Release to master (#170)

* Changed build process to add exec-jar
Added spring-maven dependency execution for fat-jar
Added maven-version plugin
Updated to version 1.1.1

* Changed build process to add exec-jar
Added spring-maven dependency execution for fat-jar
Added maven-version plugin
Updated to version 1.1.1

* Updated profiles to fix profile including error

* Added possible postgres config for example application

* Added possible postgres config for example application
New version 1.1.2

* Added possible postgres config for example application
New version 1.1.2

* Added possible postgres config for example application
New version 1.1.2

* Added possible postgres config for example application
New version 1.1.2
Added missing classifier

* Added possible postgres config for example application
New version 1.1.3
Added missing classifier

* Changed implementation of KeyRotationServiceImpl.java to anonymous implementation because there is an error with the typeresolver due to old java 6 dependency

* Update sts version to 1.1.4

* New version of keymanagement

* New version of keymanagement

* New version of keymanagement

* New version of keymanagement

* Increased release timeout

* Fixed Json parsing Bug in PopController#getPublicKeys

* Increased version to 1.1.8

* Fixed json parser bug because of unneccessary toString();

* Increased version to 1.1.9

* Made CorsFilter Policy configurable because of IllegalStateException due to miss configuration

* Increased version to 1.1.10

* Increased version to 1.1.11

* Made jwk cacheable in AuthServer

* Increased version to 1.1.12

* Increased version of bouncycastle-adapter to 0.0.10

* Increased version to 1.1.13

* Added tests for AuthServer to see if cache is working

* Changed sequence names to 'old names' to prevent errors in legacy databases because of missing sequences in hibernate

* increased version to 1.1.14

* Updated SecurityConfiguration to disabled cors by configuration (default activated)

* increased version to 1.1.15

* Downgraded jupiter-junit to version 5.9.6 because of test errors in AuthServerTest

* Klartax prod issues (#166)

* Increased version to 1.1.16

* Changed cors configuration to set disabled first to prevent cors configuration exceptions

* Updated version to 1.17

* Replaced deprecated PostgreSQL94Dialect with PostgreSQLDialect

* spring.jpa.open-in-view ist standardmäßig aktiviert: behoben

* Excluded SecurityAutoConfiguration to prevent Spring from creating a default user

* Changed SecurityConfiguration to allow access to swagger

* Changed SecurityConfiguration to allow access to swagger

* Excluded AutoConfiguration for UserDetailsService

* Added RequestMatchers to address warnings for ignored paths

* Increased version to 1.19

* Logs for error analyses (#167)

* Increased version to 1.1.16

* Changed cors configuration to set disabled first to prevent cors configuration exceptions

* Updated version to 1.17

* Replaced deprecated PostgreSQL94Dialect with PostgreSQLDialect

* spring.jpa.open-in-view ist standardmäßig aktiviert: behoben

* Excluded SecurityAutoConfiguration to prevent Spring from creating a default user

* Changed SecurityConfiguration to allow access to swagger

* Changed SecurityConfiguration to allow access to swagger

* Excluded AutoConfiguration for UserDetailsService

* Added RequestMatchers to address warnings for ignored paths

* Increased version to 1.19

* Added logs for refreshing cache to see if there is a concurrent call to update cache which leads to sequence errors

* Added logs for refreshing cache to see if there is a concurrent call to update cache which leads to sequence errors

* Added logs for refreshing cache to see if there is a concurrent call to update cache which leads to sequence errors

* Added logs for refreshing cache to see if there is a concurrent call to update cache which leads to sequence errors

* update workflow to java 17 (#168)

* update workflow to java 17

* Start next iteration with 1.1.20-SNAPSHOT

* update maven plugin versions

* [release] Prepare release 1.1.20

---------

Co-authored-by: marcelmeyer <[email protected]>
Co-authored-by: Mme-adorsys <[email protected]>

.github/workflows/pull-requests.yml

@@ -7,19 +7,20 @@ on:
 
 jobs:
   build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-      - name: Check out repository code
-        uses: actions/checkout@v2
+      - name: Step 1 - Checkout repository code
+        uses: actions/checkout@v4
 
-      - name: Set up JDK 17
-        uses: actions/setup-java@v2
+      - name: Step 2 - Set up JDK 17
+        uses: actions/setup-java@v4
         with:
-          distribution: 'adopt'
           java-version: '17'
+          distribution: 'temurin'
+          cache: 'maven'
 
-      - name: Maven build and test
-        run: mvn clean verify -B -V
+      - name: Step 3 - Build & Test
+        run: mvn clean verify -ntp
 
-      - name: Build client
+      - name: Step 4 - Build client
         run: ./scripts/build_client.sh

.github/workflows/push-in-develop.yml

@@ -6,15 +6,22 @@ on:
 
 jobs:
   Develop-Branch-Build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-      - name: Check out repository code
-        uses: actions/checkout@v2
+      - name: Step 1 - Checkout repository code
+        uses: actions/checkout@v4
 
-      - name: Maven build and test
-        run: mvn clean verify -B -V
+      - name: Step 2 - Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: 'maven'
 
-      - name: Build client
+      - name: Step 3 - Build & Test
+        run: mvn clean verify -ntp
+
+      - name: Step 5 - Build client
         run: ./scripts/build_client.sh
 
       - name: Maven deploy snapshot

.github/workflows/push-with-v-tag.yml

@@ -6,12 +6,19 @@ on:
 
 jobs:
   build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-      - name: Check out repository code
-        uses: actions/checkout@v2
+      - name: Step 1 - Checkout repository code
+        uses: actions/checkout@v4
 
-      - name: deploy to Maven
+      - name: Step 2 - Setup JDK
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: 'maven'
+
+      - name: Step 3 - deploy to Maven
         run: ./scripts/mvn_deploy.sh
         env:
           SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}

keycloak-storage-provider/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>de.adorsys.sts</groupId>
         <artifactId>secure-token-service</artifactId>
-        <version>1.1.0</version>
+        <version>1.1.20</version>
     </parent>
 
     <artifactId>keycloak-storage-provider</artifactId>

pom.xml

@@ -5,7 +5,7 @@
 
     <groupId>de.adorsys.sts</groupId>
     <artifactId>secure-token-service</artifactId>
-    <version>1.1.0</version>
+    <version>1.1.20</version>
     <packaging>pom</packaging>
 
     <name>SecureTokenService</name>
@@ -52,7 +52,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <spring-boot.version>3.0.6</spring-boot.version>
-        <keystore-management.version>0.0.7</keystore-management.version>
+        <keystore-management.version>0.0.10</keystore-management.version>
         <shedlock.version>5.3.0</shedlock.version>
         <springfox-swagger.version>3.0.0</springfox-swagger.version>
         <jackson.version>2.15.1</jackson.version>
@@ -65,6 +65,14 @@
         <testcontainers.version>1.17.6</testcontainers.version>
         <nimbus-jose-jwt.version>9.31</nimbus-jose-jwt.version>
         <scmBranch/>
+        <nexus-staging-maven-plugin.version>1.6.13</nexus-staging-maven-plugin.version>
+        <maven-source-plugin.version>3.3.0</maven-source-plugin.version>
+        <maven-release-plugin.version>3.0.1</maven-release-plugin.version>
+        <maven-jar-plugin.version>3.3.0</maven-jar-plugin.version>
+        <buildnumber-maven-plugin.version>3.2.0</buildnumber-maven-plugin.version>
+        <maven-deploy-plugin.version>3.1.1</maven-deploy-plugin.version>
+        <maven-gpg-plugin.version>3.1.0</maven-gpg-plugin.version>
+        <maven-javadoc-plugin.version>3.6.0</maven-javadoc-plugin.version>
     </properties>
 
     <modules>
@@ -441,7 +449,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-javadoc-plugin</artifactId>
-                    <version>3.1.1</version>
+                    <version>${maven-javadoc-plugin.version}</version>
                     <configuration>
                         <charset>${project.build.sourceEncoding}</charset>
                         <encoding>${project.build.sourceEncoding}</encoding>
@@ -451,7 +459,7 @@
                 </plugin>
                 <plugin>
                     <artifactId>maven-release-plugin</artifactId>
-                    <version>3.0.0-M1</version>
+                    <version>${maven-release-plugin.version}</version>
                     <configuration>
                         <releaseProfiles>release</releaseProfiles>
                         <autoVersionSubmodules>true</autoVersionSubmodules>
@@ -468,7 +476,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-jar-plugin</artifactId>
-                    <version>3.2.0</version>
+                    <version>${maven-jar-plugin.version}</version>
                     <configuration>
                         <archive>
                             <manifest>
@@ -492,7 +500,7 @@
                 <plugin>
                     <groupId>org.codehaus.mojo</groupId>
                     <artifactId>buildnumber-maven-plugin</artifactId>
-                    <version>1.4</version>
+                    <version>${buildnumber-maven-plugin.version}</version>
                     <executions>
                         <execution>
                             <phase>validate</phase>
@@ -531,15 +539,15 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-deploy-plugin</artifactId>
-                        <version>2.8.2</version>
+                        <version>${maven-deploy-plugin.version}</version>
                         <configuration>
                             <deployAtEnd>true</deployAtEnd>
                         </configuration>
                     </plugin>
                     <plugin>
                         <groupId>org.sonatype.plugins</groupId>
                         <artifactId>nexus-staging-maven-plugin</artifactId>
-                        <version>1.6.13</version>
+                        <version>${nexus-staging-maven-plugin.version}</version>
                         <extensions>true</extensions>
                         <configuration>
                             <serverId>sonatype</serverId>
@@ -550,7 +558,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-source-plugin</artifactId>
-                        <version>3.2.1</version>
+                        <version>${maven-source-plugin.version}</version>
                         <executions>
                             <execution>
                                 <id>attach-sources</id>
@@ -563,13 +571,8 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-gpg-plugin</artifactId>
-                        <version>3.0.1</version>
+                        <version>${maven-gpg-plugin.version}</version>
                         <configuration>
-                                <keyname>[email protected]</keyname>
-                            <gpgArguments>
-                                <arg>--pinentry-mode</arg>
-                                <arg>loopback</arg>
-                            </gpgArguments>
                         </configuration>
                         <executions>
                             <execution>
@@ -578,18 +581,13 @@
                                 <goals>
                                     <goal>sign</goal>
                                 </goals>
-                                <configuration>
-                                    <gpgArguments>
-                                        <arg>--pinentry-mode</arg>
-                                        <arg>loopback</arg>
-                                    </gpgArguments>
-                                </configuration>
                             </execution>
                         </executions>
                     </plugin>
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-javadoc-plugin</artifactId>
+                        <version>${maven-javadoc-plugin.version}</version>
                         <configuration>
                             <source>17</source>
                             <doclint>none</doclint>

postgres.docker-compose.yml

@@ -45,18 +45,18 @@ services:
       - SPRING_PROFILES_INCLUDE=debug
     command: config-cli
   sts-db:
-    image: postgres:9.6-alpine
+    image: postgres:latest
     container_name: sts_db
     environment:
       POSTGRES_USER: db_user
       POSTGRES_PASSWORD: db_user@123
       POSTGRES_DB: sts
-    volumes:
-      - "./.docker/sts-db/postgres:/var/lib/postgresql/data"
+#    volumes:
+#      - "./.docker/sts-db/postgres:/var/lib/postgresql/data"
     ports:
       - 5432:5432
-    networks:
-      - sts_network
+#    networks:
+#      - sts_network
   sts:
     build: ./sts-example
     image: "local/sts-example:latest"

scripts/mvn_deploy.sh

@@ -5,4 +5,4 @@ set -e
 echo "$GPG_SECRET_KEY" | base64 --decode | $GPG_EXECUTABLE --import --no-tty --batch --yes || true
 echo "$GPG_OWNERTRUST" | base64 --decode | $GPG_EXECUTABLE --import-ownertrust --no-tty --batch --yes || true
 
-mvn --no-transfer-progress --settings scripts/settings.xml package gpg:sign deploy -Prelease -DskipTests -B -U || exit 1
+mvn clean deploy -ntp --settings scripts/settings.xml gpg:sign -Prelease -DskipTests -U || exit 1

sts-client-example/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sts-client-example",
-  "version": "1.1.0-SNAPSHOT",
+  "version": "1.1.20",
   "license": "MIT",
   "scripts": {
     "ng": "npx ng ",

sts-common/pom.xml

@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>de.adorsys.sts</groupId>
 		<artifactId>secure-token-service</artifactId>
-		<version>1.1.0</version>
+		<version>1.1.20</version>
 	</parent>
 
 	<artifactId>sts-common</artifactId>
@@ -94,6 +94,17 @@
 						<configuration>
 							<jvmArguments>-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=10022</jvmArguments>
 						</configuration>
+						<executions>
+							<execution>
+								<id>fat-jar</id>
+								<goals>
+									<goal>repackage</goal>
+								</goals>
+								<configuration>
+									<classifier>exec</classifier>
+								</configuration>
+							</execution>
+						</executions>
 					</plugin>
 				</plugins>
 			</build>

sts-example/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>secure-token-service</artifactId>
         <groupId>de.adorsys.sts</groupId>
-        <version>1.1.0</version>
+        <version>1.1.20</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
@@ -36,9 +36,13 @@
                 <version>${spring-boot.version}</version>
                 <executions>
                     <execution>
+                        <id>fat-jar</id>
                         <goals>
                             <goal>repackage</goal>
                         </goals>
+                        <configuration>
+                            <classifier>exec</classifier>
+                        </configuration>
                     </execution>
                 </executions>
             </plugin>

sts-example/src/main/java/de/adorsys/sts/example/config/SecurityConfiguration.java

@@ -20,6 +20,8 @@ public class SecurityConfiguration {
 
     @Bean
     protected SecurityFilterChain securityFilterChain(HttpSecurity http, TokenAuthenticationService tokenAuthenticationService) throws Exception {
+
+
         http.cors().and()
                 .csrf().disable()
                 .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)

sts-example/src/main/java/de/adorsys/sts/example/config/StsConfiguration.java

@@ -17,16 +17,11 @@
 @EnableResourceServerInitialization
 @EnableEncryption
 @EnablePOP
-@EnableKeyRotation
+//@EnableKeyRotation
 @EnableTokenAuthentication
 @EnableSecretServerClient
 public class StsConfiguration {
 
-    @Bean
-    public TaskScheduler taskExecutor() {
-        return new ConcurrentTaskScheduler();
-    }
-
     @Bean
     ResourceServerRepository resourceServerRepository() {
         return new InMemoryResourceServerRepository();

sts-example/src/main/resources/application.yml

@@ -21,6 +21,13 @@ spring:
     default-schema: public
 
 sts:
+  secret-server-client:
+    audience: moped-client
+    secret-server-uri: http://localhost:8885/secret-server/token-exchange
+    cache:
+      enabled: true
+      maximum-size: 1000
+      expire-after-access: 10
   resource-server-management:
     resource-retriever:
       http-connect-timeout: 10000

sts-keymanagement/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>secure-token-service</artifactId>
         <groupId>de.adorsys.sts</groupId>
-        <version>1.1.0</version>
+        <version>1.1.20</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

sts-keymanagement/sts-keymanagement-api/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>sts-keymanagement</artifactId>
         <groupId>de.adorsys.sts</groupId>
-        <version>1.1.0</version>
+        <version>1.1.20</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
@@ -30,7 +30,7 @@
         <dependency>
             <groupId>de.adorsys.keymanagement</groupId>
             <artifactId>api</artifactId>
-            <version>0.0.7</version>
+            <version>0.0.9</version>
         </dependency>
 
     </dependencies>