Merge pull request #48 from jenkinsci/updates/waffle-jna-jakarta-3.4.0

Update waffle-jna-jakarta to 3.4.0

Author: FarmGeek4Life

pom.xml

@@ -32,7 +32,7 @@
     <!-- TODO JENKINS-73339 until in parent POM -->
     <jenkins-test-harness.version>2254.vcff7a_d4969e5</jenkins-test-harness.version>
     <maven.compiler.release>17</maven.compiler.release>
-    <waffle.version>2.3.0</waffle.version>
+    <waffle.version>3.4.0</waffle.version>
     <jna.version>5.14.0</jna.version><!-- Specified here because jna-platform does need to be the same version as jna -->
   </properties>
 
@@ -54,6 +54,12 @@
       <artifactId>waffle-jna-jakarta</artifactId>
       <version>${waffle.version}</version>
     </dependency>
+    <!-- waffle-jna-jakarta 3.4.0 caffeine dependency has a newer dependency on error_prone_annotations than plugin pom 4.87 / jenkins 2.475 -->
+    <dependency>
+      <groupId>com.google.errorprone</groupId>
+      <artifactId>error_prone_annotations</artifactId>
+      <version>2.21.1</version>
+    </dependency>
     <!-- TODO JENKINS-73339 until in parent POM, work around https://github.com/jenkinsci/plugin-pom/issues/936 -->
     <dependency>
       <groupId>jakarta.servlet</groupId>

src/main/java/com/github/farmgeek4life/jenkins/negotiatesso/NegSecFilter.java

@@ -20,13 +20,13 @@
  *  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  *  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  *  THE SOFTWARE.
- * 
- *  This class extends a Waffle class. See https://github.com/dblock/waffle for 
- *  appropriate licenses for Waffle, which are not included here (as I do not 
+ *
+ *  This class extends a Waffle class. See https://github.com/dblock/waffle for
+ *  appropriate licenses for Waffle, which are not included here (as I do not
  *  include any source code from Waffle).
- * 
- *  Portions of this code are based on the KerberosSSO plugin, also licensed 
- *  under the MIT License. See https://github.com/jenkinsci/kerberos-sso-plugin 
+ *
+ *  Portions of this code are based on the KerberosSSO plugin, also licensed
+ *  under the MIT License. See https://github.com/jenkinsci/kerberos-sso-plugin
  *  for license details.
  */
 
@@ -83,7 +83,7 @@ public void doFilter(final ServletRequest request, final ServletResponse respons
             chain.doFilter(request, response);
             return;
         }
-        
+
         HttpServletRequest httpRequest = (HttpServletRequest)request;
         String requestUri = httpRequest.getRequestURI();
         // After Jenkins 1.590:
@@ -93,14 +93,14 @@ public void doFilter(final ServletRequest request, final ServletResponse respons
             chain.doFilter(request, response);
             return;
         }
-        
+
         if (this.allowLocalhost && httpRequest.getLocalAddr().equals(httpRequest.getRemoteAddr())) {
             // User is localhost, and we want to skip authenticating localhost
             LOGGER.log(Level.FINEST, "Bypassing authentication for localhost to {0}", requestUri);
             chain.doFilter(request, response);
             return;
         }
-        
+
         if (this.redirectEnabled && !httpRequest.getLocalAddr().equals(httpRequest.getRemoteAddr())) {
             // If local and remote addresses are identical, user is localhost and shouldn't be redirected
             try {
@@ -121,7 +121,7 @@ public void doFilter(final ServletRequest request, final ServletResponse respons
                 return;
             }
         }
-        
+
         // A user is "always" authenticated by Jenkins as anonymous when not authenticated in any other way.
         if (SecurityContextHolder.getContext().getAuthentication() == null
                 || !SecurityContextHolder.getContext().getAuthentication().isAuthenticated()
@@ -135,10 +135,10 @@ public void doFilter(final ServletRequest request, final ServletResponse respons
             LOGGER.log(Level.FINEST, "Bypassing filter - already authenticated: " + requestUri);
             chain.doFilter(request, response); // just continue down the filter chain
         }
-        
+
         //super.doFilter(request, response, chain); // This will also call the filter chaining
     }
-    
+
     /**
      * Remove the hostname and the query string from a requested URI
      * @param requestURI the requested URI
@@ -150,10 +150,10 @@ static String cleanRequest(String requestURI) {
         // if the request URI has a query string, delete it.
         return requestURI.replaceAll("^https?://[^/]+/", "/").replaceAll("\\?.*$", "");
     }
-    
+
     /**
      * Check a request URI to see if authentication should be attempted
-     * 
+     *
      * If a path is unprotected or always readable, don't attempt to authenticate.
      * Attempting to authenticate causes problems with things like the cli and notifyCommit URIs
      * @param jenkins jenkins instance; accessible for testing purposes (for getUnprotectedRootActions())
@@ -169,7 +169,7 @@ static boolean shouldAttemptAuthentication(Jenkins jenkins, ServletRequest reque
         // but we only care about the exceptions to the permissions check.
         // Trying to use jenkins.getTarget() always seemed to test against anonymous or everyone permissions,
         // so the user was never automatically authenticated.
-        
+
         // Code copied from Jenkins.getTarget(); need the rest, but not the permission check.
         String rest = cleanRequest(requestURI); //Stapler.getCurrentRequest().getRestOfPath() in Jenkins.getTarget()
 
@@ -198,14 +198,14 @@ static boolean shouldAttemptAuthentication(Jenkins jenkins, ServletRequest reque
     private static boolean isAgentJnlpPath(String restOfPath, String prefix) {
         return restOfPath.matches("(/manage)?/computer/[^/]+/" + prefix + "-agent[.]jnlp");
     }
-    
+
     private static boolean containsBypassHeader(ServletRequest request) {
         if (!(request instanceof HttpServletRequest)) {
             return false;
         }
         return ((HttpServletRequest)request).getHeader(BYPASS_HEADER) != null;
     }
-    
+
     /**
      * @param doEnable if redirect should be enabled
      * @param redirectTo the site to redirect to
@@ -214,7 +214,7 @@ public void setRedirect(boolean doEnable, String redirectTo) {
         this.redirectEnabled = doEnable;
         this.redirect = redirectTo;
     }
-    
+
     /**
      * @param allow if localhost should bypass the SSO authentication
      */

src/main/java/com/github/farmgeek4life/jenkins/negotiatesso/NegSecUserSeedFilter.java

@@ -20,9 +20,9 @@
  *  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  *  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  *  THE SOFTWARE.
- * 
- *  Portions of this code are based on the KerberosSSO plugin, also licensed 
- *  under the MIT License. See https://github.com/jenkinsci/kerberos-sso-plugin 
+ *
+ *  Portions of this code are based on the KerberosSSO plugin, also licensed
+ *  under the MIT License. See https://github.com/jenkinsci/kerberos-sso-plugin
  *  for license details.
  */
 
@@ -68,10 +68,10 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
             WindowsPrincipal principal = (WindowsPrincipal) nrw.getUserPrincipal();
             authenticateJenkins(principal, (HttpServletRequest) request);
         }
-        
+
         chain.doFilter(request, response);
     }
-    
+
     /**
      * Perform the authentication methods for Jenkins
      */
@@ -91,10 +91,10 @@ private void authenticateJenkins(WindowsPrincipal principal, HttpServletRequest
                         userDetails.getPassword(),
                         userDetails.getAuthorities());
         ACL.as2(authToken);
-        populateUserSeed(httpRequest, userDetails.getUsername());              
+        populateUserSeed(httpRequest, userDetails.getUsername());
         SecurityListener.fireLoggedIn(userDetails.getUsername());
     }
-    
+
     /**
      * This request is in a filter before the Stapler for pre-authentication for that reason we need to keep the code
      * that applies the same logic as UserSeedSecurityListener.
@@ -119,5 +119,5 @@ private void populateUserSeed(HttpServletRequest httpRequest, String username) {
     public void destroy() {
         // Nothing to do.
     }
-    
+
 }