Skip to content
This repository was archived by the owner on Jul 30, 2020. It is now read-only.

Commit 0904bc8

Browse files
authored
Merge pull request #79 from pajimene/develop
(Microservices) Update Spring Cloud Boot and security bug fix
2 parents e02be0e + 80c3a47 commit 0904bc8

7 files changed

Lines changed: 12 additions & 9 deletions

File tree

modules/microservices/microservice-archetype/src/main/resources/archetype-resources/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -264,7 +264,7 @@
264264

265265
<dependency>
266266
<groupId>org.springframework.boot</groupId>
267-
<artifactId>spring-boot-starter-ws</artifactId>
267+
<artifactId>spring-boot-starter-web-services</artifactId>
268268
</dependency>
269269

270270
<dependency>

modules/microservices/microservice-archetype/src/main/resources/archetype-resources/src/main/java/general/configuration/ServletInitializer.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55

66
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
77
import org.springframework.boot.builder.SpringApplicationBuilder;
8-
import org.springframework.boot.context.web.SpringBootServletInitializer;
8+
import org.springframework.boot.web.support.SpringBootServletInitializer;
99
import org.springframework.context.annotation.Configuration;
1010

1111
import ${package}.SpringBootApp;

modules/microservices/microservice-archetype/src/main/resources/archetype-resources/src/main/java/general/configuration/WebSecurityConfig.java

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
package ${package}.general.configuration;
55

66
import org.springframework.context.annotation.Configuration;
7+
import org.springframework.http.HttpMethod;
78
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
89
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
910
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@@ -28,11 +29,13 @@ public JsonWebTokenUtility getJsonWebTokenUtility() {
2829
@Override
2930
protected void setupAuthorization(HttpSecurity http) throws Exception {
3031

31-
//Unsecure resources (triggers for actuator and more)
32+
//Unsecure resources (triggers for actuator and more)
3233
String[] unsecuredResources = new String[] { "/health", "/info", "/metrics", "/trace", "/refresh" };
3334

3435
http.authorizeRequests()
35-
// authenticate all other requests
36+
//allow Options request
37+
.antMatchers(HttpMethod.OPTIONS).permitAll()
38+
//allow unsecure resources
3639
.antMatchers(unsecuredResources).permitAll()
3740
// authenticate all other requests
3841
.anyRequest().authenticated();

modules/microservices/microservice-archetype/src/main/resources/archetype-resources/src/main/java/general/configuration/api/AbstractServiceConfig.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
import org.slf4j.Logger;
1818
import org.slf4j.LoggerFactory;
1919
import org.springframework.beans.factory.annotation.Value;
20-
import org.springframework.boot.context.embedded.ServletRegistrationBean;
20+
import org.springframework.boot.web.servlet.ServletRegistrationBean;
2121
import org.springframework.context.ApplicationContext;
2222
import org.springframework.context.annotation.Bean;
2323
import org.springframework.context.annotation.Configuration;

modules/microservices/microservice-archetype/src/main/resources/archetype-resources/src/main/java/general/configuration/api/AbstractWebConfig.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
import org.apache.catalina.filters.SetCharacterEncodingFilter;
99
import org.springframework.beans.factory.annotation.Autowired;
1010
import org.springframework.beans.factory.config.AutowireCapableBeanFactory;
11-
import org.springframework.boot.context.embedded.FilterRegistrationBean;
11+
import org.springframework.boot.web.servlet.FilterRegistrationBean;
1212
import org.springframework.context.annotation.Bean;
1313

1414
import io.oasp.module.logging.common.api.DiagnosticContextFacade;

modules/microservices/microservices/src/main/java/com/capgemini/devonfw/microservices/configuration/jwt/JsonWebTokenUtility.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,11 @@
33
import java.security.Key;
44
import java.util.ArrayList;
55
import java.util.Arrays;
6-
import java.util.Base64;
76
import java.util.Date;
87
import java.util.List;
98

109
import javax.crypto.spec.SecretKeySpec;
10+
import javax.xml.bind.DatatypeConverter;
1111

1212
import org.slf4j.Logger;
1313
import org.slf4j.LoggerFactory;
@@ -98,7 +98,7 @@ public final UserDetailsJsonWebTokenAbstract retrieveUserDetails(String token) {
9898
@Value("${jwt.encodedKey}")
9999
public final void setEncodedKey(String encodedKey) {
100100

101-
byte[] decodedKey = Base64.getDecoder().decode(encodedKey);
101+
byte[] decodedKey = DatatypeConverter.parseBase64Binary(encodedKey);
102102
this.secretKey = new SecretKeySpec(decodedKey, SIGNATURE_ALGORITHM.getJcaName());
103103

104104
}

modules/microservices/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
<description>Devonfw microservices archetypes and module</description>
1515

1616
<properties>
17-
<spring.cloud.boot.version>Brixton.SR7</spring.cloud.boot.version>
17+
<spring.cloud.boot.version>Dalston.SR4</spring.cloud.boot.version>
1818
</properties>
1919

2020
<modules>

0 commit comments

Comments
 (0)