fix: switch to GSON per security team advice (#586)

* switch to GSON per security team advice

* fix samples

* format

* update Javadoc

* bom version

* google-oauth-client not in BOM

Author: elharo

google-oauth-client-appengine/src/main/java/com/google/api/client/extensions/appengine/auth/AbstractAppEngineCallbackServlet.java

@@ -48,10 +48,6 @@
  * {@link
  * com.google.api.client.extensions.appengine.auth.oauth2.AbstractAppEngineAuthorizationCodeCallbackServlet}.
  *
- * <p>Upgrade warning: in version 1.15 there was an implementation of {@link
- * #newJsonFactoryInstance()} that used {@code com.google.api.client.json.jackson.JacksonFactory},
- * but starting with version 1.16 there is no such implementation.
- *
  * @author moshenko@google.com (Jacob Moshenko)
  * @since 1.4
  */

google-oauth-client-appengine/src/main/java/com/google/api/client/extensions/appengine/auth/AbstractAppEngineFlowServlet.java

@@ -29,10 +29,6 @@
  * {@link
  * com.google.api.client.extensions.appengine.auth.oauth2.AbstractAppEngineAuthorizationCodeServlet}.
  *
- * <p>Upgrade warning: in version 1.15 there was an implementation of {@link
- * #newJsonFactoryInstance()} that used {@code com.google.api.client.json.jackson.JacksonFactory},
- * but starting with version 1.16 there is no such implementation.
- *
  * @author moshenko@google.com (Jacob Moshenko)
  * @since 1.4
  */

google-oauth-client-appengine/src/main/java/com/google/api/client/extensions/appengine/auth/oauth2/AbstractAppEngineAuthorizationCodeCallbackServlet.java

@@ -70,7 +70,7 @@
  * protected AuthorizationCodeFlow initializeFlow() throws IOException {
  * return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
  * new UrlFetchTransport(),
- * new JacksonFactory(),
+ * new GsonFactory(),
  * new GenericUrl("https://server.example.com/token"),
  * new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"),
  * "s6BhdRkqt3",

google-oauth-client-appengine/src/main/java/com/google/api/client/extensions/appengine/auth/oauth2/AbstractAppEngineAuthorizationCodeServlet.java

@@ -63,7 +63,7 @@
  * protected AuthorizationCodeFlow initializeFlow() throws IOException {
  * return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
  * new UrlFetchTransport(),
- * new JacksonFactory(),
+ * new GsonFactory(),
  * new GenericUrl("https://server.example.com/token"),
  * new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"),
  * "s6BhdRkqt3",

google-oauth-client-java6/pom.xml

@@ -92,7 +92,7 @@
     </dependency>
     <dependency>
       <groupId>com.google.http-client</groupId>
-      <artifactId>google-http-client-jackson2</artifactId>
+      <artifactId>google-http-client-gson</artifactId>
       <scope>test</scope>
     </dependency>
     <dependency>

google-oauth-client-java6/src/test/java/com/google/api/client/extensions/java6/auth/oauth2/FileCredentialStoreTest.java

@@ -25,7 +25,7 @@
 import com.google.api.client.http.LowLevelHttpResponse;
 import com.google.api.client.json.JsonFactory;
 import com.google.api.client.json.JsonGenerator;
-import com.google.api.client.json.jackson2.JacksonFactory;
+import com.google.api.client.json.gson.GsonFactory;
 import com.google.api.client.testing.http.MockHttpTransport;
 import com.google.api.client.testing.http.MockLowLevelHttpRequest;
 import com.google.api.client.testing.http.MockLowLevelHttpResponse;
@@ -48,7 +48,7 @@
 @Deprecated
 public class FileCredentialStoreTest extends TestCase {
 
-  static final JsonFactory JSON_FACTORY = new JacksonFactory();
+  static final JsonFactory JSON_FACTORY = new GsonFactory();
   private static final String ACCESS_TOKEN = "abc";
   static final String NEW_ACCESS_TOKEN = "def";
   private static final GenericUrl TOKEN_SERVER_URL = new GenericUrl("http://example.com/token");

google-oauth-client-servlet/src/main/java/com/google/api/client/extensions/servlet/auth/AbstractCallbackServlet.java

@@ -137,7 +137,7 @@ protected final HttpTransport getHttpTransport() {
    * json factory and should be as simple as:
    *
    * <pre>
-   * new JacksonFactory();
+   * new GsonFactory();
    * </pre>
    *
    * @return {@link JsonFactory} instance for your particular environment

google-oauth-client-servlet/src/main/java/com/google/api/client/extensions/servlet/auth/AbstractFlowUserServlet.java

@@ -168,7 +168,7 @@ protected final HttpTransport getHttpTransport() {
    * json factory and should be as simple as:
    *
    * <pre>
-   * new JacksonFactory();
+   * new GsonFactory();
    * </pre>
    *
    * @return {@link JsonFactory} instance for your particular environment

google-oauth-client-servlet/src/main/java/com/google/api/client/extensions/servlet/auth/oauth2/AbstractAuthorizationCodeCallbackServlet.java

@@ -67,7 +67,7 @@
  * protected AuthorizationCodeFlow initializeFlow() throws IOException {
  * return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
  * new NetHttpTransport(),
- * new JacksonFactory(),
+ * new GsonFactory(),
  * new GenericUrl("https://server.example.com/token"),
  * new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"),
  * "s6BhdRkqt3",

google-oauth-client-servlet/src/main/java/com/google/api/client/extensions/servlet/auth/oauth2/AbstractAuthorizationCodeServlet.java

@@ -69,7 +69,7 @@
  * protected AuthorizationCodeFlow initializeFlow() throws IOException {
  * return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
  * new NetHttpTransport(),
- * new JacksonFactory(),
+ * new GsonFactory(),
  * new GenericUrl("https://server.example.com/token"),
  * new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"),
  * "s6BhdRkqt3",