Merge pull request #396 from ForgeRock/SDKS-2988

SDKS-2988 Resolve the CVE-2023-52428 issue by upgrading the nimbus-jose-jwt

build.gradle

@@ -15,6 +15,7 @@ buildscript {
         customTemplatesFolder = file(projectDir.toString() + "/dokka/templates")
     }
     dependencies {
+        classpath 'com.android.tools.build:gradle:8.2.2'
         classpath "com.adarshr:gradle-test-logger-plugin:2.0.0"
         classpath 'com.google.gms:google-services:4.3.15'
         // NOTE: Do not place your application dependencies here; they belong

buildSrc/.gitignore

@@ -0,0 +1,2 @@
+.gradle
+build

buildSrc/build.gradle.kts

@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2024 ForgeRock. All rights reserved.
+ *
+ *  This software may be modified and distributed under the terms
+ *  of the MIT license. See the LICENSE file for details.
+ */
+
+plugins {
+    `kotlin-dsl`
+}
+
+repositories {
+    google()
+    mavenCentral()
+}
+
+dependencies {
+    implementation("com.android.tools.build:gradle-api:8.2.2")
+}

buildSrc/src/main/kotlin/AndroidBuildGradlePlugin.kt

@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2024 ForgeRock. All rights reserved.
+ *
+ *  This software may be modified and distributed under the terms
+ *  of the MIT license. See the LICENSE file for details.
+ */
+
+import com.android.build.api.dsl.LibraryExtension
+import org.gradle.api.JavaVersion
+import org.gradle.api.Plugin
+import org.gradle.api.Project
+
+class AndroidBuildGradlePlugin : Plugin<Project> {
+
+    override fun apply(project: Project) {
+        project.android().apply {
+            compileSdk = 34;
+            defaultConfig {
+                minSdk = 23
+            }
+            compileOptions {
+                sourceCompatibility = JavaVersion.VERSION_17
+                targetCompatibility = JavaVersion.VERSION_17
+            }
+            buildTypes {
+                getByName("release") {
+                    isMinifyEnabled = false
+                    proguardFiles(getDefaultProguardFile("proguard-android-optimize.txt"),
+                        ("proguard-rules.pro"))
+                }
+            }
+            testOptions {
+                targetSdk = 34
+                unitTests {
+                    isIncludeAndroidResources = true
+                    isReturnDefaultValues = true
+                }
+                unitTests.all {
+                    it.exclude("**/*TestSuite*")
+                }
+            }
+
+            buildFeatures {
+                buildConfig = true
+            }
+
+            useLibrary("android.test.base")
+            useLibrary("android.test.mock")
+
+            defaultConfig {
+                testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
+            }
+
+        }
+    }
+
+    /**
+     * Extension function.
+     */
+    private fun Project.android(): LibraryExtension {
+        return extensions.getByType(LibraryExtension::class.java)
+    }
+
+
+}

config/kdoc.gradle

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 ForgeRock. All rights reserved.
+ * Copyright (c) 2023-2024 ForgeRock. All rights reserved.
  *
  * This software may be modified and distributed under the terms
  * of the MIT license. See the LICENSE file for details.
@@ -11,9 +11,6 @@ apply plugin: 'org.jetbrains.dokka'
 /**
  * Generate Kdoc, delombok then generate Javadoc
  */
-configurations {
-    delombok
-}
 
 task delombok {
     def srcJava = 'src/main/java'

forgerock-auth-ui/build.gradle

@@ -41,10 +41,6 @@ android {
 
 }
 
-apply from: '../config/kdoc.gradle'
-apply from: '../config/publish.gradle'
-
-
 dependencies {
 
     api project(':forgerock-auth')
@@ -62,8 +58,4 @@ dependencies {
 
     compileOnly 'com.google.android.gms:play-services-fido:20.0.1'
 
-    compileOnly "org.projectlombok:lombok:1.18.28"
-    delombok "org.projectlombok:lombok:1.18.28"
-    annotationProcessor 'org.projectlombok:lombok:1.18.28'
-
 }

forgerock-auth-ui/src/main/java/org/forgerock/android/auth/ui/AdviceDialogFragment.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019 - 2023 ForgeRock. All rights reserved.
+ * Copyright (c) 2019 - 2024 ForgeRock. All rights reserved.
  *
  * This software may be modified and distributed under the terms
  * of the MIT license. See the LICENSE file for details.
@@ -29,7 +29,6 @@
 import kotlin.Result;
 import kotlin.Unit;
 import kotlin.coroutines.Continuation;
-import lombok.Setter;
 
 /**
  * Reference implementation of handing Advice with {@link DialogFragment}
@@ -41,7 +40,10 @@ public class AdviceDialogFragment extends DialogFragment implements AuthHandler
     private FRViewModel<FRSession> viewModel;
     private boolean isCancel = true;
 
-    @Setter
+    public void setListener(Continuation<? super Unit> listener) {
+        this.listener = listener;
+    }
+
     private Continuation<? super Unit> listener;
     private PolicyAdvice advice;
 

forgerock-auth-ui/src/main/java/org/forgerock/android/auth/ui/FRViewModel.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019 - 2020 ForgeRock. All rights reserved.
+ * Copyright (c) 2019 - 2024 ForgeRock. All rights reserved.
  *
  * This software may be modified and distributed under the terms
  * of the MIT license. See the LICENSE file for details.
@@ -18,18 +18,26 @@
 import org.forgerock.android.auth.NodeListener;
 import org.forgerock.android.auth.PolicyAdvice;
 
-import lombok.Getter;
-
 /**
  * {@link ViewModel} Wrapper for {@link FRUser}
  */
 public abstract class FRViewModel<T> extends ViewModel {
 
-    @Getter
     private MutableLiveData<SingleLiveEvent<Node>> nodeLiveData = new MutableLiveData<>();
-    @Getter
     private MutableLiveData<T> resultLiveData = new MutableLiveData<>();
-    @Getter
+
+    public MutableLiveData<SingleLiveEvent<Node>> getNodeLiveData() {
+        return nodeLiveData;
+    }
+
+    public MutableLiveData<T> getResultLiveData() {
+        return resultLiveData;
+    }
+
+    public MutableLiveData<SingleLiveEvent<Exception>> getExceptionLiveData() {
+        return exceptionLiveData;
+    }
+
     private MutableLiveData<SingleLiveEvent<Exception>> exceptionLiveData = new MutableLiveData<>();
 
     private NodeListener nodeListener;

forgerock-auth-ui/src/main/java/org/forgerock/android/auth/ui/SingleLiveEvent.java

@@ -1,22 +1,24 @@
 /*
- * Copyright (c) 2019 ForgeRock. All rights reserved.
+ * Copyright (c) 2019 - 2024 ForgeRock. All rights reserved.
  *
  * This software may be modified and distributed under the terms
  * of the MIT license. See the LICENSE file for details.
  */
 
 package org.forgerock.android.auth.ui;
 
-import lombok.AllArgsConstructor;
 
 /**
  * Event only trigger once after configuration change.
  */
-@AllArgsConstructor
 public class SingleLiveEvent<T> {
 
     private T value;
 
+    public SingleLiveEvent(T value) {
+        this.value = value;
+    }
+
     public T getValue() {
         T result = value;
         value = null;