Compare commits
No commits in common. "e786b5620fa835783580ffc3f8f09d8ce52f762e" and "a981c8a40976fec6b1892706b2e848abc13210b2" have entirely different histories.
e786b5620f
...
a981c8a409
37
.gitignore
vendored
Normal file
37
.gitignore
vendored
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
HELP.md
|
||||||
|
.gradle
|
||||||
|
build/
|
||||||
|
!gradle/wrapper/gradle-wrapper.jar
|
||||||
|
!**/src/main/**/build/
|
||||||
|
!**/src/test/**/build/
|
||||||
|
|
||||||
|
### STS ###
|
||||||
|
.apt_generated
|
||||||
|
.classpath
|
||||||
|
.factorypath
|
||||||
|
.project
|
||||||
|
.settings
|
||||||
|
.springBeans
|
||||||
|
.sts4-cache
|
||||||
|
bin/
|
||||||
|
!**/src/main/**/bin/
|
||||||
|
!**/src/test/**/bin/
|
||||||
|
|
||||||
|
### IntelliJ IDEA ###
|
||||||
|
.idea
|
||||||
|
*.iws
|
||||||
|
*.iml
|
||||||
|
*.ipr
|
||||||
|
out/
|
||||||
|
!**/src/main/**/out/
|
||||||
|
!**/src/test/**/out/
|
||||||
|
|
||||||
|
### NetBeans ###
|
||||||
|
/nbproject/private/
|
||||||
|
/nbbuild/
|
||||||
|
/dist/
|
||||||
|
/nbdist/
|
||||||
|
/.nb-gradle/
|
||||||
|
|
||||||
|
### VS Code ###
|
||||||
|
.vscode/
|
4
GetBearerToken.http
Normal file
4
GetBearerToken.http
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
POST https://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token
|
||||||
|
Content-Type: application/x-www-form-urlencoded
|
||||||
|
|
||||||
|
grant_type=password&client_id=employee-management-service&username=user&password=test
|
@ -1 +0,0 @@
|
|||||||
test test test
|
|
59
Readme.md
Normal file
59
Readme.md
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
# Starter für das LF08 Projekt
|
||||||
|
|
||||||
|
## Requirements
|
||||||
|
* Docker https://docs.docker.com/get-docker/
|
||||||
|
* Docker compose (bei Windows und Mac schon in Docker enthalten) https://docs.docker.com/compose/install/
|
||||||
|
|
||||||
|
## Endpunkt
|
||||||
|
```
|
||||||
|
http://localhost:8080
|
||||||
|
```
|
||||||
|
## Swagger
|
||||||
|
```
|
||||||
|
http://localhost:8080/swagger
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
# Postgres
|
||||||
|
### Terminal öffnen
|
||||||
|
für alles gilt, im Terminal im Ordner docker/local sein
|
||||||
|
```bash
|
||||||
|
cd docker/local
|
||||||
|
```
|
||||||
|
### Postgres starten
|
||||||
|
```bash
|
||||||
|
docker compose up
|
||||||
|
```
|
||||||
|
Achtung: Der Docker-Container läuft dauerhaft! Wenn er nicht mehr benötigt wird, sollten Sie ihn stoppen.
|
||||||
|
|
||||||
|
### Postgres stoppen
|
||||||
|
```bash
|
||||||
|
docker compose down
|
||||||
|
```
|
||||||
|
|
||||||
|
### Postgres Datenbank wipen, z.B. bei Problemen
|
||||||
|
```bash
|
||||||
|
docker compose down
|
||||||
|
docker volume rm local_lf8_starter_postgres_data
|
||||||
|
docker compose up
|
||||||
|
```
|
||||||
|
|
||||||
|
### Intellij-Ansicht für Postgres Datenbank einrichten
|
||||||
|
```bash
|
||||||
|
1. Lasse den Docker-Container mit der PostgreSQL-Datenbank laufen
|
||||||
|
2. im Ordner resources die Datei application.properties öffnen und die URL der Datenbank kopieren
|
||||||
|
3. rechts im Fenster den Reiter Database öffnen
|
||||||
|
4. In der Database-Symbolleiste auf das Datenbanksymbol mit dem Schlüssel klicken
|
||||||
|
5. auf das Pluszeichen klicken
|
||||||
|
6. Datasource from URL auswählen
|
||||||
|
7. URL der DB einfügen und PostgreSQL-Treiber auswählen, mit OK bestätigen
|
||||||
|
8. Username lf8_starter und Passwort secret eintragen (siehe application.properties), mit Apply bestätigen
|
||||||
|
9. im Reiter Schemas alle Häkchen entfernen und lediglich vor lf8_starter_db und public Häkchen setzen
|
||||||
|
10. mit Apply und ok bestätigen
|
||||||
|
```
|
||||||
|
# Keycloak
|
||||||
|
|
||||||
|
### Keycloak Token
|
||||||
|
1. Auf der Projektebene [GetBearerToken.http](GetBearerToken.http) öffnen.
|
||||||
|
2. Neben der Request auf den grünen Pfeil drücken
|
||||||
|
3. Aus dem Reponse das access_token kopieren
|
21
SampleRequests.http
Normal file
21
SampleRequests.http
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
@token = eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzUFQ0dldiNno5MnlQWk1EWnBqT1U0RjFVN0lwNi1ELUlqQWVGczJPbGU0In0.eyJleHAiOjE3MjUzNzE5NjcsImlhdCI6MTcyNTM2ODM2NywianRpIjoiMDc1NGRmOGItZjA2NC00ODZiLTkzNDItNjk0NWM2OTQ1Y2RmIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5zenV0LmRldi9hdXRoL3JlYWxtcy9zenV0IiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjU1NDZjZDIxLTk4NTQtNDMyZi1hNDY3LTRkZTNlZWRmNTg4OSIsInR5cCI6IkJlYXJlciIsImF6cCI6ImVtcGxveWVlLW1hbmFnZW1lbnQtc2VydmljZSIsInNlc3Npb25fc3RhdGUiOiI0ZDAwNWU5My03OWI4LTQ4OGMtOGI1ZS1kYzMzODM4OGZkNmMiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6NDIwMCJdLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsicHJvZHVjdF9vd25lciIsIm9mZmxpbmVfYWNjZXNzIiwiZGVmYXVsdC1yb2xlcy1zenV0IiwidW1hX2F1dGhvcml6YXRpb24iLCJ1c2VyIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInByZWZlcnJlZF91c2VybmFtZSI6InVzZXIifQ.Wl9t2UazAimPxcNByMyY0Zl2oI_ScVtehQ0iglpTNPBr9me1xf2ky0nUgVOP04H-TWAuQJQctVMP_Yi3YPDTxm7PXeQ_lj9JyK6nCDpb5gz5VIMNCYcLjWLz6R1pfbjZGkeID6oYTXSsoZSy6arof-rMG1phjnIdiXDwF4lFgOgqUoxbv58mvs73DUTKZjIEaw-N7A_ZQrC35JX6CaKUlnsaGepa2LQ-Pz6Smg1JipxOwjlH4TEBsBjifMjkedzfPm2NfwEy1qUHMLtLMLukIVH3iaSUVJ3hEZe6606ne1qwumT6Lnm3PAXSbF2Hxap89nbmG08EOlGx5VwMylEAVg
|
||||||
|
###
|
||||||
|
GET localhost:8080/welcome
|
||||||
|
|
||||||
|
###
|
||||||
|
GET localhost:8080/roles
|
||||||
|
Authorization: Bearer {{token}}
|
||||||
|
|
||||||
|
###
|
||||||
|
GET localhost:8080/hello
|
||||||
|
Authorization: Bearer {{token}}
|
||||||
|
|
||||||
|
###
|
||||||
|
POST localhost:8080/hello
|
||||||
|
Authorization: Bearer {{token}}
|
||||||
|
Content-Type: application/json
|
||||||
|
|
||||||
|
{
|
||||||
|
"message": "test"
|
||||||
|
}
|
||||||
|
|
42
build.gradle.kts
Normal file
42
build.gradle.kts
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
plugins {
|
||||||
|
java
|
||||||
|
id("org.springframework.boot") version "3.3.3"
|
||||||
|
id("io.spring.dependency-management") version "1.1.6"
|
||||||
|
}
|
||||||
|
|
||||||
|
group = "de.szut"
|
||||||
|
version = "0.0.1-SNAPSHOT"
|
||||||
|
|
||||||
|
java {
|
||||||
|
toolchain {
|
||||||
|
languageVersion = JavaLanguageVersion.of(22)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
configurations {
|
||||||
|
compileOnly {
|
||||||
|
extendsFrom(configurations.annotationProcessor.get())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
repositories {
|
||||||
|
mavenCentral()
|
||||||
|
}
|
||||||
|
|
||||||
|
dependencies {
|
||||||
|
implementation("org.springframework.boot:spring-boot-starter-data-jpa")
|
||||||
|
implementation("org.springframework.boot:spring-boot-starter-web")
|
||||||
|
compileOnly("org.projectlombok:lombok")
|
||||||
|
annotationProcessor("org.projectlombok:lombok")
|
||||||
|
testImplementation("org.springframework.boot:spring-boot-starter-test")
|
||||||
|
testRuntimeOnly("org.junit.platform:junit-platform-launcher")
|
||||||
|
implementation("org.springframework.boot:spring-boot-starter-security")
|
||||||
|
implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server:3.3.3")
|
||||||
|
implementation("org.springframework.boot:spring-boot-starter-oauth2-client:3.3.3")
|
||||||
|
runtimeOnly("org.postgresql:postgresql")
|
||||||
|
implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0")
|
||||||
|
}
|
||||||
|
|
||||||
|
tasks.withType<Test> {
|
||||||
|
useJUnitPlatform()
|
||||||
|
}
|
18
docker/local/docker-compose.yml
Normal file
18
docker/local/docker-compose.yml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
version: '3'
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
lf8_starter_postgres_data:
|
||||||
|
driver: local
|
||||||
|
|
||||||
|
services:
|
||||||
|
postgres_for_lf8_starter:
|
||||||
|
container_name: lf8_starter_postgres_container
|
||||||
|
image: postgres:16.4
|
||||||
|
volumes:
|
||||||
|
- lf8_starter_postgres_data:/var/lib/postgresql/data
|
||||||
|
environment:
|
||||||
|
POSTGRES_DB: lf8_starter_db
|
||||||
|
POSTGRES_USER: lf8_starter
|
||||||
|
POSTGRES_PASSWORD: secret
|
||||||
|
ports:
|
||||||
|
- "5432:5432"
|
BIN
gradle/wrapper/gradle-wrapper.jar
vendored
Normal file
BIN
gradle/wrapper/gradle-wrapper.jar
vendored
Normal file
Binary file not shown.
7
gradle/wrapper/gradle-wrapper.properties
vendored
Normal file
7
gradle/wrapper/gradle-wrapper.properties
vendored
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
distributionBase=GRADLE_USER_HOME
|
||||||
|
distributionPath=wrapper/dists
|
||||||
|
distributionUrl=https\://services.gradle.org/distributions/gradle-8.8-bin.zip
|
||||||
|
networkTimeout=10000
|
||||||
|
validateDistributionUrl=true
|
||||||
|
zipStoreBase=GRADLE_USER_HOME
|
||||||
|
zipStorePath=wrapper/dists
|
249
gradlew
vendored
Executable file
249
gradlew
vendored
Executable file
@ -0,0 +1,249 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
#
|
||||||
|
# Copyright © 2015-2021 the original authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# https://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
#
|
||||||
|
|
||||||
|
##############################################################################
|
||||||
|
#
|
||||||
|
# Gradle start up script for POSIX generated by Gradle.
|
||||||
|
#
|
||||||
|
# Important for running:
|
||||||
|
#
|
||||||
|
# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
|
||||||
|
# noncompliant, but you have some other compliant shell such as ksh or
|
||||||
|
# bash, then to run this script, type that shell name before the whole
|
||||||
|
# command line, like:
|
||||||
|
#
|
||||||
|
# ksh Gradle
|
||||||
|
#
|
||||||
|
# Busybox and similar reduced shells will NOT work, because this script
|
||||||
|
# requires all of these POSIX shell features:
|
||||||
|
# * functions;
|
||||||
|
# * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
|
||||||
|
# «${var#prefix}», «${var%suffix}», and «$( cmd )»;
|
||||||
|
# * compound commands having a testable exit status, especially «case»;
|
||||||
|
# * various built-in commands including «command», «set», and «ulimit».
|
||||||
|
#
|
||||||
|
# Important for patching:
|
||||||
|
#
|
||||||
|
# (2) This script targets any POSIX shell, so it avoids extensions provided
|
||||||
|
# by Bash, Ksh, etc; in particular arrays are avoided.
|
||||||
|
#
|
||||||
|
# The "traditional" practice of packing multiple parameters into a
|
||||||
|
# space-separated string is a well documented source of bugs and security
|
||||||
|
# problems, so this is (mostly) avoided, by progressively accumulating
|
||||||
|
# options in "$@", and eventually passing that to Java.
|
||||||
|
#
|
||||||
|
# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
|
||||||
|
# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
|
||||||
|
# see the in-line comments for details.
|
||||||
|
#
|
||||||
|
# There are tweaks for specific operating systems such as AIX, CygWin,
|
||||||
|
# Darwin, MinGW, and NonStop.
|
||||||
|
#
|
||||||
|
# (3) This script is generated from the Groovy template
|
||||||
|
# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
|
||||||
|
# within the Gradle project.
|
||||||
|
#
|
||||||
|
# You can find Gradle at https://github.com/gradle/gradle/.
|
||||||
|
#
|
||||||
|
##############################################################################
|
||||||
|
|
||||||
|
# Attempt to set APP_HOME
|
||||||
|
|
||||||
|
# Resolve links: $0 may be a link
|
||||||
|
app_path=$0
|
||||||
|
|
||||||
|
# Need this for daisy-chained symlinks.
|
||||||
|
while
|
||||||
|
APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
|
||||||
|
[ -h "$app_path" ]
|
||||||
|
do
|
||||||
|
ls=$( ls -ld "$app_path" )
|
||||||
|
link=${ls#*' -> '}
|
||||||
|
case $link in #(
|
||||||
|
/*) app_path=$link ;; #(
|
||||||
|
*) app_path=$APP_HOME$link ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
# This is normally unused
|
||||||
|
# shellcheck disable=SC2034
|
||||||
|
APP_BASE_NAME=${0##*/}
|
||||||
|
# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
|
||||||
|
APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
|
||||||
|
|
||||||
|
# Use the maximum available, or set MAX_FD != -1 to use that value.
|
||||||
|
MAX_FD=maximum
|
||||||
|
|
||||||
|
warn () {
|
||||||
|
echo "$*"
|
||||||
|
} >&2
|
||||||
|
|
||||||
|
die () {
|
||||||
|
echo
|
||||||
|
echo "$*"
|
||||||
|
echo
|
||||||
|
exit 1
|
||||||
|
} >&2
|
||||||
|
|
||||||
|
# OS specific support (must be 'true' or 'false').
|
||||||
|
cygwin=false
|
||||||
|
msys=false
|
||||||
|
darwin=false
|
||||||
|
nonstop=false
|
||||||
|
case "$( uname )" in #(
|
||||||
|
CYGWIN* ) cygwin=true ;; #(
|
||||||
|
Darwin* ) darwin=true ;; #(
|
||||||
|
MSYS* | MINGW* ) msys=true ;; #(
|
||||||
|
NONSTOP* ) nonstop=true ;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
|
||||||
|
|
||||||
|
|
||||||
|
# Determine the Java command to use to start the JVM.
|
||||||
|
if [ -n "$JAVA_HOME" ] ; then
|
||||||
|
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
|
||||||
|
# IBM's JDK on AIX uses strange locations for the executables
|
||||||
|
JAVACMD=$JAVA_HOME/jre/sh/java
|
||||||
|
else
|
||||||
|
JAVACMD=$JAVA_HOME/bin/java
|
||||||
|
fi
|
||||||
|
if [ ! -x "$JAVACMD" ] ; then
|
||||||
|
die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
|
||||||
|
|
||||||
|
Please set the JAVA_HOME variable in your environment to match the
|
||||||
|
location of your Java installation."
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
JAVACMD=java
|
||||||
|
if ! command -v java >/dev/null 2>&1
|
||||||
|
then
|
||||||
|
die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
|
||||||
|
|
||||||
|
Please set the JAVA_HOME variable in your environment to match the
|
||||||
|
location of your Java installation."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Increase the maximum file descriptors if we can.
|
||||||
|
if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
|
||||||
|
case $MAX_FD in #(
|
||||||
|
max*)
|
||||||
|
# In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
|
||||||
|
# shellcheck disable=SC2039,SC3045
|
||||||
|
MAX_FD=$( ulimit -H -n ) ||
|
||||||
|
warn "Could not query maximum file descriptor limit"
|
||||||
|
esac
|
||||||
|
case $MAX_FD in #(
|
||||||
|
'' | soft) :;; #(
|
||||||
|
*)
|
||||||
|
# In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
|
||||||
|
# shellcheck disable=SC2039,SC3045
|
||||||
|
ulimit -n "$MAX_FD" ||
|
||||||
|
warn "Could not set maximum file descriptor limit to $MAX_FD"
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Collect all arguments for the java command, stacking in reverse order:
|
||||||
|
# * args from the command line
|
||||||
|
# * the main class name
|
||||||
|
# * -classpath
|
||||||
|
# * -D...appname settings
|
||||||
|
# * --module-path (only if needed)
|
||||||
|
# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
|
||||||
|
|
||||||
|
# For Cygwin or MSYS, switch paths to Windows format before running java
|
||||||
|
if "$cygwin" || "$msys" ; then
|
||||||
|
APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
|
||||||
|
CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
|
||||||
|
|
||||||
|
JAVACMD=$( cygpath --unix "$JAVACMD" )
|
||||||
|
|
||||||
|
# Now convert the arguments - kludge to limit ourselves to /bin/sh
|
||||||
|
for arg do
|
||||||
|
if
|
||||||
|
case $arg in #(
|
||||||
|
-*) false ;; # don't mess with options #(
|
||||||
|
/?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
|
||||||
|
[ -e "$t" ] ;; #(
|
||||||
|
*) false ;;
|
||||||
|
esac
|
||||||
|
then
|
||||||
|
arg=$( cygpath --path --ignore --mixed "$arg" )
|
||||||
|
fi
|
||||||
|
# Roll the args list around exactly as many times as the number of
|
||||||
|
# args, so each arg winds up back in the position where it started, but
|
||||||
|
# possibly modified.
|
||||||
|
#
|
||||||
|
# NB: a `for` loop captures its iteration list before it begins, so
|
||||||
|
# changing the positional parameters here affects neither the number of
|
||||||
|
# iterations, nor the values presented in `arg`.
|
||||||
|
shift # remove old arg
|
||||||
|
set -- "$@" "$arg" # push replacement arg
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
|
||||||
|
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
|
||||||
|
|
||||||
|
# Collect all arguments for the java command:
|
||||||
|
# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
|
||||||
|
# and any embedded shellness will be escaped.
|
||||||
|
# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
|
||||||
|
# treated as '${Hostname}' itself on the command line.
|
||||||
|
|
||||||
|
set -- \
|
||||||
|
"-Dorg.gradle.appname=$APP_BASE_NAME" \
|
||||||
|
-classpath "$CLASSPATH" \
|
||||||
|
org.gradle.wrapper.GradleWrapperMain \
|
||||||
|
"$@"
|
||||||
|
|
||||||
|
# Stop when "xargs" is not available.
|
||||||
|
if ! command -v xargs >/dev/null 2>&1
|
||||||
|
then
|
||||||
|
die "xargs is not available"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Use "xargs" to parse quoted args.
|
||||||
|
#
|
||||||
|
# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
|
||||||
|
#
|
||||||
|
# In Bash we could simply go:
|
||||||
|
#
|
||||||
|
# readarray ARGS < <( xargs -n1 <<<"$var" ) &&
|
||||||
|
# set -- "${ARGS[@]}" "$@"
|
||||||
|
#
|
||||||
|
# but POSIX shell has neither arrays nor command substitution, so instead we
|
||||||
|
# post-process each arg (as a line of input to sed) to backslash-escape any
|
||||||
|
# character that might be a shell metacharacter, then use eval to reverse
|
||||||
|
# that process (while maintaining the separation between arguments), and wrap
|
||||||
|
# the whole thing up as a single "set" statement.
|
||||||
|
#
|
||||||
|
# This will of course break if any of these variables contains a newline or
|
||||||
|
# an unmatched quote.
|
||||||
|
#
|
||||||
|
|
||||||
|
eval "set -- $(
|
||||||
|
printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
|
||||||
|
xargs -n1 |
|
||||||
|
sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
|
||||||
|
tr '\n' ' '
|
||||||
|
)" '"$@"'
|
||||||
|
|
||||||
|
exec "$JAVACMD" "$@"
|
92
gradlew.bat
vendored
Normal file
92
gradlew.bat
vendored
Normal file
@ -0,0 +1,92 @@
|
|||||||
|
@rem
|
||||||
|
@rem Copyright 2015 the original author or authors.
|
||||||
|
@rem
|
||||||
|
@rem Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
@rem you may not use this file except in compliance with the License.
|
||||||
|
@rem You may obtain a copy of the License at
|
||||||
|
@rem
|
||||||
|
@rem https://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
@rem
|
||||||
|
@rem Unless required by applicable law or agreed to in writing, software
|
||||||
|
@rem distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
@rem See the License for the specific language governing permissions and
|
||||||
|
@rem limitations under the License.
|
||||||
|
@rem
|
||||||
|
|
||||||
|
@if "%DEBUG%"=="" @echo off
|
||||||
|
@rem ##########################################################################
|
||||||
|
@rem
|
||||||
|
@rem Gradle startup script for Windows
|
||||||
|
@rem
|
||||||
|
@rem ##########################################################################
|
||||||
|
|
||||||
|
@rem Set local scope for the variables with windows NT shell
|
||||||
|
if "%OS%"=="Windows_NT" setlocal
|
||||||
|
|
||||||
|
set DIRNAME=%~dp0
|
||||||
|
if "%DIRNAME%"=="" set DIRNAME=.
|
||||||
|
@rem This is normally unused
|
||||||
|
set APP_BASE_NAME=%~n0
|
||||||
|
set APP_HOME=%DIRNAME%
|
||||||
|
|
||||||
|
@rem Resolve any "." and ".." in APP_HOME to make it shorter.
|
||||||
|
for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
|
||||||
|
|
||||||
|
@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
|
||||||
|
set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
|
||||||
|
|
||||||
|
@rem Find java.exe
|
||||||
|
if defined JAVA_HOME goto findJavaFromJavaHome
|
||||||
|
|
||||||
|
set JAVA_EXE=java.exe
|
||||||
|
%JAVA_EXE% -version >NUL 2>&1
|
||||||
|
if %ERRORLEVEL% equ 0 goto execute
|
||||||
|
|
||||||
|
echo. 1>&2
|
||||||
|
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
|
||||||
|
echo. 1>&2
|
||||||
|
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
|
||||||
|
echo location of your Java installation. 1>&2
|
||||||
|
|
||||||
|
goto fail
|
||||||
|
|
||||||
|
:findJavaFromJavaHome
|
||||||
|
set JAVA_HOME=%JAVA_HOME:"=%
|
||||||
|
set JAVA_EXE=%JAVA_HOME%/bin/java.exe
|
||||||
|
|
||||||
|
if exist "%JAVA_EXE%" goto execute
|
||||||
|
|
||||||
|
echo. 1>&2
|
||||||
|
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
|
||||||
|
echo. 1>&2
|
||||||
|
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
|
||||||
|
echo location of your Java installation. 1>&2
|
||||||
|
|
||||||
|
goto fail
|
||||||
|
|
||||||
|
:execute
|
||||||
|
@rem Setup the command line
|
||||||
|
|
||||||
|
set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
|
||||||
|
|
||||||
|
|
||||||
|
@rem Execute Gradle
|
||||||
|
"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
|
||||||
|
|
||||||
|
:end
|
||||||
|
@rem End local scope for the variables with windows NT shell
|
||||||
|
if %ERRORLEVEL% equ 0 goto mainEnd
|
||||||
|
|
||||||
|
:fail
|
||||||
|
rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
|
||||||
|
rem the _cmd.exe /c_ return code!
|
||||||
|
set EXIT_CODE=%ERRORLEVEL%
|
||||||
|
if %EXIT_CODE% equ 0 set EXIT_CODE=1
|
||||||
|
if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
|
||||||
|
exit /b %EXIT_CODE%
|
||||||
|
|
||||||
|
:mainEnd
|
||||||
|
if "%OS%"=="Windows_NT" endlocal
|
||||||
|
|
||||||
|
:omega
|
1
settings.gradle.kts
Normal file
1
settings.gradle.kts
Normal file
@ -0,0 +1 @@
|
|||||||
|
rootProject.name = "lf8_starter"
|
13
src/main/java/de/szut/lf8_starter/Lf8StarterApplication.java
Normal file
13
src/main/java/de/szut/lf8_starter/Lf8StarterApplication.java
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
package de.szut.lf8_starter;
|
||||||
|
|
||||||
|
import org.springframework.boot.SpringApplication;
|
||||||
|
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||||
|
|
||||||
|
@SpringBootApplication
|
||||||
|
public class Lf8StarterApplication {
|
||||||
|
|
||||||
|
public static void main(String[] args) {
|
||||||
|
SpringApplication.run(Lf8StarterApplication.class, args);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,60 @@
|
|||||||
|
package de.szut.lf8_starter.config;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.models.Components;
|
||||||
|
import io.swagger.v3.oas.models.OpenAPI;
|
||||||
|
import io.swagger.v3.oas.models.info.Info;
|
||||||
|
import io.swagger.v3.oas.models.security.SecurityRequirement;
|
||||||
|
import io.swagger.v3.oas.models.security.SecurityScheme;
|
||||||
|
import io.swagger.v3.oas.models.servers.Server;
|
||||||
|
import jakarta.servlet.ServletContext;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
public class OpenAPIConfiguration {
|
||||||
|
|
||||||
|
private ServletContext context;
|
||||||
|
|
||||||
|
public OpenAPIConfiguration(ServletContext context) {
|
||||||
|
this.context = context;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public OpenAPI springShopOpenAPI(
|
||||||
|
// @Value("${info.app.version}") String appVersion,
|
||||||
|
) {
|
||||||
|
final String securitySchemeName = "bearerAuth";
|
||||||
|
|
||||||
|
return new OpenAPI()
|
||||||
|
.addServersItem(new Server().url(this.context.getContextPath()))
|
||||||
|
.info(new Info()
|
||||||
|
.title("LF8 project starter")
|
||||||
|
.description("\n## Auth\n" +
|
||||||
|
"\n## Authentication\n" + "\nThis Hello service uses JWTs to authenticate requests. You will receive a bearer token by making a POST-Request in IntelliJ on:\n\n" +
|
||||||
|
"\n" +
|
||||||
|
"```\nPOST http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token\nContent-Type: application/x-www-form-urlencoded\ngrant_type=password&client_id=employee-management-service&username=user&password=test\n```\n" +
|
||||||
|
"\n" +
|
||||||
|
"\nor by CURL\n" +
|
||||||
|
"```\ncurl -X POST 'http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token'\n--header 'Content-Type: application/x-www-form-urlencoded'\n--data-urlencode 'grant_type=password'\n--data-urlencode 'client_id=employee-management-service'\n--data-urlencode 'username=user'\n--data-urlencode 'password=test'\n```\n" +
|
||||||
|
"\nTo get a bearer-token in Postman, you have to follow the instructions in \n [Postman-Documentation](https://documenter.getpostman.com/view/7294517/SzmfZHnd).")
|
||||||
|
|
||||||
|
.version("0.1"))
|
||||||
|
.addSecurityItem(new SecurityRequirement().addList(securitySchemeName))
|
||||||
|
.components(
|
||||||
|
new Components()
|
||||||
|
.addSecuritySchemes(securitySchemeName,
|
||||||
|
new SecurityScheme()
|
||||||
|
.name(securitySchemeName)
|
||||||
|
.type(SecurityScheme.Type.HTTP)
|
||||||
|
.scheme("bearer")
|
||||||
|
.bearerFormat("JWT")
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,33 @@
|
|||||||
|
package de.szut.lf8_starter.config;
|
||||||
|
|
||||||
|
|
||||||
|
import de.szut.lf8_starter.hello.HelloEntity;
|
||||||
|
import de.szut.lf8_starter.hello.HelloRepository;
|
||||||
|
import org.springframework.boot.ApplicationArguments;
|
||||||
|
import org.springframework.boot.ApplicationRunner;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.web.client.RestTemplate;
|
||||||
|
|
||||||
|
@Component
|
||||||
|
public class SampleDataCreator implements ApplicationRunner {
|
||||||
|
|
||||||
|
private HelloRepository repository;
|
||||||
|
|
||||||
|
public SampleDataCreator(HelloRepository repository) {
|
||||||
|
this.repository = repository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void run(ApplicationArguments args) {
|
||||||
|
repository.save(new HelloEntity("Hallo Welt!"));
|
||||||
|
repository.save(new HelloEntity("Schöner Tag heute"));
|
||||||
|
repository.save(new HelloEntity("FooBar"));
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public RestTemplate restTemplate() {
|
||||||
|
return new RestTemplate();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,14 @@
|
|||||||
|
package de.szut.lf8_starter.exceptionHandling;
|
||||||
|
|
||||||
|
import lombok.AllArgsConstructor;
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
|
import java.util.Date;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@AllArgsConstructor
|
||||||
|
public class ErrorDetails {
|
||||||
|
private Date timestamp;
|
||||||
|
private String message;
|
||||||
|
private String details;
|
||||||
|
}
|
@ -0,0 +1,28 @@
|
|||||||
|
package de.szut.lf8_starter.exceptionHandling;
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.annotations.media.Content;
|
||||||
|
import io.swagger.v3.oas.annotations.responses.ApiResponse;
|
||||||
|
import io.swagger.v3.oas.annotations.responses.ApiResponses;
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.web.bind.annotation.ControllerAdvice;
|
||||||
|
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||||
|
import org.springframework.web.context.request.WebRequest;
|
||||||
|
|
||||||
|
import java.util.Date;
|
||||||
|
|
||||||
|
@ControllerAdvice
|
||||||
|
@ApiResponses(value = {
|
||||||
|
@ApiResponse(responseCode = "500", description = "invalid JSON posted",
|
||||||
|
content = @Content)
|
||||||
|
})
|
||||||
|
public class GlobalExceptionHandler {
|
||||||
|
|
||||||
|
@ExceptionHandler(ResourceNotFoundException.class)
|
||||||
|
public ResponseEntity<?> handleHelloEntityNotFoundException(ResourceNotFoundException ex, WebRequest request) {
|
||||||
|
ErrorDetails errorDetails = new ErrorDetails(new Date(), ex.getMessage(), request.getDescription(false));
|
||||||
|
return new ResponseEntity<>(errorDetails, HttpStatus.NOT_FOUND);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,11 @@
|
|||||||
|
package de.szut.lf8_starter.exceptionHandling;
|
||||||
|
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.web.bind.annotation.ResponseStatus;
|
||||||
|
|
||||||
|
@ResponseStatus(value = HttpStatus.NOT_FOUND)
|
||||||
|
public class ResourceNotFoundException extends RuntimeException {
|
||||||
|
public ResourceNotFoundException(String message) {
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
|
}
|
99
src/main/java/de/szut/lf8_starter/hello/HelloController.java
Normal file
99
src/main/java/de/szut/lf8_starter/hello/HelloController.java
Normal file
@ -0,0 +1,99 @@
|
|||||||
|
package de.szut.lf8_starter.hello;
|
||||||
|
|
||||||
|
|
||||||
|
import de.szut.lf8_starter.exceptionHandling.ResourceNotFoundException;
|
||||||
|
import de.szut.lf8_starter.hello.dto.HelloCreateDto;
|
||||||
|
import de.szut.lf8_starter.hello.dto.HelloGetDto;
|
||||||
|
import io.swagger.v3.oas.annotations.Operation;
|
||||||
|
import io.swagger.v3.oas.annotations.media.Content;
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
import io.swagger.v3.oas.annotations.responses.ApiResponse;
|
||||||
|
import io.swagger.v3.oas.annotations.responses.ApiResponses;
|
||||||
|
import jakarta.validation.Valid;
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
@RequestMapping(value = "hello")
|
||||||
|
@PreAuthorize("hasAnyAuthority('user')")
|
||||||
|
public class HelloController {
|
||||||
|
private final HelloService service;
|
||||||
|
private final HelloMapper helloMapper;
|
||||||
|
|
||||||
|
public HelloController(HelloService service, HelloMapper mappingService) {
|
||||||
|
this.service = service;
|
||||||
|
this.helloMapper = mappingService;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Operation(summary = "creates a new hello with its id and message")
|
||||||
|
@ApiResponses(value = {
|
||||||
|
@ApiResponse(responseCode = "201", description = "created hello",
|
||||||
|
content = {@Content(mediaType = "application/json",
|
||||||
|
schema = @Schema(implementation = HelloGetDto.class))}),
|
||||||
|
@ApiResponse(responseCode = "400", description = "invalid JSON posted",
|
||||||
|
content = @Content),
|
||||||
|
@ApiResponse(responseCode = "401", description = "not authorized",
|
||||||
|
content = @Content)})
|
||||||
|
@PostMapping
|
||||||
|
public HelloGetDto create(@RequestBody @Valid HelloCreateDto helloCreateDto) {
|
||||||
|
HelloEntity helloEntity = this.helloMapper.mapCreateDtoToEntity(helloCreateDto);
|
||||||
|
helloEntity = this.service.create(helloEntity);
|
||||||
|
return this.helloMapper.mapToGetDto(helloEntity);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Operation(summary = "delivers a list of hellos")
|
||||||
|
@ApiResponses(value = {
|
||||||
|
@ApiResponse(responseCode = "200", description = "list of hellos",
|
||||||
|
content = {@Content(mediaType = "application/json",
|
||||||
|
schema = @Schema(implementation = HelloGetDto.class))}),
|
||||||
|
@ApiResponse(responseCode = "401", description = "not authorized",
|
||||||
|
content = @Content)})
|
||||||
|
@GetMapping
|
||||||
|
public List<HelloGetDto> findAll() {
|
||||||
|
return this.service
|
||||||
|
.readAll()
|
||||||
|
.stream()
|
||||||
|
.map(e -> this.helloMapper.mapToGetDto(e))
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Operation(summary = "deletes a Hello by id")
|
||||||
|
@ApiResponses(value = {
|
||||||
|
@ApiResponse(responseCode = "204", description = "delete successful"),
|
||||||
|
@ApiResponse(responseCode = "401", description = "not authorized",
|
||||||
|
content = @Content),
|
||||||
|
@ApiResponse(responseCode = "404", description = "resource not found",
|
||||||
|
content = @Content)})
|
||||||
|
@DeleteMapping("/{id}")
|
||||||
|
@ResponseStatus(code = HttpStatus.NO_CONTENT)
|
||||||
|
public void deleteHelloById(@PathVariable long id) {
|
||||||
|
var entity = this.service.readById(id);
|
||||||
|
if (entity == null) {
|
||||||
|
throw new ResourceNotFoundException("HelloEntity not found on id = " + id);
|
||||||
|
} else {
|
||||||
|
this.service.delete(entity);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Operation(summary = "find hellos by message")
|
||||||
|
@ApiResponses(value = {
|
||||||
|
@ApiResponse(responseCode = "200", description = "List of hellos who have the given message",
|
||||||
|
content = {@Content(mediaType = "application/json",
|
||||||
|
schema = @Schema(implementation = HelloGetDto.class))}),
|
||||||
|
@ApiResponse(responseCode = "404", description = "qualification description does not exist",
|
||||||
|
content = @Content),
|
||||||
|
@ApiResponse(responseCode = "401", description = "not authorized",
|
||||||
|
content = @Content)})
|
||||||
|
@GetMapping("/findByMessage")
|
||||||
|
public List<HelloGetDto> findAllEmployeesByQualification(@RequestParam String message) {
|
||||||
|
return this.service
|
||||||
|
.findByMessage(message)
|
||||||
|
.stream()
|
||||||
|
.map(e -> this.helloMapper.mapToGetDto(e))
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
}
|
||||||
|
}
|
27
src/main/java/de/szut/lf8_starter/hello/HelloEntity.java
Normal file
27
src/main/java/de/szut/lf8_starter/hello/HelloEntity.java
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
package de.szut.lf8_starter.hello;
|
||||||
|
|
||||||
|
import jakarta.persistence.*;
|
||||||
|
import lombok.AllArgsConstructor;
|
||||||
|
import lombok.Getter;
|
||||||
|
import lombok.NoArgsConstructor;
|
||||||
|
import lombok.Setter;
|
||||||
|
|
||||||
|
@NoArgsConstructor
|
||||||
|
@AllArgsConstructor
|
||||||
|
@Getter
|
||||||
|
@Setter
|
||||||
|
@Entity
|
||||||
|
@Table(name = "hello")
|
||||||
|
public class HelloEntity {
|
||||||
|
|
||||||
|
@Id
|
||||||
|
@GeneratedValue(strategy = GenerationType.IDENTITY)
|
||||||
|
private long id;
|
||||||
|
|
||||||
|
private String message;
|
||||||
|
|
||||||
|
public HelloEntity(String message) {
|
||||||
|
this.message = message;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
20
src/main/java/de/szut/lf8_starter/hello/HelloMapper.java
Normal file
20
src/main/java/de/szut/lf8_starter/hello/HelloMapper.java
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
package de.szut.lf8_starter.hello;
|
||||||
|
|
||||||
|
|
||||||
|
import de.szut.lf8_starter.hello.dto.HelloCreateDto;
|
||||||
|
import de.szut.lf8_starter.hello.dto.HelloGetDto;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
@Service
|
||||||
|
public class HelloMapper {
|
||||||
|
|
||||||
|
public HelloGetDto mapToGetDto(HelloEntity entity) {
|
||||||
|
return new HelloGetDto(entity.getId(), entity.getMessage());
|
||||||
|
}
|
||||||
|
|
||||||
|
public HelloEntity mapCreateDtoToEntity(HelloCreateDto dto) {
|
||||||
|
var entity = new HelloEntity();
|
||||||
|
entity.setMessage(dto.getMessage());
|
||||||
|
return entity;
|
||||||
|
}
|
||||||
|
}
|
12
src/main/java/de/szut/lf8_starter/hello/HelloRepository.java
Normal file
12
src/main/java/de/szut/lf8_starter/hello/HelloRepository.java
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
package de.szut.lf8_starter.hello;
|
||||||
|
|
||||||
|
|
||||||
|
import org.springframework.data.jpa.repository.JpaRepository;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
public interface HelloRepository extends JpaRepository<HelloEntity, Long> {
|
||||||
|
|
||||||
|
|
||||||
|
List<HelloEntity> findByMessage(String message);
|
||||||
|
}
|
40
src/main/java/de/szut/lf8_starter/hello/HelloService.java
Normal file
40
src/main/java/de/szut/lf8_starter/hello/HelloService.java
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
package de.szut.lf8_starter.hello;
|
||||||
|
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Optional;
|
||||||
|
|
||||||
|
@Service
|
||||||
|
public class HelloService {
|
||||||
|
private final HelloRepository repository;
|
||||||
|
|
||||||
|
public HelloService(HelloRepository repository) {
|
||||||
|
this.repository = repository;
|
||||||
|
}
|
||||||
|
|
||||||
|
public HelloEntity create(HelloEntity entity) {
|
||||||
|
return this.repository.save(entity);
|
||||||
|
}
|
||||||
|
|
||||||
|
public List<HelloEntity> readAll() {
|
||||||
|
return this.repository.findAll();
|
||||||
|
}
|
||||||
|
|
||||||
|
public HelloEntity readById(long id) {
|
||||||
|
Optional<HelloEntity> optionalQualification = this.repository.findById(id);
|
||||||
|
if (optionalQualification.isEmpty()) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
return optionalQualification.get();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public void delete(HelloEntity entity) {
|
||||||
|
this.repository.delete(entity);
|
||||||
|
}
|
||||||
|
|
||||||
|
public List<HelloEntity> findByMessage(String message) {
|
||||||
|
return this.repository.findByMessage(message);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,20 @@
|
|||||||
|
package de.szut.lf8_starter.hello.dto;
|
||||||
|
|
||||||
|
import com.fasterxml.jackson.annotation.JsonCreator;
|
||||||
|
import jakarta.validation.constraints.Size;
|
||||||
|
import lombok.Getter;
|
||||||
|
import lombok.Setter;
|
||||||
|
|
||||||
|
|
||||||
|
@Getter
|
||||||
|
@Setter
|
||||||
|
public class HelloCreateDto {
|
||||||
|
|
||||||
|
@Size(min = 3, message = "at least length of 3")
|
||||||
|
private String message;
|
||||||
|
|
||||||
|
@JsonCreator
|
||||||
|
public HelloCreateDto(String message) {
|
||||||
|
this.message = message;
|
||||||
|
}
|
||||||
|
}
|
17
src/main/java/de/szut/lf8_starter/hello/dto/HelloGetDto.java
Normal file
17
src/main/java/de/szut/lf8_starter/hello/dto/HelloGetDto.java
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
package de.szut.lf8_starter.hello.dto;
|
||||||
|
|
||||||
|
import lombok.AllArgsConstructor;
|
||||||
|
import lombok.Getter;
|
||||||
|
import lombok.Setter;
|
||||||
|
|
||||||
|
@AllArgsConstructor
|
||||||
|
@Getter
|
||||||
|
@Setter
|
||||||
|
public class HelloGetDto {
|
||||||
|
|
||||||
|
private long id;
|
||||||
|
|
||||||
|
private String message;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,49 @@
|
|||||||
|
package de.szut.lf8_starter.security;
|
||||||
|
|
||||||
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
|
||||||
|
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.web.client.RestTemplate;
|
||||||
|
import org.springframework.web.util.UriComponentsBuilder;
|
||||||
|
|
||||||
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
|
|
||||||
|
@Slf4j
|
||||||
|
@Component
|
||||||
|
public class KeycloakLogoutHandler implements LogoutHandler {
|
||||||
|
|
||||||
|
|
||||||
|
private final RestTemplate restTemplate;
|
||||||
|
|
||||||
|
public KeycloakLogoutHandler(RestTemplate restTemplate) {
|
||||||
|
this.restTemplate = restTemplate;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) {
|
||||||
|
logout(request, auth);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void logout(HttpServletRequest request, Authentication auth) {
|
||||||
|
logoutFromKeycloak((OidcUser) auth.getPrincipal());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void logoutFromKeycloak(OidcUser user) {
|
||||||
|
String endSessionEndpoint = user.getIssuer() + "/protocol/openid-connect/logout";
|
||||||
|
UriComponentsBuilder builder = UriComponentsBuilder
|
||||||
|
.fromUriString(endSessionEndpoint)
|
||||||
|
.queryParam("id_token_hint", user.getIdToken().getTokenValue());
|
||||||
|
|
||||||
|
ResponseEntity<String> logoutResponse = restTemplate.getForEntity(builder.toUriString(), String.class);
|
||||||
|
if (logoutResponse.getStatusCode().is2xxSuccessful()) {
|
||||||
|
log.info("Successfulley logged out from Keycloak");
|
||||||
|
} else {
|
||||||
|
log.error("Could not propagate logout to Keycloak");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,97 @@
|
|||||||
|
package de.szut.lf8_starter.security;
|
||||||
|
|
||||||
|
import java.util.*;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.http.HttpMethod;
|
||||||
|
import org.springframework.security.config.Customizer;
|
||||||
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||||
|
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
|
||||||
|
import org.springframework.security.core.session.SessionRegistry;
|
||||||
|
import org.springframework.security.core.session.SessionRegistryImpl;
|
||||||
|
import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
|
||||||
|
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
|
||||||
|
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
|
||||||
|
import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
|
||||||
|
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
||||||
|
import org.springframework.security.web.session.HttpSessionEventPublisher;
|
||||||
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
@EnableWebSecurity
|
||||||
|
class KeycloakSecurityConfig {
|
||||||
|
|
||||||
|
private static final String GROUPS = "groups";
|
||||||
|
private static final String REALM_ACCESS_CLAIM = "realm_access";
|
||||||
|
private static final String ROLES_CLAIM = "roles";
|
||||||
|
|
||||||
|
private final KeycloakLogoutHandler keycloakLogoutHandler;
|
||||||
|
|
||||||
|
KeycloakSecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
|
||||||
|
this.keycloakLogoutHandler = keycloakLogoutHandler;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public SessionRegistry sessionRegistry() {
|
||||||
|
return new SessionRegistryImpl();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
|
||||||
|
return new RegisterSessionAuthenticationStrategy(sessionRegistry());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public HttpSessionEventPublisher httpSessionEventPublisher() {
|
||||||
|
return new HttpSessionEventPublisher();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
|
||||||
|
|
||||||
|
http.authorizeHttpRequests(auth -> auth
|
||||||
|
.requestMatchers(new AntPathRequestMatcher("/welcome"))
|
||||||
|
.permitAll()
|
||||||
|
.requestMatchers(
|
||||||
|
new AntPathRequestMatcher("/swagger"),
|
||||||
|
new AntPathRequestMatcher("/swagger-ui/**"),
|
||||||
|
new AntPathRequestMatcher("/v3/api-docs/**"))
|
||||||
|
.permitAll()
|
||||||
|
.requestMatchers(new AntPathRequestMatcher("/hello/**"))
|
||||||
|
.hasRole("user")
|
||||||
|
.requestMatchers(new AntPathRequestMatcher("/roles"))
|
||||||
|
.authenticated()
|
||||||
|
.requestMatchers(new AntPathRequestMatcher("/"))
|
||||||
|
.permitAll()
|
||||||
|
.anyRequest()
|
||||||
|
.authenticated()).oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
|
||||||
|
return http.build();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public JwtAuthenticationConverter jwtAuthenticationConverter() {
|
||||||
|
JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
|
||||||
|
jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwt -> {
|
||||||
|
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
|
||||||
|
|
||||||
|
Map<String, Object> realmAccess = jwt.getClaim("realm_access");
|
||||||
|
if (realmAccess != null && realmAccess.containsKey("roles")) {
|
||||||
|
List<String> roles = (List<String>) realmAccess.get("roles");
|
||||||
|
for (String role : roles) {
|
||||||
|
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + role));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return grantedAuthorities;
|
||||||
|
});
|
||||||
|
return jwtAuthenticationConverter;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,27 @@
|
|||||||
|
package de.szut.lf8_starter.welcome;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
|
|
||||||
|
import java.security.Principal;
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
public class WelcomeController {
|
||||||
|
|
||||||
|
@GetMapping("/welcome")
|
||||||
|
public String welcome() {
|
||||||
|
return "welcome to lf8_starter";
|
||||||
|
}
|
||||||
|
|
||||||
|
@GetMapping("/roles")
|
||||||
|
public ResponseEntity<?> getRoles(Authentication authentication) {
|
||||||
|
return ResponseEntity.ok(authentication.getAuthorities());
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
24
src/main/resources/application.properties
Normal file
24
src/main/resources/application.properties
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
spring.datasource.url=jdbc:postgresql://localhost:5432/lf8_starter_db
|
||||||
|
spring.datasource.username=lf8_starter
|
||||||
|
spring.datasource.password=secret
|
||||||
|
server.port=8080
|
||||||
|
spring.jpa.hibernate.ddl-auto=create-drop
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
spring.application.name=lf8_starter
|
||||||
|
#client registration configuration
|
||||||
|
spring.security.oauth2.client.registration.keycloak.client-id=employee-management-service
|
||||||
|
spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
|
||||||
|
spring.security.oauth2.client.registration.keycloak.scope=openid
|
||||||
|
|
||||||
|
#OIDC provider configuration:
|
||||||
|
spring.security.oauth2.client.provider.keycloak.issuer-uri=https://keycloak.szut.dev/auth/realms/szut
|
||||||
|
spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
|
||||||
|
logging.level.org.springframework.security=DEBUG
|
||||||
|
#validating JWT token against our Keycloak server
|
||||||
|
spring.security.oauth2.resourceserver.jwt.issuer-uri=https://keycloak.szut.dev/auth/realms/szut
|
||||||
|
|
||||||
|
springdoc.swagger-ui.path=swagger
|
||||||
|
springdoc.swagger-ui.try-it-out-enabled=true
|
||||||
|
|
@ -0,0 +1,13 @@
|
|||||||
|
package de.szut.lf8_starter;
|
||||||
|
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.springframework.boot.test.context.SpringBootTest;
|
||||||
|
|
||||||
|
@SpringBootTest
|
||||||
|
class Lf8StarterApplicationTests {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void contextLoads() {
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user