70fedf96f1
Changes add rate limit on login and signup APIs add annotations to support rate limit on controllers which can be configured per API. refactor SecurityConfig implementation details uses bucket4j for rate limiting uses redis as a backend for distributed rate limiting fixes: https://github.com/appsmithorg/appsmith-ee/issues/234
469 lines
17 KiB
XML
469 lines
17 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
|
<modelVersion>4.0.0</modelVersion>
|
|
<parent>
|
|
<groupId>com.appsmith</groupId>
|
|
<artifactId>integrated</artifactId>
|
|
<version>1.0-SNAPSHOT</version>
|
|
</parent>
|
|
|
|
<artifactId>server</artifactId>
|
|
<version>1.0-SNAPSHOT</version>
|
|
<packaging>jar</packaging>
|
|
|
|
<name>server</name>
|
|
<description>This is the API server for the Appsmith project</description>
|
|
|
|
<properties>
|
|
<ff4j.version>2.0.0</ff4j.version>
|
|
<jmh.version>1.35</jmh.version>
|
|
<org.modelmapper.version>2.4.4</org.modelmapper.version>
|
|
</properties>
|
|
|
|
<dependencyManagement>
|
|
<dependencies>
|
|
<dependency>
|
|
<groupId>io.mongock</groupId>
|
|
<artifactId>mongock-bom</artifactId>
|
|
<version>5.1.7</version>
|
|
<type>pom</type>
|
|
<scope>import</scope>
|
|
</dependency>
|
|
</dependencies>
|
|
</dependencyManagement>
|
|
|
|
<dependencies>
|
|
|
|
<!--
|
|
Ideally this dependency should have been added in the pom.xml file of GraphQLPlugin module, but it is
|
|
causing 'java.lang.NoClassDefFoundError' error. Hence, adding it here after many attempts of fixing it the right
|
|
way. Somehow adding it here makes it work. GraphQLPlugin module's pom.xml file also has this dependency
|
|
defined with 'provided' scope
|
|
-->
|
|
<dependency>
|
|
<groupId>com.graphql-java</groupId>
|
|
<artifactId>graphql-java</artifactId>
|
|
<version>20.1</version>
|
|
<exclusions>
|
|
<exclusion>
|
|
<groupId>org.slf4j</groupId>
|
|
<artifactId>slf4j-api</artifactId>
|
|
</exclusion>
|
|
<exclusion>
|
|
<groupId>io.projectreactor</groupId>
|
|
<artifactId>reactor-core</artifactId>
|
|
</exclusion>
|
|
<exclusion>
|
|
<groupId>org.springframework</groupId>
|
|
<artifactId>spring-core</artifactId>
|
|
</exclusion>
|
|
<exclusion>
|
|
<groupId>org.springframework</groupId>
|
|
<artifactId>spring-web</artifactId>
|
|
</exclusion>
|
|
<exclusion>
|
|
<groupId>org.reactivestreams</groupId>
|
|
<artifactId>reactive-streams</artifactId>
|
|
</exclusion>
|
|
<exclusion>
|
|
<groupId>com.fasterxml.jackson.core</groupId>
|
|
<artifactId>*</artifactId>
|
|
</exclusion>
|
|
</exclusions>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-cache</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-security</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.security</groupId>
|
|
<artifactId>spring-security-oauth2-client</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.security</groupId>
|
|
<artifactId>spring-security-oauth2-jose</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.security</groupId>
|
|
<artifactId>spring-security-config</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-webflux</artifactId>
|
|
<version>${spring-boot.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>io.projectreactor</groupId>
|
|
<artifactId>reactor-core-micrometer</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-mail</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-mongodb-reactive</artifactId>
|
|
</dependency>
|
|
<!-- need the non-reactive mongodb library also to support mongock: https://www.mongock.io/reactive -->
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-mongodb</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>io.mongock</groupId>
|
|
<artifactId>mongock-springboot-v3</artifactId>
|
|
</dependency>
|
|
|
|
<dependency>
|
|
<groupId>io.mongock</groupId>
|
|
<artifactId>mongodb-springdata-v4-driver</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-redis-reactive</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.session</groupId>
|
|
<artifactId>spring-session-data-redis</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-aop</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>com.bucket4j</groupId>
|
|
<artifactId>bucket4j-redis</artifactId>
|
|
<version>8.3.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.hibernate.validator</groupId>
|
|
<artifactId>hibernate-validator</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.glassfish</groupId>
|
|
<artifactId>jakarta.el</artifactId>
|
|
<version>4.0.2</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.projectlombok</groupId>
|
|
<artifactId>lombok</artifactId>
|
|
<optional>true</optional>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>com.github.spullara.mustache.java</groupId>
|
|
<artifactId>compiler</artifactId>
|
|
<version>0.9.6</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>de.flapdoodle.embed</groupId>
|
|
<artifactId>de.flapdoodle.embed.mongo</artifactId>
|
|
<version>4.3.1</version>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>de.flapdoodle.embed</groupId>
|
|
<artifactId>de.flapdoodle.embed.mongo.spring30x</artifactId>
|
|
<version>4.3.2</version>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>commons-io</groupId>
|
|
<artifactId>commons-io</artifactId>
|
|
<version>2.7</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>commons-validator</groupId>
|
|
<artifactId>commons-validator</artifactId>
|
|
<version>1.7</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-actuator</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>io.micrometer</groupId>
|
|
<artifactId>micrometer-registry-prometheus</artifactId>
|
|
</dependency>
|
|
<!-- https://mvnrepository.com/artifact/io.micrometer/micrometer-tracing-bridge-brave -->
|
|
<dependency>
|
|
<groupId>io.micrometer</groupId>
|
|
<artifactId>micrometer-tracing-bridge-brave</artifactId>
|
|
<version>1.0.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>io.zipkin.reporter2</groupId>
|
|
<artifactId>zipkin-reporter-brave</artifactId>
|
|
</dependency>
|
|
<!-- Commented oout Loki dependency for now, since we haven't fixed associating logs to traces-->
|
|
<!-- <dependency>-->
|
|
<!-- <groupId>com.github.loki4j</groupId>-->
|
|
<!-- <artifactId>loki-logback-appender</artifactId>-->
|
|
<!-- <version>1.3.2</version>-->
|
|
<!-- </dependency>-->
|
|
<!-- Actual Junit5 implementation. Will transitively include junit-jupiter-api -->
|
|
<dependency>
|
|
<groupId>org.junit.jupiter</groupId>
|
|
<artifactId>junit-jupiter-engine</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.awaitility</groupId>
|
|
<artifactId>awaitility</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
|
|
<!-- Needed for establishing pooled connections to ElastiCache Redis with cluster mode enabled. -->
|
|
<dependency>
|
|
<groupId>org.apache.commons</groupId>
|
|
<artifactId>commons-pool2</artifactId>
|
|
<version>2.11.1</version>
|
|
<scope>runtime</scope>
|
|
</dependency>
|
|
|
|
<dependency>
|
|
<groupId>org.junit.platform</groupId>
|
|
<artifactId>junit-platform-suite-engine</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
|
|
<!-- For junit5 parameterised test support -->
|
|
<dependency>
|
|
<groupId>org.junit.jupiter</groupId>
|
|
<artifactId>junit-jupiter-params</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
|
|
<dependency>
|
|
<groupId>org.bouncycastle</groupId>
|
|
<artifactId>bcprov-jdk18on</artifactId>
|
|
<version>1.74</version>
|
|
</dependency>
|
|
<!-- Only required to run junit5 test from IDE -->
|
|
<dependency>
|
|
<groupId>org.junit.platform</groupId>
|
|
<artifactId>junit-platform-launcher</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
|
|
<!-- Plugin dependencies -->
|
|
<!-- This has to be declared BEFORE the com.appsmith:interfaces dependency. -->
|
|
<dependency>
|
|
<groupId>org.pf4j</groupId>
|
|
<artifactId>pf4j-spring</artifactId>
|
|
<version>0.8.0</version>
|
|
</dependency>
|
|
|
|
<dependency>
|
|
<groupId>com.appsmith</groupId>
|
|
<artifactId>appsmith-git</artifactId>
|
|
<version>1.0-SNAPSHOT</version>
|
|
</dependency>
|
|
|
|
<!-- Appsmith dependencies -->
|
|
<dependency>
|
|
<groupId>com.appsmith</groupId>
|
|
<artifactId>interfaces</artifactId>
|
|
<version>1.0-SNAPSHOT</version>
|
|
</dependency>
|
|
|
|
<dependency>
|
|
<groupId>com.querydsl</groupId>
|
|
<artifactId>querydsl-mongodb</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>com.querydsl</groupId>
|
|
<artifactId>querydsl-apt</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>com.querydsl</groupId>
|
|
<artifactId>querydsl-jpa</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.modelmapper</groupId>
|
|
<artifactId>modelmapper</artifactId>
|
|
<version>${org.modelmapper.version}</version>
|
|
</dependency>
|
|
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-test</artifactId>
|
|
<scope>test</scope>
|
|
<exclusions>
|
|
<!-- Exclude JUnit 4 -->
|
|
<exclusion>
|
|
<groupId>junit</groupId>
|
|
<artifactId>junit</artifactId>
|
|
</exclusion>
|
|
</exclusions>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.security</groupId>
|
|
<artifactId>spring-security-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>io.projectreactor</groupId>
|
|
<artifactId>reactor-test</artifactId>
|
|
<version>${reactor-test.version}</version>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>com.segment.analytics.java</groupId>
|
|
<artifactId>analytics</artifactId>
|
|
<version>3.3.1</version>
|
|
<exclusions>
|
|
<exclusion>
|
|
<groupId>com.squareup.okhttp3</groupId>
|
|
<artifactId>okhttp</artifactId>
|
|
</exclusion>
|
|
</exclusions>
|
|
</dependency>
|
|
<!-- https://mvnrepository.com/artifact/com.squareup.okio/okio-jvm -->
|
|
<dependency>
|
|
<groupId>com.squareup.okhttp3</groupId>
|
|
<artifactId>okhttp</artifactId>
|
|
<scope>provided</scope>
|
|
</dependency>
|
|
|
|
<dependency>
|
|
<groupId>io.sentry</groupId>
|
|
<artifactId>sentry-spring-boot-starter-jakarta</artifactId>
|
|
<version>6.23.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.mockito</groupId>
|
|
<artifactId>mockito-inline</artifactId>
|
|
<version>${mockito.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.mockito</groupId>
|
|
<artifactId>mockito-core</artifactId>
|
|
<version>${mockito.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.jgrapht</groupId>
|
|
<artifactId>jgrapht-core</artifactId>
|
|
<version>1.5.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.httpcomponents</groupId>
|
|
<artifactId>httpclient</artifactId>
|
|
</dependency>
|
|
|
|
<dependency>
|
|
<groupId>org.apache.commons</groupId>
|
|
<artifactId>commons-text</artifactId>
|
|
<version>1.10.0</version>
|
|
</dependency>
|
|
|
|
<!-- Dependencies for feature flagging -->
|
|
<dependency>
|
|
<groupId>org.ff4j</groupId>
|
|
<artifactId>ff4j-core</artifactId>
|
|
<version>${ff4j.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>com.appsmith</groupId>
|
|
<artifactId>reactiveCaching</artifactId>
|
|
<version>1.0-SNAPSHOT</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.openjdk.jmh</groupId>
|
|
<artifactId>jmh-core</artifactId>
|
|
<version>${jmh.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.openjdk.jmh</groupId>
|
|
<artifactId>jmh-generator-annprocess</artifactId>
|
|
<version>${jmh.version}</version>
|
|
<scope>provided</scope>
|
|
</dependency>
|
|
<!-- https://mvnrepository.com/artifact/com.squareup.okhttp3/mockwebserver3 -->
|
|
<dependency>
|
|
<groupId>com.squareup.okhttp3</groupId>
|
|
<artifactId>mockwebserver3</artifactId>
|
|
<version>${mockwebserver.version}</version>
|
|
<scope>test</scope>
|
|
<exclusions>
|
|
<exclusion>
|
|
<groupId>com.squareup.okhttp3</groupId>
|
|
<artifactId>okhttp</artifactId>
|
|
</exclusion>
|
|
</exclusions>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.testcontainers</groupId>
|
|
<artifactId>junit-jupiter</artifactId>
|
|
<version>${testcontainers.version}</version>
|
|
<scope>test</scope>
|
|
<exclusions>
|
|
<exclusion>
|
|
<groupId>junit</groupId>
|
|
<artifactId>junit</artifactId>
|
|
</exclusion>
|
|
</exclusions>
|
|
</dependency>
|
|
<!-- We need this dependency only to ensure TestContainers work with JUnit5 -->
|
|
<dependency>
|
|
<groupId>io.quarkus</groupId>
|
|
<artifactId>quarkus-junit4-mock</artifactId>
|
|
<version>2.14.2.Final</version>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
</dependencies>
|
|
|
|
<repositories>
|
|
<repository>
|
|
<snapshots>
|
|
<enabled>false</enabled>
|
|
</snapshots>
|
|
<id>spring-milestones</id>
|
|
<name>Spring Milestones</name>
|
|
<url>https://repo.spring.io/milestone</url>
|
|
</repository>
|
|
<repository>
|
|
<snapshots>
|
|
<enabled>false</enabled>
|
|
</snapshots>
|
|
<id>jboss-maven2-release-repository</id>
|
|
<name>JBoss Spring Repository</name>
|
|
<url>https://repository.jboss.org/nexus/content/repositories/public/</url>
|
|
</repository>
|
|
</repositories>
|
|
|
|
<build>
|
|
<plugins>
|
|
<plugin>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-maven-plugin</artifactId>
|
|
</plugin>
|
|
|
|
<plugin>
|
|
<groupId>com.mysema.maven</groupId>
|
|
<artifactId>apt-maven-plugin</artifactId>
|
|
<version>1.1.3</version>
|
|
<executions>
|
|
<execution>
|
|
<goals>
|
|
<goal>process</goal>
|
|
</goals>
|
|
<configuration>
|
|
<outputDirectory>target/generated-sources/java</outputDirectory>
|
|
<processor>org.springframework.data.mongodb.repository.support.MongoAnnotationProcessor</processor>
|
|
<options>
|
|
<querydsl.listAccessors>true</querydsl.listAccessors>
|
|
</options>
|
|
</configuration>
|
|
</execution>
|
|
</executions>
|
|
</plugin>
|
|
</plugins>
|
|
</build>
|
|
|
|
</project>
|