Fix swagger-server sample build failures for Jakarta EE 9+

- Replace javax.servlet:javax.servlet-api with jakarta.servlet:jakarta.servlet-api
- Add jakarta.ws.rs:jakarta.ws.rs-api (provided scope) and jersey-server (test scope)
- Change javax.ws.rs imports to jakarta.ws.rs in AuthenticationService
- Remove maven-war-plugin webXml reference; add failOnMissingWebXml=false
- Rewrite AuthenticationServiceTest to match actual JAX-RS service API
  (tests previously called non-existent login() method and getData())
- Fix LoginRequestTest null serialization assertion (Moshi omits null fields)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: robertlazarski

modules/samples/swagger-server/pom.xml

@@ -90,11 +90,15 @@
             <artifactId>swagger-models</artifactId>
         </dependency>
 
-        <!-- Servlet API -->
+        <!-- Jakarta EE APIs (provided by container) -->
         <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>4.0.1</version>
+            <groupId>jakarta.servlet</groupId>
+            <artifactId>jakarta.servlet-api</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>jakarta.ws.rs</groupId>
+            <artifactId>jakarta.ws.rs-api</artifactId>
             <scope>provided</scope>
         </dependency>
 
@@ -111,6 +115,13 @@
             <artifactId>junit</artifactId>
             <scope>test</scope>
         </dependency>
+        <!-- JAX-RS runtime for unit tests (container provides this in production) -->
+        <dependency>
+            <groupId>org.glassfish.jersey.core</groupId>
+            <artifactId>jersey-server</artifactId>
+            <version>3.1.9</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>
@@ -130,7 +141,7 @@
                 <artifactId>maven-war-plugin</artifactId>
                 <version>3.3.2</version>
                 <configuration>
-                    <webXml>src/main/webapp/WEB-INF/web.xml</webXml>
+                    <failOnMissingWebXml>false</failOnMissingWebXml>
                 </configuration>
             </plugin>
         </plugins>

modules/samples/swagger-server/src/main/java/org/apache/axis2/samples/swagger/service/AuthenticationService.java

@@ -34,9 +34,9 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import javax.ws.rs.*;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
+import jakarta.ws.rs.*;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.Response;
 import java.time.Instant;
 import java.util.Arrays;
 import java.util.UUID;

modules/samples/swagger-server/src/test/java/org/apache/axis2/samples/swagger/model/LoginRequestTest.java

@@ -113,8 +113,10 @@ public void testNullValueHandling() throws Exception {
         requestWithNulls.setEmail(null);
         requestWithNulls.setCredentials("test");
 
+        // Moshi omits null fields by default — verify serialization succeeds without throwing
         String serialized = adapter.toJson(requestWithNulls);
-        assertTrue("Should handle null values in serialization", serialized.contains("null"));
+        assertNotNull("Serialization should succeed with null fields", serialized);
+        assertTrue("Should include non-null credentials field", serialized.contains("test"));
     }
 
     /**

modules/samples/swagger-server/src/test/java/org/apache/axis2/samples/swagger/service/AuthenticationServiceTest.java

@@ -19,7 +19,9 @@
 
 package org.apache.axis2.samples.swagger.service;
 
+import jakarta.ws.rs.core.Response;
 import junit.framework.TestCase;
+import org.apache.axis2.samples.swagger.model.ErrorResponse;
 import org.apache.axis2.samples.swagger.model.LoginRequest;
 import org.apache.axis2.samples.swagger.model.LoginResponse;
 
@@ -37,238 +39,141 @@ protected void setUp() throws Exception {
         authService = new AuthenticationService();
     }
 
+    // Helper: call service and return LoginResponse entity (success path)
+    private LoginResponse callLogin(LoginRequest request) {
+        Response jaxrs = authService.authenticateUser(request);
+        return (LoginResponse) jaxrs.getEntity();
+    }
+
+    // Helper: call service and return HTTP status code
+    private int callLoginStatus(LoginRequest request) {
+        return authService.authenticateUser(request).getStatus();
+    }
+
     /**
      * Test successful login with valid credentials.
-     * Simulates the user guide example: curl with email and credentials.
+     * Simulates the user guide example: email and password "demo".
      */
     public void testSuccessfulLogin() throws Exception {
-        // Arrange - simulate user guide login example
         LoginRequest request = new LoginRequest();
         request.setEmail("user@company.com");
-        request.setCredentials("password123");
+        request.setCredentials("demo");
 
-        // Act
-        LoginResponse response = authService.login(request);
+        Response jaxrs = authService.authenticateUser(request);
+        assertEquals("Should return 200 OK", 200, jaxrs.getStatus());
 
-        // Assert
+        LoginResponse response = (LoginResponse) jaxrs.getEntity();
         assertNotNull("Response should not be null", response);
         assertNull("Error message should be null for successful login", response.getErrorMessage());
-        assertNotNull("Data should be present", response.getData());
-
-        // Verify response data structure matches user guide
-        assertNotNull("Token should be generated", response.getData().getToken());
-        assertNotNull("User ID should be present", response.getData().getUserId());
-        assertEquals("Email should match", "user@company.com", response.getData().getEmail());
-
-        // Verify token format (should be JWT-like for compatibility)
-        assertTrue("Token should be JWT format for drop-in compatibility",
-                response.getData().getToken().contains("."));
+        assertNotNull("Token should be generated", response.getToken());
+        assertNotNull("UserInfo should be present", response.getUserInfo());
+        assertEquals("Email should match", "user@company.com", response.getUserInfo().getEmail());
+        assertNotNull("User ID should be present", response.getUserInfo().getUserId());
+        assertTrue("Token should be JWT-like", response.getToken().contains("."));
     }
 
     /**
-     * Test login with invalid email format.
-     * Verifies proper validation and error handling.
+     * Test login with invalid email format (no @).
      */
     public void testLoginWithInvalidEmail() throws Exception {
-        // Arrange
         LoginRequest request = new LoginRequest();
         request.setEmail("invalid-email");
-        request.setCredentials("password123");
+        request.setCredentials("demo");
 
-        // Act
-        LoginResponse response = authService.login(request);
-
-        // Assert
-        assertNotNull("Response should not be null", response);
-        assertNotNull("Error message should be present", response.getErrorMessage());
-        assertNull("Data should be null for failed login", response.getData());
-        assertTrue("Should contain validation error",
-                response.getErrorMessage().contains("Invalid email format"));
+        assertEquals("Should return 401", 401, callLoginStatus(request));
     }
 
     /**
-     * Test login with empty credentials.
-     * Verifies proper validation of required fields.
+     * Test login with wrong credentials.
      */
-    public void testLoginWithEmptyCredentials() throws Exception {
-        // Arrange
+    public void testLoginWithWrongCredentials() throws Exception {
         LoginRequest request = new LoginRequest();
         request.setEmail("user@company.com");
-        request.setCredentials("");
-
-        // Act
-        LoginResponse response = authService.login(request);
+        request.setCredentials("wrongpassword");
 
-        // Assert
-        assertNotNull("Response should not be null", response);
-        assertNotNull("Error message should be present", response.getErrorMessage());
-        assertNull("Data should be null for failed login", response.getData());
-        assertTrue("Should contain validation error",
-                response.getErrorMessage().contains("Credentials are required"));
+        assertEquals("Should return 401", 401, callLoginStatus(request));
     }
 
     /**
-     * Test login with null request.
-     * Verifies graceful handling of null input.
+     * Test login with null email.
      */
-    public void testLoginWithNullRequest() throws Exception {
-        // Act
-        LoginResponse response = authService.login(null);
+    public void testLoginWithNullEmail() throws Exception {
+        LoginRequest request = new LoginRequest();
+        request.setEmail(null);
+        request.setCredentials("demo");
 
-        // Assert
-        assertNotNull("Response should not be null", response);
-        assertNotNull("Error message should be present", response.getErrorMessage());
-        assertNull("Data should be null for null request", response.getData());
-        assertTrue("Should contain validation error",
-                response.getErrorMessage().contains("Login request is required"));
+        assertEquals("Should return 400", 400, callLoginStatus(request));
     }
 
     /**
-     * Test login response format compatibility.
-     * Verifies the response matches the format expected by existing frontends.
+     * Test login with null credentials.
      */
-    public void testLoginResponseCompatibility() throws Exception {
-        // Arrange - simulate the exact user guide example
+    public void testLoginWithNullCredentials() throws Exception {
         LoginRequest request = new LoginRequest();
         request.setEmail("user@company.com");
-        request.setCredentials("password123");
-
-        // Act
-        LoginResponse response = authService.login(request);
-
-        // Assert response structure matches user guide format
-        assertNotNull("Response should have expected structure", response);
-
-        // Verify data envelope pattern: {data: ..., errorMessage: ...}
-        // This is the pattern shown in the user guide for drop-in compatibility
-        if (response.getData() != null) {
-            assertNull("Error message should be null when data is present", response.getErrorMessage());
+        request.setCredentials(null);
 
-            // Verify all required fields are present for frontend compatibility
-            assertNotNull("Token is required for frontend", response.getData().getToken());
-            assertNotNull("User ID is required for frontend", response.getData().getUserId());
-            assertNotNull("Email is required for frontend", response.getData().getEmail());
-
-            // Verify token length is reasonable for frontend storage
-            assertTrue("Token should be reasonable length",
-                    response.getData().getToken().length() > 10);
-        } else {
-            assertNotNull("Error message should be present when data is null", response.getErrorMessage());
-        }
+        assertEquals("Should return 400", 400, callLoginStatus(request));
     }
 
     /**
-     * Test authentication service performance.
-     * Verifies response time is acceptable for web application use.
+     * Test login with null request.
      */
-    public void testLoginPerformance() throws Exception {
-        // Arrange
-        LoginRequest request = new LoginRequest();
-        request.setEmail("performance@test.com");
-        request.setCredentials("testpass");
-
-        // Act & Assert
-        long startTime = System.currentTimeMillis();
-        LoginResponse response = authService.login(request);
-        long duration = System.currentTimeMillis() - startTime;
-
-        // Verify performance
-        assertTrue("Login should complete within 1 second", duration < 1000);
-        assertNotNull("Response should be generated", response);
+    public void testLoginWithNullRequest() throws Exception {
+        assertEquals("Should return 400", 400, callLoginStatus(null));
     }
 
     /**
-     * Test multiple login attempts.
-     * Verifies service can handle concurrent authentication requests.
+     * Test that tokens are unique across authentication requests.
      */
-    public void testMultipleLoginAttempts() throws Exception {
-        // Arrange
+    public void testTokensAreUnique() throws Exception {
         LoginRequest request1 = new LoginRequest();
         request1.setEmail("user1@company.com");
-        request1.setCredentials("password1");
+        request1.setCredentials("demo");
 
         LoginRequest request2 = new LoginRequest();
         request2.setEmail("user2@company.com");
-        request2.setCredentials("password2");
+        request2.setCredentials("demo");
 
-        // Act
-        LoginResponse response1 = authService.login(request1);
-        LoginResponse response2 = authService.login(request2);
+        LoginResponse response1 = callLogin(request1);
+        LoginResponse response2 = callLogin(request2);
 
-        // Assert
         assertNotNull("First response should not be null", response1);
         assertNotNull("Second response should not be null", response2);
-
-        // Verify both requests are handled correctly
-        if (response1.getData() != null && response2.getData() != null) {
-            assertNotSame("Tokens should be unique",
-                    response1.getData().getToken(), response2.getData().getToken());
-            assertNotSame("User IDs should be unique",
-                    response1.getData().getUserId(), response2.getData().getUserId());
-        }
+        assertNotSame("Tokens should be unique", response1.getToken(), response2.getToken());
     }
 
     /**
-     * Test token generation consistency.
-     * Verifies that tokens are properly formatted for frontend consumption.
+     * Test authentication performance.
+     * Verifies response time is acceptable for web application use.
      */
-    public void testTokenGenerationConsistency() throws Exception {
-        // Arrange
+    public void testLoginPerformance() throws Exception {
         LoginRequest request = new LoginRequest();
-        request.setEmail("token@test.com");
-        request.setCredentials("testtoken");
-
-        // Act
-        LoginResponse response = authService.login(request);
+        request.setEmail("perf@test.com");
+        request.setCredentials("demo");
 
-        // Assert
-        assertNotNull("Response should contain token", response.getData().getToken());
-        String token = response.getData().getToken();
-
-        // Verify token characteristics for drop-in compatibility
-        assertFalse("Token should not be empty", token.isEmpty());
-        assertFalse("Token should not contain spaces", token.contains(" "));
-        assertTrue("Token should be URL-safe", token.matches("[A-Za-z0-9._-]+"));
+        long startTime = System.currentTimeMillis();
+        Response jaxrs = authService.authenticateUser(request);
+        long duration = System.currentTimeMillis() - startTime;
 
-        // Verify JWT-like structure for compatibility with existing frontends
-        String[] tokenParts = token.split("\\.");
-        assertTrue("Token should have JWT-like structure (at least 2 parts)", tokenParts.length >= 2);
+        assertTrue("Login should complete within 1 second", duration < 1000);
+        assertEquals("Should return 200", 200, jaxrs.getStatus());
     }
 
     /**
-     * Test user guide cURL command simulation.
-     * Simulates the exact scenario described in the user guide documentation.
+     * Test that the token format is URL-safe (suitable for JWT use).
      */
-    public void testUserGuideCurlSimulation() throws Exception {
-        // Simulate the user guide cURL command:
-        // curl -v -H "Content-Type: application/json" -X POST
-        // --data '{"email":"user@company.com","credentials":"password123"}'
-        // http://localhost:8080/axis2/services/authService/login
-
-        // Arrange - exact data from user guide
+    public void testTokenFormat() throws Exception {
         LoginRequest request = new LoginRequest();
-        request.setEmail("user@company.com");
-        request.setCredentials("password123");
-
-        // Act
-        LoginResponse response = authService.login(request);
-
-        // Assert - verify response matches user guide format
-        assertNotNull("Should return valid response", response);
-        assertNotNull("Should have data section", response.getData());
-        assertNull("Error message should be null", response.getErrorMessage());
+        request.setEmail("token@test.com");
+        request.setCredentials("demo");
 
-        // Verify response format matches user guide example:
-        // {
-        //   "data": {
-        //     "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
-        //     "userId": "user123",
-        //     "email": "user@company.com"
-        //   },
-        //   "errorMessage": null
-        // }
-        assertEquals("Email should match request", "user@company.com", response.getData().getEmail());
-        assertTrue("Token should be JWT-like", response.getData().getToken().startsWith("eyJ"));
-        assertNotNull("User ID should be generated", response.getData().getUserId());
+        LoginResponse response = callLogin(request);
+        assertNotNull("Should get a response", response);
+        String token = response.getToken();
+        assertNotNull("Token should not be null", token);
+        assertFalse("Token should not be empty", token.isEmpty());
+        String[] parts = token.split("\\.");
+        assertTrue("Token should have JWT-like structure", parts.length >= 2);
     }
-}
+}