Merge branch 'bug/#640-scim-user-deprovisioning'

Author: oharsta

pom.xml

@@ -10,7 +10,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.5.5</version>
+        <version>3.5.9</version>
         <relativePath/>
         <!-- lookup parent from repository -->
     </parent>
@@ -29,15 +29,15 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.14.0</version>
+                <version>3.14.1</version>
                 <configuration>
                     <release>21</release>
                 </configuration>
             </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-enforcer-plugin</artifactId>
-                <version>3.6.1</version>
+                <version>3.6.2</version>
                 <executions>
                     <execution>
                         <id>enforce-versions</id>

provisioning-mock/pom.xml

@@ -30,7 +30,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.datatype</groupId>
             <artifactId>jackson-datatype-jdk8</artifactId>
-            <version>2.19.2</version>
+            <version>2.21.0</version>
         </dependency>
         <dependency>
             <groupId>io.hypersistence</groupId>
@@ -40,12 +40,12 @@
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
-            <version>1.18.38</version>
+            <version>1.18.42</version>
         </dependency>
         <dependency>
             <groupId>com.mysql</groupId>
             <artifactId>mysql-connector-j</artifactId>
-            <version>9.4.0</version>
+            <version>9.6.0</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -55,19 +55,19 @@
         <dependency>
             <groupId>io.rest-assured</groupId>
             <artifactId>rest-assured</artifactId>
-            <version>5.5.6</version>
+            <version>5.5.7</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>io.rest-assured</groupId>
             <artifactId>json-path</artifactId>
-            <version>5.5.6</version>
+            <version>5.5.7</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>io.rest-assured</groupId>
             <artifactId>xml-path</artifactId>
-            <version>5.5.6</version>
+            <version>5.5.7</version>
             <scope>test</scope>
         </dependency>
     </dependencies>

server/pom.xml

@@ -27,7 +27,7 @@
         <dependency>
             <groupId>io.hypersistence</groupId>
             <artifactId>hypersistence-utils-hibernate-63</artifactId>
-            <version>3.10.3</version>
+            <version>3.15.1</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -41,7 +41,7 @@
         <dependency>
             <groupId>io.micrometer</groupId>
             <artifactId>micrometer-registry-prometheus</artifactId>
-            <version>1.15.1</version>
+            <version>1.15.7</version>
         </dependency>
         <dependency>
             <groupId>ch.qos.logback.contrib</groupId>
@@ -117,7 +117,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.datatype</groupId>
             <artifactId>jackson-datatype-jdk8</artifactId>
-            <version>2.19.2</version>
+            <version>2.21.0</version>
         </dependency>
         <dependency>
             <groupId>com.squareup.okhttp3</groupId>
@@ -127,17 +127,17 @@
         <dependency>
             <groupId>org.flywaydb</groupId>
             <artifactId>flyway-core</artifactId>
-            <version>11.11.1</version>
+            <version>11.20.3</version>
         </dependency>
         <dependency>
             <groupId>org.flywaydb</groupId>
             <artifactId>flyway-mysql</artifactId>
-            <version>11.11.1</version>
+            <version>11.20.3</version>
         </dependency>
         <dependency>
             <groupId>org.mariadb.jdbc</groupId>
             <artifactId>mariadb-java-client</artifactId>
-            <version>3.5.5</version>
+            <version>3.5.7</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.retry</groupId>
@@ -164,7 +164,7 @@
         <dependency>
             <groupId>commons-codec</groupId>
             <artifactId>commons-codec</artifactId>
-            <version>1.19.0</version>
+            <version>1.21.0</version>
         </dependency>
         <dependency>
             <groupId>org.openconext</groupId>
@@ -174,7 +174,7 @@
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
-            <version>1.18.38</version>
+            <version>1.18.42</version>
             <scope>provided</scope>
         </dependency>
         <dependency>
@@ -185,19 +185,19 @@
         <dependency>
             <groupId>io.rest-assured</groupId>
             <artifactId>rest-assured</artifactId>
-            <version>5.5.6</version>
+            <version>5.5.7</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>io.rest-assured</groupId>
             <artifactId>json-path</artifactId>
-            <version>5.5.6</version>
+            <version>5.5.7</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>io.rest-assured</groupId>
             <artifactId>xml-path</artifactId>
-            <version>5.5.6</version>
+            <version>5.5.7</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -209,7 +209,7 @@
         <dependency>
             <groupId>com.icegreen</groupId>
             <artifactId>greenmail-junit5</artifactId>
-            <version>2.1.5</version>
+            <version>2.1.8</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -227,17 +227,17 @@
         <dependency>
             <groupId>org.springdoc</groupId>
             <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
-            <version>2.8.14</version>
+            <version>2.8.15</version>
         </dependency>
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcprov-jdk18on</artifactId>
-            <version>1.81</version>
+            <version>1.83</version>
         </dependency>
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcpkix-jdk18on</artifactId>
-            <version>1.81</version>
+            <version>1.83</version>
         </dependency>
     </dependencies>
     <build>

server/src/main/java/invite/model/APIToken.java

@@ -60,7 +60,7 @@ public APIToken(String hashedValue, String description, User owner) {
         this.createdAt = Instant.now();
     }
 
-    @JsonProperty
+    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
     public String owner() {
         return owner != null ? owner.getName() : null;
     }

server/src/test/java/invite/AbstractTest.java

@@ -243,7 +243,7 @@ protected AccessCookieFilter openIDConnectFlow(String path, String sub,
 
         String keyId = String.format("key_%s", new SimpleDateFormat("yyyy_MM_dd_HH_mm_ss_SSS").format(new Date()));
         RSAKey rsaKey = generateRsaKey(keyId);
-        String publicKeysJson = new JWKSet(rsaKey.toPublicJWK()).toJSONObject().toString();
+        String publicKeysJson = new JWKSet(rsaKey.toPublicJWK()).toString();
         stubFor(get(urlPathMatching("/jwk-set")).willReturn(aResponse()
                 .withHeader("Content-Type", "application/json")
                 .withBody(publicKeysJson)));

server/src/test/java/invite/api/APITokenControllerTest.java

@@ -25,7 +25,7 @@ void apiTokensByInstitution() throws Exception {
         AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/me", INSTITUTION_ADMIN_SUB,
                 institutionalAdminEntitlementOperator(ORGANISATION_GUID));
 
-        List<APIToken> tokens = given()
+        List<Map<String, Object>> tokens = given()
                 .when()
                 .filter(accessCookieFilter.cookieFilter())
                 .accept(ContentType.JSON)
@@ -71,7 +71,7 @@ void create() throws Exception {
                 });
         String token = res.get("token");
 
-        APIToken apiToken = given()
+        Map<String, Object> apiToken = given()
                 .when()
                 .filter(accessCookieFilter.cookieFilter())
                 .accept(ContentType.JSON)
@@ -81,11 +81,11 @@ void create() throws Exception {
                 .post("/api/v1/tokens")
                 .as(new TypeRef<>() {
                 });
-        assertNull(apiToken.getHashedValue());
-        assertEquals(ORGANISATION_GUID, apiToken.getOrganizationGUID());
-        assertEquals("test", apiToken.getDescription());
+        assertNull(apiToken.get("hashedValue"));
+        assertEquals(ORGANISATION_GUID, apiToken.get("organizationGUID"));
+        assertEquals("test", apiToken.get("description"));
 
-        APIToken apiTokenFromDB = apiTokenRepository.findById(apiToken.getId()).get();
+        APIToken apiTokenFromDB = apiTokenRepository.findById(Long.valueOf(apiToken.get("id").toString())).get();
         assertEquals(HashGenerator.hashToken(token), apiTokenFromDB.getHashedValue());
     }
 
@@ -101,7 +101,7 @@ void createSuperUserToken() throws Exception {
                 .contentType(ContentType.JSON)
                 .get("/api/v1/tokens/generate-token");
 
-        APIToken apiToken = given()
+        Map<String, Object> apiToken = given()
                 .when()
                 .filter(accessCookieFilter.cookieFilter())
                 .accept(ContentType.JSON)
@@ -111,7 +111,7 @@ void createSuperUserToken() throws Exception {
                 .post("/api/v1/tokens")
                 .as(new TypeRef<>() {
                 });
-        assertEquals("super-users-rule", apiToken.getOrganizationGUID());
+        assertEquals("super-users-rule", apiToken.get("organizationGUID"));
     }
 
     @Test
@@ -149,7 +149,11 @@ void createWithFaultyToken() throws Exception {
                 .accept(ContentType.JSON)
                 .header(accessCookieFilter.csrfToken().getHeaderName(), accessCookieFilter.csrfToken().getToken())
                 .contentType(ContentType.JSON)
-                .body(new APIToken("wrong", "wrong", false, "wrong", user))
+                .body(Map.of(
+                        "organizationGUID", "wrong",
+                        "hashedValue", "wrong",
+                        "superUserToken", false,
+                        "description", "test"))
                 .post("/api/v1/tokens")
                 .then()
                 .statusCode(403);
@@ -221,7 +225,7 @@ void deleteSuperUserTokenNotAllowed() throws Exception {
     void apiTokensBySuperAdmin() throws Exception {
         AccessCookieFilter accessCookieFilter = openIDConnectFlow("/api/v1/users/login", SUPER_SUB);
 
-        List<APIToken> tokens = given()
+        List<Map<String, Object>> tokens = given()
                 .when()
                 .filter(accessCookieFilter.cookieFilter())
                 .accept(ContentType.JSON)
@@ -232,8 +236,8 @@ void apiTokensBySuperAdmin() throws Exception {
                 });
 
         assertEquals(4, tokens.size());
-        assertEquals(1L, tokens.stream().filter(token -> token.isSuperUserToken()).count());
-        assertEquals(2L, tokens.stream().filter(token -> token.getOrganizationGUID() != null).count());
+        assertEquals(1L, tokens.stream().filter(token -> (boolean) token.get("superUserToken")).count());
+        assertEquals(2L, tokens.stream().filter(token -> token.get("organizationGUID") != null).count());
     }
 
     @Test