Skip to content

Commit

Permalink
Merge branch '7.0.x' into renovate/gradle-7.x
Browse files Browse the repository at this point in the history
  • Loading branch information
codeconsole authored Nov 22, 2024
2 parents a2d8902 + e3accd9 commit a34f8c1
Show file tree
Hide file tree
Showing 69 changed files with 938 additions and 259 deletions.
16 changes: 10 additions & 6 deletions .github/workflows/gradle.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ on:
- '[3-9]+.[3-9]+.x'
workflow_dispatch:
env:
GIT_USER_NAME: puneetbehl
GIT_USER_EMAIL: [email protected]
GIT_USER_NAME: grails-build
GIT_USER_EMAIL: [email protected]

jobs:
core-tests:
Expand All @@ -21,26 +21,27 @@ jobs:
- uses: actions/checkout@v4
- uses: gradle/wrapper-validation-action@v2
- uses: actions/setup-java@v4
with: { java-version: 11, distribution: temurin }
with: { java-version: 17, distribution: temurin }
- name: Run Tests
uses: gradle/actions/setup-gradle@v3
env:
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }}
with:
arguments: |
check
--refresh-dependencies
-Dgeb.env=chromeHeadless
functional-test:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
strategy:
matrix:
test-config: [ 'static', 'annotation', 'requestmap', 'basic', 'misc', 'putWithParams', 'bcrypt', 'issue503' ]
test-config: [ 'static', 'annotation', 'requestmap', 'basic', 'basicCacheUsers', 'misc', 'putWithParams', 'bcrypt', 'issue503' ]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with: { java-version: 11, distribution: temurin }
with: { java-version: 17, distribution: temurin }
- name: Run Tests
uses: gradle/actions/setup-gradle@v3
env:
Expand All @@ -58,7 +59,7 @@ jobs:
- uses: actions/checkout@v4
- uses: gradle/wrapper-validation-action@v2
- uses: actions/setup-java@v4
with: { java-version: 11, distribution: temurin }
with: { java-version: 17, distribution: temurin }
- name: Run Build
id: build
uses: gradle/actions/setup-gradle@v3
Expand All @@ -67,7 +68,9 @@ jobs:
with:
arguments: |
spring-security-core:build
--refresh-dependencies
-Dgeb.env=chromeHeadless
-x javadoc
- name: Publish Snapshot artifacts to Artifactory (repo.grails.org)
uses: gradle/actions/setup-gradle@v3
Expand All @@ -80,6 +83,7 @@ jobs:
arguments: |
-Dorg.gradle.internal.publish.checksums.insecure=true
spring-security-core:publish
-x javadoc
- name: Generate Snapshot Documentation
if: success()
Expand Down
1 change: 1 addition & 0 deletions .sdkmanrc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
java=17.0.12-librca
16 changes: 16 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,24 @@ See [documentation](https://grails-plugins.github.io/grails-spring-security-core

### Branch structure

- `7.0.x` compatible with Grails 7
- `6.0.x` compatible with Grails 6
- `5.0.x` compatible with Grails 5
- `4.0.x` compatible with Grails 4
- `3.3.x` compatible with Grails 3.3.x
- `3.2.x` compatible with Grails 3.2.x

Grails 7 requires disabling any Spring Security Auto Configurations you may have in your classpath. This can be done via annotation or `application.yml`
e.g.
```yml
spring:
autoconfigure:
exclude:
- org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientAutoConfiguration
- org.springframework.boot.autoconfigure.security.servlet.SecurityFilterAutoConfiguration
- org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
- org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration
- org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientAutoConfiguration
- org.springframework.boot.autoconfigure.security.oauth2.resource.servlet.OAuth2ResourceServerAutoConfiguration
- org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration
```
3 changes: 2 additions & 1 deletion buildSrc/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,13 @@ repositories {
}

dependencies {
implementation platform("org.grails:grails-bom:7.0.0-SNAPSHOT")
implementation buildsrcLibs.asciidoctorj
implementation buildsrcLibs.asset.pipeline.gradle
implementation buildsrcLibs.grails.gradle.plugin, {
// Grails Gradle plugin leaks groovy-xml onto compile classpath
// which is causes a version conflict for Gradle
exclude group: 'org.codehaus.groovy', module: 'groovy-xml'
exclude group: 'org.apache.groovy', module: 'groovy-xml'
}
implementation buildsrcLibs.webdriver.binaries.gradle.plugin

Expand Down
12 changes: 9 additions & 3 deletions examples/functional-test-app/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,12 @@ plugins {

group = 'examples.test'

configurations {
all {
exclude group: 'io.micronaut', module:'micronaut-inject-groovy'
}
}

dependencies {

implementation project(':spring-security-core')
Expand All @@ -23,6 +29,7 @@ dependencies {
implementation libs.spring.security.core
implementation libs.spring.web

runtimeOnly libs.micronaut.jackson.databind
runtimeOnly libs.gorm.hibernate5
runtimeOnly libs.grails.asset.pipeline
runtimeOnly libs.grails.i18n
Expand All @@ -35,9 +42,8 @@ dependencies {
runtimeOnly libs.h2database
runtimeOnly libs.tomcat.jdbc

compileOnly libs.micronaut.inject.groovy
compileOnly libs.javax.annotation.api
compileOnly libs.javax.servlet.api
compileOnly libs.jakarta.annotation.api
compileOnly libs.jakarta.servlet.api
compileOnly libs.slf4j.nop // Prevent warnings about missing SLF4j implementation during GSP compilation
}

Expand Down
12 changes: 12 additions & 0 deletions examples/functional-test-app/grails-app/conf/application.groovy
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,18 @@ switch (testconfig) {
]
break

case 'basicCacheUsers':
grails.plugin.springsecurity.securityConfigType = 'Annotation'
grails.plugin.springsecurity.useBasicAuth = true
grails.plugin.springsecurity.basic.realmName = 'Grails Spring Security Basic Test Realm'
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/secureclassannotated/**', filters: 'JOINED_FILTERS,-exceptionTranslationFilter'],
[pattern: '/**', filters: 'JOINED_FILTERS,-basicAuthenticationFilter,-basicExceptionTranslationFilter']
]
grails.plugin.springsecurity.cacheUsers = true
grails.plugin.springsecurity.providerManager.eraseCredentialsAfterAuthentication = false
break

case 'bcrypt':
grails.plugin.springsecurity.securityConfigType = 'Annotation'
grails.plugin.springsecurity.password.algorithm = 'bcrypt'
Expand Down
4 changes: 2 additions & 2 deletions examples/functional-test-app/grails-app/views/error.gsp
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@
<g:if test="${Throwable.isInstance(exception)}">
<g:renderException exception="${exception}" />
</g:if>
<g:elseif test="${request.getAttribute('javax.servlet.error.exception')}">
<g:renderException exception="${request.getAttribute('javax.servlet.error.exception')}" />
<g:elseif test="${request.getAttribute('jakarta.servlet.error.exception')}">
<g:renderException exception="${request.getAttribute('jakarta.servlet.error.exception')}" />
</g:elseif>
<g:else>
<ul class="errors">
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,151 @@
package specs

import org.springframework.security.core.userdetails.UserCache
import pages.LoginPage
import pages.role.CreateRolePage
import pages.role.ListRolePage
import pages.role.ShowRolePage
import pages.user.CreateUserPage
import pages.user.ListUserPage
import pages.user.ShowUserPage
import spock.lang.IgnoreIf

@IgnoreIf({ System.getProperty('TESTCONFIG') != 'basicCacheUsers' })
class BasicAuthCacheUsersSecuritySpec extends AbstractSecuritySpec {

private HttpURLConnection connection
UserCache userCache

void 'create roles'() {
when:
to ListRolePage

then:
roleRows.size() == 0

when:
newRoleButton.click()

then:
at CreateRolePage

when:
authority = 'ROLE_ADMIN'
createButton.click()

then:
at ShowRolePage

when:
to ListRolePage

then:
roleRows.size() == 1

when:
newRoleButton.click()

then:
at CreateRolePage

when:
authority = 'ROLE_ADMIN2'
createButton.click()

then:
at ShowRolePage

when:
to ListRolePage

then:
roleRows.size() == 2
}

void 'create users'() {
when:
to ListUserPage

then:
userRows.size() == 0

when:
newUserButton.click()

then:
at CreateUserPage

when:
username = 'admin1'
password = 'password1'
$('#enabled').click()
$('#ROLE_ADMIN').click()
createButton.click()

then:
at ShowUserPage

when:
to ListUserPage

then:
userRows.size() == 1

when:
newUserButton.click()

then:
at CreateUserPage

when:
username = 'admin2'
password = 'password2'
$('#enabled').click()
$('#ROLE_ADMIN').click()
$('#ROLE_ADMIN2').click()
createButton.click()

then:
at ShowUserPage

when:
to ListUserPage

then:
userRows.size() == 2
}

@IgnoreIf({ !System.getProperty('geb.env') })
void 'check userDetails caching'() {

when:
go 'secureAnnotated'

then:
at LoginPage

when:
login 'admin1', 'password1'

then:
assertContentContains 'you have ROLE_ADMIN'

and:
userCache.getUserFromCache('admin1')

cleanup:
logout()
}

protected void logout() {
super.logout()
// cheesy, but the 'Authentication' header from basic auth
// isn't cleared, so this forces an invalid header
getWithAuth '', 'not_a_valid_username', ''
}

private void getWithAuth(String path, String username, String password) {
String uri = new URI(baseUrlRequired).resolve(new URI(path))
go uri.replace('http://', 'http://' + username + ':' + password + '@')
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import spock.lang.IgnoreIf
@IgnoreIf({ !(
System.getProperty('TESTCONFIG') == 'annotation' ||
System.getProperty('TESTCONFIG') == 'basic' ||
System.getProperty('TESTCONFIG') == 'basicCacheUsers' ||
System.getProperty('TESTCONFIG') == 'requestmap' ||
System.getProperty('TESTCONFIG') == 'static')
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import spock.lang.IgnoreIf
@IgnoreIf({ !(
System.getProperty('TESTCONFIG') == 'annotation' ||
System.getProperty('TESTCONFIG') == 'basic' ||
System.getProperty('TESTCONFIG') == 'basicCacheUsers' ||
System.getProperty('TESTCONFIG') == 'requestmap' ||
System.getProperty('TESTCONFIG') == 'static')
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@ package com.testapp
import groovy.util.logging.Slf4j
import org.springframework.web.filter.GenericFilterBean

import javax.servlet.FilterChain
import javax.servlet.ServletException
import javax.servlet.ServletRequest
import javax.servlet.ServletResponse
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
import jakarta.servlet.FilterChain
import jakarta.servlet.ServletException
import jakarta.servlet.ServletRequest
import jakarta.servlet.ServletResponse
import jakarta.servlet.http.HttpServletRequest
import jakarta.servlet.http.HttpServletResponse

/**
* If registered, this filter results in an HttpStatus of 500 being returned to the client
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import org.grails.datastore.mapping.engine.event.PreUpdateEvent
import org.springframework.beans.factory.annotation.Autowired
import grails.events.annotation.gorm.Listener
import groovy.transform.CompileStatic
import javax.annotation.PostConstruct
import jakarta.annotation.PostConstruct

@CompileStatic
class TestUserPasswordEncoderListener {
Expand Down
2 changes: 1 addition & 1 deletion examples/integration-test-app/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ dependencies {
runtimeOnly libs.tomcat.jdbc

compileOnly libs.micronaut.inject.groovy
compileOnly libs.javax.servlet.api
compileOnly libs.jakarta.servlet.api
compileOnly libs.slf4j.nop

testImplementation libs.spock.core
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ import org.springframework.web.context.request.RequestContextHolder
import spock.lang.Ignore
import spock.lang.Shared

import javax.servlet.FilterChain
import javax.servlet.ServletContext
import jakarta.servlet.FilterChain
import jakarta.servlet.ServletContext
import java.security.Principal

/**
Expand Down
Loading

0 comments on commit a34f8c1

Please sign in to comment.