Port to Dropwizard 5/Jetty 12 [BREAKING CHANGE]

Maven and java packages changed to ee10 versions of things.
Websocket API changes invovling callbacks/etc, also the upgrade
process changes to deal with jetty Request vs/ servlet requests.
Similar mock/logging changes for those request APIs.
Adopt dropwizard/dropwizard#9970 to avoid
errors in request logs.

Downstreams might be ok, but API changes ae major enough that
they might not be so bump version and label as breaking change.

Author: josephlbarnett

.github/dependabot.yml

@@ -12,12 +12,3 @@ updates:
   - dependency-name: org.jetbrains:annotations
     versions:
     - "> 13.0"
-  - dependency-name: org.eclipse.jetty:*
-    versions:
-    - ">= 12.0.0"
-  - dependency-name: ch.qos.logback:*
-    versions:
-    - ">= 1.5.0"
-  - dependency-name: jakarta.servlet:jakarta.servlet-api
-    versions:
-    - ">= 6.0.0"

build-resources/pom.xml

@@ -7,7 +7,7 @@
 
     <groupId>io.github.josephlbarnett</groupId>
     <artifactId>build-resources</artifactId>
-    <version>3.2-SNAPSHOT</version>
+    <version>3.3-SNAPSHOT</version>
 
     <name>LeakyCauldron Build Resources</name>
     <description>Resources for use during the build process</description>

config/pom.xml

@@ -8,11 +8,10 @@
     <parent>
         <groupId>io.github.josephlbarnett</groupId>
         <artifactId>leakycauldron</artifactId>
-        <version>3.2-SNAPSHOT</version>
+        <version>3.3-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
-    <groupId>io.github.josephlbarnett</groupId>
     <artifactId>config</artifactId>
     <name>LeakyCauldron Config</name>
 

db/pom.xml

@@ -8,11 +8,10 @@
     <parent>
         <groupId>io.github.josephlbarnett</groupId>
         <artifactId>leakycauldron</artifactId>
-        <version>3.2-SNAPSHOT</version>
+        <version>3.3-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
-    <groupId>io.github.josephlbarnett</groupId>
     <artifactId>db</artifactId>
     <name>LeakyCauldron DB</name>
 

graphql/pom.xml

@@ -8,11 +8,10 @@
     <parent>
         <groupId>io.github.josephlbarnett</groupId>
         <artifactId>leakycauldron</artifactId>
-        <version>3.2-SNAPSHOT</version>
+        <version>3.3-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 
-    <groupId>io.github.josephlbarnett</groupId>
     <artifactId>graphql</artifactId>
     <name>LeakyCauldon GraphQL</name>
 
@@ -159,32 +158,36 @@
             <artifactId>metrics-annotation</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-servlet</artifactId>
+            <groupId>org.eclipse.jetty.ee10</groupId>
+            <artifactId>jetty-ee10-servlet</artifactId>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-util</artifactId>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-http</artifactId>
+            <artifactId>jetty-security</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.eclipse.jetty.websocket</groupId>
-            <artifactId>websocket-core-common</artifactId>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-server</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-http</artifactId>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty.websocket</groupId>
-            <artifactId>websocket-core-server</artifactId>
+            <artifactId>jetty-websocket-core-common</artifactId>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty.websocket</groupId>
-            <artifactId>websocket-jetty-api</artifactId>
+            <artifactId>jetty-websocket-core-server</artifactId>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty.websocket</groupId>
-            <artifactId>websocket-jetty-server</artifactId>
+            <artifactId>jetty-websocket-jetty-api</artifactId>
         </dependency>
         <dependency>
             <groupId>io.swagger.core.v3</groupId>
@@ -198,6 +201,10 @@
             <groupId>org.glassfish.jersey.core</groupId>
             <artifactId>jersey-common</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.glassfish.jersey.containers</groupId>
+            <artifactId>jersey-container-servlet-core</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.glassfish.jersey.media</groupId>
             <artifactId>jersey-media-sse</artifactId>
@@ -214,7 +221,11 @@
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty.websocket</groupId>
-            <artifactId>websocket-jetty-client</artifactId>
+            <artifactId>jetty-websocket-jetty-client</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty.ee10.websocket</groupId>
+            <artifactId>jetty-ee10-websocket-jetty-server</artifactId>
         </dependency>
     </dependencies>
 </project>

graphql/src/main/kotlin/com/trib3/graphql/modules/DefaultGraphQLModule.kt

@@ -21,8 +21,8 @@ import graphql.execution.instrumentation.ChainedInstrumentation
 import graphql.execution.instrumentation.Instrumentation
 import io.dropwizard.servlets.assets.AssetServlet
 import jakarta.inject.Named
+import org.eclipse.jetty.ee10.websocket.server.config.JettyWebSocketServletContainerInitializer
 import org.eclipse.jetty.websocket.core.server.WebSocketCreator
-import org.eclipse.jetty.websocket.server.config.JettyWebSocketServletContainerInitializer
 
 /**
  * Default Guice module for GraphQL applications.  Sets up

graphql/src/main/kotlin/com/trib3/graphql/resources/GraphQLResource.kt

@@ -33,18 +33,21 @@ import kotlinx.coroutines.Job
 import kotlinx.coroutines.cancelChildren
 import kotlinx.coroutines.supervisorScope
 import mu.KotlinLogging
+import org.eclipse.jetty.ee10.servlet.ServletContextHandler
+import org.eclipse.jetty.ee10.servlet.ServletContextRequest
+import org.eclipse.jetty.ee10.websocket.server.internal.JettyServerFrameHandlerFactory
 import org.eclipse.jetty.http.HttpStatus
+import org.eclipse.jetty.util.FutureCallback
 import org.eclipse.jetty.util.URIUtil
 import org.eclipse.jetty.websocket.core.Configuration
+import org.eclipse.jetty.websocket.core.WebSocketConstants
 import org.eclipse.jetty.websocket.core.server.WebSocketCreator
 import org.eclipse.jetty.websocket.core.server.WebSocketMappings
-import org.eclipse.jetty.websocket.server.internal.JettyServerFrameHandlerFactory
 import java.security.Principal
 import java.time.Duration
 import java.util.Optional
 import java.util.concurrent.ConcurrentHashMap
 import javax.annotation.Nullable
-import kotlin.collections.set
 
 private val log = KotlinLogging.logger {}
 
@@ -72,6 +75,58 @@ internal fun unauthorizedResponse(): Response =
             "Basic realm=\"realm\"",
         ).build()
 
+/**
+ * Attempts to do a websocket upgrade, returning 101 if it succeeds,
+ * and 405 if the negotiation fails.
+ *
+ * See JettyWebSocketServlet for the core logic here, as it may
+ * need to change when jetty version upgrades happen.
+ */
+fun doWebSocketUpgrade(
+    request: HttpServletRequest,
+    response: HttpServletResponse,
+    creator: WebSocketCreator,
+    webSocketConfig: Configuration.ConfigurationCustomizer,
+): Response {
+    val webSocketMapping =
+        request.servletContext?.let {
+            WebSocketMappings.getMappings(
+                ServletContextHandler.getServletContextHandler(it),
+            )
+        }
+
+    val pathSpec = WebSocketMappings.parsePathSpec(URIUtil.addPaths(request.servletPath, request.pathInfo))
+    if (webSocketMapping != null && webSocketMapping.getWebSocketCreator(pathSpec) == null) {
+        synchronized(webSocketMapping) {
+            if (webSocketMapping.getWebSocketCreator(pathSpec) == null) {
+                webSocketMapping.addMapping(
+                    pathSpec,
+                    creator,
+                    JettyServerFrameHandlerFactory.getFactory(request.servletContext),
+                    webSocketConfig,
+                )
+            }
+        }
+    }
+    if (webSocketMapping != null) {
+        val wsrequest = ServletContextRequest.getServletContextRequest(request)
+        val wsresponse = wsrequest.servletContextResponse
+        val callback = FutureCallback()
+        try {
+            wsrequest.setAttribute(WebSocketConstants.WEBSOCKET_WRAPPED_REQUEST_ATTRIBUTE, request)
+            wsrequest.setAttribute(WebSocketConstants.WEBSOCKET_WRAPPED_RESPONSE_ATTRIBUTE, response)
+            if (webSocketMapping.upgrade(wsrequest, wsresponse, callback, null)) {
+                callback.block()
+                return Response.status(HttpStatus.SWITCHING_PROTOCOLS_101).build()
+            }
+        } finally {
+            wsrequest.removeAttribute(WebSocketConstants.WEBSOCKET_WRAPPED_REQUEST_ATTRIBUTE)
+            wsrequest.removeAttribute(WebSocketConstants.WEBSOCKET_WRAPPED_RESPONSE_ATTRIBUTE)
+        }
+    }
+    return Response.status(HttpStatus.METHOD_NOT_ALLOWED_405).build()
+}
+
 /**
  * Jersey Resource entry point to GraphQL execution.  Configures the graphql schemas at
  * injection time and then executes a [GraphQLRequest] specified query when requested.
@@ -196,33 +251,14 @@ open class GraphQLResource
             principal: Optional<Principal>,
             @Context request: HttpServletRequest,
             @Context response: HttpServletResponse,
-            @Context containerRequestContext: ContainerRequestContext,
         ): Response {
             val origin = request.getHeader("Origin")
             if (origin != null) {
                 if (!origin.matches(corsRegex)) {
                     return unauthorizedResponse()
                 }
             }
-            val webSocketMapping =
-                request.servletContext?.let {
-                    WebSocketMappings.getMappings(it)
-                }
-            val pathSpec = WebSocketMappings.parsePathSpec(URIUtil.addPaths(request.servletPath, request.pathInfo))
-            if (webSocketMapping != null && webSocketMapping.getWebSocketCreator(pathSpec) == null) {
-                webSocketMapping.addMapping(
-                    pathSpec,
-                    creator,
-                    JettyServerFrameHandlerFactory.getFactory(request.servletContext),
-                    webSocketConfig,
-                )
-            }
 
-            // Create a new WebSocketCreator for each request bound to an optional authorized principal
-            return if (webSocketMapping != null && webSocketMapping.upgrade(request, response, null)) {
-                Response.status(HttpStatus.SWITCHING_PROTOCOLS_101).build()
-            } else {
-                Response.status(HttpStatus.METHOD_NOT_ALLOWED_405).build()
-            }
+            return doWebSocketUpgrade(request, response, creator, webSocketConfig)
         }
     }

graphql/src/main/kotlin/com/trib3/graphql/websocket/GraphQLWebSocketAdapter.kt

@@ -10,7 +10,7 @@ import kotlinx.coroutines.cancel
 import kotlinx.coroutines.channels.Channel
 import kotlinx.coroutines.runBlocking
 import mu.KotlinLogging
-import org.eclipse.jetty.websocket.api.WebSocketAdapter
+import org.eclipse.jetty.websocket.api.Session
 
 private val log = KotlinLogging.logger {}
 
@@ -24,9 +24,10 @@ open class GraphQLWebSocketAdapter(
     val channel: Channel<OperationMessage<*>>,
     val objectMapper: ObjectMapper,
     dispatcher: CoroutineDispatcher = Dispatchers.IO,
-) : WebSocketAdapter(),
+) : Session.Listener.AutoDemanding,
     CoroutineScope by CoroutineScope(dispatcher) {
     val objectWriter = objectMapper.writerWithDefaultPrettyPrinter()!!
+    var session: Session? = null
 
     companion object {
         private val CLIENT_SOURCED_MESSAGES =
@@ -40,6 +41,10 @@ open class GraphQLWebSocketAdapter(
             )
     }
 
+    override fun onWebSocketOpen(session: Session?) {
+        this.session = session
+    }
+
     /**
      * Parse incoming messages as [OperationMessage]s, then send them to the channel consumer
      */
@@ -90,7 +95,7 @@ open class GraphQLWebSocketAdapter(
      * Must be called from the Subscriber's observation context
      */
     internal fun sendMessage(message: OperationMessage<*>) {
-        remote?.sendString(objectWriter.writeValueAsString(subProtocol.getServerToClientMessage(message)))
+        session?.sendText(objectWriter.writeValueAsString(subProtocol.getServerToClientMessage(message)), null)
     }
 
     /**

graphql/src/main/kotlin/com/trib3/graphql/websocket/GraphQLWebSocketCreator.kt

@@ -12,6 +12,9 @@ import kotlinx.coroutines.CoroutineDispatcher
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.channels.Channel
 import kotlinx.coroutines.launch
+import org.eclipse.jetty.security.AuthenticationState
+import org.eclipse.jetty.server.Request
+import org.eclipse.jetty.util.Callback
 import org.eclipse.jetty.websocket.core.server.ServerUpgradeRequest
 import org.eclipse.jetty.websocket.core.server.ServerUpgradeResponse
 import org.eclipse.jetty.websocket.core.server.WebSocketCreator
@@ -55,6 +58,7 @@ class GraphQLWebSocketCreator(
     override fun createWebSocket(
         req: ServerUpgradeRequest,
         resp: ServerUpgradeResponse,
+        callback: Callback,
     ): Any {
         val containerRequestContext = convertToRequestContext(req)
         val subProtocol =
@@ -88,26 +92,27 @@ class GraphQLWebSocketCreator(
      * for doing auth in the [GraphQLWebSocketConsumer].
      */
     internal fun convertToRequestContext(req: ServerUpgradeRequest): ContainerRequestContext {
+        val authState = Request.getAuthenticationState(req) as? AuthenticationState.Succeeded
         val containerRequestContext =
             ContainerRequest(
-                req.requestURI,
-                req.requestURI,
+                req.httpURI.toURI(),
+                req.httpURI.toURI(),
                 req.method,
                 object : SecurityContext {
-                    override fun getUserPrincipal(): Principal? = req.userPrincipal
+                    override fun getUserPrincipal(): Principal? = authState?.userPrincipal
 
-                    override fun isUserInRole(role: String?): Boolean = req.isUserInRole(role)
+                    override fun isUserInRole(role: String?): Boolean = authState?.isUserInRole(role) == true
 
                     override fun isSecure(): Boolean = req.isSecure
 
-                    override fun getAuthenticationScheme(): String = req.httpServletRequest.authType
+                    override fun getAuthenticationScheme(): String? = authState?.authenticationType
                 },
                 MapPropertiesDelegate(emptyMap()),
                 null,
             )
         // transfer HTTP headers
-        req.headersMap?.forEach {
-            containerRequestContext.headers(it.key, it.value)
+        req.headers?.forEach {
+            containerRequestContext.headers(it.name, it.value)
         }
         return containerRequestContext
     }

graphql/src/main/kotlin/com/trib3/graphql/websocket/GraphQLWebSocketProtocol.kt

@@ -10,6 +10,7 @@ import com.fasterxml.jackson.annotation.JsonSubTypes.Type
 import com.fasterxml.jackson.annotation.JsonTypeInfo
 import com.fasterxml.jackson.annotation.JsonValue
 import com.trib3.graphql.execution.MessageGraphQLError
+import org.eclipse.jetty.websocket.api.Callback
 import org.eclipse.jetty.websocket.api.Session
 import org.eclipse.jetty.websocket.api.StatusCode
 import kotlin.reflect.KClass
@@ -77,6 +78,7 @@ enum class GraphQLWebSocketSubProtocol(
                 GraphQLWebSocketCloseReason.INVALID_MESSAGE.description
                     .replace("<id>", msgId.orEmpty())
                     .replace("<body>", msgBody),
+                Callback.NOOP,
             )
         },
         onDuplicateQueryCallback = { message, adapter ->
@@ -86,6 +88,7 @@ enum class GraphQLWebSocketSubProtocol(
                     "<unique-operation-id>",
                     message.id.orEmpty(),
                 ),
+                Callback.NOOP,
             )
         },
         onDuplicateInitCallback = { _, adapter ->
@@ -109,10 +112,10 @@ enum class GraphQLWebSocketSubProtocol(
         message: OperationMessage<T>,
         mapping: Map<String, String>,
     ): OperationMessage<T> =
-        if (!mapping.containsKey(message.type?.type)) {
+        if (message.type == null || !mapping.containsKey(message.type.type)) {
             message
         } else {
-            message.copy(type = message.type?.copy(type = mapping.getValue(message.type.type)))
+            message.copy(type = message.type.copy(type = mapping.getValue(message.type.type)))
         }
 
     /**
@@ -184,7 +187,7 @@ enum class GraphQLWebSocketCloseReason(
  * code/description pairs
  */
 fun Session.close(reason: GraphQLWebSocketCloseReason) {
-    this.close(reason.code, reason.description)
+    this.close(reason.code, reason.description, Callback.NOOP)
 }
 
 /**