(nifi) branch main updated: NIFI-14937 Bump Netty to 4.2.5.Final, Kafka to 4.1.0, Parquet to 1.16.0, and others (#10264)

Wed, 03 Sep 2025 12:51:50 -0700 

This is an automated email from the ASF dual-hosted git repository.

exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
     new 0c7e3c2b4c NIFI-14937 Bump Netty to 4.2.5.Final, Kafka to 4.1.0, 
Parquet to 1.16.0, and others (#10264)
0c7e3c2b4c is described below

commit 0c7e3c2b4cf8e76fc374c18fcad4f0fae3d53e07
Author: Pierre Villard <[email protected]>
AuthorDate: Wed Sep 3 21:27:38 2025 +0200

    NIFI-14937 Bump Netty to 4.2.5.Final, Kafka to 4.1.0, Parquet to 1.16.0, 
and others (#10264)
    
    - Mortbay Jasper EL/JSP from 10.1.44 to 10.1.44.1
    - Kafka from 4.0.0 to 4.1.0 - 
https://downloads.apache.org/kafka/4.1.0/RELEASE_NOTES.html
    - Apache Parquet Avro from 1.15.2 to 1.16.0 - 
https://github.com/apache/parquet-java/releases/tag/apache-parquet-1.16.0
    - Wire from 5.3.11 to 5.4.0 - 
https://github.com/square/wire/blob/master/CHANGELOG.md#version-540
    - AWS SDK v2 from 2.33.0 to 2.33.1 - 
https://github.com/aws/aws-sdk-java-v2/blob/master/CHANGELOG.md
    - Netty from 4.2.4.Final to 4.2.5.Final - 
https://netty.io/news/2025/09/03/4-2-5.html
    
    Signed-off-by: David Handermann <[email protected]>
---
 nifi-extension-bom/pom.xml                         |  4 ++--
 .../nifi-aws-bundle/nifi-aws-processors/pom.xml    |  2 +-
 .../security/OAuthBearerLoginCallbackHandler.java  | 23 +++++++---------------
 nifi-extension-bundles/nifi-kafka-bundle/pom.xml   |  2 +-
 .../nifi-parquet-processors/pom.xml                |  2 +-
 .../nifi-protobuf-services/pom.xml                 |  2 +-
 nifi-registry/pom.xml                              |  4 ++--
 pom.xml                                            |  4 ++--
 8 files changed, 17 insertions(+), 26 deletions(-)

diff --git a/nifi-extension-bom/pom.xml b/nifi-extension-bom/pom.xml
index d083b50ce7..f43837b9a5 100644
--- a/nifi-extension-bom/pom.xml
+++ b/nifi-extension-bom/pom.xml
@@ -225,13 +225,13 @@
             <dependency>
                 <groupId>org.mortbay.jasper</groupId>
                 <artifactId>mortbay-apache-jsp</artifactId>
-                <version>10.1.44</version>
+                <version>10.1.44.1</version>
                 <scope>provided</scope>
             </dependency>
             <dependency>
                 <groupId>org.mortbay.jasper</groupId>
                 <artifactId>mortbay-apache-el</artifactId>
-                <version>10.1.44</version>
+                <version>10.1.44.1</version>
                 <scope>provided</scope>
             </dependency>
             <dependency>
diff --git a/nifi-extension-bundles/nifi-aws-bundle/nifi-aws-processors/pom.xml 
b/nifi-extension-bundles/nifi-aws-bundle/nifi-aws-processors/pom.xml
index 4bd4419180..696fbded23 100644
--- a/nifi-extension-bundles/nifi-aws-bundle/nifi-aws-processors/pom.xml
+++ b/nifi-extension-bundles/nifi-aws-bundle/nifi-aws-processors/pom.xml
@@ -302,7 +302,7 @@
         <dependency>
             <groupId>org.apache.kafka</groupId>
             <artifactId>kafka-clients</artifactId>
-            <version>4.0.0</version>
+            <version>4.1.0</version>
         </dependency>
     </dependencies>
     <build>
diff --git 
a/nifi-extension-bundles/nifi-kafka-bundle/nifi-kafka-service-shared/src/main/java/org/apache/nifi/kafka/service/security/OAuthBearerLoginCallbackHandler.java
 
b/nifi-extension-bundles/nifi-kafka-bundle/nifi-kafka-service-shared/src/main/java/org/apache/nifi/kafka/service/security/OAuthBearerLoginCallbackHandler.java
index d4b926c336..69019eab85 100644
--- 
a/nifi-extension-bundles/nifi-kafka-bundle/nifi-kafka-service-shared/src/main/java/org/apache/nifi/kafka/service/security/OAuthBearerLoginCallbackHandler.java
+++ 
b/nifi-extension-bundles/nifi-kafka-bundle/nifi-kafka-service-shared/src/main/java/org/apache/nifi/kafka/service/security/OAuthBearerLoginCallbackHandler.java
@@ -17,12 +17,11 @@
 package org.apache.nifi.kafka.service.security;
 
 import org.apache.kafka.common.security.auth.AuthenticateCallbackHandler;
+import org.apache.kafka.common.security.oauthbearer.ClientJwtValidator;
+import org.apache.kafka.common.security.oauthbearer.JwtValidatorException;
 import org.apache.kafka.common.security.oauthbearer.OAuthBearerToken;
 import org.apache.kafka.common.security.oauthbearer.OAuthBearerTokenCallback;
-import 
org.apache.kafka.common.security.oauthbearer.internals.secured.ConfigurationUtils;
 import 
org.apache.kafka.common.security.oauthbearer.internals.secured.JaasOptionsUtils;
-import 
org.apache.kafka.common.security.oauthbearer.internals.secured.LoginAccessTokenValidator;
-import 
org.apache.kafka.common.security.oauthbearer.internals.secured.ValidateException;
 import org.apache.nifi.kafka.shared.login.OAuthBearerLoginConfigProvider;
 import org.apache.nifi.oauth2.OAuth2AccessTokenProvider;
 import org.apache.nifi.processor.exception.ProcessException;
@@ -31,12 +30,10 @@ import org.slf4j.LoggerFactory;
 
 import javax.security.auth.callback.Callback;
 import javax.security.auth.login.AppConfigurationEntry;
+
 import java.util.List;
 import java.util.Map;
 
-import static 
org.apache.kafka.common.config.SaslConfigs.SASL_OAUTHBEARER_SCOPE_CLAIM_NAME;
-import static 
org.apache.kafka.common.config.SaslConfigs.SASL_OAUTHBEARER_SUB_CLAIM_NAME;
-
 /**
  * {@link org.apache.kafka.common.security.auth.AuthenticateCallbackHandler} 
implementation to support OAuth 2 in NiFi Kafka components.
  * It uses {@link org.apache.nifi.oauth2.OAuth2AccessTokenProvider} controller 
service to acquire Access Tokens. The service reference is injected via the 
Kafka configuration.
@@ -50,7 +47,7 @@ public class OAuthBearerLoginCallbackHandler implements 
AuthenticateCallbackHand
     public static final String PROPERTY_KEY_NIFI_OAUTH_2_ACCESS_TOKEN_PROVIDER 
= "nifi.oauth2.access.token.provider";
 
     private OAuth2AccessTokenProvider accessTokenProvider;
-    private LoginAccessTokenValidator accessTokenValidator;
+    private ClientJwtValidator accessTokenValidator;
 
     @Override
     public void configure(final Map<String, ?> configs, final String 
saslMechanism, final List<AppConfigurationEntry> jaasConfigEntries) {
@@ -73,7 +70,8 @@ public class OAuthBearerLoginCallbackHandler implements 
AuthenticateCallbackHand
         }
 
         this.accessTokenProvider = accessTokenProvider;
-        this.accessTokenValidator = createAccessTokenValidator(configs, 
saslMechanism);
+        this.accessTokenValidator = new ClientJwtValidator();
+        this.accessTokenValidator.configure(configs, saslMechanism, List.of());
     }
 
     @Override
@@ -98,7 +96,7 @@ public class OAuthBearerLoginCallbackHandler implements 
AuthenticateCallbackHand
         try {
             final OAuthBearerToken token = 
accessTokenValidator.validate(accessToken);
             callback.token(token);
-        } catch (ValidateException e) {
+        } catch (JwtValidatorException e) {
             LOGGER.error("Could not validate and parse access token", e);
             callback.error("invalid_token", e.getMessage(), null);
         }
@@ -107,11 +105,4 @@ public class OAuthBearerLoginCallbackHandler implements 
AuthenticateCallbackHand
     @Override
     public void close() {
     }
-
-    private LoginAccessTokenValidator createAccessTokenValidator(final 
Map<String, ?> configs, final String saslMechanism) {
-        final ConfigurationUtils cu = new ConfigurationUtils(configs, 
saslMechanism);
-        final String scopeClaimName = 
cu.get(SASL_OAUTHBEARER_SCOPE_CLAIM_NAME);
-        final String subClaimName = cu.get(SASL_OAUTHBEARER_SUB_CLAIM_NAME);
-        return new LoginAccessTokenValidator(scopeClaimName, subClaimName);
-    }
 }
diff --git a/nifi-extension-bundles/nifi-kafka-bundle/pom.xml 
b/nifi-extension-bundles/nifi-kafka-bundle/pom.xml
index 76c81d8e2e..3f89d09976 100644
--- a/nifi-extension-bundles/nifi-kafka-bundle/pom.xml
+++ b/nifi-extension-bundles/nifi-kafka-bundle/pom.xml
@@ -26,7 +26,7 @@
     <properties>
         <skip.integration.tests>false</skip.integration.tests>
         <skip.unit.tests>false</skip.unit.tests>
-        <kafka-clients.version>4.0.0</kafka-clients.version>
+        <kafka-clients.version>4.1.0</kafka-clients.version>
     </properties>
 
     <modules>
diff --git 
a/nifi-extension-bundles/nifi-parquet-bundle/nifi-parquet-processors/pom.xml 
b/nifi-extension-bundles/nifi-parquet-bundle/nifi-parquet-processors/pom.xml
index 910bd56860..c9c7bd37f1 100644
--- a/nifi-extension-bundles/nifi-parquet-bundle/nifi-parquet-processors/pom.xml
+++ b/nifi-extension-bundles/nifi-parquet-bundle/nifi-parquet-processors/pom.xml
@@ -78,7 +78,7 @@
         <dependency>
             <groupId>org.apache.parquet</groupId>
             <artifactId>parquet-avro</artifactId>
-            <version>1.15.2</version>
+            <version>1.16.0</version>
             <exclusions>
                 <exclusion>
                     <groupId>org.xerial.snappy</groupId>
diff --git 
a/nifi-extension-bundles/nifi-protobuf-bundle/nifi-protobuf-services/pom.xml 
b/nifi-extension-bundles/nifi-protobuf-bundle/nifi-protobuf-services/pom.xml
index 5056379025..2c0b29c6dc 100644
--- a/nifi-extension-bundles/nifi-protobuf-bundle/nifi-protobuf-services/pom.xml
+++ b/nifi-extension-bundles/nifi-protobuf-bundle/nifi-protobuf-services/pom.xml
@@ -27,7 +27,7 @@
 
     <properties>
         <protobuf.version>3.25.8</protobuf.version>
-        <wire.version>5.3.11</wire.version>
+        <wire.version>5.4.0</wire.version>
     </properties>
 
     <dependencies>
diff --git a/nifi-registry/pom.xml b/nifi-registry/pom.xml
index 307bd12713..8583478215 100644
--- a/nifi-registry/pom.xml
+++ b/nifi-registry/pom.xml
@@ -118,13 +118,13 @@
             <dependency>
                 <groupId>org.mortbay.jasper</groupId>
                 <artifactId>mortbay-apache-jsp</artifactId>
-                <version>10.1.44</version>
+                <version>10.1.44.1</version>
                 <scope>compile</scope>
             </dependency>
             <dependency>
                 <groupId>org.mortbay.jasper</groupId>
                 <artifactId>mortbay-apache-el</artifactId>
-                <version>10.1.44</version>
+                <version>10.1.44.1</version>
                 <scope>compile</scope>
             </dependency>
             <dependency>
diff --git a/pom.xml b/pom.xml
index 98042c3777..a9e5f14e21 100644
--- a/pom.xml
+++ b/pom.xml
@@ -110,7 +110,7 @@
         
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <inceptionYear>2014</inceptionYear>
         <com.amazonaws.version>1.12.788</com.amazonaws.version>
-        <software.amazon.awssdk.version>2.33.0</software.amazon.awssdk.version>
+        <software.amazon.awssdk.version>2.33.1</software.amazon.awssdk.version>
         <gson.version>2.13.1</gson.version>
         
<io.fabric8.kubernetes.client.version>7.3.1</io.fabric8.kubernetes.client.version>
         <kotlin.version>2.2.10</kotlin.version>
@@ -158,7 +158,7 @@
         <junit.version>5.13.4</junit.version>
         <netty.3.version>3.10.6.Final</netty.3.version>
         <snakeyaml.version>2.5</snakeyaml.version>
-        <netty.4.version>4.2.4.Final</netty.4.version>
+        <netty.4.version>4.2.5.Final</netty.4.version>
         <servlet-api.version>6.1.0</servlet-api.version>
         <spring.version>6.2.10</spring.version>
         <spring.security.version>6.5.3</spring.security.version>

Reply via email to