Merge pull request #1139 from webauthn4j/dependabot/gradle/springBootVersion-3.0.3

chore(deps): bump springBootVersion from 2.7.9 to 3.0.3

Author: ynojima

.github/workflows/ci.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        java_version: [8]
+        java_version: [17]
         os: [windows-latest]
 
     steps:
@@ -36,7 +36,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        java_version: [8, 11, 17]
+        java_version: [17]
         os: [windows-latest] # , macOS-latest (remove macOS as it is not stable for now) , ubuntu-latest (remove Ubuntu as Chrome 77 doesn't work
 
     steps:
@@ -56,7 +56,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        java_version: [11]
+        java_version: [17]
         os: [windows-latest]
 
     steps:

.github/workflows/pr-gate-ci.yml

@@ -8,7 +8,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        java_version: [8]
+        java_version: [17]
         os: [windows-latest]
 
     steps:
@@ -28,7 +28,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        java_version: [8, 11, 17]
+        java_version: [17]
         os: [windows-latest] # , macOS-latest (remove macOS as it is not stable for now)
 
     steps:
@@ -48,7 +48,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        java_version: [11]
+        java_version: [17]
         os: [windows-latest]
 
     steps:

.github/workflows/release.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        java_version: [8]
+        java_version: [17]
         os: [windows-latest]
 
     steps:

.github/workflows/snapshot-release.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        java_version: [8]
+        java_version: [17]
         os: [windows-latest]
 
     steps:

build.gradle

@@ -17,7 +17,7 @@
 buildscript {
     ext{
         //Plugins
-        springBootVersion = '2.7.9'
+        springBootVersion = '3.0.3'
         sonarqubeVersion = '3.5.0.2730'
         asciidoctorGradleVersion = "3.3.2"
         artifactoryVersion = '4.31.7'
@@ -27,7 +27,7 @@ buildscript {
 
         //Libraries
         webauthn4jVersion = '0.21.0.RELEASE'
-        springSecurityVersion = '5.8.2'
+        springSecurityVersion = '6.0.2'
         hibernateValidatorVersion = '6.2.5.Final'
         thymeleafVersion = '3.0.4.RELEASE'
         modelMapperVersion = '3.1.1'
@@ -45,12 +45,6 @@ buildscript {
         // When stable version is released, and Spring Boot BOM includes it, this need to be removed.
         seleniumVersion = '4.8.1'
 
-        // To make the test pass without errors NoClassDefFoundError in samples/fido-server-conformance-test-app
-        // There is a compatibility issue between the versions of SLF4J/Logback used by webauthn4j and the versions used by Spring Boot 2.7.x
-        // There are breaking change in th SLF4J 2.x branche ("SLF4J API version 2.0.0 relies on the ServiceLoader mechanism to find its logging backend"
-        // and no any more on the StaticLoggerBinder see https://www.slf4j.org/manual.html).
-        // When upgrading to Spring Boot 3.x branche, this constant will have to be removed.
-        logbackSpringBoot27xCompatibilityVersion = '1.2.11'
     }
 
     repositories {
@@ -235,7 +229,7 @@ configure(sampleAppProjects) {
 configure(allJavaProjects) {
     apply plugin: 'org.owasp.dependencycheck'
 
-    sourceCompatibility = 1.8
+    sourceCompatibility = 17
 
     tasks.withType(JavaCompile) {
         options.compilerArgs << "-Xlint:unchecked"

samples/fido-server-conformance-test-app/build.gradle

@@ -40,10 +40,6 @@ dependencies {
     implementation("org.slf4j:jcl-over-slf4j")
     implementation("org.modelmapper:modelmapper")
     implementation('org.flywaydb:flyway-core')
-    //We have to force the use of this dependency
-    runtimeOnly("ch.qos.logback:logback-classic:$logbackSpringBoot27xCompatibilityVersion"){
-        force = true
-    }
     runtimeOnly('com.h2database:h2')
     runtimeOnly('com.mysql:mysql-connector-j')
     runtimeOnly("org.lazyluke:log4jdbc-remix")

samples/fido-server-conformance-test-app/src/main/java/com/webauthn4j/springframework/security/fido/server/endpoint/FidoServerAssertionOptionsEndpointFilter.java

@@ -29,7 +29,7 @@
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.util.Assert;
 
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.UncheckedIOException;

samples/fido-server-conformance-test-app/src/main/java/com/webauthn4j/springframework/security/fido/server/endpoint/FidoServerAssertionResultEndpointFailureHandler.java

@@ -20,8 +20,8 @@
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
 public class FidoServerAssertionResultEndpointFailureHandler implements AuthenticationFailureHandler {

samples/fido-server-conformance-test-app/src/main/java/com/webauthn4j/springframework/security/fido/server/endpoint/FidoServerAssertionResultEndpointFilter.java

@@ -37,8 +37,8 @@
 import org.springframework.security.web.util.matcher.RequestMatcher;
 import org.springframework.util.Assert;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.UncheckedIOException;

samples/fido-server-conformance-test-app/src/main/java/com/webauthn4j/springframework/security/fido/server/endpoint/FidoServerAssertionResultEndpointSuccessHandler.java

@@ -20,8 +20,8 @@
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
 public class FidoServerAssertionResultEndpointSuccessHandler implements AuthenticationSuccessHandler {