-
Notifications
You must be signed in to change notification settings - Fork 13
feature: upgrade to Spring Boot 3.2.5 / Java 17 #746
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| name: Java CI | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - '**' | ||
| tags: | ||
| - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10 | ||
| pull_request: | ||
| branches: | ||
| - '**' | ||
|
|
||
| jobs: | ||
| build: | ||
|
|
||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Set up JDK 17 | ||
| uses: actions/setup-java@v4 | ||
| with: | ||
| distribution: zulu | ||
| java-version: '17' | ||
| - uses: actions/cache@v4 | ||
| with: | ||
| path: | | ||
| ~/.gradle/caches | ||
| ~/.gradle/wrapper | ||
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-gradle- | ||
| - name: Test with Gradle | ||
| run: ./gradlew clean test |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| distributionBase=GRADLE_USER_HOME | ||
| distributionPath=wrapper/dists | ||
| distributionUrl=https\://services.gradle.org/distributions/gradle-7.4-bin.zip | ||
| distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip | ||
| zipStoreBase=GRADLE_USER_HOME | ||
| zipStorePath=wrapper/dists |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,10 +8,10 @@ | |
| import org.springframework.http.HttpStatus; | ||
| import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
| import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | ||
| import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; | ||
| import org.springframework.security.config.http.SessionCreationPolicy; | ||
| import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | ||
| import org.springframework.security.crypto.password.PasswordEncoder; | ||
| import org.springframework.security.web.SecurityFilterChain; | ||
| import org.springframework.security.web.authentication.HttpStatusEntryPoint; | ||
| import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; | ||
| import org.springframework.web.cors.CorsConfiguration; | ||
|
|
@@ -20,7 +20,7 @@ | |
|
|
||
| @Configuration | ||
| @EnableWebSecurity | ||
| public class WebSecurityConfig extends WebSecurityConfigurerAdapter { | ||
| public class WebSecurityConfig { | ||
|
|
||
| @Bean | ||
| public JwtTokenFilter jwtTokenFilter() { | ||
|
|
@@ -32,36 +32,37 @@ public PasswordEncoder passwordEncoder() { | |
| return new BCryptPasswordEncoder(); | ||
| } | ||
|
|
||
| @Override | ||
| protected void configure(HttpSecurity http) throws Exception { | ||
|
|
||
| http.csrf() | ||
| .disable() | ||
| .cors() | ||
| .and() | ||
| .exceptionHandling() | ||
| .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)) | ||
| .and() | ||
| .sessionManagement() | ||
| .sessionCreationPolicy(SessionCreationPolicy.STATELESS) | ||
| .and() | ||
| .authorizeRequests() | ||
| .antMatchers(HttpMethod.OPTIONS) | ||
| .permitAll() | ||
| .antMatchers("/graphiql") | ||
| .permitAll() | ||
| .antMatchers("/graphql") | ||
| .permitAll() | ||
| .antMatchers(HttpMethod.GET, "/articles/feed") | ||
| .authenticated() | ||
| .antMatchers(HttpMethod.POST, "/users", "/users/login") | ||
| .permitAll() | ||
| .antMatchers(HttpMethod.GET, "/articles/**", "/profiles/**", "/tags") | ||
| .permitAll() | ||
| .anyRequest() | ||
| .authenticated(); | ||
| @Bean | ||
| public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { | ||
| http.csrf(csrf -> csrf.disable()) | ||
| .cors(cors -> {}) | ||
|
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 📝 Info: SecurityFilterChain migration uses empty CORS lambda that relies on bean discovery The CORS configuration at Was this helpful? React with 👍 or 👎 to provide feedback. |
||
| .exceptionHandling( | ||
| exception -> | ||
| exception.authenticationEntryPoint( | ||
| new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))) | ||
| .sessionManagement( | ||
| session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) | ||
| .authorizeHttpRequests( | ||
| authorize -> | ||
| authorize | ||
| .requestMatchers(HttpMethod.OPTIONS) | ||
| .permitAll() | ||
| .requestMatchers("/graphiql") | ||
| .permitAll() | ||
| .requestMatchers("/graphql") | ||
| .permitAll() | ||
| .requestMatchers(HttpMethod.GET, "/articles/feed") | ||
| .authenticated() | ||
| .requestMatchers(HttpMethod.POST, "/users", "/users/login") | ||
| .permitAll() | ||
| .requestMatchers(HttpMethod.GET, "/articles/**", "/profiles/**", "/tags") | ||
| .permitAll() | ||
| .anyRequest() | ||
| .authenticated()); | ||
|
Comment on lines
+45
to
+61
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 📝 Info: Spring Security requestMatchers order correctly preserves feed authentication The security config at Was this helpful? React with 👍 or 👎 to provide feedback. |
||
|
|
||
| http.addFilterBefore(jwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); | ||
|
|
||
| return http.build(); | ||
| } | ||
|
|
||
| @Bean | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
📝 Info: Flyway + SQLite compatibility depends on Spring Boot 3.2.x using Flyway 9.x
The project uses SQLite (
src/main/resources/application.properties:1) withorg.flywaydb:flyway-core(version managed by Spring Boot). Spring Boot 3.2.5 bundles Flyway 9.22.x, which still includes SQLite support in the core module. However, starting with Spring Boot 3.3+ (which uses Flyway 10+), SQLite support was moved to a separateflyway-database-sqlitemodule. If this project upgrades Spring Boot further, it will need to add that dependency explicitly or Flyway will fail to recognize the SQLite database.Was this helpful? React with 👍 or 👎 to provide feedback.