add Springboot4 to CI workflow

Author: tobixlea

.github/workflows/continuous-integration-workflow.yml

@@ -82,6 +82,18 @@ jobs:
       - name: Build with Spring Boot 3.3.x
         run: ./gha_build.sh springboot3 false false -Dspringboot.version=3.3.6 -Dspring.version=6.1.15 -Dspringsecurity.version=6.3.5 -Ddependency-check.skip=true
 
+  build_springboot4:
+    name: Build and test SpringBoot 4
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'corretto'
+          java-version: 17
+      - name: Build latest
+        run: ./gha_build.sh springboot4 true true
 # temporarily disabled as Struts is not released at the moment
 #  build_struts2:
 #    name: Build and test Struts

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsProxyHttpServletRequest.java

@@ -607,12 +607,22 @@ private List<String> getHeaderValues(String key) {
 
         if (request.getRequestSource() == RequestSource.API_GATEWAY) {
             if ("referer".equals(key.toLowerCase(Locale.ENGLISH))) {
-                values.add(request.getRequestContext().getIdentity().getCaller());
-                return values;
+                if (request.getRequestContext() != null && request.getRequestContext().getIdentity() != null) {
+                    String caller = request.getRequestContext().getIdentity().getCaller();
+                    if (caller != null) {
+                        values.add(caller);
+                        return values;
+                    }
+                }
             }
             if ("user-agent".equals(key.toLowerCase(Locale.ENGLISH))) {
-                values.add(request.getRequestContext().getIdentity().getUserAgent());
-                return values;
+                if (request.getRequestContext() != null && request.getRequestContext().getIdentity() != null) {
+                    String userAgent = request.getRequestContext().getIdentity().getUserAgent();
+                    if (userAgent != null) {
+                        values.add(userAgent);
+                        return values;
+                    }
+                }
             }
         }
 

aws-serverless-java-container-springboot4/pom.xml

@@ -76,16 +76,126 @@
             <version>${spring.version}</version>
             <optional>true</optional>
         </dependency>
+        
+        <!-- Jakarta Servlet API for Spring Boot 4.0 -->
+        <dependency>
+            <groupId>jakarta.servlet</groupId>
+            <artifactId>jakarta.servlet-api</artifactId>
+            <version>6.1.0</version>
+            <scope>provided</scope>
+        </dependency>
+        
+        <!-- Test dependencies -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter</artifactId>
+            <version>${springboot.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-webmvc</artifactId>
+            <version>${springboot.version}</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-webflux</artifactId>
+            <version>${springboot.version}</version>
+            <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework.boot</groupId>
+                    <artifactId>spring-boot-starter-reactor-netty</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-jpa</artifactId>
+            <version>${springboot.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-validation</artifactId>
+            <version>${springboot.version}</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-webmvc-test</artifactId>
+            <version>${springboot.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+            <version>2.3.232</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+            <version>${springboot.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-web</artifactId>
+            <version>${springsecurity.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+            <version>${springsecurity.version}</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
+    <profiles>
+        <profile>
+            <id>security-tests</id>
+            <activation>
+                <property>
+                    <name>test</name>
+                    <value>SecurityAppTest</value>
+                </property>
+            </activation>
+            <dependencies>
+                <dependency>
+                    <groupId>org.springframework.boot</groupId>
+                    <artifactId>spring-boot-starter-security</artifactId>
+                    <version>${springboot.version}</version>
+                    <scope>test</scope>
+                </dependency>
+                <dependency>
+                    <groupId>org.springframework.security</groupId>
+                    <artifactId>spring-security-web</artifactId>
+                    <version>${springsecurity.version}</version>
+                    <scope>test</scope>
+                </dependency>
+                <dependency>
+                    <groupId>org.springframework.security</groupId>
+                    <artifactId>spring-security-config</artifactId>
+                    <version>${springsecurity.version}</version>
+                    <scope>test</scope>
+                </dependency>
+            </dependencies>
+        </profile>
+    </profiles>
+
     <build>
         <plugins>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
                 <configuration>
-                    <source>25</source>
-                    <target>25</target>
+                    <source>17</source>
+                    <target>17</target>
                 </configuration>
             </plugin>
         </plugins>

aws-serverless-java-container-springboot4/src/main/java/com/amazonaws/serverless/proxy/spring/SpringBootLambdaContainerHandler.java

@@ -18,7 +18,7 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.WebApplicationType;
 import org.springframework.boot.builder.SpringApplicationBuilder;
-import org.springframework.boot.web.context.servlet.AnnotationConfigServletWebApplicationContext;
+import org.springframework.boot.web.server.servlet.context.AnnotationConfigServletWebServerApplicationContext;
 import org.springframework.context.ConfigurableApplicationContext;
 
 import com.amazonaws.serverless.exceptions.ContainerInitializationException;
@@ -197,7 +197,7 @@ public void initialize()
         }
         applicationContext = builder.run();
         if (springWebApplicationType == WebApplicationType.SERVLET) {
-            ((AnnotationConfigServletWebApplicationContext)applicationContext).setServletContext(getServletContext());
+            ((AnnotationConfigServletWebServerApplicationContext)applicationContext).setServletContext(getServletContext());
             AwsServletRegistration reg = (AwsServletRegistration)getServletContext().getServletRegistration(DISPATCHER_SERVLET_REGISTRATION_NAME);
             if (reg != null) {
                 reg.setLoadOnStartup(1);

aws-serverless-java-container-springboot4/src/test/java/com/amazonaws/serverless/proxy/spring/AwsSpringHttpProcessingUtilsTests.java

@@ -12,7 +12,7 @@
 import org.junit.jupiter.params.provider.MethodSource;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext;
+import org.springframework.boot.web.server.servlet.context.ServletWebServerApplicationContext;
 import org.springframework.cloud.function.serverless.web.ServerlessMVC;
 import org.springframework.cloud.function.serverless.web.ServerlessServletContext;
 import org.springframework.context.ConfigurableApplicationContext;

aws-serverless-java-container-springboot4/src/test/java/com/amazonaws/serverless/proxy/spring/jpaapp/JpaApplication.java

@@ -7,11 +7,6 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Import;
 
-@SpringBootApplication(exclude = {
-        org.springframework.boot.autoconfigure.security.reactive.ReactiveUserDetailsServiceAutoConfiguration.class,
-        org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration.class,
-        org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration.class,
-        org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration.class
-})
+@SpringBootApplication
 @Import(MessageController.class)
 public class JpaApplication {}

aws-serverless-java-container-springboot4/src/test/java/com/amazonaws/serverless/proxy/spring/jpaapp/SecurityConfig.java

@@ -0,0 +1,17 @@
+package com.amazonaws.serverless.proxy.spring.jpaapp;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.authorizeHttpRequests(authz -> authz.anyRequest().permitAll())
+            .csrf(csrf -> csrf.disable());
+        return http.build();
+    }
+}

aws-serverless-java-container-springboot4/src/test/java/com/amazonaws/serverless/proxy/spring/securityapp/SecurityApplication.java

@@ -6,10 +6,7 @@
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 import org.springframework.web.reactive.config.EnableWebFlux;
 
-@SpringBootApplication(exclude = {
-        org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration.class,
-        org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration.class
-})
+@SpringBootApplication
 @EnableWebFluxSecurity
 @EnableWebFlux
 @Import(SecurityConfig.class)

aws-serverless-java-container-springboot4/src/test/java/com/amazonaws/serverless/proxy/spring/securityapp/SecurityConfig.java

@@ -21,10 +21,11 @@ public class SecurityConfig
     @Bean
     public SecurityWebFilterChain securitygWebFilterChain(
             ServerHttpSecurity http) {
-        return http.authorizeExchange()
-                .anyExchange().authenticated().and().csrf().disable()
-                .httpBasic()
-                .and().build();
+        return http.authorizeExchange(exchanges -> exchanges
+                .anyExchange().authenticated())
+                .csrf(csrf -> csrf.disable())
+                .httpBasic(httpBasic -> {})
+                .build();
     }
 
     @Bean

aws-serverless-java-container-springboot4/src/test/java/com/amazonaws/serverless/proxy/spring/servletapp/SecurityConfig.java

@@ -0,0 +1,17 @@
+package com.amazonaws.serverless.proxy.spring.servletapp;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.authorizeHttpRequests(authz -> authz.anyRequest().permitAll())
+            .csrf(csrf -> csrf.disable());
+        return http.build();
+    }
+}