From 1250fab481b7fc1ded85e9a2d3cc156e865c5985 Mon Sep 17 00:00:00 2001
From: Joseph Wofford <jwofford@legalzoom.com>
Date: Tue, 7 Sep 2021 08:27:24 -0700
Subject: [PATCH] Upgrade dependencies and fix deprecations and warnings.

---
 pom.xml                                       | 90 +++----------------
 .../oauth2/config/WebAppSecurityConfig.java   | 40 ++++-----
 .../filter/CamundaAuthenticationFilter.java   | 31 -------
 .../filter/WebAppAuthenticationProvider.java  | 13 +--
 4 files changed, 36 insertions(+), 138 deletions(-)
 delete mode 100644 src/main/java/com/camunda/example/oauth2/filter/CamundaAuthenticationFilter.java

diff --git a/pom.xml b/pom.xml
index 34e20d8..1e0d749 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,28 +10,14 @@
     <version>1.0.0-SNAPSHOT</version>
 
     <properties>
-        <!-- ================ CAMUNDA VERSIONS ================ -->
-
-        <!-- Community Edition -->
-        <camunda.version>7.13.0</camunda.version>
-        <!-- Enterprise Edition -->
-<!--        <camunda.version>7.13.0-ee</camunda.version>-->
-
-        <camunda.spring-boot.version>7.13.0</camunda.spring-boot.version>
-
-        <!-- ============== SPRING BOOT VERSIONS ============== -->
-
-        <!-- 7.12 and above -->
-        <spring-boot.version>2.2.6.RELEASE</spring-boot.version>
-
+        <camunda.version>7.15.0</camunda.version>
+        <spring-boot.version>2.5.4</spring-boot.version>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
         <version.java>1.8</version.java>
-
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <failOnMissingWebXml>false</failOnMissingWebXml>
-        <azure.version>2.2.4</azure.version>
-
+        <azure.version>3.8.0</azure.version>
     </properties>
 
     <dependencyManagement>
@@ -51,7 +37,7 @@
                 <type>pom</type>
             </dependency>
             <dependency>
-                <groupId>com.microsoft.azure</groupId>
+                <groupId>com.azure.spring</groupId>
                 <artifactId>azure-spring-boot-bom</artifactId>
                 <version>${azure.version}</version>
                 <type>pom</type>
@@ -61,75 +47,26 @@
     </dependencyManagement>
 
     <dependencies>
-
-        <!-- ================ CAMUNDA ================ -->
-
-        <!-- Community Edition -->
-            <dependency>
-              <groupId>org.camunda.bpm.springboot</groupId>
-              <artifactId>camunda-bpm-spring-boot-starter-webapp</artifactId>
-              <version>${camunda.spring-boot.version}</version>
-            </dependency>
-
-        <!-- Enterprise Edition -->
-<!--        <dependency>-->
-<!--            <groupId>org.camunda.bpm.springboot</groupId>-->
-<!--            <artifactId>camunda-bpm-spring-boot-starter-webapp-ee</artifactId>-->
-<!--            <version>${camunda.spring-boot.version}-ee</version>-->
-<!--        </dependency>-->
-
-        <!-- ================ general - data ================ -->
-
-<!--        <dependency>-->
-<!--            <groupId>com.h2database</groupId>-->
-<!--            <artifactId>h2</artifactId>-->
-<!--        </dependency>-->
         <dependency>
-            <groupId>com.sun.xml.bind</groupId>
-            <artifactId>jaxb-impl</artifactId>
-            <version>2.2.3</version>
+            <groupId>org.camunda.bpm.springboot</groupId>
+            <artifactId>camunda-bpm-spring-boot-starter-webapp</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.postgresql</groupId>
-            <artifactId>postgresql</artifactId>
-            <version>42.2.12</version>
+            <groupId>org.glassfish.jaxb</groupId>
+            <artifactId>jaxb-runtime</artifactId>
         </dependency>
-
-        <!-- ================ spring boot ================ -->
-
         <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
-            <version>${spring-boot.version}</version>
+            <groupId>org.postgresql</groupId>
+            <artifactId>postgresql</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-data-jpa</artifactId>
-        </dependency>
-
-        <!-- ================ spring security ================ -->
-
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-oauth2-client</artifactId>
+            <artifactId>spring-boot-starter-oauth2-client</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-oauth2-jose</artifactId>
+            <groupId>com.azure.spring</groupId>
+            <artifactId>azure-spring-boot-starter-active-directory</artifactId>
         </dependency>
-
-        <!-- ================ microsoft azure ================ -->
-
-        <dependency>
-            <groupId>com.microsoft.azure</groupId>
-            <artifactId>azure-active-directory-spring-boot-starter</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>com.microsoft.azure</groupId>
-            <artifactId>azure-spring-boot</artifactId>
-            <version>${azure.version}</version>
-        </dependency>
-
     </dependencies>
 
     <build>
@@ -151,5 +88,4 @@
             </plugin>
         </plugins>
     </build>
-
 </project>
diff --git a/src/main/java/com/camunda/example/oauth2/config/WebAppSecurityConfig.java b/src/main/java/com/camunda/example/oauth2/config/WebAppSecurityConfig.java
index 2c0663e..d80e751 100644
--- a/src/main/java/com/camunda/example/oauth2/config/WebAppSecurityConfig.java
+++ b/src/main/java/com/camunda/example/oauth2/config/WebAppSecurityConfig.java
@@ -1,57 +1,47 @@
 package com.camunda.example.oauth2.config;
 
-import com.camunda.example.oauth2.filter.CamundaAuthenticationFilter;
+import com.azure.spring.aad.webapp.AADWebSecurityConfigurerAdapter;
 import com.camunda.example.oauth2.filter.WebAppAuthenticationProvider;
+import org.camunda.bpm.webapp.impl.security.auth.ContainerBasedAuthenticationFilter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.security.SecurityProperties;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
-import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
-import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 
-import java.util.Collections;
+import static java.util.Collections.singletonMap;
+import static org.camunda.bpm.engine.rest.security.auth.ProcessEngineAuthenticationFilter.AUTHENTICATION_PROVIDER_PARAM;
+import static org.springframework.boot.autoconfigure.security.SecurityProperties.BASIC_AUTH_ORDER;
 
 @Configuration
 @EnableWebSecurity(debug = true)
-@Order(SecurityProperties.BASIC_AUTH_ORDER - 15)
-public class WebAppSecurityConfig extends WebSecurityConfigurerAdapter {
+@Order(BASIC_AUTH_ORDER - 15)
+public class WebAppSecurityConfig extends AADWebSecurityConfigurerAdapter {
 
     private final Logger logger = LoggerFactory.getLogger(WebAppSecurityConfig.class.getName());
 
-    @Autowired
-    private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;
-
     @Override
     protected void configure(HttpSecurity http) throws Exception {
 
+        super.configure(http);
+        http.csrf().disable();
         http.authorizeRequests().antMatchers("/app/admin/**", "/app/cockpit/**", "/app/tasklist/**").authenticated()
                 .and()
-                .authorizeRequests().antMatchers("/**").permitAll()
-                .and()
-                .oauth2Login()
-                .userInfoEndpoint()
-                .oidcUserService(oidcUserService);
+                .authorizeRequests().antMatchers("/**").permitAll();
 
-        http.csrf().disable();
     }
 
     @Bean
-    @Order(SecurityProperties.BASIC_AUTH_ORDER - 15)
-    public FilterRegistrationBean<CamundaAuthenticationFilter> containerBasedAuthenticationFilter() {
+    @Order(BASIC_AUTH_ORDER - 15)
+    public FilterRegistrationBean<ContainerBasedAuthenticationFilter> containerBasedAuthenticationFilter() {
 
         logger.info("++++++++ WebAppSecurityConfig.containerBasedAuthenticationFilter()....");
-        FilterRegistrationBean<CamundaAuthenticationFilter> filterRegistration
-                = new FilterRegistrationBean<>();
-        filterRegistration.setFilter(new CamundaAuthenticationFilter());
-        filterRegistration.setInitParameters(Collections.singletonMap("authentication-provider", WebAppAuthenticationProvider.class.getName()));
+        FilterRegistrationBean<ContainerBasedAuthenticationFilter> filterRegistration = new FilterRegistrationBean<>();
+        filterRegistration.setFilter(new ContainerBasedAuthenticationFilter());
+        filterRegistration.setInitParameters(singletonMap(AUTHENTICATION_PROVIDER_PARAM, WebAppAuthenticationProvider.class.getName()));
         filterRegistration.setOrder(101); // make sure the filter is registered after the Spring Security Filter Chain
         filterRegistration.addUrlPatterns("/*");
         return filterRegistration;
diff --git a/src/main/java/com/camunda/example/oauth2/filter/CamundaAuthenticationFilter.java b/src/main/java/com/camunda/example/oauth2/filter/CamundaAuthenticationFilter.java
deleted file mode 100644
index 1f25026..0000000
--- a/src/main/java/com/camunda/example/oauth2/filter/CamundaAuthenticationFilter.java
+++ /dev/null
@@ -1,31 +0,0 @@
-package com.camunda.example.oauth2.filter;
-
-import org.camunda.bpm.webapp.impl.security.auth.ContainerBasedAuthenticationFilter;
-import org.camunda.bpm.webapp.impl.util.ServletContextUtil;
-
-import javax.servlet.ServletContext;
-import javax.servlet.http.HttpServletRequest;
-
-public class CamundaAuthenticationFilter extends ContainerBasedAuthenticationFilter {
-
-    @Override
-    protected String getRequestUri(HttpServletRequest request) {
-        String requestURI = request.getRequestURI();
-        String contextPath = request.getContextPath();
-
-        int contextPathLength = contextPath.length();
-        if (contextPathLength > 0) {
-            requestURI = requestURI.substring(contextPathLength);
-        }
-
-        ServletContext servletContext = request.getServletContext();
-        String applicationPath = ServletContextUtil.getAppPath(servletContext);
-        int applicationPathLength = applicationPath.length();
-
-        if (applicationPathLength > 0 && applicationPathLength < requestURI.length()) {
-            requestURI = requestURI.substring(applicationPathLength);
-        }
-
-        return requestURI;
-    }
-}
diff --git a/src/main/java/com/camunda/example/oauth2/filter/WebAppAuthenticationProvider.java b/src/main/java/com/camunda/example/oauth2/filter/WebAppAuthenticationProvider.java
index fad2afb..14f1721 100644
--- a/src/main/java/com/camunda/example/oauth2/filter/WebAppAuthenticationProvider.java
+++ b/src/main/java/com/camunda/example/oauth2/filter/WebAppAuthenticationProvider.java
@@ -12,6 +12,9 @@
 import java.util.List;
 import java.util.stream.Collectors;
 
+import static org.camunda.bpm.engine.rest.security.auth.AuthenticationResult.successful;
+import static org.camunda.bpm.engine.rest.security.auth.AuthenticationResult.unsuccessful;
+
 public class WebAppAuthenticationProvider extends ContainerBasedAuthenticationProvider {
 
     private final Logger logger = LoggerFactory.getLogger(WebAppAuthenticationProvider.class.getName());
@@ -25,17 +28,17 @@ public AuthenticationResult extractAuthenticatedUser(HttpServletRequest request,
 
         if (authentication == null) {
             logger.debug("++ authentication == null...return unsuccessful.");
-            return AuthenticationResult.unsuccessful();
+            return unsuccessful();
         }
 
         logger.debug("++ authentication IS NOT NULL");
         String name = authentication.getName();
         if (name == null || name.isEmpty()) {
-            return AuthenticationResult.unsuccessful();
+            return unsuccessful();
         }
 
         logger.debug("++ name = " + name);
-        AuthenticationResult authenticationResult = new AuthenticationResult(name, true);
+        AuthenticationResult authenticationResult = successful(name);
         authenticationResult.setGroups(getUserGroups(authentication));
 
         return authenticationResult;
@@ -51,10 +54,10 @@ private List<String> getUserGroups(Authentication authentication) {
                 .map(res -> res.substring(5)) // Strip "ROLE_"
                 .collect(Collectors.toList());
 
-        logger.debug("++ groupIds = " + groupIds.toString());
+        logger.debug("++ groupIds = " + groupIds);
 
         return groupIds;
 
     }
 
-}
\ No newline at end of file
+}