Merge pull request #451 from /issues/450-restrict-javax-import

Fix #450: Restrict import of javax.annotation
wultra · Sep 25, 2023 · 214c6f3 · 214c6f3
2 parents 1b88af2 + cbf8ea9
commit 214c6f3
Show file tree

Hide file tree

Showing 8 changed files with 49 additions and 17 deletions.
diff --git a/pom.xml b/pom.xml
@@ -78,8 +78,9 @@
         <java.version>17</java.version>
         <maven.compiler.source>${java.version}</maven.compiler.source>
         <maven.compiler.target>${java.version}</maven.compiler.target>
-        <maven-jar-plugin.version>3.3.0</maven-jar-plugin.version>
         <maven-deploy-plugin.version>3.1.1</maven-deploy-plugin.version>
+        <maven-enforcer-plugin.version>3.4.1</maven-enforcer-plugin.version>
+        <maven-jar-plugin.version>3.3.0</maven-jar-plugin.version>
         <maven-javadoc-plugin.version>3.6.0</maven-javadoc-plugin.version>
         <maven-source-plugin.version>3.3.0</maven-source-plugin.version>
         <maven-war-plugin.version>3.4.0</maven-war-plugin.version>
@@ -190,6 +191,36 @@
                 <artifactId>maven-deploy-plugin</artifactId>
                 <version>${maven-deploy-plugin.version}</version>
             </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-enforcer-plugin</artifactId>
+                <version>${maven-enforcer-plugin.version}</version>
+                <dependencies>
+                    <dependency>
+                        <groupId>de.skuzzle.enforcer</groupId>
+                        <artifactId>restrict-imports-enforcer-rule</artifactId>
+                        <version>2.4.0</version>
+                    </dependency>
+                </dependencies>
+                <executions>
+                    <execution>
+                        <id>enforce-banned-java-imports</id>
+                        <goals>
+                            <goal>enforce</goal>
+                        </goals>
+                        <configuration>
+                            <rules>
+                                <RestrictImports>
+                                    <!--  https://github.com/google/guava/issues/2960  -->
+                                    <reason>Guava depends on jsr305 but we prefer jakarta in our code</reason>
+                                    <bannedImport>javax.annotation.**</bannedImport>
+                                </RestrictImports>
+                            </rules>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
     </build>
 

diff --git a/...getlime/security/powerauth/rest/api/spring/filter/ResettableStreamHttpServletRequest.java b/...getlime/security/powerauth/rest/api/spring/filter/ResettableStreamHttpServletRequest.java
@@ -20,12 +20,12 @@
 package io.getlime.security.powerauth.rest.api.spring.filter;
 
 import com.google.common.io.ByteStreams;
-
-import javax.annotation.Nonnull;
+import jakarta.annotation.Nonnull;
 import jakarta.servlet.ReadListener;
 import jakarta.servlet.ServletInputStream;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletRequestWrapper;
+
 import java.io.*;
 import java.util.Arrays;
 

diff --git a/...io/getlime/security/powerauth/rest/api/spring/provider/MinimalClaimsUserInfoProvider.java b/...io/getlime/security/powerauth/rest/api/spring/provider/MinimalClaimsUserInfoProvider.java
@@ -21,8 +21,8 @@
 
 import com.wultra.core.annotations.PublicSpi;
 import io.getlime.security.powerauth.rest.api.spring.model.UserInfoContext;
+import jakarta.annotation.Nonnull;
 
-import javax.annotation.Nonnull;
 import java.time.Instant;
 import java.util.Collections;
 import java.util.LinkedHashMap;

diff --git a/.../getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java b/.../getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.java
@@ -50,15 +50,15 @@
 import io.getlime.security.powerauth.rest.api.spring.model.ActivationStatus;
 import io.getlime.security.powerauth.rest.api.spring.model.AuthenticationContext;
 import io.getlime.security.powerauth.rest.api.spring.service.HttpCustomizationService;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.stereotype.Component;
 
-import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
 import java.util.Base64;
 import java.util.List;
 

diff --git a/...lime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java b/...lime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProviderBase.java
@@ -26,12 +26,12 @@
 import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthRequestFilterException;
 import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestBody;
 import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
+import jakarta.servlet.http.HttpServletRequest;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
-import jakarta.servlet.http.HttpServletRequest;
 import java.util.ArrayList;
 import java.util.List;
 

diff --git a/...a/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java b/...a/io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProvider.java
@@ -25,14 +25,13 @@
 import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEncryptorParameters;
 import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException;
 import io.getlime.security.powerauth.rest.api.spring.service.HttpCustomizationService;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
-import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
-
 /**
  * Implementation of PowerAuth encryption provider.
  *

diff --git a/.../getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java b/.../getlime/security/powerauth/rest/api/spring/provider/PowerAuthEncryptionProviderBase.java
@@ -25,7 +25,9 @@
 import com.fasterxml.jackson.databind.type.TypeFactory;
 import io.getlime.security.powerauth.crypto.lib.encryptor.EncryptorFactory;
 import io.getlime.security.powerauth.crypto.lib.encryptor.ServerEncryptor;
-import io.getlime.security.powerauth.crypto.lib.encryptor.model.*;
+import io.getlime.security.powerauth.crypto.lib.encryptor.model.EncryptedRequest;
+import io.getlime.security.powerauth.crypto.lib.encryptor.model.EncryptedResponse;
+import io.getlime.security.powerauth.crypto.lib.encryptor.model.EncryptorParameters;
 import io.getlime.security.powerauth.crypto.lib.encryptor.model.v3.ServerEncryptorSecrets;
 import io.getlime.security.powerauth.http.PowerAuthEncryptionHttpHeader;
 import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
@@ -36,17 +38,17 @@
 import io.getlime.security.powerauth.rest.api.model.response.EciesEncryptedResponse;
 import io.getlime.security.powerauth.rest.api.spring.encryption.EncryptionContext;
 import io.getlime.security.powerauth.rest.api.spring.encryption.EncryptionScope;
-import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEncryptorParameters;
 import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEncryptorData;
+import io.getlime.security.powerauth.rest.api.spring.encryption.PowerAuthEncryptorParameters;
 import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException;
 import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestBody;
 import io.getlime.security.powerauth.rest.api.spring.model.PowerAuthRequestObjects;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
 import jakarta.servlet.http.HttpServletRequest;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
 import java.io.IOException;
 import java.lang.reflect.Type;
 import java.util.Base64;

diff --git a/...rc/main/java/io/getlime/security/powerauth/rest/api/spring/provider/UserInfoProvider.java b/...rc/main/java/io/getlime/security/powerauth/rest/api/spring/provider/UserInfoProvider.java
@@ -22,8 +22,8 @@
 import com.wultra.core.annotations.PublicSpi;
 import io.getlime.security.powerauth.rest.api.model.entity.UserInfoStage;
 import io.getlime.security.powerauth.rest.api.spring.model.UserInfoContext;
+import jakarta.annotation.Nonnull;
 
-import javax.annotation.Nonnull;
 import java.util.Collections;
 import java.util.Map;