GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Use version catalog to resolve nimbus dependency versions 

Issue gh-14047
pull/14143/head
Marcus Hert Da Coregio 2 years ago
parent
2cd302fb1b
commit
3f64c6d745
1 changed files with 20 additions and 87 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 107
      buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java

107
buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java
Unescape View File

@ -16,16 +16,12 @@ @@ -16,16 +16,12 @@
package org.springframework.security.convention.versions;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import org.gradle.api.DefaultTask;
import org.gradle.api.Plugin;
import org.gradle.api.Project;
import org.gradle.api.artifacts.Configuration;
import org.gradle.api.artifacts.MinimalExternalModuleDependency;
import org.gradle.api.artifacts.VersionCatalog;
import org.gradle.api.artifacts.VersionCatalogsExtension;
import org.gradle.api.plugins.JavaBasePlugin;
import org.gradle.api.tasks.TaskAction;
import org.gradle.api.tasks.TaskProvider;
@ -37,101 +33,38 @@ public class VerifyDependenciesVersionsPlugin implements Plugin<Project> { @@ -37,101 +33,38 @@ public class VerifyDependenciesVersionsPlugin implements Plugin<Project> {
TaskProvider<VerifyDependenciesVersionsTask> verifyDependenciesVersionsTaskProvider = project.getTasks().register("verifyDependenciesVersions", VerifyDependenciesVersionsTask.class, (task) -> {
task.setGroup("Verification");
task.setDescription("Verify that specific dependencies are using the same version");
List<Configuration> allConfigurations = new ArrayList<>(getConfigurations(project));
task.setConfigurations(allConfigurations);
VersionCatalog versionCatalog = project.getExtensions().getByType(VersionCatalogsExtension.class).named("libs");
MinimalExternalModuleDependency oauth2OidcSdk = versionCatalog.findLibrary("com-nimbusds-oauth2-oidc-sdk").get().get();
MinimalExternalModuleDependency nimbusJoseJwt = versionCatalog.findLibrary("com-nimbusds-nimbus-jose-jwt").get().get();
task.setOauth2OidcSdkVersion(oauth2OidcSdk.getVersionConstraint().getDisplayName());
task.setExpectedNimbusJoseJwtVersion(nimbusJoseJwt.getVersionConstraint().getDisplayName());
});
project.getTasks().named(JavaBasePlugin.CHECK_TASK_NAME, checkTask -> checkTask.dependsOn(verifyDependenciesVersionsTaskProvider));
}
private List<Configuration> getConfigurations(Project rootProject) {
List<Configuration> configurations = new ArrayList<>();
for (Project project : rootProject.getAllprojects()) {
List<Configuration> runtimeClasspath = project.getConfigurations().stream()
.filter(Configuration::isCanBeResolved)
.filter((config) -> config.getName().equals("runtimeClasspath"))
.collect(Collectors.toList());
configurations.addAll(runtimeClasspath);
}
return configurations;
}
public static class VerifyDependenciesVersionsTask extends DefaultTask {
private List<Configuration> configurations;
private String oauth2OidcSdkVersion;
private String expectedNimbusJoseJwtVersion;
public void setOauth2OidcSdkVersion(String oauth2OidcSdkVersion) {
this.oauth2OidcSdkVersion = oauth2OidcSdkVersion;
}
public void setConfigurations(List<Configuration> configurations) {
this.configurations = configurations;
public void setExpectedNimbusJoseJwtVersion(String expectedNimbusJoseJwtVersion) {
this.expectedNimbusJoseJwtVersion = expectedNimbusJoseJwtVersion;
}
@TaskAction
public void verify() {
Map<String, List<Artifact>> artifacts = getDependencies(this.configurations);
List<Artifact> oauth2OidcSdk = artifacts.get("oauth2-oidc-sdk");
List<Artifact> nimbusJoseJwt = artifacts.get("nimbus-jose-jwt");
if (oauth2OidcSdk == null) {
// Could not resolve oauth2-oidc-sdk
return;
}
if (oauth2OidcSdk.size() > 1) {
throw new IllegalStateException("Found multiple versions of oauth2-oidc-sdk: " + oauth2OidcSdk);
}
Artifact oauth2OidcSdkArtifact = oauth2OidcSdk.get(0);
String nimbusJoseJwtVersion = TransitiveDependencyLookupUtils.lookupJwtVersion(oauth2OidcSdkArtifact.version());
List<Artifact> differentVersions = nimbusJoseJwt.stream()
.filter((artifact) -> !artifact.version().equals(nimbusJoseJwtVersion))
.filter((artifact -> !artifact.configurationName().contains("spring-security-cas"))) // CAS uses a different version
.collect(Collectors.toList());
if (!differentVersions.isEmpty()) {
String message = "Found transitive nimbus-jose-jwt version [" + nimbusJoseJwtVersion + "] in oauth2-oidc-sdk " + oauth2OidcSdkArtifact
+ ", but the project contains a different version of nimbus-jose-jwt " + differentVersions
+ ". Please align the versions of nimbus-jose-jwt.";
String transitiveNimbusJoseJwtVersion = TransitiveDependencyLookupUtils.lookupJwtVersion(this.oauth2OidcSdkVersion);
if (!transitiveNimbusJoseJwtVersion.equals(this.expectedNimbusJoseJwtVersion)) {
String message = String.format("Found transitive nimbus-jose-jwt:%s in oauth2-oidc-sdk:%s, but the project contains a different version of nimbus-jose-jwt [%s]. Please align the versions.", transitiveNimbusJoseJwtVersion, this.oauth2OidcSdkVersion, this.expectedNimbusJoseJwtVersion);
throw new IllegalStateException(message);
}
}
private Map<String, List<Artifact>> getDependencies(List<Configuration> configurations) {
return configurations.stream()
.flatMap((configuration) -> {
return configuration.getIncoming().getResolutionResult().getAllDependencies().stream()
.map((dep) -> {
String[] nameParts = dep.getRequested().getDisplayName().split(":");
if (nameParts.length > 2) {
return new Artifact(nameParts[1], nameParts[2], configuration.toString());
}
return null;
});
})
.filter(Objects::nonNull)
.distinct()
.collect(Collectors.groupingBy(Artifact::name));
}
}
private static class Artifact {
private final String name;
private final String version;
private final String configurationName;
private Artifact(String name, String version, String configurationName) {
this.name = name;
this.version = version;
this.configurationName = configurationName;
}
public String name() {
return this.name;
}
public String version() {
return this.version;
}
public String configurationName() {
return this.configurationName;
}
}
}

Write Preview
Loading…
Cancel
Save