From 184cc769a1df28b4e2f1b4263566b230aaa34d16 Mon Sep 17 00:00:00 2001
From: Felix Dittrich <31076102+f11h@users.noreply.github.com>
Date: Wed, 11 May 2022 08:55:41 +0200
Subject: [PATCH] Mysql and Keycloak Building Block + Several new Dependencies
 (#2)

* Add Dependency Building Block for Keycloak
Add Dependency Building Block for MySQL
Add Prometheus and Micrometer to Spring Boot Building Block
Add CBOR Cose Dependency Versions
Add Digital Covid Certificate Versions
Add PDF Box Version
Add Google ZXing Versions
Add OpenCSV Version
Add Keycloak Versions
Add ModelMapper Version
App Spring Rest Docs Plugin Versions

* Update OWASP Dependency Check
Add Keycloak 15.1.1 to OWASP Suppression
---
 keycloak/pom.xml          |  40 +++++++++++++++
 mysql-persistence/pom.xml |  44 ++++++++++++++++
 owasp/suppressions.xml    |   6 +++
 pom.xml                   | 103 +++++++++++++++++++++++++++++++++++++-
 spring-boot/pom.xml       |  11 ++++
 5 files changed, 203 insertions(+), 1 deletion(-)
 create mode 100644 keycloak/pom.xml
 create mode 100644 mysql-persistence/pom.xml

diff --git a/keycloak/pom.xml b/keycloak/pom.xml
new file mode 100644
index 0000000..8daf18b
--- /dev/null
+++ b/keycloak/pom.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>cwa-parent-keycloak</artifactId>
+    <packaging>pom</packaging>
+
+    <name>cwa-parent-keycloak</name>
+    <description>CWA Backend Service Parent POM with dependencies for Services using Keycloak.</description>
+
+    <parent>
+        <groupId>app.coronawarn</groupId>
+        <artifactId>cwa-parent</artifactId>
+        <version>1.0-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>${project.parent.groupId}</groupId>
+            <artifactId>cwa-parent-spring-boot</artifactId>
+            <version>${project.parent.version}</version>
+            <type>pom</type>
+        </dependency>
+
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-spring-boot-starter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.c4-soft.springaddons</groupId>
+            <artifactId>spring-security-oauth2-test-addons</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.c4-soft.springaddons</groupId>
+            <artifactId>spring-security-oauth2-test-webmvc-addons</artifactId>
+        </dependency>
+    </dependencies>
+</project>
diff --git a/mysql-persistence/pom.xml b/mysql-persistence/pom.xml
new file mode 100644
index 0000000..14353c1
--- /dev/null
+++ b/mysql-persistence/pom.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>cwa-parent-mysql-persistence</artifactId>
+    <packaging>pom</packaging>
+
+    <name>cwa-parent-mysql-persistence</name>
+    <description>CWA Backend Service Parent POM with dependencies for Services building on MySQL.</description>
+
+    <parent>
+        <groupId>app.coronawarn</groupId>
+        <artifactId>cwa-parent</artifactId>
+        <version>1.0-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>${project.parent.groupId}</groupId>
+            <artifactId>cwa-parent-spring-boot</artifactId>
+            <version>${project.parent.version}</version>
+            <type>pom</type>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-jpa</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>mysql</groupId>
+            <artifactId>mysql-connector-java</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.liquibase</groupId>
+            <artifactId>liquibase-core</artifactId>
+        </dependency>
+    </dependencies>
+</project>
diff --git a/owasp/suppressions.xml b/owasp/suppressions.xml
index 442d77a..442c5fc 100644
--- a/owasp/suppressions.xml
+++ b/owasp/suppressions.xml
@@ -1,4 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
 
+    <suppress>
+        <notes>Updating of Keycloak Lib is not possible at the moment. Security risk is not affecting CWA components.</notes>
+        <cve>CVE-2022-1466</cve>
+        <cve>CVE-2021-20323</cve>
+    </suppress>
+
 </suppressions>
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index c60ba33..5f9bd1c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -40,7 +40,9 @@
         <module>feign</module>
         <module>validation</module>
         <module>shedlock</module>
+        <module>keycloak</module>
         <module>psql-persistence</module>
+        <module>mysql-persistence</module>
     </modules>
 
     <distributionManagement>
@@ -91,6 +93,9 @@
                 <artifactId>lombok</artifactId>
                 <version>1.18.24</version>
             </dependency>
+
+
+            <!-- Shedlock -->
             <dependency>
                 <groupId>net.javacrumbs.shedlock</groupId>
                 <artifactId>shedlock-spring</artifactId>
@@ -134,6 +139,7 @@
                 <scope>runtime</scope>
             </dependency>
 
+
             <!-- Persistence -->
             <dependency>
                 <groupId>org.liquibase</groupId>
@@ -146,6 +152,82 @@
                 <version>2.1.212</version>
                 <scope>runtime</scope>
             </dependency>
+
+
+            <!-- CBOR/ COSE -->
+            <dependency>
+                <groupId>com.upokecenter</groupId>
+                <artifactId>cbor</artifactId>
+                <version>4.5.2</version>
+            </dependency>
+
+
+            <!-- Digital Covid Certificate -->
+            <dependency>
+                <groupId>eu.europa.ec.dgc</groupId>
+                <artifactId>dgc-lib</artifactId>
+                <version>1.3.1</version>
+            </dependency>
+
+
+            <!-- PDF Box -->
+            <dependency>
+                <groupId>org.apache.pdfbox</groupId>
+                <artifactId>pdfbox</artifactId>
+                <version>2.0.26</version>
+            </dependency>
+
+
+            <!-- Google ZXing (QR Code Lib) -->
+            <dependency>
+                <groupId>com.google.zxing</groupId>
+                <artifactId>core</artifactId>
+                <version>3.5.0</version>
+            </dependency>
+            <dependency>
+                <groupId>com.google.zxing</groupId>
+                <artifactId>javase</artifactId>
+                <version>3.5.0</version>
+            </dependency>
+
+
+            <!-- OpenCSV -->
+            <dependency>
+                <groupId>com.opencsv</groupId>
+                <artifactId>opencsv</artifactId>
+                <version>5.6</version>
+            </dependency>
+
+
+            <!-- Keycloak -->
+            <dependency>
+                <groupId>org.keycloak</groupId>
+                <artifactId>keycloak-spring-boot-starter</artifactId>
+                <version>15.1.1</version>
+            </dependency>
+            <dependency>
+                <groupId>org.keycloak</groupId>
+                <artifactId>keycloak-admin-client</artifactId>
+                <version>15.1.1</version>
+            </dependency>
+            <dependency>
+                <groupId>com.c4-soft.springaddons</groupId>
+                <artifactId>spring-security-oauth2-test-addons</artifactId>
+                <version>3.1.15-jdk11</version>
+            </dependency>
+            <dependency>
+                <groupId>com.c4-soft.springaddons</groupId>
+                <artifactId>spring-security-oauth2-test-webmvc-addons</artifactId>
+                <version>3.1.15-jdk11</version>
+            </dependency>
+
+
+            <!-- Model Mapper -->
+            <dependency>
+                <groupId>org.modelmapper.extensions</groupId>
+                <artifactId>modelmapper-spring</artifactId>
+                <version>3.1.0</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
 
@@ -241,12 +323,31 @@
                 <plugin>
                     <groupId>org.owasp</groupId>
                     <artifactId>dependency-check-maven</artifactId>
-                    <version>7.0.4</version>
+                    <version>7.1.0</version>
                     <configuration>
                         <suppressionFile>./owasp/suppressions.xml</suppressionFile>
                         <failBuildOnAnyVulnerability>true</failBuildOnAnyVulnerability>
                     </configuration>
                 </plugin>
+
+                <!-- Spring Rest Docs (Deprecated, should be replaced with Springdoc OpenAPI) -->
+                <plugin>
+                    <groupId>org.asciidoctor</groupId>
+                    <artifactId>asciidoctor-maven-plugin</artifactId>
+                    <version>1.5.8</version>
+                    <dependencies>
+                        <dependency>
+                            <groupId>org.springframework.restdocs</groupId>
+                            <artifactId>spring-restdocs-asciidoctor</artifactId>
+                            <version>2.0.6.RELEASE</version>
+                        </dependency>
+                    </dependencies>
+                </plugin>
+                <plugin>
+                    <groupId>org.springdoc</groupId>
+                    <artifactId>springdoc-openapi-maven-plugin</artifactId>
+                    <version>1.1</version>
+                </plugin>
             </plugins>
         </pluginManagement>
 
diff --git a/spring-boot/pom.xml b/spring-boot/pom.xml
index e2af25a..d12f9e6 100644
--- a/spring-boot/pom.xml
+++ b/spring-boot/pom.xml
@@ -35,6 +35,17 @@
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-sleuth</artifactId>
         </dependency>
+        <dependency>
+            <groupId>io.micrometer</groupId>
+            <artifactId>micrometer-registry-prometheus</artifactId>
+        </dependency>
+
+        <!-- Configuration -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-configuration-processor</artifactId>
+            <optional>true</optional>
+        </dependency>
 
         <!-- Vault -->
         <dependency>