diff --git a/pom.xml b/pom.xml
index 04fb64a2fb..63f847ccd8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -224,6 +224,11 @@
slf4j-simple
2.0.12
+
+ com.google.code.gson
+ gson
+ 2.10.1
+
diff --git a/src/main/groovy/io/jenkins/infra/repository_permissions_updater/KnownUsers.groovy b/src/main/groovy/io/jenkins/infra/repository_permissions_updater/KnownUsers.groovy
deleted file mode 100644
index 8dc672f652..0000000000
--- a/src/main/groovy/io/jenkins/infra/repository_permissions_updater/KnownUsers.groovy
+++ /dev/null
@@ -1,31 +0,0 @@
-package io.jenkins.infra.repository_permissions_updater;
-
-import groovy.json.JsonSlurper;
-
-class KnownUsers {
- /**
- * URL to JSON with a list of valid Artifactory user names.
- */
- private static final String ARTIFACTORY_USER_NAMES_URL = System.getProperty('artifactoryUserNamesJsonListUrl', 'https://reports.jenkins.io/artifactory-ldap-users-report.json');
- private static Set knownArtifactoryUsers = new TreeSet<>(String.CASE_INSENSITIVE_ORDER)
- static {
- knownArtifactoryUsers.addAll(new JsonSlurper().parse(new URL(ARTIFACTORY_USER_NAMES_URL)))
- }
-
- static boolean existsInArtifactory(String username) {
- return knownArtifactoryUsers.contains(username)
- }
-
- /**
- * URL to JSON with a list of valid Jira user names.
- */
- private static final String JIRA_USER_NAMES_URL = System.getProperty('jiraUserNamesJsonListUrl', 'https://reports.jenkins.io/jira-users-report.json');
- private static Set knownJiraUsers = new TreeSet<>(String.CASE_INSENSITIVE_ORDER)
- static {
- knownJiraUsers.addAll(new JsonSlurper().parse(new URL(JIRA_USER_NAMES_URL)))
- }
-
- static boolean existsInJira(String username) {
- return knownJiraUsers.contains(username)
- }
-}
diff --git a/src/main/java/io/jenkins/infra/repository_permissions_updater/KnownUsers.java b/src/main/java/io/jenkins/infra/repository_permissions_updater/KnownUsers.java
new file mode 100644
index 0000000000..b19361d4d0
--- /dev/null
+++ b/src/main/java/io/jenkins/infra/repository_permissions_updater/KnownUsers.java
@@ -0,0 +1,43 @@
+package io.jenkins.infra.repository_permissions_updater;
+
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.util.Set;
+import java.util.TreeSet;
+import com.google.gson.Gson;
+import com.google.gson.reflect.TypeToken;
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+
+public class KnownUsers {
+ private static final String ARTIFACTORY_USER_NAMES_URL = System.getProperty("artifactoryUserNamesJsonListUrl", "https://reports.jenkins.io/artifactory-ldap-users-report.json");
+ private static final String JIRA_USER_NAMES_URL = System.getProperty("jiraUserNamesJsonListUrl", "https://reports.jenkins.io/jira-users-report.json");
+
+ private static Set knownArtifactoryUsers = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
+ private static Set knownJiraUsers = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
+
+ static {
+ try {
+ knownArtifactoryUsers.addAll(parseJson(new URL(ARTIFACTORY_USER_NAMES_URL)));
+ knownJiraUsers.addAll(parseJson(new URL(JIRA_USER_NAMES_URL)));
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+
+ @SuppressFBWarnings(value = "URLCONNECTION_SSRF_FD", justification = "Not relevant in this situation.")
+ private static Set parseJson(URL url) throws IOException {
+ try (InputStreamReader reader = new InputStreamReader(url.openStream(), StandardCharsets.UTF_8)) {
+ return new Gson().fromJson(reader, new TypeToken>(){}.getType());
+ }
+ }
+
+ public static boolean existsInArtifactory(String username) {
+ return knownArtifactoryUsers.contains(username);
+ }
+
+ public static boolean existsInJira(String username) {
+ return knownJiraUsers.contains(username);
+ }
+}