fixes #67: Migrate to Jersey 2

This updates the Jersey dependency from 1.x to 2.x.

This commit requires OF-2352 / igniterealtime/Openfire#1945 which means that this PR will _not_ work with 4.7.0 beta (but hopefully will with 4.7.0 non-beta).

changelog.html

@@ -46,9 +46,10 @@ <h1>
 
 <p><b>1.7.0</b> (tbd)</p>
 <ul>
-    <li>This plugin now requires Openfire 4.7.0-beta or later</li>
+    <li>Requires Openfire 4.7.0</li>
     <li>[<a href='https://github.com/igniterealtime/openfire-restAPI-plugin/issues/25'>#25</a>] - Java 11 Jaxb issue</li>
     <li>[<a href='https://github.com/igniterealtime/openfire-restAPI-plugin/issues/39'>#39</a>] - Requests fail when using XML as accept type on Openfire servers running java 11</li>
+    <li>[<a href='https://github.com/igniterealtime/openfire-restAPI-plugin/issues/67'>#67</a>] - Updated Jersey dependency to 2.35.</li>
     <li>[<a href='https://github.com/igniterealtime/openfire-restAPI-plugin/issues/68'>#68</a>] - Fix for incompatibility with Openfire v4.7.0-beta and later</li>
 </ul>
 

pom.xml

@@ -13,8 +13,7 @@
     <description>Allows administration over a RESTful API.</description>
 
     <properties>
-        <jackson.version>2.12.1</jackson.version>
-        <jersey.version>1.19.4</jersey.version>
+        <jersey.version>2.35</jersey.version>
     </properties>
 
     <developers>
@@ -38,45 +37,30 @@
 
     <dependencies>
         <dependency>
-            <groupId>com.fasterxml.jackson.module</groupId>
-            <artifactId>jackson-module-jaxb-annotations</artifactId>
-            <version>${jackson.version}</version>
+            <groupId>org.glassfish.jersey.containers</groupId>
+            <artifactId>jersey-container-jetty-http</artifactId>
+            <version>${jersey.version}</version>
         </dependency>
         <dependency>
-            <groupId>com.fasterxml.jackson.jaxrs</groupId>
-            <artifactId>jackson-jaxrs-json-provider</artifactId>
-            <version>${jackson.version}</version>
+            <groupId>org.glassfish.jersey.containers</groupId>
+            <artifactId>jersey-container-jetty-servlet</artifactId>
+            <version>${jersey.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.glassfish.jersey.inject</groupId>
+            <artifactId>jersey-hk2</artifactId>
+            <version>${jersey.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.glassfish.jersey.media</groupId>
+            <artifactId>jersey-media-jaxb</artifactId>
+            <version>${jersey.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.glassfish.jersey.media</groupId>
+            <artifactId>jersey-media-json-jackson</artifactId>
+            <version>${jersey.version}</version>
         </dependency>
-   		<dependency>
-			<groupId>com.sun.jersey</groupId>
-			<artifactId>jersey-client</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.jersey</groupId>
-			<artifactId>jersey-core</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.jersey</groupId>
-			<artifactId>jersey-server</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.jersey</groupId>
-			<artifactId>jersey-servlet</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.jersey</groupId>
-			<artifactId>jersey-json</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>javax.ws.rs</groupId>
-			<artifactId>jsr311-api</artifactId>
-			<version>1.1.1</version>
-		</dependency>
     </dependencies>
 
     <repositories>

src/java/org/jivesoftware/openfire/plugin/rest/AuthFilter.java

@@ -1,7 +1,12 @@
 package org.jivesoftware.openfire.plugin.rest;
 
+import javax.annotation.Priority;
 import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.Priorities;
 import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.container.ContainerRequestContext;
+import javax.ws.rs.container.ContainerRequestFilter;
+import javax.ws.rs.container.PreMatching;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response.Status;
 
@@ -14,12 +19,13 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.sun.jersey.spi.container.ContainerRequest;
-import com.sun.jersey.spi.container.ContainerRequestFilter;
+import java.io.IOException;
 
 /**
  * The Class AuthFilter.
  */
+@PreMatching
+@Priority(Priorities.AUTHORIZATION)
 public class AuthFilter implements ContainerRequestFilter {
 
     /** The log. */
@@ -33,15 +39,8 @@ public class AuthFilter implements ContainerRequestFilter {
     private RESTServicePlugin plugin = (RESTServicePlugin) XMPPServer.getInstance().getPluginManager()
             .getPlugin("restapi");
 
-    /*
-     * (non-Javadoc)
-     * 
-     * @see
-     * com.sun.jersey.spi.container.ContainerRequestFilter#filter(com.sun.jersey
-     * .spi.container.ContainerRequest)
-     */
     @Override
-    public ContainerRequest filter(ContainerRequest containerRequest) throws WebApplicationException {
+    public void filter(ContainerRequestContext containerRequest) throws IOException {
         if (!plugin.isEnabled()) {
             LOG.debug("REST API Plugin is not enabled");
             throw new WebApplicationException(Status.FORBIDDEN);
@@ -50,13 +49,13 @@ public ContainerRequest filter(ContainerRequest containerRequest) throws WebAppl
         // Let the preflight request through the authentication
         if ("OPTIONS".equals(containerRequest.getMethod())) {
             LOG.debug("Authentication was bypassed because of OPTIONS request");
-            return containerRequest;
+            return;
         }
 
         // To be backwards compatible to userservice 1.*
-        if ("restapi/v1/userservice".equals(containerRequest.getPath())) {
+        if (containerRequest.getUriInfo().getRequestUri().getPath().contains("restapi/v1/userservice")) {
             LOG.info("Deprecated 'userservice' endpoint was used. Please switch to the new endpoints");
-            return containerRequest;
+            return;
         }
 
         if (!plugin.getAllowedIPs().isEmpty()) {
@@ -78,7 +77,7 @@ public ContainerRequest filter(ContainerRequest containerRequest) throws WebAppl
         }
 
         // Get the authentication passed in HTTP headers parameters
-        String auth = containerRequest.getHeaderValue("authorization");
+        String auth = containerRequest.getHeaderString("authorization");
 
         if (auth == null) {
             throw new WebApplicationException(Status.UNAUTHORIZED);
@@ -119,6 +118,5 @@ public ContainerRequest filter(ContainerRequest containerRequest) throws WebAppl
                 throw new WebApplicationException(Status.UNAUTHORIZED);
             }
         }
-        return containerRequest;
     }
 }

src/java/org/jivesoftware/openfire/plugin/rest/CORSFilter.java

@@ -1,26 +1,23 @@
 package org.jivesoftware.openfire.plugin.rest;
 
-import com.sun.jersey.spi.container.ContainerRequest;
-import com.sun.jersey.spi.container.ContainerResponse;
-import com.sun.jersey.spi.container.ContainerResponseFilter;
+import javax.annotation.Priority;
+import javax.ws.rs.Priorities;
+import javax.ws.rs.container.ContainerRequestContext;
+import javax.ws.rs.container.ContainerResponseContext;
+import javax.ws.rs.container.ContainerResponseFilter;
+import java.io.IOException;
 
 /**
  * The Class CORSFilter.
  */
+@Priority(Priorities.HEADER_DECORATOR)
 public class CORSFilter implements ContainerResponseFilter {
 
-    /* (non-Javadoc)
-     * @see com.sun.jersey.spi.container.ContainerResponseFilter#filter(com.sun.jersey.spi.container.ContainerRequest, com.sun.jersey.spi.container.ContainerResponse)
-     */
     @Override
-    public ContainerResponse filter(ContainerRequest request, ContainerResponse response) {
-        response.getHttpHeaders().add("Access-Control-Allow-Origin", "*");
-        response.getHttpHeaders().add("Access-Control-Allow-Headers",
-                "origin, content-type, accept, authorization");
-        response.getHttpHeaders().add("Access-Control-Allow-Credentials", "true");
-        response.getHttpHeaders().add("Access-Control-Allow-Methods",
-                "GET, POST, PUT, DELETE, OPTIONS, HEAD");
-
-        return response;
+    public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) throws IOException {
+        response.getHeaders().add("Access-Control-Allow-Origin", "*");
+        response.getHeaders().add("Access-Control-Allow-Headers", "origin, content-type, accept, authorization");
+        response.getHeaders().add("Access-Control-Allow-Credentials", "true");
+        response.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
     }
 }

src/java/org/jivesoftware/openfire/plugin/rest/RESTServicePlugin.java

@@ -25,6 +25,7 @@
 
 import javax.ws.rs.core.Response;
 
+import org.jivesoftware.admin.AuthCheckFilter;
 import org.jivesoftware.openfire.container.Plugin;
 import org.jivesoftware.openfire.container.PluginManager;
 import org.jivesoftware.openfire.plugin.rest.entity.SystemProperties;
@@ -112,12 +113,17 @@ public void initializePlugin(PluginManager manager, File pluginDirectory) {
         setServiceLoggingEnabled(JiveGlobals.getBooleanProperty(SERVICE_LOGGING_ENABLED, false));
         // Listen to system property events
         PropertyEventDispatcher.addListener(this);
+
+        // Exclude this servlet from requering the user to login
+        AuthCheckFilter.addExclude(JerseyWrapper.SERVLET_URL);
     }
 
     /* (non-Javadoc)
      * @see org.jivesoftware.openfire.container.Plugin#destroyPlugin()
      */
     public void destroyPlugin() {
+        // Release the excluded URL
+        AuthCheckFilter.removeExclude(JerseyWrapper.SERVLET_URL);
         // Stop listening to system property events
         PropertyEventDispatcher.removeListener(this);
     }

src/java/org/jivesoftware/openfire/plugin/rest/entity/GroupEntities.java

@@ -1,11 +1,12 @@
 package org.jivesoftware.openfire.plugin.rest.entity;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
+
 import java.util.List;
 
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
-import org.codehaus.jackson.annotate.JsonProperty;
 
 /**
  * The Class GroupEntities.

src/java/org/jivesoftware/openfire/plugin/rest/entity/MUCRoomEntities.java

@@ -1,12 +1,12 @@
 package org.jivesoftware.openfire.plugin.rest.entity;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
+
 import java.util.List;
 
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
-import org.codehaus.jackson.annotate.JsonProperty;
-
 @XmlRootElement(name = "chatRooms")
 public class MUCRoomEntities {
     List<MUCRoomEntity> mucRooms;

src/java/org/jivesoftware/openfire/plugin/rest/entity/OccupantEntities.java

@@ -1,11 +1,10 @@
 package org.jivesoftware.openfire.plugin.rest.entity;
 
-import java.util.List;
+import com.fasterxml.jackson.annotation.JsonProperty;
 
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
-
-import org.codehaus.jackson.annotate.JsonProperty;
+import java.util.List;
 
 @XmlRootElement(name = "occupants")
 public class OccupantEntities {

src/java/org/jivesoftware/openfire/plugin/rest/entity/ParticipantEntities.java

@@ -1,12 +1,12 @@
 package org.jivesoftware.openfire.plugin.rest.entity;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
+
 import java.util.List;
 
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
-import org.codehaus.jackson.annotate.JsonProperty;
-
 @XmlRootElement(name = "participants")
 public class ParticipantEntities {
     List<ParticipantEntity> participants;

src/java/org/jivesoftware/openfire/plugin/rest/entity/SecurityAuditLogs.java

@@ -1,12 +1,12 @@
 package org.jivesoftware.openfire.plugin.rest.entity;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
+
 import java.util.List;
 
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
-import org.codehaus.jackson.annotate.JsonProperty;
-
 @XmlRootElement(name = "logs")
 public class SecurityAuditLogs {
 	List<SecurityAuditLog> securityAuditLog;

src/java/org/jivesoftware/openfire/plugin/rest/entity/SessionEntities.java

@@ -1,12 +1,12 @@
 package org.jivesoftware.openfire.plugin.rest.entity;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
+
 import java.util.List;
 
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
-import org.codehaus.jackson.annotate.JsonProperty;
-
 @XmlRootElement(name = "sessions")
 public class SessionEntities {
     List<SessionEntity> sessions;

src/java/org/jivesoftware/openfire/plugin/rest/entity/UserEntities.java

@@ -1,12 +1,12 @@
 package org.jivesoftware.openfire.plugin.rest.entity;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
+
 import java.util.List;
 
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
-import org.codehaus.jackson.annotate.JsonProperty;
-
 /**
  * The Class UserEntities.
  */