Merge pull request #727 from RADAR-base/release-2.1.0

Release 2.1.0

.dockerignore

@@ -1,14 +1,11 @@
 build
 out
-radar-auth/build
-radar-auth/out
 radar-auth/src/test
+kotlin-util/src/test
 .idea
 .gradle
 .git
 node_modules
-oauth-client-util/build
-oauth-client-util/out
 oauth-client-util/src/test
 src/test/java
 src/gatling

.github/workflows/main.yml

@@ -75,6 +75,14 @@ jobs:
           yarn e2e
           ./gradlew --stop
 
+      - name: Upload screenshots of failed e2e tests
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          path: src/test/javascript/e2e/cypress/screenshots
+          if-no-files-found: ignore
+          retention-days: 5
+
       - name: Has SNAPSHOT version
         id: is-snapshot
         if: github.ref == 'refs/heads/dev'

.github/workflows/pre-release.yml

@@ -58,6 +58,14 @@ jobs:
           yarn e2e
           ./gradlew --stop
 
+      - name: Upload screenshots of failed e2e tests
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          path: src/test/javascript/e2e/cypress/screenshots
+          if-no-files-found: ignore
+          retention-days: 5
+
       - name: Generate github pages
         run: ./gradlew ghPages
         if: startsWith(github.ref, 'refs/tags/')

.github/workflows/scheduled-snyk.yaml

@@ -12,7 +12,7 @@ jobs:
       - uses: actions/checkout@v3
       - uses: snyk/actions/setup@master
         with:
-          snyk-version: v1.996.0
+          snyk-version: v1.1032.0
 
       - uses: actions/setup-node@v3
         with:
@@ -33,7 +33,7 @@ jobs:
         run: >
           snyk test
           --all-projects
-          --configuration-matching="^compileClasspath$|^runtimeClasspath$"
+          --configuration-matching="^runtimeClasspath$"
           --org=radar-base
           --policy-path=.snyk
           --json-file-output=snyk.json

.github/workflows/snyk.yaml

@@ -11,7 +11,7 @@ jobs:
       - uses: actions/checkout@v3
       - uses: snyk/actions/setup@master
         with:
-          snyk-version: v1.996.0
+          snyk-version: v1.1032.0
 
       - uses: actions/setup-node@v3
         with:
@@ -32,7 +32,7 @@ jobs:
         run: >
           snyk test
           --all-projects
-          --configuration-matching="^compileClasspath$|^runtimeClasspath$"
+          --configuration-matching="^runtimeClasspath$"
           --fail-on=upgradable
           --org=radar-base
           --policy-path=.snyk

.snyk

@@ -0,0 +1,15 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-JAVA-ORGYAML-2806360:
+    - '*':
+        reason: Not using YAML for user-facing code
+        expires: 2024-05-07T10:09:27.027Z
+        created: 2023-05-08T10:09:27.030Z
+  SNYK-JAVA-ORGSPRINGFRAMEWORKBOOT-5441321:
+    - '*':
+        reason: Not hosting in CloudFoundry
+        expires: 2024-05-07T10:09:52.346Z
+        created: 2023-05-08T10:09:52.353Z
+patch: {}

.yarnrc.yml

@@ -1,4 +1,7 @@
-cacheFolder: "./.yarn/cache"
+cacheFolder: ./.yarn/cache
+
+enableImmutableInstalls: false
+
 nodeLinker: node-modules
-yarnPath: .yarn/releases/yarn-3.1.0.cjs
-enableImmutableInstalls: true
+
+yarnPath: .yarn/releases/yarn-3.6.4.cjs

Dockerfile

@@ -21,7 +21,6 @@ RUN yarn install --network-timeout 1000000
 COPY gradle gradle
 COPY gradlew build.gradle gradle.properties settings.gradle /code/
 COPY radar-auth/build.gradle radar-auth/
-COPY oauth-client-util/build.gradle oauth-client-util/
 
 RUN ./gradlew downloadDependencies
 

README.md

@@ -170,28 +170,50 @@ The code grant flow for OAuth2 clients can be the following:
      ```
      GET /oauth/authorize?client_id=MyId&response_type=code&redirect_uri=https://my.example.com/oauth_redirect
      ```
-     where you replace `MyId` with your OAuth client id. This needs to be done from a interactive 
-     web view, either a browser or a web window. If the user approves, this will redirect to 
-     `https://my.example.com/oauth_redirect?code=abcdef`. In Android, with [https://appauth.io]
-     (AppAuth library), the URL could be `com.example.my://oauth_redirect` for the `com.example.my`
-      app.
-      You can add an optional parameter for `state`. If you add the state parameter, it will be returned with the `code`.
-3. Request a token for your app by doing a POST, again with HTTP basic authentication with as 
-username your OAuth client id, and leaving the password empty:
+   where you replace `MyId` with your OAuth client id. This needs to be done from a interactive
+   web view, either a browser or a web window. If the user approves, this will redirect to
+   `https://my.example.com/oauth_redirect?code=abcdef`. In Android, with [https://appauth.io]
+   (AppAuth library), the URL could be `com.example.my://oauth_redirect` for the `com.example.my`
+   app.
+   You can add an optional parameter for `state`. If you add the state parameter, it will be returned with the `code`.
+3. Request a token for your app by doing a POST, again with HTTP basic authentication with as
+   username your OAuth client id, and leaving the password empty:
     ```
     POST /oauth/token
     Content-Type: application/x-www-form-urlencoded
 
     grant_type=authorization_code&code=abcdef&redirect_uri=https://my.example.com/oauth_redirect
     ```
-    This will respond with the access token and refresh token:
+   This will respond with the access token and refresh token:
     ```json
     {
        "access_token": "...",
        "refresh_token": "..."
     }
     ```
-    Now the app can use the refresh token flow as shown above.
+   Now the app can use the refresh token flow as shown above.
+
+### Client credentials flow
+The code grant flow for OAuth2 clients can also be the following:
+1. Register an oauth-client with grant_type `client_credentials`
+2. Request a token for your app by doing a POST with HTTP basic authentication with as
+   username your OAuth client id and password your OAuth client secret:
+    ```
+    POST /oauth/token
+    Content-Type: application/x-www-form-urlencoded
+
+    grant_type=client_credentials
+    ```
+   This will respond with the access token:
+    ```json
+    {
+        "access_token": "...",
+        "token_type": "bearer",
+
+        "...": "..."
+    }
+    ```
+   Now the app can use the access token flow.
 
 ### UI Customization
 
@@ -225,7 +247,7 @@ auto-refreshes when files change on your hard drive.
     ./gradlew
     yarn start
 
-Then open <http://localhost:9000/> to start the interface and sign in with admin/admin.
+Then open <http://localhost:8081/> to start the interface and sign in with admin/admin.
 
 [Yarn][] is also used to manage CSS and JavaScript dependencies used in this application. You can upgrade dependencies by
 specifying a newer version in [package.json](package.json). You can also run `yarn update` and `yarn install` to manage dependencies.
@@ -315,7 +337,6 @@ For more information refer to [Using Docker and Docker-Compose][], this page als
 
 Please find the links for some of the documentation per category/component
 * [management-portal-javadoc](https://radar-base.github.io/ManagementPortal/management-portal-javadoc/)
-* [oauth-client-util-javadoc](https://radar-base.github.io/ManagementPortal/oauth-client-util-javadoc/)
 * [radar-auth-javadoc](https://radar-base.github.io/ManagementPortal/radar-auth-javadoc/)
 * [managementportal-client-javadoc](https://radar-base.github.io/ManagementPortal/managementportal-client-javadoc/)
 * [Swagger 2.0 apidoc](https://radar-base.github.io/ManagementPortal/apidoc/swagger.json)

angular.json

@@ -88,7 +88,7 @@
           "defaultConfiguration": "development",
           "options": {
             "proxyConfig": "proxy.conf.json",
-            "port": 9000
+            "port": 8081
           }
         },
         "test": {