 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 62aaf11..488ccf3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] -## [3.0.5] - 2023-06-07 +## [3.0.5] - 2023-06-08 ### Fixed - Fix dependency information stripped from non-shaded jar @@ -17,6 +17,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. [cyberark/conjur-api-java#118](https://github.com/cyberark/conjur-api-java/issues/118) ### Changed +- Migrate JAX-RS to latest Jakarta version + [cyberark/conjur-api-java#119](https://github.com/cyberark/conjur-api-java/issues/119) - Avoid calling `login` for host [cyberark/conjur-api-java#117](https://github.com/cyberark/conjur-api-java/pull/117) diff --git a/README.md b/README.md index 6f5a888..56fc580 100644 --- a/README.md +++ b/README.md @@ -637,7 +637,7 @@ to work around this: If you don't properly install the Conjur certificate into the Java keystore, you may encounter the folowing errors: - `org.apache.cxf.interceptor.Fault: Could not send Message.` -- `javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException` +- `jakarta.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException` - `javax.net.ssl.SSLHandshakeException: SSLHandshakeException` - `javax.net.ssl.SSLHandshakeException: PKIX path building failed` - `sun.security.validator.ValidatorException: PKIX path building failed` diff --git a/bin/build.sh b/bin/build.sh index ac9093d..468804f 100755 --- a/bin/build.sh +++ b/bin/build.sh @@ -3,5 +3,5 @@ set -eo pipefail docker run --rm \ -v "$PWD:/cyberark/conjur-java-api" \ - -w /cyberark/conjur-java-api maven:3-jdk-8 \ + -w /cyberark/conjur-java-api maven:3-jdk-11 \ /bin/bash -ec "mvn -X -e clean package -Dmaven.test.skip=true" diff --git a/bin/deploy-release.sh b/bin/deploy-release.sh index fe0c8f4..29f2159 100755 --- a/bin/deploy-release.sh +++ b/bin/deploy-release.sh @@ -18,7 +18,7 @@ docker run --rm \ -v "$PWD:/cyberark/conjur-java-api" \ -v "$GPG_PASSWORD:/gpg_password" \ -v "$GPG_PRIVATE_KEY:/gpg_key" \ - -w /cyberark/conjur-java-api maven:3-jdk-8 \ + -w /cyberark/conjur-java-api maven:3-jdk-11 \ /bin/bash -ec "gpg --batch --passphrase-file /gpg_password --trust-model always --import /gpg_key mvn versions:set -DnewVersion=${TAG} mvn --settings settings.xml clean deploy -Dmaven.test.skip=true -P ossrh,sign diff --git a/bin/deploy-snapshot.sh b/bin/deploy-snapshot.sh index 083cfb5..7db5a66 100755 --- a/bin/deploy-snapshot.sh +++ b/bin/deploy-snapshot.sh @@ -13,6 +13,6 @@ docker run --rm \ -v "$PWD:/cyberark/conjur-java-api" \ -v "$GPG_PASSWORD:/gpg_password" \ -v "$GPG_PRIVATE_KEY:/gpg_key" \ - -w /cyberark/conjur-java-api maven:3-jdk-8 \ + -w /cyberark/conjur-java-api maven:3-jdk-11 \ /bin/bash -ec "gpg --batch --passphrase-file /gpg_password --trust-model always --import /gpg_key mvn --settings settings.xml clean deploy -Dmaven.test.skip=true -P ossrh,sign" diff --git a/pom.xml b/pom.xml index 8d9ecd6..1416bd4 100644 --- a/pom.xml +++ b/pom.xml @@ -144,23 +144,34 @@ UTF-8 - 2.0 - + + + + jakarta.ws.rs + jakarta.ws.rs-api + 3.1.0 + + + jakarta.activation + jakarta.activation-api + 2.1.2 + + + org.glassfish.jersey.core + jersey-client + 3.1.2 + - javax.ws.rs - javax.ws.rs-api - ${jaxrs.version} + org.glassfish.jersey.inject + jersey-hk2 + 3.1.2 - org.apache.cxf - cxf-rt-rs-client - 3.5.5 + org.glassfish.jersey.media + jersey-media-json-binding + 3.1.2 diff --git a/src/main/java/com/cyberark/conjur/api/clients/AuthnClient.java b/src/main/java/com/cyberark/conjur/api/clients/AuthnClient.java index 09b3238..e43891f 100644 --- a/src/main/java/com/cyberark/conjur/api/clients/AuthnClient.java +++ b/src/main/java/com/cyberark/conjur/api/clients/AuthnClient.java @@ -3,12 +3,12 @@ import static com.cyberark.conjur.util.EncodeUriComponent.encodeUriComponent; import javax.net.ssl.SSLContext; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; -import javax.ws.rs.client.Entity; -import javax.ws.rs.client.WebTarget; -import javax.ws.rs.core.Response; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.client.Client; +import jakarta.ws.rs.client.ClientBuilder; +import jakarta.ws.rs.client.Entity; +import jakarta.ws.rs.client.WebTarget; +import jakarta.ws.rs.core.Response; import com.cyberark.conjur.api.AuthnProvider; import com.cyberark.conjur.api.Credentials; @@ -80,8 +80,11 @@ public String login(){ private void init(final String username, final String password, final SSLContext sslContext) { final ClientBuilder builder = ClientBuilder.newBuilder() - .register(new HttpBasicAuthFilter(username, password)) - .sslContext(sslContext); + .register(new HttpBasicAuthFilter(username, password)); + + if(sslContext != null) { + builder.sslContext(sslContext); + } Client client = builder.build(); WebTarget root = client.target(endpoints.getAuthnUri()); diff --git a/src/main/java/com/cyberark/conjur/api/clients/ResourceClient.java b/src/main/java/com/cyberark/conjur/api/clients/ResourceClient.java index 81b77ed..4539c97 100644 --- a/src/main/java/com/cyberark/conjur/api/clients/ResourceClient.java +++ b/src/main/java/com/cyberark/conjur/api/clients/ResourceClient.java @@ -1,12 +1,12 @@ package com.cyberark.conjur.api.clients; import javax.net.ssl.SSLContext; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; -import javax.ws.rs.client.Entity; -import javax.ws.rs.client.WebTarget; -import javax.ws.rs.core.Response; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.client.Client; +import jakarta.ws.rs.client.ClientBuilder; +import jakarta.ws.rs.client.Entity; +import jakarta.ws.rs.client.WebTarget; +import jakarta.ws.rs.core.Response; import com.cyberark.conjur.api.Credentials; import com.cyberark.conjur.api.Endpoints; @@ -79,8 +79,12 @@ private Endpoints getEndpoints() { private void init(Credentials credentials, SSLContext sslContext){ ClientBuilder builder = ClientBuilder.newBuilder() - .register(new TokenAuthFilter(new AuthnClient(credentials, endpoints, sslContext))) - .sslContext(sslContext); + .register(new TokenAuthFilter(new AuthnClient(credentials, endpoints, sslContext))); + + + if(sslContext != null) { + builder.sslContext(sslContext); + } Client client = builder.build(); @@ -89,8 +93,11 @@ private void init(Credentials credentials, SSLContext sslContext){ private void init(Token token, SSLContext sslContext){ ClientBuilder builder = ClientBuilder.newBuilder() - .register(new TokenAuthFilter(new AuthnTokenClient(token))) - .sslContext(sslContext); + .register(new TokenAuthFilter(new AuthnTokenClient(token))); + + if(sslContext != null) { + builder.sslContext(sslContext); + } Client client = builder.build(); diff --git a/src/main/java/com/cyberark/conjur/util/rs/HttpBasicAuthFilter.java b/src/main/java/com/cyberark/conjur/util/rs/HttpBasicAuthFilter.java index a030716..821f095 100644 --- a/src/main/java/com/cyberark/conjur/util/rs/HttpBasicAuthFilter.java +++ b/src/main/java/com/cyberark/conjur/util/rs/HttpBasicAuthFilter.java @@ -2,9 +2,9 @@ import org.apache.commons.codec.binary.Base64; -import javax.ws.rs.client.ClientRequestContext; -import javax.ws.rs.client.ClientRequestFilter; -import javax.ws.rs.core.MultivaluedMap; +import jakarta.ws.rs.client.ClientRequestContext; +import jakarta.ws.rs.client.ClientRequestFilter; +import jakarta.ws.rs.core.MultivaluedMap; import java.io.IOException; import java.nio.charset.Charset; diff --git a/src/main/java/com/cyberark/conjur/util/rs/JsonBodyReader.java b/src/main/java/com/cyberark/conjur/util/rs/JsonBodyReader.java index ea296f2..ddc8cac 100644 --- a/src/main/java/com/cyberark/conjur/util/rs/JsonBodyReader.java +++ b/src/main/java/com/cyberark/conjur/util/rs/JsonBodyReader.java @@ -2,11 +2,11 @@ package com.cyberark.conjur.util.rs; import com.google.gson.Gson; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.MultivaluedMap; -import javax.ws.rs.ext.MessageBodyReader; -import javax.ws.rs.ext.Provider; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.MultivaluedMap; +import jakarta.ws.rs.ext.MessageBodyReader; +import jakarta.ws.rs.ext.Provider; import java.io.*; import java.lang.annotation.Annotation; import java.lang.reflect.Type; diff --git a/src/main/java/com/cyberark/conjur/util/rs/TokenAuthFilter.java b/src/main/java/com/cyberark/conjur/util/rs/TokenAuthFilter.java index f0786ab..a34763f 100644 --- a/src/main/java/com/cyberark/conjur/util/rs/TokenAuthFilter.java +++ b/src/main/java/com/cyberark/conjur/util/rs/TokenAuthFilter.java @@ -4,8 +4,8 @@ import com.cyberark.conjur.api.Token; import com.cyberark.conjur.util.Args; -import javax.ws.rs.client.ClientRequestContext; -import javax.ws.rs.client.ClientRequestFilter; +import jakarta.ws.rs.client.ClientRequestContext; +import jakarta.ws.rs.client.ClientRequestFilter; import java.io.IOException; /** diff --git a/src/test/java/com/cyberark/conjur/api/ConjurTest.java b/src/test/java/com/cyberark/conjur/api/ConjurTest.java index d8ab80d..417ac74 100644 --- a/src/test/java/com/cyberark/conjur/api/ConjurTest.java +++ b/src/test/java/com/cyberark/conjur/api/ConjurTest.java @@ -5,8 +5,7 @@ import org.junit.Test; import org.junit.rules.ExpectedException; -import javax.ws.rs.ProcessingException; -import javax.ws.rs.WebApplicationException; +import jakarta.ws.rs.WebApplicationException; import java.util.UUID; /** @@ -76,7 +75,7 @@ public void testSetVariableWithoutVariableInPolicy() { @Test public void testLogonWithAlterativeAuthenticator() { - expectedException.expect(ProcessingException.class); + expectedException.expect(WebApplicationException.class); expectedException.expectMessage(UNAUTHORIZED_STATUS_CODE); String authnUrl = System.getProperty(APPLIANCE_URL_PROPERTY) + ALTERNATIVE_AUTHN_ENDPOINT;