Merge remote-tracking branch 'origin/master' into experimental/spring-boot-3-playground

Author: SteKoe

.github/workflows/build-feature.yml

@@ -26,7 +26,7 @@ jobs:
           java-version: '17'
 
       - name: Cache local Maven repository
-        uses: actions/[email protected].10
+        uses: actions/[email protected].11
         env:
           cache-name: cache-mvn
         with:

.github/workflows/build-main.yml

@@ -25,7 +25,7 @@ jobs:
           java-version: '17'
 
       - name: Cache local Maven repository
-        uses: actions/[email protected].10
+        uses: actions/[email protected].11
         env:
           cache-name: cache-mvn
         with:
@@ -71,7 +71,7 @@ jobs:
           java-version: '8'
 
       - name: Cache local Maven repository
-        uses: actions/[email protected].10
+        uses: actions/[email protected].11
         env:
           cache-name: cache-mvn
         with:
@@ -107,7 +107,7 @@ jobs:
         run: echo ${{ steps.project.outputs.version }}
 
       - name: Deploy Asciidoc docs output to GitHub Pages
-        uses: JamesIves/[email protected].0
+        uses: JamesIves/[email protected].1
         with:
           branch: gh-pages # The branch the action should deploy to.
           folder: spring-boot-admin-docs/target/generated-docs # The folder the action should deploy.

.github/workflows/build-pullrequest.yml

@@ -21,7 +21,7 @@ jobs:
           java-version: '17'
 
       - name: Cache local Maven repository
-        uses: actions/[email protected].10
+        uses: actions/[email protected].11
         env:
           cache-name: cache-mvn
         with:

.github/workflows/release-to-maven-central.yml

@@ -28,7 +28,7 @@ jobs:
           gpg-passphrase: MAVEN_GPG_PASSPHRASE
 
       - name: Cache local Maven repository
-        uses: actions/[email protected].10
+        uses: actions/[email protected].11
         env:
           cache-name: cache-mvn
         with:
@@ -62,7 +62,7 @@ jobs:
           MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
 
       - name: Deploy Asciidoc docs output to GitHub Pages
-        uses: JamesIves/[email protected].0
+        uses: JamesIves/[email protected].1
         with:
           branch: gh-pages # The branch the action should deploy to.
           folder: spring-boot-admin-docs/target/generated-docs # The folder the action should deploy.

spring-boot-admin-client/src/main/java/de/codecentric/boot/admin/client/registration/ReactiveApplicationFactory.java

@@ -21,13 +21,19 @@
 import org.springframework.boot.actuate.endpoint.web.PathMappedEndpoints;
 import org.springframework.boot.autoconfigure.web.ServerProperties;
 import org.springframework.boot.autoconfigure.web.reactive.WebFluxProperties;
+import org.springframework.boot.web.server.Ssl;
+import org.springframework.util.StringUtils;
 import org.springframework.web.util.UriComponentsBuilder;
 
 import de.codecentric.boot.admin.client.config.InstanceProperties;
 import de.codecentric.boot.admin.client.registration.metadata.MetadataContributor;
 
 public class ReactiveApplicationFactory extends DefaultApplicationFactory {
 
+	private ManagementServerProperties management;
+
+	private final ServerProperties server;
+
 	private WebFluxProperties webflux;
 
 	private InstanceProperties instance;
@@ -36,6 +42,8 @@ public ReactiveApplicationFactory(InstanceProperties instance, ManagementServerP
 			ServerProperties server, PathMappedEndpoints pathMappedEndpoints, WebEndpointProperties webEndpoint,
 			MetadataContributor metadataContributor, WebFluxProperties webFluxProperties) {
 		super(instance, management, server, pathMappedEndpoints, webEndpoint, metadataContributor);
+		this.management = management;
+		this.server = server;
 		this.webflux = webFluxProperties;
 		this.instance = instance;
 	}
@@ -50,6 +58,27 @@ protected String getServiceUrl() {
 				.toUriString();
 	}
 
+	@Override
+	protected String getManagementBaseUrl() {
+		String baseUrl = this.instance.getManagementBaseUrl();
+
+		if (StringUtils.hasText(baseUrl)) {
+			return baseUrl;
+		}
+
+		if (isManagementPortEqual()) {
+			return this.getServiceUrl();
+		}
+
+		Ssl ssl = (this.management.getSsl() != null) ? this.management.getSsl() : this.server.getSsl();
+		return UriComponentsBuilder.newInstance().scheme(getScheme(ssl)).host(getManagementHost())
+				.port(getLocalManagementPort()).path(getManagementContextPath()).toUriString();
+	}
+
+	protected String getManagementContextPath() {
+		return management.getBasePath();
+	}
+
 	protected String getWebfluxBasePath() {
 		return webflux.getBasePath();
 	}

spring-boot-admin-client/src/test/java/de/codecentric/boot/admin/client/registration/ReactiveApplicationFactoryTest.java

@@ -109,6 +109,19 @@ public void test_noBasePath() {
 		assertThat(app.getServiceUrl()).isEqualTo("http://" + getHostname() + ":80/");
 	}
 
+	@Test
+	public void test_mgmtBasePath_mgmtPortPath() {
+		webflux.setBasePath("/app");
+		management.setBasePath("/mgnt");
+		when(pathMappedEndpoints.getPath(EndpointId.of("health"))).thenReturn("/actuator/health");
+		publishApplicationReadyEvent(factory, 8080, 8081);
+
+		Application app = factory.createApplication();
+		assertThat(app.getManagementUrl()).isEqualTo("http://" + getHostname() + ":8081/mgnt/actuator");
+		assertThat(app.getHealthUrl()).isEqualTo("http://" + getHostname() + ":8081/mgnt/actuator/health");
+		assertThat(app.getServiceUrl()).isEqualTo("http://" + getHostname() + ":8080/app");
+	}
+
 	private String getHostname() {
 		try {
 			return InetAddress.getLocalHost().getCanonicalHostName();

spring-boot-admin-samples/spring-boot-admin-sample-servlet/src/main/java/de/codecentric/boot/admin/CustomCsrfFilter.java

@@ -0,0 +1,56 @@
+/*
+ * Copyright 2014-2018 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package de.codecentric.boot.admin;
+
+import java.io.IOException;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+import org.springframework.security.web.csrf.CsrfToken;
+import org.springframework.web.filter.OncePerRequestFilter;
+import org.springframework.web.util.WebUtils;
+
+public class CustomCsrfFilter extends OncePerRequestFilter {
+
+	public static final String CSRF_COOKIE_NAME = "XSRF-TOKEN";
+
+	@Override
+	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+			throws ServletException, IOException {
+
+		CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
+
+		if (csrf != null) {
+
+			Cookie cookie = WebUtils.getCookie(request, CSRF_COOKIE_NAME);
+			String token = csrf.getToken();
+
+			if (cookie == null || token != null && !token.equals(cookie.getValue())) {
+				cookie = new Cookie(CSRF_COOKIE_NAME, token);
+				cookie.setPath("/");
+				response.addCookie(cookie);
+			}
+		}
+
+		filterChain.doFilter(request, response);
+	}
+
+}

spring-boot-admin-samples/spring-boot-admin-sample-servlet/src/main/java/de/codecentric/boot/admin/SecuritySecureConfig.java

@@ -33,7 +33,9 @@
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
@@ -72,14 +74,18 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 				.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
 						.successHandler(successHandler)) // <3>
 				.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))
-				.httpBasic(Customizer.withDefaults()) // <4>
-				.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) // <5>
-						.ignoringRequestMatchers(
+				.httpBasic(Customizer.withDefaults()); // <4>
+
+		http.addFilterAfter(new CustomCsrfFilter(), BasicAuthenticationFilter.class) // <5>
+				.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+						.csrfTokenRequestHandler(new CsrfTokenRequestAttributeHandler()).ignoringRequestMatchers(
 								new AntPathRequestMatcher(this.adminServer.path("/instances"), POST.toString()), // <6>
 								new AntPathRequestMatcher(this.adminServer.path("/instances/*"), DELETE.toString()), // <6>
 								new AntPathRequestMatcher(this.adminServer.path("/actuator/**")) // <7>
-						))
-				.rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600));
+						));
+
+		http.rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600));
+
 		return http.build();
 
 	}

spring-boot-admin-samples/spring-boot-admin-sample-servlet/src/main/resources/application.yml

@@ -19,6 +19,8 @@ management:
       exposure:
         include: "*"
   endpoint:
+    jolokia:
+      enabled: true
     refresh:
       enabled: true
     restart:

spring-boot-admin-server-ui/src/main/frontend/test-utils.js

@@ -16,6 +16,7 @@ export const render = (testComponent, options) => {
           messages: {
             en: terms,
           },
+          legacy: false,
           silentFallbackWarn: true,
           silentTranslationWarn: true,
         }),