Added trust me project and bumped java to 21

Author: Hakky54

README.MD

@@ -4,7 +4,7 @@
 A repository containing different java tutorials
 
 **Minimum requirements:**
-1. Java 17
+1. Java 21
 2. Maven 3.5.0
 3. Eclipse, Intellij IDEA (or any other text editor like VIM)
 4. A terminal
@@ -36,6 +36,7 @@ A repository containing different java tutorials
 - [Spring Boot Reactive Server with Common Name Validation based on Spring Security](spring-security-cn-validation-for-reactive-server)
 - [Spring Boot Server with Common Name Validation based on AOP with AspectJ Weaver](spring-cn-validation-with-aop)
 - [Bypassing and overruling SSL configuration of libraries](bypassing-overruling-ssl-configuration)
+- [Prompting to trust an unknown certificate in a GUI and reloading the ssl configuration](trust-me)
 
 ## Serialization & Deserialization ☢️
 - [Two-way object serialization while using one model with Jackson and Spring Boot](two-way-object-serialization)

mock-statics-with-mockito/pom.xml

@@ -43,6 +43,12 @@
             <version>${version.assertj-core}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>net.bytebuddy</groupId>
+            <artifactId>byte-buddy</artifactId>
+            <version>${version.byte-buddy}</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
 </project>

pom.xml

@@ -24,6 +24,7 @@
         <module>instant-server-ssl-reloading-with-quarkus</module>
         <module>instant-ssl-reloading-with-spring-tomcat</module>
         <module>bypassing-overruling-ssl-configuration</module>
+        <module>trust-me</module>
     </modules>
 
     <licenses>
@@ -47,7 +48,7 @@
     </developers>
 
     <properties>
-        <version.java>11</version.java>
+        <version.java>21</version.java>
         <version.maven-surefire-plugin>3.0.0-M7</version.maven-surefire-plugin>
         <version.maven-fail-safe>3.0.0-M7</version.maven-fail-safe>
         <version.maven-compiler-plugin>3.10.1</version.maven-compiler-plugin>
@@ -62,6 +63,7 @@
         <version.sslcontext-kickstart>8.3.6</version.sslcontext-kickstart>
         <version.logcaptor>2.9.3</version.logcaptor>
         <version.spring>3.3.2</version.spring>
+        <version.javafx>21.0.3</version.javafx>
         <version-tomcat>10.1.26</version-tomcat>
         <version.aspectweaver>1.9.22.1</version.aspectweaver>
         <version.jackson>2.17.2</version.jackson>
@@ -86,8 +88,9 @@
         <version.assertj-core>3.23.1</version.assertj-core>
         <version.junit>5.10.3</version.junit>
         <version.junit-platform>1.10.3</version.junit-platform>
-        <version.mockito>5.12.0</version.mockito>
+        <version.mockito>5.13.0</version.mockito>
         <version.mockito-inline>5.2.0</version.mockito-inline>
+        <version.byte-buddy>1.15.1</version.byte-buddy>
         <version.consolecaptor>1.0.3</version.consolecaptor>
         <version.postgresql>42.5.0</version.postgresql>
         <version.testcontainers-postgresql>1.17.3</version.testcontainers-postgresql>

trust-me/README.md

@@ -0,0 +1,32 @@
+# Trust Me 🔐
+A proof-of-concept GUI for prompting an user when a certificate is not trusted yet. The ssl configuration will be reloaded during runtime.
+
+This GUI app demonstrates the feature of [Trusting additional new certificates at runtime](https://github.com/Hakky54/sslcontext-kickstart?tab=readme-ov-file#trust-additional-new-certificates-at-runtime) from the library [sslcontext-kickstart](https://github.com/Hakky54/sslcontext-kickstart)
+It might occur that your truststore has outdated certificates and is not easy to maintain or it just calls servers which has recently updated their certificates. 
+This option demonstrates how to integrate it in your GUI app, and it will prompt when the certificate is not trusted yet, which gives the option to the end-user to either trust or reject it.
+
+## Demo
+![alt text](https://github.com/Hakky54/java-tutorials/blob/main/trust-me/blob/master/images/demo.gif?raw=true)
+
+## Running locally
+
+### Minimum requirements
+- JDK 21
+- Maven
+- Terminal
+
+Although this project requires JDK 21, the [library](https://github.com/Hakky54/sslcontext-kickstart) itself is compatible with JDK 8 and therefor will work with that version.
+
+Run the following commands in your terminal:
+
+```bash
+mvn clean package
+mvn spring-boot:run
+```
+
+## Contributing
+
+There are plenty of ways to contribute to this project:
+
+* Give it a star
+* Submit a PR

trust-me/images/demo.gif

@@ -0,0 +1,107 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>io.github.hakky54</groupId>
+        <artifactId>java-tutorials</artifactId>
+        <version>1.0.0-SNAPSHOT</version>
+    </parent>
+
+    <artifactId>trust-me</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>io.github.hakky54</groupId>
+            <artifactId>sslcontext-kickstart</artifactId>
+            <version>${version.sslcontext-kickstart}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-base</artifactId>
+            <version>${version.javafx}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-fxml</artifactId>
+            <version>${version.javafx}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-controls</artifactId>
+            <version>${version.javafx}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.openjfx</groupId>
+            <artifactId>javafx-graphics</artifactId>
+            <version>${version.javafx}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter</artifactId>
+            <version>${version.spring}</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>${version.maven-compiler-plugin}</version>
+                <configuration>
+                    <target>${version.java}</target>
+                    <release>${version.java}</release>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>exec-maven-plugin</artifactId>
+                <version>${version.exec-maven-plugin}</version>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>java</goal>
+                        </goals>
+                    </execution>
+                </executions>
+                <configuration>
+                    <mainClass>nl.altindag.ssl.trustme.App</mainClass>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <version>${version.spring}</version>
+                <configuration>
+                    <finalName>trust-me</finalName>
+                    <mainClass>nl.altindag.ssl.trustme.App</mainClass>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>repackage</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+
+        </plugins>
+
+        <resources>
+            <resource>
+                <directory>src/main/resources</directory>
+                <includes>
+                    <include>mainscreen.fxml</include>
+                    <include>banner.txt</include>
+                </includes>
+            </resource>
+        </resources>
+    </build>
+
+</project>

trust-me/pom.xml

@@ -0,0 +1,73 @@
+/*
+ * Copyright 2022 Thunderberry.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package nl.altindag.ssl.trustme;
+
+import javafx.application.Application;
+import javafx.application.Platform;
+import javafx.fxml.FXMLLoader;
+import javafx.scene.Parent;
+import javafx.scene.Scene;
+import javafx.stage.Stage;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.context.ConfigurableApplicationContext;
+
+import java.io.IOException;
+import java.util.function.Function;
+
+@SpringBootApplication
+public class App extends Application {
+
+    private static final String TITLE = "Trust Me";
+    private ConfigurableApplicationContext applicationContext;
+    private final Function<String, FXMLLoader> fxmlLoaderFunction = fxml -> new FXMLLoader(this.getClass().getResource(fxml));
+
+    private Parent root;
+
+    @Override
+    public void init() throws IOException {
+        applicationContext = new SpringApplicationBuilder(App.class)
+                .headless(false)
+                .run(getParameters().getRaw().toArray(String[]::new));
+
+        FXMLLoader fxmlLoader = fxmlLoaderFunction.apply("/mainscreen.fxml");
+        fxmlLoader.setControllerFactory(applicationContext::getBean);
+        root = fxmlLoader.load();
+    }
+
+    @Override
+    public void start(Stage stage) {
+        Scene scene = new Scene(root);
+        stage.setTitle(TITLE);
+        stage.setScene(scene);
+        stage.setWidth(500);
+        stage.setHeight(400);
+        stage.setResizable(false);
+
+        stage.show();
+    }
+
+    @Override
+    public void stop() {
+        Platform.exit();
+        applicationContext.stop();
+    }
+
+    public static void main(String[] args) {
+        launch(args);
+    }
+
+}

trust-me/src/main/java/nl/altindag/ssl/trustme/App.java

@@ -0,0 +1,24 @@
+/*
+ * Copyright 2022 Thunderberry.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package nl.altindag.ssl.trustme;
+
+public class AppStarter {
+
+    public static void main(String[] args) {
+        App.main(args);
+    }
+
+}

trust-me/src/main/java/nl/altindag/ssl/trustme/AppStarter.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright 2022 Thunderberry.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package nl.altindag.ssl.trustme.config;
+
+import nl.altindag.ssl.SSLFactory;
+import nl.altindag.ssl.trustme.service.TrustMeService;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Lazy;
+
+import javax.net.ssl.X509ExtendedTrustManager;
+import java.net.http.HttpClient;
+import java.nio.file.Path;
+
+@Configuration
+public class ClientConfig {
+
+    private static final Path TRUSTSTORE_PATH = Path.of(System.getProperty("user.dir"), "truststore.jks");
+    private static final char[] TRUSTSTORE_PASSWORD = "changeit".toCharArray();
+    private static final String TRUSTSTORE_TYPE = "PKCS12";
+
+    @Bean
+    public HttpClient httpClient(SSLFactory sslFactory) {
+        return HttpClient.newBuilder()
+                .sslContext(sslFactory.getSslContext())
+                .sslParameters(sslFactory.getSslParameters())
+                .build();
+    }
+
+    @Bean
+    public SSLFactory sslFactory(@Lazy TrustMeService trustMeService) {
+        return SSLFactory.builder()
+                .withInflatableTrustMaterial(TRUSTSTORE_PATH, TRUSTSTORE_PASSWORD, TRUSTSTORE_TYPE, trustMeService::verify)
+                .build();
+    }
+
+    @Bean
+    public X509ExtendedTrustManager trustManager(SSLFactory sslFactory) {
+        return sslFactory.getTrustManager().orElseThrow();
+    }
+
+}