refactor: Fix yellow code smells #27

Merged
jank merged 11 commits from refactor/fix-yellow-code-smells into main 2024-10-02 08:43:02 +00:00
5 changed files with 41 additions and 57 deletions

@ -58,20 +58,25 @@ repositories {
mavenCentral() mavenCentral()
} }
val springDocVersion = "2.6.0"
val oauth2Version = "3.3.4"
dependencies { dependencies {
implementation("org.springframework.boot:spring-boot-starter-data-jpa") implementation("org.springframework.boot:spring-boot-starter-data-jpa")
implementation("org.springframework.boot:spring-boot-starter-web") implementation("org.springframework.boot:spring-boot-starter-web")
implementation("org.springframework.boot:spring-boot-starter-validation") implementation("org.springframework.boot:spring-boot-starter-validation")
implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:$springDocVersion")
implementation("org.springframework.boot:spring-boot-starter-security")
implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server:$oauth2Version")
implementation("org.springframework.boot:spring-boot-starter-oauth2-client:$oauth2Version")
testImplementation("com.h2database:h2")
testImplementation("org.springframework.boot:spring-boot-starter-test")
compileOnly("org.projectlombok:lombok") compileOnly("org.projectlombok:lombok")
annotationProcessor("org.projectlombok:lombok") annotationProcessor("org.projectlombok:lombok")
testImplementation("org.springframework.boot:spring-boot-starter-test")
testRuntimeOnly("org.junit.platform:junit-platform-launcher") testRuntimeOnly("org.junit.platform:junit-platform-launcher")
implementation("org.springframework.boot:spring-boot-starter-security")
implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server:3.3.4")
implementation("org.springframework.boot:spring-boot-starter-oauth2-client:3.3.4")
runtimeOnly("org.postgresql:postgresql") runtimeOnly("org.postgresql:postgresql")
implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0")
testImplementation("com.h2database:h2")
} }
tasks.withType<Test> { tasks.withType<Test> {

@ -1,7 +1,6 @@
package de.szut.lf8_starter.config; package de.szut.lf8_starter.config;
import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI; import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Info; import io.swagger.v3.oas.models.info.Info;
@ -33,15 +32,33 @@ public class OpenAPIConfiguration {
.addServersItem(new Server().url(this.context.getContextPath())) .addServersItem(new Server().url(this.context.getContextPath()))
.info(new Info() .info(new Info()
.title("LF8 project starter") .title("LF8 project starter")
.description("\n## Auth\n" + .description("""
"\n## Authentication\n" + "\nThis Hello service uses JWTs to authenticate requests. You will receive a bearer token by making a POST-Request in IntelliJ on:\n\n" + ## Auth
"\n" +
"```\nPOST http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token\nContent-Type: application/x-www-form-urlencoded\ngrant_type=password&client_id=employee-management-service&username=user&password=test\n```\n" +
"\n" +
"\nor by CURL\n" +
"```\ncurl -X POST 'http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token'\n--header 'Content-Type: application/x-www-form-urlencoded'\n--data-urlencode 'grant_type=password'\n--data-urlencode 'client_id=employee-management-service'\n--data-urlencode 'username=user'\n--data-urlencode 'password=test'\n```\n" +
"\nTo get a bearer-token in Postman, you have to follow the instructions in \n [Postman-Documentation](https://documenter.getpostman.com/view/7294517/SzmfZHnd).")
## Authentication
This Hello service uses JWTs to authenticate requests. You will receive a bearer token by making a POST-Request in IntelliJ on:
```
POST http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token
Content-Type: application/x-www-form-urlencoded
grant_type=password&client_id=employee-management-service&username=user&password=test
```
or by CURL:
```
curl -X POST 'http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token'
--header 'Content-Type: application/x-www-form-urlencoded'
--data-urlencode 'grant_type=password'
--data-urlencode 'client_id=employee-management-service'
--data-urlencode 'username=user'
--data-urlencode 'password=test'
```
To get a bearer-token in Postman, you have to follow the instructions in
[Postman-Documentation](https://documenter.getpostman.com/view/7294517/SzmfZHnd).
""")
.version("0.1")) .version("0.1"))
.addSecurityItem(new SecurityRequirement().addList(securitySchemeName)) .addSecurityItem(new SecurityRequirement().addList(securitySchemeName))
.components( .components(

@ -45,22 +45,6 @@ public class HelloController {
return this.helloMapper.mapToGetDto(helloEntity); return this.helloMapper.mapToGetDto(helloEntity);
} }
@Operation(summary = "delivers a list of hellos")
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "list of hellos",
content = {@Content(mediaType = "application/json",
schema = @Schema(implementation = HelloGetDto.class))}),
@ApiResponse(responseCode = "401", description = "not authorized",
content = @Content)})
@GetMapping
public List<HelloGetDto> findAll() {
return this.service
.readAll()
.stream()
.map(e -> this.helloMapper.mapToGetDto(e))
.collect(Collectors.toList());
}
@Operation(summary = "deletes a Hello by id") @Operation(summary = "deletes a Hello by id")
@ApiResponses(value = { @ApiResponses(value = {
@ApiResponse(responseCode = "204", description = "delete successful"), @ApiResponse(responseCode = "204", description = "delete successful"),
@ -78,22 +62,4 @@ public class HelloController {
this.service.delete(entity); this.service.delete(entity);
} }
} }
@Operation(summary = "find hellos by message")
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "List of hellos who have the given message",
content = {@Content(mediaType = "application/json",
schema = @Schema(implementation = HelloGetDto.class))}),
@ApiResponse(responseCode = "404", description = "qualification description does not exist",
content = @Content),
@ApiResponse(responseCode = "401", description = "not authorized",
content = @Content)})
@GetMapping("/findByMessage")
public List<HelloGetDto> findAllEmployeesByQualification(@RequestParam String message) {
return this.service
.findByMessage(message)
.stream()
.map(e -> this.helloMapper.mapToGetDto(e))
.collect(Collectors.toList());
}
} }

@ -25,10 +25,10 @@ public class KeycloakLogoutHandler implements LogoutHandler {
@Override @Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) { public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) {
logout(request, auth); logout(auth);
} }
public void logout(HttpServletRequest request, Authentication auth) { public void logout(Authentication auth) {
logoutFromKeycloak((OidcUser) auth.getPrincipal()); logoutFromKeycloak((OidcUser) auth.getPrincipal());
} }

@ -29,14 +29,10 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@EnableWebSecurity @EnableWebSecurity
class KeycloakSecurityConfig { class KeycloakSecurityConfig {
private static final String GROUPS = "groups";
private static final String REALM_ACCESS_CLAIM = "realm_access"; private static final String REALM_ACCESS_CLAIM = "realm_access";
private static final String ROLES_CLAIM = "roles"; private static final String ROLES_CLAIM = "roles";
private final KeycloakLogoutHandler keycloakLogoutHandler; KeycloakSecurityConfig() {
KeycloakSecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
this.keycloakLogoutHandler = keycloakLogoutHandler;
} }
@Bean @Bean