From 6654479649504c1b005296dd8876f3290b144a65 Mon Sep 17 00:00:00 2001
From: Marcus Da Coregio <marcusdacoregio@gmail.com>
Date: Fri, 27 Oct 2023 09:45:13 -0300
Subject: [PATCH] Polish VerifyDependenciesVersionsPlugin

Issue gh-14047
---
 .../VerifyDependenciesVersionsPlugin.java     | 106 +++++++++---------
 1 file changed, 52 insertions(+), 54 deletions(-)

diff --git a/buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java b/buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java
index 85d17a9f4d..d22ac3f456 100644
--- a/buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java
+++ b/buildSrc/src/main/java/org/springframework/security/convention/versions/VerifyDependenciesVersionsPlugin.java
@@ -21,50 +21,30 @@ import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import java.util.function.Supplier;
 import java.util.stream.Collectors;
 
+import org.gradle.api.DefaultTask;
 import org.gradle.api.Plugin;
 import org.gradle.api.Project;
-import org.gradle.api.Task;
 import org.gradle.api.artifacts.Configuration;
 import org.gradle.api.artifacts.ModuleVersionIdentifier;
+import org.gradle.api.plugins.JavaBasePlugin;
+import org.gradle.api.tasks.TaskAction;
 import org.gradle.api.tasks.TaskProvider;
 
 public class VerifyDependenciesVersionsPlugin implements Plugin<Project> {
 
 	@Override
 	public void apply(Project project) {
-		TaskProvider<Task> provider = project.getTasks().register("verifyDependenciesVersions", (verifyDependenciesVersionsTask) -> {
-			verifyDependenciesVersionsTask.setGroup("Verification");
-			verifyDependenciesVersionsTask.setDescription("Verify that specific dependencies are using the same version");
+		TaskProvider<VerifyDependenciesVersionsTask> verifyDependenciesVersionsTaskProvider = project.getTasks().register("verifyDependenciesVersions", VerifyDependenciesVersionsTask.class, (task) -> {
+			task.setGroup("Verification");
+			task.setDescription("Verify that specific dependencies are using the same version");
 			List<Configuration> allConfigurations = new ArrayList<>();
 			allConfigurations.addAll(getConfigurations(project));
 			allConfigurations.addAll(getSubprojectsConfigurations(project.getSubprojects()));
-			verifyDependenciesVersionsTask.getInputs().property("dependenciesVersions", new DependencySupplier(allConfigurations));
-			verifyDependenciesVersionsTask.doLast((task) -> {
-				DependencySupplier dependencies = (DependencySupplier) task.getInputs().getProperties().get("dependenciesVersions");
-				Map<String, List<Artifact>> artifacts = dependencies.get();
-				List<Artifact> oauth2OidcSdk = artifacts.get("oauth2-oidc-sdk");
-				List<Artifact> nimbusJoseJwt = artifacts.get("nimbus-jose-jwt");
-				if (oauth2OidcSdk.size() > 1) {
-					throw new IllegalStateException("Found multiple versions of oauth2-oidc-sdk: " + oauth2OidcSdk);
-				}
-				Artifact oauth2OidcSdkArtifact = oauth2OidcSdk.get(0);
-				String nimbusJoseJwtVersion = TransitiveDependencyLookupUtils.lookupJwtVersion(oauth2OidcSdkArtifact.version());
-				List<Artifact> differentVersions = nimbusJoseJwt.stream()
-						.filter((artifact) -> !artifact.version().equals(nimbusJoseJwtVersion))
-						.filter((artifact -> !artifact.configurationName().contains("spring-security-cas"))) // CAS uses a different version
-						.collect(Collectors.toList());
-				if (!differentVersions.isEmpty()) {
-					String message = "Found transitive nimbus-jose-jwt version [" + nimbusJoseJwtVersion + "] in oauth2-oidc-sdk " + oauth2OidcSdkArtifact
-							+ ", but the project contains a different version of nimbus-jose-jwt " + differentVersions
-							+ ". Please align the versions of nimbus-jose-jwt.";
-					throw new IllegalStateException(message);
-				}
-			});
+			task.setConfigurations(allConfigurations);
 		});
-		project.getTasks().getByName("build").dependsOn(provider);
+		project.getTasks().named(JavaBasePlugin.CHECK_TASK_NAME, checkTask -> checkTask.dependsOn(verifyDependenciesVersionsTaskProvider));
 	}
 
 	private List<Configuration> getConfigurations(Project project) {
@@ -86,6 +66,50 @@ public class VerifyDependenciesVersionsPlugin implements Plugin<Project> {
 		return subprojectConfigurations;
 	}
 
+	public static class VerifyDependenciesVersionsTask extends DefaultTask {
+
+		private List<Configuration> configurations;
+
+		public void setConfigurations(List<Configuration> configurations) {
+			this.configurations = configurations;
+		}
+
+		@TaskAction
+		public void verify() {
+			Map<String, List<Artifact>> artifacts = getDependencies(this.configurations);
+			List<Artifact> oauth2OidcSdk = artifacts.get("oauth2-oidc-sdk");
+			List<Artifact> nimbusJoseJwt = artifacts.get("nimbus-jose-jwt");
+			if (oauth2OidcSdk.size() > 1) {
+				throw new IllegalStateException("Found multiple versions of oauth2-oidc-sdk: " + oauth2OidcSdk);
+			}
+			Artifact oauth2OidcSdkArtifact = oauth2OidcSdk.get(0);
+			String nimbusJoseJwtVersion = TransitiveDependencyLookupUtils.lookupJwtVersion(oauth2OidcSdkArtifact.version());
+			List<Artifact> differentVersions = nimbusJoseJwt.stream()
+					.filter((artifact) -> !artifact.version().equals(nimbusJoseJwtVersion))
+					.filter((artifact -> !artifact.configurationName().contains("spring-security-cas"))) // CAS uses a different version
+					.collect(Collectors.toList());
+			if (!differentVersions.isEmpty()) {
+				String message = "Found transitive nimbus-jose-jwt version [" + nimbusJoseJwtVersion + "] in oauth2-oidc-sdk " + oauth2OidcSdkArtifact
+						+ ", but the project contains a different version of nimbus-jose-jwt " + differentVersions
+						+ ". Please align the versions of nimbus-jose-jwt.";
+				throw new IllegalStateException(message);
+			}
+		}
+
+		private Map<String, List<Artifact>> getDependencies(List<Configuration> configurations) {
+			return configurations.stream().flatMap((configuration) -> {
+						return configuration.getResolvedConfiguration().getResolvedArtifacts().stream()
+								.map((dep) -> {
+									ModuleVersionIdentifier id = dep.getModuleVersion().getId();
+									return new Artifact(id.getName(), id.getVersion(), configuration.toString());
+								});
+					})
+					.distinct()
+					.collect(Collectors.groupingBy(Artifact::name));
+		}
+
+	}
+
 	private static class Artifact {
 
 		private final String name;
@@ -112,30 +136,4 @@ public class VerifyDependenciesVersionsPlugin implements Plugin<Project> {
 
 	}
 
-	private static final class DependencySupplier implements Supplier<Map<String, List<Artifact>>> {
-
-		private final List<Configuration> configurations;
-
-		private DependencySupplier(List<Configuration> configurations) {
-			this.configurations = configurations;
-		}
-
-		@Override
-		public Map<String, List<Artifact>> get() {
-			return getDependencies(this.configurations);
-		}
-
-		private Map<String, List<Artifact>> getDependencies(List<Configuration> configurations) {
-			return configurations.stream().flatMap((configuration) -> {
-						return configuration.getResolvedConfiguration().getResolvedArtifacts().stream()
-								.map((dep) -> {
-									ModuleVersionIdentifier id = dep.getModuleVersion().getId();
-									return new Artifact(id.getName(), id.getVersion(), configuration.toString());
-								});
-					})
-					.distinct()
-					.collect(Collectors.groupingBy(Artifact::name));
-		}
-	}
-
 }