Merge pull request #209 from wultra/develop

Merge develop to master

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+ - package-ecosystem: "maven"
+ directory: "/"
+ schedule:
+ interval: "weekly"

.github/workflows/codeql-analysis.yml

@@ -1,76 +1,22 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: "CodeQL"
 
 on:
+ workflow_dispatch:
  push:
- branches: [ develop, master]
+ branches: [ 'develop', 'master', 'releases/**' ]
  pull_request:
  # The branches below must be a subset of the branches above
- branches: [ develop ]
+ branches: [ 'develop', 'master', 'releases/**' ]
  schedule:
  - cron: '0 2 * * 4'
 
 jobs:
- analyze:
- name: Analyze
- runs-on: ubuntu-latest
- permissions:
- actions: read
- contents: read
- security-events: write
-
- strategy:
- fail-fast: false
- matrix:
- language: [ 'java' ]
- # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
- # Use only 'java' to analyze code written in Java, Kotlin or both
- # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
- # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
- steps:
- - name: Checkout repository
- uses: actions/checkout@v3
-
- # Initializes the CodeQL tools for scanning.
- - name: Initialize CodeQL
- uses: github/codeql-action/init@v2
- with:
- languages: ${{ matrix.language }}
- # If you wish to specify custom queries, you can do so here or in a config file.
- # By default, queries listed here will override any specified in a config file.
- # Prefix the list here with "+" to use these queries and those in the config file.
-
- # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
- # queries: security-extended,security-and-quality
-
-
- # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
- # If this step fails, then you should remove it and run the build manually (see below)
- - name: Autobuild
- uses: github/codeql-action/autobuild@v2
-
- # ℹ️ Command-line programs to run using the OS shell.
- # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-
- # If the Autobuild fails above, remove it and uncomment the following three lines.
- # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
-
- # - run: |
- # echo "Run, Build Application using script"
- # ./location_of_script_within_repo/buildscript.sh
-
- - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v2
- with:
- category: "/language:${{matrix.language}}"
+ codeql-analysis:
+ uses: wultra/wultra-infrastructure/.github/workflows/codeql-analysis.yml@develop
+ secrets: inherit
+ with:
+ languages: "['java']"
+ # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+ # Use only 'java' to analyze code written in Java, Kotlin or both
+ # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+ # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

.github/workflows/coverity-scan.yml

@@ -3,7 +3,7 @@ name: Run Coverity scan and upload results
 on:
  workflow_dispatch:
  schedule:
- - cron:  '0 10 1 * *' # monthly
+ - cron: '0 10 1 * *' # monthly
 
 
 jobs:

README.md

@@ -126,11 +126,21 @@ The following options are available for the builder:
  - `username` - proxy username
  - `password` - proxy password
 - `connectionTimeout` - connection timeout in milliseconds (default: 5000 ms)
+- `responseTimeout` - Maximum duration allowed between each network-level read operations. (default: no timeout)
+- `maxIdleTime` - ConnectionProvider max idle time. (default: no max idle time)
+- `maxLifeTime` - ConnectionProvider max life time. (default: no max life time)
+- `keepAliveEnabled` - Keep-Alive probe feature flag (default: false)
+- `keepAliveIdle` - Keep-Alive idle time
+- `keepAliveInterval` - Keep-Alive retransmission interval time
+- `keepAliveCount` - Keep-Alive retransmission limit
 - `acceptInvalidSslCertificate` - whether invalid SSL certificate is accepted (default: false)
 - `maxInMemorySize` - maximum in memory request size (default: 1048576 bytes)
 - `httpBasicAuth` - HTTP basic authentication (default: disabled)
  - `username` - username for HTTP basic authentication
  - `password` - password for HTTP basic authentication
+- `httpDigestAuth` - HTTP digest authentication (default: disabled)
+ - `username` - username for HTTP digest authentication
+ - `password` - password for HTTP digest authentication
 - `certificateAuth` - certificate authentication (default: disabled)
  - `useCustomKeyStore` - whether custom keystore should be used for certificate authentication (default: false)
  - `keyStoreLocation` - resource location of keystore (e.g. `file:/path_to_keystore`)
@@ -142,9 +152,15 @@ The following options are available for the builder:
  - `trustStoreLocation` - resource location of truststore (e.g. `file:/path_to_truststore`)
  - `trustStorePassword` - truststore password
  - `trustStoreBytes` - byte data with truststore (alternative configuration way to `trustStoreLocation`)
-- `objectMapper` - custom object mapper for JSON serialization
+- `modules` - jackson modules 
+- `jacksonProperties` - jackson properties for custom object mapper
+ - `serialization` - Jackson on/off features that affect the way Java objects are serialized.
+ - `deserialization` - Jackson on/off features that affect the way Java objects are deserialized, e.g. `FAIL_ON_UNKNOWN_PROPERTIES=true`
 - `filter` - custom `ExchangeFilterFunction` for applying a filter during communication
 - `defaultHttpHeaders` - custom `HttpHeaders` to be added to all requests as default HTTP headers
+- `followRedirectEnabled` - whether HTTP redirect responses are followed by the client (default: false)
+- `simpleLoggingEnabled` - whether simple one-line logging of HTTP method, URL and response status code is enabled (default: false)
+- `logErrorResponsesAsWarnings` - whether responses with error status codes are logged on WARN level in simple logging (default: true)
 
 ### Calling HTTP Methods Using REST Client
 
@@ -159,17 +175,16 @@ Once the rest client is initialized, you can use the following methods. Each met
 - `put` - a blocking PUT call with a generic request / response
 - `putNonBlocking` - a non-blocking PUT call with a generic request / response with `onSuccess` and `onError` consumers
 - `putObject` - a blocking PUT call with `ObjectRequest` / `ObjectResponse`
+- `delete` - a blocking DELETE call with a generic response
+- `deleteNonBlocking` - a non-blocking DELETE call with a generic response with `onSuccess` and `onError` consumers
+- `deleteObject` - a blocking DELETE call with `ObjectResponse`
 - `patch` - a blocking PATCH call with a generic request / response
 - `patchNonBlocking` - a non-blocking PATCH call with a generic request / response with `onSuccess` and `onError` consumers
 - `patchObject` - a blocking PATCH call with `ObjectRequest` / `ObjectResponse`
 - `head` - a blocking HEAD call with a generic request
 - `headNonBlocking` - a non-blocking HEAD call with a generic request with `onSuccess` and `onError` consumers
 - `headObject` - a blocking HEAD call with `ObjectRequest`
 
-- `delete` - a blocking DELETE call with a generic response
-- `deleteNonBlocking` - a non-blocking DELETE call with a generic response with `onSuccess` and `onError` consumers
-- `deleteObject` - a blocking DELETE call with `ObjectResponse`
-
 The `path` parameter specified in requests can be either:
 
 - a partial request path, in this case the `baseUrl` parameter must be configured during initialization
@@ -210,9 +225,30 @@ In case any HTTP error occurs during a blocking HTTP request execution, a `RestC
 
 Non-blocking methods provide an `onError` consumer for custom error handling.
 
-### Logging
+### Simple One-Line Logging
+
+You can enable simple one-line logging using `RestClientConfiguration`:
+
+```java
+config.setSimpleLoggingEnabled(true);
+```
+
+The log messages use `INFO` and `WARN` levels based on the status code:
+
+```
+2023-01-31 12:09:14.014 INFO 64851 --- [ctor-http-nio-2] c.w.c.r.client.base.DefaultRestClient : RestClient GET https://localhost:49728/api/test/response: 200 OK
+2023-01-31 12:09:15.367 WARN 64851 --- [ctor-http-nio-4] c.w.c.r.client.base.DefaultRestClient : RestClient POST https://localhost:49728/api/test/error-response: 400 BAD_REQUEST
+```
+
+You can disable logging on `WARN` level, in this case log messages always use the `INFO` level:
+
+```java
+config.setLogErrorResponsesAsWarnings(false);
+```
+
+### Detailed Logging
 
-To enable request / response logging, set level of `com.wultra.core.rest.client.base.DefaultRestClient` to `TRACE`.
+To enable detailed request / response logging, set level of `com.wultra.core.rest.client.base.DefaultRestClient` to `TRACE`.
 
 #### Request Example
 
@@ -284,6 +320,9 @@ The following properties can be configured in case the default configuration nee
 - `audit.db.table.param.enabled` - flag if logging params to parameters database is enabled (default: `false`)
 - `audit.db.batch.size` - database batch size (default: `1000`) 
 
+You can configure database schema used by the auditing library using regular Spring JPA/Hibernate property in your application:
+- `spring.jpa.properties.hibernate.default_schema` - database database schema (default: none)
+
 ### Audit Levels
 
 Following audit levels are available:
@@ -361,3 +400,27 @@ Auditing with parameters and type of audit message:
  param.put("operation_id", operationId);
  audit.info("an access message", AuditDetail.builder().type("ACCESS").params(param).build());
 ```
+
+
+## Wultra HTTP Common
+
+The `http-common` project provides common functionality for HTTP stack.
+
+
+### Features
+
+
+#### RequestContextConverter
+
+`RequestContextConverter` converts `HttpServletRequest` to a Wultra specific class `RequestContext`.
+This context object contains _user agent_ and best-effort guess of the _client IP address_.
+
+
+## Wultra Annotations
+
+The `annotations` project provides common annotations.
+
+Right now, these annotations are available:
+
+- `PublicApi` - Marker for interfaces intended **to be called by extension**.
+- `PublicSpi` - Marker for interfaces intended **to be implemented by extensions** and called by core.

annotations/pom.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>io.getlime.core</groupId>
+ <artifactId>lime-java-core-parent</artifactId>
+ <version>1.7.0</version>
+ </parent>
+
+ <artifactId>annotations</artifactId>
+ <description>Common annotations</description>
+
+</project>

annotations/src/main/java/com/wultra/core/annotations/PublicApi.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright 2023 Wultra s.r.o.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.wultra.core.annotations;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Target;
+
+/**
+ * Marker for interfaces intended to be called by extension. Implementation may not be exposed by the core functionality.
+ * <p>
+ * New methods can be added.
+ * Those API clients that used to call the previously existing methods, should not need to care about the new ones.
+ *
+ * @author Lubos Racansky, [email protected]
+ */
+@Target({ElementType.CONSTRUCTOR, ElementType.METHOD, ElementType.TYPE, ElementType.FIELD})
+@Documented
+public @interface PublicApi {
+}

annotations/src/main/java/com/wultra/core/annotations/PublicSpi.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright 2023 Wultra s.r.o.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.wultra.core.annotations;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Target;
+
+/**
+ * Marker for interfaces intended to be implemented by extensions. These interfaces are called by core functionality.
+ * <p>
+ * Slight compatible modifications of the contract are allowed.
+ * Do not add new methods to interfaces or abstract classes implemented by some providers.
+ *
+ * @author Lubos Racansky, [email protected]
+ */
+@Target({ElementType.CONSTRUCTOR, ElementType.METHOD, ElementType.TYPE, ElementType.FIELD})
+@Documented
+public @interface PublicSpi {
+}

audit-base/pom.xml

@@ -6,7 +6,7 @@
  <parent>
  <groupId>io.getlime.core</groupId>
  <artifactId>lime-java-core-parent</artifactId>
- <version>1.6.0</version>
+ <version>1.7.0</version>
  </parent>
 
  <artifactId>audit-base</artifactId>
@@ -28,9 +28,8 @@
  <artifactId>jackson-datatype-jsr310</artifactId>
  </dependency>
  <dependency>
- <groupId>org.projectlombok</groupId>
- <artifactId>lombok</artifactId>
- <scope>provided</scope>
+ <groupId>jakarta.annotation</groupId>
+ <artifactId>jakarta.annotation-api</artifactId>
  </dependency>
  <dependency>
  <groupId>org.springframework.boot</groupId>
@@ -40,7 +39,6 @@
  <dependency>
  <groupId>com.h2database</groupId>
  <artifactId>h2</artifactId>
- <version>${h2.version}</version>
  <scope>test</scope>
  </dependency>
  </dependencies>
@@ -62,7 +60,7 @@
  </plugin>
  <plugin>
  <artifactId>maven-surefire-plugin</artifactId>
- <version>2.22.2</version>
+ <version>3.1.2</version>
  </plugin>
  </plugins>
  </build>