diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 4fc1eed..241f324 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -1,4 +1,4 @@ -name: JUnit Tests +name: JUnit Tests on: pull_request: push: @@ -9,12 +9,12 @@ jobs: # runs-on: gradle:7.5.1-jdk8 services: postgres: - image: postgres:12.15 + image: postgres:15 env: POSTGRES_USER: certdb POSTGRES_PASSWORD: certdb POSTGRES_DB: certdb_test - ports: + ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 @@ -25,6 +25,6 @@ jobs: uses: dorny/test-reporter@v1 if: success() || failure() # run this step even if previous step failed with: - name: JUnit Tests + name: JUnit Tests path: 'build/test-results/test/TEST-*.xml' - reporter: java-junit \ No newline at end of file + reporter: java-junit diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 74ba496..558df4b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,5 +1,5 @@ default: - image: gradle:8.6-jdk11 + image: gradle:8.7-jdk17 # Explicit version of the Mergerequests-Pipelines workflow, with the main branch # added. @@ -67,6 +67,7 @@ build: - ./gradlew -i build integrationTest - cat build/reports/jacoco/test/html/index.html artifacts: + when: always paths: - build - scripts/* diff --git a/build.gradle b/build.gradle index a93eb97..5fbea8d 100644 --- a/build.gradle +++ b/build.gradle @@ -1,9 +1,9 @@ plugins { id 'rpki-ripe-ncc.build-conventions' - id 'org.springframework.boot' version '2.7.18' + id 'org.springframework.boot' version "3.2.4" id 'distribution' id 'jacoco' - id "com.google.cloud.tools.jib" version "3.3.2" + id "com.google.cloud.tools.jib" version "3.4.2" id "com.google.osdetector" version "1.7.3" } @@ -41,8 +41,8 @@ dependencies { } implementation 'org.flywaydb:flyway-core' - implementation "org.thymeleaf:thymeleaf:3.1.1.RELEASE" - implementation "org.thymeleaf:thymeleaf-spring5:3.1.1.RELEASE" + implementation "org.thymeleaf:thymeleaf:3.1.2.RELEASE" + implementation "org.thymeleaf:thymeleaf-spring6:3.1.2.RELEASE" implementation platform('io.sentry:sentry-bom:6.34.0') implementation 'io.sentry:sentry-spring-boot-starter' @@ -50,21 +50,20 @@ dependencies { implementation "net.ripe.rpki:rpki-commons:$rpki_commons_version" - implementation 'org.springdoc:springdoc-openapi-ui:1.7.0' + implementation 'org.springdoc:springdoc-openapi-ui:1.8.0' runtimeOnly 'io.micrometer:micrometer-registry-prometheus' - implementation 'org.postgresql:postgresql:42.7.2' + implementation 'org.postgresql:postgresql:42.7.3' runtimeOnly 'org.springframework.boot:spring-boot-starter-tomcat' implementation 'com.google.code.gson:gson:2.10.1' implementation 'com.jamesmurty.utils:java-xmlbuilder:1.3' implementation 'commons-codec:commons-codec:1.16.1' - implementation 'commons-io:commons-io:2.15.1' + implementation 'commons-io:commons-io:2.16.1' implementation 'ch.qos.logback.contrib:logback-json-classic:0.1.5' implementation 'ch.qos.logback.contrib:logback-jackson:0.1.5' implementation 'net.logstash.logback:logstash-logback-encoder:7.3' implementation 'commons-lang:commons-lang:2.6' - implementation 'org.apache.commons:commons-text:1.10.0' testImplementation('org.springframework.boot:spring-boot-starter-test') { exclude group: 'org.junit.vintage', module: 'junit-vintage-engine' @@ -73,8 +72,8 @@ dependencies { exclude group: 'org.hamcrest', module: 'hamcrest-core' } - testImplementation 'com.github.tomakehurst:wiremock-jre8:2.35.0' - testImplementation 'net.jqwik:jqwik:1.8.3' + testImplementation "org.wiremock:wiremock-jetty12:3.5.2" + testImplementation 'net.jqwik:jqwik:1.8.4' testImplementation "net.ripe.rpki:rpki-commons:$rpki_commons_version:tests" testImplementation 'org.assertj:assertj-core' @@ -87,12 +86,6 @@ dependencies { } -java { - toolchain { - languageVersion = JavaLanguageVersion.of(11) - } -} - sourceSets { integration { java.srcDir 'src/integration/java' @@ -151,7 +144,7 @@ distributions { jib { from { - image = "openjdk:11-jdk-slim" + image = "openjdk:17-jdk-slim" } to { image = "docker-registry.ripe.net/rpki/rpki-ripe-ncc" diff --git a/buildSrc/src/main/groovy/rpki-ripe-ncc.build-conventions.gradle b/buildSrc/src/main/groovy/rpki-ripe-ncc.build-conventions.gradle index dd43574..5f88a66 100644 --- a/buildSrc/src/main/groovy/rpki-ripe-ncc.build-conventions.gradle +++ b/buildSrc/src/main/groovy/rpki-ripe-ncc.build-conventions.gradle @@ -35,11 +35,14 @@ repositories { maven { url = uri('https://maven.nexus.ripe.net/repository/maven-third-party') } + maven { + url = uri('https://maven.nexus.ripe.net/repository/maven-third-party-snapshots') + } } java { toolchain { - languageVersion = JavaLanguageVersion.of(11) + languageVersion = JavaLanguageVersion.of(17) } } diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar index d64cd49..e644113 100644 Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index a80b22c..b82aa23 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.6-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/hsm/build.gradle b/hsm/build.gradle index a04c869..1a760c7 100644 --- a/hsm/build.gradle +++ b/hsm/build.gradle @@ -31,7 +31,8 @@ dependencies { } } thalesImplementation "net.ripe.rpki:rpki-commons:$rpki_commons_version" - thalesImplementation 'com.thales.esecurity.asg.ripe.db-jceprovider:DBProvider:1.4' + // 2024-4-16: Test DBProvider snapshot provided by Entrust + thalesImplementation 'com.thales.esecurity.asg.ripe.db-jceprovider:DBProvider:1.6-SNAPSHOT' // **When using JDK 11** make sure the matching version of nCipherKM is on classpath because DBProvider depends on it. thalesImplementation 'com.ncipher.nfast:nCipherKM:13.4.5' diff --git a/src/integration/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBeanIT.java b/src/integration/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBeanIT.java index b619bf4..a9a554a 100644 --- a/src/integration/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBeanIT.java +++ b/src/integration/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBeanIT.java @@ -14,7 +14,7 @@ import org.springframework.core.io.Resource; import org.springframework.test.context.ActiveProfiles; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.nio.charset.StandardCharsets; import java.util.Set; import java.util.UUID; diff --git a/src/integration/java/net/ripe/rpki/ripencc/services/impl/RestCustomerServiceClientIT.java b/src/integration/java/net/ripe/rpki/ripencc/services/impl/RestCustomerServiceClientIT.java index 0d4f74b..abeed8e 100644 --- a/src/integration/java/net/ripe/rpki/ripencc/services/impl/RestCustomerServiceClientIT.java +++ b/src/integration/java/net/ripe/rpki/ripencc/services/impl/RestCustomerServiceClientIT.java @@ -8,9 +8,9 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.context.ActiveProfiles; -import javax.inject.Inject; -import javax.ws.rs.ProcessingException; -import javax.ws.rs.core.Response; +import jakarta.inject.Inject; +import jakarta.ws.rs.ProcessingException; +import jakarta.ws.rs.core.Response; import java.util.List; import static org.junit.Assert.assertFalse; diff --git a/src/integration/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClientIT.java b/src/integration/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClientIT.java index 0a7c66c..0a85123 100644 --- a/src/integration/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClientIT.java +++ b/src/integration/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClientIT.java @@ -11,9 +11,9 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.context.ActiveProfiles; -import javax.inject.Inject; -import javax.ws.rs.ProcessingException; -import javax.ws.rs.core.Response; +import jakarta.inject.Inject; +import jakarta.ws.rs.ProcessingException; +import jakarta.ws.rs.core.Response; import java.util.Map; import static org.assertj.core.api.Assertions.assertThat; diff --git a/src/integration/java/net/ripe/rpki/util/ActuatorMetricsIT.java b/src/integration/java/net/ripe/rpki/util/ActuatorMetricsIT.java index 937b657..0f73611 100644 --- a/src/integration/java/net/ripe/rpki/util/ActuatorMetricsIT.java +++ b/src/integration/java/net/ripe/rpki/util/ActuatorMetricsIT.java @@ -4,16 +4,18 @@ import net.ripe.rpki.TestRpkiBootApplication; import net.ripe.rpki.rest.service.Rest; import net.ripe.rpki.server.api.services.system.ActiveNodeService; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.autoconfigure.actuate.metrics.AutoConfigureMetrics; +import org.springframework.boot.test.autoconfigure.actuate.observability.AutoConfigureObservability; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.context.annotation.ComponentScan; import org.springframework.http.MediaType; import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit.jupiter.SpringExtension; import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.web.servlet.MockMvc; @@ -23,9 +25,9 @@ @TestPropertySource(properties = {"management.port="}) @ComponentScan(value = "net.ripe.rpki", lazyInit = false) @ActiveProfiles("test") -@RunWith(SpringRunner.class) +@ExtendWith(SpringExtension.class) @AutoConfigureMockMvc -@AutoConfigureMetrics +@AutoConfigureObservability @SpringBootTest(classes = TestRpkiBootApplication.class, properties = "instance.name=unittest.local") /** * Validate that the metrics can be loaded. diff --git a/src/main/dist/rpki-ripe-ncc.sh b/src/main/dist/rpki-ripe-ncc.sh index 0101529..374222a 100755 --- a/src/main/dist/rpki-ripe-ncc.sh +++ b/src/main/dist/rpki-ripe-ncc.sh @@ -5,7 +5,7 @@ # APPLICATION_ENVIRONMENT=prepdev rpki-ripe-ncc.sh # -JAVA_HOME=${JAVA_HOME:-"/usr/lib/jvm/jre-11-openjdk"} +JAVA_HOME=${JAVA_HOME:-"/usr/lib/jvm/jre-17-openjdk"} LANG=${LANG:-"en_US.UTF-8"} cd "$(dirname "$0")" || exit 1 diff --git a/src/main/java/net/ripe/rpki/application/impl/CommandAuditServiceBean.java b/src/main/java/net/ripe/rpki/application/impl/CommandAuditServiceBean.java index bffa632..69b7fca 100644 --- a/src/main/java/net/ripe/rpki/application/impl/CommandAuditServiceBean.java +++ b/src/main/java/net/ripe/rpki/application/impl/CommandAuditServiceBean.java @@ -15,9 +15,9 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; -import javax.persistence.EntityManager; -import javax.persistence.PersistenceContext; -import javax.persistence.Query; +import jakarta.persistence.EntityManager; +import jakarta.persistence.PersistenceContext; +import jakarta.persistence.Query; import javax.security.auth.x500.X500Principal; import java.util.List; import java.util.Map; @@ -59,7 +59,7 @@ public List findMostRecentCommandsForCa(long caId) { } private List convertToData(List commandAuditList) { - return commandAuditList.stream().map(CommandAudit::toData).collect(Collectors.toList()); + return commandAuditList.stream().map(CommandAudit::toData).toList(); } @SuppressWarnings("unchecked") @@ -79,8 +79,7 @@ public CommandContext startRecording(CertificateAuthorityCommand command) { VersionedId caVersionedId; X500Principal caName; UUID caUuid; - if (command instanceof CertificateAuthorityCreationCommand) { - CertificateAuthorityCreationCommand activationCommand = (CertificateAuthorityCreationCommand) command; + if (command instanceof CertificateAuthorityCreationCommand activationCommand) { caVersionedId = activationCommand.getCertificateAuthorityVersionedId(); caName = activationCommand.getName(); caUuid = activationCommand.getUuid(); @@ -104,7 +103,7 @@ public void finishRecording(CommandContext context) { CommandAudit commandAudit = context.getCommandAudit(); CertificateAuthorityCommand command = context.getCommand(); - List events = context.getRecordedEvents().stream().map(Object::toString).collect(Collectors.toList()); + List events = context.getRecordedEvents().stream().map(Object::toString).toList(); String commandEvents = events.stream().collect(Collectors.joining("\n ", "\n ", "")); log.info( diff --git a/src/main/java/net/ripe/rpki/bgpris/BgpRisEntryRepositoryBean.java b/src/main/java/net/ripe/rpki/bgpris/BgpRisEntryRepositoryBean.java index e0ea09e..2dfd07b 100644 --- a/src/main/java/net/ripe/rpki/bgpris/BgpRisEntryRepositoryBean.java +++ b/src/main/java/net/ripe/rpki/bgpris/BgpRisEntryRepositoryBean.java @@ -29,7 +29,7 @@ public class BgpRisEntryRepositoryBean implements BgpRisEntryViewService { /* * All BgpRisEntries that have enough visibility. */ - private AtomicReference>> entries = new AtomicReference<>(emptyEntries()); + private final AtomicReference>> entries = new AtomicReference<>(emptyEntries()); @Override public boolean isEmpty() { @@ -43,9 +43,8 @@ public Collection findMostSpecificOverlapping(ImmutableResourceSet Collection result = new HashSet<>(); for (IpRange prefix : getPrefixes(resources)) { final List exactAndMoreSpecific = current.findExactAndAllMoreSpecific(prefix) - .stream() - .flatMap(Collection::stream) - .collect(Collectors.toList()); + .stream() + .flatMap(Collection::stream).toList(); result.addAll(exactAndMoreSpecific); final ImmutableResourceSet remaining = findResourcesNotCovered(prefix, exactAndMoreSpecific); @@ -62,9 +61,8 @@ public Map> findMostSpecificContainedAndNotCont Collection notContainedEntries = new HashSet<>(); for (IpRange prefix : getPrefixes(resources)) { final List exactAndMoreSpecific = current.findExactAndAllMoreSpecific(prefix) - .stream() - .flatMap(Collection::stream) - .collect(Collectors.toList()); + .stream() + .flatMap(Collection::stream).toList(); containedEntries.addAll(exactAndMoreSpecific); final ImmutableResourceSet remaining = findResourcesNotCovered(prefix, exactAndMoreSpecific); addLessSpecificAnnouncements(current, notContainedEntries, remaining); @@ -133,8 +131,7 @@ private boolean isLargePrefixes(IpRange prefix) { private static List getPrefixes(final ImmutableResourceSet resources) { List result = new ArrayList<>(); for (IpResource resource : resources) { - if (resource instanceof IpRange) { - IpRange range = (IpRange) resource; + if (resource instanceof IpRange range) { result.addAll(range.splitToPrefixes()); } else if (resource instanceof IpAddress) { result.add(IpRange.range((IpAddress) resource, (IpAddress) resource)); diff --git a/src/main/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceImpl.java b/src/main/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceImpl.java index 0ec3721..075e852 100644 --- a/src/main/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceImpl.java +++ b/src/main/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceImpl.java @@ -12,11 +12,11 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -import javax.inject.Inject; -import javax.persistence.EntityManager; -import javax.persistence.EntityNotFoundException; -import javax.persistence.LockModeType; -import javax.persistence.TypedQuery; +import jakarta.inject.Inject; +import jakarta.persistence.EntityManager; +import jakarta.persistence.EntityNotFoundException; +import jakarta.persistence.LockModeType; +import jakarta.persistence.TypedQuery; import javax.security.auth.x500.X500Principal; import java.util.*; import java.util.stream.Collectors; @@ -76,11 +76,11 @@ public CertificateAuthorityData findCertificateAuthority(Long caId) { @Override public Collection findAllChildrenForCa(X500Principal caName) { CertificateAuthority parent = certificateAuthorityRepository.findByTypeAndName(CertificateAuthority.class, caName); - return parent instanceof ParentCertificateAuthority - ? certificateAuthorityRepository.findAllByParent((ParentCertificateAuthority) parent).stream() - .map(this::convertToCaData) - .collect(Collectors.toList()) - : Collections.emptyList(); + if (parent instanceof ParentCertificateAuthority parentCa) { + return certificateAuthorityRepository.findAllByParent(parentCa) + .stream().map(this::convertToCaData).toList(); + } + return List.of(); } @Override @@ -91,14 +91,13 @@ public Optional findSmallestIntermediateCa(X500Princip @Override public Collection findManagedCasEligibleForKeyRevocation() { return entityManager.createQuery( - "FROM ManagedCertificateAuthority ca " + - "WHERE EXISTS (FROM ca.keyPairs kp WHERE kp.status = :old)", - ManagedCertificateAuthority.class - ) - .setParameter("old", KeyPairStatus.OLD) - .getResultStream() - .map(ManagedCertificateAuthority::toData) - .collect(Collectors.toList()); + "FROM ManagedCertificateAuthority ca " + + "WHERE EXISTS (FROM ca.keyPairs kp WHERE kp.status = :old)", + ManagedCertificateAuthority.class + ) + .setParameter("old", KeyPairStatus.OLD) + .getResultStream() + .map(ManagedCertificateAuthority::toData).toList(); } @Override @@ -124,8 +123,7 @@ public Collection findManagedCasEligibleForKeyR .setParameter("maxKpAge", oldestKpCreationTime); batchSize.ifPresent(query::setMaxResults); return query.getResultStream() - .map(ManagedCertificateAuthority::toData) - .collect(Collectors.toList()); + .map(ManagedCertificateAuthority::toData).toList(); } @Override @@ -178,8 +176,8 @@ public List findAllManagedCertificateAuthoritiesWithPe .getResultStream(); return certificateAuthorities .sorted(Comparator.comparingInt(CertificateAuthority::depth)) - .map(ManagedCertificateAuthority::toData) - .collect(Collectors.toList()); + .map((x) -> (CertificateAuthorityData) x.toData()) + .toList(); } private CertificateAuthorityData convertToCaData(CertificateAuthority ca) { diff --git a/src/main/java/net/ripe/rpki/core/read/services/cert/ResourceCertificateViewServiceImpl.java b/src/main/java/net/ripe/rpki/core/read/services/cert/ResourceCertificateViewServiceImpl.java index f1f204b..1708d7a 100644 --- a/src/main/java/net/ripe/rpki/core/read/services/cert/ResourceCertificateViewServiceImpl.java +++ b/src/main/java/net/ripe/rpki/core/read/services/cert/ResourceCertificateViewServiceImpl.java @@ -1,5 +1,6 @@ package net.ripe.rpki.core.read.services.cert; +import jakarta.annotation.Resource; import lombok.NonNull; import net.ripe.ipresource.ImmutableResourceSet; import net.ripe.rpki.domain.CertificateAuthorityRepository; @@ -13,10 +14,9 @@ import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; -import javax.annotation.Resource; -import javax.persistence.EntityManager; -import javax.persistence.NoResultException; -import javax.persistence.PersistenceContext; +import jakarta.persistence.EntityManager; +import jakarta.persistence.NoResultException; +import jakarta.persistence.PersistenceContext; import java.security.PublicKey; import java.util.Optional; diff --git a/src/main/java/net/ripe/rpki/core/services/background/BackgroundTaskRunner.java b/src/main/java/net/ripe/rpki/core/services/background/BackgroundTaskRunner.java index ed3142f..eddc23d 100644 --- a/src/main/java/net/ripe/rpki/core/services/background/BackgroundTaskRunner.java +++ b/src/main/java/net/ripe/rpki/core/services/background/BackgroundTaskRunner.java @@ -77,9 +77,8 @@ public interface Task { public List runParallel(Stream> tasks) { MaxExceptionsTemplate maxExceptionsTemplate = new MaxExceptionsTemplate(20); List result = forkJoinPool.submit( - () -> tasks.parallel() - .flatMap(task -> maxExceptionsTemplate.wrap(task).stream()) - .collect(Collectors.toList()) + () -> tasks.parallel() + .flatMap(task -> maxExceptionsTemplate.wrap(task).stream()).toList() ).join(); if (maxExceptionsTemplate.maxExceptionsOccurred()) { throw new BackgroundServiceException("Too many exceptions encountered, suspecting problems that affect ALL CAs."); diff --git a/src/main/java/net/ripe/rpki/core/write/services/command/CommandServiceImpl.java b/src/main/java/net/ripe/rpki/core/write/services/command/CommandServiceImpl.java index f2f1831..3727808 100644 --- a/src/main/java/net/ripe/rpki/core/write/services/command/CommandServiceImpl.java +++ b/src/main/java/net/ripe/rpki/core/write/services/command/CommandServiceImpl.java @@ -24,19 +24,18 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.support.TransactionTemplate; -import javax.inject.Inject; -import javax.persistence.EntityManager; -import javax.persistence.FlushModeType; -import javax.persistence.OptimisticLockException; -import javax.persistence.PessimisticLockException; -import javax.persistence.Query; +import jakarta.inject.Inject; +import jakarta.persistence.EntityManager; +import jakarta.persistence.FlushModeType; +import jakarta.persistence.OptimisticLockException; +import jakarta.persistence.PessimisticLockException; +import jakarta.persistence.Query; import java.math.BigInteger; import java.time.Duration; import java.util.List; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.TimeUnit; -import java.util.stream.Collectors; import static com.google.common.util.concurrent.Uninterruptibles.sleepUninterruptibly; @@ -90,8 +89,8 @@ public CommandServiceImpl( public VersionedId getNextId() { Query q = entityManager.createNativeQuery("SELECT nextval('seq_all')"); q.setFlushMode(FlushModeType.COMMIT); // no need to do dirty checking - BigInteger next = (BigInteger) q.getSingleResult(); - return new VersionedId(next.longValue()); + long next = (long) q.getSingleResult(); + return new VersionedId(next); } @SuppressWarnings("try") @@ -155,7 +154,7 @@ private CommandStatus executeCommand(CertificateAuthorityCommand command) { transactionTemplate.executeWithoutResult(status -> { EventDelegateTracker.get().reset(); CommandContext commandContext = commandAuditService.startRecording(command); - List subscriptions = eventVisitors.stream().map(visitor -> ManagedCertificateAuthority.subscribe(visitor, commandContext)).collect(Collectors.toList()); + List subscriptions = eventVisitors.stream().map(visitor -> ManagedCertificateAuthority.subscribe(visitor, commandContext)).toList(); try ( EventSubscription commandAuditSubscription = ManagedCertificateAuthority.EVENTS.subscribe(commandContext::recordEvent) ) { diff --git a/src/main/java/net/ripe/rpki/domain/AllResourcesCertificateAuthority.java b/src/main/java/net/ripe/rpki/domain/AllResourcesCertificateAuthority.java index f650e7d..0c30edc 100644 --- a/src/main/java/net/ripe/rpki/domain/AllResourcesCertificateAuthority.java +++ b/src/main/java/net/ripe/rpki/domain/AllResourcesCertificateAuthority.java @@ -10,9 +10,9 @@ import net.ripe.rpki.server.api.dto.CertificateAuthorityType; import net.ripe.rpki.server.api.ports.ResourceLookupService; -import javax.persistence.DiscriminatorValue; -import javax.persistence.Entity; -import javax.persistence.OneToOne; +import jakarta.persistence.DiscriminatorValue; +import jakarta.persistence.Entity; +import jakarta.persistence.OneToOne; import javax.security.auth.x500.X500Principal; import java.util.ArrayList; import java.util.List; @@ -26,7 +26,7 @@ public class AllResourcesCertificateAuthority extends ManagedCertificateAuthorit @Getter @Setter - @OneToOne(mappedBy = "certificateAuthority", cascade = {javax.persistence.CascadeType.ALL}, orphanRemoval = true) + @OneToOne(mappedBy = "certificateAuthority", cascade = {jakarta.persistence.CascadeType.ALL}, orphanRemoval = true) private UpStreamCARequestEntity upStreamCARequestEntity; protected AllResourcesCertificateAuthority() { diff --git a/src/main/java/net/ripe/rpki/domain/CertificateAuthority.java b/src/main/java/net/ripe/rpki/domain/CertificateAuthority.java index 97ee98b..1b554df 100644 --- a/src/main/java/net/ripe/rpki/domain/CertificateAuthority.java +++ b/src/main/java/net/ripe/rpki/domain/CertificateAuthority.java @@ -9,18 +9,18 @@ import org.joda.time.DateTimeZone; import org.joda.time.Period; -import javax.persistence.Column; -import javax.persistence.DiscriminatorColumn; -import javax.persistence.DiscriminatorType; -import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; -import javax.persistence.ManyToOne; -import javax.persistence.Table; +import jakarta.persistence.Column; +import jakarta.persistence.DiscriminatorColumn; +import jakarta.persistence.DiscriminatorType; +import jakarta.persistence.Entity; +import jakarta.persistence.FetchType; +import jakarta.persistence.Inheritance; +import jakarta.persistence.InheritanceType; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.ManyToOne; +import jakarta.persistence.Table; import javax.security.auth.x500.X500Principal; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.util.Optional; import java.util.UUID; diff --git a/src/main/java/net/ripe/rpki/domain/CertificateAuthorityRepository.java b/src/main/java/net/ripe/rpki/domain/CertificateAuthorityRepository.java index bd0e22e..6495bd1 100644 --- a/src/main/java/net/ripe/rpki/domain/CertificateAuthorityRepository.java +++ b/src/main/java/net/ripe/rpki/domain/CertificateAuthorityRepository.java @@ -5,7 +5,7 @@ import net.ripe.rpki.server.api.dto.CaStat; import org.joda.time.DateTime; -import javax.persistence.LockModeType; +import jakarta.persistence.LockModeType; import javax.security.auth.x500.X500Principal; import java.util.Collection; import java.util.List; diff --git a/src/main/java/net/ripe/rpki/domain/DownStreamProvisioningCommunicator.java b/src/main/java/net/ripe/rpki/domain/DownStreamProvisioningCommunicator.java index 54d33ec..c86e44f 100644 --- a/src/main/java/net/ripe/rpki/domain/DownStreamProvisioningCommunicator.java +++ b/src/main/java/net/ripe/rpki/domain/DownStreamProvisioningCommunicator.java @@ -11,9 +11,9 @@ import net.ripe.rpki.util.SerialNumberSupplier; import org.apache.commons.lang.Validate; -import javax.persistence.*; +import jakarta.persistence.*; import javax.security.auth.x500.X500Principal; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.math.BigInteger; import java.security.KeyPair; import java.security.cert.X509CRL; diff --git a/src/main/java/net/ripe/rpki/domain/EmbeddedInformationAccessDescriptor.java b/src/main/java/net/ripe/rpki/domain/EmbeddedInformationAccessDescriptor.java index 4298021..a0f2e67 100644 --- a/src/main/java/net/ripe/rpki/domain/EmbeddedInformationAccessDescriptor.java +++ b/src/main/java/net/ripe/rpki/domain/EmbeddedInformationAccessDescriptor.java @@ -6,9 +6,9 @@ import net.ripe.rpki.commons.crypto.x509cert.X509CertificateInformationAccessDescriptor; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import javax.persistence.Column; -import javax.persistence.Embeddable; -import javax.validation.constraints.NotNull; +import jakarta.persistence.Column; +import jakarta.persistence.Embeddable; +import jakarta.validation.constraints.NotNull; import java.net.URI; @Embeddable diff --git a/src/main/java/net/ripe/rpki/domain/EmbeddedResourceExtension.java b/src/main/java/net/ripe/rpki/domain/EmbeddedResourceExtension.java index 0299db6..a37eb23 100644 --- a/src/main/java/net/ripe/rpki/domain/EmbeddedResourceExtension.java +++ b/src/main/java/net/ripe/rpki/domain/EmbeddedResourceExtension.java @@ -7,9 +7,9 @@ import net.ripe.ipresource.IpResourceType; import net.ripe.rpki.commons.crypto.rfc3779.ResourceExtension; -import javax.persistence.Column; -import javax.persistence.Embeddable; -import javax.validation.constraints.NotNull; +import jakarta.persistence.Column; +import jakarta.persistence.Embeddable; +import jakarta.validation.constraints.NotNull; import java.util.EnumSet; /** diff --git a/src/main/java/net/ripe/rpki/domain/EmbeddedValidityPeriod.java b/src/main/java/net/ripe/rpki/domain/EmbeddedValidityPeriod.java index 0057001..d901144 100644 --- a/src/main/java/net/ripe/rpki/domain/EmbeddedValidityPeriod.java +++ b/src/main/java/net/ripe/rpki/domain/EmbeddedValidityPeriod.java @@ -6,8 +6,8 @@ import net.ripe.rpki.commons.crypto.ValidityPeriod; import org.joda.time.DateTime; -import javax.persistence.Column; -import javax.persistence.Embeddable; +import jakarta.persistence.Column; +import jakarta.persistence.Embeddable; /** * JPA mappable version of a ValidityPeriod diff --git a/src/main/java/net/ripe/rpki/domain/GenericPublishedObject.java b/src/main/java/net/ripe/rpki/domain/GenericPublishedObject.java index 4b91adb..1be0fc5 100644 --- a/src/main/java/net/ripe/rpki/domain/GenericPublishedObject.java +++ b/src/main/java/net/ripe/rpki/domain/GenericPublishedObject.java @@ -5,14 +5,14 @@ import net.ripe.rpki.ncc.core.domain.support.EntitySupport; import org.joda.time.Instant; -import javax.persistence.Column; -import javax.persistence.EnumType; -import javax.persistence.Enumerated; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.MappedSuperclass; -import javax.persistence.SequenceGenerator; +import jakarta.persistence.Column; +import jakarta.persistence.EnumType; +import jakarta.persistence.Enumerated; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.MappedSuperclass; +import jakarta.persistence.SequenceGenerator; import java.net.URI; import java.util.Arrays; diff --git a/src/main/java/net/ripe/rpki/domain/HostedCertificateAuthority.java b/src/main/java/net/ripe/rpki/domain/HostedCertificateAuthority.java index 96abd99..23296d5 100644 --- a/src/main/java/net/ripe/rpki/domain/HostedCertificateAuthority.java +++ b/src/main/java/net/ripe/rpki/domain/HostedCertificateAuthority.java @@ -10,13 +10,12 @@ import net.ripe.rpki.server.api.ports.ResourceInformationNotAvailableException; import net.ripe.rpki.server.api.ports.ResourceLookupService; -import javax.persistence.DiscriminatorValue; -import javax.persistence.Entity; +import jakarta.persistence.DiscriminatorValue; +import jakarta.persistence.Entity; import javax.security.auth.x500.X500Principal; import java.util.List; import java.util.Optional; import java.util.UUID; -import java.util.stream.Collectors; /** * Locally hosted certificate authority on behalf of a RIPE NCC member. @@ -41,8 +40,7 @@ public CertificateAuthorityType getType() { @Override public HostedCertificateAuthorityData toData() { final List keys = getKeyPairs().stream() - .map(KeyPairEntity::toData) - .collect(Collectors.toList()); + .map(KeyPairEntity::toData).toList(); return new HostedCertificateAuthorityData( getVersionedId(), getName(), getUuid(), diff --git a/src/main/java/net/ripe/rpki/domain/IncomingResourceCertificate.java b/src/main/java/net/ripe/rpki/domain/IncomingResourceCertificate.java index 85d5313..737dab0 100644 --- a/src/main/java/net/ripe/rpki/domain/IncomingResourceCertificate.java +++ b/src/main/java/net/ripe/rpki/domain/IncomingResourceCertificate.java @@ -6,8 +6,8 @@ import net.ripe.rpki.domain.interca.CertificateIssuanceResponse; import org.apache.commons.lang3.Validate; -import javax.persistence.*; -import javax.validation.constraints.NotNull; +import jakarta.persistence.*; +import jakarta.validation.constraints.NotNull; import java.util.Arrays; import java.util.Objects; @@ -35,7 +35,7 @@ protected IncomingResourceCertificate() { public IncomingResourceCertificate(@NonNull CertificateIssuanceResponse issuanceResponse, @NonNull KeyPairEntity subjectKeyPair) { super(issuanceResponse.getCertificate()); - Validate.notNull(issuanceResponse); + Validate.notNull(issuanceResponse, "issuance response is required"); setPublicationUri(issuanceResponse.getPublicationUri()); this.inheritedResources = issuanceResponse.getInheritedResources(); this.subjectKeyPair = subjectKeyPair; @@ -61,8 +61,8 @@ public ImmutableResourceSet getCertifiedResources() { } protected void revalidate() { - Validate.notNull(subjectKeyPair); - Validate.notNull(inheritedResources); + Validate.notNull(subjectKeyPair, "subject keypair is required"); + Validate.notNull(inheritedResources, "inhereted resources are required"); revalidateCertificate(); } } diff --git a/src/main/java/net/ripe/rpki/domain/IntermediateCertificateAuthority.java b/src/main/java/net/ripe/rpki/domain/IntermediateCertificateAuthority.java index c9ed486..8062190 100644 --- a/src/main/java/net/ripe/rpki/domain/IntermediateCertificateAuthority.java +++ b/src/main/java/net/ripe/rpki/domain/IntermediateCertificateAuthority.java @@ -5,8 +5,8 @@ import net.ripe.rpki.server.api.ports.ResourceInformationNotAvailableException; import net.ripe.rpki.server.api.ports.ResourceLookupService; -import javax.persistence.DiscriminatorValue; -import javax.persistence.Entity; +import jakarta.persistence.DiscriminatorValue; +import jakarta.persistence.Entity; import javax.security.auth.x500.X500Principal; import java.util.Optional; import java.util.UUID; diff --git a/src/main/java/net/ripe/rpki/domain/KeyPairEntity.java b/src/main/java/net/ripe/rpki/domain/KeyPairEntity.java index 57d10c5..7c0b24a 100644 --- a/src/main/java/net/ripe/rpki/domain/KeyPairEntity.java +++ b/src/main/java/net/ripe/rpki/domain/KeyPairEntity.java @@ -19,8 +19,8 @@ import org.joda.time.DateTime; import org.joda.time.DateTimeZone; -import javax.persistence.*; -import javax.validation.constraints.NotNull; +import jakarta.persistence.*; +import jakarta.validation.constraints.NotNull; import java.net.URI; import java.security.KeyPair; import java.security.PrivateKey; diff --git a/src/main/java/net/ripe/rpki/domain/KeyPairStatusHistory.java b/src/main/java/net/ripe/rpki/domain/KeyPairStatusHistory.java index 08ea6c6..78fc2ec 100644 --- a/src/main/java/net/ripe/rpki/domain/KeyPairStatusHistory.java +++ b/src/main/java/net/ripe/rpki/domain/KeyPairStatusHistory.java @@ -4,11 +4,11 @@ import net.ripe.rpki.server.api.dto.KeyPairStatus; import org.joda.time.DateTime; -import javax.persistence.Column; -import javax.persistence.Embeddable; -import javax.persistence.EnumType; -import javax.persistence.Enumerated; -import javax.validation.constraints.NotNull; +import jakarta.persistence.Column; +import jakarta.persistence.Embeddable; +import jakarta.persistence.EnumType; +import jakarta.persistence.Enumerated; +import jakarta.validation.constraints.NotNull; @Embeddable public class KeyPairStatusHistory { diff --git a/src/main/java/net/ripe/rpki/domain/ManagedCertificateAuthority.java b/src/main/java/net/ripe/rpki/domain/ManagedCertificateAuthority.java index 2cc3344..cd8f685 100644 --- a/src/main/java/net/ripe/rpki/domain/ManagedCertificateAuthority.java +++ b/src/main/java/net/ripe/rpki/domain/ManagedCertificateAuthority.java @@ -35,12 +35,11 @@ import org.joda.time.DateTimeZone; import org.joda.time.Duration; -import javax.persistence.*; +import jakarta.persistence.*; import javax.security.auth.x500.X500Principal; import java.net.URI; import java.security.PublicKey; import java.util.*; -import java.util.stream.Collectors; import static net.logstash.logback.argument.StructuredArguments.v; import static net.ripe.rpki.domain.Resources.DEFAULT_RESOURCE_CLASS; @@ -64,7 +63,7 @@ public static EventSubscription subscribe(final CertificateAuthorityEventVisitor @OneToMany(orphanRemoval = true, cascade = CascadeType.ALL ) @JoinColumn(name = "ca_id", nullable = false) - private Set keyPairs = new HashSet<>(); + private final Set keyPairs = new HashSet<>(); /** * The last time the ASPA or ROA configuration was updated. This can bever be equal to {@link #configurationAppliedAt}. @@ -101,8 +100,7 @@ public ManagedCertificateAuthorityData toData() { TrustAnchorRequest upStreamCARequest = getUpStreamCARequestEntity() != null ? getUpStreamCARequestEntity().getUpStreamCARequest() : null; final List keys = getKeyPairs().stream() - .map(KeyPairEntity::toData) - .collect(Collectors.toList()); + .map(KeyPairEntity::toData).toList(); return new ManagedCertificateAuthorityData( getVersionedId(), getName(), getUuid(), @@ -118,7 +116,7 @@ public void removeKeyPair(final KeyPairEntity keyPair) { @Override public Collection getSignedPublicKeys() { - return keyPairs.stream().map(KeyPairEntity::getPublicKey).collect(Collectors.toList()); + return keyPairs.stream().map(KeyPairEntity::getPublicKey).toList(); } public Collection getKeyPairs() { @@ -228,8 +226,8 @@ DEFAULT_RESOURCE_CLASS, v("subject", request.getSubjectDN()), private boolean subjectInformationAccessChanged(CertificateIssuanceRequest request, OutgoingResourceCertificate currentCertificate) { // Sort by key since order across different keys does not matter. If the same key appears multiple times the order does matter, // but since the sorting is stable this will be detected. - List a = Arrays.stream(request.getSubjectInformationAccess()).sorted(Comparator.comparing(x -> x.getMethod().getId())).collect(Collectors.toList()); - List b = Arrays.stream(currentCertificate.getSia()).sorted(Comparator.comparing(x -> x.getMethod().getId())).collect(Collectors.toList()); + List a = Arrays.stream(request.getSubjectInformationAccess()).sorted(Comparator.comparing(x -> x.getMethod().getId())).toList(); + List b = Arrays.stream(currentCertificate.getSia()).sorted(Comparator.comparing(x -> x.getMethod().getId())).toList(); if (Objects.equals(a, b)) { return false; } @@ -354,10 +352,9 @@ public boolean activatePendingKeys(Duration minStagingTime) { */ public List requestOldKeysRevocation(ResourceCertificateRepository resourceCertificateRepository) { return getKeyPairs().stream() - .filter(KeyPairEntity::isOld) - .filter(kp -> !resourceCertificateRepository.existsCurrentOutgoingCertificatesExceptForManifest(kp)) - .map(kp -> new CertificateRevocationRequest(kp.getPublicKey())) - .collect(Collectors.toList()); + .filter(KeyPairEntity::isOld) + .filter(kp -> !resourceCertificateRepository.existsCurrentOutgoingCertificatesExceptForManifest(kp)) + .map(kp -> new CertificateRevocationRequest(kp.getPublicKey())).toList(); } @Override diff --git a/src/main/java/net/ripe/rpki/domain/NonHostedCertificateAuthority.java b/src/main/java/net/ripe/rpki/domain/NonHostedCertificateAuthority.java index 045117a..c792064 100644 --- a/src/main/java/net/ripe/rpki/domain/NonHostedCertificateAuthority.java +++ b/src/main/java/net/ripe/rpki/domain/NonHostedCertificateAuthority.java @@ -27,9 +27,9 @@ import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.Validate; -import javax.persistence.*; +import jakarta.persistence.*; import javax.security.auth.x500.X500Principal; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.security.PublicKey; import java.util.*; import java.util.stream.Collectors; @@ -69,13 +69,13 @@ public class NonHostedCertificateAuthority extends CertificateAuthority { @OneToMany(orphanRemoval = true, cascade = CascadeType.ALL) @JoinColumn(name = "ca_id", nullable = false) - private Set publicKeys = new HashSet<>(); + private final Set publicKeys = new HashSet<>(); @Getter @OneToMany(orphanRemoval = true, cascade = CascadeType.ALL) @JoinColumn(name = "ca_id", nullable = false) @MapKey(name = "publisherHandle") - private Map publisherRepositories = new HashMap<>(); + private final Map publisherRepositories = new HashMap<>(); protected NonHostedCertificateAuthority() { } @@ -136,7 +136,7 @@ public NonHostedCertificateAuthorityData toData() { } public Collection getSignedPublicKeys() { - return publicKeys.stream().map(PublicKeyEntity::getPublicKey).collect(Collectors.toList()); + return publicKeys.stream().map(PublicKeyEntity::getPublicKey).toList(); } public Collection getPublicKeyEntities() { @@ -184,25 +184,24 @@ public boolean processCertificateRevocationResponse(CertificateRevocationRespons @Override public List processResourceClassListResponse(ResourceClassListResponse response, CertificateRequestCreationService certificateRequestCreationService) { return publicKeys.stream() - .flatMap(pk -> { - ImmutableResourceSet certifiableResources = response.getResourceExtension().map(ResourceExtension::getResources).orElse(ImmutableResourceSet.empty()); - ImmutableResourceSet certificateResources = pk.getRequestedResourceSets().calculateEffectiveResources(certifiableResources); - if (pk.isRevoked() || certificateResources.isEmpty()) { - if (pk.getOutgoingResourceCertificates().stream().anyMatch(rc -> rc.isCurrent())) { - return Stream.of(new CertificateRevocationRequest(pk.getPublicKey())); - } else { - return Stream.empty(); + .flatMap(pk -> { + ImmutableResourceSet certifiableResources = response.getResourceExtension().map(ResourceExtension::getResources).orElse(ImmutableResourceSet.empty()); + ImmutableResourceSet certificateResources = pk.getRequestedResourceSets().calculateEffectiveResources(certifiableResources); + if (pk.isRevoked() || certificateResources.isEmpty()) { + if (pk.getOutgoingResourceCertificates().stream().anyMatch(rc -> rc.isCurrent())) { + return Stream.of(new CertificateRevocationRequest(pk.getPublicKey())); + } else { + return Stream.empty(); + } } - } - - return Stream.of(new CertificateIssuanceRequest( - ResourceExtension.ofResources(certificateResources), - pk.getSubjectForCertificateRequest(), - pk.getPublicKey(), - pk.getRequestedSia().toArray(X509CertificateInformationAccessDescriptor[]::new) - )); - }) - .collect(Collectors.toList()); + + return Stream.of(new CertificateIssuanceRequest( + ResourceExtension.ofResources(certificateResources), + pk.getSubjectForCertificateRequest(), + pk.getPublicKey(), + pk.getRequestedSia().toArray(X509CertificateInformationAccessDescriptor[]::new) + )); + }).toList(); } public void addNonHostedPublisherRepository(UUID publisherHandle, PublisherRequest publisherRequest, RepositoryResponse repositoryResponse) { diff --git a/src/main/java/net/ripe/rpki/domain/NonHostedPublisherRepository.java b/src/main/java/net/ripe/rpki/domain/NonHostedPublisherRepository.java index 82aeae9..2785218 100644 --- a/src/main/java/net/ripe/rpki/domain/NonHostedPublisherRepository.java +++ b/src/main/java/net/ripe/rpki/domain/NonHostedPublisherRepository.java @@ -5,14 +5,14 @@ import net.ripe.rpki.commons.provisioning.identity.RepositoryResponse; import net.ripe.rpki.ncc.core.domain.support.EntitySupport; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; +import jakarta.persistence.Basic; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; import java.util.UUID; @Entity diff --git a/src/main/java/net/ripe/rpki/domain/OutgoingResourceCertificate.java b/src/main/java/net/ripe/rpki/domain/OutgoingResourceCertificate.java index b201f89..5c68cd3 100644 --- a/src/main/java/net/ripe/rpki/domain/OutgoingResourceCertificate.java +++ b/src/main/java/net/ripe/rpki/domain/OutgoingResourceCertificate.java @@ -8,17 +8,17 @@ import org.joda.time.DateTime; import org.joda.time.DateTimeZone; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.DiscriminatorValue; -import javax.persistence.Entity; -import javax.persistence.EnumType; -import javax.persistence.Enumerated; -import javax.persistence.FetchType; -import javax.persistence.JoinColumn; -import javax.persistence.ManyToOne; -import javax.persistence.OneToOne; -import javax.validation.constraints.NotNull; +import jakarta.persistence.CascadeType; +import jakarta.persistence.Column; +import jakarta.persistence.DiscriminatorValue; +import jakarta.persistence.Entity; +import jakarta.persistence.EnumType; +import jakarta.persistence.Enumerated; +import jakarta.persistence.FetchType; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.ManyToOne; +import jakarta.persistence.OneToOne; +import jakarta.validation.constraints.NotNull; import java.net.URI; import static java.util.Objects.requireNonNull; @@ -67,7 +67,7 @@ protected OutgoingResourceCertificate() { super(certificate); Validate.isTrue(embedded || filename != null, "embedded or filename must be set"); Validate.isTrue(embedded || parentPublicationDirectory != null, "embedded or parentPublicationDirectory must be set"); - Validate.notNull(signingKeyPair); + Validate.notNull(signingKeyPair, "signingKeyPair must be set"); this.signingKeyPair = signingKeyPair; this.embedded = embedded; this.status = OutgoingResourceCertificateStatus.CURRENT; diff --git a/src/main/java/net/ripe/rpki/domain/PersistedKeyPair.java b/src/main/java/net/ripe/rpki/domain/PersistedKeyPair.java index 830c972..e63edad 100644 --- a/src/main/java/net/ripe/rpki/domain/PersistedKeyPair.java +++ b/src/main/java/net/ripe/rpki/domain/PersistedKeyPair.java @@ -3,10 +3,10 @@ import net.ripe.rpki.commons.crypto.util.KeyPairUtil; import net.ripe.rpki.hsm.Keys; -import javax.persistence.Column; -import javax.persistence.Embeddable; -import javax.persistence.PostRemove; -import javax.persistence.Transient; +import jakarta.persistence.Column; +import jakarta.persistence.Embeddable; +import jakarta.persistence.PostRemove; +import jakarta.persistence.Transient; import java.security.KeyPair; import java.security.PrivateKey; import java.security.PublicKey; diff --git a/src/main/java/net/ripe/rpki/domain/ProductionCertificateAuthority.java b/src/main/java/net/ripe/rpki/domain/ProductionCertificateAuthority.java index 3ed1ee8..f5c62f2 100644 --- a/src/main/java/net/ripe/rpki/domain/ProductionCertificateAuthority.java +++ b/src/main/java/net/ripe/rpki/domain/ProductionCertificateAuthority.java @@ -10,11 +10,11 @@ import org.hibernate.annotations.Cascade; import org.hibernate.annotations.CascadeType; -import javax.persistence.DiscriminatorValue; -import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.JoinColumn; -import javax.persistence.OneToOne; +import jakarta.persistence.DiscriminatorValue; +import jakarta.persistence.Entity; +import jakarta.persistence.FetchType; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.OneToOne; import javax.security.auth.x500.X500Principal; import java.util.Optional; import java.util.UUID; diff --git a/src/main/java/net/ripe/rpki/domain/ProvisioningAuditLogEntity.java b/src/main/java/net/ripe/rpki/domain/ProvisioningAuditLogEntity.java index 07c0f0e..9d7295f 100644 --- a/src/main/java/net/ripe/rpki/domain/ProvisioningAuditLogEntity.java +++ b/src/main/java/net/ripe/rpki/domain/ProvisioningAuditLogEntity.java @@ -22,15 +22,15 @@ import org.joda.time.DateTimeUtils; import org.joda.time.DateTimeZone; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.EnumType; -import javax.persistence.Enumerated; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.EnumType; +import jakarta.persistence.Enumerated; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; import java.sql.Timestamp; import java.util.List; import java.util.UUID; diff --git a/src/main/java/net/ripe/rpki/domain/PublicKeyEntity.java b/src/main/java/net/ripe/rpki/domain/PublicKeyEntity.java index aa31155..6b1cb95 100644 --- a/src/main/java/net/ripe/rpki/domain/PublicKeyEntity.java +++ b/src/main/java/net/ripe/rpki/domain/PublicKeyEntity.java @@ -9,16 +9,15 @@ import net.ripe.rpki.ncc.core.domain.support.EntitySupport; import net.ripe.rpki.server.api.dto.NonHostedPublicKeyData; -import javax.persistence.*; +import jakarta.persistence.*; import javax.security.auth.x500.X500Principal; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.security.PublicKey; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Optional; -import java.util.stream.Collectors; /** * KeyPairs for remote (non-hosted) child CAs. @@ -42,7 +41,7 @@ public class PublicKeyEntity extends EntitySupport { @OneToMany(cascade={}) @JoinColumn(name="subject_public_key_id") - private Collection outgoingResourceCertificates = new ArrayList<>(); + private final Collection outgoingResourceCertificates = new ArrayList<>(); @Enumerated(EnumType.STRING) @Getter @@ -97,13 +96,13 @@ public RequestedResourceSets getRequestedResourceSets() { } public List getRequestedSia() { - return requestedSia.stream().map(EmbeddedInformationAccessDescriptor::toDescriptor).collect(Collectors.toList()); + return requestedSia.stream().map(EmbeddedInformationAccessDescriptor::toDescriptor).toList(); } public void setLatestIssuanceRequest(RequestedResourceSets requestedResourceSets, List sia) { this.latestProvisioningRequestType = PayloadMessageType.issue; this.requestedResourceSets = requestedResourceSets; - this.requestedSia = sia.stream().map(EmbeddedInformationAccessDescriptor::of).collect(Collectors.toList()); + this.requestedSia = sia.stream().map(EmbeddedInformationAccessDescriptor::of).toList(); } public void setLatestRevocationRequest() { diff --git a/src/main/java/net/ripe/rpki/domain/PublishedObject.java b/src/main/java/net/ripe/rpki/domain/PublishedObject.java index dc3fed7..ad2a4fc 100644 --- a/src/main/java/net/ripe/rpki/domain/PublishedObject.java +++ b/src/main/java/net/ripe/rpki/domain/PublishedObject.java @@ -7,7 +7,7 @@ import org.apache.commons.lang3.Validate; import org.joda.time.DateTime; -import javax.persistence.*; +import jakarta.persistence.*; import java.net.URI; import java.util.Objects; diff --git a/src/main/java/net/ripe/rpki/domain/PublishedObjectData.java b/src/main/java/net/ripe/rpki/domain/PublishedObjectData.java index 0fe04c5..9bbb70e 100644 --- a/src/main/java/net/ripe/rpki/domain/PublishedObjectData.java +++ b/src/main/java/net/ripe/rpki/domain/PublishedObjectData.java @@ -4,16 +4,17 @@ import java.net.URI; import java.sql.Timestamp; +import java.time.Instant; @Value public class PublishedObjectData { - Timestamp createdAt; + Instant createdAt; URI uri; byte[] content; - public PublishedObjectData(Timestamp createdAt, URI uri, byte[] content) { + public PublishedObjectData(Instant createdAt, URI uri, byte[] content) { this.createdAt = createdAt; this.uri = uri; this.content = content; diff --git a/src/main/java/net/ripe/rpki/domain/PublishedObjectEntry.java b/src/main/java/net/ripe/rpki/domain/PublishedObjectEntry.java index 725eb15..5042be1 100644 --- a/src/main/java/net/ripe/rpki/domain/PublishedObjectEntry.java +++ b/src/main/java/net/ripe/rpki/domain/PublishedObjectEntry.java @@ -3,12 +3,13 @@ import com.google.common.hash.HashCode; import lombok.*; +import java.time.Instant; import java.util.Date; @NoArgsConstructor @Data public class PublishedObjectEntry { - private Date updatedAt; + private Instant updatedAt; private PublicationStatus status; private String uri; @@ -21,7 +22,7 @@ public class PublishedObjectEntry { /** * Constructor that maps the SQL types to the entity */ - public PublishedObjectEntry(Date updatedAt, String status, String uri, byte[] sha256) { + public PublishedObjectEntry(Instant updatedAt, String status, String uri, byte[] sha256) { this.updatedAt = updatedAt; this.status = PublicationStatus.valueOf(status); this.uri = uri; diff --git a/src/main/java/net/ripe/rpki/domain/RequestedResourceSets.java b/src/main/java/net/ripe/rpki/domain/RequestedResourceSets.java index d071492..bd81114 100644 --- a/src/main/java/net/ripe/rpki/domain/RequestedResourceSets.java +++ b/src/main/java/net/ripe/rpki/domain/RequestedResourceSets.java @@ -7,9 +7,9 @@ import net.ripe.ipresource.IpResourceType; import org.apache.commons.lang3.Validate; -import javax.persistence.Column; -import javax.persistence.Embeddable; -import javax.persistence.PrePersist; +import jakarta.persistence.Column; +import jakarta.persistence.Embeddable; +import jakarta.persistence.PrePersist; import java.io.Serializable; import java.util.Optional; diff --git a/src/main/java/net/ripe/rpki/domain/ResourceCertificate.java b/src/main/java/net/ripe/rpki/domain/ResourceCertificate.java index 3b02c43..10e45da 100644 --- a/src/main/java/net/ripe/rpki/domain/ResourceCertificate.java +++ b/src/main/java/net/ripe/rpki/domain/ResourceCertificate.java @@ -1,7 +1,6 @@ package net.ripe.rpki.domain; import lombok.Getter; -import lombok.NonNull; import net.ripe.ipresource.ImmutableResourceSet; import net.ripe.rpki.commons.crypto.ValidityPeriod; import net.ripe.rpki.commons.crypto.rfc3779.ResourceExtension; @@ -15,9 +14,9 @@ import org.apache.commons.lang.Validate; import org.joda.time.DateTime; -import javax.persistence.*; +import jakarta.persistence.*; import javax.security.auth.x500.X500Principal; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.math.BigInteger; import java.net.URI; import java.security.PublicKey; diff --git a/src/main/java/net/ripe/rpki/domain/ResourceCertificateRepository.java b/src/main/java/net/ripe/rpki/domain/ResourceCertificateRepository.java index 4e70eba..f115598 100644 --- a/src/main/java/net/ripe/rpki/domain/ResourceCertificateRepository.java +++ b/src/main/java/net/ripe/rpki/domain/ResourceCertificateRepository.java @@ -74,10 +74,10 @@ public interface ResourceCertificateRepository extends Repository alertsToRemove = roaAlertConfiguration.getIgnored().stream() .map(RoaAlertIgnoredAnnouncement::toData) - .filter(ignoredAnnouncement -> !nowCurrentResources.intersects(ignoredAnnouncement.getPrefix())) - .collect(Collectors.toList()); + .filter(ignoredAnnouncement -> !nowCurrentResources.intersects(ignoredAnnouncement.getPrefix())).toList(); if (!alertsToRemove.isEmpty()) { roaAlertConfiguration.update(Collections.emptyList(), alertsToRemove); diff --git a/src/main/java/net/ripe/rpki/domain/archive/KeyPairDeletionService.java b/src/main/java/net/ripe/rpki/domain/archive/KeyPairDeletionService.java index 3c16872..5de6ec7 100644 --- a/src/main/java/net/ripe/rpki/domain/archive/KeyPairDeletionService.java +++ b/src/main/java/net/ripe/rpki/domain/archive/KeyPairDeletionService.java @@ -9,7 +9,7 @@ import net.ripe.rpki.domain.roa.RoaEntityRepository; import org.springframework.stereotype.Component; -import javax.inject.Inject; +import jakarta.inject.Inject; @Component public class KeyPairDeletionService { diff --git a/src/main/java/net/ripe/rpki/domain/aspa/AspaConfiguration.java b/src/main/java/net/ripe/rpki/domain/aspa/AspaConfiguration.java index 6375b9f..30ed296 100644 --- a/src/main/java/net/ripe/rpki/domain/aspa/AspaConfiguration.java +++ b/src/main/java/net/ripe/rpki/domain/aspa/AspaConfiguration.java @@ -4,17 +4,15 @@ import lombok.Getter; import lombok.NoArgsConstructor; import lombok.NonNull; -import lombok.Setter; import lombok.extern.slf4j.Slf4j; import net.ripe.ipresource.Asn; import net.ripe.rpki.domain.ManagedCertificateAuthority; import net.ripe.rpki.ncc.core.domain.support.EntitySupport; import net.ripe.rpki.server.api.dto.AspaConfigurationData; -import javax.persistence.*; -import javax.validation.constraints.NotEmpty; +import jakarta.persistence.*; +import jakarta.validation.constraints.NotEmpty; import java.util.*; -import java.util.stream.Collectors; import static net.ripe.rpki.util.Streams.streamToSortedMap; diff --git a/src/main/java/net/ripe/rpki/domain/aspa/AspaConfigurationMaintenanceServiceBean.java b/src/main/java/net/ripe/rpki/domain/aspa/AspaConfigurationMaintenanceServiceBean.java index e097e9a..72547cf 100644 --- a/src/main/java/net/ripe/rpki/domain/aspa/AspaConfigurationMaintenanceServiceBean.java +++ b/src/main/java/net/ripe/rpki/domain/aspa/AspaConfigurationMaintenanceServiceBean.java @@ -61,18 +61,16 @@ private void updateAspaConfigurationForResources(ManagedCertificateAuthority ca, SortedMap configuration = aspaConfigurationRepository.findByCertificateAuthority(ca); List toBeRemoved = configuration.values().stream() - .filter(entry -> !certifiedResources.contains(entry.getCustomerAsn())) - .collect(Collectors.toList()); + .filter(entry -> !certifiedResources.contains(entry.getCustomerAsn())).toList(); if (toBeRemoved.isEmpty()) { return; } context.recordEvent( new AspaConfigurationUpdatedDueToChangedResourcesEvent( - ca.getVersionedId(), - toBeRemoved.stream() - .map(AspaConfiguration::toData) - .collect(Collectors.toList())) + ca.getVersionedId(), + toBeRemoved.stream() + .map(AspaConfiguration::toData).toList()) ); toBeRemoved.forEach(aspaConfigurationRepository::remove); diff --git a/src/main/java/net/ripe/rpki/domain/aspa/AspaEntity.java b/src/main/java/net/ripe/rpki/domain/aspa/AspaEntity.java index a4e5038..0c2e8b1 100644 --- a/src/main/java/net/ripe/rpki/domain/aspa/AspaEntity.java +++ b/src/main/java/net/ripe/rpki/domain/aspa/AspaEntity.java @@ -14,7 +14,7 @@ import net.ripe.rpki.server.api.services.command.UnparseableRpkiObjectException; import org.apache.commons.lang.Validate; -import javax.persistence.*; +import jakarta.persistence.*; import java.net.URI; import java.util.List; import java.util.SortedMap; diff --git a/src/main/java/net/ripe/rpki/domain/aspa/AspaEntityServiceBean.java b/src/main/java/net/ripe/rpki/domain/aspa/AspaEntityServiceBean.java index 893e1d7..d542202 100644 --- a/src/main/java/net/ripe/rpki/domain/aspa/AspaEntityServiceBean.java +++ b/src/main/java/net/ripe/rpki/domain/aspa/AspaEntityServiceBean.java @@ -35,7 +35,7 @@ import org.joda.time.DateTimeZone; import org.springframework.stereotype.Service; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; import java.net.URI; import java.security.KeyPair; @@ -135,8 +135,7 @@ public Pair, SortedMap> validateA difference.entriesOnlyOnRight().keySet().stream(), difference.entriesDiffering().keySet().stream() ).map(validAspaEntitiesByAsn::get) - ) - .collect(Collectors.toList()); + ).toList(); SortedMap unmatchedAspaConfiguration = Stream.concat( difference.entriesOnlyOnLeft().keySet().stream(), diff --git a/src/main/java/net/ripe/rpki/domain/audit/CommandAudit.java b/src/main/java/net/ripe/rpki/domain/audit/CommandAudit.java index 9c7f22d..5ec1277 100644 --- a/src/main/java/net/ripe/rpki/domain/audit/CommandAudit.java +++ b/src/main/java/net/ripe/rpki/domain/audit/CommandAudit.java @@ -12,7 +12,7 @@ import org.joda.time.DateTime; import org.joda.time.DateTimeZone; -import javax.persistence.*; +import jakarta.persistence.*; import javax.security.auth.x500.X500Principal; import java.sql.Timestamp; import java.util.UUID; diff --git a/src/main/java/net/ripe/rpki/domain/crl/CrlEntity.java b/src/main/java/net/ripe/rpki/domain/crl/CrlEntity.java index c25b4b8..a43ba68 100644 --- a/src/main/java/net/ripe/rpki/domain/crl/CrlEntity.java +++ b/src/main/java/net/ripe/rpki/domain/crl/CrlEntity.java @@ -11,18 +11,18 @@ import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.ManyToOne; -import javax.persistence.OneToOne; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; +import jakarta.persistence.CascadeType; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.FetchType; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.ManyToOne; +import jakarta.persistence.OneToOne; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; import java.math.BigInteger; import java.net.URI; import java.util.Collection; diff --git a/src/main/java/net/ripe/rpki/domain/hsm/HsmCertificateChain.java b/src/main/java/net/ripe/rpki/domain/hsm/HsmCertificateChain.java index 569d0ec..a33e1a2 100644 --- a/src/main/java/net/ripe/rpki/domain/hsm/HsmCertificateChain.java +++ b/src/main/java/net/ripe/rpki/domain/hsm/HsmCertificateChain.java @@ -1,15 +1,15 @@ package net.ripe.rpki.domain.hsm; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.ManyToOne; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; -import javax.validation.constraints.NotNull; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.ManyToOne; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; +import jakarta.validation.constraints.NotNull; @Entity @Table(name = "hsm_certificate_chain") diff --git a/src/main/java/net/ripe/rpki/domain/hsm/HsmKey.java b/src/main/java/net/ripe/rpki/domain/hsm/HsmKey.java index c305a1d..6982ec7 100644 --- a/src/main/java/net/ripe/rpki/domain/hsm/HsmKey.java +++ b/src/main/java/net/ripe/rpki/domain/hsm/HsmKey.java @@ -2,18 +2,18 @@ import net.ripe.rpki.ncc.core.domain.support.EntitySupport; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.ManyToOne; -import javax.persistence.OneToMany; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; -import javax.validation.constraints.NotNull; +import jakarta.persistence.CascadeType; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.ManyToOne; +import jakarta.persistence.OneToMany; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; +import jakarta.validation.constraints.NotNull; import java.util.ArrayList; import java.util.Comparator; import java.util.List; diff --git a/src/main/java/net/ripe/rpki/domain/hsm/HsmKeyStore.java b/src/main/java/net/ripe/rpki/domain/hsm/HsmKeyStore.java index 4c35879..584cd07 100644 --- a/src/main/java/net/ripe/rpki/domain/hsm/HsmKeyStore.java +++ b/src/main/java/net/ripe/rpki/domain/hsm/HsmKeyStore.java @@ -2,16 +2,16 @@ import net.ripe.rpki.ncc.core.domain.support.EntitySupport; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.OneToMany; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; -import javax.validation.constraints.NotNull; +import jakarta.persistence.CascadeType; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.OneToMany; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; +import jakarta.validation.constraints.NotNull; import java.util.ArrayList; import java.util.List; diff --git a/src/main/java/net/ripe/rpki/domain/manifest/ManifestEntity.java b/src/main/java/net/ripe/rpki/domain/manifest/ManifestEntity.java index 36d89ad..47d904e 100644 --- a/src/main/java/net/ripe/rpki/domain/manifest/ManifestEntity.java +++ b/src/main/java/net/ripe/rpki/domain/manifest/ManifestEntity.java @@ -16,19 +16,19 @@ import org.joda.time.DateTime; import org.joda.time.Period; -import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.ManyToOne; -import javax.persistence.OneToMany; -import javax.persistence.OneToOne; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; +import jakarta.persistence.CascadeType; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.FetchType; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.ManyToOne; +import jakarta.persistence.OneToMany; +import jakarta.persistence.OneToOne; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; import javax.security.auth.x500.X500Principal; import java.math.BigInteger; import java.security.KeyPair; diff --git a/src/main/java/net/ripe/rpki/domain/property/PropertyEntity.java b/src/main/java/net/ripe/rpki/domain/property/PropertyEntity.java index 84cfe66..abde488 100644 --- a/src/main/java/net/ripe/rpki/domain/property/PropertyEntity.java +++ b/src/main/java/net/ripe/rpki/domain/property/PropertyEntity.java @@ -3,13 +3,13 @@ import net.ripe.rpki.ncc.core.domain.support.EntitySupport; import org.apache.commons.lang.Validate; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; @Entity @Table(name="property") diff --git a/src/main/java/net/ripe/rpki/domain/roa/RoaConfiguration.java b/src/main/java/net/ripe/rpki/domain/roa/RoaConfiguration.java index f9c4b90..b4a8870 100644 --- a/src/main/java/net/ripe/rpki/domain/roa/RoaConfiguration.java +++ b/src/main/java/net/ripe/rpki/domain/roa/RoaConfiguration.java @@ -12,17 +12,17 @@ import net.ripe.rpki.ncc.core.domain.support.EntitySupport; import net.ripe.rpki.server.api.dto.RoaConfigurationData; -import javax.persistence.CollectionTable; -import javax.persistence.ElementCollection; -import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.OneToOne; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; +import jakarta.persistence.CollectionTable; +import jakarta.persistence.ElementCollection; +import jakarta.persistence.Entity; +import jakarta.persistence.FetchType; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.OneToOne; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; import java.util.Collection; import java.util.Collections; import java.util.HashSet; @@ -81,8 +81,7 @@ public ManagedCertificateAuthority getCertificateAuthority() { public RoaConfigurationData convertToData() { return new RoaConfigurationData(prefixes.stream() - .map(RoaConfigurationPrefix::toData) - .collect(Collectors.toList())); + .map(RoaConfigurationPrefix::toData).toList()); } public final void addPrefix(Collection roaPrefixes) { diff --git a/src/main/java/net/ripe/rpki/domain/roa/RoaConfigurationPrefix.java b/src/main/java/net/ripe/rpki/domain/roa/RoaConfigurationPrefix.java index 9241347..1cce290 100644 --- a/src/main/java/net/ripe/rpki/domain/roa/RoaConfigurationPrefix.java +++ b/src/main/java/net/ripe/rpki/domain/roa/RoaConfigurationPrefix.java @@ -9,12 +9,11 @@ import org.apache.commons.lang.builder.ToStringBuilder; import org.apache.commons.lang.builder.ToStringStyle; -import javax.persistence.Column; -import javax.persistence.Embeddable; +import jakarta.persistence.Column; +import jakarta.persistence.Embeddable; import java.math.BigInteger; import java.time.Instant; import java.util.List; -import java.util.stream.Collectors; import static com.google.common.base.Objects.*; @@ -111,6 +110,6 @@ public String toString() { } public static List fromData(List data) { - return data.stream().map(RoaConfigurationPrefix::new).collect(Collectors.toList()); + return data.stream().map(RoaConfigurationPrefix::new).toList(); } } diff --git a/src/main/java/net/ripe/rpki/domain/roa/RoaEntity.java b/src/main/java/net/ripe/rpki/domain/roa/RoaEntity.java index f927669..96c4a19 100644 --- a/src/main/java/net/ripe/rpki/domain/roa/RoaEntity.java +++ b/src/main/java/net/ripe/rpki/domain/roa/RoaEntity.java @@ -12,17 +12,17 @@ import net.ripe.rpki.server.api.services.command.UnparseableRpkiObjectException; import org.apache.commons.lang.Validate; -import javax.persistence.CascadeType; -import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.OneToOne; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; -import javax.persistence.Transient; +import jakarta.persistence.CascadeType; +import jakarta.persistence.Entity; +import jakarta.persistence.FetchType; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.OneToOne; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; +import jakarta.persistence.Transient; import java.net.URI; /** diff --git a/src/main/java/net/ripe/rpki/domain/roa/RoaEntityServiceBean.java b/src/main/java/net/ripe/rpki/domain/roa/RoaEntityServiceBean.java index f42ae25..158f908 100644 --- a/src/main/java/net/ripe/rpki/domain/roa/RoaEntityServiceBean.java +++ b/src/main/java/net/ripe/rpki/domain/roa/RoaEntityServiceBean.java @@ -145,8 +145,7 @@ private boolean isValidRoaEntity(IncomingResourceCertificate incomingResourceCer private List getUnsatisfiedSpecifications(List validRoas, Map specifications) { Map> validRoasByAsn = validRoas.stream().collect(Collectors.groupingBy(RoaEntity::getAsn)); return specifications.values().stream() - .filter(specification -> isUnsatisfiedSpecification(validRoasByAsn, specification)) - .collect(Collectors.toList()); + .filter(specification -> isUnsatisfiedSpecification(validRoasByAsn, specification)).toList(); } private boolean isUnsatisfiedSpecification(Map> validRoasByAsn, RoaSpecification specification) { diff --git a/src/main/java/net/ripe/rpki/domain/rta/UpStreamCARequestEntity.java b/src/main/java/net/ripe/rpki/domain/rta/UpStreamCARequestEntity.java index bbff183..a10102b 100644 --- a/src/main/java/net/ripe/rpki/domain/rta/UpStreamCARequestEntity.java +++ b/src/main/java/net/ripe/rpki/domain/rta/UpStreamCARequestEntity.java @@ -6,15 +6,15 @@ import net.ripe.rpki.commons.xml.XStreamXmlSerializerBuilder; import net.ripe.rpki.domain.ManagedCertificateAuthority; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.OneToOne; -import javax.persistence.SequenceGenerator; -import javax.persistence.Table; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import jakarta.persistence.JoinColumn; +import jakarta.persistence.OneToOne; +import jakarta.persistence.SequenceGenerator; +import jakarta.persistence.Table; @Entity diff --git a/src/main/java/net/ripe/rpki/domain/signing/CertificateRequestCreationServiceBean.java b/src/main/java/net/ripe/rpki/domain/signing/CertificateRequestCreationServiceBean.java index 29555cc..8059336 100644 --- a/src/main/java/net/ripe/rpki/domain/signing/CertificateRequestCreationServiceBean.java +++ b/src/main/java/net/ripe/rpki/domain/signing/CertificateRequestCreationServiceBean.java @@ -94,8 +94,7 @@ public List requestAllResourcesCertificate(AllResourcesCertifica @Override public List createCertificateRevocationRequestForAllKeys(ManagedCertificateAuthority ca) { return ca.getKeyPairs().stream() - .map(keyPair -> new CertificateRevocationRequest(keyPair.getPublicKey())) - .collect(Collectors.toList()); + .map(keyPair -> new CertificateRevocationRequest(keyPair.getPublicKey())).toList(); } @Override diff --git a/src/main/java/net/ripe/rpki/ncc/core/domain/support/AggregateRoot.java b/src/main/java/net/ripe/rpki/ncc/core/domain/support/AggregateRoot.java index ede5bbc..0da4822 100644 --- a/src/main/java/net/ripe/rpki/ncc/core/domain/support/AggregateRoot.java +++ b/src/main/java/net/ripe/rpki/ncc/core/domain/support/AggregateRoot.java @@ -2,8 +2,8 @@ import net.ripe.rpki.commons.util.VersionedId; -import javax.persistence.Id; -import javax.persistence.MappedSuperclass; +import jakarta.persistence.Id; +import jakarta.persistence.MappedSuperclass; @MappedSuperclass public abstract class AggregateRoot extends EntitySupport { diff --git a/src/main/java/net/ripe/rpki/ncc/core/domain/support/EntitySupport.java b/src/main/java/net/ripe/rpki/ncc/core/domain/support/EntitySupport.java index f131d5e..2a878b0 100755 --- a/src/main/java/net/ripe/rpki/ncc/core/domain/support/EntitySupport.java +++ b/src/main/java/net/ripe/rpki/ncc/core/domain/support/EntitySupport.java @@ -5,15 +5,10 @@ import org.apache.commons.lang.builder.ToStringStyle; import org.joda.time.Instant; -import javax.persistence.Column; -import javax.persistence.MappedSuperclass; -import javax.persistence.PreUpdate; -import javax.persistence.Version; -import javax.validation.ConstraintViolation; -import javax.validation.Validation; -import javax.validation.Validator; -import javax.validation.ValidatorFactory; -import java.util.Set; +import jakarta.persistence.Column; +import jakarta.persistence.MappedSuperclass; +import jakarta.persistence.PreUpdate; +import jakarta.persistence.Version; @MappedSuperclass public abstract class EntitySupport implements Entity { diff --git a/src/main/java/net/ripe/rpki/offline/ra/service/TrustAnchorResponseProcessor.java b/src/main/java/net/ripe/rpki/offline/ra/service/TrustAnchorResponseProcessor.java index 1e4bf59..766072c 100644 --- a/src/main/java/net/ripe/rpki/offline/ra/service/TrustAnchorResponseProcessor.java +++ b/src/main/java/net/ripe/rpki/offline/ra/service/TrustAnchorResponseProcessor.java @@ -24,9 +24,9 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; -import javax.inject.Inject; -import javax.persistence.EntityManager; -import javax.persistence.PersistenceContext; +import jakarta.inject.Inject; +import jakarta.persistence.EntityManager; +import jakarta.persistence.PersistenceContext; import javax.security.auth.x500.X500Principal; import java.net.URI; import java.util.ArrayList; diff --git a/src/main/java/net/ripe/rpki/publication/persistence/disk/FileSystemPublicationObjectPersistence.java b/src/main/java/net/ripe/rpki/publication/persistence/disk/FileSystemPublicationObjectPersistence.java index 788b542..03d74ba 100644 --- a/src/main/java/net/ripe/rpki/publication/persistence/disk/FileSystemPublicationObjectPersistence.java +++ b/src/main/java/net/ripe/rpki/publication/persistence/disk/FileSystemPublicationObjectPersistence.java @@ -14,7 +14,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.io.File; import java.io.IOException; import java.io.UncheckedIOException; @@ -137,7 +137,7 @@ private Path writeObjectsToNewTargetDirectory(long now, Path baseDirectory, List Path file = temporaryLocation(temporaryDirectory, object.getUri()); Files.write(file, object.getContent()); // rsync relies on the correct timestamp for fast synchronization - Files.setLastModifiedTime(file, FileTime.fromMillis(object.getCreatedAt().getTime())); + Files.setLastModifiedTime(file, FileTime.fromMillis(object.getCreatedAt().toEpochMilli())); } catch (IOException e) { throw new UncheckedIOException(e); } diff --git a/src/main/java/net/ripe/rpki/publication/server/FSPublicationServer.java b/src/main/java/net/ripe/rpki/publication/server/FSPublicationServer.java index 540e36d..fbf7dec 100644 --- a/src/main/java/net/ripe/rpki/publication/server/FSPublicationServer.java +++ b/src/main/java/net/ripe/rpki/publication/server/FSPublicationServer.java @@ -11,7 +11,7 @@ import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.io.IOException; import java.io.UncheckedIOException; import java.util.List; diff --git a/src/main/java/net/ripe/rpki/rest/exception/RequestEntityTooLargeException.java b/src/main/java/net/ripe/rpki/rest/exception/RequestEntityTooLargeException.java index 79aad7d..798034a 100644 --- a/src/main/java/net/ripe/rpki/rest/exception/RequestEntityTooLargeException.java +++ b/src/main/java/net/ripe/rpki/rest/exception/RequestEntityTooLargeException.java @@ -2,12 +2,12 @@ import net.ripe.rpki.rest.security.RequestEntitySizeLimiterServletFilter; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; import java.io.IOException; /** * Thrown by the {@link RequestEntitySizeLimiterServletFilter request body size limiter filter} when the - * {@link javax.servlet.ServletInputStream input stream} of the {@link javax.servlet.http.HttpServletRequest request} + * {@link jakarta.servlet.ServletInputStream input stream} of the {@link jakarta.servlet.http.HttpServletRequest request} * is too large. * * Translated by {@link RestExceptionControllerAdvice#exceptionsResultingInRequestEntityTooLargeHandler(HttpServletRequest, RequestEntityTooLargeException) diff --git a/src/main/java/net/ripe/rpki/rest/exception/RestExceptionControllerAdvice.java b/src/main/java/net/ripe/rpki/rest/exception/RestExceptionControllerAdvice.java index a414602..c8c6acb 100644 --- a/src/main/java/net/ripe/rpki/rest/exception/RestExceptionControllerAdvice.java +++ b/src/main/java/net/ripe/rpki/rest/exception/RestExceptionControllerAdvice.java @@ -12,8 +12,8 @@ import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ExceptionHandler; -import javax.servlet.http.HttpServletRequest; -import javax.validation.ConstraintViolationException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.validation.ConstraintViolationException; import java.time.Instant; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/rest/json/ObjectMapperProvider.java b/src/main/java/net/ripe/rpki/rest/json/ObjectMapperProvider.java index 372ceb4..ce354ee 100644 --- a/src/main/java/net/ripe/rpki/rest/json/ObjectMapperProvider.java +++ b/src/main/java/net/ripe/rpki/rest/json/ObjectMapperProvider.java @@ -15,8 +15,8 @@ import org.joda.time.format.DateTimeFormatter; import org.springframework.stereotype.Component; -import javax.ws.rs.ext.ContextResolver; -import javax.ws.rs.ext.Provider; +import jakarta.ws.rs.ext.ContextResolver; +import jakarta.ws.rs.ext.Provider; import java.io.IOException; import static com.fasterxml.jackson.core.JsonToken.VALUE_STRING; diff --git a/src/main/java/net/ripe/rpki/rest/security/ApiKeySecurity.java b/src/main/java/net/ripe/rpki/rest/security/ApiKeySecurity.java index d156ecb..d186b1c 100644 --- a/src/main/java/net/ripe/rpki/rest/security/ApiKeySecurity.java +++ b/src/main/java/net/ripe/rpki/rest/security/ApiKeySecurity.java @@ -3,16 +3,21 @@ import lombok.extern.slf4j.Slf4j; import net.ripe.rpki.application.CertificationConfiguration; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.authorization.AuthorizationDecision; +import org.springframework.security.authorization.AuthorizationManager; +import org.springframework.security.core.Authentication; +import org.springframework.security.web.access.intercept.RequestAuthorizationContext; import org.springframework.stereotype.Component; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; import java.io.IOException; import java.io.InputStream; import java.util.Properties; +import java.util.function.Supplier; @Slf4j @Component -public class ApiKeySecurity { +public class ApiKeySecurity implements AuthorizationManager { public static final String API_KEY_HEADER = "ncc-internal-api-key"; public static final String USER_ID_HEADER = "user-id"; @@ -32,8 +37,10 @@ public ApiKeySecurity(CertificationConfiguration certificationConfiguration) { } } - public boolean check(HttpServletRequest request) { - final String apikey = request.getHeader(API_KEY_HEADER); - return apikey != null && apiKeys.containsKey(apikey); + @Override + public AuthorizationDecision check(Supplier authentication, RequestAuthorizationContext ctx) { + final String apikey = ctx.getRequest().getHeader(API_KEY_HEADER); + var granted = apikey != null && apiKeys.containsKey(apikey); + return new AuthorizationDecision(granted); } } diff --git a/src/main/java/net/ripe/rpki/rest/security/JsonAuthenticationEntryPoint.java b/src/main/java/net/ripe/rpki/rest/security/JsonAuthenticationEntryPoint.java index 9c87877..d39010c 100644 --- a/src/main/java/net/ripe/rpki/rest/security/JsonAuthenticationEntryPoint.java +++ b/src/main/java/net/ripe/rpki/rest/security/JsonAuthenticationEntryPoint.java @@ -5,9 +5,9 @@ import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.stereotype.Component; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; @Component diff --git a/src/main/java/net/ripe/rpki/rest/security/RequestEntitySizeLimiterServletFilter.java b/src/main/java/net/ripe/rpki/rest/security/RequestEntitySizeLimiterServletFilter.java index 385a710..0079a87 100644 --- a/src/main/java/net/ripe/rpki/rest/security/RequestEntitySizeLimiterServletFilter.java +++ b/src/main/java/net/ripe/rpki/rest/security/RequestEntitySizeLimiterServletFilter.java @@ -4,16 +4,16 @@ import net.ripe.rpki.rest.exception.RequestEntityTooLargeException; import org.springframework.stereotype.Component; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.ReadListener; -import javax.servlet.ServletException; -import javax.servlet.ServletInputStream; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletRequestWrapper; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.Filter; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ReadListener; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletInputStream; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequestWrapper; +import jakarta.servlet.http.HttpServletResponse; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; diff --git a/src/main/java/net/ripe/rpki/rest/security/SecurityConfig.java b/src/main/java/net/ripe/rpki/rest/security/SecurityConfig.java index d8e71a6..c97fe17 100644 --- a/src/main/java/net/ripe/rpki/rest/security/SecurityConfig.java +++ b/src/main/java/net/ripe/rpki/rest/security/SecurityConfig.java @@ -1,26 +1,32 @@ package net.ripe.rpki.rest.security; +import com.google.common.base.Verify; import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.security.servlet.PathRequest; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; +import org.springframework.core.env.Environment; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.savedrequest.HttpSessionRequestCache; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.NegatedRequestMatcher; import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; +import static org.springframework.security.config.Customizer.withDefaults; + @Configuration @EnableWebSecurity @ComponentScan @Slf4j public class SecurityConfig { - private static final RequestMatcher API_REQUEST_MATCHER = new OrRequestMatcher( new AntPathRequestMatcher("/api/**"), new AntPathRequestMatcher("/prod/ca/**") @@ -29,57 +35,70 @@ public class SecurityConfig { private static final RequestMatcher WEB_REQUEST_MATCHER = new NegatedRequestMatcher(new OrRequestMatcher(API_REQUEST_MATCHER, PROVISIONING_REQUEST_MATCHER)); + @Order(1) @Bean - public SecurityFilterChain apiSecurityFilterChain(HttpSecurity http, JsonAuthenticationEntryPoint jsonAuthenticationEntryPoint) throws Exception { + public SecurityFilterChain webSecurityFilterChainRequireApiKey(HttpSecurity http, JsonAuthenticationEntryPoint jsonAuthenticationEntryPoint, ApiKeySecurity apiKeySecurity) throws Exception { return http - .requestMatcher(API_REQUEST_MATCHER) - .csrf(c -> c.disable()) - .sessionManagement(s -> s.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .exceptionHandling(e -> e.authenticationEntryPoint(jsonAuthenticationEntryPoint)) - .authorizeRequests(r -> r - // allow all to /api/monitoring/ endpoints - .antMatchers("/api/monitoring/**").permitAll() - .antMatchers("/api/public/**").permitAll() - // All other paths matching initial .requestMatcher require API key - .anyRequest().access("@apiKeySecurity.check(request)") - ) - .build(); + .securityMatcher(API_REQUEST_MATCHER) + .csrf(c -> c.disable()) + .sessionManagement(s -> s.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .exceptionHandling(e -> e.authenticationEntryPoint(jsonAuthenticationEntryPoint)) + .authorizeHttpRequests(r -> r + // allow all to /api/monitoring/ endpoints + .requestMatchers(new AntPathRequestMatcher("/api/monitoring/**")).permitAll() + .requestMatchers(new AntPathRequestMatcher("/api/public/**")).permitAll() + // All other paths matching initial .requestMatcher require API key + .anyRequest().access(apiKeySecurity) + ) + .build(); } + @Order(2) @Bean - public SecurityFilterChain provisioningSecurityFilterChain(HttpSecurity http) throws Exception { + public SecurityFilterChain webSecurityFilterChainAllowProvisioningEndpoint(HttpSecurity http) throws Exception { return http - .requestMatcher(PROVISIONING_REQUEST_MATCHER) - .csrf(c -> c.disable()) - .sessionManagement(s -> s.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .authorizeRequests(r -> r.anyRequest().permitAll()) - .build(); + .securityMatcher(PROVISIONING_REQUEST_MATCHER) + .csrf(c -> c.disable()) + .sessionManagement(s -> s.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests(r -> r.anyRequest().permitAll()) + .build(); } + @Order(3) @Bean - public SecurityFilterChain webSecurityFilterChain( + public SecurityFilterChain webSecurityFilterChainAllowPublicUrls( HttpSecurity http, - @Value("${authorization.admin.role}") String adminRole + @Value("${admin.authorization.enabled:true}") boolean adminAuthEnabled, + Environment environment ) throws Exception { - http.requestMatcher(WEB_REQUEST_MATCHER) - .authorizeRequests(r -> r - .antMatchers( - "/login", - "/actuator/active-node/", - "/actuator/prometheus", - "/monitoring/healthcheck" - ).permitAll() - .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll() - .anyRequest().hasAuthority(adminRole) - ); + http + .securityMatcher(WEB_REQUEST_MATCHER) + .authorizeHttpRequests(r -> r + .requestMatchers( + new AntPathRequestMatcher("/login"), + new AntPathRequestMatcher("/actuator/active-node"), + new AntPathRequestMatcher("/actuator/prometheus"), + new AntPathRequestMatcher("/monitoring/healthcheck") + ).permitAll() + .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll() + ); - if ("ROLE_ANONYMOUS".equals(adminRole)) { - log.warn("NOT enabling OAuth2 security, only for use in development mode!"); - } else { - log.info("enabling OAuth2 security using administrator role {}", adminRole); - http.oauth2Login(); + if (adminAuthEnabled) { + log.info("enabling OAuth2 and authentication"); + return http + .authorizeHttpRequests(r -> r.anyRequest().authenticated()) + .oauth2Login(withDefaults()) + .requestCache((cache) -> { + var requestCache = new HttpSessionRequestCache(); + requestCache.setMatchingRequestParameterName(null); + cache.requestCache(requestCache); + }) + .build(); } + log.warn("NOT enabling authentication, only for use in development mode!"); + // Defense in depth: + Verify.verify(environment.matchesProfiles("local | test"), "Admin authorization is disabled, but the local or test profile is not active."); - return http.build(); + return http.authorizeHttpRequests(r -> r.anyRequest().permitAll()).build(); } } diff --git a/src/main/java/net/ripe/rpki/rest/security/SpringAuthInterceptor.java b/src/main/java/net/ripe/rpki/rest/security/SpringAuthInterceptor.java index 18ed506..26e5f49 100644 --- a/src/main/java/net/ripe/rpki/rest/security/SpringAuthInterceptor.java +++ b/src/main/java/net/ripe/rpki/rest/security/SpringAuthInterceptor.java @@ -10,8 +10,8 @@ import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; @Component public class SpringAuthInterceptor implements HandlerInterceptor { diff --git a/src/main/java/net/ripe/rpki/rest/service/AbstractCaRestService.java b/src/main/java/net/ripe/rpki/rest/service/AbstractCaRestService.java index 44fc4e3..93ab17f 100644 --- a/src/main/java/net/ripe/rpki/rest/service/AbstractCaRestService.java +++ b/src/main/java/net/ripe/rpki/rest/service/AbstractCaRestService.java @@ -1,5 +1,6 @@ package net.ripe.rpki.rest.service; +import jakarta.annotation.PostConstruct; import lombok.NonNull; import lombok.extern.slf4j.Slf4j; import net.ripe.ipresource.ImmutableResourceSet; @@ -19,14 +20,13 @@ import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.InitBinder; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.Consumes; -import javax.ws.rs.Produces; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Produces; import java.net.URI; import java.util.*; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.security.ApiKeySecurity.USER_ID_HEADER; import static net.ripe.rpki.rest.security.SpringAuthInterceptor.USER_ID_REQ_ATTR; diff --git a/src/main/java/net/ripe/rpki/rest/service/AlertService.java b/src/main/java/net/ripe/rpki/rest/service/AlertService.java index 710bede..ae94deb 100644 --- a/src/main/java/net/ripe/rpki/rest/service/AlertService.java +++ b/src/main/java/net/ripe/rpki/rest/service/AlertService.java @@ -28,7 +28,7 @@ import java.util.*; import java.util.stream.Collectors; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; @Slf4j @@ -139,8 +139,7 @@ private ResponseEntity processMuteOrUnMute(final HostedCertificateAuthorityDa private Collection getAnnouncedRoutes(List announcements) { return announcements.stream() - .map(bgp -> new AnnouncedRoute(Asn.parse(bgp.getAsn()), IpRange.parse(bgp.getPrefix()))) - .collect(Collectors.toList()); + .map(bgp -> new AnnouncedRoute(Asn.parse(bgp.getAsn()), IpRange.parse(bgp.getPrefix()))).toList(); } } diff --git a/src/main/java/net/ripe/rpki/rest/service/AnnouncementService.java b/src/main/java/net/ripe/rpki/rest/service/AnnouncementService.java index 17cd8aa..04f7ffe 100644 --- a/src/main/java/net/ripe/rpki/rest/service/AnnouncementService.java +++ b/src/main/java/net/ripe/rpki/rest/service/AnnouncementService.java @@ -45,7 +45,7 @@ import java.util.stream.Collectors; import java.util.stream.Stream; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.commons.validation.roa.RouteOriginValidationPolicy.allowedRoutesToNestedIntervalMap; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; @@ -91,9 +91,9 @@ public ResponseEntity> getResourcesForCa(@PathVariable("ca ar -> new BgpAnnouncement(ar.getOriginAsn().toString(), ar.getPrefix().toString(), 0, RouteOriginValidationPolicy.validateAnnouncedRoute(currentRouteMap, ar), true) - ).collect(Collectors.toList()); + ).toList(); - return ok(Stream.concat(announcedAnnouncements.stream(), notSeenAnnouncements.stream()).collect(Collectors.toList())); + return ok(Stream.concat(announcedAnnouncements.stream(), notSeenAnnouncements.stream()).toList()); } private Set bgpRisMapToAnnouncedRoutes(Map> announcements) { diff --git a/src/main/java/net/ripe/rpki/rest/service/BackgroundExecutorService.java b/src/main/java/net/ripe/rpki/rest/service/BackgroundExecutorService.java index 34c4468..5b212d0 100644 --- a/src/main/java/net/ripe/rpki/rest/service/BackgroundExecutorService.java +++ b/src/main/java/net/ripe/rpki/rest/service/BackgroundExecutorService.java @@ -17,9 +17,8 @@ import java.util.List; import java.util.Map; import java.util.Set; -import java.util.stream.Collectors; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static org.springframework.http.HttpStatus.BAD_REQUEST; import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR; import static org.springframework.http.HttpStatus.OK; @@ -74,12 +73,11 @@ public ResponseEntity executeInBackground(@PathVariable("serviceName") S // Restrict parameter names to known values and parameter values to short, simple strings to avoid // potential injection attacks. List> badParameters = parameters.entrySet().stream() - .filter(entry -> - !supportedParameters.contains(entry.getKey()) - || entry.getValue().length() > 100 - || !entry.getValue().matches("[0-9a-zA-Z_:-]*") - ) - .collect(Collectors.toList()); + .filter(entry -> + !supportedParameters.contains(entry.getKey()) + || entry.getValue().length() > 100 + || !entry.getValue().matches("[0-9a-zA-Z_:-]*") + ).toList(); if (!badParameters.isEmpty()) { return logAndReturnResponse(BAD_REQUEST, "incorrect job parameter(s) - " + badParameters); } diff --git a/src/main/java/net/ripe/rpki/rest/service/CaAspaConfigurationService.java b/src/main/java/net/ripe/rpki/rest/service/CaAspaConfigurationService.java index 564be62..0d65d9f 100644 --- a/src/main/java/net/ripe/rpki/rest/service/CaAspaConfigurationService.java +++ b/src/main/java/net/ripe/rpki/rest/service/CaAspaConfigurationService.java @@ -28,10 +28,10 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -import javax.validation.Valid; +import jakarta.validation.Valid; import java.util.List; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; @Slf4j diff --git a/src/main/java/net/ripe/rpki/rest/service/CaRoaConfigurationService.java b/src/main/java/net/ripe/rpki/rest/service/CaRoaConfigurationService.java index 18546cb..608cb95 100644 --- a/src/main/java/net/ripe/rpki/rest/service/CaRoaConfigurationService.java +++ b/src/main/java/net/ripe/rpki/rest/service/CaRoaConfigurationService.java @@ -34,7 +34,7 @@ import java.util.stream.Collectors; import static java.util.Map.of; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.commons.validation.roa.RouteOriginValidationPolicy.allowedRoutesToNestedIntervalMap; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; import static org.springframework.http.HttpStatus.BAD_REQUEST; @@ -139,8 +139,7 @@ public ResponseEntity> getAffectingROAsForCA(@Pa final ApiRoaPrefix roa = new ApiRoaPrefix(routeAsn, certifiedRoute.getPrefix().toString(), certifiedRoute.getMaximumLength()); final RouteValidityState validityState = determineValidityState(announcedPrefix, announcementAsn, certifiedRoute); return new ROAWithAnnouncementStatus(roa, validityState); - }) - .collect(Collectors.toList()); + }).toList(); return ok(affectingROAs); } @@ -319,8 +318,7 @@ private Collection getRoaConfigurationPrefixDatas(fi .map(roa -> new RoaConfigurationPrefixData( Asn.parse(roa.getAsn()), IpRange.parse(roa.getPrefix()), - roa.getMaxLength())) - .collect(Collectors.toList()); + roa.getMaxLength())).toList(); } private static Set getIgnoredAnnouncement(RoaAlertConfigurationViewService service, Long caId) { diff --git a/src/main/java/net/ripe/rpki/rest/service/CaService.java b/src/main/java/net/ripe/rpki/rest/service/CaService.java index 49ffdd7..6d8eeb2 100644 --- a/src/main/java/net/ripe/rpki/rest/service/CaService.java +++ b/src/main/java/net/ripe/rpki/rest/service/CaService.java @@ -40,7 +40,7 @@ import org.springframework.web.multipart.MultipartFile; import javax.security.auth.x500.X500Principal; -import javax.ws.rs.core.MediaType; +import jakarta.ws.rs.core.MediaType; import java.io.IOException; import java.io.InputStream; import java.nio.charset.Charset; @@ -50,7 +50,7 @@ import java.util.Optional; import static com.google.common.collect.ImmutableMap.of; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; import static org.springframework.http.HttpStatus.*; import static org.springframework.http.MediaType.TEXT_XML; diff --git a/src/main/java/net/ripe/rpki/rest/service/CaStatService.java b/src/main/java/net/ripe/rpki/rest/service/CaStatService.java index 19e3b57..58fb061 100644 --- a/src/main/java/net/ripe/rpki/rest/service/CaStatService.java +++ b/src/main/java/net/ripe/rpki/rest/service/CaStatService.java @@ -28,7 +28,7 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import javax.ws.rs.core.MediaType; +import jakarta.ws.rs.core.MediaType; import java.util.Arrays; import java.util.Collection; import java.util.Collections; diff --git a/src/main/java/net/ripe/rpki/rest/service/GdprService.java b/src/main/java/net/ripe/rpki/rest/service/GdprService.java index fb8ee9f..000cdf2 100644 --- a/src/main/java/net/ripe/rpki/rest/service/GdprService.java +++ b/src/main/java/net/ripe/rpki/rest/service/GdprService.java @@ -14,7 +14,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -import javax.ws.rs.core.MediaType; +import jakarta.ws.rs.core.MediaType; import java.util.*; import java.util.concurrent.atomic.AtomicBoolean; diff --git a/src/main/java/net/ripe/rpki/rest/service/HistoryService.java b/src/main/java/net/ripe/rpki/rest/service/HistoryService.java index 8d3309b..415d2a3 100644 --- a/src/main/java/net/ripe/rpki/rest/service/HistoryService.java +++ b/src/main/java/net/ripe/rpki/rest/service/HistoryService.java @@ -18,9 +18,8 @@ import org.springframework.web.bind.annotation.RestController; import java.util.List; -import java.util.stream.Collectors; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; @Slf4j @@ -48,7 +47,7 @@ public ResponseEntity> getHistoryForCa(@PathVariable("caName") .map(caHistoryItem -> { final String humanizedUserPrincipal = getHumanizedUserPrincipal(caHistoryItem); return new HistoryItem(humanizedUserPrincipal, caHistoryItem); - }).collect(Collectors.toList()); + }).toList(); return ok(items); } diff --git a/src/main/java/net/ripe/rpki/rest/service/ProductionCaService.java b/src/main/java/net/ripe/rpki/rest/service/ProductionCaService.java index 1ccfa7d..6b80687 100644 --- a/src/main/java/net/ripe/rpki/rest/service/ProductionCaService.java +++ b/src/main/java/net/ripe/rpki/rest/service/ProductionCaService.java @@ -25,16 +25,16 @@ import org.springframework.web.bind.annotation.RestController; import javax.security.auth.x500.X500Principal; -import javax.validation.Valid; -import javax.validation.constraints.Max; -import javax.validation.constraints.Positive; +import jakarta.validation.Valid; +import jakarta.validation.constraints.Max; +import jakarta.validation.constraints.Positive; import java.util.Collection; import java.util.List; import java.util.Map; import java.util.stream.Collectors; -import static javax.ws.rs.core.MediaType.APPLICATION_FORM_URLENCODED; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_FORM_URLENCODED; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; @Slf4j @Scope("prototype") @@ -100,16 +100,15 @@ public ResponseEntity migrateMemberCasToIntermediateCas(@RequestParam(na try { final X500Principal productionCaName = certificationConfiguration.getProductionCaPrincipal(); Collection productionCaChildren = certificateAuthorityViewService.findAllChildrenForCa(productionCaName); - List intermediateCas = productionCaChildren.stream().filter(ca -> ca.getType() == CertificateAuthorityType.INTERMEDIATE).collect(Collectors.toList()); + List intermediateCas = productionCaChildren.stream().filter(ca -> ca.getType() == CertificateAuthorityType.INTERMEDIATE).toList(); if (intermediateCas.isEmpty()) { log.error("No intermediate CAs found"); return Utils.badRequestError("no intermediate CAs found"); } List memberCasToMigrate = productionCaChildren.stream() - .filter(ca -> ca.getType() == CertificateAuthorityType.HOSTED || ca.getType() == CertificateAuthorityType.NONHOSTED) - .limit(count) - .collect(Collectors.toList()); + .filter(ca -> ca.getType() == CertificateAuthorityType.HOSTED || ca.getType() == CertificateAuthorityType.NONHOSTED) + .limit(count).toList(); if (memberCasToMigrate.isEmpty()) { log.info("No member CAs to migrate found"); diff --git a/src/main/java/net/ripe/rpki/rest/service/PublisherRepositoriesService.java b/src/main/java/net/ripe/rpki/rest/service/PublisherRepositoriesService.java index 0aff3f3..0d61a58 100644 --- a/src/main/java/net/ripe/rpki/rest/service/PublisherRepositoriesService.java +++ b/src/main/java/net/ripe/rpki/rest/service/PublisherRepositoriesService.java @@ -36,20 +36,19 @@ import org.springframework.web.bind.annotation.RestController; import org.springframework.web.multipart.MultipartFile; -import javax.persistence.EntityNotFoundException; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.core.MediaType; +import jakarta.persistence.EntityNotFoundException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.ws.rs.core.MediaType; import java.io.IOException; import java.io.InputStream; import java.net.URI; -import java.nio.charset.Charset; import java.nio.charset.StandardCharsets; import java.util.Map; import java.util.Optional; import java.util.UUID; import java.util.stream.Collectors; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; import static org.springframework.http.HttpStatus.*; import static org.springframework.http.MediaType.TEXT_XML; diff --git a/src/main/java/net/ripe/rpki/rest/service/ResourceService.java b/src/main/java/net/ripe/rpki/rest/service/ResourceService.java index a880527..03d9be2 100644 --- a/src/main/java/net/ripe/rpki/rest/service/ResourceService.java +++ b/src/main/java/net/ripe/rpki/rest/service/ResourceService.java @@ -16,7 +16,7 @@ import org.springframework.web.bind.annotation.RestController; import static com.google.common.collect.ImmutableMap.of; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; @Slf4j diff --git a/src/main/java/net/ripe/rpki/rest/service/RestService.java b/src/main/java/net/ripe/rpki/rest/service/RestService.java index 0acde17..5d7eb22 100644 --- a/src/main/java/net/ripe/rpki/rest/service/RestService.java +++ b/src/main/java/net/ripe/rpki/rest/service/RestService.java @@ -3,7 +3,7 @@ import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; public class RestService { public static final String API_URL_PREFIX = "/api/ca"; diff --git a/src/main/java/net/ripe/rpki/rest/service/Roas.java b/src/main/java/net/ripe/rpki/rest/service/Roas.java index d083e4c..5bd2ba3 100644 --- a/src/main/java/net/ripe/rpki/rest/service/Roas.java +++ b/src/main/java/net/ripe/rpki/rest/service/Roas.java @@ -21,7 +21,7 @@ public static Optional validateUniqueROAs(String prefix, Map 1) { - var sorted = maxLengths.stream().sorted().collect(Collectors.toList()); + var sorted = maxLengths.stream().sorted().toList(); return Optional.of(String.format("%s: there are more than one pair (%s, %s), max lengths: %s", prefix, e.getKey().getOriginAsn(), e.getKey().getPrefix(), sorted)); } @@ -53,7 +53,7 @@ public static Optional validateRoaUpdate(Set new AnnouncedRoute(r.getAsn(), r.getPrefix()), r -> Collections.singletonList(r.getMaximumLength()), - (a, b) -> Streams.concat(a.stream(), b.stream()).collect(Collectors.toList()))); + (a, b) -> Streams.concat(a.stream(), b.stream()).toList())); return validateUniqueROAs("Error in future ROAs", futureMap); } diff --git a/src/main/java/net/ripe/rpki/rest/service/SystemSetupService.java b/src/main/java/net/ripe/rpki/rest/service/SystemSetupService.java index 8e23790..34f37dd 100644 --- a/src/main/java/net/ripe/rpki/rest/service/SystemSetupService.java +++ b/src/main/java/net/ripe/rpki/rest/service/SystemSetupService.java @@ -20,7 +20,7 @@ import javax.security.auth.x500.X500Principal; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; @AllArgsConstructor @Slf4j diff --git a/src/main/java/net/ripe/rpki/rest/service/SystemStatusService.java b/src/main/java/net/ripe/rpki/rest/service/SystemStatusService.java index 3ef8b7c..0f1c554 100644 --- a/src/main/java/net/ripe/rpki/rest/service/SystemStatusService.java +++ b/src/main/java/net/ripe/rpki/rest/service/SystemStatusService.java @@ -15,7 +15,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -import javax.ws.rs.core.MediaType; +import jakarta.ws.rs.core.MediaType; import java.util.HashMap; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/rest/service/UpstreamCaService.java b/src/main/java/net/ripe/rpki/rest/service/UpstreamCaService.java index 468b706..e17dfa3 100644 --- a/src/main/java/net/ripe/rpki/rest/service/UpstreamCaService.java +++ b/src/main/java/net/ripe/rpki/rest/service/UpstreamCaService.java @@ -24,13 +24,13 @@ import org.springframework.web.multipart.MultipartFile; import javax.security.auth.x500.X500Principal; -import javax.ws.rs.core.MediaType; +import jakarta.ws.rs.core.MediaType; import java.nio.charset.StandardCharsets; import java.util.Collections; import java.util.concurrent.CompletableFuture; import static com.google.common.collect.ImmutableMap.of; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR; @Slf4j diff --git a/src/main/java/net/ripe/rpki/rest/service/Utils.java b/src/main/java/net/ripe/rpki/rest/service/Utils.java index 6b72606..b3d0b89 100644 --- a/src/main/java/net/ripe/rpki/rest/service/Utils.java +++ b/src/main/java/net/ripe/rpki/rest/service/Utils.java @@ -44,7 +44,7 @@ static List makeBgpAnnouncementList(M announcement.getVisibility(), currentValidityState, isSuppressed, verifiedOrNot); })) - .collect(Collectors.toList()); + .toList(); } static Set getIgnoredAnnouncements(RoaAlertConfigurationViewService roaAlertConfigurationViewService, long caId) { @@ -121,7 +121,7 @@ static boolean maxLengthIsValid(IpRange prefix, int maxLength) { } public static List toStringList(ImmutableResourceSet resources) { - return resources.stream().map(Object::toString).collect(Collectors.toList()); + return resources.stream().map(Object::toString).toList(); } /** diff --git a/src/main/java/net/ripe/rpki/rest/service/monitoring/AspaService.java b/src/main/java/net/ripe/rpki/rest/service/monitoring/AspaService.java index 8add5fd..07b3466 100644 --- a/src/main/java/net/ripe/rpki/rest/service/monitoring/AspaService.java +++ b/src/main/java/net/ripe/rpki/rest/service/monitoring/AspaService.java @@ -33,8 +33,7 @@ public class AspaService { public ResponseEntity> listAspaConfigs() { final Collection aspaConfigurations = aspaConfigurationRepository.findAll(); final List aspas = aspaConfigurations.stream() - .map(AspaConfiguration::toData) - .collect(Collectors.toList()); + .map(AspaConfiguration::toData).toList(); return ResponseEntity.ok(ValidatedObjectsResponse.of(aspas, Collections.singletonMap("origin", "rpki-core"))); } diff --git a/src/main/java/net/ripe/rpki/rest/service/monitoring/RoaPrefixesService.java b/src/main/java/net/ripe/rpki/rest/service/monitoring/RoaPrefixesService.java index 65d318c..8ff32c0 100644 --- a/src/main/java/net/ripe/rpki/rest/service/monitoring/RoaPrefixesService.java +++ b/src/main/java/net/ripe/rpki/rest/service/monitoring/RoaPrefixesService.java @@ -50,11 +50,11 @@ public ResponseEntity> list } List roas = roaConfigurationRepository.findAll() - .stream() - .flatMap(rc -> rc.getPrefixes().stream()) - .map(RoaConfigurationPrefix::toData) - .sorted(RoaPrefixData.ROA_PREFIX_DATA_COMPARATOR) - .collect(Collectors.toList()); + .stream() + .flatMap(rc -> rc.getPrefixes().stream()) + .map(RoaConfigurationPrefix::toData) + .sorted(RoaPrefixData.ROA_PREFIX_DATA_COMPARATOR) + .toList(); return ResponseEntity.ok(ValidatedObjectsResponse.of(roas, Collections.singletonMap("origin", "rpki-core"))); } diff --git a/src/main/java/net/ripe/rpki/ripencc/cache/JpaResourceCacheImpl.java b/src/main/java/net/ripe/rpki/ripencc/cache/JpaResourceCacheImpl.java index 51c8a75..fd337a6 100644 --- a/src/main/java/net/ripe/rpki/ripencc/cache/JpaResourceCacheImpl.java +++ b/src/main/java/net/ripe/rpki/ripencc/cache/JpaResourceCacheImpl.java @@ -13,8 +13,8 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; -import javax.persistence.EntityManager; -import javax.persistence.PersistenceContext; +import jakarta.persistence.EntityManager; +import jakarta.persistence.PersistenceContext; import java.time.Instant; import java.time.format.DateTimeParseException; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/ripencc/cache/ResourceCacheLine.java b/src/main/java/net/ripe/rpki/ripencc/cache/ResourceCacheLine.java index 73983c1..b16bba6 100644 --- a/src/main/java/net/ripe/rpki/ripencc/cache/ResourceCacheLine.java +++ b/src/main/java/net/ripe/rpki/ripencc/cache/ResourceCacheLine.java @@ -4,9 +4,9 @@ import net.ripe.ipresource.ImmutableResourceSet; import net.ripe.rpki.server.api.support.objects.CaName; -import javax.persistence.Entity; -import javax.persistence.Id; -import javax.persistence.Table; +import jakarta.persistence.Entity; +import jakarta.persistence.Id; +import jakarta.persistence.Table; @Entity @Table(name = "resource_cache") diff --git a/src/main/java/net/ripe/rpki/ripencc/provisioning/CertificateIssuanceProcessor.java b/src/main/java/net/ripe/rpki/ripencc/provisioning/CertificateIssuanceProcessor.java index c5701d9..c6eef06 100644 --- a/src/main/java/net/ripe/rpki/ripencc/provisioning/CertificateIssuanceProcessor.java +++ b/src/main/java/net/ripe/rpki/ripencc/provisioning/CertificateIssuanceProcessor.java @@ -28,8 +28,8 @@ import org.joda.time.DateTime; import org.springframework.stereotype.Component; -import javax.inject.Inject; -import javax.validation.constraints.Null; +import jakarta.inject.Inject; + import java.math.BigInteger; import java.net.URI; import java.security.PublicKey; @@ -232,8 +232,7 @@ private RpkiCaCertificateRequestParser parseCertificateRequest(CertificateIssuan try { PKCS10CertificationRequest pkc10Request = requestElement.getCertificateRequest(); return new RpkiCaCertificateRequestParser(pkc10Request); - // TODO: NPE can be removed after rpki-commons 1.38/2.0.0 is removed. - } catch (NullPointerException | RpkiCaCertificateRequestParserException e) { + } catch (RpkiCaCertificateRequestParserException e) { log.error("Failed to parse certificate request", e); throw new NotPerformedException(NotPerformedError.REQ_BADLY_FORMED_CERTIFICATE_REQUEST); } diff --git a/src/main/java/net/ripe/rpki/ripencc/provisioning/ListResourceClassProcessor.java b/src/main/java/net/ripe/rpki/ripencc/provisioning/ListResourceClassProcessor.java index 0aa0be5..cd8cfdd 100644 --- a/src/main/java/net/ripe/rpki/ripencc/provisioning/ListResourceClassProcessor.java +++ b/src/main/java/net/ripe/rpki/ripencc/provisioning/ListResourceClassProcessor.java @@ -55,13 +55,12 @@ public ResourceClassListResponsePayload process(NonHostedCertificateAuthorityDat .buildResourceClassListResponseClassElement(); final List certificateElements = nonHostedCertificateAuthority.getPublicKeys().stream() - .filter(publicKeyData -> publicKeyData.getCurrentCertificate() != null) - .map(publicKeyData -> createClassElement( - publicKeyData.getCurrentCertificate().getCertificate(), - publicKeyData.getRequestedResourceSets(), - publicKeyData.getCurrentCertificate().getPublicationUri() - )) - .collect(Collectors.toList()); + .filter(publicKeyData -> publicKeyData.getCurrentCertificate() != null) + .map(publicKeyData -> createClassElement( + publicKeyData.getCurrentCertificate().getCertificate(), + publicKeyData.getRequestedResourceSets(), + publicKeyData.getCurrentCertificate().getPublicationUri() + )).toList(); classElement.setCertificateElements(certificateElements); responsePayloadBuilder.addClassElement(classElement); diff --git a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningAuditLogServiceBean.java b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningAuditLogServiceBean.java index 2d78fcd..2033719 100644 --- a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningAuditLogServiceBean.java +++ b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningAuditLogServiceBean.java @@ -1,5 +1,6 @@ package net.ripe.rpki.ripencc.provisioning; +import com.google.common.xml.XmlEscapers; import lombok.AccessLevel; import lombok.AllArgsConstructor; import lombok.Getter; @@ -8,8 +9,6 @@ import net.ripe.rpki.commons.provisioning.payload.PayloadMessageType; import net.ripe.rpki.domain.ProvisioningAuditLogEntity; import net.ripe.rpki.server.api.dto.ProvisioningAuditData; -import org.apache.tomcat.util.codec.binary.Base64; -import org.apache.commons.text.StringEscapeUtils; import org.joda.time.DateTime; import org.joda.time.DateTimeZone; import org.joda.time.format.DateTimeFormat; @@ -19,13 +18,13 @@ import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; -import javax.persistence.EntityManager; -import javax.persistence.PersistenceContext; -import javax.persistence.TypedQuery; +import jakarta.persistence.EntityManager; +import jakarta.persistence.PersistenceContext; +import jakarta.persistence.TypedQuery; +import java.util.Base64; import java.util.List; import java.util.Objects; import java.util.UUID; -import java.util.stream.Collectors; import static net.logstash.logback.argument.StructuredArguments.kv; @@ -72,8 +71,7 @@ public List findRecentMessagesForCA(UUID caUUID) { query.setMaxResults(CommandAuditServiceBean.MAX_HISTORY_ENTRIES_RETURNED); List messages = query.getResultList(); return messages.stream() - .map(ProvisioningAuditLogEntity::toData) - .collect(Collectors.toList()); + .map(ProvisioningAuditLogEntity::toData).toList(); } @Getter @@ -93,15 +91,15 @@ public static LogEntry make(ProvisioningAuditLogEntity entry, byte[] request) { final DateTime utcDate = new DateTime(entry.getExecutionTime().getTime(), DateTimeZone.UTC); return new LogEntry( entry.getRequestMessageType().toString(), - Base64.encodeBase64String(entry.getProvisioningCmsObject()), + Base64.getEncoder().encodeToString(entry.getProvisioningCmsObject()), entry.getPrincipal(), Objects.toString(entry.getNonHostedCaUUID(), null), // Escape all non-printable characters to avoid problems with user input in our logs - StringEscapeUtils.escapeJava(entry.getSummary()), + XmlEscapers.xmlAttributeEscaper().escape(entry.getSummary()), Objects.toString(entry.getEntryUuid(), null), dateFormat.print(utcDate), // since request is a DER binary, encode it as base64 as well - Base64.encodeBase64String(request)); + Base64.getEncoder().encodeToString(request)); } } } diff --git a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsResponseGenerator.java b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsResponseGenerator.java index a57f459..8e2261f 100644 --- a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsResponseGenerator.java +++ b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsResponseGenerator.java @@ -1,6 +1,5 @@ package net.ripe.rpki.ripencc.provisioning; -import net.ripe.rpki.commons.crypto.util.KeyPairFactory; import net.ripe.rpki.commons.provisioning.cms.ProvisioningCmsObject; import net.ripe.rpki.commons.provisioning.payload.AbstractProvisioningResponsePayload; import net.ripe.rpki.domain.CertificateAuthorityRepository; @@ -9,8 +8,7 @@ import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; -import javax.inject.Named; -import javax.persistence.LockModeType; +import jakarta.persistence.LockModeType; import java.util.UUID; /** diff --git a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsSigningTimeStore.java b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsSigningTimeStore.java index e84418c..34d9a87 100644 --- a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsSigningTimeStore.java +++ b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsSigningTimeStore.java @@ -1,14 +1,13 @@ package net.ripe.rpki.ripencc.provisioning; -import net.ripe.rpki.ripencc.support.persistence.DateTimePersistenceConverter; import net.ripe.rpki.server.api.dto.NonHostedCertificateAuthorityData; import org.joda.time.DateTime; import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; -import javax.persistence.EntityManager; -import javax.persistence.NoResultException; -import java.sql.Timestamp; +import jakarta.persistence.EntityManager; +import jakarta.persistence.NoResultException; +import java.time.Instant; import java.util.Optional; /** @@ -18,21 +17,20 @@ @Component @Transactional class ProvisioningCmsSigningTimeStore { - private static final DateTimePersistenceConverter DATE_TIME_PERSISTENCE_CONVERTER = new DateTimePersistenceConverter(); private final EntityManager entityManager; public ProvisioningCmsSigningTimeStore(EntityManager entityManager) { this.entityManager = entityManager; } - public Optional getLastSeenProvisioningCmsSignedAt(NonHostedCertificateAuthorityData nonHostedCertificateAuthority) { + public Optional getLastSeenProvisioningCmsSignedAt(NonHostedCertificateAuthorityData nonHostedCertificateAuthority) { try { Object result = entityManager.createNativeQuery( "SELECT last_seen_signed_at FROM provisioning_request_signing_time WHERE ca_id = :caId" ) .setParameter("caId", nonHostedCertificateAuthority.getId()) .getSingleResult(); - return Optional.of(DATE_TIME_PERSISTENCE_CONVERTER.convertToEntityAttribute((Timestamp) result)); + return Optional.of((Instant) result); } catch (NoResultException notFound) { return Optional.empty(); } @@ -43,7 +41,7 @@ public Optional getLastSeenProvisioningCmsSignedAt(NonHostedCertificat * @return true if the signing time was updated, false if the provided signing time is earlier than the currently * stored signing time. */ - public boolean updateLastSeenProvisioningCmsSeenAt(NonHostedCertificateAuthorityData nonHostedCertificateAuthority, DateTime cmsSigningTime) { + public boolean updateLastSeenProvisioningCmsSeenAt(NonHostedCertificateAuthorityData nonHostedCertificateAuthority, Instant cmsSigningTime) { int count = entityManager.createNativeQuery( "INSERT INTO provisioning_request_signing_time AS t (ca_id, last_seen_signed_at) " + " VALUES (:caId, :cmsSigningTime) " + @@ -51,8 +49,15 @@ public boolean updateLastSeenProvisioningCmsSeenAt(NonHostedCertificateAuthority " WHERE t.last_seen_signed_at < EXCLUDED.last_seen_signed_at" ) .setParameter("caId", nonHostedCertificateAuthority.getId()) - .setParameter("cmsSigningTime", DATE_TIME_PERSISTENCE_CONVERTER.convertToDatabaseColumn(cmsSigningTime)) + .setParameter("cmsSigningTime", cmsSigningTime) .executeUpdate(); return count > 0; } + + /** + * Wrap for joda-time DateTime + */ + public boolean updateLastSeenProvisioningCmsSeenAt(NonHostedCertificateAuthorityData nonHostedCertificateAuthority, DateTime cmsSigningJodaTime) { + return updateLastSeenProvisioningCmsSeenAt(nonHostedCertificateAuthority, Instant.ofEpochMilli(cmsSigningJodaTime.getMillis())); + } } diff --git a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsValidationStrategyImpl.java b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsValidationStrategyImpl.java index 94b55c8..237baf7 100644 --- a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsValidationStrategyImpl.java +++ b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsValidationStrategyImpl.java @@ -10,6 +10,7 @@ import org.joda.time.DateTime; import org.springframework.stereotype.Component; +import java.time.Instant; import java.util.Optional; import static net.ripe.rpki.commons.validation.ValidationString.SIGNING_TIME_GREATER_OR_EQUAL; diff --git a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningRequestProcessorBean.java b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningRequestProcessorBean.java index f2d9a3e..b695d2e 100644 --- a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningRequestProcessorBean.java +++ b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningRequestProcessorBean.java @@ -24,9 +24,10 @@ import org.springframework.dao.TransientDataAccessException; import org.springframework.stereotype.Component; -import javax.persistence.LockTimeoutException; -import javax.persistence.OptimisticLockException; -import javax.persistence.PessimisticLockException; +import jakarta.persistence.LockTimeoutException; +import jakarta.persistence.OptimisticLockException; +import jakarta.persistence.PessimisticLockException; + import java.util.Optional; import java.util.UUID; @@ -170,8 +171,9 @@ private NonHostedCertificateAuthorityData getNonHostedCertificateAuthorityWithPr if (ca instanceof NonHostedCertificateAuthorityData) { NonHostedCertificateAuthorityData result = (NonHostedCertificateAuthorityData) ca; - Optional lastSigningTimeForCA = provisioningCmsSigningTimeStore.getLastSeenProvisioningCmsSignedAt(result); - provisioningValidator.validateProvisioningCmsAndIdentityCertificate(unvalidatedProvisioningObject, lastSigningTimeForCA, result.getProvisioningIdentityCertificate()); + Optional lastSigningJodaTimeForCA = provisioningCmsSigningTimeStore.getLastSeenProvisioningCmsSignedAt(result) + .map(st -> new org.joda.time.Instant(st.toEpochMilli()).toDateTime()); + provisioningValidator.validateProvisioningCmsAndIdentityCertificate(unvalidatedProvisioningObject, lastSigningJodaTimeForCA, result.getProvisioningIdentityCertificate()); return result; } diff --git a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningServlet.java b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningServlet.java index 76f476c..71c1cc2 100644 --- a/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningServlet.java +++ b/src/main/java/net/ripe/rpki/ripencc/provisioning/ProvisioningServlet.java @@ -4,10 +4,10 @@ import net.ripe.rpki.rest.exception.RequestEntityTooLargeException; import org.apache.commons.io.IOUtils; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.ServletOutputStream; +import jakarta.servlet.http.HttpServlet; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; @Slf4j diff --git a/src/main/java/net/ripe/rpki/ripencc/services/impl/IanaRegistryXmlParserImpl.java b/src/main/java/net/ripe/rpki/ripencc/services/impl/IanaRegistryXmlParserImpl.java index b089e24..ff106d4 100644 --- a/src/main/java/net/ripe/rpki/ripencc/services/impl/IanaRegistryXmlParserImpl.java +++ b/src/main/java/net/ripe/rpki/ripencc/services/impl/IanaRegistryXmlParserImpl.java @@ -10,7 +10,7 @@ import org.w3c.dom.Document; import org.w3c.dom.NodeList; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.xml.xpath.XPathConstants; import javax.xml.xpath.XPathExpression; import javax.xml.xpath.XPathExpressionException; diff --git a/src/main/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBean.java b/src/main/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBean.java index e1503ef..e47313f 100644 --- a/src/main/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBean.java +++ b/src/main/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBean.java @@ -20,14 +20,14 @@ import org.springframework.http.HttpStatus; import org.springframework.stereotype.Service; -import javax.inject.Inject; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; -import javax.ws.rs.client.Entity; -import javax.ws.rs.client.Invocation; -import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; +import jakarta.inject.Inject; +import jakarta.ws.rs.client.Client; +import jakarta.ws.rs.client.ClientBuilder; +import jakarta.ws.rs.client.Entity; +import jakarta.ws.rs.client.Invocation; +import jakarta.ws.rs.core.HttpHeaders; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; import java.net.URI; import java.util.*; import java.util.stream.Collectors; diff --git a/src/main/java/net/ripe/rpki/ripencc/services/impl/RestAuthServiceClient.java b/src/main/java/net/ripe/rpki/ripencc/services/impl/RestAuthServiceClient.java index 1378c39..6575059 100644 --- a/src/main/java/net/ripe/rpki/ripencc/services/impl/RestAuthServiceClient.java +++ b/src/main/java/net/ripe/rpki/ripencc/services/impl/RestAuthServiceClient.java @@ -10,16 +10,16 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; -import javax.inject.Inject; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; +import jakarta.inject.Inject; +import jakarta.ws.rs.client.Client; +import jakarta.ws.rs.client.ClientBuilder; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; import java.util.Optional; import java.util.UUID; import java.util.concurrent.atomic.AtomicBoolean; -import static javax.ws.rs.core.Response.Status.Family.SUCCESSFUL; +import static jakarta.ws.rs.core.Response.Status.Family.SUCCESSFUL; import static net.ripe.rpki.rest.security.ApiKeySecurity.API_KEY_HEADER; @Component diff --git a/src/main/java/net/ripe/rpki/ripencc/services/impl/RestCustomerServiceClient.java b/src/main/java/net/ripe/rpki/ripencc/services/impl/RestCustomerServiceClient.java index d663cc4..905ec08 100644 --- a/src/main/java/net/ripe/rpki/ripencc/services/impl/RestCustomerServiceClient.java +++ b/src/main/java/net/ripe/rpki/ripencc/services/impl/RestCustomerServiceClient.java @@ -7,12 +7,12 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; -import javax.inject.Inject; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; -import javax.ws.rs.client.Invocation; -import javax.ws.rs.client.WebTarget; -import javax.ws.rs.core.Response; +import jakarta.inject.Inject; +import jakarta.ws.rs.client.Client; +import jakarta.ws.rs.client.ClientBuilder; +import jakarta.ws.rs.client.Invocation; +import jakarta.ws.rs.client.WebTarget; +import jakarta.ws.rs.core.Response; import java.util.Arrays; import java.util.Collections; import java.util.List; diff --git a/src/main/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClient.java b/src/main/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClient.java index 9e6b75c..590f162 100644 --- a/src/main/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClient.java +++ b/src/main/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClient.java @@ -11,11 +11,11 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.stereotype.Component; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; -import javax.ws.rs.client.WebTarget; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; +import jakarta.ws.rs.client.Client; +import jakarta.ws.rs.client.ClientBuilder; +import jakarta.ws.rs.client.WebTarget; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; @Slf4j @Component diff --git a/src/main/java/net/ripe/rpki/ripencc/services/impl/RipeNccInternalNamePresenter.java b/src/main/java/net/ripe/rpki/ripencc/services/impl/RipeNccInternalNamePresenter.java index ffc435b..7b427d7 100644 --- a/src/main/java/net/ripe/rpki/ripencc/services/impl/RipeNccInternalNamePresenter.java +++ b/src/main/java/net/ripe/rpki/ripencc/services/impl/RipeNccInternalNamePresenter.java @@ -11,7 +11,7 @@ import org.joda.time.Instant; import org.springframework.stereotype.Component; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; import java.util.List; import java.util.Optional; diff --git a/src/main/java/net/ripe/rpki/ripencc/services/impl/RipeNccResourceLookupService.java b/src/main/java/net/ripe/rpki/ripencc/services/impl/RipeNccResourceLookupService.java index 7e15310..76026a6 100644 --- a/src/main/java/net/ripe/rpki/ripencc/services/impl/RipeNccResourceLookupService.java +++ b/src/main/java/net/ripe/rpki/ripencc/services/impl/RipeNccResourceLookupService.java @@ -10,7 +10,7 @@ import org.springframework.context.annotation.Lazy; import org.springframework.stereotype.Component; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; import java.util.Optional; diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/ASN1ObjectIdentifierPersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/ASN1ObjectIdentifierPersistenceConverter.java index 23bfd3e..cb7c386 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/ASN1ObjectIdentifierPersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/ASN1ObjectIdentifierPersistenceConverter.java @@ -2,8 +2,8 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; @Converter(autoApply = true) public class ASN1ObjectIdentifierPersistenceConverter implements AttributeConverter { diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/AsnPersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/AsnPersistenceConverter.java index a930acb..cd84407 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/AsnPersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/AsnPersistenceConverter.java @@ -2,8 +2,8 @@ import net.ripe.ipresource.Asn; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; import java.math.BigInteger; @Converter(autoApply = true) diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/DateTimePersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/DateTimePersistenceConverter.java index d0a0f51..835a204 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/DateTimePersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/DateTimePersistenceConverter.java @@ -3,8 +3,8 @@ import org.joda.time.DateTime; import org.joda.time.DateTimeZone; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; import java.sql.Timestamp; @Converter(autoApply = true) diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/ImmutableResourceSetPersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/ImmutableResourceSetPersistenceConverter.java index 4d92b8c..1c55a6d 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/ImmutableResourceSetPersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/ImmutableResourceSetPersistenceConverter.java @@ -2,8 +2,8 @@ import net.ripe.ipresource.ImmutableResourceSet; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; @Converter(autoApply = true) public class ImmutableResourceSetPersistenceConverter implements AttributeConverter { diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/InMemoryRepository.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/InMemoryRepository.java index e4d9c80..06b923b 100755 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/InMemoryRepository.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/InMemoryRepository.java @@ -3,13 +3,12 @@ import net.ripe.rpki.ncc.core.domain.support.Entity; import org.apache.commons.lang.Validate; -import javax.persistence.EntityNotFoundException; -import javax.persistence.LockModeType; +import jakarta.persistence.EntityNotFoundException; +import jakarta.persistence.LockModeType; import java.util.Collection; import java.util.HashSet; import java.util.Objects; import java.util.Set; -import java.util.stream.Collectors; public abstract class InMemoryRepository implements Repository { @@ -48,7 +47,7 @@ public U find(Class type, Object id) { @Override public Collection findByIds(Collection ids, LockModeType lockModeType) { - return ids.stream().map(this::find).filter(Objects::nonNull).collect(Collectors.toList()); + return ids.stream().map(this::find).filter(Objects::nonNull).toList(); } public T get(Object id) throws EntityNotFoundException { diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/InstantPersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/InstantPersistenceConverter.java index 27016f8..926d129 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/InstantPersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/InstantPersistenceConverter.java @@ -2,8 +2,8 @@ import org.joda.time.Instant; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; import java.sql.Timestamp; @Converter(autoApply = true) diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/IpResourceSetPersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/IpResourceSetPersistenceConverter.java index 3963991..5e5b0b8 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/IpResourceSetPersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/IpResourceSetPersistenceConverter.java @@ -2,8 +2,8 @@ import net.ripe.ipresource.IpResourceSet; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; @Converter(autoApply = true) public class IpResourceSetPersistenceConverter implements AttributeConverter { diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/JpaRepository.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/JpaRepository.java index e202934..2601c7f 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/JpaRepository.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/JpaRepository.java @@ -2,17 +2,17 @@ import net.ripe.rpki.ncc.core.domain.support.Entity; -import javax.persistence.EntityManager; -import javax.persistence.EntityNotFoundException; -import javax.persistence.LockModeType; -import javax.persistence.NoResultException; -import javax.persistence.PersistenceContext; -import javax.persistence.Query; -import javax.persistence.TypedQuery; -import javax.validation.ConstraintViolation; -import javax.validation.Validation; -import javax.validation.Validator; -import javax.validation.ValidatorFactory; +import jakarta.persistence.EntityManager; +import jakarta.persistence.EntityNotFoundException; +import jakarta.persistence.LockModeType; +import jakarta.persistence.NoResultException; +import jakarta.persistence.PersistenceContext; +import jakarta.persistence.Query; +import jakarta.persistence.TypedQuery; +import jakarta.validation.ConstraintViolation; +import jakarta.validation.Validation; +import jakarta.validation.Validator; +import jakarta.validation.ValidatorFactory; import java.util.Collection; import java.util.Set; diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/PublisherRequestPersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/PublisherRequestPersistenceConverter.java index d393c31..ef96e98 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/PublisherRequestPersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/PublisherRequestPersistenceConverter.java @@ -3,8 +3,8 @@ import net.ripe.rpki.commons.provisioning.identity.PublisherRequest; import net.ripe.rpki.commons.provisioning.identity.PublisherRequestSerializer; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; @Converter(autoApply = true) public class PublisherRequestPersistenceConverter implements AttributeConverter { diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/Repository.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/Repository.java index f9679e6..cda9ff5 100755 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/Repository.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/Repository.java @@ -2,8 +2,8 @@ import net.ripe.rpki.ncc.core.domain.support.Entity; -import javax.persistence.EntityNotFoundException; -import javax.persistence.LockModeType; +import jakarta.persistence.EntityNotFoundException; +import jakarta.persistence.LockModeType; import java.util.Collection; public interface Repository { diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/RepositoryResponsePersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/RepositoryResponsePersistenceConverter.java index a3be2e2..aea1ac5 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/RepositoryResponsePersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/RepositoryResponsePersistenceConverter.java @@ -3,8 +3,8 @@ import net.ripe.rpki.commons.provisioning.identity.RepositoryResponse; import net.ripe.rpki.commons.provisioning.identity.RepositoryResponseSerializer; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; @Converter(autoApply = true) public class RepositoryResponsePersistenceConverter implements AttributeConverter { diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/UriPersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/UriPersistenceConverter.java index 3971f7b..e1c9a35 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/UriPersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/UriPersistenceConverter.java @@ -1,7 +1,7 @@ package net.ripe.rpki.ripencc.support.persistence; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; import java.net.URI; @Converter(autoApply = true) diff --git a/src/main/java/net/ripe/rpki/ripencc/support/persistence/X500PrincipalPersistenceConverter.java b/src/main/java/net/ripe/rpki/ripencc/support/persistence/X500PrincipalPersistenceConverter.java index 9b9245c..e32581c 100644 --- a/src/main/java/net/ripe/rpki/ripencc/support/persistence/X500PrincipalPersistenceConverter.java +++ b/src/main/java/net/ripe/rpki/ripencc/support/persistence/X500PrincipalPersistenceConverter.java @@ -1,7 +1,7 @@ package net.ripe.rpki.ripencc.support.persistence; -import javax.persistence.AttributeConverter; -import javax.persistence.Converter; +import jakarta.persistence.AttributeConverter; +import jakarta.persistence.Converter; import javax.security.auth.x500.X500Principal; @Converter(autoApply = true) diff --git a/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthChecks.java b/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthChecks.java index b1c6754..fae4b55 100644 --- a/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthChecks.java +++ b/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthChecks.java @@ -2,7 +2,7 @@ import org.springframework.stereotype.Component; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.List; @Component diff --git a/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthService.java b/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthService.java index 5b7a2e1..97bba81 100644 --- a/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthService.java +++ b/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthService.java @@ -12,7 +12,7 @@ import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.List; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; diff --git a/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/checks/CryptoChecker.java b/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/checks/CryptoChecker.java index f864470..1920471 100644 --- a/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/checks/CryptoChecker.java +++ b/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/checks/CryptoChecker.java @@ -21,7 +21,7 @@ import org.springframework.stereotype.Component; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.math.BigInteger; import java.net.URI; import java.net.URISyntaxException; diff --git a/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/checks/KrillNonHostedPublisherRepositoryHealthCheck.java b/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/checks/KrillNonHostedPublisherRepositoryHealthCheck.java index c5c24b7..bb3844a 100644 --- a/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/checks/KrillNonHostedPublisherRepositoryHealthCheck.java +++ b/src/main/java/net/ripe/rpki/ripencc/ui/daemon/health/checks/KrillNonHostedPublisherRepositoryHealthCheck.java @@ -5,7 +5,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.stereotype.Component; -import javax.inject.Inject; +import jakarta.inject.Inject; @Component @ConditionalOnBean(KrillNonHostedPublisherRepositoryBean.class) diff --git a/src/main/java/net/ripe/rpki/server/api/dto/AspaConfigurationData.java b/src/main/java/net/ripe/rpki/server/api/dto/AspaConfigurationData.java index 2d014f7..262c87e 100644 --- a/src/main/java/net/ripe/rpki/server/api/dto/AspaConfigurationData.java +++ b/src/main/java/net/ripe/rpki/server/api/dto/AspaConfigurationData.java @@ -6,7 +6,6 @@ import net.ripe.ipresource.Asn; import net.ripe.rpki.util.Streams; -import javax.validation.constraints.NotEmpty; import java.nio.charset.StandardCharsets; import java.util.List; import java.util.SortedMap; diff --git a/src/main/java/net/ripe/rpki/server/api/dto/RoaEntityData.java b/src/main/java/net/ripe/rpki/server/api/dto/RoaEntityData.java index da5c889..ff13632 100644 --- a/src/main/java/net/ripe/rpki/server/api/dto/RoaEntityData.java +++ b/src/main/java/net/ripe/rpki/server/api/dto/RoaEntityData.java @@ -3,7 +3,7 @@ import net.ripe.rpki.commons.crypto.cms.roa.RoaCms; import net.ripe.rpki.server.api.support.objects.ValueObjectSupport; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; /** * DTO object for actual ROA objects (as opposed to specification objects) diff --git a/src/main/java/net/ripe/rpki/services/impl/ActiveNodeServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/ActiveNodeServiceBean.java index bb1d2ef..ff9e80b 100644 --- a/src/main/java/net/ripe/rpki/services/impl/ActiveNodeServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/ActiveNodeServiceBean.java @@ -9,7 +9,7 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -import javax.inject.Inject; +import jakarta.inject.Inject; @Service diff --git a/src/main/java/net/ripe/rpki/services/impl/AspaServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/AspaServiceBean.java index 23c1325..e1a6a95 100644 --- a/src/main/java/net/ripe/rpki/services/impl/AspaServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/AspaServiceBean.java @@ -34,7 +34,6 @@ public List findAspaConfiguration(long caId) { return Collections.emptyList(); } return aspaConfigurationRepository.findByCertificateAuthority(ca).values().stream() - .map(AspaConfiguration::toData) - .collect(Collectors.toList()); + .map(AspaConfiguration::toData).toList(); } } diff --git a/src/main/java/net/ripe/rpki/services/impl/ProvisioningIdentityViewServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/ProvisioningIdentityViewServiceBean.java index 98c0fc8..7daff96 100644 --- a/src/main/java/net/ripe/rpki/services/impl/ProvisioningIdentityViewServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/ProvisioningIdentityViewServiceBean.java @@ -15,7 +15,7 @@ import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.support.TransactionOperations; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; import java.net.URI; diff --git a/src/main/java/net/ripe/rpki/services/impl/RoaAlertConfigurationViewServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/RoaAlertConfigurationViewServiceBean.java index c1ef749..b06339e 100644 --- a/src/main/java/net/ripe/rpki/services/impl/RoaAlertConfigurationViewServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/RoaAlertConfigurationViewServiceBean.java @@ -8,9 +8,8 @@ import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.List; -import java.util.stream.Collectors; @Component @Transactional @@ -31,11 +30,11 @@ public RoaAlertConfigurationData findRoaAlertSubscription(long caId) { @Override public List findAll() { - return repository.findAll().stream().map(RoaAlertConfiguration::toData).collect(Collectors.toList()); + return repository.findAll().stream().map(RoaAlertConfiguration::toData).toList(); } @Override public List findByFrequency(RoaAlertFrequency frequency) { - return repository.findByFrequency(frequency).stream().map(RoaAlertConfiguration::toData).collect(Collectors.toList()); + return repository.findByFrequency(frequency).stream().map(RoaAlertConfiguration::toData).toList(); } } diff --git a/src/main/java/net/ripe/rpki/services/impl/RoaServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/RoaServiceBean.java index 3309dce..fc080e9 100644 --- a/src/main/java/net/ripe/rpki/services/impl/RoaServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/RoaServiceBean.java @@ -12,20 +12,19 @@ import org.springframework.stereotype.Component; import org.springframework.transaction.annotation.Transactional; -import javax.persistence.NoResultException; +import jakarta.persistence.NoResultException; import java.util.Collection; import java.util.List; -import java.util.stream.Collectors; @Component @Transactional(readOnly = true) public class RoaServiceBean implements RoaViewService { - private CertificateAuthorityRepository caRepository; + private final CertificateAuthorityRepository caRepository; - private RoaConfigurationRepository roaConfigurationRepository; + private final RoaConfigurationRepository roaConfigurationRepository; - private RoaEntityRepository roaEntityRepository; + private final RoaEntityRepository roaEntityRepository; public RoaServiceBean(CertificateAuthorityRepository caRepository, RoaConfigurationRepository roaConfigurationRepository, @@ -42,7 +41,7 @@ private Collection findAllRoas(ManagedCertificateAuthority ca) { @Override public List findAllRoasForCa(Long caId) { ManagedCertificateAuthority ca = caRepository.findManagedCa(caId); - return findAllRoas(ca).stream().map(this::convertToRoaEntityData).collect(Collectors.toList()); + return findAllRoas(ca).stream().map(this::convertToRoaEntityData).toList(); } @Override diff --git a/src/main/java/net/ripe/rpki/services/impl/background/AllCaCertificateUpdateServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/background/AllCaCertificateUpdateServiceBean.java index 1e900fd..fc2a958 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/AllCaCertificateUpdateServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/AllCaCertificateUpdateServiceBean.java @@ -14,7 +14,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; -import javax.persistence.EntityNotFoundException; +import jakarta.persistence.EntityNotFoundException; import javax.security.auth.x500.X500Principal; import java.util.Collection; import java.util.Collections; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/BackgroundServices.java b/src/main/java/net/ripe/rpki/services/impl/background/BackgroundServices.java index 7c28054..4b40057 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/BackgroundServices.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/BackgroundServices.java @@ -1,5 +1,6 @@ package net.ripe.rpki.services.impl.background; +import jakarta.annotation.PostConstruct; import lombok.extern.slf4j.Slf4j; import net.ripe.rpki.server.api.services.background.BackgroundService; import org.quartz.JobDataMap; @@ -18,8 +19,7 @@ import org.springframework.core.env.Profiles; import org.springframework.stereotype.Component; -import javax.annotation.PostConstruct; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Collections; import java.util.Date; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/CaCleanUpServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/background/CaCleanUpServiceBean.java index 129035b..fce3280 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/CaCleanUpServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/CaCleanUpServiceBean.java @@ -12,7 +12,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Collection; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/CertificateExpirationServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/background/CertificateExpirationServiceBean.java index 6cdfb25..c26f85c 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/CertificateExpirationServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/CertificateExpirationServiceBean.java @@ -9,7 +9,7 @@ import org.joda.time.DateTime; import org.springframework.stereotype.Service; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Map; @Slf4j diff --git a/src/main/java/net/ripe/rpki/services/impl/background/KeyPairActivationManagementServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/background/KeyPairActivationManagementServiceBean.java index c8cbbe2..d87668a 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/KeyPairActivationManagementServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/KeyPairActivationManagementServiceBean.java @@ -63,12 +63,11 @@ protected void runService(Map parameters) { log.info("checking {} certificate authorities with pending keys for activation", casWithPendingKeys.size()); List casWithActivatedKeys = casWithPendingKeys.parallelStream() - .filter(ca -> { - CommandStatus status = - commandService.execute(KeyManagementActivatePendingKeysCommand.plannedActivationCommand(ca.getVersionedId(), configuration.getStagingPeriod())); - return status.isHasEffect(); - }) - .collect(Collectors.toList()); + .filter(ca -> { + CommandStatus status = + commandService.execute(KeyManagementActivatePendingKeysCommand.plannedActivationCommand(ca.getVersionedId(), configuration.getStagingPeriod())); + return status.isHasEffect(); + }).toList(); log.info("activated keys for {} certificate authorities", casWithActivatedKeys.size()); casWithActivatedKeys.forEach(parentCA -> { diff --git a/src/main/java/net/ripe/rpki/services/impl/background/KeyPairRevocationManagementServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/background/KeyPairRevocationManagementServiceBean.java index 5106eaf..f074d79 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/KeyPairRevocationManagementServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/KeyPairRevocationManagementServiceBean.java @@ -7,7 +7,7 @@ import net.ripe.rpki.server.api.services.read.CertificateAuthorityViewService; import org.springframework.stereotype.Service; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/PublicRepositoryPublicationServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/background/PublicRepositoryPublicationServiceBean.java index 967f99b..e666b34 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/PublicRepositoryPublicationServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/PublicRepositoryPublicationServiceBean.java @@ -14,8 +14,8 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.support.TransactionTemplate; -import javax.inject.Inject; -import javax.persistence.EntityNotFoundException; +import jakarta.inject.Inject; +import jakarta.persistence.EntityNotFoundException; import java.util.*; import java.util.stream.Collectors; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/PublishedObjectCleanUpServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/background/PublishedObjectCleanUpServiceBean.java index 5b846a1..6eacced 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/PublishedObjectCleanUpServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/PublishedObjectCleanUpServiceBean.java @@ -14,7 +14,7 @@ import org.springframework.transaction.PlatformTransactionManager; import org.springframework.transaction.support.TransactionTemplate; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/PublisherSyncDelegateImpl.java b/src/main/java/net/ripe/rpki/services/impl/background/PublisherSyncDelegateImpl.java index 64ef8d8..0c29241 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/PublisherSyncDelegateImpl.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/PublisherSyncDelegateImpl.java @@ -11,7 +11,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.stereotype.Service; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Map; import java.util.Set; import java.util.UUID; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/PublisherSyncService.java b/src/main/java/net/ripe/rpki/services/impl/background/PublisherSyncService.java index f8b0120..473e72d 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/PublisherSyncService.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/PublisherSyncService.java @@ -5,7 +5,7 @@ import net.ripe.rpki.core.services.background.ConcurrentBackgroundServiceWithAdminPrivilegesOnActiveNode; import org.springframework.stereotype.Service; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/ReinitServiceBean.java b/src/main/java/net/ripe/rpki/services/impl/background/ReinitServiceBean.java index bb81999..f174b3b 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/ReinitServiceBean.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/ReinitServiceBean.java @@ -15,7 +15,7 @@ import org.springframework.context.annotation.Profile; import org.springframework.stereotype.Service; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; import java.util.Map; diff --git a/src/main/java/net/ripe/rpki/services/impl/background/ResourceCacheService.java b/src/main/java/net/ripe/rpki/services/impl/background/ResourceCacheService.java index f828447..d1a8384 100644 --- a/src/main/java/net/ripe/rpki/services/impl/background/ResourceCacheService.java +++ b/src/main/java/net/ripe/rpki/services/impl/background/ResourceCacheService.java @@ -136,7 +136,7 @@ public boolean updateFullResourceCache(Optional forceUpdateCode) { final Update membersUpdate = memberResourcesUpdate(allResources.getAllMembersResources()); final List updates = List.of(productionUpdate, membersUpdate); - final List rejected = updates.stream().filter(Update::isRejected).collect(Collectors.toList()); + final List rejected = updates.stream().filter(Update::isRejected).toList(); String expectedForceUpdateVerificationCode = resourceStats.get().expectedForceUpdateVerificationCode(); boolean forceUpdate = forceUpdateCode.stream().anyMatch(code -> Objects.equals(code, expectedForceUpdateVerificationCode)); diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/AbstractCertificateAuthorityCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/AbstractCertificateAuthorityCommandHandler.java index 52643a5..4766f84 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/AbstractCertificateAuthorityCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/AbstractCertificateAuthorityCommandHandler.java @@ -7,7 +7,7 @@ import net.ripe.rpki.server.api.commands.CertificateAuthorityCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; -import javax.persistence.EntityNotFoundException; +import jakarta.persistence.EntityNotFoundException; import java.util.Objects; public abstract class AbstractCertificateAuthorityCommandHandler implements CertificateAuthorityCommandHandler { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/ActivateHostedCertificateAuthorityCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/ActivateHostedCertificateAuthorityCommandHandler.java index d9d408c..bb67da0 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/ActivateHostedCertificateAuthorityCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/ActivateHostedCertificateAuthorityCommandHandler.java @@ -8,7 +8,7 @@ import net.ripe.rpki.server.api.commands.ActivateHostedCertificateAuthorityCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler public class ActivateHostedCertificateAuthorityCommandHandler extends AbstractCertificateAuthorityCommandHandler { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/ActivateNonHostedCertificateAuthorityCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/ActivateNonHostedCertificateAuthorityCommandHandler.java index c23910e..058f0df 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/ActivateNonHostedCertificateAuthorityCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/ActivateNonHostedCertificateAuthorityCommandHandler.java @@ -8,7 +8,7 @@ import net.ripe.rpki.server.api.commands.ActivateNonHostedCertificateAuthorityCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler public class ActivateNonHostedCertificateAuthorityCommandHandler extends AbstractCertificateAuthorityCommandHandler { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/AllResourcesCaResourcesCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/AllResourcesCaResourcesCommandHandler.java index 63d6e52..f918c1a 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/AllResourcesCaResourcesCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/AllResourcesCaResourcesCommandHandler.java @@ -7,7 +7,7 @@ import net.ripe.rpki.server.api.commands.AllResourcesCaResourcesCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler public class AllResourcesCaResourcesCommandHandler extends AbstractCertificateAuthorityCommandHandler { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/CreateAllResourcesCertificateAuthorityCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/CreateAllResourcesCertificateAuthorityCommandHandler.java index fc46886..0557dc0 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/CreateAllResourcesCertificateAuthorityCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/CreateAllResourcesCertificateAuthorityCommandHandler.java @@ -7,7 +7,7 @@ import net.ripe.rpki.server.api.commands.CreateAllResourcesCertificateAuthorityCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler public class CreateAllResourcesCertificateAuthorityCommandHandler extends AbstractCertificateAuthorityCommandHandler { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/CreateIntermediateCertificateAuthorityCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/CreateIntermediateCertificateAuthorityCommandHandler.java index 422e740..7a7c42c 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/CreateIntermediateCertificateAuthorityCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/CreateIntermediateCertificateAuthorityCommandHandler.java @@ -8,7 +8,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler @ConditionalOnProperty(prefix="intermediate.ca", value="enabled", havingValue = "true") diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/CreateRootCertificateAuthorityCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/CreateRootCertificateAuthorityCommandHandler.java index ece24cf..78c0f0e 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/CreateRootCertificateAuthorityCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/CreateRootCertificateAuthorityCommandHandler.java @@ -10,7 +10,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import org.apache.commons.lang.Validate; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler public class CreateRootCertificateAuthorityCommandHandler extends AbstractCertificateAuthorityCommandHandler { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/DeleteCertificateAuthorityCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/DeleteCertificateAuthorityCommandHandler.java index 643216b..43b82e6 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/DeleteCertificateAuthorityCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/DeleteCertificateAuthorityCommandHandler.java @@ -12,7 +12,7 @@ import net.ripe.rpki.server.api.commands.DeleteCertificateAuthorityCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; -import javax.inject.Inject; +import jakarta.inject.Inject; @Slf4j @Handler diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/DeleteNonHostedPublisherCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/DeleteNonHostedPublisherCommandHandler.java index 3b02a9e..66ee4ad 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/DeleteNonHostedPublisherCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/DeleteNonHostedPublisherCommandHandler.java @@ -8,8 +8,8 @@ import org.apache.commons.lang.Validate; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; -import javax.inject.Inject; -import javax.persistence.EntityNotFoundException; +import jakarta.inject.Inject; +import jakarta.persistence.EntityNotFoundException; import java.util.UUID; @Handler diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/GenerateOfflineCARepublishRequestCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/GenerateOfflineCARepublishRequestCommandHandler.java index cd9989f..28c034d 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/GenerateOfflineCARepublishRequestCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/GenerateOfflineCARepublishRequestCommandHandler.java @@ -10,7 +10,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import org.apache.commons.lang.Validate; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.ArrayList; @Handler diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/InitialiseMyIdentityMaterialCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/InitialiseMyIdentityMaterialCommandHandler.java index 09497a4..195bfb4 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/InitialiseMyIdentityMaterialCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/InitialiseMyIdentityMaterialCommandHandler.java @@ -6,7 +6,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import org.apache.commons.lang.NotImplementedException; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/IssueUpdatedManifestAndCrlCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/IssueUpdatedManifestAndCrlCommandHandler.java index 6f1e468..791c0fa 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/IssueUpdatedManifestAndCrlCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/IssueUpdatedManifestAndCrlCommandHandler.java @@ -10,7 +10,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementActivatePendingKeysCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementActivatePendingKeysCommandHandler.java index c76721d..aff2048 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementActivatePendingKeysCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementActivatePendingKeysCommandHandler.java @@ -6,7 +6,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementInitiateRollCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementInitiateRollCommandHandler.java index 713a8b4..e44e2fb 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementInitiateRollCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementInitiateRollCommandHandler.java @@ -15,7 +15,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.ArrayList; import java.util.Collections; import java.util.List; diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementRevokeOldKeysCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementRevokeOldKeysCommandHandler.java index 9490c42..440e992 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementRevokeOldKeysCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/KeyManagementRevokeOldKeysCommandHandler.java @@ -15,9 +15,8 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.List; -import java.util.stream.Collectors; import static net.ripe.rpki.domain.Resources.DEFAULT_RESOURCE_CLASS; @@ -71,10 +70,7 @@ public void handle(KeyManagementRevokeOldKeysCommand command, CommandStatus comm private List toTaRequests(List requests) { return requests.stream() - .map(request -> new RevocationRequest(DEFAULT_RESOURCE_CLASS, - KeyPairUtil.getEncodedKeyIdentifier(request.getSubjectPublicKey()))) - .collect(Collectors.toList()); + .map(request -> (TaRequest) new RevocationRequest(DEFAULT_RESOURCE_CLASS, KeyPairUtil.getEncodedKeyIdentifier(request.getSubjectPublicKey()))) + .toList(); } - - } diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/LockCertificateAuthorityHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/LockCertificateAuthorityHandler.java index 89886cc..754edae 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/LockCertificateAuthorityHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/LockCertificateAuthorityHandler.java @@ -8,7 +8,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.util.DBComponent; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.ArrayList; import java.util.List; diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/ManagedCertificateAuthorityOutgoingResourceCertificatesInvariantHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/ManagedCertificateAuthorityOutgoingResourceCertificatesInvariantHandler.java index db052c1..08591b3 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/ManagedCertificateAuthorityOutgoingResourceCertificatesInvariantHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/ManagedCertificateAuthorityOutgoingResourceCertificatesInvariantHandler.java @@ -17,8 +17,8 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import javax.inject.Inject; -import javax.persistence.EntityManager; +import jakarta.inject.Inject; +import jakarta.persistence.EntityManager; import java.util.Set; import java.util.stream.Collectors; diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/MessageDispatcher.java b/src/main/java/net/ripe/rpki/services/impl/handlers/MessageDispatcher.java index ec14ec9..3f1d3a9 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/MessageDispatcher.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/MessageDispatcher.java @@ -1,5 +1,6 @@ package net.ripe.rpki.services.impl.handlers; +import jakarta.annotation.PostConstruct; import lombok.Setter; import net.ripe.rpki.server.api.commands.CertificateAuthorityCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; @@ -10,14 +11,12 @@ import org.springframework.dao.TransientDataAccessException; import org.springframework.stereotype.Component; -import javax.annotation.PostConstruct; -import javax.persistence.OptimisticLockException; -import javax.persistence.PessimisticLockException; +import jakarta.persistence.OptimisticLockException; +import jakarta.persistence.PessimisticLockException; import java.util.ArrayList; import java.util.Comparator; import java.util.List; import java.util.Map; -import java.util.stream.Collectors; @Component public class MessageDispatcher { @@ -41,8 +40,7 @@ protected List> final Map beansWithAnnotation = applicationContext.getBeansWithAnnotation(Handler.class); return beansWithAnnotation.values().stream() .map(bean -> (CertificateAuthorityCommandHandler) bean) - .sorted(Comparator.comparingInt(MessageDispatcher::orderOf)) - .collect(Collectors.toList()); + .sorted(Comparator.comparingInt(MessageDispatcher::orderOf)).toList(); } private static int orderOf(Object bean) { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/MigrateMemberCertificateAuthorityToIntermediateParentCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/MigrateMemberCertificateAuthorityToIntermediateParentCommandHandler.java index fd9f009..0021806 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/MigrateMemberCertificateAuthorityToIntermediateParentCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/MigrateMemberCertificateAuthorityToIntermediateParentCommandHandler.java @@ -9,8 +9,8 @@ import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; import net.ripe.rpki.util.DBComponent; -import javax.inject.Inject; -import javax.persistence.EntityNotFoundException; +import jakarta.inject.Inject; +import jakarta.persistence.EntityNotFoundException; import java.security.PublicKey; import java.util.Objects; diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/ProcessTrustAnchorResponseCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/ProcessTrustAnchorResponseCommandHandler.java index 0f87fc9..e784c76 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/ProcessTrustAnchorResponseCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/ProcessTrustAnchorResponseCommandHandler.java @@ -5,7 +5,7 @@ import net.ripe.rpki.server.api.commands.ProcessTrustAnchorResponseCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler public class ProcessTrustAnchorResponseCommandHandler extends AbstractCertificateAuthorityCommandHandler { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisionNonHostedPublisherCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisionNonHostedPublisherCommandHandler.java index d90d3a6..2457b1d 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisionNonHostedPublisherCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisionNonHostedPublisherCommandHandler.java @@ -11,7 +11,7 @@ import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.UUID; import static net.ripe.rpki.domain.NonHostedCertificateAuthority.PUBLISHER_REPOSITORIES_LIMIT; diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisioningCertificateIssuanceCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisioningCertificateIssuanceCommandHandler.java index 7c1e637..d18b36b 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisioningCertificateIssuanceCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisioningCertificateIssuanceCommandHandler.java @@ -8,7 +8,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.security.PublicKey; @Handler diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisioningCertificateRevocationCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisioningCertificateRevocationCommandHandler.java index d0db108..8da3902 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisioningCertificateRevocationCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/ProvisioningCertificateRevocationCommandHandler.java @@ -8,7 +8,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler public class ProvisioningCertificateRevocationCommandHandler extends AbstractCertificateAuthorityCommandHandler { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/PublicationSupport.java b/src/main/java/net/ripe/rpki/services/impl/handlers/PublicationSupport.java index a99b92a..73626dc 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/PublicationSupport.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/PublicationSupport.java @@ -17,7 +17,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.net.URI; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; @@ -56,8 +56,7 @@ public PublicationSupport( log.info("Interfacing with {} external publication servers: {}", publicationServerUris.size(), publicationServerUris); externalPublishingServers = publicationServerUris.stream() - .map(uri -> new ExternalPublishingServer(publishingServerClient, meterRegistry, uri)) - .collect(Collectors.toList()); + .map(uri -> new ExternalPublishingServer(publishingServerClient, meterRegistry, uri)).toList(); forkJoinPool = new ForkJoinPool(Math.max(1, externalPublishingServers.size())); rrdpPublicationSuccesses = Counter.builder("rpkicore.publication.total") @@ -175,8 +174,7 @@ private List getObjectsFromServer(ExternalPublishingServer externalPu final List messages = Collections.singletonList(new ListRequest()); return externalPublishingServer.execute(messages, clientId).stream() .filter(PublicationMessage.isListReply) - .map(x -> (ListReply) x) - .collect(Collectors.toList()); + .map(x -> (ListReply) x).toList(); } public static String objectHash(byte[] bytes) { diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/SubscribeToRoaAlertCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/SubscribeToRoaAlertCommandHandler.java index f69f339..32184cc 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/SubscribeToRoaAlertCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/SubscribeToRoaAlertCommandHandler.java @@ -11,7 +11,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.services.impl.EmailSender; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Collections; import java.util.Set; import java.util.stream.Collectors; diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/UnsubscribeFromRoaAlertCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/UnsubscribeFromRoaAlertCommandHandler.java index 8b6481d..6e5997f 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/UnsubscribeFromRoaAlertCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/UnsubscribeFromRoaAlertCommandHandler.java @@ -8,7 +8,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.services.impl.EmailSender; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Collections; import static net.ripe.rpki.domain.alerts.RoaAlertConfiguration.normEmail; diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateAllIncomingResourceCertificatesCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateAllIncomingResourceCertificatesCommandHandler.java index f7ac412..fbaf5d3 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateAllIncomingResourceCertificatesCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateAllIncomingResourceCertificatesCommandHandler.java @@ -8,7 +8,7 @@ import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.server.api.services.command.CommandWithoutEffectException; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler @Slf4j diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateAspaConfigurationCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateAspaConfigurationCommandHandler.java index c174d89..8633573 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateAspaConfigurationCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateAspaConfigurationCommandHandler.java @@ -22,9 +22,8 @@ import net.ripe.rpki.server.api.services.command.PrivateAsnsUsedException; import org.springframework.beans.factory.annotation.Value; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.*; -import java.util.stream.Collectors; @Handler @@ -145,7 +144,6 @@ private void validateProviderAsns(SortedMap> configuration) private List findAddedPrivateAsns(SortedMap> configuration) { return configuration.values().stream() .flatMap(Collection::stream) - .filter(privateAsns::contains) - .collect(Collectors.toList()); + .filter(privateAsns::contains).toList(); } } diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateRoaAlertIgnoredAnnouncedRoutesCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateRoaAlertIgnoredAnnouncedRoutesCommandHandler.java index ca3cb1a..064bbb0 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateRoaAlertIgnoredAnnouncedRoutesCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateRoaAlertIgnoredAnnouncedRoutesCommandHandler.java @@ -7,7 +7,7 @@ import net.ripe.rpki.server.api.commands.UpdateRoaAlertIgnoredAnnouncedRoutesCommand; import net.ripe.rpki.server.api.services.command.CommandStatus; -import javax.inject.Inject; +import jakarta.inject.Inject; @Handler diff --git a/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateRoaConfigurationCommandHandler.java b/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateRoaConfigurationCommandHandler.java index bbd5c6c..dff6fc7 100644 --- a/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateRoaConfigurationCommandHandler.java +++ b/src/main/java/net/ripe/rpki/services/impl/handlers/UpdateRoaConfigurationCommandHandler.java @@ -19,7 +19,7 @@ import net.ripe.rpki.services.impl.background.RoaMetricsService; import org.springframework.beans.factory.annotation.Value; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Collection; import java.util.HashSet; import java.util.List; @@ -97,8 +97,7 @@ private void validateEntityTag(UpdateRoaConfigurationCommand command, RoaConfigu private void validateAsns(UpdateRoaConfigurationCommand command) { List privateAsns = command.getAdditions().stream().map(RoaConfigurationPrefixData::getAsn) - .filter(privateAsnRanges::contains) - .collect(Collectors.toList()); + .filter(privateAsnRanges::contains).toList(); if (!privateAsns.isEmpty()) { throw new PrivateAsnsUsedException("ROA configuration", privateAsns); } diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaAspaEntityRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaAspaEntityRepository.java index b48bb43..292a3e1 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaAspaEntityRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaAspaEntityRepository.java @@ -38,7 +38,7 @@ public List findCurrentByCertificateAuthority(ManagedCertificateAuth @Override public int deleteByCertificateSigningKeyPair(KeyPairEntity certificateSigningKeyPair) { return manager - .createQuery("DELETE FROM AspaEntity WHERE certificate_id IN (SELECT id FROM OutgoingResourceCertificate orc WHERE orc.signingKeyPair = :cskp)") + .createQuery("DELETE FROM AspaEntity WHERE certificate.id IN (SELECT id FROM OutgoingResourceCertificate orc WHERE orc.signingKeyPair = :cskp)") .setParameter("cskp", certificateSigningKeyPair) .executeUpdate(); } diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaCertificateAuthorityRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaCertificateAuthorityRepository.java index 48ea175..473890a 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaCertificateAuthorityRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaCertificateAuthorityRepository.java @@ -2,7 +2,7 @@ import net.ripe.rpki.domain.*; import net.ripe.rpki.ripencc.support.persistence.JpaRepository; -import net.ripe.rpki.server.api.commands.CertificateAuthorityCommandGroup; +import net.ripe.rpki.server.api.commands.*; import net.ripe.rpki.server.api.dto.CaStat; import net.ripe.rpki.server.api.dto.CaStatCaEvent; import net.ripe.rpki.server.api.dto.CaStatEvent; @@ -16,12 +16,13 @@ import org.joda.time.format.DateTimeFormatter; import org.springframework.stereotype.Repository; -import javax.persistence.EntityNotFoundException; -import javax.persistence.LockModeType; -import javax.persistence.NoResultException; -import javax.persistence.PersistenceException; -import javax.persistence.Query; +import jakarta.persistence.EntityNotFoundException; +import jakarta.persistence.LockModeType; +import jakarta.persistence.NoResultException; +import jakarta.persistence.PersistenceException; +import jakarta.persistence.Query; import javax.security.auth.x500.X500Principal; +import java.time.Instant; import java.util.*; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -150,27 +151,26 @@ public Collection getCAStats() { return rowStream.map(row -> { String caName = toStr(row[0]); int roaCount = toInt(row[1]); - Date createdAt = (Date) row[2]; - return new CaStat(caName, roaCount, ISO_DATE_FORMAT.print(new DateTime(createdAt))); - }).collect(Collectors.toList()); + Instant createdAt = (Instant) row[2]; + return new CaStat(caName, roaCount, ISO_DATE_FORMAT.print(new DateTime(createdAt.toEpochMilli()))); + }).toList(); } @Override public Collection getCAStatEvents() { - final String updateRoaConf = "UpdateRoaConfigurationCommand"; + // Two legacy command types that _may_ be present final String createRoaSpec = "CreateRoaSpecificationCommand"; final String deleteRoaSpec = "DeleteRoaSpecificationCommand"; - final String activateCaSpec = "ActivateHostedCertificateAuthorityCommand"; - final String activateNonHostedCaSpec = "ActivateNonHostedCertificateAuthorityCommand"; - final String deleteCaSpec = "DeleteCertificateAuthorityCommand"; - final String deleteNonHostedCaSpec = "DeleteNonHostedCertificateAuthorityCommand"; - final List commandTypes = Arrays.asList(updateRoaConf, createRoaSpec, deleteRoaSpec, - activateCaSpec, activateNonHostedCaSpec, deleteCaSpec, deleteNonHostedCaSpec); - - final Pattern updateConfPattern = Pattern.compile("Updated ROA configuration. Additions: (.+). Deletions: (.+)\\."); - final Pattern createSpecPattern = Pattern.compile("Created ROA specification '.+' (.+)."); - final Pattern deleteSpecPattern = Pattern.compile("Deleted ROA specification '.+' (.+)."); + // recall: prefix/suffix for Collectors.joining are not in between elements, so it can not be + final var commandTypesSqlList = Stream.of( + createRoaSpec, deleteRoaSpec, + UpdateRoaConfigurationCommand.class.getSimpleName(), + ActivateHostedCertificateAuthorityCommand.class.getSimpleName(), + ActivateNonHostedCertificateAuthorityCommand.class.getSimpleName(), + DeleteCertificateAuthorityCommand.class.getSimpleName(), + DeleteNonHostedCertificateAuthorityCommand.class.getSimpleName() + ).map(s -> "'" + s + "'").collect(Collectors.joining(",")); final Query q = manager.createNativeQuery("SELECT " + "ca.name, " + @@ -179,18 +179,23 @@ public Collection getCAStatEvents() { "au.commandsummary " + "FROM commandAudit au " + "LEFT JOIN certificateAuthority ca ON ca.id = au.ca_id " + - "WHERE commandtype IN (" + inClause(commandTypes) + ")" + + "WHERE commandtype IN (" + commandTypesSqlList + ") " + "ORDER BY au.executiontime ASC, ca.name"); + final Pattern updateConfPattern = Pattern.compile("Updated ROA configuration. Additions: (.+). Deletions: (.+)\\."); + final Pattern createSpecPattern = Pattern.compile("Created ROA specification '.+' (.+)."); + final Pattern deleteSpecPattern = Pattern.compile("Deleted ROA specification '.+' (.+)."); + final List resultList = q.getResultList(); final List result = new ArrayList<>(); for (final Object r : resultList) { final Object[] columns = (Object[]) r; final String caName = toStr(columns[0]); final String type = toStr(columns[1]); - final String date = ISO_DATE_FORMAT.print(new DateTime(columns[2])); + final String date = ISO_DATE_FORMAT.print(new DateTime(((Instant)columns[2]).toEpochMilli())); final String summary = toStr(columns[3]); - if (updateRoaConf.equals(type)) { + + if (UpdateRoaConfigurationCommand.class.getSimpleName().equals(type)) { final Matcher m = updateConfPattern.matcher(summary); if (m.matches()) { final String additions = m.group(1); @@ -213,9 +218,9 @@ public Collection getCAStatEvents() { if (deleted > 0) result.add(new CaStatRoaEvent(caName, date, 0, deleted)); } - } else if (activateCaSpec.equals(type) || activateNonHostedCaSpec.equals(type)) { + } else if (ActivateHostedCertificateAuthorityCommand.class.getSimpleName().equals(type) || ActivateNonHostedCertificateAuthorityCommand.class.getSimpleName().equals(type)) { result.add(CaStatCaEvent.created(caName, date)); - } else if (deleteCaSpec.equals(type) || deleteNonHostedCaSpec.equals(type)) { + } else if (DeleteCertificateAuthorityCommand.class.getSimpleName().equals(type) || DeleteNonHostedCertificateAuthorityCommand.class.getSimpleName().equals(type)) { result.add(CaStatCaEvent.deleted(date)); } } @@ -268,25 +273,24 @@ public Collection findAllWithOutdatedManifests(bool @Override public List findAllWithManifestsExpiringBefore(DateTime notValidAfterCutoff, int maxResult) { return manager.createQuery( - "SELECT DISTINCT ca, MIN(po.validityPeriod.notValidAfter) " + - " FROM ManagedCertificateAuthority ca" + - " JOIN ca.keyPairs kp," + - " ManifestEntity mft" + - " JOIN mft.publishedObject po" + - " JOIN mft.certificate crt" + - " WHERE kp.status IN :publishable" + - " AND crt.signingKeyPair = kp" + - " AND po.validityPeriod.notValidAfter < :notValidAfterCutoff" + - " GROUP BY ca" + - " ORDER BY MIN(po.validityPeriod.notValidAfter) ASC", - Object[].class) - // See KeyPairEntity.isPublishable for the next two parameters - .setParameter("publishable", Arrays.asList(KeyPairStatus.PENDING, KeyPairStatus.CURRENT, KeyPairStatus.OLD)) - .setParameter("notValidAfterCutoff", notValidAfterCutoff) - .setMaxResults(maxResult) - .getResultStream() - .map(row -> (ManagedCertificateAuthority) row[0]) - .collect(Collectors.toList()); + "SELECT DISTINCT ca, MIN(po.validityPeriod.notValidAfter) " + + " FROM ManagedCertificateAuthority ca" + + " JOIN ca.keyPairs kp," + + " ManifestEntity mft" + + " JOIN mft.publishedObject po" + + " JOIN mft.certificate crt" + + " WHERE kp.status IN :publishable" + + " AND crt.signingKeyPair = kp" + + " AND po.validityPeriod.notValidAfter < :notValidAfterCutoff" + + " GROUP BY ca" + + " ORDER BY MIN(po.validityPeriod.notValidAfter) ASC", + Object[].class) + // See KeyPairEntity.isPublishable for the next two parameters + .setParameter("publishable", Arrays.asList(KeyPairStatus.PENDING, KeyPairStatus.CURRENT, KeyPairStatus.OLD)) + .setParameter("notValidAfterCutoff", notValidAfterCutoff) + .setMaxResults(maxResult) + .getResultStream() + .map(row -> (ManagedCertificateAuthority) row[0]).toList(); } @Override @@ -342,10 +346,6 @@ public Optional findSmallestIntermediateCA(X50 } } - private static String inClause(final Collection items) { - return items.stream().collect(Collectors.joining(",", "'", "'")); - } - private static int countRoasUpdateSpecPattern(String summary) { int c = summary.replaceFirst("\\[asn=AS[0-9]+, ", "").split("maximumLength=").length - 1; return Math.max(c, 0); diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaCrlEntityRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaCrlEntityRepository.java index f364882..4553bdf 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaCrlEntityRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaCrlEntityRepository.java @@ -7,8 +7,8 @@ import org.apache.commons.lang.Validate; import org.springframework.stereotype.Component; -import javax.persistence.NoResultException; -import javax.persistence.Query; +import jakarta.persistence.NoResultException; +import jakarta.persistence.Query; @Component public class JpaCrlEntityRepository extends JpaRepository implements CrlEntityRepository { diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaHsmKeyStoreRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaHsmKeyStoreRepository.java index 150f371..8a26b45 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaHsmKeyStoreRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaHsmKeyStoreRepository.java @@ -7,7 +7,7 @@ import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; -import javax.persistence.TypedQuery; +import jakarta.persistence.TypedQuery; import java.util.Collections; import java.util.Enumeration; import java.util.Optional; diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaManifestEntityRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaManifestEntityRepository.java index f8311a3..e8441fc 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaManifestEntityRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaManifestEntityRepository.java @@ -7,8 +7,8 @@ import org.apache.commons.lang.Validate; import org.springframework.stereotype.Repository; -import javax.persistence.NoResultException; -import javax.persistence.Query; +import jakarta.persistence.NoResultException; +import jakarta.persistence.Query; @Repository public class JpaManifestEntityRepository extends JpaRepository implements ManifestEntityRepository { diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaPropertyEntityRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaPropertyEntityRepository.java index 3ebee33..989277a 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaPropertyEntityRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaPropertyEntityRepository.java @@ -8,8 +8,8 @@ import org.springframework.stereotype.Component; import javax.annotation.Nullable; -import javax.persistence.NoResultException; -import javax.persistence.Query; +import jakarta.persistence.NoResultException; +import jakarta.persistence.Query; @Component public class JpaPropertyEntityRepository extends JpaRepository implements PropertyEntityRepository { diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaPublishedObjectRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaPublishedObjectRepository.java index a11bcc2..6ece5ac 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaPublishedObjectRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaPublishedObjectRepository.java @@ -62,10 +62,10 @@ public List findCurrentlyPublishedObjects() { .getResultStream() .map((o) -> { Object[] row = (Object[]) o; - return new PublishedObjectData((Timestamp) row[0], URI.create((String) row[1]), (byte[]) row[2]); + return new PublishedObjectData((java.time.Instant) row[0], URI.create((String) row[1]), (byte[]) row[2]); }); - return stream.collect(Collectors.toList()); + return stream.toList(); } @SuppressWarnings("unchecked") diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaResourceCertificateRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaResourceCertificateRepository.java index aa4eabe..294288d 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaResourceCertificateRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaResourceCertificateRepository.java @@ -16,9 +16,9 @@ import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; -import javax.persistence.NoResultException; -import javax.persistence.Query; -import javax.persistence.TypedQuery; +import jakarta.persistence.NoResultException; +import jakarta.persistence.Query; +import jakarta.persistence.TypedQuery; import javax.security.auth.x500.X500Principal; import java.math.BigInteger; import java.security.PublicKey; @@ -133,12 +133,7 @@ public ExpireOutgoingResourceCertificatesResult expireOutgoingResourceCertificat .setParameter("toBeWithdrawn", PublicationStatus.TO_BE_WITHDRAWN.name()) .setParameter("withdrawn", PublicationStatus.WITHDRAWN.name()) .getSingleResult(); - return new ExpireOutgoingResourceCertificatesResult( - ((BigInteger) counts[0]).intValueExact(), - ((BigInteger) counts[1]).intValueExact(), - ((BigInteger) counts[2]).intValueExact(), - ((BigInteger) counts[3]).intValueExact() - ); + return new ExpireOutgoingResourceCertificatesResult((long)counts[0], (long)counts[1], (long)counts[2], (long)counts[3]); } @Override diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaAlertConfigurationRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaAlertConfigurationRepository.java index bb23b05..99c878a 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaAlertConfigurationRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaAlertConfigurationRepository.java @@ -7,8 +7,8 @@ import org.apache.commons.lang.Validate; import org.springframework.stereotype.Component; -import javax.persistence.NoResultException; -import javax.persistence.Query; +import jakarta.persistence.NoResultException; +import jakarta.persistence.Query; import java.util.List; @Component diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaConfigurationRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaConfigurationRepository.java index a5bf80a..c9f4c2c 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaConfigurationRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaConfigurationRepository.java @@ -13,7 +13,7 @@ import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; -import javax.persistence.NoResultException; +import jakarta.persistence.NoResultException; import javax.security.auth.x500.X500Principal; import java.math.BigDecimal; import java.math.BigInteger; @@ -22,7 +22,6 @@ import java.util.Collection; import java.util.List; import java.util.Optional; -import java.util.stream.Collectors; @Repository @Transactional @@ -66,19 +65,18 @@ public List findAllPerCa() { .stream() .map(o -> { final Object[] row = (Object[]) o; - final Long caId = ((BigInteger) row[0]).longValue(); + final Long caId = ((Long) row[0]); final X500Principal principal = new X500Principal((String) row[1]); final CaName caName = CaName.of(principal); final Asn asn = new Asn(((BigDecimal) row[2]).longValue()); - final Integer prefixType = (Integer) row[3]; + final Short prefixType = (Short) row[3]; final BigInteger begin = ((BigDecimal) row[4]).toBigInteger(); final BigInteger end = ((BigDecimal) row[5]).toBigInteger(); final Integer maximumLength = (Integer) row[6]; final IpResourceType resourceType = IpResourceType.values()[prefixType]; final IpResourceRange range = resourceType.fromBigInteger(begin).upTo(resourceType.fromBigInteger(end)); return new RoaConfigurationPerCa(caId, caName, asn, range, maximumLength); - }) - .collect(Collectors.toList()); + }).toList(); } @Override @@ -104,7 +102,7 @@ public void logRoaPrefixDeletion(RoaConfiguration configuration, Collection lastModified() { "SELECT max(deleted_at) as last from deleted_roaconfiguration_prefixes" + ") last_changes"; // empty table -> null. - Timestamp res = (Timestamp) createNativeQuery(sql).getSingleResult(); - return Optional.ofNullable(res).map(t -> t.toInstant()); + var res = (Instant) createNativeQuery(sql).getSingleResult(); + return Optional.ofNullable(res); } @Override diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaEntityRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaEntityRepository.java index 263f0e1..08c1a92 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaEntityRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaRoaEntityRepository.java @@ -37,7 +37,7 @@ public List findCurrentByCertificateAuthority(ManagedCertificateAutho @Override public int deleteByCertificateSigningKeyPair(KeyPairEntity certificateSigningKeyPair) { return manager - .createQuery("DELETE FROM RoaEntity WHERE certificate_id IN (SELECT id FROM OutgoingResourceCertificate orc WHERE orc.signingKeyPair = :cskp)") + .createQuery("DELETE FROM RoaEntity WHERE certificate.id IN (SELECT id FROM OutgoingResourceCertificate orc WHERE orc.signingKeyPair = :cskp)") .setParameter("cskp", certificateSigningKeyPair) .executeUpdate(); } diff --git a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaTrustAnchorPublishedObjectRepository.java b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaTrustAnchorPublishedObjectRepository.java index 6536a02..dccc1db 100644 --- a/src/main/java/net/ripe/rpki/services/impl/jpa/JpaTrustAnchorPublishedObjectRepository.java +++ b/src/main/java/net/ripe/rpki/services/impl/jpa/JpaTrustAnchorPublishedObjectRepository.java @@ -6,8 +6,8 @@ import org.joda.time.Instant; import org.springframework.stereotype.Component; -import javax.persistence.EntityManager; -import javax.persistence.PersistenceContext; +import jakarta.persistence.EntityManager; +import jakarta.persistence.PersistenceContext; import java.util.List; @Component diff --git a/src/main/java/net/ripe/rpki/util/JdbcDBComponent.java b/src/main/java/net/ripe/rpki/util/JdbcDBComponent.java index 645ae99..6c049ee 100644 --- a/src/main/java/net/ripe/rpki/util/JdbcDBComponent.java +++ b/src/main/java/net/ripe/rpki/util/JdbcDBComponent.java @@ -12,9 +12,9 @@ import org.springframework.transaction.support.TransactionSynchronization; import org.springframework.transaction.support.TransactionSynchronizationManager; -import javax.persistence.EntityManager; -import javax.persistence.LockModeType; -import javax.persistence.NoResultException; +import jakarta.persistence.EntityManager; +import jakarta.persistence.LockModeType; +import jakarta.persistence.NoResultException; import java.util.Objects; @Primary diff --git a/src/main/java/net/ripe/rpki/web/AdminController.java b/src/main/java/net/ripe/rpki/web/AdminController.java index 4693ab9..53089af 100644 --- a/src/main/java/net/ripe/rpki/web/AdminController.java +++ b/src/main/java/net/ripe/rpki/web/AdminController.java @@ -21,8 +21,8 @@ import org.springframework.web.servlet.view.RedirectView; import javax.annotation.Nullable; -import javax.inject.Inject; -import javax.validation.Valid; +import jakarta.inject.Inject; +import jakarta.validation.Valid; import java.util.List; import java.util.Map; import java.util.TreeMap; diff --git a/src/main/java/net/ripe/rpki/web/BaseController.java b/src/main/java/net/ripe/rpki/web/BaseController.java index 373be8d..8f41613 100644 --- a/src/main/java/net/ripe/rpki/web/BaseController.java +++ b/src/main/java/net/ripe/rpki/web/BaseController.java @@ -12,12 +12,11 @@ import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.web.bind.annotation.ModelAttribute; -import javax.validation.constraints.NotBlank; -import javax.validation.constraints.Pattern; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.Pattern; import java.util.Comparator; import java.util.List; import java.util.Map; -import java.util.stream.Collectors; public class BaseController { @@ -42,8 +41,7 @@ public GitInfo getGitInfo() { @ModelAttribute(name = "currentUser", binding = false) public UserData currentUser(@AuthenticationPrincipal Object user) { - if (user instanceof OAuth2User) { - OAuth2User oAuth2User = (OAuth2User) user; + if (user instanceof OAuth2User oAuth2User) { return new UserData(oAuth2User.getName(), oAuth2User.getAttribute("name"), oAuth2User.getAttribute("email")); } else { String id = String.valueOf(user); @@ -108,9 +106,8 @@ public static class BackgroundServiceData { static List fromBackgroundServices(Map backgroundServiceMap) { return backgroundServiceMap.entrySet().stream() - .map(entry -> new BackgroundServiceData(entry.getKey(), entry.getValue())) - .sorted(Comparator.comparing(s -> s.name)) - .collect(Collectors.toList()); + .map(entry -> new BackgroundServiceData(entry.getKey(), entry.getValue())) + .sorted(Comparator.comparing(s -> s.name)).toList(); } } diff --git a/src/main/java/net/ripe/rpki/web/HealthCheckController.java b/src/main/java/net/ripe/rpki/web/HealthCheckController.java index 99cdbbd..2aca329 100644 --- a/src/main/java/net/ripe/rpki/web/HealthCheckController.java +++ b/src/main/java/net/ripe/rpki/web/HealthCheckController.java @@ -11,7 +11,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.servlet.ModelAndView; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Map; @Controller diff --git a/src/main/java/net/ripe/rpki/web/ProductionCaController.java b/src/main/java/net/ripe/rpki/web/ProductionCaController.java index 9057ba7..255f4fe 100644 --- a/src/main/java/net/ripe/rpki/web/ProductionCaController.java +++ b/src/main/java/net/ripe/rpki/web/ProductionCaController.java @@ -17,10 +17,9 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.servlet.ModelAndView; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.List; import java.util.Optional; -import java.util.stream.Collectors; @Controller @RequestMapping(ProductionCaController.PRODUCTION_CA_HISTORY) @@ -52,7 +51,7 @@ public List historySummary() { .map(caHistoryItem -> { final String humanizedUserPrincipal = getHumanizedUserPrincipal(caHistoryItem); return new HistoryItem(humanizedUserPrincipal, caHistoryItem); - }).collect(Collectors.toList()); + }).toList(); } private String getHumanizedUserPrincipal(CertificateAuthorityHistoryItem historyItem) { diff --git a/src/main/java/net/ripe/rpki/web/ResourceCacheController.java b/src/main/java/net/ripe/rpki/web/ResourceCacheController.java index 408324e..1758c1a 100644 --- a/src/main/java/net/ripe/rpki/web/ResourceCacheController.java +++ b/src/main/java/net/ripe/rpki/web/ResourceCacheController.java @@ -13,8 +13,8 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.servlet.ModelAndView; -import javax.inject.Inject; -import javax.inject.Named; +import jakarta.inject.Inject; +import jakarta.inject.Named; import java.time.Instant; import java.util.*; diff --git a/src/main/java/net/ripe/rpki/web/UpstreamCaController.java b/src/main/java/net/ripe/rpki/web/UpstreamCaController.java index 867e181..940a294 100644 --- a/src/main/java/net/ripe/rpki/web/UpstreamCaController.java +++ b/src/main/java/net/ripe/rpki/web/UpstreamCaController.java @@ -24,7 +24,7 @@ import org.springframework.web.servlet.mvc.support.RedirectAttributes; import org.springframework.web.servlet.view.RedirectView; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; import java.util.*; import java.util.function.Function; diff --git a/src/main/resources/application-local.yml b/src/main/resources/application-local.yml index 760dd55..971648d 100644 --- a/src/main/resources/application-local.yml +++ b/src/main/resources/application-local.yml @@ -10,6 +10,10 @@ keystore: instance.name: local system.setup.and.testing.api.enabled: true +# **Disable** authentication for the administration web UI. +admin.authorization.enabled: false + + # local setup should not be able to deliver mail by default. mail: host: localhost diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 1ba1aa5..978f15e 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -16,11 +16,8 @@ server: context-path: /certification shutdown: graceful -# The role required for the administration web UI. Use -# `ROLE_ANONYMOUS` if no authorization is required (development), -# otherwise use ROLE_USER. Ensure the RPKI application is assigned to -# the user/group so in the Oauth2 provider. -authorization.admin.role: ROLE_USER +# Enable authentication for the administration web UI. +admin.authorization.enabled: true spring: main.banner-mode: 'off' @@ -37,7 +34,7 @@ spring: connection-timeout: 5000 transaction-isolation: TRANSACTION_REPEATABLE_READ jpa: - database-platform: org.hibernate.dialect.PostgreSQL10Dialect + database-platform: org.hibernate.dialect.PostgreSQLDialect generate-ddl: false hibernate.ddl-auto: validate open-in-view: false diff --git a/src/main/resources/db/migration/V131__roaconfiguration_prefixes_hibernate6_enum_mapped_as_smallint.sql b/src/main/resources/db/migration/V131__roaconfiguration_prefixes_hibernate6_enum_mapped_as_smallint.sql new file mode 100644 index 0000000..8091ed1 --- /dev/null +++ b/src/main/resources/db/migration/V131__roaconfiguration_prefixes_hibernate6_enum_mapped_as_smallint.sql @@ -0,0 +1,2 @@ +--- https://github.com/hibernate/hibernate-orm/blob/6.1/migration-guide.adoc#enum-mapping-changes +ALTER TABLE roaconfiguration_prefixes ALTER COLUMN prefix_type_id TYPE smallint; \ No newline at end of file diff --git a/src/test/java/net/ripe/rpki/application/impl/CommandAuditServiceBeanTest.java b/src/test/java/net/ripe/rpki/application/impl/CommandAuditServiceBeanTest.java index 5dd8b29..127a14b 100644 --- a/src/test/java/net/ripe/rpki/application/impl/CommandAuditServiceBeanTest.java +++ b/src/test/java/net/ripe/rpki/application/impl/CommandAuditServiceBeanTest.java @@ -12,7 +12,7 @@ import org.junit.Test; import org.springframework.transaction.annotation.Transactional; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Collections; import java.util.List; import java.util.Map; diff --git a/src/test/java/net/ripe/rpki/bgpris/riswhois/RisWhoisFetcherTest.java b/src/test/java/net/ripe/rpki/bgpris/riswhois/RisWhoisFetcherTest.java index d3fa63f..9ae1aff 100644 --- a/src/test/java/net/ripe/rpki/bgpris/riswhois/RisWhoisFetcherTest.java +++ b/src/test/java/net/ripe/rpki/bgpris/riswhois/RisWhoisFetcherTest.java @@ -1,53 +1,39 @@ package net.ripe.rpki.bgpris.riswhois; -import org.apache.commons.io.IOUtils; -import org.eclipse.jetty.server.Handler; -import org.eclipse.jetty.server.Request; -import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.server.handler.AbstractHandler; -import org.junit.After; -import org.junit.Before; -import org.junit.Test; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; +import com.github.tomakehurst.wiremock.junit5.WireMockRuntimeInfo; +import com.github.tomakehurst.wiremock.junit5.WireMockTest; +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; -import static org.junit.Assert.assertTrue; +import java.io.IOException; +import static com.github.tomakehurst.wiremock.client.WireMock.*; +import static org.assertj.core.api.Assertions.assertThat; -public class RisWhoisFetcherTest { - private RisWhoisFetcher subject; +@WireMockTest +class RisWhoisFetcherTest { + byte[] risDumpContent; - private Server server; + RisWhoisFetcher subject; - @Before - public void setupJetty() throws Exception { + @BeforeEach + void setup() throws Exception { subject = new RisWhoisFetcher(); - server = new Server(39443); - Handler handler = new AbstractHandler() { - @Override - public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException { - response.setContentType("application/x-gzip"); - response.setStatus(HttpServletResponse.SC_OK); - IOUtils.copy(RisWhoisFetcherTest.class.getResourceAsStream("/static/riswhois/riswhoisdump-head-1000.IPv4.gz"), response.getOutputStream()); - ((Request) request).setHandled(true); - } - }; - server.setHandler(handler); - server.start(); - } - @After - public void cleanup() throws Exception { - server.stop(); + risDumpContent = RisWhoisFetcherTest.class.getResourceAsStream("/static/riswhois/riswhoisdump-head-1000.IPv4.gz").readAllBytes(); } - @Test - public void test() throws Exception { - String data = subject.fetch("http://localhost:39443/"); - assertTrue(data, data.contains("45528\t1.22.52.0/23\t99")); - } + void testFetch(WireMockRuntimeInfo wmRuntimeInfo) throws IOException { + var path = "/" + RandomStringUtils.randomAlphanumeric(16) + ".gz"; + + stubFor( + get(urlEqualTo(path)) + .willReturn(aResponse().withBody(risDumpContent)) + ); + String data = subject.fetch(wmRuntimeInfo.getHttpBaseUrl() + path); + assertThat(data).contains("45528\t1.22.52.0/23\t99"); + } } diff --git a/src/test/java/net/ripe/rpki/config/OpenAPIConfigTest.java b/src/test/java/net/ripe/rpki/config/OpenAPIConfigTest.java index 76001bb..f9c9050 100644 --- a/src/test/java/net/ripe/rpki/config/OpenAPIConfigTest.java +++ b/src/test/java/net/ripe/rpki/config/OpenAPIConfigTest.java @@ -2,7 +2,6 @@ import io.swagger.v3.oas.models.OpenAPI; import io.swagger.v3.oas.models.info.Contact; -import io.swagger.v3.oas.models.info.Info; import io.swagger.v3.oas.models.security.SecurityScheme; import lombok.Data; import org.junit.jupiter.api.Test; @@ -11,7 +10,7 @@ import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.junit.jupiter.SpringExtension; -import javax.inject.Inject; +import jakarta.inject.Inject; import static net.ripe.rpki.RpkiBootApplication.API_KEY_REFERENCE; import static net.ripe.rpki.RpkiBootApplication.USER_ID_REFERENCE; diff --git a/src/test/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceImplTest.java b/src/test/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceImplTest.java index 0477351..897a774 100644 --- a/src/test/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceImplTest.java +++ b/src/test/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceImplTest.java @@ -3,15 +3,16 @@ import net.ripe.ipresource.ImmutableResourceSet; import net.ripe.rpki.commons.provisioning.x509.ProvisioningIdentityCertificateBuilderTest; import net.ripe.rpki.domain.*; +import net.ripe.rpki.server.api.commands.*; import net.ripe.rpki.server.api.services.read.CertificateAuthorityViewService; import org.joda.time.Duration; import org.joda.time.Instant; import org.junit.Test; -import javax.inject.Inject; -import javax.persistence.EntityNotFoundException; +import jakarta.inject.Inject; +import jakarta.persistence.EntityNotFoundException; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.util.Optional; import java.util.UUID; @@ -105,4 +106,18 @@ public void findNonHostedPublisherRepositoriesFailed() { .hasMessageContaining("non-hosted CA '" + principal.getName() + "' not found"); } + + /** + * The {@link CertificateAuthorityViewService#getCaStats()} function makes assumptions about a number of constant + * strings in the audit log. Check this invariant. + */ + + @Test + public void testGetCaEventStatsMagicConstants() { + assertThat(UpdateRoaConfigurationCommand.class.getSimpleName()).isEqualTo("UpdateRoaConfigurationCommand"); + assertThat(ActivateHostedCertificateAuthorityCommand.class.getSimpleName()).isEqualTo("ActivateHostedCertificateAuthorityCommand"); + assertThat(ActivateNonHostedCertificateAuthorityCommand.class.getSimpleName()).isEqualTo("ActivateNonHostedCertificateAuthorityCommand"); + assertThat(DeleteCertificateAuthorityCommand.class.getSimpleName()).isEqualTo("DeleteCertificateAuthorityCommand"); + assertThat(DeleteNonHostedCertificateAuthorityCommand.class.getSimpleName()).isEqualTo("DeleteNonHostedCertificateAuthorityCommand"); + } } diff --git a/src/test/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceStatisticsTest.java b/src/test/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceStatisticsTest.java new file mode 100644 index 0000000..ce004d9 --- /dev/null +++ b/src/test/java/net/ripe/rpki/core/read/services/ca/CertificateAuthorityViewServiceStatisticsTest.java @@ -0,0 +1,164 @@ +package net.ripe.rpki.core.read.services.ca; + +import com.google.common.collect.Lists; +import net.ripe.ipresource.Asn; +import net.ripe.ipresource.IpRange; +import net.ripe.rpki.commons.util.VersionedId; +import net.ripe.rpki.domain.CertificationDomainTestCase; +import net.ripe.rpki.domain.HostedCertificateAuthority; +import net.ripe.rpki.domain.ProductionCertificateAuthority; +import net.ripe.rpki.domain.roa.RoaConfigurationPrefix; +import net.ripe.rpki.domain.roa.RoaConfigurationRepository; +import net.ripe.rpki.ripencc.cache.JpaResourceCacheImpl; +import net.ripe.rpki.server.api.commands.UpdateAllIncomingResourceCertificatesCommand; +import net.ripe.rpki.server.api.commands.UpdateRoaConfigurationCommand; +import net.ripe.rpki.server.api.dto.CaStatRoaEvent; +import net.ripe.rpki.server.api.services.read.CertificateAuthorityViewService; +import net.ripe.rpki.server.api.support.objects.CaName; +import org.apache.commons.lang3.tuple.Pair; +import org.assertj.core.api.InstanceOfAssertFactories; +import org.junit.Before; +import org.junit.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.transaction.annotation.Transactional; + +import javax.security.auth.x500.X500Principal; +import java.security.SecureRandom; +import java.util.List; +import java.util.Optional; +import java.util.UUID; +import java.util.stream.Collectors; +import java.util.stream.IntStream; + +import static net.ripe.ipresource.ImmutableResourceSet.parse; +import static org.assertj.core.api.Assertions.as; +import static org.assertj.core.api.Assertions.assertThat; + +@Transactional +public class CertificateAuthorityViewServiceStatisticsTest extends CertificationDomainTestCase { + private static final long HOSTED_CA_ID = 8L; + + private static final X500Principal CHILD_CA_NAME = new X500Principal("CN=child"); + + // Needs to contain non-private ASNs because command is validated + private static final List ALL_ROA_CONFIGURATIONS = Lists.newArrayList( + // The allocation + new RoaConfigurationPrefix(Asn.parse("1"), IpRange.parse("fc00::/8")), + // And two for the same AS in the first half + new RoaConfigurationPrefix(Asn.parse("2"), IpRange.parse("fc20::/11")), + new RoaConfigurationPrefix(Asn.parse("3"), IpRange.parse("fc20::/11")), + // As well as in the latter half + new RoaConfigurationPrefix(Asn.parse("4"), IpRange.parse("fc80::/11")), + new RoaConfigurationPrefix(Asn.parse("5"), IpRange.parse("fc80::/11")) + ); + + @Autowired + private JpaResourceCacheImpl resourceCache; + + @Autowired + private RoaConfigurationRepository roaConfigurationRepository; + + @Autowired + private CertificateAuthorityViewService subject; + private ProductionCertificateAuthority parent; + private HostedCertificateAuthority child; + + @Before + public void setUp() { + clearDatabase(); + + parent = createInitializedAllResourcesAndProductionCertificateAuthority(); + + child = new HostedCertificateAuthority(HOSTED_CA_ID, CHILD_CA_NAME, UUID.randomUUID(), parent); + certificateAuthorityRepository.add(child); + + // Add the ROA configuration + var ca = certificateAuthorityRepository.findManagedCa(HOSTED_CA_ID); + var roaConfiguration = roaConfigurationRepository.getOrCreateByCertificateAuthority(ca); + roaConfiguration.addPrefix(ALL_ROA_CONFIGURATIONS); + + resourceCache.updateEntry(CaName.of(CHILD_CA_NAME), parse("fc00::/8")); + execute(new UpdateAllIncomingResourceCertificatesCommand(new VersionedId(HOSTED_CA_ID, VersionedId.INITIAL_VERSION), Integer.MAX_VALUE)); + } + + private Pair createAnotherCa(int roaCount) { + var randomId = HOSTED_CA_ID + new SecureRandom().nextLong(1<<60); + // Add another CA with ROAs + final var secondChildCaName = new X500Principal("CN=" + randomId); + + var secondChild = new HostedCertificateAuthority(randomId, secondChildCaName, UUID.randomUUID(), parent); + certificateAuthorityRepository.add(secondChild); + + // Add the ROA configuration + var ca = certificateAuthorityRepository.findManagedCa(randomId); + var roaConfiguration = roaConfigurationRepository.getOrCreateByCertificateAuthority(ca); + + var randomRoas = IntStream.range(0, roaCount) + .mapToObj(i -> new RoaConfigurationPrefix(Asn.parse(Integer.toString(65443 + i)), IpRange.parse("192.0.2.0/24")) + ).collect(Collectors.toList()); + + roaConfiguration.addPrefix(randomRoas); + + resourceCache.updateEntry(CaName.of(secondChildCaName), parse("192.0.2.0/24")); + execute(new UpdateAllIncomingResourceCertificatesCommand(new VersionedId(randomId, VersionedId.INITIAL_VERSION), Integer.MAX_VALUE)); + + return Pair.of(secondChildCaName, randomId); + } + + @Test + public void testGetCaStat() { + assertThat(subject.getCaStats()) + .hasSize(1) + .allMatch(ca -> ca.caName.equals(CHILD_CA_NAME.getName())); + + var second = createAnotherCa(42); + // Should have two CAs, one of which as 42 ROAs + assertThat(subject.getCaStats()) + .hasSize(2) + .anyMatch(thatCa -> second.getKey().getName().equals(thatCa.caName) && thatCa.roas == 42); + + var third = createAnotherCa(0); + assertThat(subject.getCaStats()) + .hasSize(3) + .anyMatch(thatCa -> third.getKey().getName().equals(thatCa.caName) && thatCa.roas == 0); + + // Clear -> 0 + clearDatabase(); + assertThat(subject.getCaStats()).isEmpty(); + } + + @Test + public void testGetCaStatEvents() { + // Initially we have the all resources CA + assertThat(subject.getCaStatEvents()) + .hasSize(0); + + // Deletion is tracked + commandService.execute(new UpdateRoaConfigurationCommand( + child.getVersionedId(), Optional.empty(), + List.of(), + ALL_ROA_CONFIGURATIONS.stream().map(ca -> ca.toData()).collect(Collectors.toList())) + ); + + assertThat(subject.getCaStatEvents()) + .asInstanceOf(InstanceOfAssertFactories.list(CaStatRoaEvent.class)) + .hasSize(1) + // recall: DTO uses a nullable integer + .anyMatch(elem -> child.getName().getName().equals(elem.caName) && Integer.valueOf(ALL_ROA_CONFIGURATIONS.size()).equals(elem.roasDeleted)); + + // (Re-addition) is tracked + commandService.execute(new UpdateRoaConfigurationCommand( + child.getVersionedId(), Optional.empty(), + ALL_ROA_CONFIGURATIONS.stream().map(ca -> ca.toData()).collect(Collectors.toList()), + List.of()) + ); + assertThat(subject.getCaStatEvents()) + .asInstanceOf(InstanceOfAssertFactories.list(CaStatRoaEvent.class)) + .hasSize(2) + .anyMatch(elem -> child.getName().getName().equals(elem.caName) && Integer.valueOf(ALL_ROA_CONFIGURATIONS.size()).equals(elem.roasAdded)); + + // Clear -> 0 + clearDatabase(); + assertThat(subject.getCaStats()).isEmpty(); + } +} \ No newline at end of file diff --git a/src/test/java/net/ripe/rpki/core/read/services/cert/ResourceCertificateViewServiceImplTest.java b/src/test/java/net/ripe/rpki/core/read/services/cert/ResourceCertificateViewServiceImplTest.java index bddb9ff..5880c71 100644 --- a/src/test/java/net/ripe/rpki/core/read/services/cert/ResourceCertificateViewServiceImplTest.java +++ b/src/test/java/net/ripe/rpki/core/read/services/cert/ResourceCertificateViewServiceImplTest.java @@ -5,8 +5,8 @@ import net.ripe.rpki.server.api.services.read.ResourceCertificateViewService; import org.junit.Test; -import javax.inject.Inject; -import javax.transaction.Transactional; +import jakarta.inject.Inject; +import jakarta.transaction.Transactional; import static org.assertj.core.api.Assertions.assertThat; diff --git a/src/test/java/net/ripe/rpki/core/services/background/SequentialBackgroundQueuedTaskRunnerTest.java b/src/test/java/net/ripe/rpki/core/services/background/SequentialBackgroundQueuedTaskRunnerTest.java index 016032e..2ec447e 100644 --- a/src/test/java/net/ripe/rpki/core/services/background/SequentialBackgroundQueuedTaskRunnerTest.java +++ b/src/test/java/net/ripe/rpki/core/services/background/SequentialBackgroundQueuedTaskRunnerTest.java @@ -98,7 +98,7 @@ public void should_run_many_tasks_sequentially() throws InterruptedException { start.countDown(); assertThat(done.await(1, TimeUnit.SECONDS)).isTrue(); - assertThat(data).isEqualTo(Stream.iterate(0, x -> x + 1).limit(threadCount).collect(Collectors.toList())); + assertThat(data).isEqualTo(Stream.iterate(0, x -> x + 1).limit(threadCount).toList()); } @Test diff --git a/src/test/java/net/ripe/rpki/core/write/services/command/CommandServiceImplTest.java b/src/test/java/net/ripe/rpki/core/write/services/command/CommandServiceImplTest.java index c1f23b9..4d607a4 100644 --- a/src/test/java/net/ripe/rpki/core/write/services/command/CommandServiceImplTest.java +++ b/src/test/java/net/ripe/rpki/core/write/services/command/CommandServiceImplTest.java @@ -21,7 +21,7 @@ import org.springframework.transaction.support.TransactionCallback; import org.springframework.transaction.support.TransactionTemplate; -import javax.persistence.OptimisticLockException; +import jakarta.persistence.OptimisticLockException; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -59,7 +59,7 @@ public void setUp() { final TransactionTemplate transactionTemplate = new TransactionTemplate() { @Override public T execute(TransactionCallback action) throws TransactionException { - transactionStatuses.add(new DefaultTransactionStatus(null,true,true,true,true,null)); + transactionStatuses.add(new DefaultTransactionStatus("CommandServiceImplTest", null,true,true, false, true,true,null)); return action.doInTransaction(transactionStatuses.get(transactionStatuses.size()-1)); } }; diff --git a/src/test/java/net/ripe/rpki/domain/CertificationDomainTestCase.java b/src/test/java/net/ripe/rpki/domain/CertificationDomainTestCase.java index 095a2d7..0867df8 100644 --- a/src/test/java/net/ripe/rpki/domain/CertificationDomainTestCase.java +++ b/src/test/java/net/ripe/rpki/domain/CertificationDomainTestCase.java @@ -10,10 +10,12 @@ import net.ripe.rpki.domain.manifest.ManifestEntityRepository; import net.ripe.rpki.domain.manifest.ManifestPublicationService; import net.ripe.rpki.domain.signing.CertificateRequestCreationService; +import net.ripe.rpki.server.api.commands.CertificateAuthorityCommand; import net.ripe.rpki.server.api.configuration.Environment; import net.ripe.rpki.server.api.configuration.RepositoryConfiguration; import net.ripe.rpki.server.api.ports.ResourceCache; import net.ripe.rpki.server.api.services.command.CommandService; +import net.ripe.rpki.server.api.services.command.CommandStatus; import net.ripe.rpki.server.api.support.objects.CaName; import org.junit.Before; import org.junit.runner.RunWith; @@ -23,8 +25,8 @@ import org.springframework.test.context.junit4.SpringRunner; import org.springframework.transaction.support.TransactionTemplate; -import javax.inject.Named; -import javax.persistence.EntityManager; +import jakarta.inject.Named; +import jakarta.persistence.EntityManager; import java.util.Map; import java.util.UUID; import java.util.function.Supplier; @@ -105,7 +107,7 @@ public void setupTest() { protected void clearDatabase() { // Clean the test database. Note that this is not transactional, but the test database should be empty anyway. - entityManager.createNativeQuery("TRUNCATE TABLE certificateauthority, ta_published_object, resource_cache CASCADE").executeUpdate(); + entityManager.createNativeQuery("TRUNCATE TABLE certificateauthority, commandaudit, ta_published_object, resource_cache CASCADE").executeUpdate(); resourceCache.populateCache(Map.of(CaName.of(repositoryConfiguration.getProductionCaPrincipal()), ImmutableResourceSet.ALL_PRIVATE_USE_RESOURCES)); } @@ -144,13 +146,13 @@ protected KeyPairEntity issueCertificateForNewKey(ManagedCertificateAuthority pa } public ProductionCertificateAuthority createInitialisedProdCaWithRipeResources() { - ProductionCertificateAuthority ca = TestObjects.createInitialisedProdCaWithRipeResources(resourceCertificateRepository, repositoryConfiguration); + ProductionCertificateAuthority ca = TestObjects.createInitialisedProdCaWithRipeResources(certificateAuthorityRepository, resourceCertificateRepository, repositoryConfiguration); certificateAuthorityRepository.add(ca); return ca; } public KeyPairEntity createInitialisedProductionCaKeyPair(ProductionCertificateAuthority ca, String keyPairName) { - return TestObjects.createInitialisedKeyPair(resourceCertificateRepository, repositoryConfiguration, ca, keyPairName); + return TestObjects.createInitialisedKeyPair(certificateAuthorityRepository, resourceCertificateRepository, repositoryConfiguration, ca, keyPairName); } protected void inTx(Runnable r) { @@ -169,4 +171,12 @@ protected CertificateAuthority createCaIfDoesntExist(CertificateAuthority ca) { } return existing; } + + protected CommandStatus execute(CertificateAuthorityCommand command) { + try { + return commandService.execute(command); + } finally { + entityManager.flush(); + } + } } diff --git a/src/test/java/net/ripe/rpki/domain/TestObjects.java b/src/test/java/net/ripe/rpki/domain/TestObjects.java index c72cea6..346b617 100644 --- a/src/test/java/net/ripe/rpki/domain/TestObjects.java +++ b/src/test/java/net/ripe/rpki/domain/TestObjects.java @@ -6,6 +6,7 @@ import net.ripe.rpki.commons.crypto.util.KeyPairFactoryTest; import net.ripe.rpki.commons.crypto.x509cert.X509CertificateInformationAccessDescriptor; import net.ripe.rpki.commons.provisioning.x509.pkcs10.RpkiCaCertificateRequestBuilder; +import net.ripe.rpki.domain.inmemory.InMemoryCertificateAuthorityRepository; import net.ripe.rpki.domain.inmemory.InMemoryResourceCertificateRepository; import net.ripe.rpki.domain.interca.CertificateIssuanceResponse; import net.ripe.rpki.hsm.Keys; @@ -178,19 +179,21 @@ public static ResourceCertificateBuilder createBuilder(KeyPairEntity signingKeyP public static ProductionCertificateAuthority createInitialisedProdCaWithRipeResources() { RepositoryConfiguration certificationConfiguration = mock(RepositoryConfiguration.class); when(certificationConfiguration.getPublicRepositoryUri()).thenReturn(BASE_URI); - return createInitialisedProdCaWithRipeResources(new InMemoryResourceCertificateRepository(), certificationConfiguration); + return createInitialisedProdCaWithRipeResources(new InMemoryCertificateAuthorityRepository(), new InMemoryResourceCertificateRepository(), certificationConfiguration); } - public static ProductionCertificateAuthority createInitialisedProdCaWithRipeResources(ResourceCertificateRepository resourceCertificateRepository, RepositoryConfiguration certificationConfiguration) { + public static ProductionCertificateAuthority createInitialisedProdCaWithRipeResources(CertificateAuthorityRepository certificateAuthorityRepository, ResourceCertificateRepository resourceCertificateRepository, RepositoryConfiguration certificationConfiguration) { ProductionCertificateAuthority ca = new ProductionCertificateAuthority(CA_ID, PRODUCTION_CA_NAME, UUID.randomUUID(), null); - createInitialisedKeyPair(resourceCertificateRepository, certificationConfiguration, ca, "TEST-KEY"); + createInitialisedKeyPair(certificateAuthorityRepository, resourceCertificateRepository, certificationConfiguration, ca, "TEST-KEY"); Validate.isTrue(ca.hasCurrentKeyPair()); return ca; } - static KeyPairEntity createInitialisedKeyPair(ResourceCertificateRepository resourceCertificateRepository, RepositoryConfiguration certificationConfiguration, ProductionCertificateAuthority ca, String name) { + static KeyPairEntity createInitialisedKeyPair(CertificateAuthorityRepository certificateAuthorityRepository, ResourceCertificateRepository resourceCertificateRepository, RepositoryConfiguration certificationConfiguration, ProductionCertificateAuthority ca, String name) { KeyPairEntity kp = createTestKeyPair(name); ca.addKeyPair(kp); + // Implicitly persists the keypair before it is used in a outgoing resource certificate + certificateAuthorityRepository.add(ca); issueSelfSignedCertificates(resourceCertificateRepository, certificationConfiguration, ca); return kp; } diff --git a/src/test/java/net/ripe/rpki/domain/alerts/RoaAlertMaintenanceServiceBeanTest.java b/src/test/java/net/ripe/rpki/domain/alerts/RoaAlertMaintenanceServiceBeanTest.java index 2a62fb9..f603cb9 100644 --- a/src/test/java/net/ripe/rpki/domain/alerts/RoaAlertMaintenanceServiceBeanTest.java +++ b/src/test/java/net/ripe/rpki/domain/alerts/RoaAlertMaintenanceServiceBeanTest.java @@ -21,9 +21,8 @@ import org.springframework.beans.factory.annotation.Autowired; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.util.*; -import java.util.stream.Collectors; import static net.ripe.ipresource.ImmutableResourceSet.parse; import static net.ripe.rpki.commons.validation.roa.RouteValidityState.*; @@ -37,7 +36,7 @@ public class RoaAlertMaintenanceServiceBeanTest extends CertificationDomainTestC private static final X500Principal CHILD_CA_NAME = new X500Principal("CN=child"); public static final ImmutableResourceSet INITIAL_CHILD_RESOURCES = parse("fc00::/8"); - private static List ALL_ROUTES = Lists.newArrayList( + private static final List ALL_ROUTES = Lists.newArrayList( // The /7 private use resource - less specific than allocation new AnnouncedRoute(Asn.parse("64496"), IpRange.parse("fc00::/7")), // The allocation @@ -128,8 +127,7 @@ public void should_remove_alerts_out_of_resources_when_resources_contract() { .map(ig -> ig.toData()) .containsExactlyInAnyOrderElementsOf( ALL_ROUTES.stream() - .filter(r -> !IpRange.parse("fc80::/9").contains(r.getPrefix())) - .collect(Collectors.toList()) + .filter(r -> !IpRange.parse("fc80::/9").contains(r.getPrefix())).toList() ) .hasSize(4); @@ -150,12 +148,4 @@ public void should_remove_alerts_out_of_resources_when_resources_are_removed() { .extracting(RoaAlertConfiguration::getIgnored, InstanceOfAssertFactories.ITERABLE) .isEmpty(); } - - private CommandStatus execute(CertificateAuthorityCommand command) { - try { - return subject.execute(command); - } finally { - entityManager.flush(); - } - } } diff --git a/src/test/java/net/ripe/rpki/domain/inmemory/InMemoryCertificateAuthorityRepository.java b/src/test/java/net/ripe/rpki/domain/inmemory/InMemoryCertificateAuthorityRepository.java new file mode 100644 index 0000000..ca66be0 --- /dev/null +++ b/src/test/java/net/ripe/rpki/domain/inmemory/InMemoryCertificateAuthorityRepository.java @@ -0,0 +1,101 @@ +package net.ripe.rpki.domain.inmemory; + +import jakarta.persistence.LockModeType; +import net.ripe.rpki.domain.*; +import net.ripe.rpki.ripencc.support.persistence.InMemoryRepository; +import net.ripe.rpki.server.api.dto.CaStat; +import net.ripe.rpki.server.api.dto.CaStatEvent; +import org.joda.time.DateTime; + +import javax.security.auth.x500.X500Principal; +import java.util.Collection; +import java.util.List; +import java.util.Optional; +import java.util.UUID; + +public class InMemoryCertificateAuthorityRepository extends InMemoryRepository implements CertificateAuthorityRepository { + @Override + public CertificateAuthority findByName(X500Principal name) { + throw new UnsupportedOperationException(); + } + + @Override + public T findByTypeAndName(Class type, X500Principal name) { + throw new UnsupportedOperationException(); + } + + @Override + public T findByTypeAndUuid(Class type, UUID uuid, LockModeType lockModeType) { + throw new UnsupportedOperationException(); + } + + @Override + public ProductionCertificateAuthority findRootCAByName(X500Principal name) { + throw new UnsupportedOperationException(); + } + + @Override + public AllResourcesCertificateAuthority findAllResourcesCAByName(X500Principal name) { + throw new UnsupportedOperationException(); + } + + @Override + public Collection findAllByParent(ParentCertificateAuthority parent) { + throw new UnsupportedOperationException(); + } + + @Override + public ManagedCertificateAuthority findManagedCa(Long id) { + throw new UnsupportedOperationException(); + } + + @Override + public NonHostedCertificateAuthority findNonHostedCa(Long id) { + throw new UnsupportedOperationException(); + } + + @Override + public Collection getCAStats() { + throw new UnsupportedOperationException(); + } + + @Override + public Collection getCAStatEvents() { + throw new UnsupportedOperationException(); + } + + @Override + public List findAllWithManifestsExpiringBefore(DateTime notValidAfterCutoff, int maxResult) { + throw new UnsupportedOperationException(); + } + + @Override + public Collection findAllWithOutdatedManifests(boolean includeUpdatedConfiguration, DateTime nextUpdateCutoff, int maxResults) { + throw new UnsupportedOperationException(); + } + + @Override + public int deleteNonHostedPublicKeysWithoutSigningCertificates() { + throw new UnsupportedOperationException(); + } + + @Override + public Collection getCasWithoutKeyPairsAndRoaConfigurationsAndUserActivityDuringTheLastYear() { + throw new UnsupportedOperationException(); + } + + @Override + public Optional findSmallestIntermediateCA(X500Principal productionCaName) { + throw new UnsupportedOperationException(); + } + + @Override + public Class getEntityClass() { + return CertificateAuthority.class; + } + + @Override + public void removeAll() { + throw new UnsupportedOperationException(); + } +} diff --git a/src/test/java/net/ripe/rpki/domain/roa/RoaConfigurationMaintenanceServiceTest.java b/src/test/java/net/ripe/rpki/domain/roa/RoaConfigurationMaintenanceServiceTest.java index cc926df..4807542 100644 --- a/src/test/java/net/ripe/rpki/domain/roa/RoaConfigurationMaintenanceServiceTest.java +++ b/src/test/java/net/ripe/rpki/domain/roa/RoaConfigurationMaintenanceServiceTest.java @@ -19,12 +19,11 @@ import org.springframework.beans.factory.annotation.Autowired; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.util.Collection; import java.util.List; import java.util.Optional; import java.util.UUID; -import java.util.stream.Collectors; import static net.ripe.ipresource.ImmutableResourceSet.parse; import static org.assertj.core.api.Assertions.assertThat; @@ -51,9 +50,6 @@ public class RoaConfigurationMaintenanceServiceTest extends CertificationDomainT @Autowired private JpaResourceCacheImpl resourceCache; - @Autowired - private CommandService subject; - @Autowired private RoaConfigurationRepository roaConfigurationRepository; @@ -122,8 +118,7 @@ public void should_remove_roa_configurations_out_of_resources_when_resources_con assertThat(roaConfiguration.getPrefixes()) .containsExactlyInAnyOrderElementsOf( ALL_ROA_CONFIGURATIONS.stream() - .filter(r -> IpRange.parse("fc00::/9").contains(r.getPrefix())) - .collect(Collectors.toList()) + .filter(r -> IpRange.parse("fc00::/9").contains(r.getPrefix())).toList() ) .hasSize(2); @@ -142,12 +137,4 @@ public void should_remove_roa_prefixes_when_resources_are_removed() { assertThat(roaConfigurationRepository.findByCertificateAuthority(child)) .hasValueSatisfying(config -> assertThat(config.getPrefixes()).isEmpty()); } - - private CommandStatus execute(CertificateAuthorityCommand command) { - try { - return subject.execute(command); - } finally { - entityManager.flush(); - } - } } diff --git a/src/test/java/net/ripe/rpki/domain/rta/UpStreamCARequestEntityTest.java b/src/test/java/net/ripe/rpki/domain/rta/UpStreamCARequestEntityTest.java index 9948335..6972495 100644 --- a/src/test/java/net/ripe/rpki/domain/rta/UpStreamCARequestEntityTest.java +++ b/src/test/java/net/ripe/rpki/domain/rta/UpStreamCARequestEntityTest.java @@ -6,8 +6,7 @@ import net.ripe.rpki.commons.ta.domain.request.SigningRequest; import net.ripe.rpki.commons.ta.domain.request.TaRequest; import net.ripe.rpki.commons.ta.domain.request.TrustAnchorRequest; -import org.junit.Ignore; -import org.junit.Test; +import org.junit.jupiter.api.Test; import org.springframework.util.ReflectionUtils; import java.lang.reflect.Field; @@ -16,13 +15,12 @@ import java.util.List; import java.util.UUID; -import static org.junit.Assert.*; +import static org.assertj.core.api.Assertions.assertThat; public class UpStreamCARequestEntityTest { @Test - @Ignore ("the test should not look at the instance") public void shouldUnderstandRevokeKey() { RevocationRequest revokeRequest = new RevocationRequest("test resource class", "CN=whoevah"); List requests = new ArrayList<>(); @@ -32,8 +30,8 @@ public void shouldUnderstandRevokeKey() { UpStreamCARequestEntity subject = new UpStreamCARequestEntity(null, trustAnchorRequest); - TrustAnchorRequest actual = subject.getUpStreamCARequest(); - assertEquals(trustAnchorRequest, actual); + // No equals on TrustAnchorRequest + assertThat(subject.getUpStreamCARequest()).usingRecursiveComparison().isEqualTo(trustAnchorRequest); } @Test @@ -52,14 +50,13 @@ public void shouldParseOldStoredUpstreamCARequest() { ""; UpStreamCARequestEntity subject = mkUpstreamCARequestWithXML(request); - assertNotNull("Invalid UpStreamCARequest", subject.getUpStreamCARequest()); + assertThat(subject.getUpStreamCARequest()).isNotNull().withFailMessage("Invalid UpStreamCARequest"); TaRequest taRequest = subject.getUpStreamCARequest().getTaRequests().get(0); - assertEquals(requestId, taRequest.getRequestId().toString()); - assertTrue("Parsed TA request should be a 'SigningRequest'", taRequest instanceof SigningRequest); + assertThat(requestId).isEqualTo(taRequest.getRequestId().toString()); + assertThat(taRequest).isInstanceOf(SigningRequest.class).withFailMessage("Parsed TA request should be a 'SigningRequest'"); SigningRequest signingRequest = (SigningRequest) taRequest; - assertTrue( - "Signing request should container IP resource set 193.0.0.0/8", - signingRequest.getResourceCertificateRequest().getIpResourceSet().contains(IpResource.parse("193.0.0.0/8")) + assertThat(signingRequest.getResourceCertificateRequest().getIpResourceSet()).contains(IpResource.parse("193.0.0.0/8")).withFailMessage( + "Signing request should container IP resource set 193.0.0.0/8" ); } @@ -79,7 +76,7 @@ public void shouldSerializeParsedUpstreamCARequest() { UpStreamCARequestEntity entity = mkUpstreamCARequestWithXML(request); UpStreamCARequestEntity subject = new UpStreamCARequestEntity(null, entity.getUpStreamCARequest()); - assertEquals(request, getUpstreamCARequestXML(subject)); + assertThat(request).isEqualTo(getUpstreamCARequestXML(subject)); } private static UpStreamCARequestEntity mkUpstreamCARequestWithXML(String caRequestXml) { @@ -97,7 +94,7 @@ private static String getUpstreamCARequestXML(UpStreamCARequestEntity entity) { private static Field upstreamCARequestField() { Field upStreamCARequest = ReflectionUtils.findField(UpStreamCARequestEntity.class, "upStreamCARequest", String.class); - assertNotNull("Field 'upStreamCARequest' of type String not found in class UpStreamCARequestEntity", upStreamCARequest); + assertThat(upStreamCARequest).isNotNull().withFailMessage("Field 'upStreamCARequest' of type String not found in class UpStreamCARequestEntity"); ReflectionUtils.makeAccessible(upStreamCARequest); return upStreamCARequest; } diff --git a/src/test/java/net/ripe/rpki/hsm/db/DatabaseKeyStorageTest.java b/src/test/java/net/ripe/rpki/hsm/db/DatabaseKeyStorageTest.java index 9221dfb..6d78468 100644 --- a/src/test/java/net/ripe/rpki/hsm/db/DatabaseKeyStorageTest.java +++ b/src/test/java/net/ripe/rpki/hsm/db/DatabaseKeyStorageTest.java @@ -19,7 +19,7 @@ import org.springframework.test.context.junit4.SpringRunner; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.math.BigInteger; import java.security.KeyPair; import java.security.cert.Certificate; diff --git a/src/test/java/net/ripe/rpki/offline/ra/service/TrustAnchorResponseProcessorTest.java b/src/test/java/net/ripe/rpki/offline/ra/service/TrustAnchorResponseProcessorTest.java index 7e1a3c3..b975082 100644 --- a/src/test/java/net/ripe/rpki/offline/ra/service/TrustAnchorResponseProcessorTest.java +++ b/src/test/java/net/ripe/rpki/offline/ra/service/TrustAnchorResponseProcessorTest.java @@ -4,8 +4,6 @@ import net.ripe.rpki.commons.FixedDateRule; import net.ripe.rpki.commons.crypto.CertificateRepositoryObject; import net.ripe.rpki.commons.crypto.UnknownCertificateRepositoryObject; -import net.ripe.rpki.commons.crypto.crl.CrlLocator; -import net.ripe.rpki.commons.crypto.crl.X509Crl; import net.ripe.rpki.commons.crypto.x509cert.X509CertificateInformationAccessDescriptor; import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificate; import net.ripe.rpki.commons.ta.domain.request.*; @@ -13,9 +11,6 @@ import net.ripe.rpki.commons.ta.domain.response.RevocationResponse; import net.ripe.rpki.commons.ta.domain.response.SigningResponse; import net.ripe.rpki.commons.ta.domain.response.TrustAnchorResponse; -import net.ripe.rpki.commons.validation.ValidationOptions; -import net.ripe.rpki.commons.validation.ValidationResult; -import net.ripe.rpki.commons.validation.objectvalidators.CertificateRepositoryObjectValidationContext; import net.ripe.rpki.domain.*; import net.ripe.rpki.domain.archive.KeyPairDeletionService; import net.ripe.rpki.domain.interca.CertificateIssuanceResponse; @@ -29,7 +24,7 @@ import org.junit.runner.RunWith; import org.mockito.Mock; -import javax.persistence.EntityManager; +import jakarta.persistence.EntityManager; import javax.security.auth.x500.X500Principal; import java.net.URI; import java.util.*; diff --git a/src/test/java/net/ripe/rpki/publication/persistence/disk/FileSystemPublicationObjectPersistenceTest.java b/src/test/java/net/ripe/rpki/publication/persistence/disk/FileSystemPublicationObjectPersistenceTest.java index d142634..abde3e5 100644 --- a/src/test/java/net/ripe/rpki/publication/persistence/disk/FileSystemPublicationObjectPersistenceTest.java +++ b/src/test/java/net/ripe/rpki/publication/persistence/disk/FileSystemPublicationObjectPersistenceTest.java @@ -16,6 +16,7 @@ import java.nio.file.Files; import java.nio.file.Path; import java.sql.Timestamp; +import java.time.Instant; import java.util.Collections; import java.util.Random; import java.util.concurrent.TimeUnit; @@ -32,7 +33,7 @@ public class FileSystemPublicationObjectPersistenceTest { private static final URI TA_REPOSITORY_BASE_URI = URI.create("rsync://repository/ta/"); private File taRepositoryBaseDirectory; - private static final Timestamp CREATED_AT = new Timestamp(System.currentTimeMillis()); + private static final Instant CREATED_AT = Instant.now(); private FileSystemPublicationObjectPersistence subject; @@ -49,6 +50,7 @@ public void setUp(@TempDir File onlineRepositoryBaseDirectory, @TempDir File taR this.taRepositoryBaseDirectory = taRepositoryBaseDirectory; // fix the current time while a test is running + // this time is used for the naming of the target directories DateTimeUtils.setCurrentMillisFixed(new DateTime().getMillis()); subject = new FileSystemPublicationObjectPersistence( @@ -77,7 +79,7 @@ public void should_set_last_modification_time_of_published_object() { subject.writeAll(Collections.singletonList(new PublishedObjectData(CREATED_AT, uri, CONTENTS))); - assertThat(new File(onlineRepositoryBaseDirectory, "published/foo/bar.cer").lastModified() / 1000).isEqualTo(CREATED_AT.getTime() / 1000); + assertThat(new File(onlineRepositoryBaseDirectory, "published/foo/bar.cer").lastModified() / 1000).isEqualTo(CREATED_AT.toEpochMilli() / 1000); } @Test @@ -214,8 +216,7 @@ public void should_not_keep_old_objects() { assertThat(new File(onlineRepositoryBaseDirectory, "published/foo/old.cer")).exists(); DateTimeUtils.setCurrentMillisFixed(DateTimeUtils.currentTimeMillis() + 100); - - subject.writeAll(Collections.singletonList(new PublishedObjectData(new Timestamp(System.currentTimeMillis()), newUri, CONTENTS))); + subject.writeAll(Collections.singletonList(new PublishedObjectData(CREATED_AT.plusSeconds(100), newUri, CONTENTS))); assertThat(new File(onlineRepositoryBaseDirectory, "published/foo/new.cer")).exists(); assertThat(new File(onlineRepositoryBaseDirectory, "published/foo/old.cer")).doesNotExist(); diff --git a/src/test/java/net/ripe/rpki/publication/server/ExternalPublishingServerTest.java b/src/test/java/net/ripe/rpki/publication/server/ExternalPublishingServerTest.java index 28d2da9..40e606d 100644 --- a/src/test/java/net/ripe/rpki/publication/server/ExternalPublishingServerTest.java +++ b/src/test/java/net/ripe/rpki/publication/server/ExternalPublishingServerTest.java @@ -143,13 +143,13 @@ public void should_update_publication_metrics() throws Exception { String clientId = RandomStringUtils.randomAlphanumeric(8); String reply = ""; when(publishingServerClient.publish(eq(PUBLICATION_SERVER_URL), anyString(), eq(clientId))).thenReturn(Mono.just(reply)); - List messages = Stream.of( - new PublicationMessage.PublishRequest(new URI("rsync://blabla.com/xxx.cer"), new byte[]{1, 2, 3}, Optional.empty()), - new PublicationMessage.PublishRequest(new URI("rsync://blabla.com/xxx2.cer"), new byte[]{1, 2, 3, 4}, Optional.empty()), - new PublicationMessage.WithdrawRequest(new URI("rsync://blabla.com/yyy.cer"), "not important"), - new PublicationMessage.PublishRequest(new URI("rsync://blabla.com/xxx.roa"), new byte[]{1, 2, 3}, java.util.Optional.of("aHash")), - new PublicationMessage.WithdrawRequest(new URI("rsync://blabla.com/zzz.weird-extension"), "not important") - ).collect(Collectors.toList()); + List messages = Stream.of( + new PublicationMessage.PublishRequest(new URI("rsync://blabla.com/xxx.cer"), new byte[]{1, 2, 3}, Optional.empty()), + new PublicationMessage.PublishRequest(new URI("rsync://blabla.com/xxx2.cer"), new byte[]{1, 2, 3, 4}, Optional.empty()), + new PublicationMessage.WithdrawRequest(new URI("rsync://blabla.com/yyy.cer"), "not important"), + new PublicationMessage.PublishRequest(new URI("rsync://blabla.com/xxx.roa"), new byte[]{1, 2, 3}, Optional.of("aHash")), + new PublicationMessage.WithdrawRequest(new URI("rsync://blabla.com/zzz.weird-extension"), "not important") + ).toList(); externalPublishingServer.execute(messages, clientId); assertEquals(2.0, meterRegistry.get("rpkicore.publication.operations").tag("operation", "publish").tag("type", "cer").counter().count(), 0.1); assertEquals(1.0, meterRegistry.get("rpkicore.publication.operations").tag("operation", "publish").tag("type", "roa").counter().count(), 0.1); diff --git a/src/test/java/net/ripe/rpki/rest/service/AlertServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/AlertServiceTest.java index eeb047e..0f834eb 100644 --- a/src/test/java/net/ripe/rpki/rest/service/AlertServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/AlertServiceTest.java @@ -40,7 +40,7 @@ import java.util.stream.Collectors; import java.util.stream.IntStream; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/net/ripe/rpki/rest/service/AnnouncementServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/AnnouncementServiceTest.java index 26c00dc..a613b2c 100644 --- a/src/test/java/net/ripe/rpki/rest/service/AnnouncementServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/AnnouncementServiceTest.java @@ -45,7 +45,7 @@ import java.util.Set; import java.util.UUID; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.security.ApiKeySecurity.API_KEY_HEADER; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; import static net.ripe.rpki.rest.service.Rest.TESTING_API_KEY; diff --git a/src/test/java/net/ripe/rpki/rest/service/BackgroundExecutorServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/BackgroundExecutorServiceTest.java index 014a838..f28dd03 100644 --- a/src/test/java/net/ripe/rpki/rest/service/BackgroundExecutorServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/BackgroundExecutorServiceTest.java @@ -16,13 +16,13 @@ import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.web.servlet.MockMvc; -import javax.servlet.http.Cookie; -import javax.ws.rs.core.MediaType; +import jakarta.servlet.http.Cookie; +import jakarta.ws.rs.core.MediaType; import java.util.Collections; import java.util.Map; import java.util.UUID; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.security.ApiKeySecurity.API_KEY_HEADER; import static net.ripe.rpki.rest.security.ApiKeySecurity.USER_ID_HEADER; import static net.ripe.rpki.rest.service.Rest.TESTING_API_KEY; diff --git a/src/test/java/net/ripe/rpki/rest/service/CaAspaConfigurationServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/CaAspaConfigurationServiceTest.java index 00562b0..034e42c 100644 --- a/src/test/java/net/ripe/rpki/rest/service/CaAspaConfigurationServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/CaAspaConfigurationServiceTest.java @@ -111,8 +111,7 @@ public void shouldUpdateAspaConfigurationForCa_with_provider() throws Exception @Test public void shouldUpdateAspaConfigurationForCa_with_multiple_provider() throws Exception { var providers = IntStream.range(1000, 1100) - .mapToObj(i -> "AS"+i) - .collect(Collectors.toList()); + .mapToObj(i -> "AS" + i).toList(); mockMvc.perform(Rest.put(API_URL_PREFIX + "/123/aspa") .header(HttpHeaders.IF_MATCH, ASPA_CONFIGURATION_ETAG) diff --git a/src/test/java/net/ripe/rpki/rest/service/CaRoaConfigurationServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/CaRoaConfigurationServiceTest.java index 51d083c..a8c88ad 100644 --- a/src/test/java/net/ripe/rpki/rest/service/CaRoaConfigurationServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/CaRoaConfigurationServiceTest.java @@ -29,7 +29,7 @@ import org.springframework.test.web.servlet.MockMvc; import javax.security.auth.x500.X500Principal; -import javax.ws.rs.core.HttpHeaders; +import jakarta.ws.rs.core.HttpHeaders; import java.util.*; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; diff --git a/src/test/java/net/ripe/rpki/rest/service/CaStatServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/CaStatServiceTest.java index 14e9a7d..d8b88ec 100644 --- a/src/test/java/net/ripe/rpki/rest/service/CaStatServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/CaStatServiceTest.java @@ -17,7 +17,7 @@ import java.util.Arrays; import java.util.Collection; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static org.mockito.Mockito.when; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; diff --git a/src/test/java/net/ripe/rpki/rest/service/HistoryServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/HistoryServiceTest.java index 5804a10..f752ebb 100644 --- a/src/test/java/net/ripe/rpki/rest/service/HistoryServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/HistoryServiceTest.java @@ -26,7 +26,7 @@ import java.util.List; import static java.util.Arrays.asList; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.service.AbstractCaRestService.API_URL_PREFIX; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.mock; diff --git a/src/test/java/net/ripe/rpki/rest/service/PublisherRepositoriesServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/PublisherRepositoriesServiceTest.java index 7ad64bd..e4d0a7b 100644 --- a/src/test/java/net/ripe/rpki/rest/service/PublisherRepositoriesServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/PublisherRepositoriesServiceTest.java @@ -2,7 +2,6 @@ import net.ripe.ipresource.ImmutableResourceSet; import net.ripe.rpki.TestRpkiBootApplication; -import net.ripe.rpki.commons.provisioning.identity.PublisherRequest; import net.ripe.rpki.commons.provisioning.identity.PublisherRequestSerializer; import net.ripe.rpki.commons.provisioning.identity.RepositoryResponse; import net.ripe.rpki.commons.provisioning.identity.RepositoryResponseSerializer; @@ -21,7 +20,6 @@ import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.ValueSource; -import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureWebMvc; @@ -31,13 +29,12 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.junit.jupiter.SpringExtension; -import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MvcResult; -import javax.persistence.EntityNotFoundException; +import jakarta.persistence.EntityNotFoundException; import javax.security.auth.x500.X500Principal; -import javax.ws.rs.core.MediaType; +import jakarta.ws.rs.core.MediaType; import java.net.URI; import java.nio.charset.StandardCharsets; import java.util.Collections; @@ -52,10 +49,8 @@ import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.when; -import static org.springframework.test.web.client.match.MockRestRequestMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; -import static org.springframework.web.servlet.function.RequestPredicates.contentType; @ActiveProfiles("test") @ExtendWith(SpringExtension.class) diff --git a/src/test/java/net/ripe/rpki/rest/service/Rest.java b/src/test/java/net/ripe/rpki/rest/service/Rest.java index 6b15119..040a9dc 100644 --- a/src/test/java/net/ripe/rpki/rest/service/Rest.java +++ b/src/test/java/net/ripe/rpki/rest/service/Rest.java @@ -5,10 +5,10 @@ import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; -import javax.servlet.http.Cookie; +import jakarta.servlet.http.Cookie; import java.util.UUID; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.rest.security.ApiKeySecurity.API_KEY_HEADER; import static net.ripe.rpki.rest.security.ApiKeySecurity.USER_ID_HEADER; diff --git a/src/test/java/net/ripe/rpki/rest/service/UpstreamCaServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/UpstreamCaServiceTest.java index 44018de..96e1422 100644 --- a/src/test/java/net/ripe/rpki/rest/service/UpstreamCaServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/UpstreamCaServiceTest.java @@ -14,7 +14,7 @@ import java.nio.charset.StandardCharsets; -import static javax.ws.rs.core.MediaType.APPLICATION_XML; +import static jakarta.ws.rs.core.MediaType.APPLICATION_XML; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; diff --git a/src/test/java/net/ripe/rpki/rest/service/monitoring/AspaServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/monitoring/AspaServiceTest.java index 0b9308f..cbf92ee 100644 --- a/src/test/java/net/ripe/rpki/rest/service/monitoring/AspaServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/monitoring/AspaServiceTest.java @@ -20,7 +20,7 @@ import java.util.*; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static org.hamcrest.Matchers.hasSize; import static org.hamcrest.Matchers.nullValue; import static org.mockito.Mockito.mock; diff --git a/src/test/java/net/ripe/rpki/rest/service/monitoring/PublishedObjectsServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/monitoring/PublishedObjectsServiceTest.java index 84a945f..0a364cf 100644 --- a/src/test/java/net/ripe/rpki/rest/service/monitoring/PublishedObjectsServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/monitoring/PublishedObjectsServiceTest.java @@ -19,7 +19,7 @@ import java.util.List; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static org.mockito.Mockito.when; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; diff --git a/src/test/java/net/ripe/rpki/rest/service/monitoring/RoaPrefixesServiceTest.java b/src/test/java/net/ripe/rpki/rest/service/monitoring/RoaPrefixesServiceTest.java index 1758798..b4ca370 100644 --- a/src/test/java/net/ripe/rpki/rest/service/monitoring/RoaPrefixesServiceTest.java +++ b/src/test/java/net/ripe/rpki/rest/service/monitoring/RoaPrefixesServiceTest.java @@ -26,7 +26,7 @@ import java.util.Arrays; import java.util.Optional; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static org.hamcrest.Matchers.hasSize; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; diff --git a/src/test/java/net/ripe/rpki/ripencc/cache/JpaResourceCacheImplTest.java b/src/test/java/net/ripe/rpki/ripencc/cache/JpaResourceCacheImplTest.java index cc8c273..9065961 100644 --- a/src/test/java/net/ripe/rpki/ripencc/cache/JpaResourceCacheImplTest.java +++ b/src/test/java/net/ripe/rpki/ripencc/cache/JpaResourceCacheImplTest.java @@ -7,7 +7,7 @@ import org.junit.Test; import org.springframework.beans.factory.annotation.Autowired; -import javax.persistence.EntityManager; +import jakarta.persistence.EntityManager; import java.util.HashMap; import java.util.Map; import java.util.Optional; diff --git a/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningAuditLogServiceBeanTest.java b/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningAuditLogServiceBeanTest.java index 51c9452..acf2ca9 100644 --- a/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningAuditLogServiceBeanTest.java +++ b/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningAuditLogServiceBeanTest.java @@ -11,8 +11,8 @@ import org.mockito.Mockito; import org.mockito.junit.MockitoJUnitRunner; -import javax.persistence.EntityManager; -import javax.persistence.TypedQuery; +import jakarta.persistence.EntityManager; +import jakarta.persistence.TypedQuery; import java.nio.charset.StandardCharsets; import java.util.Collections; import java.util.List; diff --git a/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsSigningTimeStoreTest.java b/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsSigningTimeStoreTest.java index 8f35d07..07a6b6e 100644 --- a/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsSigningTimeStoreTest.java +++ b/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningCmsSigningTimeStoreTest.java @@ -5,14 +5,15 @@ import net.ripe.rpki.domain.NonHostedCertificateAuthority; import net.ripe.rpki.domain.ProductionCertificateAuthority; import net.ripe.rpki.server.api.dto.NonHostedCertificateAuthorityData; -import org.joda.time.DateTime; -import org.joda.time.DateTimeZone; import org.junit.Before; import org.junit.Test; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; + +import java.time.Instant; +import java.time.temporal.ChronoUnit; import static org.assertj.core.api.Assertions.assertThat; @@ -42,23 +43,37 @@ public void setUp() { @Test public void should_track_last_seen_signing_time() { - DateTime cmsSigningTime = DateTime.now(DateTimeZone.UTC); + // Truncate to milliseconds due to the JVM dependant precision of Instant + Instant cmsSigningTime = Instant.now().truncatedTo(ChronoUnit.MILLIS); assertThat(subject.getLastSeenProvisioningCmsSignedAt(nonHostedCa)).isEmpty(); boolean updated = subject.updateLastSeenProvisioningCmsSeenAt(nonHostedCa, cmsSigningTime); assertThat(updated).isTrue(); assertThat(subject.getLastSeenProvisioningCmsSignedAt(nonHostedCa)) - .get().isEqualTo(cmsSigningTime); + .hasValue(cmsSigningTime); - updated = subject.updateLastSeenProvisioningCmsSeenAt(nonHostedCa, cmsSigningTime.plusMinutes(1)); + updated = subject.updateLastSeenProvisioningCmsSeenAt(nonHostedCa, cmsSigningTime.plus(1, ChronoUnit.MINUTES)); assertThat(updated).isTrue(); assertThat(subject.getLastSeenProvisioningCmsSignedAt(nonHostedCa)) - .get().isEqualTo(cmsSigningTime.plusMinutes(1)); + .hasValue(cmsSigningTime.plus(1, ChronoUnit.MINUTES)); - updated = subject.updateLastSeenProvisioningCmsSeenAt(nonHostedCa, cmsSigningTime.minusMinutes(1)); + updated = subject.updateLastSeenProvisioningCmsSeenAt(nonHostedCa, cmsSigningTime.minus(1, ChronoUnit.MINUTES)); assertThat(updated).isFalse(); assertThat(subject.getLastSeenProvisioningCmsSignedAt(nonHostedCa)) - .get().isEqualTo(cmsSigningTime.plusMinutes(1)); + .hasValue(cmsSigningTime.plus(1, ChronoUnit.MINUTES)); + } + + @Test + public void should_track_last_seen_signing_time_jodatime() { + Instant cmsSigningTime = Instant.now(); + + assertThat(subject.getLastSeenProvisioningCmsSignedAt(nonHostedCa)).isEmpty(); + boolean updated = subject.updateLastSeenProvisioningCmsSeenAt(nonHostedCa, org.joda.time.Instant.ofEpochMilli(cmsSigningTime.toEpochMilli()).toDateTime()); + assertThat(updated).isTrue(); + + // Java instant has microsecond precision while the conversion has millisecond precision + assertThat(subject.getLastSeenProvisioningCmsSignedAt(nonHostedCa).map(st -> st.truncatedTo(ChronoUnit.MILLIS))) + .hasValue(cmsSigningTime.truncatedTo(ChronoUnit.MILLIS)); } } diff --git a/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningRequestProcessorBeanTest.java b/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningRequestProcessorBeanTest.java index 5721c9f..e6ed534 100644 --- a/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningRequestProcessorBeanTest.java +++ b/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningRequestProcessorBeanTest.java @@ -33,7 +33,7 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; -import javax.persistence.LockTimeoutException; +import jakarta.persistence.LockTimeoutException; import javax.security.auth.x500.X500Principal; import java.security.InvalidKeyException; import java.security.PublicKey; diff --git a/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningServletTest.java b/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningServletTest.java index dad74a7..ff38ff2 100644 --- a/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningServletTest.java +++ b/src/test/java/net/ripe/rpki/ripencc/provisioning/ProvisioningServletTest.java @@ -10,8 +10,8 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.ArgumentMatchers.any; diff --git a/src/test/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBeanTest.java b/src/test/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBeanTest.java index 01e502b..f93ed5a 100644 --- a/src/test/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBeanTest.java +++ b/src/test/java/net/ripe/rpki/ripencc/services/impl/KrillNonHostedPublisherRepositoryBeanTest.java @@ -14,7 +14,7 @@ import org.springframework.core.io.Resource; import org.springframework.http.HttpStatus; -import javax.ws.rs.core.HttpHeaders; +import jakarta.ws.rs.core.HttpHeaders; import java.nio.charset.StandardCharsets; import java.util.Set; import java.util.UUID; @@ -26,7 +26,7 @@ import static com.github.tomakehurst.wiremock.client.WireMock.post; import static com.github.tomakehurst.wiremock.client.WireMock.stubFor; import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.ripencc.services.impl.KrillNonHostedPublisherRepositoryBean.MONITORING_TARGET; import static net.ripe.rpki.ripencc.services.impl.KrillNonHostedPublisherRepositoryBean.PUBD_PUBLISHERS; import static org.assertj.core.api.Assertions.assertThat; diff --git a/src/test/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClientTest.java b/src/test/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClientTest.java index 2a5201d..85db4b4 100644 --- a/src/test/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClientTest.java +++ b/src/test/java/net/ripe/rpki/ripencc/services/impl/RestResourceServicesClientTest.java @@ -14,7 +14,7 @@ import static com.github.tomakehurst.wiremock.client.WireMock.head; import static com.github.tomakehurst.wiremock.client.WireMock.stubFor; import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; -import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; import static net.ripe.rpki.server.api.ports.ResourceServicesClient.*; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; diff --git a/src/test/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthChecksTest.java b/src/test/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthChecksTest.java index 7ce4e7b..15a8ed8 100644 --- a/src/test/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthChecksTest.java +++ b/src/test/java/net/ripe/rpki/ripencc/ui/daemon/health/HealthChecksTest.java @@ -7,7 +7,7 @@ import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.junit4.SpringRunner; -import javax.inject.Inject; +import jakarta.inject.Inject; import static org.assertj.core.api.AssertionsForClassTypes.assertThat; diff --git a/src/test/java/net/ripe/rpki/services/impl/EmailSenderBeanTest.java b/src/test/java/net/ripe/rpki/services/impl/EmailSenderBeanTest.java index 4d747b4..19ff649 100644 --- a/src/test/java/net/ripe/rpki/services/impl/EmailSenderBeanTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/EmailSenderBeanTest.java @@ -24,6 +24,7 @@ import org.springframework.mail.SimpleMailMessage; import javax.security.auth.x500.X500Principal; +import java.security.SecureRandom; import java.util.*; import static org.assertj.core.api.AssertionsForClassTypes.assertThat; @@ -85,7 +86,7 @@ private Map variablesFor(EmailSender.EmailTemplates template) { new VersionedId(42L), new X500Principal("CN=org.example"), UUID.randomUUID(), - RandomUtils.nextLong(), + new SecureRandom().nextLong(), ImmutableResourceSet.empty(), List.of() ); diff --git a/src/test/java/net/ripe/rpki/services/impl/RoaServiceBeanTest.java b/src/test/java/net/ripe/rpki/services/impl/RoaServiceBeanTest.java index a314bee..cbbfa91 100644 --- a/src/test/java/net/ripe/rpki/services/impl/RoaServiceBeanTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/RoaServiceBeanTest.java @@ -4,7 +4,6 @@ import net.ripe.ipresource.IpRange; import net.ripe.rpki.commons.crypto.ValidityPeriod; import net.ripe.rpki.domain.CertificateAuthorityRepository; -import net.ripe.rpki.domain.KeyPairEntity; import net.ripe.rpki.domain.ManagedCertificateAuthority; import net.ripe.rpki.domain.TestObjects; import net.ripe.rpki.domain.roa.RoaConfiguration; @@ -19,7 +18,7 @@ import org.junit.Before; import org.junit.Test; -import javax.persistence.NoResultException; +import jakarta.persistence.NoResultException; import java.util.Arrays; import java.util.Collections; import java.util.List; @@ -27,7 +26,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; -import static org.mockito.ArgumentMatchers.isA; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; diff --git a/src/test/java/net/ripe/rpki/services/impl/background/AllCaCertificateUpdateServiceBeanTest.java b/src/test/java/net/ripe/rpki/services/impl/background/AllCaCertificateUpdateServiceBeanTest.java index 14fdc79..7fb25a0 100644 --- a/src/test/java/net/ripe/rpki/services/impl/background/AllCaCertificateUpdateServiceBeanTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/background/AllCaCertificateUpdateServiceBeanTest.java @@ -22,7 +22,7 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; -import javax.persistence.EntityNotFoundException; +import jakarta.persistence.EntityNotFoundException; import javax.security.auth.x500.X500Principal; import java.util.*; diff --git a/src/test/java/net/ripe/rpki/services/impl/background/BackgroundServiceMetricsTest.java b/src/test/java/net/ripe/rpki/services/impl/background/BackgroundServiceMetricsTest.java index 122e04b..c7b187e 100644 --- a/src/test/java/net/ripe/rpki/services/impl/background/BackgroundServiceMetricsTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/background/BackgroundServiceMetricsTest.java @@ -7,6 +7,9 @@ import org.apache.commons.lang3.RandomUtils; import org.junit.Test; +import java.security.SecureRandom; +import java.util.Random; + import static net.ripe.rpki.services.impl.background.BackgroundServiceMetrics.SERVICE_RESULT_COUNTER_METRIC; import static org.assertj.core.api.AssertionsForClassTypes.assertThat; @@ -25,7 +28,9 @@ public void shouldTrackServiceExecutionStart() { @Test public void shouldTrackSuccessfulServiceExecution() { String service = RandomStringUtils.randomAlphanumeric(16); - BackgroundServiceExecutionResult job = new BackgroundServiceExecutionResult(RandomUtils.nextLong(), RandomUtils.nextLong(), BackgroundServiceExecutionResult.Status.SUCCESS); + var random = new SecureRandom(); + + BackgroundServiceExecutionResult job = new BackgroundServiceExecutionResult(random.nextLong(), random.nextLong(), BackgroundServiceExecutionResult.Status.SUCCESS); subject.trackStartTime(service); subject.trackResult(service, job); diff --git a/src/test/java/net/ripe/rpki/services/impl/background/BackgroundServicesTest.java b/src/test/java/net/ripe/rpki/services/impl/background/BackgroundServicesTest.java index 7196829..7bb24e3 100644 --- a/src/test/java/net/ripe/rpki/services/impl/background/BackgroundServicesTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/background/BackgroundServicesTest.java @@ -9,7 +9,7 @@ import org.junit.jupiter.api.TestInstance; import org.springframework.beans.factory.support.DefaultListableBeanFactory; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Collections; import java.util.Map; diff --git a/src/test/java/net/ripe/rpki/services/impl/background/PublicRepositoryPublicationServiceBeanTest.java b/src/test/java/net/ripe/rpki/services/impl/background/PublicRepositoryPublicationServiceBeanTest.java index 86a9dd6..8620fdb 100644 --- a/src/test/java/net/ripe/rpki/services/impl/background/PublicRepositoryPublicationServiceBeanTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/background/PublicRepositoryPublicationServiceBeanTest.java @@ -8,7 +8,7 @@ import org.junit.Before; import org.junit.Test; -import javax.inject.Inject; +import jakarta.inject.Inject; import java.util.Collection; import java.util.Collections; import java.util.EnumSet; diff --git a/src/test/java/net/ripe/rpki/services/impl/handlers/ChildParentCertificateUpdateSagaHostedTest.java b/src/test/java/net/ripe/rpki/services/impl/handlers/ChildParentCertificateUpdateSagaHostedTest.java index dac6de1..6849fd2 100644 --- a/src/test/java/net/ripe/rpki/services/impl/handlers/ChildParentCertificateUpdateSagaHostedTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/handlers/ChildParentCertificateUpdateSagaHostedTest.java @@ -21,9 +21,9 @@ import org.junit.Before; import org.junit.Test; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.net.URI; import java.security.PublicKey; import java.util.*; @@ -358,15 +358,13 @@ private void assertChildParentInvariants(HostedCertificateAuthority child, Manag .collect(Collectors.toSet()); Collection outgoingResourceCertificates = parent.getKeyPairs().stream() - .filter(KeyPairEntity::isPublishable) - .flatMap(kp -> resourceCertificateRepository.findAllBySigningKeyPair(kp).stream()) - .filter(c -> c.isCurrent() && PublicationStatus.ACTIVE_STATUSES.contains(c.getPublishedObject().getStatus())) - .filter(c -> childPublicKeys.contains(c.getSubjectPublicKey())) - .collect(Collectors.toList()); + .filter(KeyPairEntity::isPublishable) + .flatMap(kp -> resourceCertificateRepository.findAllBySigningKeyPair(kp).stream()) + .filter(c -> c.isCurrent() && PublicationStatus.ACTIVE_STATUSES.contains(c.getPublishedObject().getStatus())) + .filter(c -> childPublicKeys.contains(c.getSubjectPublicKey())).toList(); Collection incomingResourceCertificates = child.getKeyPairs().stream() - .filter(KeyPairEntity::isPublishable) - .flatMap(kp -> kp.findCurrentIncomingCertificate().stream()) - .collect(Collectors.toList()); + .filter(KeyPairEntity::isPublishable) + .flatMap(kp -> kp.findCurrentIncomingCertificate().stream()).toList(); assertThat(childPublicKeys).hasSize(outgoingResourceCertificates.size()); assertThat(outgoingResourceCertificates).hasSize(incomingResourceCertificates.size()); @@ -380,12 +378,4 @@ private void assertChildParentInvariants(HostedCertificateAuthority child, Manag assertThat(outgoing.getCertificate()).isEqualTo(incoming.getCertificate()); }); } - - private CommandStatus execute(CertificateAuthorityCommand command) { - try { - return subject.execute(command); - } finally { - entityManager.flush(); - } - } } diff --git a/src/test/java/net/ripe/rpki/services/impl/handlers/ChildParentCertificateUpdateSagaNonHostedTest.java b/src/test/java/net/ripe/rpki/services/impl/handlers/ChildParentCertificateUpdateSagaNonHostedTest.java index 43178c6..6e1db2f 100644 --- a/src/test/java/net/ripe/rpki/services/impl/handlers/ChildParentCertificateUpdateSagaNonHostedTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/handlers/ChildParentCertificateUpdateSagaNonHostedTest.java @@ -19,9 +19,9 @@ import org.junit.Test; import org.opentest4j.AssertionFailedError; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.net.URI; import java.security.PublicKey; import java.util.Arrays; @@ -279,15 +279,13 @@ private void assertChildParentInvariants(NonHostedCertificateAuthority child, Ma .collect(Collectors.toSet()); Collection outgoingResourceCertificates = parent.getKeyPairs().stream() - .filter(KeyPairEntity::isPublishable) - .flatMap(kp -> resourceCertificateRepository.findAllBySigningKeyPair(kp).stream()) - .filter(c -> c.isCurrent() && PublicationStatus.ACTIVE_STATUSES.contains(c.getPublishedObject().getStatus())) - .filter(c -> childPublicKeys.contains(c.getSubjectPublicKey())) - .collect(Collectors.toList()); + .filter(KeyPairEntity::isPublishable) + .flatMap(kp -> resourceCertificateRepository.findAllBySigningKeyPair(kp).stream()) + .filter(c -> c.isCurrent() && PublicationStatus.ACTIVE_STATUSES.contains(c.getPublishedObject().getStatus())) + .filter(c -> childPublicKeys.contains(c.getSubjectPublicKey())).toList(); Collection incomingResourceCertificates = child.getPublicKeyEntities().stream() - .filter(x -> !x.isRevoked()) - .flatMap(x -> x.findCurrentOutgoingResourceCertificate().stream()) - .collect(Collectors.toList()); + .filter(x -> !x.isRevoked()) + .flatMap(x -> x.findCurrentOutgoingResourceCertificate().stream()).toList(); // Not all non-hosted public keys will have a certificate after a certificate revocation request, // so number of keys could be greater. @@ -307,12 +305,4 @@ private void assertChildParentInvariants(NonHostedCertificateAuthority child, Ma private Optional findCurrentResourceCertificate(NonHostedCertificateAuthority ca) { return ca.getPublicKeyEntities().iterator().next().findCurrentOutgoingResourceCertificate(); } - - private CommandStatus execute(CertificateAuthorityCommand command) { - try { - return commandService.execute(command); - } finally { - entityManager.flush(); - } - } } diff --git a/src/test/java/net/ripe/rpki/services/impl/handlers/DeleteNonHostedPublisherCommandHandlerTest.java b/src/test/java/net/ripe/rpki/services/impl/handlers/DeleteNonHostedPublisherCommandHandlerTest.java index 34e7b2a..0200aa6 100644 --- a/src/test/java/net/ripe/rpki/services/impl/handlers/DeleteNonHostedPublisherCommandHandlerTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/handlers/DeleteNonHostedPublisherCommandHandlerTest.java @@ -11,9 +11,9 @@ import org.junit.Before; import org.junit.Test; -import javax.persistence.EntityNotFoundException; +import jakarta.persistence.EntityNotFoundException; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.net.URI; import java.util.Optional; import java.util.UUID; diff --git a/src/test/java/net/ripe/rpki/services/impl/handlers/IssueUpdatedManifestAndCrlCommandHandlerTest.java b/src/test/java/net/ripe/rpki/services/impl/handlers/IssueUpdatedManifestAndCrlCommandHandlerTest.java index 297047c..37f1261 100644 --- a/src/test/java/net/ripe/rpki/services/impl/handlers/IssueUpdatedManifestAndCrlCommandHandlerTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/handlers/IssueUpdatedManifestAndCrlCommandHandlerTest.java @@ -12,8 +12,8 @@ import org.junit.Before; import org.junit.Test; -import javax.inject.Inject; -import javax.transaction.Transactional; +import jakarta.inject.Inject; +import jakarta.transaction.Transactional; import java.util.Collections; import java.util.List; diff --git a/src/test/java/net/ripe/rpki/services/impl/handlers/ManagedCertificateAuthorityOutgoingResourceCertificatesInvariantHandlerTest.java b/src/test/java/net/ripe/rpki/services/impl/handlers/ManagedCertificateAuthorityOutgoingResourceCertificatesInvariantHandlerTest.java index 5b797d7..b3c066a 100644 --- a/src/test/java/net/ripe/rpki/services/impl/handlers/ManagedCertificateAuthorityOutgoingResourceCertificatesInvariantHandlerTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/handlers/ManagedCertificateAuthorityOutgoingResourceCertificatesInvariantHandlerTest.java @@ -15,7 +15,7 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; -import javax.persistence.EntityManager; +import jakarta.persistence.EntityManager; import java.util.Arrays; import static net.ripe.rpki.domain.TestObjects.CA_ID; diff --git a/src/test/java/net/ripe/rpki/services/impl/handlers/MigrateMemberCertificateAuthorityToIntermediateParentCommandHandlerTest.java b/src/test/java/net/ripe/rpki/services/impl/handlers/MigrateMemberCertificateAuthorityToIntermediateParentCommandHandlerTest.java index e08edb7..4be8243 100644 --- a/src/test/java/net/ripe/rpki/services/impl/handlers/MigrateMemberCertificateAuthorityToIntermediateParentCommandHandlerTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/handlers/MigrateMemberCertificateAuthorityToIntermediateParentCommandHandlerTest.java @@ -15,9 +15,9 @@ import org.junit.Before; import org.junit.Test; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.net.URI; import java.util.Map; diff --git a/src/test/java/net/ripe/rpki/services/impl/handlers/PublicationSupportTest.java b/src/test/java/net/ripe/rpki/services/impl/handlers/PublicationSupportTest.java index 765d0dc..d813295 100644 --- a/src/test/java/net/ripe/rpki/services/impl/handlers/PublicationSupportTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/handlers/PublicationSupportTest.java @@ -18,6 +18,7 @@ import java.net.URISyntaxException; import java.nio.charset.StandardCharsets; import java.sql.Timestamp; +import java.time.Instant; import java.util.Arrays; import java.util.Collections; import java.util.List; @@ -55,8 +56,9 @@ public class PublicationSupportTest extends TestCase { @Before public void setUp() throws SecurityException, URISyntaxException { - published1 = new PublishedObjectData(new Timestamp(System.currentTimeMillis()), BASE_URI.resolve("object.cer"), new byte[]{4, 5, 6}); - published2 = new PublishedObjectData(new Timestamp(System.currentTimeMillis()), BASE_URI.resolve("manifest.mft"), new byte[]{1, 2, 3}); + var now = Instant.now(); + published1 = new PublishedObjectData(now, BASE_URI.resolve("object.cer"), new byte[]{4, 5, 6}); + published2 = new PublishedObjectData(now, BASE_URI.resolve("manifest.mft"), new byte[]{1, 2, 3}); when(publishedObjectRepository.findCurrentlyPublishedObjects()).thenReturn(Arrays.asList(published1, published2)); diff --git a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaAspaConfigurationRepositoryTest.java b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaAspaConfigurationRepositoryTest.java index e4cd76e..c2916e3 100644 --- a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaAspaConfigurationRepositoryTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaAspaConfigurationRepositoryTest.java @@ -9,7 +9,7 @@ import org.junit.Test; import org.springframework.beans.factory.annotation.Autowired; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.util.SortedMap; import java.util.SortedSet; import java.util.TreeSet; diff --git a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaAspaEntityRepositoryTest.java b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaAspaEntityRepositoryTest.java index a19087d..c4d7348 100644 --- a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaAspaEntityRepositoryTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaAspaEntityRepositoryTest.java @@ -5,7 +5,7 @@ import org.junit.Test; import org.springframework.transaction.annotation.Transactional; -import javax.inject.Inject; +import jakarta.inject.Inject; import static org.assertj.core.api.Assertions.assertThat; diff --git a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaCertificateAuthorityRepositoryTest.java b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaCertificateAuthorityRepositoryTest.java index 9b20225..c1ed90f 100644 --- a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaCertificateAuthorityRepositoryTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaCertificateAuthorityRepositoryTest.java @@ -13,7 +13,7 @@ import org.junit.Test; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.util.UUID; diff --git a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaPublishedObjectRepositoryTest.java b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaPublishedObjectRepositoryTest.java index d2de0d9..12b05ea 100644 --- a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaPublishedObjectRepositoryTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaPublishedObjectRepositoryTest.java @@ -14,13 +14,12 @@ import org.assertj.core.api.Condition; import org.joda.time.DateTime; import org.joda.time.DateTimeZone; -import org.joda.time.Instant; import org.junit.Before; import org.junit.Test; import org.springframework.beans.factory.annotation.Autowired; -import javax.persistence.PersistenceException; -import javax.transaction.Transactional; +import jakarta.persistence.PersistenceException; +import jakarta.transaction.Transactional; import java.net.URI; import java.util.Arrays; import java.util.Collections; diff --git a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaResourceCertificateRepositoryTest.java b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaResourceCertificateRepositoryTest.java index 49be0fd..54f33af 100644 --- a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaResourceCertificateRepositoryTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaResourceCertificateRepositoryTest.java @@ -17,9 +17,9 @@ import org.junit.Before; import org.junit.Test; -import javax.inject.Inject; +import jakarta.inject.Inject; import javax.security.auth.x500.X500Principal; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.util.Collections; import java.util.Map; import java.util.Optional; diff --git a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaAlertConfigurationRepositoryTest.java b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaAlertConfigurationRepositoryTest.java index d9db012..654cd46 100644 --- a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaAlertConfigurationRepositoryTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaAlertConfigurationRepositoryTest.java @@ -9,7 +9,7 @@ import org.junit.Test; import org.springframework.beans.factory.annotation.Autowired; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.util.Arrays; import java.util.Collection; import java.util.List; diff --git a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaConfigurationRepositoryTest.java b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaConfigurationRepositoryTest.java index a0c641c..75f28c7 100644 --- a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaConfigurationRepositoryTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaConfigurationRepositoryTest.java @@ -11,7 +11,7 @@ import org.junit.Test; import org.springframework.beans.factory.annotation.Autowired; -import javax.transaction.Transactional; +import jakarta.transaction.Transactional; import java.math.BigInteger; import java.time.Instant; import java.util.Arrays; @@ -120,7 +120,7 @@ public void shouldInsertDeletedPrefixesToSeparateTable() { } long countQuery(String sql) { - final BigInteger count = (BigInteger) entityManager + final var count = (Long) entityManager .createNativeQuery(sql) .getSingleResult(); return count.longValue(); diff --git a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaEntityRepositoryTest.java b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaEntityRepositoryTest.java index 3a665d8..03869cb 100644 --- a/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaEntityRepositoryTest.java +++ b/src/test/java/net/ripe/rpki/services/impl/jpa/JpaRoaEntityRepositoryTest.java @@ -5,7 +5,7 @@ import org.junit.Test; import org.springframework.transaction.annotation.Transactional; -import javax.inject.Inject; +import jakarta.inject.Inject; import static org.assertj.core.api.Assertions.assertThat; diff --git a/src/test/java/net/ripe/rpki/util/JdbcDBComponentTest.java b/src/test/java/net/ripe/rpki/util/JdbcDBComponentTest.java index 414a04a..630b461 100644 --- a/src/test/java/net/ripe/rpki/util/JdbcDBComponentTest.java +++ b/src/test/java/net/ripe/rpki/util/JdbcDBComponentTest.java @@ -15,7 +15,7 @@ import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.junit4.SpringRunner; -import javax.persistence.LockModeType; +import jakarta.persistence.LockModeType; import javax.security.auth.x500.X500Principal; import javax.sql.DataSource; import java.sql.Connection; diff --git a/src/test/java/net/ripe/rpki/util/StreamsTest.java b/src/test/java/net/ripe/rpki/util/StreamsTest.java index ec9db6a..aa033c1 100644 --- a/src/test/java/net/ripe/rpki/util/StreamsTest.java +++ b/src/test/java/net/ripe/rpki/util/StreamsTest.java @@ -23,7 +23,7 @@ public void shouldGroup(@ForAll @Size(min= 3) List s, @ForAll @Positive grouped.stream().limit(grouped.size() - 1).forEach(g -> assertThat(g).hasSize(chunk)); assertThat(grouped).last().satisfies(last -> assertThat(last.size()).isLessThanOrEqualTo(chunk)); - final List concatenated = grouped.stream().flatMap(Collection::stream).collect(Collectors.toList()); + final List concatenated = grouped.stream().flatMap(Collection::stream).toList(); assertThat(s).isEqualTo(concatenated); } } diff --git a/src/test/java/net/ripe/rpki/web/AdminControllerTest.java b/src/test/java/net/ripe/rpki/web/AdminControllerTest.java index dc3123b..8caeb6e 100644 --- a/src/test/java/net/ripe/rpki/web/AdminControllerTest.java +++ b/src/test/java/net/ripe/rpki/web/AdminControllerTest.java @@ -1,6 +1,7 @@ package net.ripe.rpki.web; import lombok.NonNull; +import net.ripe.rpki.TestRpkiBootApplication; import net.ripe.rpki.commons.provisioning.x509.ProvisioningIdentityCertificate; import net.ripe.rpki.commons.provisioning.x509.ProvisioningIdentityCertificateBuilderTest; import net.ripe.rpki.server.api.configuration.RepositoryConfiguration; @@ -8,16 +9,17 @@ import net.ripe.rpki.server.api.services.read.ProvisioningIdentityViewService; import net.ripe.rpki.server.api.services.system.ActiveNodeService; import net.ripe.rpki.services.impl.background.BackgroundServices; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.Answers; import org.mockito.ArgumentCaptor; import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; +import org.mockito.junit.jupiter.MockitoExtension; import org.springframework.boot.info.GitProperties; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.http.HttpStatus; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.web.servlet.MvcResult; import java.net.URI; @@ -35,8 +37,9 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; -@SpringBootTest -@RunWith(MockitoJUnitRunner.class) +@ActiveProfiles("test") +@SpringBootTest(classes = TestRpkiBootApplication.class) +@ExtendWith(MockitoExtension.class) public class AdminControllerTest extends SpringWebControllerTestCase { @Mock(answer = Answers.RETURNS_DEEP_STUBS) @@ -57,7 +60,7 @@ protected AdminController createSubjectController() { return new AdminController(repositoryConfiguration, activeNodeService, backgroundServiceMap, backgroundServices, provisioningIdentityViewService, new GitProperties(new Properties())); } - @Before + @BeforeEach public void setUp() { when(repositoryConfiguration.getPublicRepositoryUri()).thenReturn(URI.create("rsync://example.com/rpki/repository")); when(activeNodeService.getActiveNodeName()).thenReturn("active-node"); diff --git a/src/test/java/net/ripe/rpki/web/HealthCheckControllerTest.java b/src/test/java/net/ripe/rpki/web/HealthCheckControllerTest.java index 814445e..fd2679a 100644 --- a/src/test/java/net/ripe/rpki/web/HealthCheckControllerTest.java +++ b/src/test/java/net/ripe/rpki/web/HealthCheckControllerTest.java @@ -1,20 +1,22 @@ package net.ripe.rpki.web; import lombok.NonNull; +import net.ripe.rpki.TestRpkiBootApplication; import net.ripe.rpki.ripencc.ui.daemon.health.Health; import net.ripe.rpki.ripencc.ui.daemon.health.HealthService; import net.ripe.rpki.server.api.configuration.RepositoryConfiguration; import net.ripe.rpki.server.api.services.system.ActiveNodeService; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.Answers; import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; +import org.mockito.junit.jupiter.MockitoExtension; import org.springframework.boot.info.GitProperties; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.web.servlet.MvcResult; import java.net.URI; @@ -26,8 +28,10 @@ import static org.mockito.Mockito.when; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; -@SpringBootTest -@RunWith(MockitoJUnitRunner.class) + +@ActiveProfiles("test") +@SpringBootTest(classes = TestRpkiBootApplication.class) +@ExtendWith(MockitoExtension.class) public class HealthCheckControllerTest extends SpringWebControllerTestCase { @Mock(answer = Answers.RETURNS_DEEP_STUBS) private RepositoryConfiguration repositoryConfiguration; @@ -46,7 +50,7 @@ protected HealthCheckController createSubjectController() { ); } - @Before + @BeforeEach public void setUp() { when(repositoryConfiguration.getPublicRepositoryUri()).thenReturn(URI.create("rsync://example.com/rpki/repository")); when(activeNodeService.getActiveNodeName()).thenReturn("active-node"); diff --git a/src/test/java/net/ripe/rpki/web/ProductionCaControllerTest.java b/src/test/java/net/ripe/rpki/web/ProductionCaControllerTest.java index 1e4eb41..d488f69 100644 --- a/src/test/java/net/ripe/rpki/web/ProductionCaControllerTest.java +++ b/src/test/java/net/ripe/rpki/web/ProductionCaControllerTest.java @@ -1,6 +1,7 @@ package net.ripe.rpki.web; import lombok.NonNull; +import net.ripe.rpki.TestRpkiBootApplication; import net.ripe.rpki.commons.util.VersionedId; import net.ripe.rpki.server.api.commands.CertificateAuthorityCommandGroup; import net.ripe.rpki.server.api.configuration.RepositoryConfiguration; @@ -13,15 +14,17 @@ import net.ripe.rpki.server.api.services.system.ActiveNodeService; import net.ripe.rpki.server.api.services.system.CaHistoryService; import org.joda.time.DateTime; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.Answers; import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; +import org.mockito.junit.jupiter.MockitoExtension; import org.springframework.boot.info.GitProperties; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.http.HttpStatus; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.web.servlet.MvcResult; import javax.security.auth.x500.X500Principal; @@ -37,8 +40,9 @@ import static org.mockito.Mockito.when; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; -@SpringBootTest -@RunWith(MockitoJUnitRunner.class) +@ActiveProfiles("test") +@SpringBootTest(classes = TestRpkiBootApplication.class) +@ExtendWith(MockitoExtension.class) public class ProductionCaControllerTest extends SpringWebControllerTestCase { @Mock(answer = Answers.RETURNS_DEEP_STUBS) private CertificateAuthorityViewService certificateAuthorityViewService; @@ -65,7 +69,7 @@ protected ProductionCaController createSubjectController() { ); } - @Before + @BeforeEach public void setUp() { CertificateAuthorityData ca = mock(CertificateAuthorityData.class); diff --git a/src/test/java/net/ripe/rpki/web/SpringWebControllerTestCase.java b/src/test/java/net/ripe/rpki/web/SpringWebControllerTestCase.java index 366a340..15df555 100644 --- a/src/test/java/net/ripe/rpki/web/SpringWebControllerTestCase.java +++ b/src/test/java/net/ripe/rpki/web/SpringWebControllerTestCase.java @@ -2,17 +2,18 @@ import lombok.NonNull; import org.junit.Before; +import org.junit.jupiter.api.BeforeEach; import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.setup.MockMvcBuilders; -import org.thymeleaf.spring5.SpringTemplateEngine; -import org.thymeleaf.spring5.view.ThymeleafViewResolver; +import org.thymeleaf.spring6.SpringTemplateEngine; +import org.thymeleaf.spring6.view.ThymeleafViewResolver; import org.thymeleaf.templateresolver.FileTemplateResolver; public abstract class SpringWebControllerTestCase { protected MockMvc mockMvc; - @Before + @BeforeEach public void setUpMockMvc() { this.mockMvc = MockMvcBuilders .standaloneSetup(createSubjectController()) diff --git a/src/test/java/net/ripe/rpki/web/UpstreamCaControllerTest.java b/src/test/java/net/ripe/rpki/web/UpstreamCaControllerTest.java index 51a3a08..18936c9 100644 --- a/src/test/java/net/ripe/rpki/web/UpstreamCaControllerTest.java +++ b/src/test/java/net/ripe/rpki/web/UpstreamCaControllerTest.java @@ -1,6 +1,7 @@ package net.ripe.rpki.web; import lombok.NonNull; +import net.ripe.rpki.TestRpkiBootApplication; import net.ripe.rpki.commons.ta.domain.request.TrustAnchorRequest; import net.ripe.rpki.commons.util.VersionedId; import net.ripe.rpki.server.api.commands.AllResourcesCaResourcesCommand; @@ -15,14 +16,17 @@ import net.ripe.rpki.server.api.services.read.CertificateAuthorityViewService; import net.ripe.rpki.server.api.services.system.ActiveNodeService; import net.ripe.rpki.services.impl.background.AllCaCertificateUpdateServiceBean; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.Answers; import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; +import org.mockito.Mockito; +import org.mockito.junit.jupiter.MockitoExtension; import org.springframework.boot.info.GitProperties; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.http.HttpStatus; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.web.servlet.MvcResult; import java.net.URI; @@ -44,7 +48,9 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; -@RunWith(MockitoJUnitRunner.class) +@ActiveProfiles("test") +@SpringBootTest(classes = TestRpkiBootApplication.class) +@ExtendWith(MockitoExtension.class) public class UpstreamCaControllerTest extends SpringWebControllerTestCase { @Mock(answer = Answers.RETURNS_DEEP_STUBS) @@ -67,14 +73,14 @@ protected UpstreamCaController createSubjectController() { certificateAuthorityViewService, commandService, allCaCertificateUpdateServiceBean, Collections.emptyMap(), new GitProperties(new Properties())); } - @Before + @BeforeEach public void setUp() { when(repositoryConfiguration.getPublicRepositoryUri()).thenReturn(URI.create("rsync://example.com/rpki/repository")); when(activeNodeService.getActiveNodeName()).thenReturn("active-node"); aca = mock(ManagedCertificateAuthorityData.class); - when(aca.getVersionedId()).thenReturn(new VersionedId(1)); - when(aca.getType()).thenReturn(CertificateAuthorityType.ALL_RESOURCES); + Mockito.lenient().when(aca.getVersionedId()).thenReturn(new VersionedId(1)); + Mockito.lenient().when(aca.getType()).thenReturn(CertificateAuthorityType.ALL_RESOURCES); when(certificateAuthorityViewService.findCertificateAuthorityByName(any())).thenReturn(aca); } diff --git a/src/test/resources/application-test.yml b/src/test/resources/application-test.yml index 3a7fc4b..9664a8e 100644 --- a/src/test/resources/application-test.yml +++ b/src/test/resources/application-test.yml @@ -22,6 +22,9 @@ background-services: schedule.enable: false system.setup.and.testing.api.enabled: true +# **Disable** authentication for the administration web UI. +admin.authorization.enabled: false + # # Integrations #