Bump several dependencies and misc refactor (#994)

* Bump several dependencies and misc refactor * Bump to next major rev 16.0.0-SNAPSHOT * Cleanup unused imports * Updated CCI Image and README * Cleanup and changes to THIRD-PARTY-NOTICES
okta · Mar 28, 2024 · 1f4217f · 1f4217f
1 parent fe04676
commit 1f4217f
Show file tree

Hide file tree

Showing 13 changed files with 59 additions and 110 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -26,18 +26,10 @@ aliases:
         command: cat integration-tests/target/failsafe-reports/*dump*
 
 jobs:
-  jdk8:
-    docker:
-      - image: cimg/openjdk:8.0.362-node
-    environment:
-      JVM_OPTS: -Xmx3200m
-    resource_class: large
-    parallelism: 3
-    steps: *build_steps
 
   jdk11:
     docker:
-      - image: cimg/openjdk:11.0.20-node
+      - image: cimg/openjdk:11.0.22-node
     environment:
       JVM_OPTS: -Xmx3200m
     resource_class: large
@@ -46,7 +38,7 @@ jobs:
 
   jdk21:
     docker:
-      - image: cimg/openjdk:21.0.0-node
+      - image: cimg/openjdk:21.0.2-node
     environment:
       JVM_OPTS: -Xmx3200m
     resource_class: large
@@ -55,7 +47,7 @@ jobs:
 
   snyk-scan:
     docker:
-      - image: cimg/openjdk:21.0.0-node
+      - image: cimg/openjdk:21.0.2-node
     steps:
       - checkout
       - run: npm install
@@ -73,9 +65,6 @@ workflows:
       - general-platform-helpers/job-secrets-obtain:
           name: cache-secrets
           secret-key: "OKTA_CLIENT_ORGURL;OKTA_CLIENT_TOKEN;OKTA_CLIENT_CONNECTIONTIMEOUT;OKTA_IT_OPERATION_DELAY"
-      - jdk8:
-          requires:
-            - cache-secrets
       - jdk11:
           requires:
             - cache-secrets

diff --git a/README.md b/README.md
@@ -80,7 +80,7 @@ If you run into problems using the SDK, you can:
 
 ### Prerequisites
 
-* Java 8 or later
+* Java 11 or later
 
 To use this SDK, you will need to include the following dependencies:
 

diff --git a/THIRD-PARTY-NOTICES b/THIRD-PARTY-NOTICES
@@ -14,13 +14,20 @@ limitations under the License.
 
 This project includes:
   A Jackson 2.x helper under The Apache Software License, Version 2.0
-  Apache Commons Lang under Apache License, Version 2.0
+  Apache Commons Lang under Apache-2.0
+  Apache Commons Text under Apache-2.0
   Apache HttpClient under Apache License, Version 2.0
   Apache HttpComponents Core HTTP/1.1 under Apache License, Version 2.0
   Apache HttpComponents Core HTTP/2 under Apache License, Version 2.0
+  asm under BSD-3-Clause
+  asm-analysis under BSD-3-Clause
+  asm-commons under BSD-3-Clause
+  asm-tree under BSD-3-Clause
+  asm-util under BSD-3-Clause
   Bouncy Castle ASN.1 Extension and Utility APIs under Bouncy Castle Licence
   Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs under Bouncy Castle Licence
   Bouncy Castle Provider under Bouncy Castle Licence
+  Byte Buddy (without dependencies) under Apache License, Version 2.0
   FindBugs-jsr305 under The Apache Software License, Version 2.0
   Handlebars under The Apache Software License, Version 2.0
   Jackson datatype: JSR310 under The Apache Software License, Version 2.0
@@ -38,6 +45,7 @@ This project includes:
   Okta Commons :: Config Check under The Apache License, Version 2.0
   Okta Commons :: HTTP :: API under The Apache License, Version 2.0
   Okta Commons :: Lang under The Apache License, Version 2.0
+  OpenJDK Nashorn under GPL v2 with the Classpath exception
   SLF4J API Module under MIT License
   SnakeYAML under Apache License, Version 2.0
   swagger-annotations under Apache License 2.0

diff --git a/api/pom.xml b/api/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>com.okta.sdk</groupId>
         <artifactId>okta-sdk-root</artifactId>
-        <version>15.0.1-SNAPSHOT</version>
+        <version>16.0.0-SNAPSHOT</version>
     </parent>
 
     <artifactId>okta-sdk-api</artifactId>
@@ -36,14 +36,12 @@
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <swagger-annotations.version>1.6.8</swagger-annotations.version>
-        <openapi-generator.version>6.6.0</openapi-generator.version>
-        <spring-web.version>5.3.23</spring-web.version>
-        <spring-retry.version>1.3.3</spring-retry.version>
+        <openapi-generator.version>7.4.0</openapi-generator.version>
         <jackson-databind-nullable.version>0.2.6</jackson-databind-nullable.version>
         <jakarta-annotation.version>2.1.1</jakarta-annotation.version>
         <jsr305.version>3.0.2</jsr305.version>
         <junit.version>4.13.2</junit.version>
-        <com.github.jknack.handlebars.version>4.3.1</com.github.jknack.handlebars.version>
+        <com.github.jknack.handlebars.version>4.4.0</com.github.jknack.handlebars.version>
     </properties>
 
     <dependencies>
@@ -135,7 +133,7 @@
         <dependency>
             <groupId>com.github.jknack</groupId>
             <artifactId>handlebars-jackson2</artifactId>
-            <version>${com.github.jknack.handlebars.version}</version>
+            <version>4.3.1</version>
         </dependency>
     </dependencies>
 
@@ -174,6 +172,7 @@
                             <apiPackage>com.okta.sdk.resource.api</apiPackage>
                             <modelPackage>com.okta.sdk.resource.model</modelPackage>
                             <invokerPackage>com.okta.sdk.resource.client</invokerPackage>
+                            <enumUnknownDefaultCase>true</enumUnknownDefaultCase>
                             <configOptions>
                                 <sourceFolder>src/gen/java/main</sourceFolder>
                                 <useRuntimeException>true</useRuntimeException>

diff --git a/coverage/pom.xml b/coverage/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>com.okta.sdk</groupId>
         <artifactId>okta-sdk-root</artifactId>
-        <version>15.0.1-SNAPSHOT</version>
+        <version>16.0.0-SNAPSHOT</version>
     </parent>
 
     <artifactId>okta-sdk-coverage</artifactId>

diff --git a/examples/pom.xml b/examples/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>com.okta.sdk</groupId>
         <artifactId>okta-sdk-root</artifactId>
-        <version>15.0.1-SNAPSHOT</version>
+        <version>16.0.0-SNAPSHOT</version>
     </parent>
 
     <artifactId>okta-sdk-examples</artifactId>

diff --git a/examples/quickstart/pom.xml b/examples/quickstart/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>com.okta.sdk</groupId>
         <artifactId>okta-sdk-examples</artifactId>
-        <version>15.0.1-SNAPSHOT</version>
+        <version>16.0.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/impl/pom.xml b/impl/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>com.okta.sdk</groupId>
         <artifactId>okta-sdk-root</artifactId>
-        <version>15.0.1-SNAPSHOT</version>
+        <version>16.0.0-SNAPSHOT</version>
     </parent>
 
     <artifactId>okta-sdk-impl</artifactId>

diff --git a/impl/src/main/java/com/okta/sdk/impl/oauth2/AccessTokenRetrieverServiceImpl.java b/impl/src/main/java/com/okta/sdk/impl/oauth2/AccessTokenRetrieverServiceImpl.java
@@ -132,16 +132,16 @@ String createSignedJWT() throws InvalidKeyException, IOException {
         Instant now = Instant.now();
 
         JwtBuilder builder = Jwts.builder()
-            .setAudience(tokenClientConfiguration.getBaseUrl() + TOKEN_URI)
-            .setIssuedAt(Date.from(now))
-            .setExpiration(Date.from(now.plus(50, ChronoUnit.MINUTES)))             // see Javadoc
-            .setIssuer(clientId)
-            .setSubject(clientId)
+            .audience().add(tokenClientConfiguration.getBaseUrl() + TOKEN_URI).and()
+            .issuedAt(Date.from(now))
+            .expiration(Date.from(now.plus(50, ChronoUnit.MINUTES)))             // see Javadoc
+            .issuer(clientId)
+            .subject(clientId)
             .claim("jti", UUID.randomUUID().toString())
             .signWith(privateKey);
 
         if (Strings.hasText(tokenClientConfiguration.getKid())) {
-            builder.setHeaderParam("kid", tokenClientConfiguration.getKid());
+            builder.header().add("kid", tokenClientConfiguration.getKid());
         }
 
         return builder.compact();

diff --git a/impl/src/test/groovy/com/okta/sdk/impl/oauth2/AccessTokenRetrieverServiceImplTest.groovy b/impl/src/test/groovy/com/okta/sdk/impl/oauth2/AccessTokenRetrieverServiceImplTest.groovy
@@ -39,8 +39,10 @@ import org.testng.annotations.Test
 import java.security.KeyPair
 import java.security.KeyPairGenerator
 import java.security.PrivateKey
+import java.security.PublicKey
 
 import static org.hamcrest.MatcherAssert.assertThat
+import static org.hamcrest.Matchers.hasItem
 import static org.hamcrest.Matchers.is
 import static org.hamcrest.Matchers.notNullValue
 import static org.mockito.ArgumentMatchers.*
@@ -130,7 +132,7 @@ class AccessTokenRetrieverServiceImplTest {
 
         // dummy private key generated and used for unit test only
 
-        PrivateKey generatedPrivateKey = generatePrivateKey("RSA", 2048)
+        PrivateKey generatedPrivateKey = generateKeyPair("RSA", 2048).getPrivate()
         File privateKeyPemFile = writePrivateKeyToPemFile(generatedPrivateKey, "privateKey")
 
         // Now test the pem -> private key conversion function of getPrivateKeyFromPem method
@@ -153,7 +155,7 @@ class AccessTokenRetrieverServiceImplTest {
 
         // dummy private key generated and used for unit test only
 
-        PrivateKey generatedPrivateKey = generatePrivateKey("RSA", 2048)
+        PrivateKey generatedPrivateKey = generateKeyPair("RSA", 2048).getPrivate()
         File privateKeyPemFile = writePrivateKeyToPemFile(generatedPrivateKey, "privateKey")
         Reader reader = new BufferedReader(new FileReader(privateKeyPemFile))
 
@@ -214,7 +216,9 @@ class AccessTokenRetrieverServiceImplTest {
 
         // dummy private key generated and used for unit test only
 
-        PrivateKey generatedPrivateKey = generatePrivateKey("RSA", 2048)
+        KeyPair generatedKeyPair = generateKeyPair("RSA", 2048)
+        PrivateKey generatedPrivateKey = generatedKeyPair.getPrivate()
+        PublicKey generatedPublicKey = generatedKeyPair.getPublic()
         File privateKeyPemFile = writePrivateKeyToPemFile(generatedPrivateKey, "privateKey")
 
         String baseUrl = "https://sample.okta.com"
@@ -240,14 +244,14 @@ class AccessTokenRetrieverServiceImplTest {
         assertThat(signedJwt, notNullValue())
 
         // decode the signed jwt and verify
-        Claims claims = Jwts.parserBuilder()
-            .setSigningKey(generatedPrivateKey)
+        Claims claims = Jwts.parser()
+            .verifyWith(generatedPublicKey)
             .build()
-            .parseClaimsJws(signedJwt).getBody()
+            .parseSignedClaims(signedJwt).getPayload()
 
         assertThat(claims, notNullValue())
 
-        assertEquals(claims.get("aud"), clientConfig.getBaseUrl() + "/oauth2/v1/token")
+        assertThat(claims.get("aud"), hasItem(clientConfig.getBaseUrl() + "/oauth2/v1/token"))
         assertThat(claims.get("iat"), notNullValue())
         assertThat(claims.get("exp"), notNullValue())
         assertEquals(Integer.valueOf(claims.get("exp") as String) - Integer.valueOf(claims.get("iat") as String), 3000,
@@ -259,8 +263,9 @@ class AccessTokenRetrieverServiceImplTest {
         assertThat(claims.get("jti"), notNullValue())
 
         Header header = Jwts.parser()
-            .setSigningKey(generatedPrivateKey)
-            .parseClaimsJws(signedJwt)
+            .verifyWith(generatedPublicKey)
+            .build()
+            .parseSignedClaims(signedJwt)
             .getHeader()
 
         assertThat(header.get("kid"), notNullValue())
@@ -275,7 +280,7 @@ class AccessTokenRetrieverServiceImplTest {
 
         // dummy private key generated and used for unit test only
 
-        PrivateKey generatedPrivateKey = generatePrivateKey("RSA", 2048)
+        PrivateKey generatedPrivateKey = generateKeyPair("RSA", 2048).getPrivate()
 
         String baseUrl = "https://sample.okta.com"
         BaseUrlResolver baseUrlResolver = new BaseUrlResolver() {
@@ -305,7 +310,7 @@ class AccessTokenRetrieverServiceImplTest {
 
         // dummy private key generated and used for unit test only
 
-        PrivateKey generatedPrivateKey = generatePrivateKey("RSA", 2048)
+        PrivateKey generatedPrivateKey = generateKeyPair("RSA", 2048).getPrivate()
         File privateKeyPemFile = writePrivateKeyToPemFile(generatedPrivateKey, "privateKey")
 
         String baseUrl = "https://sample.okta.com"
@@ -337,7 +342,7 @@ class AccessTokenRetrieverServiceImplTest {
 
         // dummy private key generated and used for unit test only
 
-        PrivateKey generatedPrivateKey = generatePrivateKey("RSA", 2048)
+        PrivateKey generatedPrivateKey = generateKeyPair("RSA", 2048).getPrivate()
         File privateKeyPemFile = writePrivateKeyToPemFile(generatedPrivateKey, "privateKey")
 
         String baseUrl = "https://sample.okta.com"
@@ -378,19 +383,17 @@ class AccessTokenRetrieverServiceImplTest {
         def accessTokenRetrieverService = new AccessTokenRetrieverServiceImpl(clientConfig, apiClient)
         accessTokenRetrieverService.getOAuth2AccessToken()
 
-        verify(apiClient, times(1)).invokeAPI()
+        verify(apiClient, times(1))
     }
 
     // helper methods
 
     // dummy private key generated and used for unit test only
 
-    static PrivateKey generatePrivateKey(String algorithm, int keySize) {
+    static KeyPair generateKeyPair(String algorithm, int keySize) {
         KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(algorithm)
         keyPairGenerator.initialize(keySize)
-        KeyPair keyPair = keyPairGenerator.generateKeyPair()
-        PrivateKey privateKey = keyPair.getPrivate()
-        return privateKey
+        return keyPairGenerator.generateKeyPair()
     }
 
     static String createPemFileContent(PrivateKey privateKey) {

diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <groupId>com.okta.sdk</groupId>
         <artifactId>okta-sdk-root</artifactId>
-        <version>15.0.1-SNAPSHOT</version>
+        <version>16.0.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/integration-tests/src/test/groovy/com/okta/sdk/tests/it/PoliciesIT.groovy b/integration-tests/src/test/groovy/com/okta/sdk/tests/it/PoliciesIT.groovy
@@ -15,11 +15,9 @@
  */
 package com.okta.sdk.tests.it
 
-
 import com.okta.sdk.resource.application.OIDCApplicationBuilder
 import com.okta.sdk.resource.group.GroupBuilder
 import com.okta.sdk.resource.policy.OktaSignOnPolicyBuilder
-import com.okta.sdk.resource.policy.PasswordPolicyBuilder
 import com.okta.sdk.tests.NonOIEEnvironmentOnly
 import com.okta.sdk.tests.it.util.ITSupport
 import com.okta.sdk.resource.client.ApiException
@@ -292,54 +290,6 @@ class PoliciesIT extends ITSupport {
             .forEach { assertRulesExpanded(it) }
     }
 
-    //TODO: this test is unnecessary (helper is no more), remove it
-    @Test
-    void testPolicyApiHelper() {
-
-        GroupApi groupApi = new GroupApi(getClient())
-
-        def group = GroupBuilder.instance()
-            .setName("group-" + UUID.randomUUID().toString())
-            .buildAndCreate(groupApi)
-        registerForCleanup(group)
-
-        PasswordPolicy policy = PasswordPolicyBuilder.instance()
-            .setAuthProvider(PasswordPolicyAuthenticationProviderType.OKTA)
-            .setExcludePasswordDictionary(false)
-            .setExcludeUserNameInPassword(false)
-            .setMinPasswordLength(8)
-            .setMinLowerCase(1)
-            .setMinUpperCase(1)
-            .setMinNumbers(1)
-            .setMinSymbols(1)
-            .addGroup(group.getId())
-            .setSkipUnlock(false)
-            .setPasswordExpireWarnDays(85)
-            .setPasswordHistoryCount(5)
-            .setPasswordMaxAgeDays(90)
-            .setPasswordMinMinutes(2)
-            .setPasswordAutoUnlockMinutes(5)
-            .setPasswordMaxAttempts(3)
-            .setShowLockoutFailures(true)
-            .setType(PolicyType.PASSWORD)
-            .setStatus(LifecycleStatus.ACTIVE)
-            .setPriority(1)
-            .setDescription("Dummy policy for Java SDK IT")
-            .setName("SDK policy "+ UUID.randomUUID().toString())
-            .buildAndCreate(policyApi) as PasswordPolicy
-        registerForCleanup(policy)
-
-        // get policy
-        PasswordPolicy passwordPolicy = (PasswordPolicy) policyApi.getPolicy(policy.getId(), null)
-        assertThat(passwordPolicy, notNullValue())
-        assertThat(passwordPolicy.getType(), is(PolicyType.PASSWORD))
-        assertThat(passwordPolicy.getStatus(), is(LifecycleStatus.ACTIVE))
-
-        // list policies
-        def policies= policyApi.listPolicies(PolicyType.PASSWORD.name(), LifecycleStatus.ACTIVE.name(), null)
-        assertThat(policies, not(empty()))
-    }
-
     static void assertRulesNotExpanded(Policy policy) {
         assertThat(policy.getEmbedded(), anyOf(nullValue(), not(hasKey("rules"))))
     }