SEC-2206: Gradle Propdeps

acl/acl.gradle

@@ -3,13 +3,13 @@
 dependencies {
     compile project(':spring-security-core'),
             'aopalliance:aopalliance:1.0',
-            "net.sf.ehcache:ehcache:$ehcacheVersion",
             "org.springframework:spring-aop:$springVersion",
-            "org.springframework:spring-beans:$springVersion",
             "org.springframework:spring-context:$springVersion",
             "org.springframework:spring-tx:$springVersion",
             "org.springframework:spring-jdbc:$springVersion"
 
+    optional "net.sf.ehcache:ehcache:$ehcacheVersion"
+
     testCompile "org.springframework:spring-beans:$springVersion",
                 "org.springframework:spring-context-support:$springVersion",
                 "org.springframework:spring-test:$springVersion"

build.gradle

@@ -5,6 +5,7 @@ buildscript {
         maven { url "http://repo.springsource.org/plugins-release" }
     }
     dependencies {
+        classpath("org.springframework.build.gradle:propdeps-plugin:0.0.3")
         classpath("org.springframework.build.gradle:bundlor-plugin:0.1.2")
     }
 }

buildSrc/src/main/groovy/aspectj/AspectJPlugin.groovy

@@ -33,7 +33,7 @@ class AspectJPlugin implements Plugin<Project> {
             project.configurations.add('ajtools')
             project.dependencies {
                 ajtools "org.aspectj:aspectjtools:${project.aspectjVersion}"
-                compile "org.aspectj:aspectjrt:${project.aspectjVersion}"
+                optional "org.aspectj:aspectjrt:${project.aspectjVersion}"
             }
         }
 

cas/cas.gradle

@@ -5,8 +5,9 @@ dependencies {
             "org.springframework:spring-context:$springVersion",
             "org.springframework:spring-beans:$springVersion",
             "org.springframework:spring-web:$springVersion",
-            "org.jasig.cas.client:cas-client-core:3.1.12",
-            "net.sf.ehcache:ehcache:$ehcacheVersion"
+            "org.jasig.cas.client:cas-client-core:3.1.12"
+
+    optional "net.sf.ehcache:ehcache:$ehcacheVersion"
 
     provided "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion"
 }

config/config.gradle

@@ -1,3 +1,5 @@
+import javax.security.auth.login.ConfigurationSpi;
+
 // Config Module build file
 
 apply plugin: 'groovy'
@@ -8,23 +10,14 @@ compileTestJava.dependsOn(':spring-security-core:compileTestJava')
 dependencies {
     // NB: Don't add other compile time dependencies to the config module as this breaks tooling
     compile project(':spring-security-core'),
-            project(':spring-security-web'),
-            project(':spring-security-openid'),
-            project(':spring-security-ldap'),
-            "org.aspectj:aspectjweaver:$aspectjVersion",
             'aopalliance:aopalliance:1.0',
             "org.springframework:spring-aop:$springVersion",
             "org.springframework:spring-context:$springVersion",
-            "org.springframework:spring-web:$springVersion",
-            "org.springframework:spring-beans:$springVersion",
-            "org.springframework:spring-jdbc:$springVersion",
-            "org.springframework:spring-tx:$springVersion",
-            "org.springframework.ldap:spring-ldap-core:$springLdapVersion"
-            compile('org.openid4java:openid4java-nodeps:0.9.6') {
-                exclude group: 'com.google.code.guice', module: 'guice'
-            }
-            compile 'com.google.inject:guice:2.0'
-            compile apacheds_libs
+            "org.springframework:spring-beans:$springVersion"
+
+    optional project(':spring-security-web'),
+             "org.springframework:spring-web:$springVersion",
+             "org.aspectj:aspectjweaver:$aspectjVersion"
 
     provided "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion"
 
@@ -43,6 +36,13 @@ dependencies {
                 "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.1.Final",
                 "org.hibernate:hibernate-entitymanager:4.1.0.Final",
                 "org.codehaus.groovy:groovy-all:$groovyVersion",
+                "org.apache.directory.server:apacheds-core:$apacheDsVersion",
+                "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
+                "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
+                "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion",
+                "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
+                'org.apache.directory.shared:shared-ldap:0.9.15',
+                'ldapsdk:ldapsdk:4.1',
                 powerMockDependencies
     testCompile('org.openid4java:openid4java-nodeps:0.9.6') {
        exclude group: 'com.google.code.guice', module: 'guice'

core/core.gradle

@@ -5,17 +5,18 @@ def cryptoProject = project(':spring-security-crypto')
 def cryptoClasses = cryptoProject.sourceSets.main.output
 
 dependencies {
-    compile cryptoProject,
+    compile cryptoProject.sourceSets.main.output,
             'aopalliance:aopalliance:1.0',
-            "net.sf.ehcache:ehcache:$ehcacheVersion",
             "org.springframework:spring-aop:$springVersion",
             "org.springframework:spring-beans:$springVersion",
             "org.springframework:spring-context:$springVersion",
-            "org.springframework:spring-expression:$springVersion",
-            "org.springframework:spring-jdbc:$springVersion",
-            "org.springframework:spring-tx:$springVersion",
-            "org.aspectj:aspectjrt:$aspectjVersion",
-            'javax.annotation:jsr250-api:1.0'
+            "org.springframework:spring-expression:$springVersion"
+
+    optional "net.sf.ehcache:ehcache:$ehcacheVersion",
+             'javax.annotation:jsr250-api:1.0',
+             "org.aspectj:aspectjrt:$aspectjVersion",
+             "org.springframework:spring-jdbc:$springVersion",
+             "org.springframework:spring-tx:$springVersion"
 
     testCompile 'commons-collections:commons-collections:3.2',
                 "org.springframework:spring-test:$springVersion",
@@ -36,9 +37,6 @@ classes.doLast {
     }
 }
 
-sourceSets.main.compileClasspath += cryptoClasses
-sourceSets.test.compileClasspath += cryptoClasses
-
 sourceJar.from cryptoProject.sourceSets.main.java
 
 test {

gradle/javaprojects.gradle

@@ -1,5 +1,9 @@
 apply plugin: 'java'
 apply plugin: 'eclipse'
+apply plugin: 'propdeps'
+apply plugin: 'propdeps-maven'
+apply plugin: 'propdeps-idea'
+apply plugin: 'propdeps-eclipse'
 
 sourceCompatibility = 1.5
 targetCompatibility = 1.5
@@ -56,17 +60,6 @@ ext.bundlorProperties = [
     aopAllianceRange: '[1.0.0, 2.0.0)'
 ]
 
-configurations {
-    // Configuration which is ONLY used for compileJava and will not be inherited by any others
-    // Revisit post Gradle 1.0
-    compileOnly
-    // Used to identify deps which should be marked as "provided" in maven poms
-    provided
-    testCompile.extendsFrom provided
-    compile.transitive = false
-    testCompile.transitive = false
-}
-
 // Integration test setup
 configurations {
     integrationTestCompile {
@@ -92,9 +85,8 @@ task integrationTest(type: Test, dependsOn: jar) {
     classpath = sourceSets.integrationTest.runtimeClasspath
     maxParallelForks = 1
 }
-
 dependencies {
-    compileOnly 'commons-logging:commons-logging:1.1.1'
+    optional 'commons-logging:commons-logging:1.1.1'
 
     compile ("org.springframework:spring-core:$springVersion") {
         exclude(group: 'commons-logging', module: 'commons-logging')
@@ -112,9 +104,6 @@ dependencies {
 
 [configurations.runtime, configurations.default]*.exclude(module: 'commons-logging')
 
-sourceSets.main.compileClasspath += configurations.compileOnly
-sourceSets.main.compileClasspath += configurations.provided
-
 [compileJava, compileTestJava]*.options*.encoding = 'UTF-8'
 
 test {
@@ -131,7 +120,6 @@ def guessMaxForks() {
 javadoc {
     title = "Spring Security $version API"
     source = sourceSets.main.allJava
-    classpath +=  configurations.compileOnly + configurations.provided
     options {
         memberLevel = org.gradle.external.javadoc.JavadocMemberLevel.PROTECTED
         author = true

gradle/maven-deployment.gradle

@@ -20,52 +20,21 @@ dependencies {
     deployerJars "org.springframework.build.aws:org.springframework.build.aws.maven:3.0.0.RELEASE"
 }
 
-// Remove the archive configuration from the runtime configuration, so that anything added to archives
-// (such as the source jar) is no longer included in the runtime classpath
-configurations.default.extendsFrom = [configurations.runtime] as Set
-// Add the main jar into the default configuration
-artifacts { 'default' jar }
-
 install {
     customizePom(repositories.mavenInstaller.pom, project)
 }
 
 def customizePom(pom, gradleProject) {
-    def optionalDeps = ['ehcache', 'log4j', 'apacheds-core', 'jsp-api', 'jsr250-api', 'ldapsdk', 'aspectjrt', 'aspectjweaver']
-
-    pom.scopeMappings.addMapping(10, configurations.provided, 'provided')
     pom.whenConfigured { p ->
-        // Remove test scope dependencies from published poms
-        p.dependencies = p.dependencies.findAll {it.scope != 'test'}
-
-        // Flag optional deps
-        p.dependencies.findAll { dep ->
-            optionalDeps.contains(dep.artifactId) ||
-            dep.groupId.startsWith('org.apache.directory') ||
-            dep.groupId.startsWith('org.slf4j')
-        }*.optional = true
-
-        // Hack for specific case of config module
-        if (p.artifactId == 'spring-security-config') {
-            p.dependencies.find { dep -> dep.artifactId == 'spring-security-ldap'}.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'spring-ldap-core'}.optional = true
-            p.dependencies.find { dep -> dep.groupId.startsWith "org.apache.directory" }*.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'spring-security-web'}.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'spring-security-openid'}.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'guice'}.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'openid4java-nodeps'}.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'spring-jdbc'}.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'spring-tx'}.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'spring-web'}.optional = true
+        p.dependencies.findAll{ it.scope == "optional" }.each {
+            it.scope = "compile"
+            it.optional = true
         }
-
-        if (p.artifactId == 'spring-security-core') {
-            p.dependencies.find { dep -> dep.artifactId == 'spring-jdbc'}.optional = true
-            p.dependencies.find { dep -> dep.artifactId == 'spring-tx'}.optional = true
-            p.dependencies.removeAll { dep -> dep.artifactId == 'spring-security-crypto' }
+        // sort to make pom dependencies order consistent to ease comparison of older poms
+        p.dependencies = p.dependencies.sort { dep ->
+            "$dep.scope:$dep.optional:$dep.groupId:$dep.artifactId"
         }
     }
-
     pom.project {
         name = gradleProject.name
         description = gradleProject.name
@@ -93,12 +62,6 @@ def customizePom(pom, gradleProject) {
                 email = 'rwinch@vmware.com'
             }
         }
-        repositories {
-            repository {
-                id 'spring-milestone'
-                url 'http://repo.springsource.org/libs-milestone'
-            }
-        }
         dependencies {
             dependency {
                 artifactId = groupId = 'commons-logging'
@@ -112,11 +75,13 @@ def customizePom(pom, gradleProject) {
 
 task generatePom {
     group = 'Build'
-    description = 'Generates the Maven pom.xml'
+    description = 'Generates a Maven pom.xml'
 
-    ext.generatedPomFileName = 'pom.xml'
+    ext.generatedPomFileName = "pom.xml"
+    onlyIf { install.enabled }
 
-    inputs.files('**/*.gradle')
+    inputs.files(fileTree(project.rootProject.rootDir).include("**/*.gradle").files)
+    inputs.files(new File(project.rootProject.rootDir, Project.GRADLE_PROPERTIES))
     outputs.files(generatedPomFileName)
 
     doLast() {
@@ -124,5 +89,4 @@ task generatePom {
         customizePom(p, project)
         p.writeTo(generatedPomFileName)
     }
-
 }

itest/context/itest-context.gradle

@@ -12,6 +12,6 @@ dependencies {
     testCompile project(':spring-security-web'),
                 "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion",
                 "org.springframework:spring-web:$springVersion"
-    testRuntime project(':spring-security-config')
-
-}
+    testRuntime project(':spring-security-config'),
+                "org.aspectj:aspectjweaver:$aspectjVersion"
+}

ldap/ldap.gradle

@@ -4,13 +4,15 @@ dependencies {
     compile project(':spring-security-core'),
             "org.springframework:spring-beans:$springVersion",
             "org.springframework:spring-context:$springVersion",
-            "org.springframework:spring-tx:$springVersion",
-            'ldapsdk:ldapsdk:4.1'
-    apacheds_libs.collect {
-        compile (it) {
-            exclude group: 'org.slf4j'
-        }
-    }
+            "org.springframework:spring-tx:$springVersion"
+
+    optional "org.apache.directory.server:apacheds-core:$apacheDsVersion",
+             "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
+             "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
+             "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion",
+             "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
+             'org.apache.directory.shared:shared-ldap:0.9.15',
+             'ldapsdk:ldapsdk:4.1'
 
     compile ("org.springframework.ldap:spring-ldap-core:$springLdapVersion") {
         exclude(group: 'commons-logging', module: 'commons-logging')

samples/cas/sample/cassample.gradle

@@ -35,7 +35,8 @@ dependencies {
     runtime project(':spring-security-web'),
             project(':spring-security-config'),
             "org.slf4j:jcl-over-slf4j:$slf4jVersion",
-            "ch.qos.logback:logback-classic:$logbackVersion"
+            "ch.qos.logback:logback-classic:$logbackVersion",
+            "net.sf.ehcache:ehcache:$ehcacheVersion"
 
     integrationTestCompile project(':spring-security-cas'),
                    "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion",

samples/contacts/contacts.gradle

@@ -3,10 +3,6 @@
 apply plugin: 'war'
 apply plugin: 'jetty'
 
-configurations {
-    runtime.exclude module: 'jsr250-api'
-    runtime.exclude group: 'org.aspectj'
-}
 
 dependencies {
     providedCompile "org.apache.tomcat:tomcat-servlet-api:$servletApiVersion"
@@ -26,10 +22,12 @@ dependencies {
             project(':spring-security-taglibs'),
             "org.springframework:spring-context-support:$springVersion",
             "javax.servlet:jstl:$jstlVersion",
-            "net.sf.ehcache:ehcache:$ehcacheVersion",
             "hsqldb:hsqldb:$hsqlVersion",
             "org.slf4j:jcl-over-slf4j:$slf4jVersion",
             "ch.qos.logback:logback-classic:$logbackVersion"
+
+    optional "net.sf.ehcache:ehcache:$ehcacheVersion"
+
 }
 
 jettyRun {

samples/dms/dms.gradle

@@ -10,7 +10,7 @@ dependencies {
 
     runtime project(':spring-security-config'),
             "hsqldb:hsqldb:$hsqlVersion",
-            "net.sf.ehcache:ehcache:$ehcacheVersion",
             "org.springframework:spring-context-support:$springVersion"
 
+    optional "net.sf.ehcache:ehcache:$ehcacheVersion"
 }