Bump io.dropwizard:dropwizard-dependencies from 2.1.1 to 4.0.6 #3284
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
dependencies
|
A newer version of io.dropwizard:dropwizard-dependencies exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
Bumps io.dropwizard:dropwizard-dependencies from 2.1.1 to 4.0.6. --- updated-dependencies: - dependency-name: io.dropwizard:dropwizard-dependencies dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
awildturtok
force-pushed
the
dependabot/maven/io.dropwizard-dropwizard-dependencies-4.0.6
branch
from
ae8fb2a to
de9d875
Compare
|
|
||
| // TODO necessary? | ||
| DefaultAuthFilter.registerTokenExtractor(JWTokenHandler.JWTokenExtractor.class, adminServlet.getJerseyConfig()); |
There was a problem hiding this comment.
Einmal reicht eigentlich. kann dann aus dem if heraus
There was a problem hiding this comment.
Die Frage hier ist ob ich den handler überhaupt regsitrieren darf/soll. Ich bin da nicht genug drin um zu wissen ob der per default immer registriert sein sollte.
There was a problem hiding this comment.
Passt so wie es ist ich sortiere es noch
| * @return | ||
| */ | ||
| @Named("jwt-extractor") | ||
| @Service |
There was a problem hiding this comment.
Wenn es als Service annotiert ist, muss es dann noch programmatisch registriert werden?
Bisher waren die Extractors Singletons, da sie stateless sind können wir sie request scoped machen, damit sie nicht doch mal zufällig einen shared state haben.
backend/src/main/java/com/bakdata/conquery/models/auth/develop/UserIdTokenExtractor.java
Outdated
Show resolved
Hide resolved
backend/src/main/java/com/bakdata/conquery/models/auth/web/DefaultAuthFilter.java
Outdated
Show resolved
Hide resolved
| @Inject | ||
| @Setter | ||
| private IterableProvider<TokenExtractor> tokenExtractors; |
There was a problem hiding this comment.
Noice! Setter kann weg denke ich
| public static DefaultAuthFilter asDropwizardFeature() { | ||
| final DefaultAuthFilter authFilter = | ||
| new Builder() | ||
| .setAuthenticator(new ConqueryAuthenticator()) | ||
| .setUnauthorizedHandler(new DefaultUnauthorizedHandler()) | ||
| .buildAuthFilter(); | ||
| return authFilter; | ||
| } |
There was a problem hiding this comment.
Müsen wir und auch noch mal anschauen. Das mit dem DropwizardFeature war immer irgendwie ein Umweg.
Ich weiß auch gerade nicht nicht warum es DynamicFeature in Jersey gibt, aber daher kam das glaube ich
There was a problem hiding this comment.
Habe gerade nachgeschaut, das mit dem DynamicFeature nutzen wir nicht mehr und DropwizardFeature gibt es auch nicht mehr. Die Methode kann als eigentlich umbenannt werden.
| public static void registerTokenExtractor(Class<? extends TokenExtractor> extractor, ResourceConfig config) { | ||
| config.register(extractor); | ||
| } |
There was a problem hiding this comment.
Vielleicht nicht notwendig durch Service annotation
| //TODO shouldn't this be something with NotAuthenticated? | ||
| catch (NotAuthorizedException e) { |
There was a problem hiding this comment.
Guter Punkt, aber das versammelt sich glaube ich unter der Exception
Signed-off-by: Max Thonagel <12283268+thoniTUB@users.noreply.github.com>
Signed-off-by: Max Thonagel <12283268+thoniTUB@users.noreply.github.com>
…-dependencies-4.0.6 # Conflicts: # backend/src/test/java/com/bakdata/conquery/integration/tests/ExternalFormBackendTest.java
|
@awildturtok ich habe den konflikt beseitig und hoffentlich laufen jetzt die tests durch |
Signed-off-by: Max Thonagel <12283268+thoniTUB@users.noreply.github.com>
Signed-off-by: Max Thonagel <12283268+thoniTUB@users.noreply.github.com>
Signed-off-by: Max Thonagel <12283268+thoniTUB@users.noreply.github.com>
Signed-off-by: Max Thonagel <12283268+thoniTUB@users.noreply.github.com>
…-dependencies-4.0.6
Signed-off-by: Max Thonagel <12283268+thoniTUB@users.noreply.github.com>
backend/src/main/java/com/bakdata/conquery/models/auth/web/AuthCookieFilter.java
Outdated
Show resolved
Hide resolved
backend/src/main/java/com/bakdata/conquery/models/auth/develop/DevAuthConfig.java
Show resolved
Hide resolved
backend/pom.xml
Outdated
| <dependency> | ||
| <groupId>jakarta.ws.rs</groupId> | ||
| <artifactId>jakarta.ws.rs-api</artifactId> | ||
| <version>3.1.0</version> | ||
| </dependency> |
There was a problem hiding this comment.
Das kann vielleicht raus ich probiere es mal
|
|
||
| // TODO necessary? | ||
| DefaultAuthFilter.registerTokenExtractor(JWTokenHandler.JWTokenExtractor.class, adminServlet.getJerseyConfig()); |
There was a problem hiding this comment.
Passt so wie es ist ich sortiere es noch
Signed-off-by: Max Thonagel <12283268+thoniTUB@users.noreply.github.com>
…-dependencies-4.0.6
delete-merged-branch
bot
deleted the
dependabot/maven/io.dropwizard-dropwizard-dependencies-4.0.6
branch
Bumps io.dropwizard:dropwizard-dependencies from 2.1.1 to 4.0.6.
You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)