Upgrade Spring Boot demo to 3.5.12 and Java 17 (#734)

## Summary
- Upgrade Spring Boot from 2.6.4 to 3.5.12 and Java from 1.8 to 17
- Migrate from `javax` to `jakarta` namespace for Spring Boot 3.x
compatibility
- Update SDK usage for 0.103.0: explicit OIDC endpoint discovery,
required scopes, and `CreateCustomAppIntegration` request object
- Override transitive jackson-bom version to fix known CVE
- Remove unused `ObjectMapper` bean and `jackson-datatype-jsr310`
dependency

## Test plan
- [x] Built and ran the example locally against an AWS staging workspace
- [x] Verified full OAuth U2M flow: app registration, consent, token
exchange, and cluster listing
- [x] Ran Trivy scan confirming zero vulnerabilities in the example
- [x] Ran `mvn spotless:check` confirming formatting compliance

This pull request was AI-assisted by Isaac.

Author: pietern

examples/spring-boot-oauth-u2m-demo/pom.xml

@@ -4,7 +4,7 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>2.6.4</version>
+    <version>3.5.12</version>
     <relativePath></relativePath>
   </parent>
 
@@ -17,8 +17,11 @@
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <maven.compiler.source>1.8</maven.compiler.source>
-    <maven.compiler.target>1.8</maven.compiler.target>
+    <maven.compiler.source>17</maven.compiler.source>
+    <maven.compiler.target>17</maven.compiler.target>
+    <!-- Override transitive dependency version to fix known CVE.
+         This can likely be removed when upgrading to a newer Spring Boot version. -->
+    <jackson-bom.version>2.21.2</jackson-bom.version>
   </properties>
 
   <dependencies>
@@ -39,9 +42,5 @@
       <artifactId>databricks-sdk-java</artifactId>
       <version>0.103.0</version>
     </dependency>
-    <dependency>
-      <groupId>com.fasterxml.jackson.datatype</groupId>
-      <artifactId>jackson-datatype-jsr310</artifactId>
-    </dependency>
   </dependencies>
 </project>

examples/spring-boot-oauth-u2m-demo/src/main/java/com/databricks/sdk/App.java

@@ -2,8 +2,6 @@
 
 import com.databricks.sdk.core.commons.CommonsHttpClient;
 import com.databricks.sdk.core.http.HttpClient;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.annotation.Bean;
@@ -23,13 +21,6 @@ public HttpClient getHttpClient() {
         return new CommonsHttpClient.Builder().withTimeoutSeconds(30).build();
     }
 
-    @Bean
-    public ObjectMapper getObjectMapper() {
-        ObjectMapper m = new ObjectMapper();
-        m.registerModule(new JavaTimeModule());
-        return m;
-    }
-
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http.authorizeHttpRequests((requests) -> requests

examples/spring-boot-oauth-u2m-demo/src/main/java/com/databricks/sdk/RootController.java

@@ -4,12 +4,12 @@
 import com.databricks.sdk.core.http.HttpClient;
 import com.databricks.sdk.core.oauth.Consent;
 import com.databricks.sdk.core.oauth.OAuthClient;
+import com.databricks.sdk.core.oauth.OpenIDConnectEndpoints;
 import com.databricks.sdk.core.oauth.SessionCredentials;
 import com.databricks.sdk.service.compute.ClusterDetails;
 import com.databricks.sdk.service.compute.ListClustersRequest;
+import com.databricks.sdk.service.oauth2.CreateCustomAppIntegration;
 import com.databricks.sdk.service.oauth2.CreateCustomAppIntegrationOutput;
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Controller;
@@ -18,7 +18,7 @@
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 
-import javax.servlet.http.HttpSession;
+import jakarta.servlet.http.HttpSession;
 import java.io.IOException;
 import java.net.MalformedURLException;
 import java.util.ArrayList;
@@ -31,9 +31,6 @@ public class RootController {
   @Autowired
   private HttpClient hc;
 
-  @Autowired
-  private ObjectMapper mapper;
-
   // Initialized by initializeApp(). This should be initialized in a more Spring-friendly way.
   private OAuthClient client;
   // Initialized by callback(). This should be initialized in a more Spring-friendly way.
@@ -47,16 +44,13 @@ private String getRedirectUrl() {
   }
 
   @GetMapping("/")
-  public String index(HttpSession session, Model model) throws JsonProcessingException {
+  public String index(HttpSession session, Model model) {
     if (client != null) {
       model.addAttribute("clientId", client.getClientId());
       model.addAttribute("clientSecret", client.getClientSecret());
       model.addAttribute("hostname", client.getHost());
     }
-    SessionCredentials sessionCreds = (SessionCredentials) session.getAttribute("sessionCreds");
-    if (sessionCreds != null) {
-      model.addAttribute("sessionCreds", mapper.writeValueAsString(sessionCreds.getToken()));
-    }
+    model.addAttribute("authenticated", session.getAttribute("sessionCreds") != null);
     return "index";
   }
 
@@ -70,12 +64,16 @@ public String initializeApp(
       @RequestParam(name="client_id") String clientId,
       @RequestParam(name="client_secret") String clientSecret,
       @RequestParam(name="hostname") String hostname) throws IOException {
+    DatabricksConfig config = new DatabricksConfig().setHost(hostname).setHttpClient(hc).resolve();
+    OpenIDConnectEndpoints oidcEndpoints = config.getDatabricksOidcEndpoints();
     client = new OAuthClient.Builder()
         .withClientId(clientId)
         .withClientSecret(clientSecret)
         .withHost(hostname)
         .withRedirectUrl(getRedirectUrl())
         .withHttpClient(hc)
+        .withOpenIDConnectEndpoints(oidcEndpoints)
+        .withScopes(List.of("all-apis", "offline_access"))
         .build();
     return "redirect:/";
   }
@@ -104,13 +102,15 @@ public String makeNewApp(
         .setHttpClient(hc);
     AccountClient account = new AccountClient(c);
     CreateCustomAppIntegrationOutput result = account.customAppIntegration().create(
-        "java-sdk-demo", Collections.singletonList(getRedirectUrl()));
+        new CreateCustomAppIntegration()
+            .setName("java-sdk-demo")
+            .setRedirectUrls(Collections.singletonList(getRedirectUrl())));
 
     return initializeApp(result.getClientId(), result.getClientSecret(), hostname);
   }
 
   @GetMapping("/authenticate")
-  public String authenticate(HttpSession session, Model model) throws MalformedURLException, JsonProcessingException {
+  public String authenticate(HttpSession session, Model model) throws MalformedURLException {
     if (client == null) {
       model.addAttribute("authError", "Client is not yet initialized. Please login first.");
       return index(session, model);

examples/spring-boot-oauth-u2m-demo/src/main/resources/templates/index.html

@@ -15,7 +15,7 @@ <h1>Consent</h1>
         <div th:if="${authError != null}">
             <span th:text="${authError}"></span>
         </div>
-        <p>session credentials: <span th:text="${sessionCreds}">Not authenticated</span></p>
+        <p>status: <span th:if="${authenticated}">Authenticated</span><span th:unless="${authenticated}">Not authenticated</span></p>
         <h1>APIs</h1>
         <a href="/list-clusters">List clusters</a>
     </body>