Fix #1039

Make client certificate mapper support Jakarta EE; using a single library that can support SB2, SB3, JEE and JakartaEE apps

Author: anthonydahanne

config/client_certificate_mapper.yml

@@ -15,8 +15,8 @@
 
 # Container security provider configuration
 ---
-version: 1.+
+version: 2.+
 version_lines:
+  - 1.+
   - 2.+
-repository_root: "https://anthonydahanne.github.io/java-buildpack-client-certificate-mapper"
-javax_forced: false
+repository_root: "{default.repository.root}/client-certificate-mapper"

docs/framework-client_certificate_mapper.md

@@ -1,11 +1,8 @@
 # Client Certificate Mapper
 The Client Certificate Mapper Framework adds a Servlet Filter to applications that will that maps the `X-Forwarded-Client-Cert` to the `javax|jakarta.servlet.request.X509Certificate` Servlet attribute.
 
-The Client Certificate Mapper Framework will download a helper library, [java-buildpack-client-certificate-mapper][library repository], that will enrich Spring Boot applications classpath.
+The Client Certificate Mapper Framework will download a helper library, [java-buildpack-client-certificate-mapper][library repository], that will enrich Spring Boot (2 and 3), as well as JEE / JakartaEE applications classpath with a servlet filter.
 
-If the app you're deploying is using Spring Boot 2 or earlier, the latest 1.x version (`javax` support) from [the listing][this listing] will be downloaded.
-
-If the app you're deploying is using Spring Boot 3, the latest 2.x version (`jakarta` support) from [the listing][this listing] will be downloaded.
 <table>
   <tr>
     <td><strong>Detection Criterion</strong></td>
@@ -27,7 +24,6 @@ The framework can be configured by modifying the [`config/client_certificate_map
 |-------------------| -----------
 | `repository_root` | The URL of the Container Customizer repository index ([details][repositories]).
 | `version`         | The version of Container Customizer to use. Candidate versions can be found in [this listing][].
-| `javax_forced`    | You can force the download of the v1.x version of the [library][library repository] which is based on `javax` naming.
 
 ## Servlet Filter
 The [Servlet Filter][] added by this framework maps the `X-Forwarded-Client-Cert` to the `javax.servlet.request.X509Certificate` Servlet attribute for each request.  The `X-Forwarded-Client-Cert` header is contributed by the Cloud Foundry Router and contains the any TLS certificate presented by a client for mututal TLS authentication.  This certificate can then be used by any standard Java security framework to establish authentication and authorization for a request.

lib/java_buildpack/framework/client_certificate_mapper.rb

@@ -17,28 +17,15 @@
 
 require 'java_buildpack/component/versioned_dependency_component'
 require 'java_buildpack/framework'
-require 'java_buildpack/util/spring_boot_utils'
 
 module JavaBuildpack
   module Framework
 
     # Encapsulates the functionality for contributing an mTLS client certificate mapper to the application.
     class ClientCertificateMapper < JavaBuildpack::Component::VersionedDependencyComponent
-      include JavaBuildpack::Util
-
-      def initialize(context)
-        @spring_boot_utils = JavaBuildpack::Util::SpringBootUtils.new
-        @configuration = context[:configuration]
-        super(context)
-      end
 
       # (see JavaBuildpack::Component::BaseComponent#compile)
       def compile
-        if spring_boot_3? && !@configuration['javax_forced']
-          spring_boot_3_configuration = @configuration
-          spring_boot_3_configuration['version'] = '2.+'
-          @version, @uri = JavaBuildpack::Repository::ConfiguredItem.find_item(@component_name, spring_boot_3_configuration)
-        end
         download_jar
         @droplet.additional_libraries << (@droplet.sandbox + jar_name)
       end
@@ -55,14 +42,6 @@ def supports?
         true
       end
 
-      private
-
-      def spring_boot_3?
-        # print '@application.details: ' + @application.details.to_s
-        @spring_boot_utils.is?(@application) && Gem::Version.new((@spring_boot_utils.version @application)).release >=
-          Gem::Version.new('3.0.0')
-      end
-
     end
 
   end

spec/java_buildpack/framework/client_certificate_mapper_spec.rb

@@ -33,36 +33,6 @@
 
     expect(sandbox + "client_certificate_mapper-#{version}.jar").to exist
     expect(additional_libraries).to include(sandbox + "client_certificate_mapper-#{version}.jar")
-    # version was not patched by the compile step
-    expect(configuration).to eq({})
-  end
-
-
-  it 'configures client certificate mapper to download version 2.+ during compile of spring boot 3 app',
-     app_fixture: 'framework_java_cf_boot_3',
-     cache_fixture: 'stub-client-certificate-mapper.jar' do
-
-    component.compile
-
-    expect(sandbox + "client_certificate_mapper-#{version}.jar").to exist
-    expect(additional_libraries).to include(sandbox + "client_certificate_mapper-#{version}.jar")
-    # version of the dep. was forced to 2.+ by the compile step, because Spring Boot 3 was found
-    expect(configuration).to eq({ 'version' => '2.+' })
-  end
-
-  context 'user forced javax to be used' do
-    let(:configuration) { { 'javax_forced' => true } }
-    it 'configures client certificate mapper to download version 1 during compile of spring boot 3 app ',
-       app_fixture: 'framework_java_cf_boot_3',
-       cache_fixture: 'stub-client-certificate-mapper.jar' do
-
-      component.compile
-
-      expect(sandbox + "client_certificate_mapper-#{version}.jar").to exist
-      expect(additional_libraries).to include(sandbox + "client_certificate_mapper-#{version}.jar")
-      # user prevented version 2.+, forcing javax
-      expect(configuration).to eq({ 'javax_forced' => true })
-    end
   end
 
   it 'adds the jar to the additional libraries during release',