jank/LF8
2
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases 13 Wiki Activity

first

Browse Source
This commit is contained in:
Bernd Heidemann 2024-09-03 15:01:50 +02:00
commit 93d4cf863f
29 changed files with 1143 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
.gitignore vendored Normal file
View File

@ -0,0 +1,37 @@
HELP.md
.gradle
build/
!gradle/wrapper/gradle-wrapper.jar
!**/src/main/**/build/
!**/src/test/**/build/
### STS ###
.apt_generated
.classpath
.factorypath
.project
.settings
.springBeans
.sts4-cache
bin/
!**/src/main/**/bin/
!**/src/test/**/bin/
### IntelliJ IDEA ###
.idea
*.iws
*.iml
*.ipr
out/
!**/src/main/**/out/
!**/src/test/**/out/
### NetBeans ###
/nbproject/private/
/nbbuild/
/dist/
/nbdist/
/.nb-gradle/
### VS Code ###
.vscode/

6
GetBearerToken.http Normal file
View File

@ -0,0 +1,6 @@
POST https://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token
Content-Type: application/x-www-form-urlencoded
grant_type=password&client_id=employee-management-service&username=user&password=test

61
Readme.md Normal file
View File

@ -0,0 +1,61 @@
# Starter für das LF08 Projekt
Erstellen Sie einen Fork dieses Projektes auf Github. Wählen Sie einen Namen und passen Sie diesen auch in der pom.xml in Zeile 12, 14 und 15 an.
## Requirements
* Docker https://docs.docker.com/get-docker/
* Docker compose (bei Windows und Mac schon in Docker enthalten) https://docs.docker.com/compose/install/
## Endpunkt
```
http://localhost:8089
```
## Swagger
```
http://localhost:8089/swagger
```
# Postgres
### Terminal öffnen
für alles gilt, im Terminal im Ordner docker/local sein
```bash
cd docker/local
```
### Postgres starten
```bash
docker compose up
```
Achtung: Der Docker-Container läuft dauerhaft! Wenn er nicht mehr benötigt wird, sollten Sie ihn stoppen.
### Postgres stoppen
```bash
docker compose down
```
### Postgres Datenbank wipen, z.B. bei Problemen
```bash
docker compose down
docker volume rm local_lf8_starter_postgres_data
docker compose up
```
### Intellij-Ansicht für Postgres Datenbank einrichten
```bash
1. Lasse den Docker-Container mit der PostgreSQL-Datenbank laufen
2. im Ordner resources die Datei application.properties öffnen und die URL der Datenbank kopieren
3. rechts im Fenster den Reiter Database öffnen
4. In der Database-Symbolleiste auf das Datenbanksymbol mit dem Schlüssel klicken
5. auf das Pluszeichen klicken
6. Datasource from URL auswählen
7. URL der DB einfügen und PostgreSQL-Treiber auswählen, mit OK bestätigen
8. Username lf8_starter und Passwort secret eintragen (siehe application.properties), mit Apply bestätigen
9. im Reiter Schemas alle Häkchen entfernen und lediglich vor lf8_starter_db und public Häkchen setzen
10. mit Apply und ok bestätigen
```
# Keycloak
### Keycloak Token
1. Auf der Projektebene [GetBearerToken.http](GetBearerToken.http) öffnen.
2. Neben der Request auf den grünen Pfeil drücken
3. Aus dem Reponse das access_token kopieren

21
SampleRequests.http Normal file
View File

@ -0,0 +1,21 @@
@token = eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzUFQ0dldiNno5MnlQWk1EWnBqT1U0RjFVN0lwNi1ELUlqQWVGczJPbGU0In0.eyJleHAiOjE3MjUzNzE5NjcsImlhdCI6MTcyNTM2ODM2NywianRpIjoiMDc1NGRmOGItZjA2NC00ODZiLTkzNDItNjk0NWM2OTQ1Y2RmIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5zenV0LmRldi9hdXRoL3JlYWxtcy9zenV0IiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjU1NDZjZDIxLTk4NTQtNDMyZi1hNDY3LTRkZTNlZWRmNTg4OSIsInR5cCI6IkJlYXJlciIsImF6cCI6ImVtcGxveWVlLW1hbmFnZW1lbnQtc2VydmljZSIsInNlc3Npb25fc3RhdGUiOiI0ZDAwNWU5My03OWI4LTQ4OGMtOGI1ZS1kYzMzODM4OGZkNmMiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6NDIwMCJdLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsicHJvZHVjdF9vd25lciIsIm9mZmxpbmVfYWNjZXNzIiwiZGVmYXVsdC1yb2xlcy1zenV0IiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VyIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInByZWZlcnJlZF91c2VybmFtZSI6InVzZXIifQ.Wl9t2UazAimPxcNByMyY0Zl2oI_ScVtehQ0iglpTNPBr9me1xf2ky0nUgVOP04H-TWAuQJQctVMP_Yi3YPDTxm7PXeQ_lj9JyK6nCDpb5gz5VIMNCYcLjWLz6R1pfbjZGkeID6oYTXSsoZSy6arof-rMG1phjnIdiXDwF4lFgOgqUoxbv58mvs73DUTKZjIEaw-N7A_ZQrC35JX6CaKUlnsaGepa2LQ-Pz6Smg1JipxOwjlH4TEBsBjifMjkedzfPm2NfwEy1qUHMLtLMLukIVH3iaSUVJ3hEZe6606ne1qwumT6Lnm3PAXSbF2Hxap89nbmG08EOlGx5VwMylEAVg
###
GET localhost:8080/welcome
###
GET localhost:8080/roles
Authorization: Bearer {{token}}
###
GET localhost:8080/hello
Authorization: Bearer {{token}}
###
POST localhost:8080/hello
Authorization: Bearer {{token}}
Content-Type: application/json
{
"message": "test"
}

47
build.gradle.kts Normal file
View File

@ -0,0 +1,47 @@
plugins {
java
id("org.springframework.boot") version "3.3.3"
id("io.spring.dependency-management") version "1.1.6"
}
group = "de.szut"
version = "0.0.1-SNAPSHOT"
java {
toolchain {
languageVersion = JavaLanguageVersion.of(22)
}
}
configurations {
compileOnly {
extendsFrom(configurations.annotationProcessor.get())
}
}
repositories {
mavenCentral()
}
dependencies {
implementation("org.springframework.boot:spring-boot-starter-data-jpa")
implementation("org.springframework.boot:spring-boot-starter-web")
compileOnly("org.projectlombok:lombok")
annotationProcessor("org.projectlombok:lombok")
testImplementation("org.springframework.boot:spring-boot-starter-test")
testRuntimeOnly("org.junit.platform:junit-platform-launcher")
implementation("org.springframework.boot:spring-boot-starter-security")
implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server:3.3.3")
implementation("org.springframework.boot:spring-boot-starter-oauth2-client:3.3.3")
runtimeOnly("org.postgresql:postgresql")
//implementation("org.springdoc:springdoc-openapi-ui:1.8.0")
implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0")
}
tasks.withType<Test> {
useJUnitPlatform()
}

18
docker/local/docker-compose.yml Normal file
View File

@ -0,0 +1,18 @@
version: '3'
volumes:
lf8_starter_postgres_data:
driver: local
services:
postgres_for_lf8_starter:
container_name: lf8_starter_postgres_container
image: postgres:16.4
volumes:
- lf8_starter_postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: lf8_starter_db
POSTGRES_USER: lf8_starter
POSTGRES_PASSWORD: secret
ports:
- "5432:5432"

BIN
gradle/wrapper/gradle-wrapper.jar vendored Normal file
View File

Binary file not shown.

7
gradle/wrapper/gradle-wrapper.properties vendored Normal file
View File

@ -0,0 +1,7 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.8-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists

249
gradlew vendored Executable file
View File

@ -0,0 +1,249 @@
#!/bin/sh
#
# Copyright © 2015-2021 the original authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
##############################################################################
#
# Gradle start up script for POSIX generated by Gradle.
#
# Important for running:
#
# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
# noncompliant, but you have some other compliant shell such as ksh or
# bash, then to run this script, type that shell name before the whole
# command line, like:
#
# ksh Gradle
#
# Busybox and similar reduced shells will NOT work, because this script
# requires all of these POSIX shell features:
# * functions;
# * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
# «${var#prefix}», «${var%suffix}», and «$( cmd )»;
# * compound commands having a testable exit status, especially «case»;
# * various built-in commands including «command», «set», and «ulimit».
#
# Important for patching:
#
# (2) This script targets any POSIX shell, so it avoids extensions provided
# by Bash, Ksh, etc; in particular arrays are avoided.
#
# The "traditional" practice of packing multiple parameters into a
# space-separated string is a well documented source of bugs and security
# problems, so this is (mostly) avoided, by progressively accumulating
# options in "$@", and eventually passing that to Java.
#
# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
# see the in-line comments for details.
#
# There are tweaks for specific operating systems such as AIX, CygWin,
# Darwin, MinGW, and NonStop.
#
# (3) This script is generated from the Groovy template
# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
# within the Gradle project.
#
# You can find Gradle at https://github.com/gradle/gradle/.
#
##############################################################################
# Attempt to set APP_HOME
# Resolve links: $0 may be a link
app_path=$0
# Need this for daisy-chained symlinks.
while
APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
[ -h "$app_path" ]
do
ls=$( ls -ld "$app_path" )
link=${ls#*' -> '}
case $link in #(
/*) app_path=$link ;; #(
*) app_path=$APP_HOME$link ;;
esac
done
# This is normally unused
# shellcheck disable=SC2034
APP_BASE_NAME=${0##*/}
# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
# Use the maximum available, or set MAX_FD != -1 to use that value.
MAX_FD=maximum
warn () {
echo "$*"
} >&2
die () {
echo
echo "$*"
echo
exit 1
} >&2
# OS specific support (must be 'true' or 'false').
cygwin=false
msys=false
darwin=false
nonstop=false
case "$( uname )" in #(
CYGWIN* ) cygwin=true ;; #(
Darwin* ) darwin=true ;; #(
MSYS* | MINGW* ) msys=true ;; #(
NONSTOP* ) nonstop=true ;;
esac
CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
# Determine the Java command to use to start the JVM.
if [ -n "$JAVA_HOME" ] ; then
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD=$JAVA_HOME/jre/sh/java
else
JAVACMD=$JAVA_HOME/bin/java
fi
if [ ! -x "$JAVACMD" ] ; then
die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
else
JAVACMD=java
if ! command -v java >/dev/null 2>&1
then
die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
fi
# Increase the maximum file descriptors if we can.
if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
case $MAX_FD in #(
max*)
# In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
# shellcheck disable=SC2039,SC3045
MAX_FD=$( ulimit -H -n ) ||
warn "Could not query maximum file descriptor limit"
esac
case $MAX_FD in #(
'' | soft) :;; #(
*)
# In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
# shellcheck disable=SC2039,SC3045
ulimit -n "$MAX_FD" ||
warn "Could not set maximum file descriptor limit to $MAX_FD"
esac
fi
# Collect all arguments for the java command, stacking in reverse order:
# * args from the command line
# * the main class name
# * -classpath
# * -D...appname settings
# * --module-path (only if needed)
# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
# For Cygwin or MSYS, switch paths to Windows format before running java
if "$cygwin" || "$msys" ; then
APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
JAVACMD=$( cygpath --unix "$JAVACMD" )
# Now convert the arguments - kludge to limit ourselves to /bin/sh
for arg do
if
case $arg in #(
-*) false ;; # don't mess with options #(
/?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
[ -e "$t" ] ;; #(
*) false ;;
esac
then
arg=$( cygpath --path --ignore --mixed "$arg" )
fi
# Roll the args list around exactly as many times as the number of
# args, so each arg winds up back in the position where it started, but
# possibly modified.
#
# NB: a `for` loop captures its iteration list before it begins, so
# changing the positional parameters here affects neither the number of
# iterations, nor the values presented in `arg`.
shift # remove old arg
set -- "$@" "$arg" # push replacement arg
done
fi
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
# Collect all arguments for the java command:
# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
# and any embedded shellness will be escaped.
# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
# treated as '${Hostname}' itself on the command line.
set -- \
"-Dorg.gradle.appname=$APP_BASE_NAME" \
-classpath "$CLASSPATH" \
org.gradle.wrapper.GradleWrapperMain \
"$@"
# Stop when "xargs" is not available.
if ! command -v xargs >/dev/null 2>&1
then
die "xargs is not available"
fi
# Use "xargs" to parse quoted args.
#
# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
#
# In Bash we could simply go:
#
# readarray ARGS < <( xargs -n1 <<<"$var" ) &&
# set -- "${ARGS[@]}" "$@"
#
# but POSIX shell has neither arrays nor command substitution, so instead we
# post-process each arg (as a line of input to sed) to backslash-escape any
# character that might be a shell metacharacter, then use eval to reverse
# that process (while maintaining the separation between arguments), and wrap
# the whole thing up as a single "set" statement.
#
# This will of course break if any of these variables contains a newline or
# an unmatched quote.
#
eval "set -- $(
printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
xargs -n1 |
sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
tr '\n' ' '
)" '"$@"'
exec "$JAVACMD" "$@"

92
gradlew.bat vendored Normal file
View File

@ -0,0 +1,92 @@
@rem
@rem Copyright 2015 the original author or authors.
@rem
@rem Licensed under the Apache License, Version 2.0 (the "License");
@rem you may not use this file except in compliance with the License.
@rem You may obtain a copy of the License at
@rem
@rem https://www.apache.org/licenses/LICENSE-2.0
@rem
@rem Unless required by applicable law or agreed to in writing, software
@rem distributed under the License is distributed on an "AS IS" BASIS,
@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@rem See the License for the specific language governing permissions and
@rem limitations under the License.
@rem
@if "%DEBUG%"=="" @echo off
@rem ##########################################################################
@rem
@rem Gradle startup script for Windows
@rem
@rem ##########################################################################
@rem Set local scope for the variables with windows NT shell
if "%OS%"=="Windows_NT" setlocal
set DIRNAME=%~dp0
if "%DIRNAME%"=="" set DIRNAME=.
@rem This is normally unused
set APP_BASE_NAME=%~n0
set APP_HOME=%DIRNAME%
@rem Resolve any "." and ".." in APP_HOME to make it shorter.
for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
@rem Find java.exe
if defined JAVA_HOME goto findJavaFromJavaHome
set JAVA_EXE=java.exe
%JAVA_EXE% -version >NUL 2>&1
if %ERRORLEVEL% equ 0 goto execute
echo. 1>&2
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2
goto fail
:findJavaFromJavaHome
set JAVA_HOME=%JAVA_HOME:"=%
set JAVA_EXE=%JAVA_HOME%/bin/java.exe
if exist "%JAVA_EXE%" goto execute
echo. 1>&2
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2
goto fail
:execute
@rem Setup the command line
set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
@rem Execute Gradle
"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
:end
@rem End local scope for the variables with windows NT shell
if %ERRORLEVEL% equ 0 goto mainEnd
:fail
rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
rem the _cmd.exe /c_ return code!
set EXIT_CODE=%ERRORLEVEL%
if %EXIT_CODE% equ 0 set EXIT_CODE=1
if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
exit /b %EXIT_CODE%
:mainEnd
if "%OS%"=="Windows_NT" endlocal
:omega

1
settings.gradle.kts Normal file
View File

@ -0,0 +1 @@
rootProject.name = "lf8_starter"

13
src/main/java/de/szut/lf8_starter/Lf8StarterApplication.java Normal file
View File

@ -0,0 +1,13 @@
package de.szut.lf8_starter;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class Lf8StarterApplication {
public static void main(String[] args) {
SpringApplication.run(Lf8StarterApplication.class, args);
}
}

60
src/main/java/de/szut/lf8_starter/config/OpenAPIConfiguration.java Normal file
View File

@ -0,0 +1,60 @@
package de.szut.lf8_starter.config;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Info;
import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import io.swagger.v3.oas.models.servers.Server;
import jakarta.servlet.ServletContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class OpenAPIConfiguration {
private ServletContext context;
public OpenAPIConfiguration(ServletContext context) {
this.context = context;
}
@Bean
public OpenAPI springShopOpenAPI(
// @Value("${info.app.version}") String appVersion,
) {
final String securitySchemeName = "bearerAuth";
return new OpenAPI()
.addServersItem(new Server().url(this.context.getContextPath()))
.info(new Info()
.title("LF8 project starter")
.description("\n## Auth\n" +
"\n## Authentication\n" + "\nThis Hello service uses JWTs to authenticate requests. You will receive a bearer token by making a POST-Request in IntelliJ on:\n\n" +
"\n" +
"```\nPOST http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token\nContent-Type: application/x-www-form-urlencoded\ngrant_type=password&client_id=employee-management-service&username=user&password=test\n```\n" +
"\n" +
"\nor by CURL\n" +
"```\ncurl -X POST 'http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token'\n--header 'Content-Type: application/x-www-form-urlencoded'\n--data-urlencode 'grant_type=password'\n--data-urlencode 'client_id=employee-management-service'\n--data-urlencode 'username=user'\n--data-urlencode 'password=test'\n```\n" +
"\nTo get a bearer-token in Postman, you have to follow the instructions in \n [Postman-Documentation](https://documenter.getpostman.com/view/7294517/SzmfZHnd).")
.version("0.1"))
.addSecurityItem(new SecurityRequirement().addList(securitySchemeName))
.components(
new Components()
.addSecuritySchemes(securitySchemeName,
new SecurityScheme()
.name(securitySchemeName)
.type(SecurityScheme.Type.HTTP)
.scheme("bearer")
.bearerFormat("JWT")
)
);
}
}

33
src/main/java/de/szut/lf8_starter/config/SampleDataCreator.java Normal file
View File

@ -0,0 +1,33 @@
package de.szut.lf8_starter.config;
import de.szut.lf8_starter.hello.HelloEntity;
import de.szut.lf8_starter.hello.HelloRepository;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
@Component
public class SampleDataCreator implements ApplicationRunner {
private HelloRepository repository;
public SampleDataCreator(HelloRepository repository) {
this.repository = repository;
}
public void run(ApplicationArguments args) {
repository.save(new HelloEntity("Hallo Welt!"));
repository.save(new HelloEntity("Schöner Tag heute"));
repository.save(new HelloEntity("FooBar"));
}
@Bean
public RestTemplate restTemplate() {
return new RestTemplate();
}
}

14
src/main/java/de/szut/lf8_starter/exceptionHandling/ErrorDetails.java Normal file
View File

@ -0,0 +1,14 @@
package de.szut.lf8_starter.exceptionHandling;
import lombok.AllArgsConstructor;
import lombok.Data;
import java.util.Date;
@Data
@AllArgsConstructor
public class ErrorDetails {
private Date timestamp;
private String message;
private String details;
}

28
src/main/java/de/szut/lf8_starter/exceptionHandling/GlobalExceptionHandler.java Normal file
View File

@ -0,0 +1,28 @@
package de.szut.lf8_starter.exceptionHandling;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.context.request.WebRequest;
import java.util.Date;
@ControllerAdvice
@ApiResponses(value = {
@ApiResponse(responseCode = "500", description = "invalid JSON posted",
content = @Content)
})
public class GlobalExceptionHandler {
@ExceptionHandler(ResourceNotFoundException.class)
public ResponseEntity<?> handleHelloEntityNotFoundException(ResourceNotFoundException ex, WebRequest request) {
ErrorDetails errorDetails = new ErrorDetails(new Date(), ex.getMessage(), request.getDescription(false));
return new ResponseEntity<>(errorDetails, HttpStatus.NOT_FOUND);
}
}

11
src/main/java/de/szut/lf8_starter/exceptionHandling/ResourceNotFoundException.java Normal file
View File

@ -0,0 +1,11 @@
package de.szut.lf8_starter.exceptionHandling;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.ResponseStatus;
@ResponseStatus(value = HttpStatus.NOT_FOUND)
public class ResourceNotFoundException extends RuntimeException {
public ResourceNotFoundException(String message) {
super(message);
}
}

99
src/main/java/de/szut/lf8_starter/hello/HelloController.java Normal file
View File

@ -0,0 +1,99 @@
package de.szut.lf8_starter.hello;
import de.szut.lf8_starter.exceptionHandling.ResourceNotFoundException;
import de.szut.lf8_starter.hello.dto.HelloCreateDto;
import de.szut.lf8_starter.hello.dto.HelloGetDto;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import jakarta.validation.Valid;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import java.util.List;
import java.util.stream.Collectors;
@RestController
@RequestMapping(value = "hello")
@PreAuthorize("hasAnyAuthority('user')")
public class HelloController {
private final HelloService service;
private final HelloMapper helloMapper;
public HelloController(HelloService service, HelloMapper mappingService) {
this.service = service;
this.helloMapper = mappingService;
}
@Operation(summary = "creates a new hello with its id and message")
@ApiResponses(value = {
@ApiResponse(responseCode = "201", description = "created hello",
content = {@Content(mediaType = "application/json",
schema = @Schema(implementation = HelloGetDto.class))}),
@ApiResponse(responseCode = "400", description = "invalid JSON posted",
content = @Content),
@ApiResponse(responseCode = "401", description = "not authorized",
content = @Content)})
@PostMapping
public HelloGetDto create(@RequestBody @Valid HelloCreateDto helloCreateDto) {
HelloEntity helloEntity = this.helloMapper.mapCreateDtoToEntity(helloCreateDto);
helloEntity = this.service.create(helloEntity);
return this.helloMapper.mapToGetDto(helloEntity);
}
@Operation(summary = "delivers a list of hellos")
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "list of hellos",
content = {@Content(mediaType = "application/json",
schema = @Schema(implementation = HelloGetDto.class))}),
@ApiResponse(responseCode = "401", description = "not authorized",
content = @Content)})
@GetMapping
public List<HelloGetDto> findAll() {
return this.service
.readAll()
.stream()
.map(e -> this.helloMapper.mapToGetDto(e))
.collect(Collectors.toList());
}
@Operation(summary = "deletes a Hello by id")
@ApiResponses(value = {
@ApiResponse(responseCode = "204", description = "delete successful"),
@ApiResponse(responseCode = "401", description = "not authorized",
content = @Content),
@ApiResponse(responseCode = "404", description = "resource not found",
content = @Content)})
@DeleteMapping("/{id}")
@ResponseStatus(code = HttpStatus.NO_CONTENT)
public void deleteHelloById(@PathVariable long id) {
var entity = this.service.readById(id);
if (entity == null) {
throw new ResourceNotFoundException("HelloEntity not found on id = " + id);
} else {
this.service.delete(entity);
}
}
@Operation(summary = "find hellos by message")
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "List of hellos who have the given message",
content = {@Content(mediaType = "application/json",
schema = @Schema(implementation = HelloGetDto.class))}),
@ApiResponse(responseCode = "404", description = "qualification description does not exist",
content = @Content),
@ApiResponse(responseCode = "401", description = "not authorized",
content = @Content)})
@GetMapping("/findByMessage")
public List<HelloGetDto> findAllEmployeesByQualification(@RequestParam String message) {
return this.service
.findByMessage(message)
.stream()
.map(e -> this.helloMapper.mapToGetDto(e))
.collect(Collectors.toList());
}
}

27
src/main/java/de/szut/lf8_starter/hello/HelloEntity.java Normal file
View File

@ -0,0 +1,27 @@
package de.szut.lf8_starter.hello;
import jakarta.persistence.*;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
@NoArgsConstructor
@AllArgsConstructor
@Getter
@Setter
@Entity
@Table(name = "hello")
public class HelloEntity {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private long id;
private String message;
public HelloEntity(String message) {
this.message = message;
}
}

20
src/main/java/de/szut/lf8_starter/hello/HelloMapper.java Normal file
View File

@ -0,0 +1,20 @@
package de.szut.lf8_starter.hello;
import de.szut.lf8_starter.hello.dto.HelloCreateDto;
import de.szut.lf8_starter.hello.dto.HelloGetDto;
import org.springframework.stereotype.Service;
@Service
public class HelloMapper {
public HelloGetDto mapToGetDto(HelloEntity entity) {
return new HelloGetDto(entity.getId(), entity.getMessage());
}
public HelloEntity mapCreateDtoToEntity(HelloCreateDto dto) {
var entity = new HelloEntity();
entity.setMessage(dto.getMessage());
return entity;
}
}

12
src/main/java/de/szut/lf8_starter/hello/HelloRepository.java Normal file
View File

@ -0,0 +1,12 @@
package de.szut.lf8_starter.hello;
import org.springframework.data.jpa.repository.JpaRepository;
import java.util.List;
public interface HelloRepository extends JpaRepository<HelloEntity, Long> {
List<HelloEntity> findByMessage(String message);
}

40
src/main/java/de/szut/lf8_starter/hello/HelloService.java Normal file
View File

@ -0,0 +1,40 @@
package de.szut.lf8_starter.hello;
import org.springframework.stereotype.Service;
import java.util.List;
import java.util.Optional;
@Service
public class HelloService {
private final HelloRepository repository;
public HelloService(HelloRepository repository) {
this.repository = repository;
}
public HelloEntity create(HelloEntity entity) {
return this.repository.save(entity);
}
public List<HelloEntity> readAll() {
return this.repository.findAll();
}
public HelloEntity readById(long id) {
Optional<HelloEntity> optionalQualification = this.repository.findById(id);
if (optionalQualification.isEmpty()) {
return null;
}
return optionalQualification.get();
}
public void delete(HelloEntity entity) {
this.repository.delete(entity);
}
public List<HelloEntity> findByMessage(String message) {
return this.repository.findByMessage(message);
}
}

20
src/main/java/de/szut/lf8_starter/hello/dto/HelloCreateDto.java Normal file
View File

@ -0,0 +1,20 @@
package de.szut.lf8_starter.hello.dto;
import com.fasterxml.jackson.annotation.JsonCreator;
import jakarta.validation.constraints.Size;
import lombok.Getter;
import lombok.Setter;
@Getter
@Setter
public class HelloCreateDto {
@Size(min = 3, message = "at least length of 3")
private String message;
@JsonCreator
public HelloCreateDto(String message) {
this.message = message;
}
}

17
src/main/java/de/szut/lf8_starter/hello/dto/HelloGetDto.java Normal file
View File

@ -0,0 +1,17 @@
package de.szut.lf8_starter.hello.dto;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.Setter;
@AllArgsConstructor
@Getter
@Setter
public class HelloGetDto {
private long id;
private String message;
}

49
src/main/java/de/szut/lf8_starter/security/KeycloakLogoutHandler.java Normal file
View File

@ -0,0 +1,49 @@
package de.szut.lf8_starter.security;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponentsBuilder;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
@Slf4j
@Component
public class KeycloakLogoutHandler implements LogoutHandler {
private final RestTemplate restTemplate;
public KeycloakLogoutHandler(RestTemplate restTemplate) {
this.restTemplate = restTemplate;
}
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) {
logout(request, auth);
}
public void logout(HttpServletRequest request, Authentication auth) {
logoutFromKeycloak((OidcUser) auth.getPrincipal());
}
private void logoutFromKeycloak(OidcUser user) {
String endSessionEndpoint = user.getIssuer() + "/protocol/openid-connect/logout";
UriComponentsBuilder builder = UriComponentsBuilder
.fromUriString(endSessionEndpoint)
.queryParam("id_token_hint", user.getIdToken().getTokenValue());
ResponseEntity<String> logoutResponse = restTemplate.getForEntity(builder.toUriString(), String.class);
if (logoutResponse.getStatusCode().is2xxSuccessful()) {
log.info("Successfulley logged out from Keycloak");
} else {
log.error("Could not propagate logout to Keycloak");
}
}
}

97
src/main/java/de/szut/lf8_starter/security/KeycloakSecurityConfig.java Normal file
View File

@ -0,0 +1,97 @@
package de.szut.lf8_starter.security;
import java.util.*;
import java.util.stream.Collectors;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.springframework.security.web.session.HttpSessionEventPublisher;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@Configuration
@EnableWebSecurity
class KeycloakSecurityConfig {
private static final String GROUPS = "groups";
private static final String REALM_ACCESS_CLAIM = "realm_access";
private static final String ROLES_CLAIM = "roles";
private final KeycloakLogoutHandler keycloakLogoutHandler;
KeycloakSecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
this.keycloakLogoutHandler = keycloakLogoutHandler;
}
@Bean
public SessionRegistry sessionRegistry() {
return new SessionRegistryImpl();
}
@Bean
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new RegisterSessionAuthenticationStrategy(sessionRegistry());
}
@Bean
public HttpSessionEventPublisher httpSessionEventPublisher() {
return new HttpSessionEventPublisher();
}
@Bean
public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(auth -> auth
.requestMatchers(new AntPathRequestMatcher("/welcome"))
.permitAll()
.requestMatchers(
new AntPathRequestMatcher("/swagger"),
new AntPathRequestMatcher("/swagger-ui/**"),
new AntPathRequestMatcher("/v3/api-docs/**"))
.permitAll()
.requestMatchers(new AntPathRequestMatcher("/hello/**"))
.hasRole("user")
.requestMatchers(new AntPathRequestMatcher("/roles"))
.authenticated()
.requestMatchers(new AntPathRequestMatcher("/"))
.permitAll()
.anyRequest()
.authenticated()).oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
return http.build();
}
@Bean
public JwtAuthenticationConverter jwtAuthenticationConverter() {
JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwt -> {
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
Map<String, Object> realmAccess = jwt.getClaim("realm_access");
if (realmAccess != null && realmAccess.containsKey("roles")) {
List<String> roles = (List<String>) realmAccess.get("roles");
for (String role : roles) {
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + role));
}
}
return grantedAuthorities;
});
return jwtAuthenticationConverter;
}
}

27
src/main/java/de/szut/lf8_starter/welcome/WelcomeController.java Normal file
View File

@ -0,0 +1,27 @@
package de.szut.lf8_starter.welcome;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import java.security.Principal;
@RestController
public class WelcomeController {
@GetMapping("/welcome")
public String welcome() {
return "welcome to lf8_starter";
}
@GetMapping("/roles")
public ResponseEntity<?> getRoles(Authentication authentication) {
return ResponseEntity.ok(authentication.getAuthorities());
}
}

24
src/main/resources/application.properties Normal file
View File

@ -0,0 +1,24 @@
spring.datasource.url=jdbc:postgresql://localhost:5432/lf8_starter_db
spring.datasource.username=lf8_starter
spring.datasource.password=secret
server.port=8080
spring.jpa.hibernate.ddl-auto=create-drop
spring.application.name=lf8_starter
#client registration configuration
spring.security.oauth2.client.registration.keycloak.client-id=employee-management-service
spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.keycloak.scope=openid
#OIDC provider configuration:
spring.security.oauth2.client.provider.keycloak.issuer-uri=https://keycloak.szut.dev/auth/realms/szut
spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
logging.level.org.springframework.security=DEBUG
#validating JWT token against our Keycloak server
spring.security.oauth2.resourceserver.jwt.issuer-uri=https://keycloak.szut.dev/auth/realms/szut
springdoc.swagger-ui.path=swagger
springdoc.swagger-ui.try-it-out-enabled=true

13
src/test/java/de/szut/lf8_starter/Lf8StarterApplicationTests.java Normal file
View File

@ -0,0 +1,13 @@
package de.szut.lf8_starter;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
class Lf8StarterApplicationTests {
@Test
void contextLoads() {
}
}