refactor: Fix yellow code smells (!27)

Reviewed-on: #27
Reviewed-by: Phan Huy Tran <ptran@noreply.localhost>
Co-authored-by: Jan Klattenhoff <jan@kjan.de>
Co-committed-by: Jan Klattenhoff <jan@kjan.de>

build.gradle.kts

@@ -58,20 +58,25 @@ repositories {
     mavenCentral()
 }
 
+val springDocVersion = "2.6.0"
+val oauth2Version = "3.3.4"
+
 dependencies {
     implementation("org.springframework.boot:spring-boot-starter-data-jpa")
     implementation("org.springframework.boot:spring-boot-starter-web")
     implementation("org.springframework.boot:spring-boot-starter-validation")
+    implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:$springDocVersion")
+    implementation("org.springframework.boot:spring-boot-starter-security")
+    implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server:$oauth2Version")
+    implementation("org.springframework.boot:spring-boot-starter-oauth2-client:$oauth2Version")
+
+    testImplementation("com.h2database:h2")
+    testImplementation("org.springframework.boot:spring-boot-starter-test")
+
     compileOnly("org.projectlombok:lombok")
     annotationProcessor("org.projectlombok:lombok")
-    testImplementation("org.springframework.boot:spring-boot-starter-test")
     testRuntimeOnly("org.junit.platform:junit-platform-launcher")
-    implementation("org.springframework.boot:spring-boot-starter-security")
-    implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server:3.3.4")
-    implementation("org.springframework.boot:spring-boot-starter-oauth2-client:3.3.4")
     runtimeOnly("org.postgresql:postgresql")
-    implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0")
-    testImplementation("com.h2database:h2")
 }
 
 tasks.withType<Test> {

src/main/java/de/szut/lf8_starter/config/OpenAPIConfiguration.java

@@ -1,7 +1,6 @@
 package de.szut.lf8_starter.config;
 
 
-
 import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
 import io.swagger.v3.oas.models.info.Info;
@@ -33,15 +32,33 @@ public class OpenAPIConfiguration {
                 .addServersItem(new Server().url(this.context.getContextPath()))
                 .info(new Info()
                         .title("LF8 project starter")
-                        .description("\n## Auth\n" +
+                        .description("""
-                                "\n## Authentication\n" + "\nThis Hello service uses JWTs to authenticate requests. You will receive a bearer token by making a POST-Request in IntelliJ on:\n\n" +
+                                ## Auth
-                                "\n" +
-                                "```\nPOST http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token\nContent-Type: application/x-www-form-urlencoded\ngrant_type=password&client_id=employee-management-service&username=user&password=test\n```\n" +
-                                "\n" +
-                                "\nor by CURL\n" +
-                                "```\ncurl -X POST 'http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token'\n--header 'Content-Type: application/x-www-form-urlencoded'\n--data-urlencode 'grant_type=password'\n--data-urlencode 'client_id=employee-management-service'\n--data-urlencode 'username=user'\n--data-urlencode 'password=test'\n```\n" +
-                                "\nTo get a bearer-token in Postman, you have to follow the instructions in \n [Postman-Documentation](https://documenter.getpostman.com/view/7294517/SzmfZHnd).")
                                 
+                                ## Authentication
+                                
+                                This Hello service uses JWTs to authenticate requests. You will receive a bearer token by making a POST-Request in IntelliJ on:
+                                
+                                ```
+                                POST http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token
+                                Content-Type: application/x-www-form-urlencoded
+                                grant_type=password&client_id=employee-management-service&username=user&password=test
+                                ```
+                                
+                                or by CURL:
+                                
+                                ```
+                                curl -X POST 'http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token' 
+                                --header 'Content-Type: application/x-www-form-urlencoded' 
+                                --data-urlencode 'grant_type=password' 
+                                --data-urlencode 'client_id=employee-management-service' 
+                                --data-urlencode 'username=user' 
+                                --data-urlencode 'password=test'
+                                ```
+                                
+                                To get a bearer-token in Postman, you have to follow the instructions in 
+                                [Postman-Documentation](https://documenter.getpostman.com/view/7294517/SzmfZHnd).
+                                """)
                         .version("0.1"))
                 .addSecurityItem(new SecurityRequirement().addList(securitySchemeName))
                 .components(

src/main/java/de/szut/lf8_starter/hello/HelloController.java

@@ -45,22 +45,6 @@ public class HelloController {
         return this.helloMapper.mapToGetDto(helloEntity);
     }
 
-    @Operation(summary = "delivers a list of hellos")
-    @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", description = "list of hellos",
-                    content = {@Content(mediaType = "application/json",
-                            schema = @Schema(implementation = HelloGetDto.class))}),
-            @ApiResponse(responseCode = "401", description = "not authorized",
-                    content = @Content)})
-    @GetMapping
-    public List<HelloGetDto> findAll() {
-        return this.service
-                .readAll()
-                .stream()
-                .map(e -> this.helloMapper.mapToGetDto(e))
-                .collect(Collectors.toList());
-    }
-
     @Operation(summary = "deletes a Hello by id")
     @ApiResponses(value = {
             @ApiResponse(responseCode = "204", description = "delete successful"),
@@ -78,22 +62,4 @@ public class HelloController {
             this.service.delete(entity);
         }
     }
-
-    @Operation(summary = "find hellos by message")
-    @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", description = "List of hellos who have the given message",
-                    content = {@Content(mediaType = "application/json",
-                            schema = @Schema(implementation = HelloGetDto.class))}),
-            @ApiResponse(responseCode = "404", description = "qualification description does not exist",
-                    content = @Content),
-            @ApiResponse(responseCode = "401", description = "not authorized",
-                    content = @Content)})
-    @GetMapping("/findByMessage")
-    public List<HelloGetDto> findAllEmployeesByQualification(@RequestParam String message) {
-        return this.service
-                .findByMessage(message)
-                .stream()
-                .map(e -> this.helloMapper.mapToGetDto(e))
-                .collect(Collectors.toList());
-    }
 }

src/main/java/de/szut/lf8_starter/security/KeycloakLogoutHandler.java

@@ -25,10 +25,10 @@ public class KeycloakLogoutHandler implements LogoutHandler {
 
     @Override
     public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) {
-        logout(request, auth);
+        logout(auth);
     }
 
-    public void logout(HttpServletRequest request, Authentication auth) {
+    public void logout(Authentication auth) {
         logoutFromKeycloak((OidcUser) auth.getPrincipal());
     }
 

src/main/java/de/szut/lf8_starter/security/KeycloakSecurityConfig.java

@@ -29,14 +29,10 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 @EnableWebSecurity
 class KeycloakSecurityConfig {
 
-    private static final String GROUPS = "groups";
     private static final String REALM_ACCESS_CLAIM = "realm_access";
     private static final String ROLES_CLAIM = "roles";
 
-    private final KeycloakLogoutHandler keycloakLogoutHandler;
+    KeycloakSecurityConfig() {
-
-    KeycloakSecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
-        this.keycloakLogoutHandler = keycloakLogoutHandler;
     }
 
     @Bean