From 3711d8d6b13561494d4ee1eadae7da7fba654aa1 Mon Sep 17 00:00:00 2001 From: Ludy Date: Thu, 22 Jan 2026 20:39:34 +0100 Subject: [PATCH] refactor(security): clean up SSO handling, harden URL parsing, and bump dependencies (#5523) # Description of Changes This PR performs a broad cleanup and refactor across the security, SSO, and dependency layers to improve correctness, maintainability, and robustness. ### What was changed - **SSO / Authentication cleanup** - Removed deprecated and ambiguous `SSO` authentication handling in favor of explicit `OAUTH2` and `SAML2`. - Introduced a centralized helper (`isSsoAuthenticationTypeByUsername`) to consistently detect SSO-backed users. - Hardened user creation logic to strictly validate authentication types and reject invalid values. - Updated OAuth2 and SAML2 authentication success handlers to use unified SSO detection logic and clearer control flow. - Adjusted tests to reflect the new canonical authentication types. - **Security & robustness improvements** - Replaced direct `new URL(...)` usage with `URI.create(...).toURL()` to avoid malformed URL edge cases. - Hardened `Referer` parsing logic to safely handle invalid or host-less URIs. - Improved string comparison patterns (`"literal".equals(x)`) to avoid potential `NullPointerException`s. - **Controller and API cleanup** - Removed large blocks of unused and legacy admin settings endpoints from `SettingsController`. - Updated OpenAPI annotations to use `requiredMode` instead of deprecated `required`. - **Dependency and build maintenance** - Updated Spring Boot from `3.5.7` to `3.5.9`. - Updated multiple dependencies (Spring Security, Jackson, Micrometer, Jetty, Hibernate, SnakeYAML, Springdoc, Swagger UI, etc.). - Synced dependency versions in `3rdPartyLicenses.json` and removed duplicate or obsolete entries. - Modernized Gradle DSL usage (`url =`, `username =`, `allowInsecureProtocol = true`). - Ensured Spotless disabling applies consistently across all subprojects. - Added `.build-cache` to `.gitignore`. ### Why the change was made - To eliminate legacy and ambiguous SSO handling that could lead to incorrect authentication decisions. - To improve security and stability when dealing with user-controlled URLs and headers. - To reduce technical debt by removing unused controllers and deprecated patterns. - To keep dependencies up to date and aligned with the current Spring Boot release. - To improve overall code clarity, consistency, and long-term maintainability. --- This pull request contains dependency updates, minor code cleanups, and some refactoring to improve maintainability and correctness. The most significant change is the removal of all admin settings endpoints (GET/POST) from the `SettingsController`, which impacts how application settings can be managed via the API. Additionally, there are dependency version bumps, minor improvements to static resource checks, and small refactors in certificate download logic and Telegram bot service. **Major API changes:** * Removed all admin settings endpoints (general, security, connections, privacy, advanced) from `SettingsController`, including both GET and POST handlers for updating and retrieving settings. This eliminates the ability to manage these settings via the API. **Dependency updates:** * Upgraded `snakeyaml-engine` from 2.10 to 3.0.1 and `springdoc-openapi-starter-webmvc-ui` from 2.8.14 to 2.8.15 in `build.gradle`. **Refactoring and bug fixes:** * Refactored static resource check in `RequestUriUtils.isStaticResource` to use constant-first string comparison for better null safety and clarity. * Updated certificate download logic in `CertificateValidationService` to use `URI.create(urlStr).toURL()` instead of `new URL(urlStr)` for improved URL parsing and error handling. [[1]](diffhunk://#diff-d2646f37bfd3e0963cbce16ab13edb52f2092795f54203b999dd82651154f26dL513-R514) [[2]](diffhunk://#diff-d2646f37bfd3e0963cbce16ab13edb52f2092795f54203b999dd82651154f26dL703-R704) * Refactored `TelegramPipelineBot` to consistently use `telegramProperties.getBotToken()` instead of `getBotToken()`, and removed the `getBotToken()` method override. [[1]](diffhunk://#diff-a2466b92f58750ea37960cd1533e3194d9ecc3b4ef5ad7b64a017ee0e636ad93L85-R85) [[2]](diffhunk://#diff-a2466b92f58750ea37960cd1533e3194d9ecc3b4ef5ad7b64a017ee0e636ad93L395-R395) [[3]](diffhunk://#diff-a2466b92f58750ea37960cd1533e3194d9ecc3b4ef5ad7b64a017ee0e636ad93L519-L523) --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### Translations (if applicable) - [ ] I ran [`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --- .gitignore | 2 +- app/common/build.gradle | 4 +- .../controller/api/SettingsController.java | 384 ------------------ .../service/CertificateValidationService.java | 5 +- .../service/telegram/TelegramPipelineBot.java | 9 +- .../resources/static/3rdPartyLicenses.json | 281 +++++++------ app/proprietary/build.gradle | 2 +- .../api/AuditDashboardController.java | 2 +- .../controller/api/UserController.java | 17 +- ...tomOAuth2AuthenticationSuccessHandler.java | 26 +- ...stomSaml2AuthenticationSuccessHandler.java | 29 +- .../security/service/UserService.java | 26 ++ .../proprietary/security/model/UserTest.java | 4 +- build.gradle | 24 +- 14 files changed, 235 insertions(+), 580 deletions(-) diff --git a/.gitignore b/.gitignore index 8a81222fe..cbd894ff0 100644 --- a/.gitignore +++ b/.gitignore @@ -213,7 +213,7 @@ id_ed25519.pub .mypy_cache .pytest_cache .ipynb_checkpoints - +.build-cache **/jcef-bundle/ diff --git a/app/common/build.gradle b/app/common/build.gradle index 25ae6707b..c2719d29f 100644 --- a/app/common/build.gradle +++ b/app/common/build.gradle @@ -41,8 +41,8 @@ dependencies { api "org.apache.pdfbox:preflight:$pdfboxVersion" api 'com.github.junrar:junrar:7.5.7' // RAR archive support for CBR files api 'jakarta.servlet:jakarta.servlet-api:6.1.0' - api 'org.snakeyaml:snakeyaml-engine:2.10' - api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.14" + api 'org.snakeyaml:snakeyaml-engine:3.0.1' + api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.15" // Simple Java Mail for EML/MSG parsing (replaces direct Angus Mail usage) api 'org.simplejavamail:simple-java-mail:8.12.6' api 'org.simplejavamail:outlook-module:8.12.6' // MSG file support diff --git a/app/core/src/main/java/stirling/software/SPDF/controller/api/SettingsController.java b/app/core/src/main/java/stirling/software/SPDF/controller/api/SettingsController.java index 33c0691a1..16f752f5d 100644 --- a/app/core/src/main/java/stirling/software/SPDF/controller/api/SettingsController.java +++ b/app/core/src/main/java/stirling/software/SPDF/controller/api/SettingsController.java @@ -1,14 +1,11 @@ package stirling.software.SPDF.controller.api; import java.io.IOException; -import java.util.HashMap; import java.util.Map; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestParam; import io.swagger.v3.oas.annotations.Hidden; @@ -52,385 +49,4 @@ public class SettingsController { public ResponseEntity> getDisabledEndpoints() { return ResponseEntity.ok(endpointConfiguration.getEndpointStatuses()); } - - // ========== GENERAL SETTINGS ========== - - @GetMapping("/admin/settings/general") - @Hidden - public ResponseEntity> getGeneralSettings() { - Map settings = new HashMap<>(); - settings.put("ui", applicationProperties.getUi()); - settings.put( - "system", - Map.of( - "defaultLocale", applicationProperties.getSystem().getDefaultLocale(), - "showUpdate", applicationProperties.getSystem().isShowUpdate(), - "showUpdateOnlyAdmin", - applicationProperties.getSystem().isShowUpdateOnlyAdmin(), - "customHTMLFiles", applicationProperties.getSystem().isCustomHTMLFiles(), - "fileUploadLimit", applicationProperties.getSystem().getFileUploadLimit())); - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/general") - @Hidden - public ResponseEntity updateGeneralSettings(@RequestBody Map settings) - throws IOException { - // Update UI settings - if (settings.containsKey("ui")) { - Map ui = (Map) settings.get("ui"); - if (ui.containsKey("appNameNavbar")) { - GeneralUtils.saveKeyToSettings("ui.appNameNavbar", ui.get("appNameNavbar")); - applicationProperties.getUi().setAppNameNavbar(ui.get("appNameNavbar")); - } - } - - // Update System settings - if (settings.containsKey("system")) { - Map system = (Map) settings.get("system"); - if (system.containsKey("defaultLocale")) { - GeneralUtils.saveKeyToSettings("system.defaultLocale", system.get("defaultLocale")); - applicationProperties - .getSystem() - .setDefaultLocale((String) system.get("defaultLocale")); - } - if (system.containsKey("showUpdate")) { - GeneralUtils.saveKeyToSettings("system.showUpdate", system.get("showUpdate")); - applicationProperties.getSystem().setShowUpdate((Boolean) system.get("showUpdate")); - } - if (system.containsKey("showUpdateOnlyAdmin")) { - GeneralUtils.saveKeyToSettings( - "system.showUpdateOnlyAdmin", system.get("showUpdateOnlyAdmin")); - applicationProperties - .getSystem() - .setShowUpdateOnlyAdmin((Boolean) system.get("showUpdateOnlyAdmin")); - } - if (system.containsKey("fileUploadLimit")) { - GeneralUtils.saveKeyToSettings( - "system.fileUploadLimit", system.get("fileUploadLimit")); - applicationProperties - .getSystem() - .setFileUploadLimit((String) system.get("fileUploadLimit")); - } - } - - return ResponseEntity.ok( - "General settings updated. Restart required for changes to take effect."); - } - - // ========== SECURITY SETTINGS ========== - - @GetMapping("/admin/settings/security") - @Hidden - public ResponseEntity> getSecuritySettings() { - Map settings = new HashMap<>(); - ApplicationProperties.Security security = applicationProperties.getSecurity(); - - settings.put("enableLogin", security.isEnableLogin()); - settings.put("loginMethod", security.getLoginMethod()); - settings.put("loginAttemptCount", security.getLoginAttemptCount()); - settings.put("loginResetTimeMinutes", security.getLoginResetTimeMinutes()); - settings.put( - "initialLogin", - Map.of( - "username", - security.getInitialLogin().getUsername() != null - ? security.getInitialLogin().getUsername() - : "")); - - // JWT settings - ApplicationProperties.Security.Jwt jwt = security.getJwt(); - settings.put( - "jwt", - Map.of( - "enableKeystore", jwt.isEnableKeystore(), - "enableKeyRotation", jwt.isEnableKeyRotation(), - "enableKeyCleanup", jwt.isEnableKeyCleanup(), - "keyRetentionDays", jwt.getKeyRetentionDays())); - - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/security") - @Hidden - public ResponseEntity updateSecuritySettings(@RequestBody Map settings) - throws IOException { - if (settings.containsKey("enableLogin")) { - GeneralUtils.saveKeyToSettings("security.enableLogin", settings.get("enableLogin")); - applicationProperties - .getSecurity() - .setEnableLogin((Boolean) settings.get("enableLogin")); - } - if (settings.containsKey("loginMethod")) { - GeneralUtils.saveKeyToSettings("security.loginMethod", settings.get("loginMethod")); - applicationProperties - .getSecurity() - .setLoginMethod((String) settings.get("loginMethod")); - } - if (settings.containsKey("loginAttemptCount")) { - GeneralUtils.saveKeyToSettings( - "security.loginAttemptCount", settings.get("loginAttemptCount")); - applicationProperties - .getSecurity() - .setLoginAttemptCount((Integer) settings.get("loginAttemptCount")); - } - if (settings.containsKey("loginResetTimeMinutes")) { - GeneralUtils.saveKeyToSettings( - "security.loginResetTimeMinutes", settings.get("loginResetTimeMinutes")); - applicationProperties - .getSecurity() - .setLoginResetTimeMinutes( - ((Number) settings.get("loginResetTimeMinutes")).longValue()); - } - - // JWT settings - if (settings.containsKey("jwt")) { - Map jwt = (Map) settings.get("jwt"); - if (jwt.containsKey("keyRetentionDays")) { - GeneralUtils.saveKeyToSettings( - "security.jwt.keyRetentionDays", jwt.get("keyRetentionDays")); - applicationProperties - .getSecurity() - .getJwt() - .setKeyRetentionDays((Integer) jwt.get("keyRetentionDays")); - } - } - - return ResponseEntity.ok( - "Security settings updated. Restart required for changes to take effect."); - } - - // ========== CONNECTIONS SETTINGS (OAuth/SAML) ========== - - @GetMapping("/admin/settings/connections") - @Hidden - public ResponseEntity> getConnectionsSettings() { - Map settings = new HashMap<>(); - ApplicationProperties.Security security = applicationProperties.getSecurity(); - - // OAuth2 settings - ApplicationProperties.Security.OAUTH2 oauth2 = security.getOauth2(); - settings.put( - "oauth2", - Map.of( - "enabled", oauth2.getEnabled(), - "issuer", oauth2.getIssuer() != null ? oauth2.getIssuer() : "", - "clientId", oauth2.getClientId() != null ? oauth2.getClientId() : "", - "provider", oauth2.getProvider() != null ? oauth2.getProvider() : "", - "autoCreateUser", oauth2.getAutoCreateUser(), - "blockRegistration", oauth2.getBlockRegistration(), - "useAsUsername", - oauth2.getUseAsUsername() != null - ? oauth2.getUseAsUsername() - : "")); - - // SAML2 settings - ApplicationProperties.Security.SAML2 saml2 = security.getSaml2(); - settings.put( - "saml2", - Map.of( - "enabled", saml2.getEnabled(), - "provider", saml2.getProvider() != null ? saml2.getProvider() : "", - "autoCreateUser", saml2.getAutoCreateUser(), - "blockRegistration", saml2.getBlockRegistration(), - "registrationId", saml2.getRegistrationId())); - - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/connections") - @Hidden - public ResponseEntity updateConnectionsSettings( - @RequestBody Map settings) throws IOException { - // OAuth2 settings - if (settings.containsKey("oauth2")) { - Map oauth2 = (Map) settings.get("oauth2"); - if (oauth2.containsKey("enabled")) { - GeneralUtils.saveKeyToSettings("security.oauth2.enabled", oauth2.get("enabled")); - applicationProperties - .getSecurity() - .getOauth2() - .setEnabled((Boolean) oauth2.get("enabled")); - } - if (oauth2.containsKey("issuer")) { - GeneralUtils.saveKeyToSettings("security.oauth2.issuer", oauth2.get("issuer")); - applicationProperties - .getSecurity() - .getOauth2() - .setIssuer((String) oauth2.get("issuer")); - } - if (oauth2.containsKey("clientId")) { - GeneralUtils.saveKeyToSettings("security.oauth2.clientId", oauth2.get("clientId")); - applicationProperties - .getSecurity() - .getOauth2() - .setClientId((String) oauth2.get("clientId")); - } - if (oauth2.containsKey("clientSecret")) { - GeneralUtils.saveKeyToSettings( - "security.oauth2.clientSecret", oauth2.get("clientSecret")); - applicationProperties - .getSecurity() - .getOauth2() - .setClientSecret((String) oauth2.get("clientSecret")); - } - if (oauth2.containsKey("provider")) { - GeneralUtils.saveKeyToSettings("security.oauth2.provider", oauth2.get("provider")); - applicationProperties - .getSecurity() - .getOauth2() - .setProvider((String) oauth2.get("provider")); - } - if (oauth2.containsKey("autoCreateUser")) { - GeneralUtils.saveKeyToSettings( - "security.oauth2.autoCreateUser", oauth2.get("autoCreateUser")); - applicationProperties - .getSecurity() - .getOauth2() - .setAutoCreateUser((Boolean) oauth2.get("autoCreateUser")); - } - if (oauth2.containsKey("blockRegistration")) { - GeneralUtils.saveKeyToSettings( - "security.oauth2.blockRegistration", oauth2.get("blockRegistration")); - applicationProperties - .getSecurity() - .getOauth2() - .setBlockRegistration((Boolean) oauth2.get("blockRegistration")); - } - if (oauth2.containsKey("useAsUsername")) { - GeneralUtils.saveKeyToSettings( - "security.oauth2.useAsUsername", oauth2.get("useAsUsername")); - applicationProperties - .getSecurity() - .getOauth2() - .setUseAsUsername((String) oauth2.get("useAsUsername")); - } - } - - // SAML2 settings - if (settings.containsKey("saml2")) { - Map saml2 = (Map) settings.get("saml2"); - if (saml2.containsKey("enabled")) { - GeneralUtils.saveKeyToSettings("security.saml2.enabled", saml2.get("enabled")); - applicationProperties - .getSecurity() - .getSaml2() - .setEnabled((Boolean) saml2.get("enabled")); - } - if (saml2.containsKey("provider")) { - GeneralUtils.saveKeyToSettings("security.saml2.provider", saml2.get("provider")); - applicationProperties - .getSecurity() - .getSaml2() - .setProvider((String) saml2.get("provider")); - } - if (saml2.containsKey("autoCreateUser")) { - GeneralUtils.saveKeyToSettings( - "security.saml2.autoCreateUser", saml2.get("autoCreateUser")); - applicationProperties - .getSecurity() - .getSaml2() - .setAutoCreateUser((Boolean) saml2.get("autoCreateUser")); - } - if (saml2.containsKey("blockRegistration")) { - GeneralUtils.saveKeyToSettings( - "security.saml2.blockRegistration", saml2.get("blockRegistration")); - applicationProperties - .getSecurity() - .getSaml2() - .setBlockRegistration((Boolean) saml2.get("blockRegistration")); - } - } - - return ResponseEntity.ok( - "Connection settings updated. Restart required for changes to take effect."); - } - - // ========== PRIVACY SETTINGS ========== - - @GetMapping("/admin/settings/privacy") - @Hidden - public ResponseEntity> getPrivacySettings() { - Map settings = new HashMap<>(); - - settings.put("enableAnalytics", applicationProperties.getSystem().getEnableAnalytics()); - settings.put("googleVisibility", applicationProperties.getSystem().isGooglevisibility()); - settings.put("metricsEnabled", applicationProperties.getMetrics().isEnabled()); - - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/privacy") - @Hidden - public ResponseEntity updatePrivacySettings(@RequestBody Map settings) - throws IOException { - if (settings.containsKey("enableAnalytics")) { - GeneralUtils.saveKeyToSettings( - "system.enableAnalytics", settings.get("enableAnalytics")); - applicationProperties - .getSystem() - .setEnableAnalytics((Boolean) settings.get("enableAnalytics")); - } - if (settings.containsKey("googleVisibility")) { - GeneralUtils.saveKeyToSettings( - "system.googlevisibility", settings.get("googleVisibility")); - applicationProperties - .getSystem() - .setGooglevisibility((Boolean) settings.get("googleVisibility")); - } - if (settings.containsKey("metricsEnabled")) { - GeneralUtils.saveKeyToSettings("metrics.enabled", settings.get("metricsEnabled")); - applicationProperties.getMetrics().setEnabled((Boolean) settings.get("metricsEnabled")); - } - - return ResponseEntity.ok( - "Privacy settings updated. Restart required for changes to take effect."); - } - - // ========== ADVANCED SETTINGS ========== - - @GetMapping("/admin/settings/advanced") - @Hidden - public ResponseEntity> getAdvancedSettings() { - Map settings = new HashMap<>(); - - settings.put("endpoints", applicationProperties.getEndpoints()); - settings.put( - "enableAlphaFunctionality", - applicationProperties.getSystem().isEnableAlphaFunctionality()); - settings.put("maxDPI", applicationProperties.getSystem().getMaxDPI()); - settings.put("enableUrlToPDF", applicationProperties.getSystem().isEnableUrlToPDF()); - settings.put("customPaths", applicationProperties.getSystem().getCustomPaths()); - settings.put( - "tempFileManagement", applicationProperties.getSystem().getTempFileManagement()); - - return ResponseEntity.ok(settings); - } - - @PostMapping("/admin/settings/advanced") - @Hidden - public ResponseEntity updateAdvancedSettings(@RequestBody Map settings) - throws IOException { - if (settings.containsKey("enableAlphaFunctionality")) { - GeneralUtils.saveKeyToSettings( - "system.enableAlphaFunctionality", settings.get("enableAlphaFunctionality")); - applicationProperties - .getSystem() - .setEnableAlphaFunctionality( - (Boolean) settings.get("enableAlphaFunctionality")); - } - if (settings.containsKey("maxDPI")) { - GeneralUtils.saveKeyToSettings("system.maxDPI", settings.get("maxDPI")); - applicationProperties.getSystem().setMaxDPI((Integer) settings.get("maxDPI")); - } - if (settings.containsKey("enableUrlToPDF")) { - GeneralUtils.saveKeyToSettings("system.enableUrlToPDF", settings.get("enableUrlToPDF")); - applicationProperties - .getSystem() - .setEnableUrlToPDF((Boolean) settings.get("enableUrlToPDF")); - } - - return ResponseEntity.ok( - "Advanced settings updated. Restart required for changes to take effect."); - } } diff --git a/app/core/src/main/java/stirling/software/SPDF/service/CertificateValidationService.java b/app/core/src/main/java/stirling/software/SPDF/service/CertificateValidationService.java index 2fe7213ca..3f02bd430 100644 --- a/app/core/src/main/java/stirling/software/SPDF/service/CertificateValidationService.java +++ b/app/core/src/main/java/stirling/software/SPDF/service/CertificateValidationService.java @@ -2,6 +2,7 @@ package stirling.software.SPDF.service; import java.io.*; import java.net.HttpURLConnection; +import java.net.URI; import java.net.URL; import java.security.GeneralSecurityException; import java.security.KeyStore; @@ -510,7 +511,7 @@ public class CertificateValidationService { private byte[] downloadTrustList(String urlStr) { HttpURLConnection conn = null; try { - URL url = new URL(urlStr); + URL url = URI.create(urlStr).toURL(); conn = (HttpURLConnection) url.openConnection(); conn.setRequestMethod("GET"); conn.setConnectTimeout(10_000); @@ -700,7 +701,7 @@ public class CertificateValidationService { private byte[] downloadXml(String urlStr) { HttpURLConnection conn = null; try { - URL url = new URL(urlStr); + URL url = URI.create(urlStr).toURL(); conn = (HttpURLConnection) url.openConnection(); conn.setRequestMethod("GET"); conn.setConnectTimeout(10_000); diff --git a/app/core/src/main/java/stirling/software/SPDF/service/telegram/TelegramPipelineBot.java b/app/core/src/main/java/stirling/software/SPDF/service/telegram/TelegramPipelineBot.java index 798f880a9..89910781b 100644 --- a/app/core/src/main/java/stirling/software/SPDF/service/telegram/TelegramPipelineBot.java +++ b/app/core/src/main/java/stirling/software/SPDF/service/telegram/TelegramPipelineBot.java @@ -82,7 +82,7 @@ public class TelegramPipelineBot extends TelegramLongPollingBot { @PostConstruct public void register() { - if (StringUtils.isAnyBlank(getBotUsername(), getBotToken())) { + if (StringUtils.isAnyBlank(getBotUsername(), this.telegramProperties.getBotToken())) { log.warn("Telegram bot disabled because botToken or botUsername is not configured"); return; } @@ -392,7 +392,7 @@ public class TelegramPipelineBot extends TelegramLongPollingBot { new URI( "https", "api.telegram.org", - "/file/bot" + getBotToken() + "/" + filePath, + "/file/bot" + this.telegramProperties.getBotToken() + "/" + filePath, null); return uri.toURL(); } catch (URISyntaxException e) { @@ -516,9 +516,4 @@ public class TelegramPipelineBot extends TelegramLongPollingBot { public String getBotUsername() { return telegramProperties.getBotUsername(); } - - @Override - public String getBotToken() { - return telegramProperties.getBotToken(); - } } diff --git a/app/core/src/main/resources/static/3rdPartyLicenses.json b/app/core/src/main/resources/static/3rdPartyLicenses.json index 0d76e0d3c..71618c28c 100644 --- a/app/core/src/main/resources/static/3rdPartyLicenses.json +++ b/app/core/src/main/resources/static/3rdPartyLicenses.json @@ -45,98 +45,98 @@ { "moduleName": "com.fasterxml.jackson.core:jackson-annotations", "moduleUrl": "https://github.com/FasterXML/jackson", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.core:jackson-core", "moduleUrl": "https://github.com/FasterXML/jackson-core", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.core:jackson-databind", "moduleUrl": "https://github.com/FasterXML/jackson", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml", "moduleUrl": "https://github.com/FasterXML/jackson-dataformats-text", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.datatype:jackson-datatype-jdk8", "moduleUrl": "https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jdk8", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.datatype:jackson-datatype-jsr310", "moduleUrl": "https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jsr310", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-base", "moduleUrl": "https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-base", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider", "moduleUrl": "https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-json-provider", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.jaxrs:jackson-jaxrs-base", "moduleUrl": "https://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-base", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider", "moduleUrl": "https://github.com/FasterXML/jackson-jaxrs-providers/jackson-jaxrs-json-provider", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations", "moduleUrl": "https://github.com/FasterXML/jackson-modules-base", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.module:jackson-module-jaxb-annotations", "moduleUrl": "https://github.com/FasterXML/jackson-modules-base", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson.module:jackson-module-parameter-names", "moduleUrl": "https://github.com/FasterXML/jackson-modules-java8/jackson-module-parameter-names", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "com.fasterxml.jackson:jackson-bom", "moduleUrl": "https://github.com/FasterXML/jackson-bom", - "moduleVersion": "2.19.2", + "moduleVersion": "2.19.4", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -170,7 +170,7 @@ { "moduleName": "com.github.ben-manes.caffeine:caffeine", "moduleUrl": "https://github.com/ben-manes/caffeine", - "moduleVersion": "3.2.2", + "moduleVersion": "3.2.3", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -210,7 +210,7 @@ { "moduleName": "com.google.errorprone:error_prone_annotations", "moduleUrl": "https://errorprone.info/error_prone_annotations", - "moduleVersion": "2.40.0", + "moduleVersion": "2.43.0", "moduleLicense": "Apache 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -670,14 +670,14 @@ { "moduleName": "io.micrometer:micrometer-commons", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "io.micrometer:micrometer-core", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -691,21 +691,21 @@ { "moduleName": "io.micrometer:micrometer-jakarta9", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "io.micrometer:micrometer-observation", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "io.micrometer:micrometer-registry-prometheus", "moduleUrl": "https://github.com/micrometer-metrics/micrometer", - "moduleVersion": "1.15.5", + "moduleVersion": "1.15.7", "moduleLicense": "The Apache Software License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -751,13 +751,6 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, - { - "moduleName": "io.swagger.core.v3:swagger-annotations-jakarta", - "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-annotations", - "moduleVersion": "2.2.38", - "moduleLicense": "Apache License, Version 2.0", - "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" - }, { "moduleName": "io.swagger.core.v3:swagger-annotations-jakarta", "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-annotations", @@ -765,13 +758,6 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, - { - "moduleName": "io.swagger.core.v3:swagger-core-jakarta", - "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-core", - "moduleVersion": "2.2.38", - "moduleLicense": "Apache License, Version 2.0", - "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" - }, { "moduleName": "io.swagger.core.v3:swagger-core-jakarta", "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-core", @@ -779,13 +765,6 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, - { - "moduleName": "io.swagger.core.v3:swagger-models-jakarta", - "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-models", - "moduleVersion": "2.2.38", - "moduleLicense": "Apache License, Version 2.0", - "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" - }, { "moduleName": "io.swagger.core.v3:swagger-models-jakarta", "moduleUrl": "https://github.com/swagger-api/swagger-core/modules/swagger-models", @@ -1113,7 +1092,7 @@ { "moduleName": "org.apache.tomcat.embed:tomcat-embed-el", "moduleUrl": "https://tomcat.apache.org/", - "moduleVersion": "10.1.48", + "moduleVersion": "10.1.50", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -1140,7 +1119,7 @@ { "moduleName": "org.aspectj:aspectjweaver", "moduleUrl": "https://www.eclipse.org/aspectj/", - "moduleVersion": "1.9.24", + "moduleVersion": "1.9.25.1", "moduleLicense": "Eclipse Public License - v 2.0", "moduleLicenseUrl": "https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.txt" }, @@ -1229,183 +1208,183 @@ { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jakarta-client", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jakarta-common", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jakarta-server", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-jetty-server", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10.websocket:jetty-ee10-websocket-servlet", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-annotations", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-plus", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-servlet", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-servlets", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.ee10:jetty-ee10-webapp", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-core-client", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-core-common", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-core-server", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-jetty-api", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty.websocket:jetty-websocket-jetty-common", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-alpn-client", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-client", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-ee", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-http", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-io", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-plus", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-security", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-server", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-session", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-util", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { "moduleName": "org.eclipse.jetty:jetty-xml", "moduleUrl": "https://jetty.org/", - "moduleVersion": "12.0.29", - "moduleLicense": "Eclipse Public License - Version 2.0", + "moduleVersion": "12.0.31", + "moduleLicense": "EPL-2.0", "moduleLicenseUrl": "https://www.eclipse.org/legal/epl-2.0/" }, { @@ -1551,7 +1530,7 @@ { "moduleName": "org.hibernate.orm:hibernate-core", "moduleUrl": "https://www.hibernate.org/orm/6.6", - "moduleVersion": "6.6.33.Final", + "moduleVersion": "6.6.39.Final", "moduleLicense": "GNU Library General Public License v2.1 or later", "moduleLicenseUrl": "https://www.opensource.org/licenses/LGPL-2.1" }, @@ -1783,179 +1762,179 @@ { "moduleName": "org.snakeyaml:snakeyaml-engine", "moduleUrl": "https://bitbucket.org/snakeyaml/snakeyaml-engine", - "moduleVersion": "2.10", + "moduleVersion": "3.0.1", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "org.springdoc:springdoc-openapi-starter-common", - "moduleVersion": "2.8.14", + "moduleVersion": "2.8.15", "moduleLicense": "The Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "org.springdoc:springdoc-openapi-starter-webmvc-api", - "moduleVersion": "2.8.14", + "moduleVersion": "2.8.15", "moduleLicense": "The Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "org.springdoc:springdoc-openapi-starter-webmvc-ui", - "moduleVersion": "2.8.14", + "moduleVersion": "2.8.15", "moduleLicense": "The Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0.txt" }, { "moduleName": "org.springframework.boot:spring-boot", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-actuator", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-actuator-autoconfigure", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-autoconfigure", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-devtools", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-actuator", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-aop", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-cache", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-data-jpa", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-jdbc", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-jetty", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-json", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-logging", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-mail", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-oauth2-client", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-security", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-validation", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.boot:spring-boot-starter-web", "moduleUrl": "https://spring.io/projects/spring-boot", - "moduleVersion": "3.5.7", + "moduleVersion": "3.5.9", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.data:spring-data-commons", "moduleUrl": "https://spring.io/projects/spring-data", - "moduleVersion": "3.5.5", + "moduleVersion": "3.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.data:spring-data-jpa", "moduleUrl": "https://projects.spring.io/spring-data-jpa", - "moduleVersion": "3.5.5", + "moduleVersion": "3.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.security:spring-security-config", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, @@ -1966,31 +1945,38 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, + { + "moduleName": "org.springframework.security:spring-security-core", + "moduleUrl": "https://spring.io/projects/spring-security", + "moduleVersion": "6.5.7", + "moduleLicense": "Apache License, Version 2.0", + "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" + }, { "moduleName": "org.springframework.security:spring-security-crypto", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.security:spring-security-oauth2-client", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.security:spring-security-oauth2-core", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.security:spring-security-oauth2-jose", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, @@ -2001,108 +1987,115 @@ "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, + { + "moduleName": "org.springframework.security:spring-security-saml2-service-provider", + "moduleUrl": "https://spring.io/projects/spring-security", + "moduleVersion": "6.5.7", + "moduleLicense": "Apache License, Version 2.0", + "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" + }, { "moduleName": "org.springframework.security:spring-security-web", "moduleUrl": "https://spring.io/projects/spring-security", - "moduleVersion": "6.5.6", + "moduleVersion": "6.5.7", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework.session:spring-session-core", "moduleUrl": "https://spring.io/projects/spring-session", - "moduleVersion": "3.5.3", + "moduleVersion": "3.5.4", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-aop", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-aspects", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-beans", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-context", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-context-support", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-core", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-expression", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-jcl", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-jdbc", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-orm", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-tx", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-web", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, { "moduleName": "org.springframework:spring-webmvc", "moduleUrl": "https://github.com/spring-projects/spring-framework", - "moduleVersion": "6.2.12", + "moduleVersion": "6.2.15", "moduleLicense": "Apache License, Version 2.0", "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0" }, @@ -2166,7 +2159,7 @@ { "moduleName": "org.webjars:swagger-ui", "moduleUrl": "https://www.webjars.org", - "moduleVersion": "5.30.1", + "moduleVersion": "5.31.0", "moduleLicense": "Apache-2.0" }, { @@ -2205,4 +2198,4 @@ "moduleLicenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.txt" } ] -} \ No newline at end of file +} diff --git a/app/proprietary/build.gradle b/app/proprietary/build.gradle index f6bb668c1..29a419d67 100644 --- a/app/proprietary/build.gradle +++ b/app/proprietary/build.gradle @@ -1,5 +1,5 @@ repositories { - maven { url "https://build.shibboleth.net/maven/releases" } + maven { url = "https://build.shibboleth.net/maven/releases" } } ext { diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/controller/api/AuditDashboardController.java b/app/proprietary/src/main/java/stirling/software/proprietary/controller/api/AuditDashboardController.java index 16f860e96..a37d7f7a7 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/controller/api/AuditDashboardController.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/controller/api/AuditDashboardController.java @@ -119,7 +119,7 @@ public class AuditDashboardController { @Schema( description = "Number of days to look back for audit events", example = "7", - required = true) + requiredMode = Schema.RequiredMode.REQUIRED) @RequestParam(value = "days", defaultValue = "7") int days) { diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java index 9ffdeef1e..b4dff413d 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java @@ -5,6 +5,7 @@ import java.security.Principal; import java.sql.SQLException; import java.util.HashMap; import java.util.List; +import java.util.Locale; import java.util.Map; import java.util.Optional; import java.util.UUID; @@ -390,9 +391,19 @@ public class UserController { } } - if (authType.equalsIgnoreCase(AuthenticationType.SSO.toString())) { - userService.saveUser(username, AuthenticationType.SSO, effectiveTeamId, role); + AuthenticationType requestedAuthType; + if ("SSO".equalsIgnoreCase(authType)) { + requestedAuthType = AuthenticationType.OAUTH2; } else { + try { + requestedAuthType = AuthenticationType.valueOf(authType.toUpperCase(Locale.ROOT)); + } catch (IllegalArgumentException e) { + return ResponseEntity.status(HttpStatus.BAD_REQUEST) + .body(Map.of("error", "Invalid authentication type specified.")); + } + } + + if (requestedAuthType == AuthenticationType.WEB) { if (password == null || password.isBlank()) { return ResponseEntity.status(HttpStatus.BAD_REQUEST) .body(Map.of("error", "Password is required.")); @@ -402,6 +413,8 @@ public class UserController { .body(Map.of("error", "Password must be at least 6 characters.")); } userService.saveUser(username, password, effectiveTeamId, role, forceChange); + } else { + userService.saveUser(username, requestedAuthType, effectiveTeamId, role); } return ResponseEntity.ok(Map.of("message", "User created successfully")); } diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java index 36975dc84..08332dd4b 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java @@ -1,9 +1,9 @@ package stirling.software.proprietary.security.oauth2; import static stirling.software.proprietary.security.model.AuthenticationType.OAUTH2; -import static stirling.software.proprietary.security.model.AuthenticationType.SSO; import java.io.IOException; +import java.net.URI; import java.sql.SQLException; import java.util.Map; import java.util.Optional; @@ -114,10 +114,10 @@ public class CustomOAuth2AuthenticationSuccessHandler .sendRedirect(request, response, "/logout?userIsDisabled=true"); return; } + boolean isSsoUser = userService.isSsoAuthenticationTypeByUsername(username); if (userExists && userService.hasPassword(username) - && (!userService.isAuthenticationTypeByUsername(username, SSO) - || !userService.isAuthenticationTypeByUsername(username, OAUTH2)) + && !isSsoUser && oauth2Properties.getAutoCreateUser()) { response.sendRedirect(contextPath + "/logout?oAuth2AuthenticationErrorWeb=true"); return; @@ -259,19 +259,23 @@ public class CustomOAuth2AuthenticationSuccessHandler String referer = request.getHeader("Referer"); if (referer != null && !referer.isEmpty()) { try { - java.net.URL refererUrl = new java.net.URL(referer); - String refererHost = refererUrl.getHost().toLowerCase(); + URI refererUri = URI.create(referer); + String host = refererUri.getHost(); + if (host == null) { + return Optional.empty(); + } + + String refererHost = host.toLowerCase(); if (!isOAuthProviderDomain(refererHost)) { - String origin = refererUrl.getProtocol() + "://" + refererUrl.getHost(); - if (refererUrl.getPort() != -1 - && refererUrl.getPort() != 80 - && refererUrl.getPort() != 443) { - origin += ":" + refererUrl.getPort(); + String origin = refererUri.getScheme() + "://" + host; + int port = refererUri.getPort(); + if (port != -1 && port != 80 && port != 443) { + origin += ":" + port; } return Optional.of(origin); } - } catch (java.net.MalformedURLException e) { + } catch (IllegalArgumentException e) { // ignore and fall back } } diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java index 3c63f1bf4..5f2ce254f 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java @@ -1,9 +1,9 @@ package stirling.software.proprietary.security.saml2; import static stirling.software.proprietary.security.model.AuthenticationType.SAML2; -import static stirling.software.proprietary.security.model.AuthenticationType.SSO; import java.io.IOException; +import java.net.URI; import java.net.URLDecoder; import java.nio.charset.StandardCharsets; import java.sql.SQLException; @@ -126,8 +126,8 @@ public class CustomSaml2AuthenticationSuccessHandler } boolean hasPassword = userExists && userService.hasPassword(username); - boolean isSSOUser = - userExists && userService.isAuthenticationTypeByUsername(username, SSO); + boolean isSsoUser = + userExists && userService.isSsoAuthenticationTypeByUsername(username); boolean isSAML2User = userExists && userService.isAuthenticationTypeByUsername(username, SAML2); @@ -135,15 +135,15 @@ public class CustomSaml2AuthenticationSuccessHandler "User status - Exists: {}, Has password: {}, Is SSO user: {}, Is SAML2 user: {}", userExists, hasPassword, - isSSOUser, + isSsoUser, isSAML2User); if (userExists && hasPassword - && (!isSSOUser || !isSAML2User) + && !isSsoUser && saml2Properties.getAutoCreateUser()) { log.debug( - "User {} exists with password but is not SSO user, redirecting to logout", + "User {} exists with password but is not an SSO user, redirecting to logout", username); String origin = resolveOrigin(request); response.sendRedirect(origin + "/logout?oAuth2AuthenticationErrorWeb=true"); @@ -318,15 +318,18 @@ public class CustomSaml2AuthenticationSuccessHandler String referer = request.getHeader("Referer"); if (referer != null && !referer.isEmpty()) { try { - java.net.URL refererUrl = new java.net.URL(referer); - String origin = refererUrl.getProtocol() + "://" + refererUrl.getHost(); - if (refererUrl.getPort() != -1 - && refererUrl.getPort() != 80 - && refererUrl.getPort() != 443) { - origin += ":" + refererUrl.getPort(); + URI refererUri = URI.create(referer); + String host = refererUri.getHost(); + if (host == null) { + return Optional.empty(); + } + String origin = refererUri.getScheme() + "://" + host; + int port = refererUri.getPort(); + if (port != -1 && port != 80 && port != 443) { + origin += ":" + port; } return Optional.of(origin); - } catch (java.net.MalformedURLException e) { + } catch (IllegalArgumentException e) { log.debug( "Malformed referer URL: {}, falling back to request-based origin", referer); } diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/service/UserService.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/service/UserService.java index fa9a80494..59a19c1e7 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/service/UserService.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/service/UserService.java @@ -600,6 +600,32 @@ public class UserService implements UserServiceInterface { return user.isPresent() && user.get().hasPassword(); } + public boolean isSsoAuthenticationTypeByUsername(String username) { + Optional user = findByUsernameIgnoreCase(username); + if (user.isEmpty()) { + return false; + } + + String authType = user.get().getAuthenticationType(); + if (authType == null) { + return false; + } + + try { + AuthenticationType authenticationType = + AuthenticationType.valueOf(authType.toUpperCase(Locale.ROOT)); + if (authenticationType == AuthenticationType.OAUTH2 + || authenticationType == AuthenticationType.SAML2) { + return true; + } + } catch (IllegalArgumentException ignored) { + // Fall through to legacy string comparison below + } + + // Backward compatibility for legacy "SSO" value without relying on the deprecated enum + return "SSO".equalsIgnoreCase(authType); + } + public boolean isAuthenticationTypeByUsername( String username, AuthenticationType authenticationType) { Optional user = findByUsernameIgnoreCase(username); diff --git a/app/proprietary/src/test/java/stirling/software/proprietary/security/model/UserTest.java b/app/proprietary/src/test/java/stirling/software/proprietary/security/model/UserTest.java index 10ea9be32..f09ae344d 100644 --- a/app/proprietary/src/test/java/stirling/software/proprietary/security/model/UserTest.java +++ b/app/proprietary/src/test/java/stirling/software/proprietary/security/model/UserTest.java @@ -113,10 +113,10 @@ class UserTest { // Use an existing value from your AuthenticationType enum (e.g. OAUTH2/SAML2/DATABASE) // If the name differs, simply adjust below. - AuthenticationType at = AuthenticationType.SSO; + AuthenticationType at = AuthenticationType.OAUTH2; u.setAuthenticationType(at); - assertEquals("sso", u.getAuthenticationType()); + assertEquals("oauth2", u.getAuthenticationType()); } @Test diff --git a/build.gradle b/build.gradle index c6bf2746b..5f44fcd5d 100644 --- a/build.gradle +++ b/build.gradle @@ -2,7 +2,7 @@ plugins { id "java" id "jacoco" id "io.spring.dependency-management" version "1.1.7" - id "org.springframework.boot" version "3.5.7" + id "org.springframework.boot" version "3.5.9" id "org.springdoc.openapi-gradle-plugin" version "1.9.0" id "io.swagger.swaggerhub" version "1.3.2" id "com.diffplug.spotless" version "8.1.0" @@ -18,7 +18,7 @@ import groovy.xml.XmlSlurper import org.gradle.api.tasks.testing.Test ext { - springBootVersion = "3.5.7" + springBootVersion = "3.5.9" pdfboxVersion = "3.0.6" imageioVersion = "3.13.0" lombokVersion = "1.18.42" @@ -102,12 +102,14 @@ def updateSimulationVersion(File fileToUpdate, String version) { writeIfChanged(fileToUpdate, updatedContent) } +def rootProjectRef = project + tasks.register('syncAppVersion') { group = 'versioning' description = 'Synchronizes app version across desktop and simulation configs.' doLast { - def appVersion = project.version.toString() + def appVersion = rootProjectRef.version.toString() println "Synchronizing application version to ${appVersion}" updateTauriConfigVersion(appVersion) @@ -149,18 +151,18 @@ subprojects { repositories { if (!rootProject.ext.mavenUrl.isEmpty()) { maven { - url rootProject.ext.mavenUrl + '/releases' + url = rootProject.ext.mavenUrl + '/releases' credentials(PasswordCredentials) { - username rootProject.ext.username - password rootProject.ext.password + username = rootProject.ext.username + password = rootProject.ext.password } authentication { basic(BasicAuthentication) } - allowInsecureProtocol true + allowInsecureProtocol = true } } - maven { url "https://build.shibboleth.net/maven/releases" } + maven { url = "https://build.shibboleth.net/maven/releases" } mavenCentral() } @@ -397,8 +399,10 @@ tasks.withType(JavaCompile).configureEach { gradle.taskGraph.whenReady { graph -> if (project.hasProperty("noSpotless")) { - tasks.matching { it.name.startsWith("spotless") }.configureEach { - enabled = false + allprojects { scopedProject -> + scopedProject.tasks.matching { it.name.startsWith("spotless") }.configureEach { + enabled = false + } } } }