search

eclipse-basyx / basyx-java-sdk

java-sdk
MIT License
25 stars 32 forks source link

Consider "keycloak-admin-client" dependency to be optional, possibly "move" it to basyx.components? #268

Closed in-fke closed 1 year ago

in-fke commented 1 year ago

Dependency to "keycloak-admin-client" introduces a ton of dependencies, and it's only for implementing org.eclipse.basyx.extensions.shared.authorization.internal.KeycloakService which again is only used by org.eclipse.basyx.components.security.authorization.internal.KeycloakJwtBearerTokenAuthenticationConfigurationProvider

I may be wrong, but:

  1. consider marking dependency to "keycloak-admin-client" as optional
  2. consider moving that service to basyx.components altogether?
[INFO] +- org.keycloak:keycloak-admin-client:jar:19.0.3:compile
[INFO] |  +- org.keycloak:keycloak-core:jar:19.0.3:compile
[INFO] |  +- org.keycloak:keycloak-common:jar:19.0.3:compile
[INFO] |  +- org.jboss.resteasy:resteasy-client:jar:3.13.2.Final:compile
[INFO] |  |  +- org.jboss.spec.javax.ws.rs:jboss-jaxrs-api_2.1_spec:jar:2.0.1.Final:compile
[INFO] |  |  +- org.jboss.resteasy:resteasy-jaxrs:jar:3.13.2.Final:compile
[INFO] |  |  |  +- org.reactivestreams:reactive-streams:jar:1.0.3:compile
[INFO] |  |  |  +- jakarta.validation:jakarta.validation-api:jar:2.0.2:compile
[INFO] |  |  |  \- org.jboss.spec.javax.annotation:jboss-annotations-api_1.3_spec:jar:2.0.1.Final:compile
[INFO] |  |  \- org.jboss.logging:jboss-logging:jar:3.3.2.Final:compile
[INFO] |  +- org.jboss.resteasy:resteasy-multipart-provider:jar:3.13.2.Final:compile
[INFO] |  |  +- com.sun.mail:jakarta.mail:jar:1.6.5:compile
[INFO] |  |  \- org.apache.james:apache-mime4j:jar:0.6:compile
[INFO] |  +- org.jboss.resteasy:resteasy-jackson2-provider:jar:3.13.2.Final:compile
[INFO] |  |  +- com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider:jar:2.10.5:compile
[INFO] |  |  |  +- com.fasterxml.jackson.jaxrs:jackson-jaxrs-base:jar:2.10.5:compile
[INFO] |  |  |  \- com.fasterxml.jackson.module:jackson-module-jaxb-annotations:jar:2.10.5:compile
[INFO] |  |  |     \- jakarta.activation:jakarta.activation-api:jar:1.2.1:compile
[INFO] |  |  \- com.github.fge:json-patch:jar:1.9:compile
[INFO] |  |     \- com.github.fge:jackson-coreutils:jar:1.6:compile
[INFO] |  |        \- com.github.fge:msg-simple:jar:1.1:compile
[INFO] |  |           \- com.github.fge:btf:jar:1.2:compile
[INFO] |  \- org.jboss.resteasy:resteasy-jaxb-provider:jar:3.13.2.Final:compile
[INFO] |     \- org.jboss.spec.javax.xml.bind:jboss-jaxb-api_2.3_spec:jar:2.0.0.Final:compile

as for now, I will probably manually exclude the transitve dependency to "keycloak-admin-client".

FrankSchnicke commented 1 year ago

Thanks for pointing this out. However, since moving it somewhere else or excluding it would result in breaking changes for our users. Thus, this is not something which we are going to change in BaSyx Java V1.X - however, in V2 of BaSyx Java we will ensure modularity