Merge branch 'master' into Add-ReversingLAB-scanner

auth0 · Oct 10, 2024 · c8c1fe7 · c8c1fe7
2 parents 10cf912 + f6df9ce
commit c8c1fe7
Show file tree

Hide file tree

Showing 47 changed files with 2,070 additions and 81 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -1 +1 @@
-*	@auth0/dx-sdks-engineer
+*	@auth0/project-dx-sdks-engineer-codeowner
diff --git a/.github/actions/maven-publish/action.yml b/.github/actions/maven-publish/action.yml
@@ -1,20 +1,17 @@
 name: Publish release to Java
 
 inputs:
+  java-version:
+    required: true
   ossr-username:
     required: true
-  ossr-password:
+  ossr-token:
     required: true
   signing-key:
     required: true
   signing-password:
     required: true
-  java-version:
-    required: true
-  is-android:
-    required: true
-  version:
-    required: true
+
 
 runs:
   using: composite
@@ -33,12 +30,11 @@ runs:
 
     - uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # [email protected]
 
-    - name: Publish Java
-      shell: bash
-      if: inputs.is-android == 'false'
-      run: ./gradlew clean assemble sign publishMavenJavaPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
-
-    - name: Publish Android
+    - name: Publish Android/Java Packages to Maven
       shell: bash
-      if: inputs.is-android == 'true'
-      run: ./gradlew clean assemble sign publishAndroidLibraryPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
+      run: ./gradlew publish -PisSnapshot=false --stacktrace
+      env:
+        MAVEN_USERNAME: ${{ inputs.ossr-username }}
+        MAVEN_PASSWORD: ${{ inputs.ossr-token }}
+        SIGNING_KEY: ${{ inputs.signing-key}}
+        SIGNING_PASSWORD: ${{ inputs.signing-password}}
diff --git a/.github/workflows/java-release.yml b/.github/workflows/java-release.yml
@@ -6,13 +6,11 @@ on:
       java-version:
         required: true
         type: string
-      is-android:
-        required: true
-        type: string
+
     secrets:
       ossr-username:
         required: true
-      ossr-password:
+      ossr-token:
         required: true
       signing-key:
         required: true
@@ -70,10 +68,8 @@ jobs:
       - uses: ./.github/actions/maven-publish
         with:
           java-version: ${{ inputs.java-version }}
-          is-android: ${{ inputs.is-android }}
-          version: ${{ steps.get_version.outputs.version }}
           ossr-username: ${{ secrets.ossr-username }}
-          ossr-password: ${{ secrets.ossr-password }}
+          ossr-token: ${{ secrets.ossr-token }}
           signing-key: ${{ secrets.signing-key }}
           signing-password: ${{ secrets.signing-password }}
 

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -18,10 +18,9 @@ jobs:
     uses: ./.github/workflows/java-release.yml
     with:
       java-version: 8.0.382-tem
-      is-android: false
     secrets:
       ossr-username: ${{ secrets.OSSR_USERNAME }}
-      ossr-password: ${{ secrets.OSSR_PASSWORD }}
+      ossr-token: ${{ secrets.OSSR_TOKEN }}
       signing-key: ${{ secrets.SIGNING_KEY }}
       signing-password: ${{ secrets.SIGNING_PASSWORD }}
       github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
@@ -2,7 +2,7 @@ name: Semgrep
 
 on:
   merge_group:
-  pull_request_target:
+  pull_request:
     types:
       - opened
       - synchronize
@@ -20,16 +20,8 @@ concurrency:
   cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
 
 jobs:
-  authorize:
-    name: Authorize
-    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
-    runs-on: ubuntu-latest
-    steps:
-      - run: true
 
   run:
-    needs: authorize # Require approval before running on forked pull requests
-
     name: Check for Vulnerabilities
     runs-on: ubuntu-latest
 

diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
@@ -3,7 +3,7 @@ name: Snyk
 on:
   merge_group:
   workflow_dispatch:
-  pull_request_target:
+  pull_request:
     types:
       - opened
       - synchronize
@@ -21,16 +21,8 @@ concurrency:
   cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
 
 jobs:
-  authorize:
-    name: Authorize
-    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
-    runs-on: ubuntu-latest
-    steps:
-      - run: true
 
   check:
-    needs: authorize
-
     name: Check for Vulnerabilities
     runs-on: ubuntu-latest
 

diff --git a/.version b/.version
@@ -1 +1 @@
-2.12.0
+2.13.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Change Log
 
+## [2.13.0](https://github.com/auth0/auth0-java/tree/2.13.0) (2024-09-11)
+[Full Changelog](https://github.com/auth0/auth0-java/compare/2.12.0...2.13.0)
+
+**Added**
+- Add sessions and refresh tokens to Users Management API [\#661](https://github.com/auth0/auth0-java/pull/661) ([tanya732](https://github.com/tanya732))
+
 ## [2.12.0](https://github.com/auth0/auth0-java/tree/2.12.0) (2024-05-29)
 [Full Changelog](https://github.com/auth0/auth0-java/compare/2.11.0...2.12.0)
 

diff --git a/README.md b/README.md
@@ -34,14 +34,14 @@ Add the dependency via Maven:
 <dependency>
   <groupId>com.auth0</groupId>
   <artifactId>auth0</artifactId>
-  <version>2.12.0</version>
+  <version>2.13.0</version>
 </dependency>
 ```
 
 or Gradle:
 
 ```gradle
-implementation 'com.auth0:auth0:2.12.0'
+implementation 'com.auth0:auth0:2.13.0'
 ```
 
 ### Configure the SDK

diff --git a/build.gradle b/build.gradle
@@ -1,43 +1,30 @@
+buildscript {
+  repositories {
+    jcenter()
+  }
+
+  dependencies {
+    // https://github.com/melix/japicmp-gradle-plugin/issues/36
+    classpath 'com.google.guava:guava:31.1-jre'
+  }
+}
+
+
 plugins {
     id 'java'
     id 'jacoco'
-    id 'com.auth0.gradle.oss-library.java'
+    id 'me.champeau.gradle.japicmp' version '0.2.9'
 }
 
 repositories {
     mavenCentral()
 }
 
-group = 'com.auth0'
-logger.lifecycle("Using version ${version} for ${name} group $group")
-
-def signingKey = findProperty('signingKey')
-def signingKeyPwd = findProperty('signingPassword')
-
-oss {
-    name 'auth0'
-    repository 'auth0-java'
-    organization 'auth0'
-    description 'Java client library for the Auth0 platform.'
-    baselineCompareVersion '2.0.0'
-    testInJavaVersions = [8, 11, 17]
-    skipAssertSigningConfiguration true
-
-    developers {
-        auth0 {
-            displayName = 'Auth0'
-            email = '[email protected]'
-        }
-        lbalmaceda {
-            displayName = 'Luciano Balmaceda'
-            email = '[email protected]'
-        }
-    }
-}
+apply from: rootProject.file('gradle/versioning.gradle')
 
-signing {
-  useInMemoryPgpKeys(signingKey, signingKeyPwd)
-}
+version = getVersionFromFile()
+group = GROUP
+logger.lifecycle("Using version ${version} for ${name} group $group")
 
 jacocoTestReport {
     reports {
@@ -63,6 +50,61 @@ compileTestJava {
     options.compilerArgs << "-Xlint:deprecation" << "-Werror"
 }
 
+import me.champeau.gradle.japicmp.JapicmpTask
+
+project.afterEvaluate {
+
+  def versions = project.ext.testInJavaVersions
+  for (pluginJavaTestVersion in versions) {
+    def taskName = "testInJava-${pluginJavaTestVersion}"
+    tasks.register(taskName, Test) {
+      def versionToUse = taskName.split("-").getAt(1) as Integer
+      description = "Runs unit tests on Java version ${versionToUse}."
+      project.logger.quiet("Test will be running in ${versionToUse}")
+      group = 'verification'
+      javaLauncher.set(javaToolchains.launcherFor {
+        languageVersion = JavaLanguageVersion.of(versionToUse)
+      })
+      shouldRunAfter(tasks.named('test'))
+    }
+    tasks.named('check') {
+      dependsOn(taskName)
+    }
+  }
+
+  project.configure(project) {
+    def baselineVersion = project.ext.baselineCompareVersion
+    task('apiDiff', type: JapicmpTask, dependsOn: 'jar') {
+      oldClasspath = files(getBaselineJar(project, baselineVersion))
+      newClasspath = files(jar.archiveFile)
+      onlyModified = true
+      failOnModification = true
+      ignoreMissingClasses = true
+      htmlOutputFile = file("$buildDir/reports/apiDiff/apiDiff.html")
+      txtOutputFile = file("$buildDir/reports/apiDiff/apiDiff.txt")
+      doLast {
+        project.logger.quiet("Comparing against baseline version ${baselineVersion}")
+      }
+    }
+  }
+}
+
+private static File getBaselineJar(Project project, String baselineVersion) {
+  // Use detached configuration: https://github.com/square/okhttp/blob/master/build.gradle#L270
+  def group = project.group
+  try {
+    def baseline = "${project.group}:${project.name}:$baselineVersion"
+    project.group = 'virtual_group_for_japicmp'
+    def dependency = project.dependencies.create(baseline + "@jar")
+    return project.configurations.detachedConfiguration(dependency).files.find {
+      it.name == "${project.name}-${baselineVersion}.jar"
+    }
+  } finally {
+    project.group = group
+  }
+}
+
+
 test {
     testLogging {
         events "skipped", "failed"
@@ -75,6 +117,9 @@ ext {
     okhttpVersion = '4.11.0'
     hamcrestVersion = '2.2'
     jupiterVersion = '5.9.3'
+
+    baselineCompareVersion = '2.0.0'
+    testInJavaVersions = [8, 11, 17, 21]
 }
 
 dependencies {
@@ -85,7 +130,7 @@ dependencies {
     implementation "com.squareup.okio:okio:3.5.0"
 
     implementation "com.squareup.okhttp3:logging-interceptor:${okhttpVersion}"
-    implementation "com.fasterxml.jackson.core:jackson-databind:2.14.2"
+    implementation "com.fasterxml.jackson.core:jackson-databind:2.15.0"
     implementation "com.auth0:java-jwt:4.4.0"
     implementation "net.jodah:failsafe:2.4.4"
 
@@ -105,3 +150,5 @@ dependencies {
       }
     }
 }
+
+apply from: rootProject.file('gradle/maven-publish.gradle')
diff --git a/gradle.properties b/gradle.properties
@@ -0,0 +1,21 @@
+GROUP=com.auth0
+POM_ARTIFACT_ID=auth0
+VERSION_NAME=2.12.0
+
+POM_NAME=auth0-java
+POM_DESCRIPTION=Java client library for the Auth0 platform
+POM_PACKAGING=jar
+
+POM_URL=https://github.com/auth0/auth0-java
+POM_SCM_URL=https://github.com/auth0/auth0-java
+
+POM_SCM_CONNECTION=scm:git:https://github.com/auth0/auth0-java.git
+POM_SCM_DEV_CONNECTION=scm:git:https://github.com/auth0/auth0-java.git
+
+POM_LICENCE_NAME=The MIT License (MIT)
+POM_LICENCE_URL=https://raw.githubusercontent.com/auth0/auth0-java/master/LICENSE
+POM_LICENCE_DIST=repo
+
+POM_DEVELOPER_ID=auth0
+POM_DEVELOPER_NAME=Auth0
+POM_DEVELOPER_EMAIL[email protected]