Upgrade master to the current wrensec-parent

.github/workflows/build.yml

@@ -0,0 +1,25 @@
+name: Build
+
+on: [push, pull_request]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java: [8]
+    name: "Java ${{ matrix.java }} build"
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK
+        uses: actions/setup-java@v1
+        with:
+          java-version: ${{ matrix.java }}
+      - name: Cache Maven packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+      - name: Run the Maven verify phase
+        run: mvn -B verify --file pom.xml

.gitignore

@@ -1,7 +1,11 @@
 target/
 dependency-reduced-pom.xml
 openam-ui/openam-ui-ria/npm-debug.log.*
+test-output/
 
 # Editor generated files
 *.iml
 .idea/
+.project
+.settings
+.classpath

openam-audit/openam-audit-configuration/pom.xml

@@ -13,6 +13,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2014-2016 ForgeRock AS.
+ * Portions copyright 2022 Wren Security
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <parent>
@@ -40,27 +41,27 @@
             <artifactId>openam-core</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-handler-csv</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-handler-syslog</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-handler-jdbc</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-handler-elasticsearch</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-handler-splunk</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-handler-jms</artifactId>
         </dependency>
         <dependency>
@@ -81,4 +82,4 @@
         </dependency>
     </dependencies>
 
-</project>
+</project>

openam-audit/openam-audit-context/pom.xml

@@ -13,6 +13,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2014-2016 ForgeRock AS.
+ * Portions copyright 2022 Wren Security
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <parent>
@@ -32,11 +33,11 @@
 
     <dependencies>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-util</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-core</artifactId>
         </dependency>
         <dependency>
@@ -50,8 +51,8 @@
             <classifier>no_aop</classifier>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
-            <artifactId>forgerock-guice-core</artifactId>
+            <groupId>org.wrensecurity.commons</groupId>
+            <artifactId>wrensec-guice-core</artifactId>
         </dependency>
         <dependency>
             <groupId>org.easytesting</groupId>

openam-audit/openam-audit-core/pom.xml

@@ -13,6 +13,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2014-2016 ForgeRock AS.
+ * Portions copyright 2022 Wren Security
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <parent>
@@ -40,7 +41,7 @@
             <artifactId>openam-i18n</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-core</artifactId>
         </dependency>
         <dependency>
@@ -58,19 +59,19 @@
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-test-utils</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>json-resource</artifactId>
             <type>test-jar</type>
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
-            <artifactId>forgerock-guice-test</artifactId>
+            <groupId>org.wrensecurity.commons</groupId>
+            <artifactId>wrensec-guice-test</artifactId>
             <scope>test</scope>
         </dependency>
     </dependencies>

openam-audit/openam-audit-rest/pom.xml

@@ -13,6 +13,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2015-2016 ForgeRock AS.
+ * Portions copyright 2022 Wren Security
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <parent>
@@ -31,7 +32,7 @@
 
     <dependencies>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-audit-core</artifactId>
         </dependency>
         <dependency>

openam-authentication/openam-auth-amster/src/main/java/org/forgerock/openam/authentication/modules/amster/AmsterAuthLoginModule.java

@@ -12,6 +12,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2016 ForgeRock AS.
+ * Portions copyright 2022 Wren Security
  */
 
 package org.forgerock.openam.authentication.modules.amster;
@@ -23,7 +24,7 @@
 import javax.security.auth.callback.Callback;
 import javax.security.auth.login.LoginException;
 
-import org.forgerock.guava.common.annotations.VisibleForTesting;
+import org.wrensecurity.guava.common.annotations.VisibleForTesting;
 import org.forgerock.openam.authentication.modules.common.AuthLoginModule;
 import org.forgerock.openam.core.CoreWrapper;
 

openam-authentication/openam-auth-common/pom.xml

@@ -13,6 +13,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2013-2016 ForgeRock AS.
+ * Portions copyright 2022 Wren Security
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
@@ -32,7 +33,7 @@
 
     <dependencies>
         <dependency>
-            <groupId>org.forgerock.commons</groupId>
+            <groupId>org.wrensecurity.commons</groupId>
             <artifactId>forgerock-jaspi-runtime</artifactId>
         </dependency>
         <dependency>
@@ -50,7 +51,7 @@
         </dependency>
         <dependency>
             <groupId>org.mockito</groupId>
-            <artifactId>mockito-all</artifactId>
+            <artifactId>mockito-core</artifactId>
         </dependency>
     </dependencies>
 

openam-authentication/openam-auth-common/src/test/java/org/forgerock/openam/authentication/modules/common/JaspiAuthLoginModulePAPTest.java

@@ -12,32 +12,33 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2013-2016 ForgeRock AS.
+ * Portions Copyright 2021 Wren Security.
  */
 
 package org.forgerock.openam.authentication.modules.common;
 
-import static org.mockito.BDDMockito.doThrow;
-import static org.mockito.BDDMockito.*;
-import static org.mockito.Mockito.eq;
-import static org.mockito.Mockito.isNull;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.ArgumentMatchers.isNull;
+import static org.mockito.BDDMockito.given;
+import static org.mockito.Mockito.doThrow;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.verifyZeroInteractions;
-import static org.testng.AssertJUnit.*;
+import static org.testng.AssertJUnit.assertEquals;
+import static org.testng.AssertJUnit.assertTrue;
 
 import java.util.HashMap;
 import java.util.Map;
 
-import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.message.AuthException;
 import javax.security.auth.message.AuthStatus;
 import javax.security.auth.message.MessageInfo;
 import javax.security.auth.message.module.ServerAuthModule;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.mockito.Matchers;
 import org.testng.annotations.BeforeMethod;
 import org.testng.annotations.Test;
 
@@ -92,7 +93,7 @@ public void shouldCallOnLoginSuccessAndThrowAuthenticationExceptionWhenAuthExcep
         HttpServletResponse response = mock(HttpServletResponse.class);
         SSOToken ssoToken = mock(SSOToken.class);
 
-        doThrow(AuthException.class).when(jaspiAuthWrapper).initialize((CallbackHandler) isNull(), eq(config));
+        doThrow(AuthException.class).when(jaspiAuthWrapper).initialize(isNull(), eq(config));
 
         //When
         boolean exceptionCaught = false;
@@ -105,8 +106,8 @@ public void shouldCallOnLoginSuccessAndThrowAuthenticationExceptionWhenAuthExcep
         }
 
         //Then
-        verify(jaspiAuthWrapper).initialize(any(CallbackHandler.class), eq(config));
-        verify(jaspiAuthWrapper, never()).secureResponse(Matchers.<MessageInfo>anyObject());
+        verify(jaspiAuthWrapper).initialize(any(), eq(config));
+        verify(jaspiAuthWrapper, never()).secureResponse(any());
         assertTrue(exceptionCaught);
         assertEquals(exception.getErrorCode(), "authFailed");
     }
@@ -120,16 +121,16 @@ public void shouldCallOnLoginSuccessWhenSecureResponseReturnsSendSuccess() throw
         HttpServletResponse response = mock(HttpServletResponse.class);
         SSOToken ssoToken = mock(SSOToken.class);
 
-        given(jaspiAuthWrapper.secureResponse(Matchers.<MessageInfo>anyObject()))
+        given(jaspiAuthWrapper.secureResponse(any()))
                 .willReturn(AuthStatus.SEND_SUCCESS);
 
         //When
         jaspiPostAuthPlugin.onLoginSuccess(requestParamsMap, request, response, ssoToken);
 
         //Then
-        verify(jaspiAuthWrapper).initialize(any(CallbackHandler.class), eq(config));
+        verify(jaspiAuthWrapper).initialize(any(), eq(config));
         assertTrue(onLoginSuccessMethodCalled);
-        verify(jaspiAuthWrapper).secureResponse(Matchers.<MessageInfo>anyObject());
+        verify(jaspiAuthWrapper).secureResponse(any());
     }
 
     @Test
@@ -142,7 +143,7 @@ public void shouldCallOnLoginSuccessWhenSecureResponseReturnsSendFailure() throw
         HttpServletResponse response = mock(HttpServletResponse.class);
         SSOToken ssoToken = mock(SSOToken.class);
 
-        given(jaspiAuthWrapper.secureResponse(Matchers.<MessageInfo>anyObject()))
+        given(jaspiAuthWrapper.secureResponse(any()))
                 .willReturn(AuthStatus.SEND_FAILURE);
 
         //When
@@ -156,9 +157,9 @@ public void shouldCallOnLoginSuccessWhenSecureResponseReturnsSendFailure() throw
         }
 
         //Then
-        verify(jaspiAuthWrapper).initialize(any(CallbackHandler.class), eq(config));
+        verify(jaspiAuthWrapper).initialize(any(), eq(config));
         assertTrue(onLoginSuccessMethodCalled);
-        verify(jaspiAuthWrapper).secureResponse(Matchers.<MessageInfo>anyObject());
+        verify(jaspiAuthWrapper).secureResponse(any());
         assertTrue(exceptionCaught);
         assertEquals(exception.getErrorCode(), "authFailed");
     }
@@ -173,7 +174,7 @@ public void shouldCallOnLoginSuccessWhenSecureResponseReturnsSendContinue() thro
         HttpServletResponse response = mock(HttpServletResponse.class);
         SSOToken ssoToken = mock(SSOToken.class);
 
-        given(jaspiAuthWrapper.secureResponse(Matchers.<MessageInfo>anyObject()))
+        given(jaspiAuthWrapper.secureResponse(any()))
                 .willReturn(AuthStatus.SEND_CONTINUE);
 
         //When
@@ -187,9 +188,9 @@ public void shouldCallOnLoginSuccessWhenSecureResponseReturnsSendContinue() thro
         }
 
         //Then
-        verify(jaspiAuthWrapper).initialize(any(CallbackHandler.class), eq(config));
+        verify(jaspiAuthWrapper).initialize(any(), eq(config));
         assertTrue(onLoginSuccessMethodCalled);
-        verify(jaspiAuthWrapper).secureResponse(Matchers.<MessageInfo>anyObject());
+        verify(jaspiAuthWrapper).secureResponse(any());
         assertTrue(exceptionCaught);
         assertEquals(exception.getErrorCode(), "authFailed");
     }
@@ -203,7 +204,7 @@ public void shouldCallOnLoginSuccessWhenSecureResponseReturnsElse() throws Authe
         HttpServletResponse response = mock(HttpServletResponse.class);
         SSOToken ssoToken = mock(SSOToken.class);
 
-        given(jaspiAuthWrapper.secureResponse(Matchers.<MessageInfo>anyObject()))
+        given(jaspiAuthWrapper.secureResponse(any()))
                 .willReturn(AuthStatus.SUCCESS);
 
         //When
@@ -217,9 +218,9 @@ public void shouldCallOnLoginSuccessWhenSecureResponseReturnsElse() throws Authe
         }
 
         //Then
-        verify(jaspiAuthWrapper).initialize(any(CallbackHandler.class), eq(config));
+        verify(jaspiAuthWrapper).initialize(any(), eq(config));
         assertTrue(onLoginSuccessMethodCalled);
-        verify(jaspiAuthWrapper).secureResponse(Matchers.<MessageInfo>anyObject());
+        verify(jaspiAuthWrapper).secureResponse(any());
         assertTrue(exceptionCaught);
         assertEquals(exception.getErrorCode(), "authFailed");
     }

openam-authentication/openam-auth-common/src/test/java/org/forgerock/openam/authentication/modules/common/JaspiAuthLoginModuleTest.java

@@ -12,6 +12,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2013-2016 ForgeRock AS.
+ * Portions Copyright 2017-2021 Wren Security.
  */
 
 package org.forgerock.openam.authentication.modules.common;
@@ -77,6 +78,7 @@ protected boolean process(MessageInfo messageInfo, Subject clientSubject, Callba
         };
 
         AMLoginModuleBinder amLoginModuleBinder = mock(AMLoginModuleBinder.class);
+        when(amLoginModuleBinder.getCallbackHandler()).thenReturn(mock(CallbackHandler.class));
 
         jaspiAuthLoginModule.setAMLoginModule(amLoginModuleBinder);
 

openam-authentication/openam-auth-device-id/pom.xml

@@ -43,7 +43,7 @@
         </dependency>
         <dependency>
             <groupId>org.mockito</groupId>
-            <artifactId>mockito-all</artifactId>
+            <artifactId>mockito-core</artifactId>
         </dependency>
     </dependencies>
 </project>