From 2b9a3924d3aa58db0abcdc8da36527fcf4978d22 Mon Sep 17 00:00:00 2001 From: Dario Ghunney Ware Date: Tue, 27 May 2025 19:55:15 +0100 Subject: [PATCH] added proprietary module to base packages for scanning clean up --- Dockerfile.fat | 2 + LICENSE | 2 +- build.gradle | 30 +++------ common/build.gradle | 26 ++++---- proprietary/LICENSE-proprietary | 66 +++++++++++++------ .../configuration/DatabaseConfig.java | 40 +++++------ .../configuration/SecurityConfiguration.java | 6 +- .../software/SPDF/SPDFApplication.java | 6 +- src/main/resources/settings.yml.template | 1 - 9 files changed, 101 insertions(+), 78 deletions(-) diff --git a/Dockerfile.fat b/Dockerfile.fat index 9029fc8eb..f442e60c8 100644 --- a/Dockerfile.fat +++ b/Dockerfile.fat @@ -5,6 +5,8 @@ COPY build.gradle . COPY settings.gradle . COPY gradlew . COPY gradle gradle/ +COPY common/build.gradle common/. +COPY proprietary/build.gradle proprietary/. RUN ./gradlew build -x spotlessApply -x spotlessCheck -x test -x sonarqube || return 0 # Set the working directory diff --git a/LICENSE b/LICENSE index 0cd290e88..877663171 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2024 Stirling Tools +Copyright (c) 2025 Stirling PDF Inc. Portions of this software are licensed as follows: diff --git a/build.gradle b/build.gradle index cf5a3b728..c6a2e74be 100644 --- a/build.gradle +++ b/build.gradle @@ -270,8 +270,6 @@ tasks.register('jpackageMacX64') { } } -//jpackage.finalizedBy(jpackageMacX64) - tasks.register('downloadTempJre') { group = 'distribution' description = 'Downloads and extracts a temporary JRE' @@ -421,20 +419,16 @@ dependencies { implementation("io.github.pixee:java-security-toolkit:1.2.1") // Exclude Tomcat and include Jetty - implementation("org.springframework.boot:spring-boot-starter-web:$springBootVersion") +// implementation("org.springframework.boot:spring-boot-starter-web:$springBootVersion") implementation "org.springframework.boot:spring-boot-starter-jetty:$springBootVersion" - - implementation "org.springframework.boot:spring-boot-starter-thymeleaf:$springBootVersion" +// implementation "org.springframework.boot:spring-boot-starter-thymeleaf:$springBootVersion" implementation 'com.posthog.java:posthog:1.2.0' implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1' - + implementation 'org.snakeyaml:snakeyaml-engine:2.9' if (System.getenv("DOCKER_ENABLE_SECURITY") != "false") { implementation project(':proprietary') } - implementation 'org.snakeyaml:snakeyaml-engine:2.9' - - testImplementation "org.springframework.boot:spring-boot-starter-test:$springBootVersion" // Batik implementation "org.apache.xmlgraphics:batik-all:1.19" @@ -442,10 +436,12 @@ dependencies { // TwelveMonkeys runtimeOnly "com.twelvemonkeys.imageio:imageio-batik:$imageioVersion" runtimeOnly "com.twelvemonkeys.imageio:imageio-bmp:$imageioVersion" + runtimeOnly "com.twelvemonkeys.imageio:imageio-jpeg:$imageioVersion" + runtimeOnly "com.twelvemonkeys.imageio:imageio-tiff:$imageioVersion" + runtimeOnly "com.twelvemonkeys.imageio:imageio-webp:$imageioVersion" // runtimeOnly "com.twelvemonkeys.imageio:imageio-hdr:$imageioVersion" // runtimeOnly "com.twelvemonkeys.imageio:imageio-icns:$imageioVersion" // runtimeOnly "com.twelvemonkeys.imageio:imageio-iff:$imageioVersion" - runtimeOnly "com.twelvemonkeys.imageio:imageio-jpeg:$imageioVersion" // runtimeOnly "com.twelvemonkeys.imageio:imageio-pcx:$imageioVersion@ // runtimeOnly "com.twelvemonkeys.imageio:imageio-pict:$imageioVersion" // runtimeOnly "com.twelvemonkeys.imageio:imageio-pnm:$imageioVersion" @@ -453,24 +449,18 @@ dependencies { // runtimeOnly "com.twelvemonkeys.imageio:imageio-sgi:$imageioVersion" // runtimeOnly "com.twelvemonkeys.imageio:imageio-tga:$imageioVersion" // runtimeOnly "com.twelvemonkeys.imageio:imageio-thumbsdb:$imageioVersion" - runtimeOnly "com.twelvemonkeys.imageio:imageio-tiff:$imageioVersion" - runtimeOnly "com.twelvemonkeys.imageio:imageio-webp:$imageioVersion" // runtimeOnly "com.twelvemonkeys.imageio:imageio-xwd:$imageioVersion" // Image metadata extractor implementation "com.drewnoakes:metadata-extractor:2.19.0" - implementation "commons-io:commons-io:2.19.0" - implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8" - //general PDF +// implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8" + // General PDF // https://mvnrepository.com/artifact/com.opencsv/opencsv implementation ("com.opencsv:opencsv:5.11") - - implementation ("org.apache.pdfbox:pdfbox:$pdfboxVersion") +// implementation ("org.apache.pdfbox:pdfbox:$pdfboxVersion") implementation "org.apache.pdfbox:preflight:$pdfboxVersion" - - implementation ("org.apache.pdfbox:xmpbox:$pdfboxVersion") // https://mvnrepository.com/artifact/technology.tabula/tabula @@ -494,7 +484,6 @@ dependencies { // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17 implementation "com.bucket4j:bucket4j_jdk17-core:8.14.0" implementation "com.fathzer:javaluator:3.0.6" - implementation 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8' developmentOnly("org.springframework.boot:spring-boot-devtools:$springBootVersion") @@ -504,6 +493,7 @@ dependencies { // Mockito (core) testImplementation 'org.mockito:mockito-core:5.18.0' testRuntimeOnly 'org.mockito:mockito-inline:5.2.0' + testImplementation "org.springframework.boot:spring-boot-starter-test:$springBootVersion" } tasks.withType(JavaCompile).configureEach { diff --git a/common/build.gradle b/common/build.gradle index 9b4c93e0d..b4c51c2f8 100644 --- a/common/build.gradle +++ b/common/build.gradle @@ -30,19 +30,19 @@ dependencyManagement { } dependencies { - implementation 'org.springframework.boot:spring-boot-starter-web' - implementation 'org.springframework.boot:spring-boot-starter-thymeleaf' - implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1' - implementation 'com.fathzer:javaluator:3.0.6' - implementation 'com.posthog.java:posthog:1.2.0' - implementation 'io.github.pixee:java-security-toolkit:1.2.1' - implementation 'org.apache.commons:commons-lang3:3.17.0' - implementation 'com.drewnoakes:metadata-extractor:2.19.0' // Image metadata extractor - implementation 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8' - implementation "org.apache.pdfbox:pdfbox:$pdfboxVersion" - implementation 'jakarta.servlet:jakarta.servlet-api:6.1.0' - implementation 'org.snakeyaml:snakeyaml-engine:2.9' - implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8" + api 'org.springframework.boot:spring-boot-starter-web' + api 'org.springframework.boot:spring-boot-starter-thymeleaf' + api 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1' + api 'com.fathzer:javaluator:3.0.6' + api 'com.posthog.java:posthog:1.2.0' + api 'io.github.pixee:java-security-toolkit:1.2.1' + api 'org.apache.commons:commons-lang3:3.17.0' + api 'com.drewnoakes:metadata-extractor:2.19.0' // Image metadata extractor + api 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8' + api "org.apache.pdfbox:pdfbox:$pdfboxVersion" + api 'jakarta.servlet:jakarta.servlet-api:6.1.0' + api 'org.snakeyaml:snakeyaml-engine:2.9' + api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8" compileOnly "org.projectlombok:lombok:$lombokVersion" annotationProcessor "org.projectlombok:lombok:$lombokVersion" diff --git a/proprietary/LICENSE-proprietary b/proprietary/LICENSE-proprietary index 9f8fef545..df9b7b974 100644 --- a/proprietary/LICENSE-proprietary +++ b/proprietary/LICENSE-proprietary @@ -1,26 +1,54 @@ -Stirling PDF Enterprise Edition (EE) license (the “EE License”) +Stirling PDF User License -Copyright (c) 2025-present Stirling Tools +Copyright (c) 2025 Stirling PDF Inc. -With regard to the Stirling PDF Software: +License Scope & Usage Rights + +Production use of the Stirling PDF Software is only permitted with a valid Stirling PDF User License. + +For purposes of this license, “the Software” refers to the Stirling PDF application and any associated documentation files +provided by Stirling PDF Inc. You or your organization may not use the Software in production, at scale, or for business-critical +processes unless you have agreed to, and remain in compliance with, the Stirling PDF Subscription Terms of Service +(https://www.stirlingpdf.com/terms) or another valid agreement with Stirling PDF, and hold an active User License subscription +covering the appropriate number of licensed users. Trial and Minimal Use -You may use the Software without a subscription for purposes of trial, evaluation, or minimal use, including use by individuals, -organizations, or businesses, provided that: - * The usage is limited in scope (e.g. up to five (5) sessions or uses, or as otherwise defined within the Software); - * You do not modify, distribute, sublicense, or reverse-engineer the Software; - * Any continued use beyond the permitted trial or minimal use scope requires a valid Stirling PDF Enterprise Edition - subscription for the appropriate number of users. +You may use the Software without a paid subscription for the sole purposes of internal trial, evaluation, or minimal use, +provided that: -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. +* Use is limited to no more than five (5) named users or sessions; +* Use is strictly non-production, for internal testing or evaluation only; +* You do not copy, distribute, sublicense, reverse-engineer, or use the Software in client-facing or commercial contexts. -For all third party components incorporated into the Stirling PDF Software, those -components are licensed under the original license provided by the owner of the -applicable component. +Continued use beyond this scope requires a valid Stirling PDF User License. + +Modifications and Derivative Works + +You may modify the Software only for development or internal testing purposes. Any such modifications or derivative works: + +* May not be deployed in production environments without a valid User License; +* May not be distributed or sublicensed; +* Remain the intellectual property of Stirling PDF and/or its licensors; +* May only be used, copied, or exploited in accordance with the terms of a valid Stirling PDF User License subscription. + +Prohibited Actions + +Unless explicitly permitted by a paid license or separate agreement, you may not: + +* Use the Software in production environments; +* Copy, merge, distribute, sublicense, or sell the Software; +* Remove or alter any licensing or copyright notices; +* Circumvent access restrictions or licensing requirements. + +Third-Party Components + +The Stirling PDF Software may include components subject to separate open source licenses. Such components remain governed by +their original license terms as provided by their respective owners. + +Disclaimer + +THE SOFTWARE IS PROVIDED “AS IS,” WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES, OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT, OR OTHERWISE, ARISING FROM, OUT OF, OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java b/proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java index 8d686e4d7..5507580a4 100644 --- a/proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java +++ b/proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java @@ -4,6 +4,7 @@ import javax.sql.DataSource; import lombok.Getter; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.boot.autoconfigure.condition.ConditionalOnBooleanProperty; import org.springframework.boot.autoconfigure.domain.EntityScan; import org.springframework.boot.jdbc.DataSourceBuilder; import org.springframework.boot.jdbc.DatabaseDriver; @@ -54,14 +55,25 @@ public class DatabaseConfig { public DataSource dataSource() throws UnsupportedProviderException { DataSourceBuilder dataSourceBuilder = DataSourceBuilder.create(); - if (!runningProOrHigher) { + if (!runningProOrHigher || !datasource.isEnableCustomDatabase()) { return useDefaultDataSource(dataSourceBuilder); } - if (!datasource.isEnableCustomDatabase()) { - return useDefaultDataSource(dataSourceBuilder); - } + return useCustomDataSource(dataSourceBuilder); + } + private DataSource useDefaultDataSource(DataSourceBuilder dataSourceBuilder) { + log.info("Using default H2 database"); + + dataSourceBuilder.url(DATASOURCE_DEFAULT_URL) + .driverClassName(DatabaseDriver.H2.getDriverClassName()) + .username(DEFAULT_USERNAME); + + return dataSourceBuilder.build(); + } + + @ConditionalOnBooleanProperty(name = "premium.enabled") + private DataSource useCustomDataSource(DataSourceBuilder dataSourceBuilder) throws UnsupportedProviderException { log.info("Using custom database configuration"); if (!datasource.getCustomDatabaseUrl().isBlank()) { @@ -73,11 +85,11 @@ public class DatabaseConfig { } else { dataSourceBuilder.driverClassName(getDriverClassName(datasource.getType())); dataSourceBuilder.url( - generateCustomDataSourceUrl( - datasource.getType(), - datasource.getHostName(), - datasource.getPort(), - datasource.getName())); + generateCustomDataSourceUrl( + datasource.getType(), + datasource.getHostName(), + datasource.getPort(), + datasource.getName())); } dataSourceBuilder.username(datasource.getUsername()); dataSourceBuilder.password(datasource.getPassword()); @@ -85,16 +97,6 @@ public class DatabaseConfig { return dataSourceBuilder.build(); } - private DataSource useDefaultDataSource(DataSourceBuilder dataSourceBuilder) { - log.info("Using default H2 database"); - - dataSourceBuilder.url(DATASOURCE_DEFAULT_URL) - .driverClassName(DatabaseDriver.H2.getDriverClassName()) - .username(DEFAULT_USERNAME); - - return dataSourceBuilder.build(); - } - /** * Generate the URL the DataSource will use to connect to the database * diff --git a/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java b/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java index c31d42dde..cec19214a 100644 --- a/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java +++ b/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java @@ -6,7 +6,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.DependsOn; import org.springframework.context.annotation.Lazy; import org.springframework.security.authentication.ProviderManager; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; @@ -26,7 +25,7 @@ import org.springframework.security.web.authentication.rememberme.PersistentToke import org.springframework.security.web.csrf.CookieCsrfTokenRepository; import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler; import org.springframework.security.web.savedrequest.NullRequestCache; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; +import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher; import stirling.software.common.configuration.AppConfig; import stirling.software.common.model.ApplicationProperties; import stirling.software.proprietary.security.CustomAuthenticationFailureHandler; @@ -53,7 +52,6 @@ import stirling.software.proprietary.security.session.SessionPersistentRegistry; @Configuration @EnableWebSecurity @EnableMethodSecurity -@DependsOn("runningProOrHigher") public class SecurityConfiguration { private final CustomUserDetailsService userDetailsService; @@ -167,7 +165,7 @@ public class SecurityConfiguration { http.requestCache(requestCache -> requestCache.requestCache(new NullRequestCache())); http.logout( logout -> - logout.logoutRequestMatcher(new AntPathRequestMatcher("/logout")) + logout.logoutRequestMatcher(PathPatternRequestMatcher.withDefaults().matcher("/logout")) .logoutSuccessHandler( new CustomLogoutSuccessHandler(applicationProperties, appConfig)) .clearAuthentication(true) diff --git a/src/main/java/stirling/software/SPDF/SPDFApplication.java b/src/main/java/stirling/software/SPDF/SPDFApplication.java index b3f6dd078..91a5354e4 100644 --- a/src/main/java/stirling/software/SPDF/SPDFApplication.java +++ b/src/main/java/stirling/software/SPDF/SPDFApplication.java @@ -35,7 +35,11 @@ import stirling.software.common.util.UrlUtils; @Slf4j @EnableScheduling @SpringBootApplication( - scanBasePackages = {"stirling.software.common", "stirling.software.SPDF"}, + scanBasePackages = { + "stirling.software.common", + "stirling.software.SPDF", + "stirling.software.proprietary.security" + }, exclude = { DataSourceAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class diff --git a/src/main/resources/settings.yml.template b/src/main/resources/settings.yml.template index 2228b73a7..b22e2ab66 100644 --- a/src/main/resources/settings.yml.template +++ b/src/main/resources/settings.yml.template @@ -64,7 +64,6 @@ premium: key: 00000000-0000-0000-0000-000000000000 enabled: true # Enable license key checks for pro/enterprise features proFeatures: - customDatabase: false # Enable database features todo: use only for custom DB SSOAutoLogin: false CustomMetadata: autoUpdateMetadata: false