Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release Java SDK v16.6.5 #643

Merged
merged 12 commits into from
Sep 19, 2024
Merged
Show file tree
Hide file tree
Changes from 11 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 12 additions & 10 deletions .github/workflows/publish.servicenow.plugin.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ jobs:
if: ${{ false }} # disable for now
run: |
TAG="${{ github.event.inputs.tagname }}"
GRADLE_CFG=./build.gradle
BUILD_VERSION=`fgrep version $GRADLE_CFG | sed -r 's/^version\s+//g' | sed "s/'//g"`
GRADLE_CFG=./build.gradle.kts
BUILD_VERSION=`fgrep version $GRADLE_CFG | sed -r 's/^version\s+//g' | sed 's/"//g'`
if [[ "$TAG" == *"-$BUILD_VERSION"* ]]; then
echo "Build version $BUILD_VERSION is included in the tag $TAG"
else
Expand All @@ -56,6 +56,8 @@ jobs:
cat <<'EOF' > build.sh
#!/usr/bin/env bash
MID_SERVER_URLS=''
MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2024/09/01/mid.xanadu-07-02-2024__patch1-08-24-2024_09-01-2024_1853.linux.x86-64.zip
MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2024/08/31/mid.washingtondc-12-20-2023__patch7-08-21-2024_08-31-2024_1809.linux.x86-64.zip
MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2023/07/26/mid.vancouver-07-06-2023__patch0-07-18-2023_07-26-2023_1029.linux.x86-64.zip
MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2023/08/20/mid.utah-12-21-2022__patch6-08-09-2023_08-20-2023_0545.linux.x86-64.zip
MID_SERVER_URLS=${MID_SERVER_URLS},https://install.service-now.com/glide/distribution/builds/package/mid/2023/06/23/mid.tokyo-07-08-2022__patch9-hotfix2-06-07-2023_06-23-2023_1740.linux.x86-64.zip
Expand All @@ -69,11 +71,11 @@ jobs:
buildroot=`pwd`

chmod u+x ${buildroot}/gradlew
gradlecfg=${buildroot}/build.gradle
gradlecfg=${buildroot}/build.gradle.kts

buildname=`fgrep archivesName ${gradlecfg} | sed -r 's/^\s*archivesName\s*=\s*//g' | sed "s/'//g"`
buildversion=`fgrep version ${gradlecfg} | sed -r 's/^version\s+//g' | sed "s/'//g"`
srcjarpath=${buildroot}/build/libs/${buildname}-${buildversion}.jar
buildname=`fgrep archivesName ${gradlecfg} | sed -r 's/^\s*archivesName\s*=\s*//g' | sed 's/"//g'`
buildversion=`fgrep version ${gradlecfg} | sed -r 's/^version\s+//g' | sed 's/"//g'`
srcjarpath=${buildroot}/build/libs/${buildname}.jar

IFS="," read -a urls <<< ${MID_SERVER_URLS}
for url in "${urls[@]}"; do
Expand All @@ -88,7 +90,7 @@ jobs:

libpath=${midsdir}/${version}/agent/lib
elibpath=${libpath//\//\\/}
sed -i "s/def midserver_agent_dir =.*/def midserver_agent_dir = \'${elibpath}\'/" ${gradlecfg}
sed -i "s/val midServerAgentDir =.*/val midServerAgentDir = \"${elibpath}\"/" ${gradlecfg}

cd ${buildroot}
gradlew_return_code=0
Expand Down Expand Up @@ -117,8 +119,8 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
TAG="${{ github.event.inputs.tagname }}"
GRADLE_CFG=./build.gradle
BUILD_NAME=`fgrep archivesName $GRADLE_CFG | sed -r 's/^\s*archivesName\s*=\s*//g' | sed "s/'//g"`
BUILD_VERSION=`fgrep version $GRADLE_CFG | sed -r 's/^version\s+//g' | sed "s/'//g"`
GRADLE_CFG=./build.gradle.kts
BUILD_NAME=`fgrep archivesName $GRADLE_CFG | sed -r 's/^\s*archivesName\s*=\s*//g' | sed 's/"//g'`
BUILD_VERSION=`fgrep version $GRADLE_CFG | sed -r 's/^version\s+//g' | sed 's/"//g'`
RELEASE_NAME=${BUILD_NAME}-${BUILD_VERSION}.jar
gh release create ${TAG} `pwd`/releases/*.jar --repo="$GITHUB_REPOSITORY" --title="$RELEASE_NAME" --generate-notes
57 changes: 0 additions & 57 deletions integration/servicenow-external-credential-resolver/build.gradle

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
group "com.keepersecurity"
version "0.1.0"

plugins {
base
java
}

base {
archivesName = "keeper-external-credentials"
}

java {
toolchain {
// Vancouver-- built with OpenJDK 11.x
languageVersion = JavaLanguageVersion.of(11)

// Washington DC: A ServiceNow build of OpenJDK 17.0.8.1 is Supported and Included (17.0.8.1-sncmid1)
// Administrators will need to make sure any 3rd party JAR files for Credential resolvers, JDBC drivers, etc.
// are compatible with Java 17 and 'strong encapsulation', before upgrading.
// More information: KB1273036 MID Server - JRE 17 Upgrade

// Washington DC, Xanadu++ built with OpenJDK 17.x
//languageVersion = JavaLanguageVersion.of(17)
}
}

// This must point to the MID Server installation location (agent directory path).
val midServerAgentDir = "/opt/servicenow/mid/agent/lib"

repositories {
mavenCentral()
flatDir {
dirs(midServerAgentDir)
}
}

dependencies {
implementation ("com.keepersecurity.secrets-manager:core:16.6.4+")

// MID server dependencies, not required to be uploaded
// MID jar dependency for config APIs
compileOnly("com.snc:mid")
compileOnly("com.snc:commons-glide")
compileOnly("com.snc:commons-core-automation")
compileOnly("com.snc:snc-automation-api")

// NB! JDK16+/Vancouver+ may require: export _JAVA_OPTIONS="--add-opens=java.base/sun.security.util=ALL-UNNAMED"
// Vancouver and newer: IFileSystem is in the new mid-api.jar
if (file("${midServerAgentDir}/mid-api.jar").exists()) {
compileOnly("com.snc:mid-api")
}
}

tasks.jar {
duplicatesStrategy = DuplicatesStrategy.EXCLUDE
manifest {
attributes("Main-Class" to "com.snc.discovery.CredentialResolver")
}
from(configurations
.runtimeClasspath
.get() // Gradle 6+
.files // Gradle 6+
.map { if (it.isDirectory) it else zipTree(it) }
)
exclude("META-INF/*.SF")
exclude("META-INF/*.DSA")
exclude("META-INF/*.RSA")
}
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.3-bin.zip
networkTimeout=10000
distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
rootProject.name = "keeper-external-credentials"

plugins {
id("org.gradle.toolchains.foojay-resolver") version "0.8.0"
}

@Suppress("UnstableApiUsage")
toolchainManagement {
jvm {
javaRepositories {
repository("foojay") {
resolverClass.set(org.gradle.toolchains.foojay.FoojayToolchainResolver::class.java)
}
}
}
}
7 changes: 6 additions & 1 deletion sdk/java/core/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,11 @@ For more information see our official documentation page https://docs.keeper.io/

# Change Log

## 16.6.5
- KSM-548 - Make sure autogenerated UIDs don't start with '-'
- KSM-553 - Added new field types and updated PAM field types
- Upgraded package dependencies to latest versions and switched to gradle-8.10.1

## 16.6.4
- KSM-501 - Switched to non-strict JSON parser
- KSM-506 - Adding support for Privacy screen in the passkey field type
Expand All @@ -28,7 +33,7 @@ For more information see our official documentation page https://docs.keeper.io/
- KSM-421 - Improved Logging

## 16.5.3
- KSM-401 - Update PAM Record types and Field types to have latest updates
- KSM-401 - Update PAM Record types and Field types to have the latest updates
- KSM-406 - New field type: Passkey
- KSM-382 - Support for record Transactions

Expand Down
27 changes: 14 additions & 13 deletions sdk/java/core/build.gradle.kts
Original file line number Diff line number Diff line change
@@ -1,20 +1,21 @@
import org.gradle.api.publish.maven.MavenPublication
import org.gradle.kotlin.dsl.`maven-publish`
import org.gradle.kotlin.dsl.signing
import org.jetbrains.kotlin.gradle.dsl.JvmTarget
import java.util.*

group = "com.keepersecurity.secrets-manager"

// During publishing, If version ends with '-SNAPSHOT' then it will be published to Maven snapshot repository
version = "16.6.4"
version = "16.6.5"

plugins {
`java-library`
kotlin("jvm") version "1.9.23"
kotlin("plugin.serialization") version "1.9.23"
kotlin("jvm") version "2.0.20"
kotlin("plugin.serialization") version "2.0.20"
`maven-publish`
signing
id("io.github.gradle-nexus.publish-plugin") version "1.3.0"
id("io.github.gradle-nexus.publish-plugin") version "2.0.0"
}

java {
Expand All @@ -29,8 +30,8 @@ tasks.withType<JavaCompile>().configureEach {
}

tasks.withType<org.jetbrains.kotlin.gradle.tasks.KotlinCompile>().configureEach {
kotlinOptions {
jvmTarget = "1.8"
compilerOptions {
jvmTarget.set(JvmTarget.JVM_1_8)
}
}

Expand All @@ -42,20 +43,20 @@ repositories {

dependencies {
// Align versions of all Kotlin components
implementation(platform("org.jetbrains.kotlin:kotlin-bom:1.9.23"))
implementation(platform("org.jetbrains.kotlin:kotlin-bom:2.0.20"))

// Use the Kotlin JDK 8 standard library.
api("org.jetbrains.kotlin:kotlin-stdlib-jdk8:1.9.23")
implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:1.6.3")
implementation("org.jetbrains.kotlin:kotlin-reflect:1.9.23")
api("org.jetbrains.kotlin:kotlin-stdlib-jdk8:2.0.20")
implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:1.7.2")
implementation("org.jetbrains.kotlin:kotlin-reflect:2.0.20")

// Use the Kotlin test library.
testImplementation("org.jetbrains.kotlin:kotlin-test:1.9.23")
testImplementation("org.jetbrains.kotlin:kotlin-test:2.0.20")

// Use the Kotlin JUnit integration.
testImplementation("org.jetbrains.kotlin:kotlin-test-junit:1.9.23")
testImplementation("org.jetbrains.kotlin:kotlin-test-junit:2.0.20")

testImplementation("org.bouncycastle:bc-fips:1.0.2.4")
testImplementation("org.bouncycastle:bc-fips:2.0.0")
// testImplementation("org.bouncycastle:bcprov-jdk15on:1.70")
}

Expand Down
2 changes: 1 addition & 1 deletion sdk/java/core/gradle/wrapper/gradle-wrapper.properties
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.6-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip

zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
2 changes: 1 addition & 1 deletion sdk/java/core/settings.gradle.kts
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
rootProject.name = "core"

plugins {
id("org.gradle.toolchains.foojay-resolver") version "0.7.0"
id("org.gradle.toolchains.foojay-resolver") version "0.8.0"
}

@Suppress("UnstableApiUsage")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
package com.keepersecurity.secretsManager.core

import java.math.BigInteger
import java.net.URL
import java.net.URI
import java.net.URLDecoder
import java.nio.ByteBuffer
import java.security.*
Expand All @@ -16,6 +16,7 @@ import javax.crypto.Mac
import javax.crypto.spec.GCMParameterSpec
import javax.crypto.spec.IvParameterSpec
import javax.crypto.spec.SecretKeySpec
import kotlin.experimental.and
import kotlin.math.pow
import kotlin.math.abs

Expand Down Expand Up @@ -81,6 +82,20 @@ internal fun getRandomBytes(length: Int): ByteArray {
return bytes
}

internal fun generateUid(): ByteArray {
val dash = 0b11111000.toByte()
var bytes = ByteArray(16)

for (i in 1..8) {
bytes = getRandomBytes(16)
if (dash.and(bytes[0]) != dash) break
}
if (dash.and(bytes[0]) == dash)
bytes[0] = bytes[0].and(0b01111111.toByte())

return bytes
}

internal fun generateKeyPair(): java.security.KeyPair {
return KeeperCryptoParameters.keyGen.genKeyPair()
}
Expand Down Expand Up @@ -235,7 +250,7 @@ data class TotpCode(val code: String, val timeLeft: Int, val period: Int) {
if (protocol != "otpauth")
return null

val totpUrl = URL("http://" + url.substring(10))
val totpUrl = URI.create("http://" + url.substring(10)).toURL()
val queryPairs = mutableMapOf<String, String>()
val pairs: List<String> = totpUrl.query.split("&")
for (pair in pairs) {
Expand Down
Loading
Loading