branch develop updated (2e1b9fd9 -> 5f169b95)
This is an automated email from the git hooks/post-receive script. New change to branch develop in repository pollen. See https://gitlab.nuiton.org/chorem/pollen.git from 2e1b9fd9 Maj vers webpack 4 new 5f169b95 Maj des dépendances java The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Detailed log of new commits: commit 5f169b9539792fbaa8cc94983bb663ea34c282d6 Author: Sylvain Bavencoff <bavencoff@codelutin.com> Date: Wed May 16 17:51:53 2018 +0200 Maj des dépendances java Summary of changes: pollen-rest-api/pom.xml | 7 +- .../org/chorem/pollen/rest/api/v1/AuthApi.java | 6 +- .../pollen/rest/api/AbstractPollenRestApiTest.java | 2 + pollen-services/pom.xml | 7 +- .../services/DefaultPollenServiceContext.java | 52 +++--- .../services/config/PollenServicesConfig.java | 5 +- pom.xml | 179 ++++----------------- 7 files changed, 59 insertions(+), 199 deletions(-) -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.
This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository pollen. See https://gitlab.nuiton.org/chorem/pollen.git commit 5f169b9539792fbaa8cc94983bb663ea34c282d6 Author: Sylvain Bavencoff <bavencoff@codelutin.com> Date: Wed May 16 17:51:53 2018 +0200 Maj des dépendances java --- pollen-rest-api/pom.xml | 7 +- .../org/chorem/pollen/rest/api/v1/AuthApi.java | 6 +- .../pollen/rest/api/AbstractPollenRestApiTest.java | 2 + pollen-services/pom.xml | 7 +- .../services/DefaultPollenServiceContext.java | 52 +++--- .../services/config/PollenServicesConfig.java | 5 +- pom.xml | 179 ++++----------------- 7 files changed, 59 insertions(+), 199 deletions(-) diff --git a/pollen-rest-api/pom.xml b/pollen-rest-api/pom.xml index 1fa47b6f..deac8494 100644 --- a/pollen-rest-api/pom.xml +++ b/pollen-rest-api/pom.xml @@ -107,7 +107,7 @@ <dependency> <groupId>org.jboss.spec.javax.ws.rs</groupId> - <artifactId>jboss-jaxrs-api_2.0_spec</artifactId> + <artifactId>jboss-jaxrs-api_2.1_spec</artifactId> </dependency> <dependency> @@ -142,11 +142,6 @@ <artifactId>jackson-databind</artifactId> </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - <dependency> <groupId>org.nuiton.web</groupId> <artifactId>nuiton-web</artifactId> diff --git a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java index 3436d3dd..a895c975 100644 --- a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java +++ b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java @@ -25,7 +25,6 @@ import com.google.gson.Gson; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.shiro.codec.Base64; import org.brickred.socialauth.SocialAuthManager; import org.chorem.pollen.persistence.entity.LoginProvider; import org.chorem.pollen.persistence.entity.PollenUser; @@ -37,9 +36,7 @@ import org.chorem.pollen.services.service.PollenUserService; import org.chorem.pollen.services.service.SocialAuthService; import org.chorem.pollen.services.service.security.MissingAuthenticationException; import org.chorem.pollen.services.service.security.PollenAuthenticationException; -import org.chorem.pollen.services.service.security.PollenCypherTechnicalException; import org.chorem.pollen.services.service.security.PollenEmailNotValidatedException; -import org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException; import org.chorem.pollen.services.service.security.PollenSecurityContext; import org.chorem.pollen.services.service.security.PollenUserBannedException; import org.chorem.pollen.services.service.security.PollenUserUnknownException; @@ -59,6 +56,7 @@ import javax.ws.rs.QueryParam; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import java.util.Base64; import java.util.List; import java.util.Map; @@ -88,7 +86,7 @@ public class AuthApi { PollenUserBannedException { if (StringUtils.startsWith(authHeader, "Basic ")) { - String s = new String(Base64.decode(StringUtils.substringAfter(authHeader, "Basic "))); + String s = new String(Base64.getDecoder().decode(StringUtils.substringAfter(authHeader, "Basic "))); String[] lp = s.split(":"); String login = lp[0]; String password = lp[1]; diff --git a/pollen-rest-api/src/test/java/org/chorem/pollen/rest/api/AbstractPollenRestApiTest.java b/pollen-rest-api/src/test/java/org/chorem/pollen/rest/api/AbstractPollenRestApiTest.java index 72136178..0b98651e 100644 --- a/pollen-rest-api/src/test/java/org/chorem/pollen/rest/api/AbstractPollenRestApiTest.java +++ b/pollen-rest-api/src/test/java/org/chorem/pollen/rest/api/AbstractPollenRestApiTest.java @@ -160,6 +160,8 @@ public class AbstractPollenRestApiTest { context.addParameter("javax.ws.rs.Application", PollenRestApiApplication.class.getName()); context.addServletMappingDecoded("/*", RESTEASY_SERVLET_NAME); server.start(); + +// Thread.sleep(60000); } protected String getWebappLocation() { diff --git a/pollen-services/pom.xml b/pollen-services/pom.xml index 72ae8dec..e8d1d3a4 100644 --- a/pollen-services/pom.xml +++ b/pollen-services/pom.xml @@ -181,11 +181,6 @@ <artifactId>nuiton-config</artifactId> </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> @@ -221,7 +216,7 @@ <dependency> <groupId>org.jboss.spec.javax.ws.rs</groupId> - <artifactId>jboss-jaxrs-api_2.0_spec</artifactId> + <artifactId>jboss-jaxrs-api_2.1_spec</artifactId> </dependency> <dependency> diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/DefaultPollenServiceContext.java b/pollen-services/src/main/java/org/chorem/pollen/services/DefaultPollenServiceContext.java index 9fef42d9..23fa38d6 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/DefaultPollenServiceContext.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/DefaultPollenServiceContext.java @@ -26,11 +26,6 @@ import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Hex; import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; -import org.apache.shiro.crypto.RandomNumberGenerator; -import org.apache.shiro.crypto.hash.DefaultHashService; -import org.apache.shiro.crypto.hash.Hash; -import org.apache.shiro.crypto.hash.HashRequest; -import org.apache.shiro.util.ByteSource; import org.chorem.pollen.persistence.PollenPersistenceContext; import org.chorem.pollen.persistence.PollenTopiaApplicationContext; import org.chorem.pollen.services.config.PollenServicesConfig; @@ -39,8 +34,12 @@ import org.chorem.pollen.votecounting.VoteCountingFactory; import java.lang.reflect.Constructor; import java.lang.reflect.InvocationTargetException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; import java.util.Date; import java.util.Locale; +import java.util.Random; import java.util.UUID; public class DefaultPollenServiceContext implements PollenServiceContext { @@ -55,11 +54,6 @@ public class DefaultPollenServiceContext implements PollenServiceContext { private PollenTopiaApplicationContext topiaApplicationContext; - /** - * To hash passwords. - */ - protected DefaultHashService hashService; - protected VoteCountingFactory voteCountingFactory; protected PollenUIContext uiContext; @@ -118,11 +112,10 @@ public class DefaultPollenServiceContext implements PollenServiceContext { @Override public String generateSalt() { - - RandomNumberGenerator generator = getHashService().getRandomNumberGenerator(); - ByteSource byteSource = generator.nextBytes(); - return byteSource.toBase64(); - + final Random r = new SecureRandom(); + byte[] salt = new byte[32]; + r.nextBytes(salt); + return Base64.encodeBase64String(salt); } @Override @@ -154,10 +147,19 @@ public class DefaultPollenServiceContext implements PollenServiceContext { @Override public String encodePassword(String salt, String password) { + String hashAlgorithmName = getPollenServicesConfig().getHashAlgorithmName(); + + try { + MessageDigest digest = MessageDigest.getInstance(hashAlgorithmName); + + digest.reset(); + digest.update(salt.getBytes()); + byte[] hashedBytes = digest.digest(password.getBytes()); + return Base64.encodeBase64String(hashedBytes); - HashRequest hashRequest = new HashRequest.Builder().setSalt(salt).setSource(password).build(); - Hash hash = getHashService().computeHash(hashRequest); - return hash.toBase64(); + } catch (NoSuchAlgorithmException e) { + throw new PollenTechnicalException("unable to hash password with " + hashAlgorithmName, e); + } } @@ -214,18 +216,4 @@ public class DefaultPollenServiceContext implements PollenServiceContext { } - protected DefaultHashService getHashService() { - - if (hashService == null) { - - hashService = new DefaultHashService(); - String hashAlgorithmName = getPollenServicesConfig().getHashAlgorithmName(); - hashService.setHashAlgorithmName(hashAlgorithmName); - - } - - return hashService; - - } - } diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/config/PollenServicesConfig.java b/pollen-services/src/main/java/org/chorem/pollen/services/config/PollenServicesConfig.java index 591be692..1f611143 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/config/PollenServicesConfig.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/config/PollenServicesConfig.java @@ -26,7 +26,6 @@ import com.google.common.collect.Maps; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.shiro.crypto.hash.Sha512Hash; import org.chorem.pollen.persistence.entity.CommentVisibility; import org.chorem.pollen.persistence.entity.PollType; import org.chorem.pollen.persistence.entity.ResultVisibility; @@ -82,7 +81,7 @@ public class PollenServicesConfig extends GeneratedPollenServicesConfig { for (PollenServicesConfigOption option : options) { builder.append(String.format("\n%1$-40s = %2$s", option.getKey(), - applicationConfig.getOption(option))); + applicationConfig.getOption(String.class, option.getKey()))); } log.info(builder.toString()); } @@ -106,7 +105,7 @@ public class PollenServicesConfig extends GeneratedPollenServicesConfig { } public String getHashAlgorithmName() { - return Sha512Hash.ALGORITHM_NAME; + return "SHA-512"; } @Override diff --git a/pom.xml b/pom.xml index cfa25a01..47b6aedb 100644 --- a/pom.xml +++ b/pom.xml @@ -174,29 +174,27 @@ <projectId>pollen</projectId> <!-- customized versions --> - <resteasyVersion>3.0.17.Final</resteasyVersion> - <jacksonVersion>2.8.11</jacksonVersion> + <resteasyVersion>3.5.1.Final</resteasyVersion> + <jacksonVersion>2.9.5</jacksonVersion> - <nuitonI18nVersion>3.6.2</nuitonI18nVersion> + <nuitonI18nVersion>3.7</nuitonI18nVersion> <eugenePluginVersion>3.0-alpha-10</eugenePluginVersion> - <topiaVersion>3.4</topiaVersion> + <topiaVersion>3.4.1</topiaVersion> <flywayVersion>5.0.0</flywayVersion> - <nuitonWebVersion>1.19</nuitonWebVersion> - <nuitonUtilsVersion>3.0-rc-17</nuitonUtilsVersion> - <nuitonConfigVersion>3.1.1</nuitonConfigVersion> + <nuitonWebVersion>1.20</nuitonWebVersion> + <nuitonUtilsVersion>3.0</nuitonUtilsVersion> + <nuitonConfigVersion>3.4</nuitonConfigVersion> <nuitonCsvVersion>3.0-alpha-3</nuitonCsvVersion> - <nuitonValidatorVersion>3.0.1</nuitonValidatorVersion> - <h2Version>1.4.178</h2Version> - <postgresqlVersion>9.4.1212.jre7</postgresqlVersion> - <shiroVersion>1.2.6</shiroVersion> - <javaJwtVersion>3.2.0</javaJwtVersion> - <slf4jVersion>1.7.22</slf4jVersion> - <jettyVersion>9.0.3.v20130506</jettyVersion> - <tomcatEmbedVersion>8.0.51</tomcatEmbedVersion> + <nuitonValidatorVersion>3.2</nuitonValidatorVersion> + <h2Version>1.4.197</h2Version> + <postgresqlVersion>42.2.2.jre7</postgresqlVersion> + <javaJwtVersion>3.3.0</javaJwtVersion> + <slf4jVersion>1.7.25</slf4jVersion> + <tomcatEmbedVersion>8.5.31</tomcatEmbedVersion> + <tomcatEmbedLoggingVersion>8.5.2</tomcatEmbedLoggingVersion> <hibernateVersion>5.2.10.Final</hibernateVersion> - <seleniumVersion>2.33.0</seleniumVersion> - <httpCommonsHttpclientVersion>4.5.2</httpCommonsHttpclientVersion> + <httpCommonsHttpclientVersion>4.5.5</httpCommonsHttpclientVersion> <pollenI18nBundle>pollen-i18n</pollenI18nBundle> <!-- license to use --> @@ -257,7 +255,7 @@ <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-lang3</artifactId> - <version>3.5</version> + <version>3.7</version> </dependency> <dependency> <groupId>commons-logging</groupId> @@ -267,7 +265,7 @@ <dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> - <version>2.5</version> + <version>2.6</version> </dependency> <dependency> <groupId>commons-beanutils</groupId> @@ -277,7 +275,7 @@ <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> - <version>1.10</version> + <version>1.11</version> </dependency> <dependency> <groupId>org.apache.commons</groupId> @@ -288,14 +286,14 @@ <dependency> <groupId>com.sun.mail</groupId> <artifactId>javax.mail</artifactId> - <version>1.5.2</version> + <version>1.6.1</version> </dependency> <!-- Guava --> <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>21.0</version> + <version>25.0-jre</version> </dependency> <!-- persistence module dependencies --> @@ -349,7 +347,7 @@ <dependency> <groupId>com.esotericsoftware.yamlbeans</groupId> <artifactId>yamlbeans</artifactId> - <version>1.11</version> + <version>1.13</version> </dependency> <dependency> @@ -402,12 +400,12 @@ <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> - <version>2.8.0</version> + <version>${jacksonVersion}</version> </dependency> <dependency> <groupId>org.jboss.spec.javax.ws.rs</groupId> - <artifactId>jboss-jaxrs-api_2.0_spec</artifactId> + <artifactId>jboss-jaxrs-api_2.1_spec</artifactId> <version>1.0.0.Final</version> </dependency> @@ -456,25 +454,6 @@ <version>${nuitonI18nVersion}</version> </dependency> - <dependency> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-runner</artifactId> - <version>9.4.0.v20161208</version> - </dependency> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>javax.servlet-api</artifactId> - <version>3.1.0</version> - </dependency> - - <!-- Shiro --> - - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - <version>${shiroVersion}</version> - </dependency> - <!-- Jwt-java --> <dependency> <groupId>com.auth0</groupId> @@ -482,32 +461,12 @@ <version>${javaJwtVersion}</version> </dependency> - <!--dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-web</artifactId> - <version>${shiroVersion}</version> - </dependency--> - - <!-- JFreeChart --> - - <!--dependency> - <groupId>org.jfree</groupId> - <artifactId>jfreechart</artifactId> - <version>1.0.14</version> - </dependency> - - <dependency> - <groupId>org.jfree</groupId> - <artifactId>jcommon</artifactId> - <version>1.0.17</version> - </dependency--> - <!-- Rome (rss) --> <dependency> <groupId>com.rometools</groupId> <artifactId>rome</artifactId> - <version>1.7.2</version> + <version>1.9.0</version> </dependency> <!-- Logging --> @@ -527,13 +486,6 @@ <version>0.9.5</version> </dependency> - <!--dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.5</version> - <scope>provided</scope> - </dependency--> - <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>fluent-hc</artifactId> @@ -543,7 +495,7 @@ <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpcore</artifactId> - <version>4.4.5</version> + <version>4.4.9</version> </dependency> <dependency> @@ -555,23 +507,16 @@ <dependency> <groupId>com.google.code.gson</groupId> <artifactId>gson</artifactId> - <version>2.8.0</version> + <version>2.8.4</version> </dependency> <dependency> <groupId>javax</groupId> <artifactId>javaee-api</artifactId> - <version>7.0</version> + <version>8.0</version> <scope>provided</scope> </dependency> - <!--dependency> - <groupId>org.mortbay.jetty</groupId> - <artifactId>jetty-runner</artifactId> - <version>${jettyVersion}</version> - <scope>provided</scope> - </dependency--> - <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-core</artifactId> @@ -582,14 +527,14 @@ <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-logging-juli</artifactId> - <version>${tomcatEmbedVersion}</version> + <version>${tomcatEmbedLoggingVersion}</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-logging-log4j</artifactId> - <version>${tomcatEmbedVersion}</version> + <version>${tomcatEmbedLoggingVersion}</version> <scope>provided</scope> </dependency> @@ -625,68 +570,6 @@ <version>4.14</version> </dependency> - <!--dependency> - <groupId>javax.activation</groupId> - <artifactId>activation</artifactId> - <version>1.1.1</version> - </dependency--> - - <!-- Selenium --> - <!--dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-api</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-support</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-chrome-driver</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-ie-driver</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-safari-driver</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-firefox-driver</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-htmlunit-driver</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-java</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.seleniumhq.selenium</groupId> - <artifactId>selenium-remote-driver</artifactId> - <version>${seleniumVersion}</version> - <scope>test</scope> - </dependency--> - <!-- Logging --> <dependency> <groupId>log4j</groupId> @@ -698,7 +581,7 @@ <dependency> <groupId>org.mockito</groupId> <artifactId>mockito-core</artifactId> - <version>2.6.2</version> + <version>2.18.3</version> <scope>test</scope> </dependency> <dependency> @@ -717,7 +600,7 @@ <dependency> <groupId>org.assertj</groupId> <artifactId>assertj-core</artifactId> - <version>3.7.0</version> + <version>3.10.0</version> <scope>test</scope> </dependency> -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.
participants (1)
-
chorem.org scm