From 0545e9c412c9d35cd46f8491a17ef2a1d5ac0867 Mon Sep 17 00:00:00 2001
From: LSmyrnaios <lsmyrnaios@gmail.com>
Date: Sat, 11 Jan 2025 14:32:38 +0200
Subject: [PATCH] - Upgrade project to use Java-17. - Update dependencies.

---
 build.gradle                                  | 21 ++++---
 gradle/wrapper/gradle-wrapper.properties      |  2 +-
 gradlew                                       |  3 +-
 installAndRun.sh                              |  2 +-
 .../urls_worker/UrlsWorkerApplication.java    | 20 +------
 .../components/AssignmentsHandler.java        |  2 +-
 .../controllers/GeneralController.java        |  2 +-
 .../security/SecurityConfiguration.java       | 59 ++++++++++---------
 src/main/resources/logback-spring.xml         |  7 +++
 9 files changed, 58 insertions(+), 60 deletions(-)

diff --git a/build.gradle b/build.gradle
index f7192c6..b50f282 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,20 +1,22 @@
 plugins {
-    id 'org.springframework.boot' version '2.7.18'
-    id 'io.spring.dependency-management' version '1.1.6'
+    id 'org.springframework.boot' version '3.4.1'
+    id 'io.spring.dependency-management' version '1.1.7'
     id 'java'
 }
 
 java {
     group = 'eu.openaire.urls_worker'
     version = '2.1.15'
-    sourceCompatibility = JavaVersion.VERSION_1_8
+    toolchain {
+        languageVersion = JavaLanguageVersion.of(17)
+    }
 }
 
 repositories {
     mavenCentral()
     maven {
-        name "d4science"
-        url "https://maven.d4science.org/nexus/content/repositories/dnet45-snapshots/"
+        name = "d4science"
+        url = "https://maven.d4science.org/nexus/content/repositories/dnet45-snapshots/"
     }
     // Enable the following, in case you want to test temporal-jars.
     /*flatDir {
@@ -23,15 +25,18 @@ repositories {
 }
 
 dependencies {
-    developmentOnly "org.springframework.boot:spring-boot-devtools"
+    //developmentOnly "org.springframework.boot:spring-boot-devtools"
 
     implementation("org.springframework.boot:spring-boot-starter-web")
     implementation("org.springframework.boot:spring-boot-starter-security")
+
     implementation("org.springframework.boot:spring-boot-configuration-processor")
+
     implementation("org.springframework.security:spring-security-core")
     implementation("org.springframework.security:spring-security-web")
     implementation("org.springframework.security:spring-security-config")
 
+
     //implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: '0.11.5'    // Use this in case we use auth-tokens later on.
 
     // Enable the validation annotations.
@@ -45,7 +50,7 @@ dependencies {
         exclude group: 'org.apache.commons', module: 'commons-compress'
     }
 
-    implementation group: 'com.google.guava', name: 'guava', version: '33.3.1-jre'
+    implementation group: 'com.google.guava', name: 'guava', version: '33.4.0-jre'
 
     // https://mvnrepository.com/artifact/com.google.code.gson/gson
     implementation 'com.google.code.gson:gson:2.11.0'
@@ -53,7 +58,7 @@ dependencies {
     implementation("org.apache.commons:commons-compress:1.27.1") {
         exclude group: 'com.github.luben', module: 'zstd-jni'
     }
-    implementation 'com.github.luben:zstd-jni:1.5.6-8'  // Even though this is part of the above dependency, the Apache commons rarely updates it, while the zstd team makes improvements very often.
+    implementation 'com.github.luben:zstd-jni:1.5.6-9'  // Even though this is part of the above dependency, the Apache commons rarely updates it, while the zstd team makes improvements very often.
     // Also, for compressing, we strangely need it to be explicitly declared independently, otherwise it does not work.
 
     testImplementation 'org.springframework.security:spring-security-test'
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index e2847c8..cea7a79 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.12-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
diff --git a/gradlew b/gradlew
index f5feea6..f3b75f3 100755
--- a/gradlew
+++ b/gradlew
@@ -86,8 +86,7 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
-' "$PWD" ) || exit
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
diff --git a/installAndRun.sh b/installAndRun.sh
index 2375fd8..391e2eb 100755
--- a/installAndRun.sh
+++ b/installAndRun.sh
@@ -18,7 +18,7 @@ elif [[ $# -gt 1 ]]; then
 	echo -e "Wrong number of arguments given: ${#} (more than 1)\nPlease execute it like: script.sh <justRun: 0 | 1>";	exit 2
 fi
 
-gradleVersion="8.11.1"
+gradleVersion="8.12"
 
 shouldBeCarefulWithMaxHeap=0 # This is NOT a cmd-arg.
 
diff --git a/src/main/java/eu/openaire/urls_worker/UrlsWorkerApplication.java b/src/main/java/eu/openaire/urls_worker/UrlsWorkerApplication.java
index 34f250a..e601b36 100644
--- a/src/main/java/eu/openaire/urls_worker/UrlsWorkerApplication.java
+++ b/src/main/java/eu/openaire/urls_worker/UrlsWorkerApplication.java
@@ -4,6 +4,7 @@ import eu.openaire.publications_retriever.PublicationsRetriever;
 import eu.openaire.urls_worker.components.ConnWithController;
 import eu.openaire.urls_worker.controllers.FullTextsController;
 import eu.openaire.urls_worker.util.UriBuilder;
+import jakarta.annotation.PreDestroy;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -17,13 +18,7 @@ import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.core.env.Environment;
 import org.springframework.scheduling.annotation.EnableScheduling;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
-import javax.annotation.PreDestroy;
-import java.util.Arrays;
-import java.util.Collections;
 import java.util.concurrent.TimeUnit;
 
 
@@ -105,19 +100,6 @@ public class UrlsWorkerApplication {
     }
 
 
-    @Bean
-    public CorsConfigurationSource corsConfigurationSource() {
-        CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(Collections.singletonList("*"));
-        configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
-        configuration.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token"));
-        configuration.setExposedHeaders(Collections.singletonList("x-auth-token"));
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        source.registerCorsConfiguration("/**", configuration);
-        return source;
-    }
-
-
     @Bean
     public CommandLineRunner setServerBaseUrl(Environment environment, ServletWebServerApplicationContext webServerAppCtxt)
     {
diff --git a/src/main/java/eu/openaire/urls_worker/components/AssignmentsHandler.java b/src/main/java/eu/openaire/urls_worker/components/AssignmentsHandler.java
index f69652f..2701f5a 100644
--- a/src/main/java/eu/openaire/urls_worker/components/AssignmentsHandler.java
+++ b/src/main/java/eu/openaire/urls_worker/components/AssignmentsHandler.java
@@ -56,7 +56,7 @@ public class AssignmentsHandler {
     private static final boolean askForTest = false; // Enable this only for testing.
     private static String requestUrl;
 
-    public static final RestTemplate restTemplate = new RestTemplateBuilder().setConnectTimeout(Duration.ofMinutes(2)).setReadTimeout(Duration.ofHours(1)).build();
+    public static final RestTemplate restTemplate = new RestTemplateBuilder().connectTimeout(Duration.ofMinutes(2)).readTimeout(Duration.ofHours(1)).build();
 
     public static boolean hadConnectionErrorOnRequest = false;
 
diff --git a/src/main/java/eu/openaire/urls_worker/controllers/GeneralController.java b/src/main/java/eu/openaire/urls_worker/controllers/GeneralController.java
index f0e4578..36ab12a 100644
--- a/src/main/java/eu/openaire/urls_worker/controllers/GeneralController.java
+++ b/src/main/java/eu/openaire/urls_worker/controllers/GeneralController.java
@@ -3,6 +3,7 @@ package eu.openaire.urls_worker.controllers;
 import eu.openaire.urls_worker.components.AssignmentsHandler;
 import eu.openaire.urls_worker.components.plugins.PublicationsRetrieverPlugin;
 import eu.openaire.urls_worker.util.UriBuilder;
+import jakarta.servlet.http.HttpServletRequest;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -11,7 +12,6 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
-import javax.servlet.http.HttpServletRequest;
 import java.io.File;
 import java.net.UnknownHostException;
 import java.util.regex.Pattern;
diff --git a/src/main/java/eu/openaire/urls_worker/security/SecurityConfiguration.java b/src/main/java/eu/openaire/urls_worker/security/SecurityConfiguration.java
index 76326fc..e7e40f4 100644
--- a/src/main/java/eu/openaire/urls_worker/security/SecurityConfiguration.java
+++ b/src/main/java/eu/openaire/urls_worker/security/SecurityConfiguration.java
@@ -3,46 +3,51 @@ package eu.openaire.urls_worker.security;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import java.util.Arrays;
+import java.util.Collections;
 
 
 @Configuration
 @EnableWebSecurity
-@EnableGlobalMethodSecurity (
-        securedEnabled = false, // Just for now..
-        jsr250Enabled = true,
-        prePostEnabled = true
-)
+@EnableMethodSecurity(securedEnabled = true, jsr250Enabled = true, prePostEnabled = true)
 public class SecurityConfiguration {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http
-                .headers()
-                .frameOptions()
-                .sameOrigin()
-                .and()
-                .cors()
-                .and()
-                .csrf()
-                .disable()
-                .exceptionHandling()
-                .and()
-                .sessionManagement()
-                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-                .and()
-                .authorizeRequests()
-                .antMatchers("/**").permitAll()
-                //.anyRequest().authenticated()
-                //.and()
-                //.requiresChannel()
-                //.anyRequest().requiresSecure()
-        ;
+        http.cors(AbstractHttpConfigurer::disable)
+                .csrf(AbstractHttpConfigurer::disable)
+                .sessionManagement(sessionManager -> sessionManager.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .exceptionHandling(Customizer.withDefaults())
+                .authorizeHttpRequests(authorizeHttpRequest -> authorizeHttpRequest.requestMatchers("/actuator/health", "/actuator/metrics", "/actuator/metrics/**", "/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html", "/api/monitor/**", "/api/authentication/**")
+                        .permitAll()
+                        .anyRequest()
+                        .permitAll()    // For now..
+                );
         return http.build();
     }
 
+
+    @Bean
+    public CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration configuration = new CorsConfiguration();
+        configuration.setAllowedOrigins(Collections.singletonList("*"));
+        configuration.setAllowedMethods(Arrays.asList("GET", "POST"));
+        configuration.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token"));
+        configuration.setExposedHeaders(Collections.singletonList("x-auth-token"));
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", configuration);
+        return source;
+    }
+
 }
diff --git a/src/main/resources/logback-spring.xml b/src/main/resources/logback-spring.xml
index 52dce52..51b4b38 100644
--- a/src/main/resources/logback-spring.xml
+++ b/src/main/resources/logback-spring.xml
@@ -1,6 +1,13 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE configuration>
+
 <configuration debug="false">
 
+    <!-- Silence internal status printing. Comment out to troubleshoot logging-errors. -->
+    <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+
+    <shutdownHook class="ch.qos.logback.core.hook.DefaultShutdownHook"/>
+
     <appender name="RollingFile" class="ch.qos.logback.core.rolling.RollingFileAppender">
         <file>${LOG_PATH}/UrlsWorker.log</file>