@nunoMSsantos You may be able to add both com.atlassian.plugins.rest:atlassian-rest-common and com.atlassian.plugins.rest:atlassian-rest-v2-api to your pom.xml at provided scope, given all you are importing directly from com.atlassian.plugins.rest.common is that annotation (or similar annotations).
You should then be able to add to your Import-Package instructions to make these optional:
<Import-Package>
...
com.atlassian.plugins.rest.common.security;resolution:="optional",
com.atlassian.plugins.rest.api.security.annotation;resolution:="optional",
...
</Import-Package>
And then you should be able to annotate your endpoints with annotations from both REST v1 and REST v2 like so:
@GET
@Path("/some-endpoint")
@com.atlassian.plugins.rest.common.security.AnonymousAllowed
@com.atlassian.plugins.rest.api.security.annotation.AnonymousSiteAccess
public Response someEndpoint(@Context HttpServletRequest request) {
return Response.ok().build();
}
You can also import them as usual and annotate with just @AnonymousAllowed and @AnonymousSiteAccess.
Since missing annotations don’t cause ClassNotFoundExceptions, the presence of AnonymousAllowed in Confluence 9, or the presence of AnonymousSiteAccess in Confluence 8 won’t cause any problems.
As long as you annotate your endpoints with both annotations.