diff --git a/README.md b/README.md index add9e6f..1fbdaf0 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ cassette-deck ============= A server to provide various metadata about Minecraft versions. + +Requires Java 17 to build. diff --git a/app/build.gradle.kts b/app/build.gradle.kts index 818998d..e0d8930 100644 --- a/app/build.gradle.kts +++ b/app/build.gradle.kts @@ -66,38 +66,6 @@ dependencies { // For Log4J2 async runtimeOnly(libs.disruptor) - // Force 2.15 - constraints { - add("implementation", "org.apache.logging.log4j:log4j-api") { - version { - strictly("[2.15, 3[") - prefer("2.15.0") - } - because("CVE-2021-44228: Log4j vulnerable to remote code execution") - } - add("implementation", "org.apache.logging.log4j:log4j-core") { - version { - strictly("[2.15, 3[") - prefer("2.15.0") - } - because("CVE-2021-44228: Log4j vulnerable to remote code execution") - } - add("implementation", "org.apache.logging.log4j:log4j-jul") { - version { - strictly("[2.15, 3[") - prefer("2.15.0") - } - because("CVE-2021-44228: Log4j vulnerable to remote code execution") - } - add("implementation", "org.apache.logging.log4j:log4j-slf4j-impl") { - version { - strictly("[2.15, 3[") - prefer("2.15.0") - } - because("CVE-2021-44228: Log4j vulnerable to remote code execution") - } - } - testImplementation(libs.spring.boot.starter.test) testImplementation(platform(libs.junit.bom)) testImplementation(libs.junit.jupiter.api) diff --git a/app/src/main/java/org/enginehub/cassettedeck/AppWebConfig.java b/app/src/main/java/org/enginehub/cassettedeck/AppWebConfig.java index 2645979..f294083 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/AppWebConfig.java +++ b/app/src/main/java/org/enginehub/cassettedeck/AppWebConfig.java @@ -18,6 +18,7 @@ package org.enginehub.cassettedeck; +import jakarta.servlet.Filter; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.CacheControl; @@ -27,7 +28,6 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import org.springframework.web.servlet.mvc.WebContentInterceptor; -import javax.servlet.Filter; import java.time.Duration; @Configuration diff --git a/app/src/main/java/org/enginehub/cassettedeck/CassetteDeck.java b/app/src/main/java/org/enginehub/cassettedeck/CassetteDeck.java index 7031ee2..ced0f55 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/CassetteDeck.java +++ b/app/src/main/java/org/enginehub/cassettedeck/CassetteDeck.java @@ -21,6 +21,7 @@ */ package org.enginehub.cassettedeck; +import org.apache.logging.log4j.LogManager; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.r2dbc.R2dbcAutoConfiguration; @@ -34,6 +35,12 @@ public class CassetteDeck { public static void main(String[] args) { System.setProperty("org.jooq.no-logo", "true"); System.setProperty("org.jooq.no-tips", "true"); - SpringApplication.run(CassetteDeck.class, args); + try { + SpringApplication.run(CassetteDeck.class, args); + } catch (Throwable t) { + // Spring replaced the uncaught exception handler, so we need to do this manually. + LogManager.getLogger().error("Uncaught exception", t); + throw t; + } } } diff --git a/app/src/main/java/org/enginehub/cassettedeck/controller/CliDataController.java b/app/src/main/java/org/enginehub/cassettedeck/controller/CliDataController.java index f24e985..929f6ef 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/controller/CliDataController.java +++ b/app/src/main/java/org/enginehub/cassettedeck/controller/CliDataController.java @@ -21,12 +21,9 @@ import org.enginehub.cassettedeck.data.downstream.CliData; import org.enginehub.cassettedeck.exception.NotFoundException; import org.enginehub.cassettedeck.service.WorldEditCliDataService; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PutMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.security.access.annotation.Secured; +import org.springframework.security.access.prepost.PreAuthorize; +import org.springframework.web.bind.annotation.*; import java.io.IOException; @@ -60,6 +57,7 @@ public CliData getWeCliData( * Uploads a WE CLI Data file for a given data version and CLI data version. */ @PutMapping("/{dataVersion}/{cliDataVersion}") + @PreAuthorize("hasRole('ROLE_SERVER')") public void putWeCliData( @PathVariable int dataVersion, @PathVariable int cliDataVersion, diff --git a/app/src/main/java/org/enginehub/cassettedeck/controller/ExceptionMapper.java b/app/src/main/java/org/enginehub/cassettedeck/controller/ExceptionMapper.java index 0effdf5..2ceec62 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/controller/ExceptionMapper.java +++ b/app/src/main/java/org/enginehub/cassettedeck/controller/ExceptionMapper.java @@ -23,6 +23,9 @@ import org.enginehub.cassettedeck.exception.DownloadException; import org.enginehub.cassettedeck.exception.NotFoundException; import org.springframework.http.HttpStatus; +import org.springframework.http.converter.HttpMessageNotReadableException; +import org.springframework.web.HttpMediaTypeNotAcceptableException; +import org.springframework.web.HttpMediaTypeNotSupportedException; import org.springframework.web.bind.MissingServletRequestParameterException; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ExceptionHandler; @@ -37,7 +40,7 @@ public class ExceptionMapper { private static final Logger LOGGER = LogManager.getLogger(); // Catch-all - @ExceptionHandler({Throwable.class}) + @ExceptionHandler @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) public Map handle(Throwable e) { LOGGER.warn("Error handling request", e); @@ -45,7 +48,7 @@ public Map handle(Throwable e) { } // Client problems - @ExceptionHandler({MissingServletRequestParameterException.class}) + @ExceptionHandler @ResponseStatus(HttpStatus.BAD_REQUEST) public Map handle(MissingServletRequestParameterException e) { return Map.of( @@ -54,7 +57,33 @@ public Map handle(MissingServletRequestParameterException e) { ); } - @ExceptionHandler({NotFoundException.class}) + @ExceptionHandler + @ResponseStatus(HttpStatus.BAD_REQUEST) + public Map handle(HttpMediaTypeNotSupportedException e) { + return Map.of( + "code", "bad.request", + "unsupported.content-type", String.valueOf(e.getContentType()) + ); + } + + @ExceptionHandler + @ResponseStatus(HttpStatus.NOT_ACCEPTABLE) + public Map handle(HttpMediaTypeNotAcceptableException e) { + return Map.of( + "code", "not.acceptable", + "accepted.content-types", e.getSupportedMediaTypes() + ); + } + + @ExceptionHandler + @ResponseStatus(HttpStatus.BAD_REQUEST) + public Map handle(HttpMessageNotReadableException e) { + return Map.of( + "code", "bad.request" + ); + } + + @ExceptionHandler @ResponseStatus(HttpStatus.NOT_FOUND) public Map handle(NotFoundException e) { return Map.of("code", e.type() + ".not.found"); @@ -62,7 +91,7 @@ public Map handle(NotFoundException e) { // Upstream problems - @ExceptionHandler({DownloadException.class}) + @ExceptionHandler @ResponseStatus(HttpStatus.BAD_GATEWAY) public Map handle(DownloadException e) { LOGGER.warn("Download error occurred", e); diff --git a/app/src/main/java/org/enginehub/cassettedeck/controller/MinecraftVersionController.java b/app/src/main/java/org/enginehub/cassettedeck/controller/MinecraftVersionController.java index 7affdcf..5518bec 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/controller/MinecraftVersionController.java +++ b/app/src/main/java/org/enginehub/cassettedeck/controller/MinecraftVersionController.java @@ -23,11 +23,7 @@ import org.enginehub.cassettedeck.exception.NotFoundException; import org.enginehub.cassettedeck.service.MinecraftVersionService; import org.jetbrains.annotations.Nullable; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import java.time.Instant; import java.util.Collection; diff --git a/app/src/main/java/org/enginehub/cassettedeck/data/blob/BlobStorage.java b/app/src/main/java/org/enginehub/cassettedeck/data/blob/BlobStorage.java index c8c2edc..ec8e9f1 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/data/blob/BlobStorage.java +++ b/app/src/main/java/org/enginehub/cassettedeck/data/blob/BlobStorage.java @@ -34,7 +34,7 @@ interface OutputStreamConsumer { * If there is no blob for the given key, use {@code consumer} to fill it, then return a stream to get the contents * of the blob. * - * @param key the key + * @param key the key * @param consumer the blob provider * @return the content of the blob * @throws IOException if there is an I/O error diff --git a/app/src/main/java/org/enginehub/cassettedeck/data/downstream/CliData.java b/app/src/main/java/org/enginehub/cassettedeck/data/downstream/CliData.java index d7090cd..3b4165b 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/data/downstream/CliData.java +++ b/app/src/main/java/org/enginehub/cassettedeck/data/downstream/CliData.java @@ -18,22 +18,41 @@ package org.enginehub.cassettedeck.data.downstream; +import com.fasterxml.jackson.annotation.JsonProperty; + import java.util.List; import java.util.Map; public record CliData( + @JsonProperty(required = true) Map blocks, + @JsonProperty(required = true) List items, + @JsonProperty(required = true) List entities, + @JsonProperty(required = true) List biomes, - Map> blocktags, - Map> itemtags, - Map> entitytags + @JsonProperty(value = "blocktags", required = true) + Map> blockTags, + @JsonProperty(value = "itemtags", required = true) + Map> itemTags, + @JsonProperty(value = "entitytags", required = true) + Map> entityTags ) { - public record BlockManifest(String defaultstate, Map properties) { + public record BlockManifest( + @JsonProperty(value = "defaultstate", required = true) + String defaultState, + @JsonProperty(required = true) + Map properties + ) { } - public record BlockProperty(List values, String type) { + public record BlockProperty( + @JsonProperty(required = true) + List values, + @JsonProperty(required = true) + String type + ) { } } diff --git a/app/src/main/java/org/enginehub/cassettedeck/data/upstream/MojangBlockStates.java b/app/src/main/java/org/enginehub/cassettedeck/data/upstream/MojangBlockStates.java index 7837a45..597fda4 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/data/upstream/MojangBlockStates.java +++ b/app/src/main/java/org/enginehub/cassettedeck/data/upstream/MojangBlockStates.java @@ -19,7 +19,6 @@ package org.enginehub.cassettedeck.data.upstream; import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonUnwrapped; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; diff --git a/app/src/main/java/org/enginehub/cassettedeck/security/CassetteDeckAccessDeniedHandler.java b/app/src/main/java/org/enginehub/cassettedeck/security/CassetteDeckAccessDeniedHandler.java new file mode 100644 index 0000000..9ee5381 --- /dev/null +++ b/app/src/main/java/org/enginehub/cassettedeck/security/CassetteDeckAccessDeniedHandler.java @@ -0,0 +1,25 @@ +package org.enginehub.cassettedeck.security; + +import com.fasterxml.jackson.databind.ObjectMapper; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.stereotype.Component; + +import java.io.IOException; +import java.util.Map; + +@Component +public class CassetteDeckAccessDeniedHandler { + private final ObjectMapper mapper; + + public CassetteDeckAccessDeniedHandler(ObjectMapper mapper) { + this.mapper = mapper; + } + + public void handle(HttpServletResponse response) throws IOException { + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + mapper.writeValue( + response.getWriter(), + Map.of("code", "access.denied") + ); + } +} diff --git a/app/src/main/java/org/enginehub/cassettedeck/security/CassetteDeckSecurity.java b/app/src/main/java/org/enginehub/cassettedeck/security/CassetteDeckSecurity.java index 9a703fa..c6e58c9 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/security/CassetteDeckSecurity.java +++ b/app/src/main/java/org/enginehub/cassettedeck/security/CassetteDeckSecurity.java @@ -18,55 +18,48 @@ package org.enginehub.cassettedeck.security; -import com.fasterxml.jackson.databind.ObjectMapper; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.config.Customizer; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; -import org.springframework.security.web.util.matcher.RequestMatcher; - -import javax.servlet.Filter; @Configuration @EnableWebSecurity -public class CassetteDeckSecurity extends WebSecurityConfigurerAdapter { - private final ObjectMapper mapper; - private final DatabaseAuthenticationProvider authenticationProvider; - - public CassetteDeckSecurity(ObjectMapper mapper, - DatabaseAuthenticationProvider authenticationProvider) { - this.mapper = mapper; - this.authenticationProvider = authenticationProvider; - } - - @Override - protected void configure(AuthenticationManagerBuilder auth) { - auth.authenticationProvider(authenticationProvider); +@EnableMethodSecurity +public class CassetteDeckSecurity { + @Bean + public AuthenticationManager authenticationManager() { + return authentication -> { + if (!authentication.isAuthenticated()) { + throw new BadCredentialsException("Invalid credentials"); + } + return authentication; + }; } - @Override - protected void configure(HttpSecurity http) throws Exception { - http.httpBasic().disable() - .csrf().disable() - .formLogin().disable() - .logout().disable() + @Bean + public SecurityFilterChain filterChain( + HttpSecurity http, CassetteDeckAccessDeniedHandler accessDeniedHandler, TokenExtractingFilter filter + ) throws Exception { + return http + .csrf(AbstractHttpConfigurer::disable) + .logout(AbstractHttpConfigurer::disable) .cors(Customizer.withDefaults()) - .headers().cacheControl().disable().and() - .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() - .authenticationProvider(authenticationProvider) - .addFilterBefore(getFilter(), AnonymousAuthenticationFilter.class).authorizeRequests() - .requestMatchers(getRequestMatcher()).access("hasRole('ROLE_SERVER')").and(); - } - - private RequestMatcher getRequestMatcher() { - return request -> "PUT".equals(request.getMethod()); - } - - private Filter getFilter() throws Exception { - return new TokenExtractingFilter(mapper, getRequestMatcher(), authenticationManager()); + .headers(h -> h.cacheControl(HeadersConfigurer.CacheControlConfig::disable)) + .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .addFilterBefore(filter, AnonymousAuthenticationFilter.class) + .exceptionHandling(e -> e.accessDeniedHandler((request, response, accessDeniedException) -> + accessDeniedHandler.handle(response) + )) + .build(); } } diff --git a/app/src/main/java/org/enginehub/cassettedeck/security/DatabaseAuthenticationProvider.java b/app/src/main/java/org/enginehub/cassettedeck/security/DatabaseAuthenticationProvider.java deleted file mode 100644 index 9cb5625..0000000 --- a/app/src/main/java/org/enginehub/cassettedeck/security/DatabaseAuthenticationProvider.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) EngineHub - * Copyright (c) contributors - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -package org.enginehub.cassettedeck.security; - -import org.enginehub.cassettedeck.db.gen.tables.daos.AuthorizedTokenDao; -import org.springframework.security.access.AccessDeniedException; -import org.springframework.security.authentication.AnonymousAuthenticationToken; -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; -import org.springframework.stereotype.Component; - -import java.util.Set; - -@Component -public class DatabaseAuthenticationProvider implements AuthenticationProvider { - private final AuthorizedTokenDao tokenDao; - - public DatabaseAuthenticationProvider(AuthorizedTokenDao tokenDao) { - this.tokenDao = tokenDao; - } - - @Override - public Authentication authenticate(Authentication authentication) throws AuthenticationException { - String customToken = (String) authentication.getCredentials(); - if (tokenDao.existsById(customToken)) { - return new AnonymousAuthenticationToken( - "token", customToken, Set.of(new SimpleGrantedAuthority("ROLE_SERVER")) - ); - } - throw new BadCredentialsException("Token is not accepted"); - } - - @Override - public boolean supports(Class authentication) { - return authentication == PreAuthenticatedAuthenticationToken.class; - } -} diff --git a/app/src/main/java/org/enginehub/cassettedeck/security/TokenExtractingFilter.java b/app/src/main/java/org/enginehub/cassettedeck/security/TokenExtractingFilter.java index 40da7c9..113f248 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/security/TokenExtractingFilter.java +++ b/app/src/main/java/org/enginehub/cassettedeck/security/TokenExtractingFilter.java @@ -20,47 +20,58 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.google.common.net.HttpHeaders; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.enginehub.cassettedeck.db.gen.tables.daos.AuthorizedTokenDao; +import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; -import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; -import org.springframework.security.web.util.matcher.RequestMatcher; +import org.springframework.security.web.util.matcher.AnyRequestMatcher; +import org.springframework.stereotype.Component; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Map; +import java.util.Set; +@Component public class TokenExtractingFilter extends AbstractAuthenticationProcessingFilter { + private final AuthorizedTokenDao tokenDao; - public TokenExtractingFilter(ObjectMapper mapper, - RequestMatcher requiresAuthenticationRequestMatcher, - AuthenticationManager authenticationManager) { - super(requiresAuthenticationRequestMatcher); - setAuthenticationManager(authenticationManager); - setAuthenticationFailureHandler((request, response, exception) -> { - response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - mapper.writeValue( - response.getWriter(), - Map.of("code", "access.denied") - ); - }); + public TokenExtractingFilter( + AuthenticationManager authenticationManager, + AuthorizedTokenDao tokenDao, + CassetteDeckAccessDeniedHandler accessDeniedHandler + ) { + super(AnyRequestMatcher.INSTANCE, authenticationManager); + this.tokenDao = tokenDao; + setAuthenticationFailureHandler((request, response, exception) -> accessDeniedHandler.handle(response)); } @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { String header = request.getHeader(HttpHeaders.AUTHORIZATION); - if (header == null || !header.startsWith("Token ")) { + if (header == null) { + return new AnonymousAuthenticationToken( + "anonymous", "anonymous", Set.of(new SimpleGrantedAuthority("ROLE_ANONYMOUS")) + ); + } + if (!header.startsWith("Token ")) { throw new BadCredentialsException("Not token authorization"); } var tokenString = header.substring("Token ".length()); - var token = new PreAuthenticatedAuthenticationToken("token", tokenString); - return getAuthenticationManager().authenticate(token); + if (tokenDao.existsById(tokenString)) { + return new AnonymousAuthenticationToken( + "token", tokenString, Set.of(new SimpleGrantedAuthority("ROLE_SERVER")) + ); + } + throw new BadCredentialsException("Invalid token"); } @Override diff --git a/app/src/main/java/org/enginehub/cassettedeck/service/SqlMinecraftVersionService.java b/app/src/main/java/org/enginehub/cassettedeck/service/SqlMinecraftVersionService.java index 4325f71..2294606 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/service/SqlMinecraftVersionService.java +++ b/app/src/main/java/org/enginehub/cassettedeck/service/SqlMinecraftVersionService.java @@ -30,11 +30,7 @@ import org.springframework.stereotype.Service; import java.time.Instant; -import java.util.ArrayList; -import java.util.Collection; -import java.util.HashSet; -import java.util.List; -import java.util.Set; +import java.util.*; import static org.enginehub.cassettedeck.db.gen.Tables.MINECRAFT_VERSION; diff --git a/app/src/main/java/org/enginehub/cassettedeck/service/StoredWorldEditCliDataService.java b/app/src/main/java/org/enginehub/cassettedeck/service/StoredWorldEditCliDataService.java index 381334d..55d69f2 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/service/StoredWorldEditCliDataService.java +++ b/app/src/main/java/org/enginehub/cassettedeck/service/StoredWorldEditCliDataService.java @@ -20,7 +20,6 @@ import com.fasterxml.jackson.databind.ObjectMapper; import org.enginehub.cassettedeck.data.blob.BlobStorage; -import org.enginehub.cassettedeck.data.downstream.BlockStates; import org.enginehub.cassettedeck.data.downstream.CliData; import org.jetbrains.annotations.Nullable; import org.springframework.beans.factory.annotation.Qualifier; diff --git a/app/src/main/java/org/enginehub/cassettedeck/servlet/RateLimitingFilter.java b/app/src/main/java/org/enginehub/cassettedeck/servlet/RateLimitingFilter.java index ace2b47..ae67094 100644 --- a/app/src/main/java/org/enginehub/cassettedeck/servlet/RateLimitingFilter.java +++ b/app/src/main/java/org/enginehub/cassettedeck/servlet/RateLimitingFilter.java @@ -23,17 +23,12 @@ import com.google.common.cache.LoadingCache; import io.github.bucket4j.Bandwidth; import io.github.bucket4j.Bucket; -import io.github.bucket4j.Bucket4j; import io.github.bucket4j.Refill; +import jakarta.servlet.*; +import jakarta.servlet.http.HttpServletResponse; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.time.Duration; @@ -44,7 +39,7 @@ private static Bucket createNewBucket() { long overdraft = 50; Refill refill = Refill.greedy(10, Duration.ofSeconds(1)); Bandwidth limit = Bandwidth.classic(overdraft, refill); - return Bucket4j.builder().addLimit(limit).build(); + return Bucket.builder().addLimit(limit).build(); } private final LoadingCache bucketCache = CacheBuilder.newBuilder() diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 31b7896..87b88e4 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -1,15 +1,15 @@ [versions] -jooq = "3.15.5" +jooq = "3.18.5" [plugins] -spring-boot = "org.springframework.boot:2.6.1" +spring-boot = "org.springframework.boot:3.1.2" licenser = "org.cadixdev.licenser:0.6.1" -jooq = "nu.studer.jooq:6.0.1" +jooq = "nu.studer.jooq:8.2.1" [libraries] -jetbrains-annotations = "org.jetbrains:annotations:23.0.0" +jetbrains-annotations = "org.jetbrains:annotations:24.0.1" spring-boot-starter-web.module = "org.springframework.boot:spring-boot-starter-web" spring-boot-starter-tomcat.module = "org.springframework.boot:spring-boot-starter-tomcat" @@ -19,17 +19,17 @@ spring-boot-starter-security.module = "org.springframework.boot:spring-boot-star spring-boot-starter-log4j2.module = "org.springframework.boot:spring-boot-starter-log4j2" spring-boot-starter-test.module = "org.springframework.boot:spring-boot-starter-test" -bucket4j-core = "com.github.vladimir-bukhtoyarov:bucket4j-core:6.4.1" +bucket4j-core = "com.github.vladimir-bukhtoyarov:bucket4j-core:7.6.0" -apache-commons-compress = "org.apache.commons:commons-compress:1.21" +apache-commons-compress = "org.apache.commons:commons-compress:1.23.0" -guava = "com.google.guava:guava:31.0.1-jre" +guava = "com.google.guava:guava:32.1.1-jre" -xerial-sqlite = "org.xerial:sqlite-jdbc:3.36.0.3" +xerial-sqlite = "org.xerial:sqlite-jdbc:3.42.0.0" disruptor = "com.lmax:disruptor:3.4.4" -junit-bom = "org.junit:junit-bom:5.8.2" +junit-bom = "org.junit:junit-bom:5.10.0" junit-jupiter-api.module = "org.junit.jupiter:junit-jupiter-api" junit-jupiter-engine.module = "org.junit.jupiter:junit-jupiter-engine" diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar index 7454180..033e24c 100644 Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 84d1f85..9f4197d 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,7 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.2.1-bin.zip +networkTimeout=10000 +validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/gradlew b/gradlew index 1b6c787..fcb6fca 100755 --- a/gradlew +++ b/gradlew @@ -55,7 +55,7 @@ # Darwin, MinGW, and NonStop. # # (3) This script is generated from the Groovy template -# https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt +# https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt # within the Gradle project. # # You can find Gradle at https://github.com/gradle/gradle/. @@ -80,13 +80,10 @@ do esac done -APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit - -APP_NAME="Gradle" +# This is normally unused +# shellcheck disable=SC2034 APP_BASE_NAME=${0##*/} - -# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' +APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD=maximum @@ -133,22 +130,29 @@ location of your Java installation." fi else JAVACMD=java - which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + if ! command -v java >/dev/null 2>&1 + then + die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. Please set the JAVA_HOME variable in your environment to match the location of your Java installation." + fi fi # Increase the maximum file descriptors if we can. if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then case $MAX_FD in #( max*) + # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC3045 MAX_FD=$( ulimit -H -n ) || warn "Could not query maximum file descriptor limit" esac case $MAX_FD in #( '' | soft) :;; #( *) + # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC3045 ulimit -n "$MAX_FD" || warn "Could not set maximum file descriptor limit to $MAX_FD" esac @@ -193,6 +197,10 @@ if "$cygwin" || "$msys" ; then done fi + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + # Collect all arguments for the java command; # * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of # shell script including quotes and variable substitutions, so put them in @@ -205,6 +213,12 @@ set -- \ org.gradle.wrapper.GradleWrapperMain \ "$@" +# Stop when "xargs" is not available. +if ! command -v xargs >/dev/null 2>&1 +then + die "xargs is not available" +fi + # Use "xargs" to parse quoted args. # # With -n1 it outputs one arg per line, with the quotes and backslashes removed. diff --git a/gradlew.bat b/gradlew.bat index 107acd3..93e3f59 100644 --- a/gradlew.bat +++ b/gradlew.bat @@ -14,7 +14,7 @@ @rem limitations under the License. @rem -@if "%DEBUG%" == "" @echo off +@if "%DEBUG%"=="" @echo off @rem ########################################################################## @rem @rem Gradle startup script for Windows @@ -25,7 +25,8 @@ if "%OS%"=="Windows_NT" setlocal set DIRNAME=%~dp0 -if "%DIRNAME%" == "" set DIRNAME=. +if "%DIRNAME%"=="" set DIRNAME=. +@rem This is normally unused set APP_BASE_NAME=%~n0 set APP_HOME=%DIRNAME% @@ -40,7 +41,7 @@ if defined JAVA_HOME goto findJavaFromJavaHome set JAVA_EXE=java.exe %JAVA_EXE% -version >NUL 2>&1 -if "%ERRORLEVEL%" == "0" goto execute +if %ERRORLEVEL% equ 0 goto execute echo. echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. @@ -75,13 +76,15 @@ set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar :end @rem End local scope for the variables with windows NT shell -if "%ERRORLEVEL%"=="0" goto mainEnd +if %ERRORLEVEL% equ 0 goto mainEnd :fail rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of rem the _cmd.exe /c_ return code! -if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 -exit /b 1 +set EXIT_CODE=%ERRORLEVEL% +if %EXIT_CODE% equ 0 set EXIT_CODE=1 +if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% +exit /b %EXIT_CODE% :mainEnd if "%OS%"=="Windows_NT" endlocal diff --git a/settings.gradle.kts b/settings.gradle.kts index 4283616..c9ce45b 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -1,4 +1,3 @@ -enableFeaturePreview("VERSION_CATALOGS") rootProject.name = "cassette-deck" include("app") include("jooq-extensions")