├── .gitignore
├── README.md
├── docinfo-footer.html
├── images
    ├── mvc.png
    ├── logout_404.png
    ├── micrometer.png
    ├── domain_model.png
    ├── lombok_install.png
    ├── reactive_stack.png
    ├── spring-security.jpeg
    ├── mysql_empty_schema.png
    ├── mysql_show_tables.png
    ├── reddit_spring_boot.png
    ├── springit_db_start.png
    ├── 2018-02-28_07-12-58.png
    ├── command_line_runner.png
    ├── pexels-photo-113726.jpeg
    ├── pexels-photo-209728.jpeg
    ├── pexels-photo-241544.jpeg
    ├── pexels-photo-768472.jpeg
    ├── pexels-photo-860379.jpeg
    ├── thymeleaf_dependency.png
    ├── mysql_user_permissions.png
    ├── pexels-photo-273238-2.jpeg
    ├── jon-tyson-520864d-unsplash.jpg
    ├── springit_registration_form.png
    ├── lombok_annotation_processing.png
    ├── mark-solarski-209233-unsplash.jpg
    └── mac-freelancer-macintosh-macbook-40185.jpeg
├── docinfo.html
├── _developmentEnv.adoc
├── _essentials.adoc
├── _buildingSpringit.adoc
├── _github.adoc
├── index.adoc
├── _resources.adoc
├── _courseDetails.adoc
├── prism
    ├── prism.css
    └── prism.js
├── course_sections
    ├── _comments.adoc
    ├── _spring-mvc-controller.adoc
    ├── _service.adoc
    ├── _voting.adoc
    ├── _database.adoc
    ├── _spring-mvc-model.adoc
    ├── _spring-mvc-view.adoc
    └── _spring-security.adoc
├── _whatsnew_springfw5.adoc
└── _whatsnew_springboot2.adoc


/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # springit-course-docs
2 | 


--------------------------------------------------------------------------------
/docinfo-footer.html:
--------------------------------------------------------------------------------
1 | <script src="prism/prism.js"></script>


--------------------------------------------------------------------------------
/images/mvc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/mvc.png


--------------------------------------------------------------------------------
/images/logout_404.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/logout_404.png


--------------------------------------------------------------------------------
/images/micrometer.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/micrometer.png


--------------------------------------------------------------------------------
/images/domain_model.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/domain_model.png


--------------------------------------------------------------------------------
/images/lombok_install.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/lombok_install.png


--------------------------------------------------------------------------------
/images/reactive_stack.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/reactive_stack.png


--------------------------------------------------------------------------------
/images/spring-security.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/spring-security.jpeg


--------------------------------------------------------------------------------
/images/mysql_empty_schema.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/mysql_empty_schema.png


--------------------------------------------------------------------------------
/images/mysql_show_tables.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/mysql_show_tables.png


--------------------------------------------------------------------------------
/images/reddit_spring_boot.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/reddit_spring_boot.png


--------------------------------------------------------------------------------
/images/springit_db_start.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/springit_db_start.png


--------------------------------------------------------------------------------
/images/2018-02-28_07-12-58.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/2018-02-28_07-12-58.png


--------------------------------------------------------------------------------
/images/command_line_runner.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/command_line_runner.png


--------------------------------------------------------------------------------
/images/pexels-photo-113726.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/pexels-photo-113726.jpeg


--------------------------------------------------------------------------------
/images/pexels-photo-209728.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/pexels-photo-209728.jpeg


--------------------------------------------------------------------------------
/images/pexels-photo-241544.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/pexels-photo-241544.jpeg


--------------------------------------------------------------------------------
/images/pexels-photo-768472.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/pexels-photo-768472.jpeg


--------------------------------------------------------------------------------
/images/pexels-photo-860379.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/pexels-photo-860379.jpeg


--------------------------------------------------------------------------------
/images/thymeleaf_dependency.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/thymeleaf_dependency.png


--------------------------------------------------------------------------------
/images/mysql_user_permissions.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/mysql_user_permissions.png


--------------------------------------------------------------------------------
/images/pexels-photo-273238-2.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/pexels-photo-273238-2.jpeg


--------------------------------------------------------------------------------
/images/jon-tyson-520864d-unsplash.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/jon-tyson-520864d-unsplash.jpg


--------------------------------------------------------------------------------
/images/springit_registration_form.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/springit_registration_form.png


--------------------------------------------------------------------------------
/images/lombok_annotation_processing.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/lombok_annotation_processing.png


--------------------------------------------------------------------------------
/images/mark-solarski-209233-unsplash.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/mark-solarski-209233-unsplash.jpg


--------------------------------------------------------------------------------
/images/mac-freelancer-macintosh-macbook-40185.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/danvega/springit-course-docs/HEAD/images/mac-freelancer-macintosh-macbook-40185.jpeg


--------------------------------------------------------------------------------
/docinfo.html:
--------------------------------------------------------------------------------
1 | <link href="prism/prism.css" rel="stylesheet" />
2 | <style>
3 |     /* Override Asciidoctor CSS to get the correct background */
4 |     .listingblock pre[class^="highlight "] {
5 |         background: #272822;
6 |     }
7 | </style>
8 | 


--------------------------------------------------------------------------------
/_developmentEnv.adoc:
--------------------------------------------------------------------------------
 1 | === Java
 2 | 
 3 | ==== SDKMan
 4 | 
 5 | === Build Tools
 6 | 
 7 | ==== Maven
 8 | ==== Gradle
 9 | 
10 | === IDE & Text Editors
11 | 
12 | ==== IntelliJ
13 | ==== Spring Tool Suite (Eclipse)
14 | ==== Visual Studio Code
15 | 
16 | === Amazon Web Services (AWS)
17 | 


--------------------------------------------------------------------------------
/_essentials.adoc:
--------------------------------------------------------------------------------
 1 | === Actuator
 2 | 
 3 | .Actuator Dependency
 4 | ```xml
 5 | <dependency>
 6 |     <groupId>org.springframework.boot</groupId>
 7 |     <artifactId>spring-boot-starter-actuator</artifactId>
 8 | </dependency>
 9 | ```
10 | 
11 | .Actuator Properties
12 | ```properties
13 | # open up all of the endpoints for demo purposes
14 | # only expose certain endpoints ["health","info"]
15 | management.endpoints.web.expose=*
16 | management.endpoints.web.exclude=env
17 | management.endpoint.health.show-details=true
18 | ```


--------------------------------------------------------------------------------
/_buildingSpringit.adoc:
--------------------------------------------------------------------------------
 1 | :imagesdir: images/
 2 | 
 3 | This section of the documentation is going to contain details about each section of the course as we begin to build out our Reddit clone. In
 4 | each of these sections I will provide information, code or even links to topics that we discuss as we start to develop our application. Each
 5 | section underneath Building Springit represents a section in the course from here on out. So if you're working on the Service Layer section,
 6 | click on the Service Layer sub section here to find all of the accompanying documentation. 
 7 | 
 8 | TIP: MVC stands for Model View Controller
 9 | 
10 | === Spring MVC: Model
11 | include::course_sections/_spring-mvc-model.adoc[]
12 | 
13 | === Database Layer
14 | include::course_sections/_database.adoc[]
15 | 
16 | === Spring MVC: Controller
17 | include::course_sections/_spring-mvc-controller.adoc[]
18 | 
19 | === Spring MVC: The View Layer
20 | include::course_sections/_spring-mvc-view.adoc[]
21 | 
22 | === Spring Security
23 | include::course_sections/_spring-security.adoc[]
24 | 
25 | === Voting
26 | include::course_sections/_voting.adoc[]
27 | 
28 | === Comments
29 | include::course_sections/_comments.adoc[]
30 | 
31 | === Spring MVC: The Service Layer
32 | include::course_sections/_service.adoc[]
33 | 


--------------------------------------------------------------------------------
/_github.adoc:
--------------------------------------------------------------------------------
 1 | === Repositories
 2 | 
 3 | ==== Main Repo
 4 | 
 5 | This is a reddit clone built using Spring Boot 2. I created this project to show off all the cool features of Spring Boot 2.
 6 | 
 7 | https://github.com/cfaddict/springit
 8 | 
 9 | ==== UI Templates
10 | 
11 | These are the HTML templates that we are using to build out UI for this course. I wanted to provide the raw templates before we start
12 | introducing Thymleaf into the equation.
13 | 
14 | https://github.com/cfaddict/springit-templates
15 | 
16 | === Learning
17 | This is a collection of websites, training videos and resources to help you learn Git & Github. While this course isn't
18 | specifically about Git or Github I think it is an important skill to learn. If you have some time please consider
19 | going through some of the links below.
20 | 
21 | Websites
22 | 
23 | * https://git-scm.com/[Git]
24 | * https://github.com[Github]
25 | 
26 | Resources
27 | 
28 | * https://www.youtube.com/playlist?list=PL0lo9MOBetEHhfG9vJzVCTiDYcbhAiEqL[Github & Git Foundations]
29 | * https://help.github.com/articles/git-and-github-learning-resources/[Github Learning Resources]
30 | * https://guides.github.com/introduction/flow/[Understanding Github Workflows]
31 | * https://guides.github.com/features/mastering-markdown[Mastering Markdown]
32 | * https://www.youtube.com/watch?v=EwWZbyjDs9c[Github Review - Exploring Workflows]
33 | 
34 | === Using Git & Github
35 | If you're brand new to Git & Github please don't let that throw you off of this course. I have left you with some resources to learn these tools but
36 | they are not a requirement for you to learn about what is new in Spring Boot 2. I also don't want you to get discouraged if you are not an IntelliJ user. There is nothing I showed in this section that you couldn't do from your IDE or editor of choice. I just happen to be using IntelliJ so I wanted
37 | to show off the tools available within the IDE. 
38 | 


--------------------------------------------------------------------------------
/index.adoc:
--------------------------------------------------------------------------------
 1 | = Getting Started with Spring Boot 2.0
 2 | Dan Vega <danvega@gmail.com>
 3 | 0.1, April 14, 2018
 4 | :toc: left
 5 | :toclevels: 3
 6 | :icons: font
 7 | :quick-uri: http://www.therealdanvega.com/spring-boot-2
 8 | :docinfo: shared
 9 | 
10 | This is the documentation for my course titled "Getting Started with Spring Boot 2". This documentation will be a central
11 | repository for a lot of the course details.
12 | 
13 | == Course Details
14 | include::_courseDetails.adoc[]
15 | 
16 | == Development Environment
17 | include::_developmentEnv.adoc[]
18 | 
19 | == What's new in Spring
20 | 
21 | === Spring Framework 5
22 | include::_whatsnew_springfw5.adoc[]
23 | 
24 | === Spring Boot 2
25 | include::_whatsnew_springboot2.adoc[]
26 | 
27 | == Github
28 | include::_github.adoc[]
29 | 
30 | == Spring Boot Essentials
31 | include::_essentials.adoc[]
32 | 
33 | == Building Springit
34 | include::_buildingSpringit.adoc[]
35 | 
36 | == Resources
37 | include::_resources.adoc[]
38 | 
39 | == Join our Community
40 | 
41 | We have started a brand new community for Spring Boot Developers. I want to invite all of you to a new private
42 | Facebook community that I recently started. This is a place for developers to talk about projects that they are
43 | working on, share new tips and tricks and even get help with problems that they are running into in their day to day
44 | development. I will be sharing some of my favorite books, courses and tutorials that will help you sharpen your
45 | Spring Development skills. This should be a fun place for all of us to hang out, so head on over and sign up.
46 | I can’t wait to chat with you!
47 | 
48 | https://www.facebook.com/groups/157072618416340/
49 | 
50 | == Contact Me
51 | Dan Vega +
52 | danvega@gmail.com +
53 | http://www.therealdanvega.com +
54 | 
55 | *Social Media*
56 | 
57 | http://www.facebook.com/therealdanvega[Facebook] |
58 | http://www.twitter.com/therealdanvega[Twitter] |
59 | http://www.instagram.com/thedanvega[Instagram] |
60 | http://www.youtube.com/therealdanvega/[YouTube] |
61 | https://www.linkedin.com/in/danvega/[LinkedIn] |
62 | https://github.com/cfaddict/[Github]
63 | 


--------------------------------------------------------------------------------
/_resources.adoc:
--------------------------------------------------------------------------------
 1 | === Spring Documentation
 2 | There are a ton of great resources out there but I want to start with the documentation. The documentation for Spring Framework and Spring Boot has really improved over the years. I love some of the dedicated guides we got this time around with Actuator and the Gradle Plugin. 
 3 | 
 4 | ==== Spring Framework 5
 5 | * https://docs.spring.io/spring/docs/current/spring-framework-reference/[Spring Framework Reference Documentation]
 6 |     ** https://docs.spring.io/spring/docs/current/spring-framework-reference/core.html#spring-core[Spring Core]
 7 |     ** https://docs.spring.io/spring/docs/current/spring-framework-reference/testing.html#testing[Testing]
 8 |     ** https://docs.spring.io/spring/docs/current/spring-framework-reference/data-access.html#spring-data-tier[Data Access]
 9 |     ** https://docs.spring.io/spring/docs/current/spring-framework-reference/web.html#spring-web[Web Servlet]
10 |     ** https://docs.spring.io/spring/docs/current/spring-framework-reference/web-reactive.html#spring-webflux[Web Reactive]
11 |     ** https://docs.spring.io/spring/docs/current/spring-framework-reference/integration.html#spring-integration[Integration]
12 |     ** https://docs.spring.io/spring/docs/current/spring-framework-reference/languages.html#languages[Languages]
13 | * https://docs.spring.io/spring/docs/5.0.5.RELEASE/javadoc-api/[Spring Framework 5 API]
14 | 
15 | ==== Spring Boot
16 | 
17 | * https://docs.spring.io/spring-boot/docs/2.0.x/reference/html/[Spring Boot Reference Guide]
18 | * https://docs.spring.io/spring-boot/docs/2.0.x/api/[Spring Boot API]
19 | * https://docs.spring.io/spring-boot/docs/2.0.x/actuator-api/html/[Spring Boot Actuator Web API]
20 | * https://docs.spring.io/spring-boot/docs/2.0.x/gradle-plugin/reference/html/[Spring Boot Gradle Plugin Reference]
21 | * https://docs.spring.io/spring-boot/docs/2.0.x/maven-plugin/[Spring Boot Maven Plugin Reference]
22 | * https://docs.spring.io/spring-boot/docs/2.0.x/reference/html/common-application-properties.html[Common Application Properties]
23 | 
24 | === Spring Source Code
25 | 
26 | ==== Spring Framework
27 | https://github.com/spring-projects/spring-framework
28 | 
29 | ==== Spring Boot
30 | https://github.com/spring-projects/spring-boot
31 | 
32 | === Books
33 | 
34 | === Websites
35 | 
36 | === Blog
37 | 
38 | === Twitter
39 | 
40 | 


--------------------------------------------------------------------------------
/_courseDetails.adoc:
--------------------------------------------------------------------------------
 1 | If you're reading this document than you have most likely signed up for my course "Getting Started
 2 | with Spring Boot 2". I want to thank you for supporting me and taking the time to invest
 3 | in yourself. I hope you enjoy this course and if you have any questions please feel free to
 4 | <<index.adoc#_contact_me,contact me>>.
 5 | 
 6 | === About
 7 | This course offers hands-on experience building Spring Framework applications using Spring Boot. The first thing that is going to stand out is that we are going to move away from the boring, non-useful demos. In the new course, we are going to build a practical application from start to finish. This will allow you to see the process I use for building applications from idea to launch.
 8 | 
 9 | One of the big thing I heard from my students in my first course is that they wanted more information on how to go into production. A great application isn’t that useful if we can deploy it into a production environment. We will take a look at using one of the most popular cloud services around, Amazon Web Services (AWS). On completion, students will have the foundation they need to build enterprise-ready Java applications.
10 | 
11 | === Prerequisites
12 | * Java Developer
13 | * Web Development
14 | * Git & Github
15 | * Heard of Spring Framework & Spring Boot
16 | * You want to see some of the new features in:
17 |     ** Spring Framework 5
18 |     ** Spring Boot 2.0
19 | 
20 | === Requirements
21 | * Java 9
22 | * Mac OS / Windows / Linux
23 | 
24 | === Curriculum
25 | * Introduction
26 |     ** Course Introduction
27 |     ** Goals for this course
28 |     ** Development Environment Setup
29 |     ** Course Documentation
30 |     ** Spring Framework vs Spring Boot
31 | * Project Overview
32 |     ** Introduction
33 |     ** Create the Initial Project
34 |     ** Running with Spring Boot
35 |     ** Requirements
36 |     ** UI Intro
37 |     ** UI Templates
38 |     ** Domain Model
39 | * Github
40 |     ** Introduction
41 |     ** Create the initial repository
42 |     ** README setup
43 |     ** Branching strategy
44 | * Spring Boot Essentials
45 |     ** Introduction
46 |     ** Spring Boot devtools
47 |     ** Configuration & Properties
48 |     ** Profiles
49 |     ** Debugging & Logging
50 |     ** Actuator
51 | * Spring MVC: Model
52 |     ** Spring Data JPA Introduction
53 |     ** Link Entity & Repository
54 |     ** Project Lombok Refactor
55 |     ** Comment & Vote Entities
56 |     ** Auditing Aware
57 | * Database Layer
58 |     ** Properties
59 |     ** H2 in memory database setup
60 |     ** Creating data using SQL
61 |     ** Creating data using Java
62 | 
63 | === Course Project
64 | 
65 | 
66 | 
67 | === Course Assets
68 | // we may want to put this behind a email signup form
69 | If we need to provide a download this would be a great place to link to those assets.
70 | 


--------------------------------------------------------------------------------
/prism/prism.css:
--------------------------------------------------------------------------------
  1 | /* PrismJS 1.15.0
  2 | https://prismjs.com/download.html#themes=prism-tomorrow&languages=markup+css+clike+javascript+asciidoc+java+json+sql+properties+yaml&plugins=toolbar+copy-to-clipboard */
  3 | /**
  4 |  * prism.js tomorrow night eighties for JavaScript, CoffeeScript, CSS and HTML
  5 |  * Based on https://github.com/chriskempson/tomorrow-theme
  6 |  * @author Rose Pritchard
  7 |  */
  8 | 
  9 | code[class*="language-"],
 10 | pre[class*="language-"] {
 11 | 	color: #ccc;
 12 | 	background: none;
 13 | 	font-family: Consolas, Monaco, 'Andale Mono', 'Ubuntu Mono', monospace;
 14 | 	text-align: left;
 15 | 	white-space: pre;
 16 | 	word-spacing: normal;
 17 | 	word-break: normal;
 18 | 	word-wrap: normal;
 19 | 	line-height: 1.5;
 20 | 
 21 | 	-moz-tab-size: 4;
 22 | 	-o-tab-size: 4;
 23 | 	tab-size: 4;
 24 | 
 25 | 	-webkit-hyphens: none;
 26 | 	-moz-hyphens: none;
 27 | 	-ms-hyphens: none;
 28 | 	hyphens: none;
 29 | 
 30 | }
 31 | 
 32 | /* Code blocks */
 33 | pre[class*="language-"] {
 34 | 	padding: 1em;
 35 | 	margin: .5em 0;
 36 | 	overflow: auto;
 37 | }
 38 | 
 39 | :not(pre) > code[class*="language-"],
 40 | pre[class*="language-"] {
 41 | 	background: #2d2d2d;
 42 | }
 43 | 
 44 | /* Inline code */
 45 | :not(pre) > code[class*="language-"] {
 46 | 	padding: .1em;
 47 | 	border-radius: .3em;
 48 | 	white-space: normal;
 49 | }
 50 | 
 51 | .token.comment,
 52 | .token.block-comment,
 53 | .token.prolog,
 54 | .token.doctype,
 55 | .token.cdata {
 56 | 	color: #999;
 57 | }
 58 | 
 59 | .token.punctuation {
 60 | 	color: #ccc;
 61 | }
 62 | 
 63 | .token.tag,
 64 | .token.attr-name,
 65 | .token.namespace,
 66 | .token.deleted {
 67 | 	color: #e2777a;
 68 | }
 69 | 
 70 | .token.function-name {
 71 | 	color: #6196cc;
 72 | }
 73 | 
 74 | .token.boolean,
 75 | .token.number,
 76 | .token.function {
 77 | 	color: #f08d49;
 78 | }
 79 | 
 80 | .token.property,
 81 | .token.class-name,
 82 | .token.constant,
 83 | .token.symbol {
 84 | 	color: #f8c555;
 85 | }
 86 | 
 87 | .token.selector,
 88 | .token.important,
 89 | .token.atrule,
 90 | .token.keyword,
 91 | .token.builtin {
 92 | 	color: #cc99cd;
 93 | }
 94 | 
 95 | .token.string,
 96 | .token.char,
 97 | .token.attr-value,
 98 | .token.regex,
 99 | .token.variable {
100 | 	color: #7ec699;
101 | }
102 | 
103 | .token.operator,
104 | .token.entity,
105 | .token.url {
106 | 	color: #67cdcc;
107 | }
108 | 
109 | .token.important,
110 | .token.bold {
111 | 	font-weight: bold;
112 | }
113 | .token.italic {
114 | 	font-style: italic;
115 | }
116 | 
117 | .token.entity {
118 | 	cursor: help;
119 | }
120 | 
121 | .token.inserted {
122 | 	color: green;
123 | }
124 | 
125 | div.code-toolbar {
126 | 	position: relative;
127 | }
128 | 
129 | div.code-toolbar > .toolbar {
130 | 	position: absolute;
131 | 	top: .3em;
132 | 	right: .2em;
133 | 	transition: opacity 0.3s ease-in-out;
134 | 	opacity: 0;
135 | }
136 | 
137 | div.code-toolbar:hover > .toolbar {
138 | 	opacity: 1;
139 | }
140 | 
141 | div.code-toolbar > .toolbar .toolbar-item {
142 | 	display: inline-block;
143 | }
144 | 
145 | div.code-toolbar > .toolbar a {
146 | 	cursor: pointer;
147 | }
148 | 
149 | div.code-toolbar > .toolbar button {
150 | 	background: none;
151 | 	border: 0;
152 | 	color: inherit;
153 | 	font: inherit;
154 | 	line-height: normal;
155 | 	overflow: visible;
156 | 	padding: 0;
157 | 	-webkit-user-select: none; /* for button */
158 | 	-moz-user-select: none;
159 | 	-ms-user-select: none;
160 | }
161 | 
162 | div.code-toolbar > .toolbar a,
163 | div.code-toolbar > .toolbar button,
164 | div.code-toolbar > .toolbar span {
165 | 	color: #bbb;
166 | 	font-size: .8em;
167 | 	padding: 0 .5em;
168 | 	background: #f5f2f0;
169 | 	background: rgba(224, 224, 224, 0.2);
170 | 	box-shadow: 0 2px 0 0 rgba(0,0,0,0.2);
171 | 	border-radius: .5em;
172 | }
173 | 
174 | div.code-toolbar > .toolbar a:hover,
175 | div.code-toolbar > .toolbar a:focus,
176 | div.code-toolbar > .toolbar button:hover,
177 | div.code-toolbar > .toolbar button:focus,
178 | div.code-toolbar > .toolbar span:hover,
179 | div.code-toolbar > .toolbar span:focus {
180 | 	color: inherit;
181 | 	text-decoration: none;
182 | }
183 | 
184 | 


--------------------------------------------------------------------------------
/course_sections/_comments.adoc:
--------------------------------------------------------------------------------
  1 | The last piece of the UI puzzle is comments. We need to be able to list comments out for each link and we want to allow logged in users to add a new comment. 
  2 | 
  3 | ==== DatabaseLoader
  4 | 
  5 | We are going to add something to our `CommandLineRunner` so we can add some test data into our application. 
  6 | 
  7 | ```java
  8 | links.forEach((k,v) -> {
  9 |     Link link = new Link(k,v);
 10 |     linkRepository.save(link);
 11 | 
 12 |     // we will do something with comments later
 13 |     Comment spring = new Comment("Thank you for this link related to Spring Boot. I love it, great post!",link);
 14 |     Comment security = new Comment("I love that you're talking about Spring Security",link);
 15 |     Comment pwa = new Comment("What is this Progressive Web App thing all about? PWAs sound really cool.",link);
 16 |     Comment comments[] = {spring,security,pwa};
 17 |     for(Comment comment : comments) {
 18 |         commentRepository.save(comment);
 19 |         link.addComment(comment);
 20 |     }
 21 | });
 22 | ```
 23 | 
 24 | ==== List Comments
 25 | 
 26 | Now that we have some data in our database we need to list out the comments on our link page. Remember back when we added that functionality to our Link domain to get a pretty time? Well we are going to do the same to comment. 
 27 | 
 28 | ```java
 29 | public String getPrettyTime() {
 30 |     PrettyTime pt = BeanUtil.getBean(PrettyTime.class);
 31 |     return pt.format(convertToDateViaInstant(getCreationDate()));
 32 | }
 33 | 
 34 | private Date convertToDateViaInstant(LocalDateTime dateToConvert) {
 35 |     return java.util.Date.from(dateToConvert.atZone(ZoneId.systemDefault()).toInstant());
 36 | }
 37 | ```
 38 | 
 39 | Update the single comment display to loop over the list of comments for this link. 
 40 | 
 41 | ```html
 42 | <!-- single comment -->
 43 | <div class="row comment" th:each="comment : ${link.getComments()}">
 44 |     <div class="col-1">&nbsp;</div>
 45 |     <div class="col-11">
 46 |         <span><a href="#" th:text="${comment.getCreatedBy()}"><i class="far fa-user"></i> therealdanvega</a></span>
 47 |         <span th:text="${comment.getPrettyTime()}"><i class="far fa-clock"></i> 4 hours ago</span>
 48 |         <p class="body" th:text="${comment.getBody()}">It’s one thing I never care about, new releases of maven. Yet I do for most other things.. I really should take a look at any features released in the last while! Pull my dependencies, run my tests and upload to nexus. I don’t care for much else, I wonder what if any I’m missing.</p>
 49 |         <a href="#" class="permalink"><i class="fas fa-link"></i> permalink</a>
 50 |         <a href="#" class="like"><i class="far fa-thumbs-up"></i> Like</a>
 51 |     </div>
 52 | </div>
 53 | ```
 54 | 
 55 | ==== Add New Comment
 56 | 
 57 | The first thing we need to do is to update our add comment form. First, from the controllers perspective we will need to load an empty comment. To do that we will need to modify our read method in our `LinkController`.
 58 | 
 59 | ```java
 60 | @GetMapping("/link/{id}")
 61 | public String read(@PathVariable Long id,Model model) {
 62 |     Optional<Link> link = linkRepository.findById(id);
 63 |     if( link.isPresent() ) {
 64 |         Link currentLink = link.get();
 65 |         Comment comment = new Comment();
 66 |         comment.setLink(currentLink);
 67 |         model.addAttribute("comment",comment);
 68 |         model.addAttribute("link",currentLink);
 69 |         model.addAttribute("success", model.containsAttribute("success"));
 70 |         return "link/view";
 71 |     } else {
 72 |         return "redirect:/";
 73 |     }
 74 | }
 75 | ```
 76 | 
 77 | Next we will update our add form to contain a little bit more information. We need to add a form action and object. We also need to add a hidden field for the link because this isn't something the user selects. 
 78 | 
 79 | ```html
 80 | <div class="row addcomment" sec:authorize="hasRole('ROLE_USER')">
 81 |     <div class="col-1">&nbsp;</div>
 82 |     <div class="col-11">
 83 |         <form id="frmAddLink" method="POST" th:action="@{/link/comments}" th:object="${comment}">
 84 |             <input type="hidden" th:field="*{link}"/>
 85 |             <div class="form-group">
 86 |                 <textarea class="form-control" id="comment" rows="3" th:field="*{body}"></textarea>
 87 |             </div>
 88 |             <button type="submit" class="btn btn-primary">Add Comment</button>
 89 |         </form>
 90 |     </div>
 91 | </div>
 92 | ```
 93 | 
 94 | 
 95 | You might think to  create a new Comment Controller but we don't actually have to. Comments belong to this particular link so adding a new mapping to handle the post right in our `LinkController` is just fine. 
 96 | 
 97 | ```java
 98 | @PostMapping("/link/comments")
 99 | public String addComment(@Valid Comment comment, BindingResult bindingResult, Model model, RedirectAttributes redirectAttributes) {
100 |     if( bindingResult.hasErrors() ) {
101 |         logger.info("Something went wrong.");
102 |     } else {
103 |         logger.info("New Comment Saved!");
104 |         commentRepository.save(comment);
105 |     }
106 |     return "redirect:/link/" + comment.getLink().getId();
107 | }
108 | ```
109 | 


--------------------------------------------------------------------------------
/course_sections/_spring-mvc-controller.adoc:
--------------------------------------------------------------------------------
  1 | image::mvc.png[]
  2 | 
  3 | ==== Controller Introduction
  4 | 
  5 | We are now into the C in our MVC application. The C stands for controller and you can think of the controller as the traffic cop in our application. The controller handles incoming http requests and "directs traffic". Methods in your controller are mapped to HTTP
  6 | by using @RequestingMapping (or one of its composed) annotations. 
  7 | 
  8 | ===== @Controller Annotation
  9 | 
 10 | Spring MVC provides an annotation-based programming model where https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/stereotype/Controller.html[@Controller] and https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/RestController.html[@RestController] components use annotations to express request mappings, request input, exception handling, and more. Annotated controllers have flexible method signatures and do not have to extend base classes nor implement specific interfaces. The following example shows a controller defined by annotations:
 11 | 
 12 | ```java
 13 | @Controller
 14 | public class HelloController {
 15 | 
 16 |     @GetMapping("/hello")
 17 |     public String handle(Model model) {
 18 |         model.addAttribute("message", "Hello World!");
 19 |         return "index";
 20 |     }
 21 | }
 22 | ```
 23 | 
 24 | ===== @Controller,@Component, @Service (Stereo-type annotations)
 25 | 
 26 | What are all of the annotations I am seeing at the top of classes. I have seen things `@Component`, `@Controller`, `@RestController`, `@Service` and I just don't understand what they are. Luckily I have already written a pretty good article on how these all work. So if you have a chance please read through the following blog post.
 27 | 
 28 | https://therealdanvega.com/blog/2017/03/27/spring-stereotype-annotations 
 29 | 
 30 | ===== @ComponentScan
 31 | By default Spring is going to look in your base package for components. If you want to include controllers(components) outside of your base package you need to use https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/context/annotation/ComponentScan.html[@ComponentScan]
 32 | 
 33 | ```java
 34 | @SpringBootApplication
 35 | @ComponentScan(basePackages = {"com.foo.components"})
 36 | public class SpringitApplication {
 37 | 
 38 | 	private static final Logger log = LoggerFactory.getLogger(SpringitApplication.class);
 39 | 
 40 | 	public static void main(String[] args) {
 41 | 		SpringApplication.run(SpringitApplication.class, args);
 42 | 	}
 43 | 
 44 | }
 45 | ```
 46 | 
 47 | 
 48 | ==== @Controller vs @RestController
 49 | 
 50 | https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/RestController.html[@RestController] is a composed annotation that is itself meta-annotated with https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/stereotype/Controller.html[@Controller] and https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/RequestBody.html[@ResponseBody] to indicate a controller whose every method inherits the type-level @ResponseBody annotation and, therefore, writes directly to the response body versus view resolution and rendering with an HTML template.
 51 | 
 52 | If you create a templates folder under resources with an index.html file containing the following code you can switch `@RestController` to `@Controller` and see the it in action. 
 53 | 
 54 | ```html
 55 | <!DOCTYPE html>
 56 | <html lang="en">
 57 | <head>
 58 |     <meta charset="UTF-8">
 59 |     <meta name="viewport" content="width=device-width, initial-scale=1.0">
 60 |     <meta http-equiv="X-UA-Compatible" content="ie=edge">
 61 |     <title>Springit</title>
 62 | </head>
 63 | <body>
 64 | 
 65 |     <h1>Welcome to SpringIt!</h1>
 66 | 
 67 | </body>
 68 | </html>
 69 | ```
 70 | 
 71 | 
 72 | ===== @RequestMapping
 73 | 
 74 | You can use the https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/RequestMapping.html[@RequestMapping] annotation to map requests to controllers methods. It has various attributes to match by URL, HTTP method, request parameters, headers, and media types. You can use it at the class level to express shared mappings or at the method level to narrow down to a specific endpoint mapping.
 75 | 
 76 | ```java
 77 | @RequestMapping( path = "/", method = RequestMethod.GET, consumes = "application/json", produces = "application.json")
 78 | public String home(){
 79 |     return "Hello, Spring Boot 2!";
 80 | }
 81 | ```
 82 | 
 83 | There are also HTTP method specific shortcut variants of @RequestMapping:
 84 | 
 85 | * https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/GetMapping.html[@GetMapping]
 86 | * https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/PostMapping.html[@PostMapping]
 87 | * https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/PutMapping.html[@PutMapping]
 88 | * https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/DeleteMapping.html[@DeleteMapping]
 89 | * https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/PatchMapping.html[@PatchMapping]
 90 | 
 91 | 
 92 | ===== Handler Methods
 93 | 
 94 | @RequestMapping handler methods have a flexible signature and can choose from a range of supported controller method arguments and return values. I have included a link
 95 | to the documentation that covers all of the available handler method arguments. 
 96 | 
 97 | https://docs.spring.io/spring/docs/current/spring-framework-reference/web.html#mvc-ann-methods
 98 | 
 99 | 
100 | ==== Link Controller
101 | 
102 | Now that we know a little bit more about controllers and what methods are available to us we should be able to start building out the basic parts of our Link Controller. Create a new class in the controller package called `LinkController.java`. We are going to start with some stub methods and discuss a few things about how to start implementing them. 
103 | 
104 | 
105 | ```java
106 | @RestController
107 | public class LinkController {
108 | 
109 |     // list
110 |     public List<Link> list() {
111 |         return null;
112 |     }
113 | 
114 |     // CRUD
115 |     public Link create() {
116 |         return null;
117 |     }
118 |     public Link read() {
119 |         return null;
120 |     }
121 |     public Link update() {
122 |         return null;
123 |     }
124 |     public void delete() {
125 |         
126 |     }
127 | }
128 | ```
129 | 


--------------------------------------------------------------------------------
/course_sections/_service.adoc:
--------------------------------------------------------------------------------
  1 | 
  2 | When we started creating our controllers I didn't spend a lot of time on what should go in there because I just wanted us to start writing code. Now that our application has taken shape I want to revisit that.
  3 | 
  4 | Controllers are supposed to be "thin" and shouldn't contain any real business logic. The controllers job is to simply handle the request and move the user into the correct view or return the response in an API call.
  5 | 
  6 | If that's the case then where do we put all of our business logic? The answer is of course in the service layer. As you might have already noticed there is no S in MVC but this is one of those patterns that has become standard over the years. In this section we are going to cover: 
  7 | 
  8 | * What is a Service class and what should it contain
  9 | * How to create a Service class
 10 | * Creating a User Service
 11 | * Refactoring our existing controllers
 12 | * @Transactional What is it and why do we need it
 13 | 
 14 | The reason we are doing this now is because in the next section we are going to revisit the registration process. There are a lof of things that happen in that process and we need a logical place for that functionality to live. 
 15 | 
 16 | IMPORTANT: CREATE NEW BRANCH CALLED service
 17 | 
 18 | ==== User Service 
 19 | 
 20 | We are going to start off by creating a User Service in this section. Let's start to think about some of the methods that might go into our User Service. 
 21 | 
 22 | * Register
 23 |     * Save the new user
 24 |     * Send Activation Email
 25 | * Optional<User> findByInd(Long id) 
 26 | * User save(User user)
 27 | * Send Activation Email
 28 | * Find User By Email & Activation Code
 29 | 
 30 | NOTE: You will often find that your service is going to contain a lot of the methods the repository contains and that is ok, it will also contain some methods the repository doesn't.
 31 | 
 32 | Now that we know what logic our user service might contain let's start to build out the stub for it. 
 33 | 
 34 | ```java
 35 | public class UserService {
 36 | 
 37 |     private final Logger logger = LoggerFactory.getLogger(UserService.class);
 38 |     private final RoleService roleService;
 39 |     private final UserRepository userRepository;
 40 | 
 41 |     public UserService(RoleService roleService, UserRepository userRepository) {
 42 |         this.roleService = roleService;
 43 |         this.userRepository = userRepository;
 44 |     }
 45 | 
 46 |     public User register(User user) {
 47 | 
 48 |     }
 49 | 
 50 | }
 51 | ```
 52 | 
 53 | Now how can we use our new User Service class in our Authentication Controller.
 54 | 
 55 | ```java
 56 | @Controller
 57 | public class AuthController {
 58 | 
 59 |     private static final Logger logger = LoggerFactory.getLogger(AuthController.class);
 60 |     private UserService userService;
 61 | 
 62 |     public AuthController(UserService userService) {
 63 |         this.userService = userService;
 64 |     }
 65 | 
 66 | ```
 67 | 
 68 | This doesn't work right away because we haven't asked Spring to manage this class as a bean for us. We could use the top level stereotype `@Component` but Spring provides a special one for Service classes, appropriately named `@Service`
 69 | 
 70 | ```java
 71 | @Service
 72 | public class UserService {
 73 | 
 74 | }
 75 | ```
 76 | 
 77 | ==== Link Controller Refactoring
 78 | 
 79 | In this lesson we want to move anything that uses a repository class inside of our link controller to a new Link Service class.We could leave the repositories and just add additional functionality to our service class but that is just one more thing our controller needs to know about. The plan here is to keep the controller class as thin as possible.
 80 | 
 81 | 
 82 | ==== Controller Refactoring Exercise
 83 | 
 84 | We saw how to refactor the Link Controller and now we need to do that for the rest of our application. If you have any problems you can peek ahead to the the commits on this service branch. 
 85 | 
 86 | * AuthController
 87 | * VoteController
 88 | 
 89 | ==== Transactional
 90 | 
 91 | The first question we need to answer is: What is a transaction? I think the best way to answer that question is to look at an example. 
 92 | 
 93 | Say for instance we had a method that accepted 1 or 1000 users. Our job is to batch save a list user but if any one of them fails we shouldn't insert any. 
 94 | 
 95 | ```java
 96 | public void saveUsers(User... users) {
 97 |     for(User user : users) {
 98 |         logger.info("Saving User: " + user.getFullName());
 99 |         userRepository.save(user);
100 |     }
101 | }
102 | ```
103 | 
104 | In this scenario we can use a transaction to begin our method and then if any problems come up we can rollback the transaction or if everything went fine we can commit it. In this example if we saved 10 users and then hit a problem we would rollback the transaction and no users would be persisted to the database. Here is what the above method looks like from a high level under the hood when we enable transactions.
105 | 
106 | ```java
107 | public void saveUsers(User... users) {
108 |     // begin transaction
109 |     for(User user : users) {
110 |         logger.info("Saving User: " + user.getFullName());
111 |         try {
112 |             userRepository.save(user);
113 |         } catch(Exception e) {
114 |             // rollback transaction
115 |         }
116 |     }
117 |     // commit transaction
118 | }
119 | ```
120 | 
121 | If you want to enable transaction management in Spring you will need to use the https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/transaction/annotation/EnableTransactionManagement.html++[@EnableTransactionManagement] annotation on a configuration class. For the purposes of this application we can simply add it to our main application class. 
122 | 
123 | ```java
124 | @SpringBootApplication
125 | @EnableJpaAuditing
126 | @EnableTransactionManagement
127 | public class SpringitApplication {
128 | 
129 |     ...
130 | 
131 | }
132 | ```
133 | 
134 | Now that we have enabled Transaction management we can use the https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/transaction/annotation/Transactional.html++[@Transactional] annotation on our classes or methods. If we use the annotation at the class level all public methods within that class will be marked with `@Transactional`. 
135 | 
136 | ```java
137 | @Service
138 | @Transactional
139 | public class UserService {
140 | 
141 |     // will be marked with @Transactional
142 |     public User register() {
143 |         return null;
144 |     }
145 | 
146 |     // will NOT be marked with @Transactional
147 |     private void logUserRegistration() {
148 |         
149 |     }
150 | 
151 | }
152 | ```
153 | 
154 | You can also mark your methods as Transactional. 
155 | 
156 | ```java
157 | @Service
158 | @Transactional
159 | public class UserService {
160 | 
161 |     @Transactional
162 |     public User register() {
163 |         return null;
164 |     }
165 | 
166 |     private void logUserRegistration() {
167 |         
168 |     }
169 | 
170 | }
171 | ```
172 | 
173 | The reason you might mix and match these is because the `@Transactional` annotation has some properties that you can use to customize the transaction.
174 | 
175 | * The **Isolation Level** of the transaction.
176 | * The **Propogation Type** of the transaction.
177 | * A **readOnly** flag that can be set to true if the transaction is effectively read-only, allowing for corresponding optimizations at runtime.
178 | * A **Timeout** for the operation to be wrapped by the transaction
179 | * The **Rollback** rules for the transaction.
180 | 
181 | This means if I knew that all of my methods but 1 were going to be Read Only I could set that at the class level and override the 1 at the method level.
182 | 
183 | ```java
184 | @Service
185 | @Transactional(readOnly=true)
186 | public class UserService {
187 | 
188 |     @Transaction(readOnly=false)
189 |     public User register() {
190 |         return null;
191 |     }
192 | 
193 |     public User findById(Long id) {
194 |         return userRepository.findById(id);
195 |     }
196 | 
197 |     public User findByEmail(String email) {
198 |         return userRepository.findByEmail(email);
199 |     }
200 |     ...
201 | }
202 | ```
203 | 
204 | ==== Merge Service Branch
205 | 
206 | IMPORTANT: Merge Service Branch
207 | 


--------------------------------------------------------------------------------
/course_sections/_voting.adoc:
--------------------------------------------------------------------------------
  1 | ==== Voting
  2 | 
  3 | Before we can work on our voting mechanism we need to discuss what exactly it is and what we want to accomplish here. When you are looking at a list of links or posts on Reddit you have the opportunity to up vote or down vote. 
  4 | 
  5 | image::reddit_spring_boot.png[]
  6 | 
  7 | Here is an explanation right from the https://www.reddit.com/wiki/faq [Reddit FAQ] on scores.
  8 | 
  9 | **How is a submission's score determined?**
 10 | 
 11 | A submission's score is simply the number of upvotes minus the number of downvotes. If five users like the submission and three users don't it will have a score of 2. Please note that the vote numbers are not "real" numbers, they have been "fuzzed" to prevent spam bots etc. So taking the above example, if five users upvoted the submission, and three users downvote it, the upvote/downvote numbers may say 23 upvotes and 21 downvotes, or 12 upvotes, and 10 downvotes. The points score is correct, but the vote totals are "fuzzed".
 12 | 
 13 | ===== Springit Scores
 14 | 
 15 | We are going to simplify this so we don't get out of hand. We are going to allow any user the ability to up vote and down vote a link as many times as they want. The way we are going to go about this though should allow you to make a few changes and prevent this. 
 16 | 
 17 | 
 18 | ==== Vote Entity & Repository
 19 | 
 20 | The first thing we need to do to make our voting mechnaism work is to setup a Vote Entity & Repository. The Entity is going to be pretty simple and contain an id, direction and link. The direction will tell us if this record is an upvote (1) or downvote (-1).
 21 | 
 22 | ```java
 23 | @Entity
 24 | @NoArgsConstructor
 25 | @RequiredArgsConstructor
 26 | @Getter
 27 | @Setter
 28 | public class Vote extends Auditable {
 29 | 
 30 |     @Id
 31 |     @GeneratedValue
 32 |     private Long id;
 33 | 
 34 |     @NonNull
 35 |     private short direction;
 36 | 
 37 |     @NonNull
 38 |     @ManyToOne
 39 |     private Link link;
 40 | 
 41 | }
 42 | ```
 43 | 
 44 | TIP: if you want to prevent users from voting multiple times you would want to store the UserID on the vote to see if they have voted on this link already or not. 
 45 | 
 46 | We also need to make a few changes to the `Link` Entity. We are adding the association from Link to Vote but this just gives us a list of votes for each Link. If we wanted to know the total we would have to loop through our votes and sum them up right? We can't just ask for a `votes.size()` because that will just give us the number of votes, not the actual vote sum.
 47 | 
 48 | To fix this we are going to store a voteCount and start it at 0. We would not want to calculate this for each and every link every single time. 
 49 | 
 50 | ```java
 51 |     @OneToMany(mappedBy = "link")
 52 |     private List<Vote> votes = new ArrayList<>();
 53 | 
 54 |     private int voteCount = 0;
 55 | ```
 56 | 
 57 | Finally we will create a Repository for our Vote Domain. 
 58 | 
 59 | ```java
 60 | public interface VoteRepository extends JpaRepository<Vote,Long> {
 61 | 
 62 | }
 63 | ```
 64 | 
 65 | ==== Vote Controller
 66 | 
 67 | Now that we have a Vote Entity and Repository we can begin to work on our controller. We are going to create a new controller called `VoteController` and walk through what this actually needs to do. 
 68 | 
 69 | ```java
 70 | @RestController
 71 | public class VoteController {
 72 | 
 73 |     private VoteRepository voteRepository;
 74 |     private LinkRepository linkRepository;
 75 | 
 76 |     public VoteController(VoteRepository voteRepository, LinkRepository linkRepository) {
 77 |         this.voteRepository = voteRepository;
 78 |         this.linkRepository = linkRepository;
 79 |     }
 80 | 
 81 |     @Secured({"ROLE_USER"})
 82 |     @GetMapping("/vote/link/{linkID}/direction/{direction}/votecount/{voteCount}")
 83 |     public int vote(@PathVariable Long linkID, @PathVariable short direction, @PathVariable int voteCount) {
 84 |         Optional<Link> optionalLink = linkRepository.findById(linkID);
 85 |         if( optionalLink.isPresent() ) {
 86 |             Link link = optionalLink.get();
 87 |             Vote vote = new Vote(direction,link);
 88 |             voteRepository.save(vote);
 89 | 
 90 |             int updatedVoteCount = voteCount + direction;
 91 |             link.setVoteCount(updatedVoteCount);
 92 |             linkRepository.save(link);
 93 |             return updatedVoteCount;
 94 |         }
 95 | 
 96 |         return voteCount;
 97 |     }
 98 | }
 99 | ```
100 | 
101 | Now that our controller is done we need to make our front end work. 
102 | 
103 | ==== Up Vote & Down Vote
104 | 
105 | To make our up vote and down vote actually work we need to do some work on our home page. What we want to do here is add some functionality that will allow the user to click on an arrow and call our `VoteController`. 
106 | 
107 | The first thing we need to do is update our code to add a few attributes. This is just going to help us write our script that calls our API.
108 | 
109 | ```html
110 | <div class="col-1">
111 |     <div><a href="#" class="upvote" th:data-id="${link.id}"><i class="fas fa-arrow-up"></i></a></div>
112 |     <div><span th:id="|votecount-${link.id}|" class="votecount" th:text="${link.getVoteCount()}">0</span></div>
113 |     <div><a href="#" class="downvote" th:data-id="${link.id}" th:disabled="true"><i class="fas fa-arrow-down"></i></a></div>
114 | </div>
115 | ```
116 | 
117 | Next we will create a script that gets all of the vote links and adds a click event listener to them. Finally we get some data together and then call our API.
118 | 
119 | ```javascript
120 | <script>
121 |     const allvotes = document.querySelectorAll(".upvote, .downvote");
122 |     for(let i=0; i<allvotes.length; i++) {
123 |         let className = allvotes[i].className;
124 |         allvotes[i].addEventListener('click', function (event) {
125 |             const direction = className === 'upvote' ? 1 : -1;
126 |             const linkID = this.getAttribute("data-id");
127 |             const voteSum = document.getElementById('votecount-' + linkID);
128 |             const voteSumValue = voteSum.innerHTML;
129 |             fetch(`http://localhost:8080/vote/link/${linkID}/direction/${direction}/votecount/${voteSumValue}`)
130 |                 .then(response => response.json())
131 |                 .then(data => voteSum.innerHTML = data)
132 |                 .catch(err => console.error(err));
133 |         });
134 |     }
135 | </script>
136 | ```
137 | 
138 | TIP: Take a look at the H2 Console and look at the vote_count column!
139 | 
140 | Everything is starting to look pretty good but we still have one issue. Nothing is really secure and we have an issue if we aren't logged in and try to vote.
141 | 
142 | ===== Security 
143 | 
144 | The first thing we need to fix is the error that is happening when we try and vote when we aren't logged in. In our AuditorAwareImpl we try and get the authentication object and if it isn't null we get the user. The problem here is that in this case the authentication object isn't null but we actually don't have a logged in user. This is because by default there is an "anonymousUser" and we need to check for that.
145 | 
146 | ```java
147 | public class AuditorAwareImpl implements AuditorAware<String> {
148 |     @Override
149 |     public Optional<String> getCurrentAuditor() {
150 |         if(SecurityContextHolder.getContext().getAuthentication() == null || SecurityContextHolder.getContext().getAuthentication().getPrincipal().equals("anonymousUser")) {
151 |             return Optional.of("admin@gmail.com");
152 |         } else {
153 |             return Optional.of(((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getEmail());
154 |         }
155 |     }
156 | }
157 | ```
158 | 
159 | Next we want to make sure these click event listeners aren't created if you're not logged in. 
160 | 
161 | ```javascript
162 | <script sec:authorize="isFullyAuthenticated()">
163 | ```
164 | 
165 | Given that our REST API is wide open and its a GET anyone could pop a link into the address bar and vote. We want to prevent that and make sure only logged in users with the role of `ROLE_USER` can hit it. To do so we can use an annotation from `Spring Security`.
166 | 
167 | ```java
168 | @Secured({"ROLE_USER"})
169 | @GetMapping("/vote/link/{linkID}/direction/{direction}/votecount/{voteCount}")
170 | public int vote(@PathVariable Long linkID, @PathVariable short direction, @PathVariable int voteCount) {
171 |     ...
172 | }
173 | ```
174 | 
175 | To enable this we need to add one more annotation to our Security Configuration class. 
176 | 
177 | ```java
178 | @Configuration
179 | @EnableWebSecurity
180 | @EnableGlobalMethodSecurity(securedEnabled = true)
181 | public class SecurityConfiguration extends WebSecurityConfigurerAdapter { 
182 | 
183 |     ...
184 | 
185 | }
186 | ```
187 | 
188 | And with that I think we have a pretty solid voting mechanism. We can of course improve upon it but for now I think it works pretty well.
189 | 
190 | 
191 | 


--------------------------------------------------------------------------------
/_whatsnew_springfw5.adoc:
--------------------------------------------------------------------------------
  1 | ==== JDK 8+ and Java EE 7+ Baseline
  2 | * Entire framework codebase based on Java 8 source code level now.
  3 |     ** Improved readability through inferred generics, lambdas, etc.
  4 |     ** Conditional support for Java 8 features now in straight code.
  5 | * Full compatibility with JDK 9 for development and deployment.
  6 |     ** On classpath as well as module path (with stable automatic module names).
  7 |     ** Framework build and test suite passes on JDK 9 (runs on JDK 8 by default).
  8 | * Java EE 7 API level required in Spring's corresponding features now.
  9 |     ** Servlet 3.1, Bean Validation 1.1, JPA 2.1, JMS 2.0
 10 |     ** Recent servers: e.g. Tomcat 8.5+, Jetty 9.4+, WildFly 10+
 11 | * Compatibility with Java EE 8 API level at runtime.
 12 |     ** Servlet 4.0, Bean Validation 2.0, JPA 2.2, JSON Binding API 1.0
 13 |     ** Tested against Tomcat 9.0, Hibernate Validator 6.0, Apache Johnzon 1.1
 14 | 
 15 | ==== Removed Packages, Classes and Methods
 16 | * Package beans.factory.access (BeanFactoryLocator mechanism).
 17 | * Package jdbc.support.nativejdbc (NativeJdbcExtractor mechanism).
 18 | * Package mock.staticmock removed from spring-aspects module.
 19 |     ** No support for AnnotationDrivenStaticEntityMockingControl anymore.
 20 | * Packages web.view.tiles2 and orm.hibernate3/hibernate4 dropped.
 21 |     ** Minimum requirement: Tiles 3 and Hibernate 5 now.
 22 | * Dropped support: Portlet, Velocity, JasperReports, XMLBeans, JDO, Guava.
 23 |     ** Recommendation: Stay on Spring Framework 4.3.x for those if needed.
 24 | * Many deprecated classes and methods removed across the codebase.
 25 |     ** A few compromises made for commonly used methods in the ecosystem.
 26 | 
 27 | ==== General Core Revision
 28 | * JDK 8+ enhancements:
 29 |     ** Efficient method parameter access based on Java 8 reflection enhancements.
 30 |     ** Selective declarations of Java 8 default methods in core Spring interfaces.
 31 |     ** Consistent use of JDK 7 Charset and StandardCharsets enhancements.
 32 | * JDK 9 compatibility:
 33 |     ** Avoiding JDK APIs which are deprecated in JDK 9 wherever possible.
 34 |     ** Consistent instantiation via constructors (with revised exception handling).
 35 |     ** Defensive use of reflection against core JDK classes.
 36 | * Non-null API declaration at the package level:
 37 |     ** Nullable arguments, fields and return values explicitly annotated with @Nullable.
 38 |     ** Primarily for use with IntelliJ IDEA and Kotlin, but also Eclipse and FindBugs.
 39 |     ** Some Spring APIs are not tolerating null values anymore (e.g. in StringUtils).
 40 | * Resource abstraction provides isFile indicator for defensive getFile access.
 41 |     ** Also features NIO-based readableChannel accessor in the Resource interface.
 42 |     ** File system access via NIO.2 streams (no FileInput/OutputStream used anymore).
 43 | * Spring Framework 5.0 comes with its own Commons Logging bridge out of the box:
 44 |     ** spring-jcl instead of standard Commons Logging; still excludable/overridable.
 45 |     ** Autodetecting Log4j 2.x, SLF4J, JUL (java.util.logging) without any extra bridges.
 46 | * spring-core comes with ASM 6.0 (next to CGLIB 3.2.5 and Objenesis 2.6).
 47 | 
 48 | ==== Core Container
 49 | * Support for any @Nullable annotations as indicators for optional injection points.
 50 | * Functional style on GenericApplicationContext/AnnotationConfigApplicationContext
 51 |     ** Supplier-based bean registration API with bean definition customizer callbacks.
 52 | * Consistent detection of transaction, caching, async annotations on interface methods.
 53 |     ** In case of CGLIB proxies.
 54 | * XML configuration namespaces streamlined towards unversioned schemas.
 55 |     ** Always resolved against latest xsd files; no support for deprecated features.
 56 |     ** Version-specific declarations still supported but validated against latest schema.
 57 | * Support for candidate component index (as alternative to classpath scanning).
 58 | 
 59 | ==== Spring Web MVC
 60 | * Full Servlet 3.1 signature support in Spring-provided Filter implementations.
 61 | * Support for Servlet 4.0 PushBuilder argument in Spring MVC controller methods.
 62 | * MaxUploadSizeExceededException for Servlet 3.0 multipart parsing on common servers.
 63 | * Unified support for common media types through MediaTypeFactory delegate.
 64 |     ** Superseding use of the Java Activation Framework.
 65 | * Data binding with immutable objects (Kotlin / Lombok / @ConstructorProperties)
 66 | * Support for the JSON Binding API (with Eclipse Yasson or Apache Johnzon as an alternative to Jackson and GSON).
 67 | * Support for Jackson 2.9.
 68 | * Support for Protobuf 3.
 69 | * Support for Reactor 3.1 Flux and Mono as well as RxJava 1.3 and 2.1 as return values from Spring MVC controller methods targeting use of the new reactive WebClient (see below) or Spring Data Reactive repositories in Spring MVC controllers.
 70 | * New ParsingPathMatcher alternative to AntPathMatcher with more efficient parsing and extended syntax.
 71 | * @ExceptionHandler methods allow RedirectAttributes arguments (and therefore flash attributes).
 72 | * Support for ResponseStatusException as a programmatic alternative to @ResponseStatus.
 73 | * Support script engines that do not implement Invocable via direct rendering of the script provided using ScriptEngine#eval(String, Bindings), and also i18n and nested templates in ScriptTemplateView via the new RenderingContext parameter.
 74 | * Spring's FreeMarker macros (spring.ftl) use HTML output formatting now (requiring FreeMarker 2.3.24+).
 75 | 
 76 | ==== Spring WebFlux
 77 | * New spring-webflux module, an alternative to spring-webmvc built on a reactive foundation -- fully asynchronous and non-blocking, intended for use in an event-loop execution model vs traditional large thread pool with thread-per-request execution model.
 78 | * Reactive infrastructure in spring-core such as Encoder and Decoder for encoding and decoding streams of Objects; DataBuffer abstraction, e.g. for using Java ByteBuffer or Netty ByteBuf; ReactiveAdapterRegistry for transparent support of reactive libraries in controller method signatures.
 79 | * Reactive infrastructure in spring-web including HttpMessageReader and HttpMessageWriter that build on and delegate to Encoder and Decoder; server HttpHandler with adapters to (non-blocking) runtimes such as Servlet 3.1+ containers, Netty, and Undertow; WebFilter, WebHandler and other non-blocking contract alternatives to Servlet API equivalents.
 80 | * @Controller style, annotation-based, programming model, similar to Spring MVC, but supported in WebFlux, running on a reactive stack, e.g. capable of supporting reactive types as controller method arguments, never blocking on I/O, respecting backpressure all the way to the HTTP socket, and running on extra, non-Servlet containers such as Netty and Undertow.
 81 | * New functional programming model ("WebFlux.fn") as an alternative to the @Controller, annotation-based, programming model -- minimal and transparent with an endpoint routing API, running on the same reactive stack and WebFlux infrastructure.
 82 | * New WebClient with a functional and reactive API for HTTP calls, comparable to the RestTemplate but through a fluent API and also excelling in non-blocking and streaming scenarios based on WebFlux infrastructure; in 5.0 the AsyncRestTemplate is deprecated in favor of the WebClient.
 83 | 
 84 | ==== Kotlin support
 85 | * Null-safe API when using Kotlin 1.1.50 or higher.
 86 | * Support for Kotlin immutable classes with optional parameters and default values.
 87 | * Functional bean definition Kotlin DSL.
 88 | * Functional routing Kotlin DSL for WebFlux.
 89 | * Leveraging Kotlin reified type parameters to avoid specifying explicitly the Class to use for serialization/deserialization in various APIs like RestTemplate or WebFlux APIs.
 90 | * Kotlin null-safety support for @Autowired/@Inject and @RequestParam/@RequestHeader/etc annotations in order to determine if an injection point or handler method parameter is required or not.
 91 | * Kotlin script support in ScriptTemplateView for both Spring MVC and Spring WebFlux.
 92 | * Array-like setters added to Model, ModelMap and Environment.
 93 | * Support for Kotlin autowired constructor with optional parameters.
 94 | * Kotlin reflection is used to determine interface method parameters.
 95 | 
 96 | ==== Testing Improvements
 97 | * Complete support for JUnit 5's Jupiter programming and extension models in the Spring TestContext Framework.
 98 |     ** SpringExtension: an implementation of multiple extension APIs from JUnit Jupiter that provides full support for the existing feature set of the Spring TestContext Framework. This support is enabled via @ExtendWith(SpringExtension.class).
 99 |     ** @SpringJUnitConfig: a composed annotation that combines @ExtendWith(SpringExtension.class) from JUnit Jupiter with @ContextConfiguration from the Spring TestContext Framework.
100 |     ** @SpringJUnitWebConfig: a composed annotation that combines @ExtendWith(SpringExtension.class) from JUnit Jupiter with @ContextConfiguration and @WebAppConfiguration from the Spring TestContext Framework.
101 |     ** @EnabledIf: signals that the annotated test class or test method is enabled if the supplied SpEL expression or property placeholder evaluates to true.
102 |     ** @DisabledIf: signals that the annotated test class or test method is disabled if the supplied SpEL expression or property placeholder evaluates to true.
103 | * Support for parallel test execution in the Spring TestContext Framework.
104 | * New before and after test execution callbacks in the Spring TestContext Framework with support for TestNG, JUnit 5, and JUnit 4 via the SpringRunner (but not via JUnit 4 rules).
105 |     ** New beforeTestExecution() and afterTestExecution() callbacks in the TestExecutionListener API and TestContextManager.
106 | * MockHttpServletRequest now has getContentAsByteArray() and getContentAsString() methods for accessing the content (i.e., request body).
107 | * The print() and log() methods in Spring MVC Test now print the request body if the character encoding has been set in the mock request.
108 | * The redirectedUrl() and forwardedUrl() methods in Spring MVC Test now support URI templates with variable expansion.
109 | * XMLUnit support upgraded to 2.3.
110 | 
111 | This information came straight from the https://github.com/spring-projects/spring-framework/wiki/What's-New-in-Spring-Framework-5.x[Spring Framework Wiki].
112 | 


--------------------------------------------------------------------------------
/course_sections/_database.adoc:
--------------------------------------------------------------------------------
  1 | 
  2 | 
  3 | In the last section we took a look at how we build out our entities and repositories. We also learned that our entities map directly to a database table. The question that remains is where is this database located? Is it being created for us or is this up to us? We are going 
  4 | to answer these questions and more in this section. 
  5 | 
  6 | * Database Configuration
  7 |     ** Common Database Properties
  8 |     ** H2 vs MySQL
  9 |     ** SQL Logging
 10 |     ** Hibernate logging level DEBUG
 11 | * Database Initialization
 12 |     ** Hibernate DDL
 13 |     ** schema.sql
 14 |     ** data.sql
 15 | * CommandLineRunner
 16 | 
 17 | ---
 18 | 
 19 | ==== Common Application Properties
 20 | 
 21 | If you can't always remember what properties can be set in your application.properties there is a really good reference at the link below.
 22 | 
 23 | https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html 
 24 | 
 25 | * DATASOURCE (DataSourceAutoConfiguration & DataSourceProperties)
 26 | * JPA (JpaBaseConfiguration, HibernateJpaAutoConfiguration)
 27 | * H2 Web Console
 28 | 
 29 | ==== H2
 30 | 
 31 | These settings will get us going using H2. Please remember that every time you stop your app you will lose your data, this is just how an in-memory database works. 
 32 | 
 33 | ```xml
 34 | <dependency>
 35 | 	<groupId>com.h2database</groupId>
 36 | 	<artifactId>h2</artifactId>
 37 | 	<scope>runtime</scope>
 38 | </dependency>
 39 | ```
 40 | 
 41 | ```properties
 42 | spring.h2.console.enabled=true
 43 | spring.h2.console.path=/h2-console
 44 | 
 45 | #datasource (default to testdb)
 46 | spring.datasource.name=springit
 47 | # sa | empty password
 48 | #spring.datasource.username=
 49 | #spring.datasource.password=
 50 | 
 51 | #JPA & Hibernate
 52 | #spring.jpa.hibernate.ddl-auto=create-drop
 53 | spring.jpa.show-sql=true
 54 | ```
 55 | 
 56 | ==== MySQL
 57 | 
 58 | In the previous lesson we looked at how to use the H2 in-memory database. That is great for getting started but at some point we will want to move to a production ready database like MySQL. If you are using some other DBMS just do a quick search for what your settings will look like.
 59 | 
 60 | ```xml
 61 | <dependency>
 62 | 	<groupId>mysql</groupId>
 63 | 	<artifactId>mysql-connector-java</artifactId>
 64 | </dependency>
 65 | ```
 66 | 
 67 | Unlike H2 we need to at least create the database in MySQL. We don't need to create any of the schema yet, but we need an empty database for us to use.
 68 | 
 69 | image::mysql_empty_schema.png[]
 70 | 
 71 | With a schema in place we can setup our MySQL specific datasource properties.
 72 | 
 73 | 
 74 | ```properties
 75 | #DDL mode. This is actually a shortcut for the "hibernate.hbm2ddl.auto"
 76 | #property. Defaults to "create-drop" when using an embedded database and no
 77 | #schema manager was detected. Otherwise, defaults to "none".
 78 | # create | create-drop | none | update | validate
 79 | #spring.jpa.hibernate.ddl-auto=
 80 | 
 81 | 
 82 | # mysql settings
 83 | spring.jpa.hibernate.ddl-auto=create
 84 | spring.datasource.url=jdbc:mysql://localhost:3306/springit?useSSL=false
 85 | spring.datasource.username=springit
 86 | spring.datasource.password=password
 87 | ```
 88 | 
 89 | *MySQL Use SSL*
 90 | 
 91 | ```
 92 | Wed Jul 11 07:15:23 EDT 2018 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
 93 | ```
 94 | 
 95 | image::mysql_show_tables.png[]
 96 | 
 97 | With MySQL (and most other DBMS) you will need to give a user permissions to the database you setup. In our case we created a user called springit in MySQL Workbench and gave it privileges to access the database. 
 98 | 
 99 | image::mysql_user_permissions.png[]
100 | 
101 | ==== Initialize a database
102 | 
103 | A database can be initialized in different ways depending on what your stack is. Of course, you can also do it manually, provided the database is a separate process.
104 | 
105 | https://docs.spring.io/spring-boot/docs/current/reference/html/howto-database-initialization.html
106 | 
107 | https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#howto-initialize-a-database-using-spring-jdbc
108 | 
109 | If you're using Spring boot 2, database initialization only works for embedded databases (H2, HSQLDB, ...). If you want to use it for other databases as well, you need to change the spring.datasource.initialization-mode property:
110 | 
111 | ```
112 | spring.datasource.initialization-mode=always
113 | ```
114 | 
115 | Also make sure that you are no longer letting Hibernate create and drop the db for you.
116 | 
117 | ```
118 | spring.jpa.hibernate.ddl-auto=none
119 | ```
120 | 
121 | NOTE: If you're going to create a script for database initialization it can't be empty. If you just create the file and run the application you will see an error that looks like this.
122 | 
123 | ```
124 | Invocation of init method failed; nested exception is org.springframework.jdbc.datasource.init.UncategorizedScriptException: Failed to execute database script from resource [URL [file:/Users/vega/dev/spring-boot-2/springit/target/classes/data.sql]]; nested exception is java.lang.IllegalArgumentException: 'script' must not be null or empty
125 | 	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1710) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
126 | ```
127 | 
128 | ==== Command Line Runner
129 | 
130 | A https://docs.spring.io/spring-boot/docs/current/api/org/springframework/boot/CommandLineRunner.html[`Command Line Runner`] is an interface that contains a single method. It is because of this single method that it is marked as a Functional Interface and we can therefore implement with a Lambda and can avoid creating a separate class to do so. 
131 | 
132 | ```java
133 | /*
134 |  * Copyright 2012-2017 the original author or authors.
135 |  *
136 |  * Licensed under the Apache License, Version 2.0 (the "License");
137 |  * you may not use this file except in compliance with the License.
138 |  * You may obtain a copy of the License at
139 |  *
140 |  *      http://www.apache.org/licenses/LICENSE-2.0
141 |  *
142 |  * Unless required by applicable law or agreed to in writing, software
143 |  * distributed under the License is distributed on an "AS IS" BASIS,
144 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
145 |  * See the License for the specific language governing permissions and
146 |  * limitations under the License.
147 |  */
148 | 
149 | package org.springframework.boot;
150 | 
151 | import org.springframework.core.Ordered;
152 | import org.springframework.core.annotation.Order;
153 | 
154 | /**
155 |  * Interface used to indicate that a bean should <em>run</em> when it is contained within
156 |  * a {@link SpringApplication}. Multiple {@link CommandLineRunner} beans can be defined
157 |  * within the same application context and can be ordered using the {@link Ordered}
158 |  * interface or {@link Order @Order} annotation.
159 |  * <p>
160 |  * If you need access to {@link ApplicationArguments} instead of the raw String array
161 |  * consider using {@link ApplicationRunner}.
162 |  *
163 |  * @author Dave Syer
164 |  * @see ApplicationRunner
165 |  */
166 | @FunctionalInterface
167 | public interface CommandLineRunner {
168 | 
169 | 	/**
170 | 	 * Callback used to run the bean.
171 | 	 * @param args incoming main method arguments
172 | 	 * @throws Exception on error
173 | 	 */
174 | 	void run(String... args) throws Exception;
175 | 
176 | }
177 | 
178 | ```
179 | 
180 | Command Line Runner API: 
181 | 
182 | https://docs.spring.io/spring-boot/docs/current/api/org/springframework/boot/CommandLineRunner.html 
183 | 
184 | 
185 | We could create classes that implement the Command Line Runner if you had the need to do multiple things and or didn't want to put a ton of extra code in your main application class.
186 | 
187 | ```java
188 | package com.vega.springit;
189 | 
190 | import org.springframework.boot.CommandLineRunner;
191 | import org.springframework.core.annotation.Order;
192 | import org.springframework.stereotype.Component;
193 | 
194 | @Component
195 | @Order(1)
196 | public class DatabaseLoader implements CommandLineRunner {
197 | 
198 |     @Override
199 |     public void run(String... args) throws Exception {
200 |         // do some database work
201 |         System.out.println("DatabaseLoader...");
202 |     }
203 | }
204 | 
205 | ```
206 | 
207 | ```java
208 | package com.vega.springit;
209 | 
210 | import org.springframework.boot.CommandLineRunner;
211 | import org.springframework.core.annotation.Order;
212 | import org.springframework.stereotype.Component;
213 | 
214 | @Component
215 | @Order(2)
216 | public class SomeOtherRunner implements CommandLineRunner {
217 |     @Override
218 |     public void run(String... args) throws Exception {
219 |         // do some other work
220 |         System.out.println("SomeOtherRunner...");
221 |     }
222 | }
223 | ```
224 | 
225 | For this example of just loading a few records though I am going to use my main application class.
226 | 
227 | ```java
228 | @Bean
229 | CommandLineRunner runner() {
230 |     return args -> {
231 | 
232 |     };
233 | }
234 | ```
235 | 
236 | We still need to tell Spring about our Command Line Runner to make this work. In the concrete class example we marked it as a component but that won't work for us here. The main application is annotated with SpringBootApplication which is made up of @EnableAutoConfiguration which marks this class as a configuration class.
237 | 
238 |  @Configuration indicates that a class declares one or more @Bean methods and may be processed by the Spring container to generate bean definitions and service requests for those beans at runtime
239 | 
240 | 
241 | ```java
242 | @Target(ElementType.TYPE)
243 | @Retention(RetentionPolicy.RUNTIME)
244 | @Documented
245 | @Inherited
246 | @SpringBootConfiguration
247 | @EnableAutoConfiguration
248 | @ComponentScan(excludeFilters = {
249 | 		@Filter(type = FilterType.CUSTOM, classes = TypeExcludeFilter.class),
250 | 		@Filter(type = FilterType.CUSTOM, classes = AutoConfigurationExcludeFilter.class) })
251 | public @interface SpringBootApplication { }
252 | ```
253 | 
254 | ```java
255 | @Bean
256 | CommandLineRunner runner(LinkRepository linkRepository, CommentRepository commentRepository) {
257 |     return args -> {
258 |         Link link = new Link("Getting Started with Spring Boot 2","https://therealdanvega.com/spring-boot-2");
259 |         linkRepository.save( link );
260 | 
261 |         Comment comment = new Comment("This Spring Boot 2 Link is awesome",link);
262 |         commentRepository.save(comment);
263 |         link.addComment(comment);
264 | 
265 |         System.out.println(link.getComments());
266 |     };
267 | }
268 | ```
269 | 
270 | If you want to learn more about the Command Line Runner Interface I wrote up an article on it that you can read below.
271 | 
272 | https://therealdanvega.com/blog/2017/04/07/spring-boot-command-line-runner
273 | 
274 | image::command_line_runner.png[]
275 | 
276 | 
277 | 


--------------------------------------------------------------------------------
/course_sections/_spring-mvc-model.adoc:
--------------------------------------------------------------------------------
  1 | 
  2 | image::mvc.png[]
  3 | 
  4 | In the project overview section we discussed the domain model. For reference I have included our basic model diagram
  5 | below. Please remember that this is probably going to change as we begin to build out our application but this should
  6 | give us what we need to get started.
  7 | 
  8 | image::domain_model.png[]
  9 | 
 10 | Now that we know what we need to build, how are we going to build it?
 11 | 
 12 | ==== JPA
 13 | 
 14 | The Java Persistence API (JPA) is a Java application programming interface specification that describes the management of relational data in applications using Java Platform, Standard Edition and Java Platform, Enterprise Edition.
 15 | 
 16 | Persistence in this context covers three areas:
 17 | 
 18 | * The API itself, defined in the https://javaee.github.io/javaee-spec/javadocs/javax/persistence/package-summary.html[javax.persistence] package
 19 | * The Java Persistence Query Language (JPQL)
 20 | * object/relational metadata
 21 | 
 22 | TIP: Class => Database Table +
 23 | 
 24 | JPA is just the specification and by itself isn't all that usefull. What you need is a JPA provider that implements the specification. A couple of the most popular implementations are:
 25 | 
 26 | * Hibernate
 27 | * Eclipse Link
 28 | 
 29 | ==== Spring Data
 30 | Spring Data’s mission is to provide a familiar and consistent, Spring-based programming model for data access while still retaining the special traits of the underlying data store. 
 31 | 
 32 | https://projects.spring.io/spring-data/[Spring Data]
 33 | 
 34 | ==== Spring Data JPA
 35 | 
 36 | https://projects.spring.io/spring-data-jpa/[Spring Data JPA]
 37 | 
 38 | 
 39 | Implementing a data access layer of an application has been cumbersome for quite a while. Too much boilerplate code has to be written to execute simple queries as well as perform pagination, and auditing. Spring Data JPA aims to significantly improve the implementation of data access layers by reducing the effort to the amount that’s actually needed. As a developer you write your repository interfaces, including custom finder methods, and Spring will provide the implementation automatically.
 40 | 
 41 | TIP: Spring Data JPA uses Hibernate under the hood. Through a Spring Boot Starter and Auto Configuration you don't have to do much to get Hibernate setup. This is huge because this is one of the things that deters people from starting with Hibernate in the first place.
 42 | 
 43 | *Spring Data JPA Dependencies*
 44 | 
 45 | You can select Spring Data JPA as one of the options using the Spring Initializr or by adding the following dependency to your pom.xml
 46 | 
 47 | ```xml
 48 | <dependency>
 49 |     <groupId>org.springframework.boot</groupId>
 50 |     <artifactId>spring-boot-starter-data-jpa</artifactId>
 51 | </dependency>
 52 | ```
 53 | 
 54 | NOTE: What dependencies does the spring-boot-starter-data-jpa include?
 55 | 
 56 | ---
 57 | 
 58 | ==== Entities
 59 | Now that we know a little bit about Spring Data it's time we start to create our entities. Before we do so this is a good time
 60 | to create a new branch to work on our new feature. 
 61 | 
 62 | ```
 63 | git checkout -b spring-mvc-model
 64 | ```
 65 | 
 66 | .Link Entity
 67 | ```java
 68 | import javax.persistence.Entity;
 69 | import javax.persistence.GeneratedValue;
 70 | import javax.persistence.Id;
 71 | 
 72 | @Entity
 73 | public class Link {
 74 | 
 75 |     @Id
 76 |     @GeneratedValue
 77 |     private Long id;
 78 |     private String title;
 79 |     private String url;
 80 | 
 81 |     // comments
 82 | }
 83 | ```
 84 | 
 85 | .Comment Entity
 86 | ```java
 87 | import javax.persistence.Entity;
 88 | import javax.persistence.GeneratedValue;
 89 | import javax.persistence.Id;
 90 | 
 91 | @Entity
 92 | public class Comment {
 93 |     
 94 |     @Id
 95 |     @GeneratedValue
 96 |     private Long id;
 97 |     private String body;
 98 | 
 99 |     //private Link link;
100 |     
101 | }
102 | ```
103 | .Vote Stub (We will come back to this later)
104 | ```java
105 | public class Vote {
106 | 
107 |     @Id @GeneratedValue
108 |     private Long id;
109 |     private User user;
110 |     private Link link;
111 |     private int vote;
112 | 
113 | }
114 | ```
115 | 
116 | Just a few things to point out about our entities
117 | 
118 | * You will need a public no arg constructor.
119 | * You will need getters and setters for your properties.
120 | * You will need a toString method for you entity.
121 | * You will want an equals and hash code method to check for equality.
122 | 
123 | *Common Entity Annotations*
124 | 
125 | When working with Entities these are some of the more common annotations you will be using to provide metadata about your objects. 
126 | 
127 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/Entity.html[@Entity]
128 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/Table.html[@Table]
129 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/Id.html[@Id]
130 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/GeneratedValue.html[@GeneratedValue]
131 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/Column.html[@Column]
132 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/Transient.html[@Transient]
133 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/OrderBy.html[@OrderBy]
134 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/Version.html[@Version]
135 | 
136 | 
137 | ==== Project Lombok
138 | 
139 | Project Lombok is a java library that automatically plugs into your editor and build tools, spicing up your java.
140 | Never write another getter or equals method again.
141 | 
142 | https://projectlombok.org/[Project Lombok]
143 | 
144 | The Lombok website has installation instructions for whatever IDE you are using. It isn't enough to just install
145 | the dependency, you must follow the instructions for your IDE.
146 | 
147 | image::lombok_install.png[]
148 | 
149 | https://projectlombok.org/setup/intellij[IntelliJ Installation]
150 | 
151 | If you can't get the Lombok plugin to work in IntelliJ you will need to make sure annotation processing is turned on for your project.
152 | 
153 | image::lombok_annotation_processing.png[]
154 | 
155 | .Lombok Dependency
156 | ```xml
157 | <dependency>
158 |     <groupId>org.projectlombok</groupId>
159 |     <artifactId>lombok</artifactId>
160 |     <optional>true</optional>
161 | </dependency>
162 | ```
163 | 
164 | ==== Repositories
165 | 
166 | The central interface in the Spring Data repository abstraction is https://docs.spring.io/spring-data/commons/docs/current/api/org/springframework/data/repository/Repository.html[Repository]. It takes the domain class to manage as well as the ID type of the domain class as type arguments. This interface acts primarily as a marker interface to capture the types to work with and to help you to discover interfaces that extend this one.
167 | 
168 | .LinkRepository.java
169 | ```java
170 | import com.vega.springit.domain.Link;
171 | import org.springframework.data.jpa.repository.JpaRepository;
172 | 
173 | public interface LinkRepository extends JpaRepository<Link,Long> {
174 | 
175 | }
176 | ```
177 | 
178 | .CommentRepository.java
179 | ```java
180 | public interface CommentRepository extends JpaRepository<Comment,Long> {
181 | 
182 | }
183 | ```
184 | 
185 | *Repository Intefaces*
186 | 
187 | * https://docs.spring.io/spring-data/commons/docs/current/api/org/springframework/data/repository/CrudRepository.html[CrudRepository]
188 | * https://docs.spring.io/spring-data/commons/docs/current/api/org/springframework/data/repository/PagingAndSortingRepository.html?is-external=true[PagingAndSortingRepository]
189 | * https://docs.spring.io/spring-data/jpa/docs/current/api/org/springframework/data/jpa/repository/JpaRepository.html[JpaRepository]
190 | 
191 | 
192 | NOTE: Spring Data also provides persistence technology-specific abstractions, such as JpaRepository or MongoRepository. Those interfaces extend CrudRepository and expose the capabilities of the underlying persistence technology in addition to the rather generic persistence technology-agnostic interfaces such as CrudRepository.
193 | 
194 | *Custom Queries* 
195 | 
196 | Extending one of those repositories will give us a lot of functionality out of the box and is usually enough to get started. When you start building out your application you will undoubtedly need more queries than the base repositories give you. We have a couple ways that we can define our custom queries and we will go over them below. 
197 | 
198 | *Named Queries* 
199 | 
200 | ```java
201 | @Entity
202 | @NamedQuery(name = "User.findByEmailAddress",query = "select u from User u where u.emailAddress = ?1")
203 | public class User {
204 | 
205 | }
206 | ```
207 | 
208 | *Query Methods*
209 | 
210 | Using named queries to declare queries for entities is a valid approach and works fine for a small number of queries. As the queries themselves are tied to the Java method that executes them, you can actually bind them directly by using the Spring Data JPA @Query annotation rather than annotating them to the domain class. This frees the domain class from persistence specific information and co-locates the query to the repository interface.
211 | 
212 | ```java
213 | public interface UserRepository extends JpaRepository<User, Long> {
214 | 
215 |   @Query("select u from User u where u.emailAddress = ?1")
216 |   User findByEmailAddress(String emailAddress);
217 | }
218 | ```
219 | 
220 | The previous example used JPQL. The @Query annotation allows for running native queries by setting the nativeQuery flag to true, as shown in the following: 
221 | 
222 | ```java
223 | public interface UserRepository extends JpaRepository<User, Long> {
224 | 
225 |   @Query(value = "SELECT * FROM USERS WHERE EMAIL_ADDRESS = ?1", nativeQuery = true)
226 |   User findByEmailAddress(String emailAddress);
227 | }
228 | ```
229 | 
230 | The JPA module supports defining a query manually as a String or having it being derived from the method name. 
231 | 
232 | ```java
233 | public interface UserRepository extends Repository<User, Long> {
234 | 
235 |   List<User> findByEmailAddressAndLastname(String emailAddress, String lastname);
236 | }
237 | ```
238 | https://docs.spring.io/spring-data/jpa/docs/current/reference/html/#jpa.query-methods
239 | 
240 | 
241 | 
242 | 
243 | We will see more of this as we go throughout the course and as we need custom queries. 
244 | 
245 | ---
246 | 
247 | ==== Entity Relationships (Mappings)
248 | 
249 | Mappings are a key feature of Hibernate and JPA. They allow us to model the relationships between two tables in your domain objects as properties.
250 | 
251 | image::domain_model.png[]
252 | 
253 | JPA Mapping Annotations
254 | 
255 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/OneToOne.html[OneToOne Annotation]
256 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/OneToMany.html[OneToMany Annotation]
257 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/ManyToOne.html[ManyToOne Annotation]
258 | * https://javaee.github.io/javaee-spec/javadocs/javax/persistence/ManyToMany.html[ManyToMany Annotation]
259 | 
260 | *Thoughts on Java*
261 | 
262 | This is a really great article from Thorben Janssen on asoociation mappings in Hibernate. If you're going to start working with JPA and Hibernate his website https://www.thoughts-on-java.org[Thoughts on Java] is a must bookmark. 
263 | 
264 | https://www.thoughts-on-java.org/ultimate-guide-association-mappings-jpa-hibernate/[Ultimate Guide – Association Mappings with JPA and Hibernate]
265 | 
266 | When we create a bi-directional mapping we have a decision to make. What type should the collection be, a list or a set. This is something to think about and I have included another great article from Thorben on the subject. 
267 | 
268 | https://www.thoughts-on-java.org/association-mappings-bag-list-set/[Bag vs Set vs List]
269 | 
270 | Hibernate Tips Book on Amazon
271 | 
272 | https://www.amazon.com/Hibernate-Tips-solutions-common-problems-ebook/dp/B06XXGYZHS/ref=sr_1_1?tag=toj04-20
273 | 
274 | ---
275 | 
276 | ==== Auditing
277 | 
278 | Spring Data provides sophisticated support to transparently keep track of who created or changed an entity and when the change happened. To benefit from that functionality, you have to equip your entity classes with auditing metadata that can be defined either using annotations or by implementing an interface.
279 | 
280 | https://docs.spring.io/spring-data/jpa/docs/current/reference/html/#auditing[Spring Data JPA Auditing]
281 | 
282 | .Auditing Annotations
283 | ```java
284 | @CreatedDate
285 | private LocalDateTime createdDate;
286 | 
287 | @LastModifiedDate
288 | private LocalDateTime lastUpdatedDate;
289 | 
290 | @CreatedBy
291 | private String createdBy;
292 | 
293 | @LastModifiedBy
294 | private String modifiedBy;
295 | ```
296 | 
297 | The final step is to enable JPA Auditing and to do so we simply need to add the following annotation to a configuration class.
298 | 
299 | .How to Enable JPA Auditing
300 | ```java
301 | @SpringBootApplication
302 | @EnableJpaAuditing
303 | public class SpringitApplication {
304 | 
305 | 	private static final Logger log = LoggerFactory.getLogger(SpringitApplication.class);
306 | 
307 | 	public static void main(String[] args) {
308 | 		SpringApplication.run(SpringitApplication.class, args);
309 | 	}
310 | 
311 | }
312 | ```
313 | 
314 | This is the easy approach but at some point we will to log the user that created and modified a record. To do so we
315 | can simply create a configuration class and make our Enable Jpa Auditing aware of the current logged in user.
316 | 
317 | .Auditor Aware Configuration
318 | ```java
319 | @Configuration
320 | @EnableJpaAuditing(auditorAwareRef = "auditorAware")
321 | public class JpaConfig {
322 |     @Bean
323 |     public AuditorAware<String> auditorAware() {
324 |         return new AuditorAwareImpl();
325 |     }
326 | 
327 | }
328 | ```
329 | 
330 | .Auditor Aware Implementation
331 | ```java
332 | public class AuditorAwareImpl implements AuditorAware<String> {
333 |     @Override
334 |     public Optional<String> getCurrentAuditor() {
335 |         return Optional.of(((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername());
336 |     }
337 | }
338 | ```
339 | If you have a bunch of classes that are going to be auditable you could take this route. Create an abastract class
340 | called Auditable and make it a https://javaee.github.io/javaee-spec/javadocs/javax/persistence/MappedSuperclass.html[mapped super class]. When your class needs to have these auditable features simply extend this class.
341 | 
342 | .Auditable Mapped Super Class
343 | ```java
344 | import org.springframework.data.annotation.CreatedBy;
345 | import org.springframework.data.annotation.CreatedDate;
346 | import org.springframework.data.annotation.LastModifiedBy;
347 | import org.springframework.data.annotation.LastModifiedDate;
348 | import org.springframework.data.jpa.domain.support.AuditingEntityListener;
349 | 
350 | import javax.persistence.EntityListeners;
351 | import javax.persistence.MappedSuperclass;
352 | import java.time.LocalDateTime;
353 | 
354 | @MappedSuperclass
355 | @EntityListeners(AuditingEntityListener.class)
356 | public abstract class Auditable {
357 | 
358 |     @CreatedBy
359 |     private String createdBy;
360 | 
361 |     @CreatedDate
362 |     private LocalDateTime creationDate;
363 | 
364 |     @LastModifiedBy
365 |     private String lastModifiedBy;
366 | 
367 |     @LastModifiedDate
368 |     private LocalDateTime lastModifiedDate;
369 | 
370 |     public String getCreatedBy() {
371 |         return createdBy;
372 |     }
373 | 
374 |     public void setCreatedBy(String createdBy) {
375 |         this.createdBy = createdBy;
376 |     }
377 | 
378 |     public LocalDateTime getCreationDate() {
379 |         return creationDate;
380 |     }
381 | 
382 |     public void setCreationDate(LocalDateTime creationDate) {
383 |         this.creationDate = creationDate;
384 |     }
385 | 
386 |     public String getLastModifiedBy() {
387 |         return lastModifiedBy;
388 |     }
389 | 
390 |     public void setLastModifiedBy(String lastModifiedBy) {
391 |         this.lastModifiedBy = lastModifiedBy;
392 |     }
393 | 
394 |     public LocalDateTime getLastModifiedDate() {
395 |         return lastModifiedDate;
396 |     }
397 | 
398 |     public void setLastModifiedDate(LocalDateTime lastModifiedDate) {
399 |         this.lastModifiedDate = lastModifiedDate;
400 |     }
401 | }
402 | ```
403 | 
404 | ```java
405 | @Entity
406 | public class Link extends Auditable { }
407 | ```
408 | 
409 | 


--------------------------------------------------------------------------------
/_whatsnew_springboot2.adoc:
--------------------------------------------------------------------------------
  1 | :imagesdir: images/
  2 | 
  3 | image::pexels-photo-273238-2.jpeg[]
  4 | 
  5 | ==== Spring Boot History
  6 | Before we dive into what’s new I want to take this chance to take a quick look at the history of Spring Boot. In a blog post published in August 2013, Phil Webb announced the first milestone release of a new project called Spring Boot.
  7 | ____
  8 | Spring Boot aims to make it easy to create Spring-powered, production-grade applications and services with minimum fuss. It takes an opinionated view of the Spring platform so that new and existing users can quickly get to the bits they need. You can use it to create stand-alone Java applications that can be started using ‘java -jar’ or more traditional WAR deployments. 
  9 | ____
 10 | 
 11 | 
 12 | About 9 months later in April 2014 Spring Boot 1.0 was released. Since then there have been numerous minor releases that have brought us some really great features. 
 13 | 
 14 | * Spring Boot 1.1 (June 2014) 
 15 |     ** spring-boot-starter-test
 16 |     ** Metrics & Health Endpoints
 17 |     ** Elastic Search, Apache Solr, Spring Social & Spring Integration Auto-configuration 
 18 |     ** Additional Templating support (Adding Freemaker, Groov, and Velocity)
 19 | * Spring Boot 1.2 (March 2015) 
 20 |     ** Servlet 3.1, Tomcat 8 & Jetty 9
 21 |     ** Spring 4.1
 22 |     ** @SpringBootApplication Annotation
 23 |     ** Email Support
 24 | * Spring Boot 1.3 (December 2016)
 25 |     ** Upgrade to Spring Framework 4.2
 26 |     ** Upgrade to Spring Security 4.0
 27 |     ** Developer Tools
 28 |     ** Caching Auto-configuration 
 29 |     ** Fully executable JARs and service support
 30 | * Spring Boot 1.4 (January 2017)
 31 |     ** Spring 4.3
 32 |     ** Hibernate 5
 33 |     ** Testing Improvements
 34 |     ** Integration Starter
 35 |     ** Couchbase and Neo4J Support
 36 | * Spring Boot 1.5 (February 2017)
 37 |     ** Loggers endpoint
 38 |     ** Apache Kafka support
 39 |     ** Cloud Foundry actuator extensions
 40 |     ** LDAP support
 41 |     ** Testing updates
 42 | 
 43 | ==== What's new in Spring 
 44 | What's new in Spring Boot 2? If we are going to talk about the biggest feature we need to start with the upgrade to Spring Framework 5. While Spring Framework 5 has been out since September 2017, most developers (like me) have been waiting for the release of Spring Boot 2. Spring Framework 5 introduces a long list of new features but I just want to touch on a few of the major ones here.
 45 | 
 46 | ===== What’s new in Spring Framework 5
 47 | image::mark-solarski-209233-unsplash.jpg[]
 48 | 
 49 | *Java 8+ Baseline*
 50 | 
 51 | If you wish to build Spring Framework applications going forward you must be on a minimum of Java 8. Your first thought might be this is a great change for all of us but in fact its an even bigger one for the Spring team. This gave them a chance to make some major changes to update the code base to all the new features in Java 8 like Lambdas and streams. This not only ads readability throughout the code but also offers some performance improvements to the core of the framework. 
 52 | 
 53 | *Java 9 Support*
 54 | 
 55 | If you want to use Java 9 you will need to update to Spring Framework 5 and therefore need to update to Spring Boot 2. I know many of us might not be on the latest and greatest version of Java in production but this is a great chance for you to play around with all the cool new toys. This works pretty seamlessly out of the box using the standard classpath but I have read a few people having issues moving to Java 9 modules. 
 56 | 
 57 | *Spring MVC*
 58 | 
 59 | While Spring MVC isn't the main character in this story there were some nice upgrades. I won't go through them all here so head over to documentation for Spring Framework 5.
 60 | 
 61 | *Spring Webflux*
 62 | 
 63 | The reactive stack is our main character in the story of Spring Framework 5. This is a different way of thinking but fortunately for us, we don't have to learn a whole new way of writing applications. Spring WebFlux is a fully asynchronous and non-blocking web framework built from the ground up allowing us to handle a massive number of concurrent connections. While this is a complete paradigm shift it is really easy to get started. 
 64 | 
 65 | image::reactive_stack.png[align="center"]
 66 | 
 67 | *Kotlin Support*
 68 | 
 69 | Kotlin support was added to http://start.spring.io but in Spring Framework 5 there is dedicated support for the language. With the dedicated support came some nice features that you can read about here.
 70 | 
 71 | *Testing Improvements*
 72 | 
 73 | The biggest change in the testing landscape is the complete support for JUnit 5's Jupiter programming and extension model. I will mention this again later but when you fire up a new Spring Boot 2 application you are still using JUnit 4 by default however it is a simple change if you want to start using JUnit 5. 
 74 | 
 75 | ===== What's new in Spring Boot 2
 76 | image::jon-tyson-520864d-unsplash.jpg[]
 77 | 
 78 | *Third-party Library Upgrades*
 79 | 
 80 | With any new release of Spring Boot, the Spring team has an opportunity to update various dependencies. 
 81 | 
 82 | * Thymeleaf 3
 83 | * Jetty 9.4
 84 | * Tomcat 8.5
 85 | * Hibernate 5.2
 86 | * Flyway 5
 87 | * Gradle 4
 88 | 
 89 | *Reactive Spring Data & Spring Security *
 90 | 
 91 | With the move to Spring WebFlux, Spring Data also provides support for reactive applications. Currently, Cassandra, MongoDB, Couchbase and Redis all have reactive API support. Spring Boot includes starter-POMs for all of these which should make getting started really easy. 
 92 | 
 93 | We also gain the ability to use Spring Security 5.0 in our reactive applications. When Spring Security is on the classpath auto-configuration is provided for WebFlux applications.
 94 | 
 95 | *Actuator*
 96 | 
 97 | Spring Boot Actuator is nothing new but it has been rewritten from the ground up. If you're not familiar with the Actuator project it automatically exposes endpoints to get information about that status of your application. The Actuator in Spring Boot 1.x was written against the servlet API and with the new reactive stack, the Spring team needed a solution that would work with both. Along with that, there were many changes to Actuator: 
 98 | 
 99 | * Redesign for both servlet & reactive
100 | * Status & health (all the details) were separated out
101 | * Simplified Security model
102 | * Move to micrometer (think SLF4J but for metrics)
103 | * Improved JSON Structures
104 | * Simplified process for creating User-Defined Endpoints.
105 |     ** @Endpoint
106 |     ** @WebEndpoint
107 |     ** @JmxEndpoint
108 | 
109 | image::pexels-photo-241544.jpeg[]
110 | 
111 | This might be an area that folks have some trouble upgrading because of the security model changes which we will talk about those in a few. By default, all web endpoints are available beneath the path /actuator with URLs of the form /actuator/{id}. The /actuator base path can be configured by using the management.endpoints.web.base-path property.
112 | 
113 | There is a dedicated detailed document for Spring Boot Actuator Web API Endpoints and this is a great place to start. 
114 | 
115 | *Gradle Plugin*
116 | 
117 | I have always been a big fan of Gradle and I am really excited to see that the team took this opportunity to rewrite the Gradle plugin. 
118 | 
119 | The Spring Boot Gradle Plugin provides Spring Boot support in Gradle, allowing you to package executable jar or war archives, run Spring Boot applications, and use the dependency management provided by spring-boot-dependencies. Spring Boot’s Gradle plugin requires Gradle 4.0 or later.
120 | 
121 | images::pexels-photo-209728.jpeg[]
122 | 
123 | *Getting Started*
124 | 
125 | To get started with the plugin it needs to be applied to your project.
126 | ```
127 | buildscript {
128 | 	repositories {
129 | 		maven { url 'https://repo.spring.io/libs-milestone' }
130 | 	}
131 | 
132 | 	dependencies {
133 | 		classpath 'org.springframework.boot:spring-boot-gradle-plugin:2.0.0.RC1'
134 | 	}
135 | }
136 | 
137 | apply plugin: 'org.springframework.boot'
138 | ```
139 | 
140 | *Building executable jars and wars*
141 | 
142 | The bootRepackage task has been replaced with bootJar and bootWar tasks for building executable jars and wars respectively. Both tasks extend their equivalent standard Gradle jar or war task, giving you access to all of the usual configuration options and behavior.
143 | 
144 | *Dependency management*
145 | 
146 | Spring Boot’s Gradle plugin no longer automatically applies the dependency management plugin. Instead, Spring Boot’s plugin now reacts to the dependency management plugin being applied by importing the correct version of the spring-boot-dependencies BOM. This gives you more control over how and when dependency management is configured. For most applications applying the dependency management plugin will be sufficient:
147 | 
148 | ```
149 | apply plugin: 'io.spring.dependency-management'
150 | ```
151 | 
152 | The Gradle Plugin also has its own documentation and there is some really great information in there. Anyone that wants to get started using Gradle should start by checking out the link below. 
153 | 
154 | *Simplified Security *
155 | 
156 | In Spring Boot 2.x, one of the main goals was to simplify security configuration and make adding custom security easy. By default, everything is secured, including static resources and Actuator endpoints. If Spring Security is on the classpath, Spring Boot will add @EnableWebSecurity and rely on Spring Security's content-negoation to decide which authentication mechanism to use. 
157 | 
158 | Once users decide that they want to add custom security, the default security configuration provided by Spring Boot will back off completely. At this point, users need to explicitly define all the bits they want to secure. This means security configuration is now in one place and avoids any kind of ordering issues with existing WebSecurityConfigurerAdapters.
159 | 
160 | image::pexels-photo-113726.jpeg[]
161 | 
162 | Here is an example of a custom security:
163 | ```
164 | http
165 |     .authorizeRequests()
166 |         // 1
167 |         .requestMatchers(EndpointRequest.to("status", "info"))
168 |             .permitAll()
169 |         // 2
170 |         .requestMatchers(EndpointRequest.toAnyEndpoint())
171 |             .hasRole("ACTUATOR")
172 |         // 3
173 |         .requestMatchers(StaticResourceRequest.toCommonLocations())
174 |             .permitAll()
175 |         // 4
176 |         .antMatchers("/**")
177 |             .hasRole("USER")
178 |     .and()
179 |   ... // additional configuration
180 | ```
181 | 
182 | . /status and /info endpoints do not require authentication.
183 | . All other actuator endpoints are protected by the ACTUATOR role.
184 | . Common static resource locations are open to all.
185 | . All other application endpoints are protected by the USER role.
186 | 
187 | *Actuator Security *
188 | 
189 | With the actuator endpoints locked down, you will need to include or exclude the endpoints you want to see. These are the properties that now control that and have changed since 1.x 
190 | 
191 | ```
192 | # ENDPOINTS WEB CONFIGURATION (WebEndpointProperties)
193 | management.endpoints.web.exposure.include=info,health # Endpoint IDs that should be included or '*' for all.
194 | management.endpoints.web.exposure.exclude= # Endpoint IDs that should be excluded.
195 | management.endpoints.web.base-path=/actuator # Base path for Web endpoints. Relative to server.servlet.context-path or management.server.servlet.context-path if management.server.port is configured.
196 | management.endpoints.web.path-mapping= # Mapping between endpoint IDs and the path that should expose them.
197 | If you're ever unsure what properties to use bookmark the common application properties documentation. 
198 | ```
199 | 
200 | *HTTP/2 Support*
201 | 
202 | It's hard to believe but the HTTP 1.1 specification was released back in 1996. I think this comes without saying but the web is very different today. If you want to enable HTTP/2 in your Spring MVC or WebFlux applications you can use the following property. 
203 | ```
204 | server.http2.enabled=true
205 | ```
206 | This support depends on the chosen web server and the application environment since that protocol is not supported out-of-the-box by JDK8. Please https://docs.spring.io/spring-boot/docs/2.0.x/reference/html/howto-embedded-web-servers.html#howto-configure-http2[check out the documentation] for more details. 
207 | 
208 | image::mac-freelancer-macintosh-macbook-40185.jpeg[]
209 | 
210 | *Configuration Properties*
211 | 
212 | In Spring Boot 1.x this notion of relaxed binding was supported and all that meant is there were multiple ways you could create a property name (camel case, underscore, hyphen) and that property would all bind to the same property. 
213 | 
214 | This still works the same but what they did tighten up was the way that you read variables in your own code. The @Value annotation is a core container feature, and it does not provide the same features as type-safe configuration properties.
215 | 
216 | image::2018-02-28_07-12-58.png[]
217 | 
218 | https://docs.spring.io/spring-boot/docs/2.0.x/reference/html/boot-features-external-config.html#boot-features-external-config-relaxed-binding[External Config Relaxed Binding]
219 | 
220 | *Metrics*
221 | 
222 | Spring Boot’s own metrics have been replaced by Micrometer. This is being developed by Pivotal and quickly being adopted across projects within Pivotal. 
223 | 
224 | Spring Boot Actuator provides dependency management and auto-configuration for Micrometer, an application metrics facade that supports numerous monitoring systems, including:
225 | 
226 | * Atlas
227 | * Datadog
228 | * Ganglia
229 | * Graphite
230 | * Influx
231 | * JMX
232 | * New Relic
233 | * Prometheus
234 | * SignalFx
235 | * Simple (in-memory)
236 | * StatsD
237 | * Wavefront
238 | 
239 | image::micrometer.png[]
240 | 
241 | To learn more about Micrometer visit https://micrometer.io/
242 | 
243 | This might cause a little bit of an upgrade pain for those doing a ton of logging of custom metrics.
244 | 
245 | *Quartz Scheduler*
246 | 
247 | Spring Boot 2 provides support for the Quartz scheduler that can be used via the spring-boot-starter-quartz dedicated starter. Both in-memory and JDBC stores can be configured.
248 | ```
249 | <dependency>
250 | 	<groupId>org.springframework.boot</groupId>
251 | 	<artifactId>spring-boot-starter-quartz</artifactId>
252 | </dependency>
253 | ```
254 | 
255 | image::pexels-photo-768472.jpeg[]
256 | 
257 | *HikariCP Connection Pool*
258 | 
259 | The default connection pool has switched from Tomcat to HikariCP. If you used spring.datasource.type to force the use of Hikari in a Tomcat-based application, you can now remove that override. Similarly, if you want to stay with the Tomcat connection pool, simply add the following to your configuration:
260 | ```
261 | spring.datasource.type=org.apache.tomcat.jdbc.pool.DataSource
262 | ```
263 | 
264 | *Developer Tools*
265 | 
266 | By default, each time your application restarts, a report showing the condition evaluation delta is logged. The report shows the changes to your application’s auto-configuration as you make changes such as adding or removing beans and setting configuration properties.
267 | 
268 | To disable the logging of the report, set the following property:
269 | ```
270 | spring.devtools.restart.log-condition-evaluation-delta=false
271 | ```
272 | 
273 | *Kotlin Support*
274 | 
275 | We talked earlier in this article about the official support for Kotlin. There is also a dedicated portion of the documentation to Kotlin. 
276 | 
277 | *JUnit 5*
278 | 
279 | As I said earlier the default for a Spring Boot application is to still use JUnit 4. If you want to switch to JUnit 5 you will need to exclude JUnit 4 from the spring boot starter test and add the required dependencies. You will also need to add the plugin listed below. 
280 | ```
281 | <dependencies>
282 | 	<dependency>
283 | 		<groupId>org.springframework.boot</groupId>
284 | 		<artifactId>spring-boot-starter-test</artifactId>
285 | 		<scope>test</scope>
286 | 		<exclusions>
287 | 			<exclusion>
288 | 				<groupId>junit</groupId>
289 | 				<artifactId>junit</artifactId>
290 | 			</exclusion>
291 | 		</exclusions>
292 | 	</dependency>
293 | 	<dependency>
294 | 		<groupId>org.junit.jupiter</groupId>
295 | 		<artifactId>junit-jupiter-api</artifactId>
296 | 		<scope>test</scope>
297 | 	</dependency>
298 | 	<dependency>
299 | 		<groupId>org.junit.jupiter</groupId>
300 | 		<artifactId>junit-jupiter-engine</artifactId>
301 | 		<scope>test</scope>
302 | 	</dependency>
303 | </dependencies>
304 | <build>
305 | 	<plugins>
306 | 		<plugin>
307 | 			<groupId>org.springframework.boot</groupId>
308 | 			<artifactId>spring-boot-maven-plugin</artifactId>
309 | 		</plugin>
310 | 		<plugin>
311 | 			<groupId>org.apache.maven.plugins</groupId>
312 | 			<artifactId>maven-surefire-plugin</artifactId>
313 | 			<dependencies>
314 | 				<dependency>
315 | 					<groupId>org.junit.platform</groupId>
316 | 					<artifactId>junit-platform-surefire-provider</artifactId>
317 | 					<version>${junit-platform.version}</version>
318 | 				</dependency>
319 | 			</dependencies>
320 | 		</plugin>
321 | 	</plugins>
322 | </build>
323 | ```
324 | 
325 | ===== Spring Boot 2 Migration Guide
326 | 
327 | It probably goes without saying but with any major release like this simply flipping the version number in production isn't your best upgrade path. The first thing I would do is read through the Spring Boot 2.0 Migration Guide. For me I found most of my issues revolved around the simplified security model changes and property changes. The migration guide includes an awesome tip for migrating your property files. 
328 | ____
329 | With Spring Boot 2.0, many configuration properties were renamed/removed and developers need to update their application.properties/application.yml accordingly. To help you with that, Spring Boot ships a new spring-boot-properties-migrator module. Once added as a dependency to your project, this will not only analyze your application’s environment and print diagnostics at startup, but also temporarily migrate properties at runtime for you. This is a must have during your application migration:
330 | ____
331 | 
332 | ```
333 | <dependency>
334 |   <groupId>org.springframework.boot</groupId>
335 |   <artifactId>spring-boot-properties-migrator</artifactId>
336 | </dependency>
337 | ```
338 | 
339 | I am not sure what your thoughts are on this but I would certainly start playing with Spring Boot 2 and working on migrating your code over to it but with any major release, I usually wait until the next point release. This isn't just for Spring, I do this with pretty much everything from Apple to Pivotal to Angry Birds! 
340 | 
341 | image::pexels-photo-860379.jpeg[]
342 | 
343 | This document was created from http://therealdanvega.com/blog/2018/03/01/what-is-new-spring-boot-2[this blog post].
344 | You can also watch a video of me talking about https://youtu.be/91n6y-T-PC8[this post here].


--------------------------------------------------------------------------------
/prism/prism.js:
--------------------------------------------------------------------------------
 1 | /* PrismJS 1.15.0
 2 | https://prismjs.com/download.html#themes=prism-tomorrow&languages=markup+css+clike+javascript+asciidoc+java+json+sql+properties+yaml&plugins=toolbar+copy-to-clipboard */
 3 | var _self="undefined"!=typeof window?window:"undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?self:{},Prism=function(){var e=/\blang(?:uage)?-([\w-]+)\b/i,t=0,n=_self.Prism={manual:_self.Prism&&_self.Prism.manual,disableWorkerMessageHandler:_self.Prism&&_self.Prism.disableWorkerMessageHandler,util:{encode:function(e){return e instanceof r?new r(e.type,n.util.encode(e.content),e.alias):"Array"===n.util.type(e)?e.map(n.util.encode):e.replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/\u00a0/g," ")},type:function(e){return Object.prototype.toString.call(e).match(/\[object (\w+)\]/)[1]},objId:function(e){return e.__id||Object.defineProperty(e,"__id",{value:++t}),e.__id},clone:function(e,t){var r=n.util.type(e);switch(t=t||{},r){case"Object":if(t[n.util.objId(e)])return t[n.util.objId(e)];var a={};t[n.util.objId(e)]=a;for(var l in e)e.hasOwnProperty(l)&&(a[l]=n.util.clone(e[l],t));return a;case"Array":if(t[n.util.objId(e)])return t[n.util.objId(e)];var a=[];return t[n.util.objId(e)]=a,e.forEach(function(e,r){a[r]=n.util.clone(e,t)}),a}return e}},languages:{extend:function(e,t){var r=n.util.clone(n.languages[e]);for(var a in t)r[a]=t[a];return r},insertBefore:function(e,t,r,a){a=a||n.languages;var l=a[e];if(2==arguments.length){r=arguments[1];for(var i in r)r.hasOwnProperty(i)&&(l[i]=r[i]);return l}var o={};for(var s in l)if(l.hasOwnProperty(s)){if(s==t)for(var i in r)r.hasOwnProperty(i)&&(o[i]=r[i]);o[s]=l[s]}return n.languages.DFS(n.languages,function(t,n){n===a[e]&&t!=e&&(this[t]=o)}),a[e]=o},DFS:function(e,t,r,a){a=a||{};for(var l in e)e.hasOwnProperty(l)&&(t.call(e,l,e[l],r||l),"Object"!==n.util.type(e[l])||a[n.util.objId(e[l])]?"Array"!==n.util.type(e[l])||a[n.util.objId(e[l])]||(a[n.util.objId(e[l])]=!0,n.languages.DFS(e[l],t,l,a)):(a[n.util.objId(e[l])]=!0,n.languages.DFS(e[l],t,null,a)))}},plugins:{},highlightAll:function(e,t){n.highlightAllUnder(document,e,t)},highlightAllUnder:function(e,t,r){var a={callback:r,selector:'code[class*="language-"], [class*="language-"] code, code[class*="lang-"], [class*="lang-"] code'};n.hooks.run("before-highlightall",a);for(var l,i=a.elements||e.querySelectorAll(a.selector),o=0;l=i[o++];)n.highlightElement(l,t===!0,a.callback)},highlightElement:function(t,r,a){for(var l,i,o=t;o&&!e.test(o.className);)o=o.parentNode;o&&(l=(o.className.match(e)||[,""])[1].toLowerCase(),i=n.languages[l]),t.className=t.className.replace(e,"").replace(/\s+/g," ")+" language-"+l,t.parentNode&&(o=t.parentNode,/pre/i.test(o.nodeName)&&(o.className=o.className.replace(e,"").replace(/\s+/g," ")+" language-"+l));var s=t.textContent,u={element:t,language:l,grammar:i,code:s};if(n.hooks.run("before-sanity-check",u),!u.code||!u.grammar)return u.code&&(n.hooks.run("before-highlight",u),u.element.textContent=u.code,n.hooks.run("after-highlight",u)),n.hooks.run("complete",u),void 0;if(n.hooks.run("before-highlight",u),r&&_self.Worker){var g=new Worker(n.filename);g.onmessage=function(e){u.highlightedCode=e.data,n.hooks.run("before-insert",u),u.element.innerHTML=u.highlightedCode,a&&a.call(u.element),n.hooks.run("after-highlight",u),n.hooks.run("complete",u)},g.postMessage(JSON.stringify({language:u.language,code:u.code,immediateClose:!0}))}else u.highlightedCode=n.highlight(u.code,u.grammar,u.language),n.hooks.run("before-insert",u),u.element.innerHTML=u.highlightedCode,a&&a.call(t),n.hooks.run("after-highlight",u),n.hooks.run("complete",u)},highlight:function(e,t,a){var l={code:e,grammar:t,language:a};return n.hooks.run("before-tokenize",l),l.tokens=n.tokenize(l.code,l.grammar),n.hooks.run("after-tokenize",l),r.stringify(n.util.encode(l.tokens),l.language)},matchGrammar:function(e,t,r,a,l,i,o){var s=n.Token;for(var u in r)if(r.hasOwnProperty(u)&&r[u]){if(u==o)return;var g=r[u];g="Array"===n.util.type(g)?g:[g];for(var c=0;c<g.length;++c){var h=g[c],f=h.inside,d=!!h.lookbehind,m=!!h.greedy,p=0,y=h.alias;if(m&&!h.pattern.global){var v=h.pattern.toString().match(/[imuy]*$/)[0];h.pattern=RegExp(h.pattern.source,v+"g")}h=h.pattern||h;for(var b=a,k=l;b<t.length;k+=t[b].length,++b){var w=t[b];if(t.length>e.length)return;if(!(w instanceof s)){if(m&&b!=t.length-1){h.lastIndex=k;var _=h.exec(e);if(!_)break;for(var j=_.index+(d?_[1].length:0),P=_.index+_[0].length,A=b,x=k,O=t.length;O>A&&(P>x||!t[A].type&&!t[A-1].greedy);++A)x+=t[A].length,j>=x&&(++b,k=x);if(t[b]instanceof s)continue;I=A-b,w=e.slice(k,x),_.index-=k}else{h.lastIndex=0;var _=h.exec(w),I=1}if(_){d&&(p=_[1]?_[1].length:0);var j=_.index+p,_=_[0].slice(p),P=j+_.length,N=w.slice(0,j),S=w.slice(P),C=[b,I];N&&(++b,k+=N.length,C.push(N));var E=new s(u,f?n.tokenize(_,f):_,y,_,m);if(C.push(E),S&&C.push(S),Array.prototype.splice.apply(t,C),1!=I&&n.matchGrammar(e,t,r,b,k,!0,u),i)break}else if(i)break}}}}},tokenize:function(e,t){var r=[e],a=t.rest;if(a){for(var l in a)t[l]=a[l];delete t.rest}return n.matchGrammar(e,r,t,0,0,!1),r},hooks:{all:{},add:function(e,t){var r=n.hooks.all;r[e]=r[e]||[],r[e].push(t)},run:function(e,t){var r=n.hooks.all[e];if(r&&r.length)for(var a,l=0;a=r[l++];)a(t)}}},r=n.Token=function(e,t,n,r,a){this.type=e,this.content=t,this.alias=n,this.length=0|(r||"").length,this.greedy=!!a};if(r.stringify=function(e,t,a){if("string"==typeof e)return e;if("Array"===n.util.type(e))return e.map(function(n){return r.stringify(n,t,e)}).join("");var l={type:e.type,content:r.stringify(e.content,t,a),tag:"span",classes:["token",e.type],attributes:{},language:t,parent:a};if(e.alias){var i="Array"===n.util.type(e.alias)?e.alias:[e.alias];Array.prototype.push.apply(l.classes,i)}n.hooks.run("wrap",l);var o=Object.keys(l.attributes).map(function(e){return e+'="'+(l.attributes[e]||"").replace(/"/g,"&quot;")+'"'}).join(" ");return"<"+l.tag+' class="'+l.classes.join(" ")+'"'+(o?" "+o:"")+">"+l.content+"</"+l.tag+">"},!_self.document)return _self.addEventListener?(n.disableWorkerMessageHandler||_self.addEventListener("message",function(e){var t=JSON.parse(e.data),r=t.language,a=t.code,l=t.immediateClose;_self.postMessage(n.highlight(a,n.languages[r],r)),l&&_self.close()},!1),_self.Prism):_self.Prism;var a=document.currentScript||[].slice.call(document.getElementsByTagName("script")).pop();return a&&(n.filename=a.src,n.manual||a.hasAttribute("data-manual")||("loading"!==document.readyState?window.requestAnimationFrame?window.requestAnimationFrame(n.highlightAll):window.setTimeout(n.highlightAll,16):document.addEventListener("DOMContentLoaded",n.highlightAll))),_self.Prism}();"undefined"!=typeof module&&module.exports&&(module.exports=Prism),"undefined"!=typeof global&&(global.Prism=Prism);
 4 | Prism.languages.markup={comment:/<!--[\s\S]*?-->/,prolog:/<\?[\s\S]+?\?>/,doctype:/<!DOCTYPE[\s\S]+?>/i,cdata:/<!\[CDATA\[[\s\S]*?]]>/i,tag:{pattern:/<\/?(?!\d)[^\s>\/=$<%]+(?:\s+[^\s>\/=]+(?:=(?:("|')(?:\\[\s\S]|(?!\1)[^\\])*\1|[^\s'">=]+))?)*\s*\/?>/i,greedy:!0,inside:{tag:{pattern:/^<\/?[^\s>\/]+/i,inside:{punctuation:/^<\/?/,namespace:/^[^\s>\/:]+:/}},"attr-value":{pattern:/=(?:("|')(?:\\[\s\S]|(?!\1)[^\\])*\1|[^\s'">=]+)/i,inside:{punctuation:[/^=/,{pattern:/(^|[^\\])["']/,lookbehind:!0}]}},punctuation:/\/?>/,"attr-name":{pattern:/[^\s>\/]+/,inside:{namespace:/^[^\s>\/:]+:/}}}},entity:/&#?[\da-z]{1,8};/i},Prism.languages.markup.tag.inside["attr-value"].inside.entity=Prism.languages.markup.entity,Prism.hooks.add("wrap",function(a){"entity"===a.type&&(a.attributes.title=a.content.replace(/&amp;/,"&"))}),Prism.languages.xml=Prism.languages.markup,Prism.languages.html=Prism.languages.markup,Prism.languages.mathml=Prism.languages.markup,Prism.languages.svg=Prism.languages.markup;
 5 | Prism.languages.css={comment:/\/\*[\s\S]*?\*\//,atrule:{pattern:/@[\w-]+?.*?(?:;|(?=\s*\{))/i,inside:{rule:/@[\w-]+/}},url:/url\((?:(["'])(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1|.*?)\)/i,selector:/[^{}\s][^{};]*?(?=\s*\{)/,string:{pattern:/("|')(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,greedy:!0},property:/[-_a-z\xA0-\uFFFF][-\w\xA0-\uFFFF]*(?=\s*:)/i,important:/\B!important\b/i,"function":/[-a-z0-9]+(?=\()/i,punctuation:/[(){};:]/},Prism.languages.css.atrule.inside.rest=Prism.languages.css,Prism.languages.markup&&(Prism.languages.insertBefore("markup","tag",{style:{pattern:/(<style[\s\S]*?>)[\s\S]*?(?=<\/style>)/i,lookbehind:!0,inside:Prism.languages.css,alias:"language-css",greedy:!0}}),Prism.languages.insertBefore("inside","attr-value",{"style-attr":{pattern:/\s*style=("|')(?:\\[\s\S]|(?!\1)[^\\])*\1/i,inside:{"attr-name":{pattern:/^\s*style/i,inside:Prism.languages.markup.tag.inside},punctuation:/^\s*=\s*['"]|['"]\s*$/,"attr-value":{pattern:/.+/i,inside:Prism.languages.css}},alias:"language-css"}},Prism.languages.markup.tag));
 6 | Prism.languages.clike={comment:[{pattern:/(^|[^\\])\/\*[\s\S]*?(?:\*\/|$)/,lookbehind:!0},{pattern:/(^|[^\\:])\/\/.*/,lookbehind:!0,greedy:!0}],string:{pattern:/(["'])(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,greedy:!0},"class-name":{pattern:/((?:\b(?:class|interface|extends|implements|trait|instanceof|new)\s+)|(?:catch\s+\())[\w.\\]+/i,lookbehind:!0,inside:{punctuation:/[.\\]/}},keyword:/\b(?:if|else|while|do|for|return|in|instanceof|function|new|try|throw|catch|finally|null|break|continue)\b/,"boolean":/\b(?:true|false)\b/,"function":/[a-z0-9_]+(?=\()/i,number:/\b0x[\da-f]+\b|(?:\b\d+\.?\d*|\B\.\d+)(?:e[+-]?\d+)?/i,operator:/--?|\+\+?|!=?=?|<=?|>=?|==?=?|&&?|\|\|?|\?|\*|\/|~|\^|%/,punctuation:/[{}[\];(),.:]/};
 7 | Prism.languages.javascript=Prism.languages.extend("clike",{keyword:/\b(?:as|async|await|break|case|catch|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally|for|from|function|get|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|set|static|super|switch|this|throw|try|typeof|var|void|while|with|yield)\b/,number:/\b(?:0[xX][\dA-Fa-f]+|0[bB][01]+|0[oO][0-7]+|NaN|Infinity)\b|(?:\b\d+\.?\d*|\B\.\d+)(?:[Ee][+-]?\d+)?/,"function":/[_$a-z\xA0-\uFFFF][$\w\xA0-\uFFFF]*(?=\s*\()/i,operator:/-[-=]?|\+[+=]?|!=?=?|<<?=?|>>?>?=?|=(?:==?|>)?|&[&=]?|\|[|=]?|\*\*?=?|\/=?|~|\^=?|%=?|\?|\.{3}/}),Prism.languages.insertBefore("javascript","keyword",{regex:{pattern:/((?:^|[^$\w\xA0-\uFFFF."'\])\s])\s*)\/(\[[^\]\r\n]+]|\\.|[^\/\\\[\r\n])+\/[gimyu]{0,5}(?=\s*($|[\r\n,.;})\]]))/,lookbehind:!0,greedy:!0},"function-variable":{pattern:/[_$a-z\xA0-\uFFFF][$\w\xA0-\uFFFF]*(?=\s*=\s*(?:function\b|(?:\([^()]*\)|[_$a-z\xA0-\uFFFF][$\w\xA0-\uFFFF]*)\s*=>))/i,alias:"function"},constant:/\b[A-Z][A-Z\d_]*\b/}),Prism.languages.insertBefore("javascript","string",{"template-string":{pattern:/`(?:\\[\s\S]|\${[^}]+}|[^\\`])*`/,greedy:!0,inside:{interpolation:{pattern:/\${[^}]+}/,inside:{"interpolation-punctuation":{pattern:/^\${|}$/,alias:"punctuation"},rest:null}},string:/[\s\S]+/}}}),Prism.languages.javascript["template-string"].inside.interpolation.inside.rest=Prism.languages.javascript,Prism.languages.markup&&Prism.languages.insertBefore("markup","tag",{script:{pattern:/(<script[\s\S]*?>)[\s\S]*?(?=<\/script>)/i,lookbehind:!0,inside:Prism.languages.javascript,alias:"language-javascript",greedy:!0}}),Prism.languages.js=Prism.languages.javascript;
 8 | !function(a){var i={pattern:/(^[ \t]*)\[(?!\[)(?:(["'$`])(?:(?!\2)[^\\]|\\.)*\2|\[(?:[^\]\\]|\\.)*\]|[^\]\\]|\\.)*\]/m,lookbehind:!0,inside:{quoted:{pattern:/([$`])(?:(?!\1)[^\\]|\\.)*\1/,inside:{punctuation:/^[$`]|[$`]$/}},interpreted:{pattern:/'(?:[^'\\]|\\.)*'/,inside:{punctuation:/^'|'$/}},string:/"(?:[^"\\]|\\.)*"/,variable:/\w+(?==)/,punctuation:/^\[|\]$|,/,operator:/=/,"attr-value":/(?!^\s+$).+/}};a.languages.asciidoc={"comment-block":{pattern:/^(\/{4,})(?:\r?\n|\r)(?:[\s\S]*(?:\r?\n|\r))??\1/m,alias:"comment"},table:{pattern:/^\|={3,}(?:(?:\r?\n|\r).*)*?(?:\r?\n|\r)\|={3,}$/m,inside:{specifiers:{pattern:/(?!\|)(?:(?:(?:\d+(?:\.\d+)?|\.\d+)[+*])?(?:[<^>](?:\.[<^>])?|\.[<^>])?[a-z]*)(?=\|)/,alias:"attr-value"},punctuation:{pattern:/(^|[^\\])[|!]=*/,lookbehind:!0}}},"passthrough-block":{pattern:/^(\+{4,})(?:\r?\n|\r)(?:[\s\S]*(?:\r?\n|\r))??\1$/m,inside:{punctuation:/^\++|\++$/}},"literal-block":{pattern:/^(-{4,}|\.{4,})(?:\r?\n|\r)(?:[\s\S]*(?:\r?\n|\r))??\1$/m,inside:{punctuation:/^(?:-+|\.+)|(?:-+|\.+)$/}},"other-block":{pattern:/^(--|\*{4,}|_{4,}|={4,})(?:\r?\n|\r)(?:[\s\S]*(?:\r?\n|\r))??\1$/m,inside:{punctuation:/^(?:-+|\*+|_+|=+)|(?:-+|\*+|_+|=+)$/}},"list-punctuation":{pattern:/(^[ \t]*)(?:-|\*{1,5}|\.{1,5}|(?:[a-z]|\d+)\.|[xvi]+\))(?= )/im,lookbehind:!0,alias:"punctuation"},"list-label":{pattern:/(^[ \t]*)[a-z\d].+(?::{2,4}|;;)(?=\s)/im,lookbehind:!0,alias:"symbol"},"indented-block":{pattern:/((\r?\n|\r)\2)([ \t]+)\S.*(?:(?:\r?\n|\r)\3.+)*(?=\2{2}|$)/,lookbehind:!0},comment:/^\/\/.*/m,title:{pattern:/^.+(?:\r?\n|\r)(?:={3,}|-{3,}|~{3,}|\^{3,}|\+{3,})$|^={1,5} +.+|^\.(?![\s.]).*/m,alias:"important",inside:{punctuation:/^(?:\.|=+)|(?:=+|-+|~+|\^+|\++)$/}},"attribute-entry":{pattern:/^:[^:\r\n]+:(?: .*?(?: \+(?:\r?\n|\r).*?)*)?$/m,alias:"tag"},attributes:i,hr:{pattern:/^'{3,}$/m,alias:"punctuation"},"page-break":{pattern:/^<{3,}$/m,alias:"punctuation"},admonition:{pattern:/^(?:TIP|NOTE|IMPORTANT|WARNING|CAUTION):/m,alias:"keyword"},callout:[{pattern:/(^[ \t]*)<?\d*>/m,lookbehind:!0,alias:"symbol"},{pattern:/<\d+>/,alias:"symbol"}],macro:{pattern:/\b[a-z\d][a-z\d-]*::?(?:(?:\S+)??\[(?:[^\]\\"]|(["'])(?:(?!\1)[^\\]|\\.)*\1|\\.)*\])/,inside:{"function":/^[a-z\d-]+(?=:)/,punctuation:/^::?/,attributes:{pattern:/(?:\[(?:[^\]\\"]|(["'])(?:(?!\1)[^\\]|\\.)*\1|\\.)*\])/,inside:i.inside}}},inline:{pattern:/(^|[^\\])(?:(?:\B\[(?:[^\]\\"]|(["'])(?:(?!\2)[^\\]|\\.)*\2|\\.)*\])?(?:\b_(?!\s)(?: _|[^_\\\r\n]|\\.)+(?:(?:\r?\n|\r)(?: _|[^_\\\r\n]|\\.)+)*_\b|\B``(?!\s).+?(?:(?:\r?\n|\r).+?)*''\B|\B`(?!\s)(?: ['`]|.)+?(?:(?:\r?\n|\r)(?: ['`]|.)+?)*['`]\B|\B(['*+#])(?!\s)(?: \3|(?!\3)[^\\\r\n]|\\.)+(?:(?:\r?\n|\r)(?: \3|(?!\3)[^\\\r\n]|\\.)+)*\3\B)|(?:\[(?:[^\]\\"]|(["'])(?:(?!\4)[^\\]|\\.)*\4|\\.)*\])?(?:(__|\*\*|\+\+\+?|##|\$\$|[~^]).+?(?:(?:\r?\n|\r).+?)*\5|\{[^}\r\n]+\}|\[\[\[?.+?(?:(?:\r?\n|\r).+?)*\]?\]\]|<<.+?(?:(?:\r?\n|\r).+?)*>>|\(\(\(?.+?(?:(?:\r?\n|\r).+?)*\)?\)\)))/m,lookbehind:!0,inside:{attributes:i,url:{pattern:/^(?:\[\[\[?.+?\]?\]\]|<<.+?>>)$/,inside:{punctuation:/^(?:\[\[\[?|<<)|(?:\]\]\]?|>>)$/}},"attribute-ref":{pattern:/^\{.+\}$/,inside:{variable:{pattern:/(^\{)[a-z\d,+_-]+/,lookbehind:!0},operator:/^[=?!#%@$]|!(?=[:}])/,punctuation:/^\{|\}$|::?/}},italic:{pattern:/^(['_])[\s\S]+\1$/,inside:{punctuation:/^(?:''?|__?)|(?:''?|__?)$/}},bold:{pattern:/^\*[\s\S]+\*$/,inside:{punctuation:/^\*\*?|\*\*?$/}},punctuation:/^(?:``?|\+{1,3}|##?|\$\$|[~^]|\(\(\(?)|(?:''?|\+{1,3}|##?|\$\$|[~^`]|\)?\)\))$/}},replacement:{pattern:/\((?:C|TM|R)\)/,alias:"builtin"},entity:/&#?[\da-z]{1,8};/i,"line-continuation":{pattern:/(^| )\+$/m,lookbehind:!0,alias:"punctuation"}},i.inside.interpreted.inside.rest={macro:a.languages.asciidoc.macro,inline:a.languages.asciidoc.inline,replacement:a.languages.asciidoc.replacement,entity:a.languages.asciidoc.entity},a.languages.asciidoc["passthrough-block"].inside.rest={macro:a.languages.asciidoc.macro},a.languages.asciidoc["literal-block"].inside.rest={callout:a.languages.asciidoc.callout},a.languages.asciidoc.table.inside.rest={"comment-block":a.languages.asciidoc["comment-block"],"passthrough-block":a.languages.asciidoc["passthrough-block"],"literal-block":a.languages.asciidoc["literal-block"],"other-block":a.languages.asciidoc["other-block"],"list-punctuation":a.languages.asciidoc["list-punctuation"],"indented-block":a.languages.asciidoc["indented-block"],comment:a.languages.asciidoc.comment,title:a.languages.asciidoc.title,"attribute-entry":a.languages.asciidoc["attribute-entry"],attributes:a.languages.asciidoc.attributes,hr:a.languages.asciidoc.hr,"page-break":a.languages.asciidoc["page-break"],admonition:a.languages.asciidoc.admonition,"list-label":a.languages.asciidoc["list-label"],callout:a.languages.asciidoc.callout,macro:a.languages.asciidoc.macro,inline:a.languages.asciidoc.inline,replacement:a.languages.asciidoc.replacement,entity:a.languages.asciidoc.entity,"line-continuation":a.languages.asciidoc["line-continuation"]},a.languages.asciidoc["other-block"].inside.rest={table:a.languages.asciidoc.table,"list-punctuation":a.languages.asciidoc["list-punctuation"],"indented-block":a.languages.asciidoc["indented-block"],comment:a.languages.asciidoc.comment,"attribute-entry":a.languages.asciidoc["attribute-entry"],attributes:a.languages.asciidoc.attributes,hr:a.languages.asciidoc.hr,"page-break":a.languages.asciidoc["page-break"],admonition:a.languages.asciidoc.admonition,"list-label":a.languages.asciidoc["list-label"],macro:a.languages.asciidoc.macro,inline:a.languages.asciidoc.inline,replacement:a.languages.asciidoc.replacement,entity:a.languages.asciidoc.entity,"line-continuation":a.languages.asciidoc["line-continuation"]},a.languages.asciidoc.title.inside.rest={macro:a.languages.asciidoc.macro,inline:a.languages.asciidoc.inline,replacement:a.languages.asciidoc.replacement,entity:a.languages.asciidoc.entity},a.hooks.add("wrap",function(a){"entity"===a.type&&(a.attributes.title=a.content.replace(/&amp;/,"&"))})}(Prism);
 9 | Prism.languages.java=Prism.languages.extend("clike",{keyword:/\b(?:abstract|continue|for|new|switch|assert|default|goto|package|synchronized|boolean|do|if|private|this|break|double|implements|protected|throw|byte|else|import|public|throws|case|enum|instanceof|return|transient|catch|extends|int|short|try|char|final|interface|static|void|class|finally|long|strictfp|volatile|const|float|native|super|while)\b/,number:/\b0b[01]+\b|\b0x[\da-f]*\.?[\da-fp-]+\b|(?:\b\d+\.?\d*|\B\.\d+)(?:e[+-]?\d+)?[df]?/i,operator:{pattern:/(^|[^.])(?:\+[+=]?|-[-=]?|!=?|<<?=?|>>?>?=?|==?|&[&=]?|\|[|=]?|\*=?|\/=?|%=?|\^=?|[?:~])/m,lookbehind:!0}}),Prism.languages.insertBefore("java","function",{annotation:{alias:"punctuation",pattern:/(^|[^.])@\w+/,lookbehind:!0}}),Prism.languages.insertBefore("java","class-name",{generics:{pattern:/<\s*\w+(?:\.\w+)?(?:\s*,\s*\w+(?:\.\w+)?)*>/i,alias:"function",inside:{keyword:Prism.languages.java.keyword,punctuation:/[<>(),.:]/}}});
10 | Prism.languages.json={property:/"(?:\\.|[^\\"\r\n])*"(?=\s*:)/i,string:{pattern:/"(?:\\.|[^\\"\r\n])*"(?!\s*:)/,greedy:!0},number:/\b0x[\dA-Fa-f]+\b|(?:\b\d+\.?\d*|\B\.\d+)(?:[Ee][+-]?\d+)?/,punctuation:/[{}[\]);,]/,operator:/:/g,"boolean":/\b(?:true|false)\b/i,"null":/\bnull\b/i},Prism.languages.jsonp=Prism.languages.json;
11 | Prism.languages.sql={comment:{pattern:/(^|[^\\])(?:\/\*[\s\S]*?\*\/|(?:--|\/\/|#).*)/,lookbehind:!0},string:{pattern:/(^|[^@\\])("|')(?:\\[\s\S]|(?!\2)[^\\])*\2/,greedy:!0,lookbehind:!0},variable:/@[\w.$]+|@(["'`])(?:\\[\s\S]|(?!\1)[^\\])+\1/,"function":/\b(?:AVG|COUNT|FIRST|FORMAT|LAST|LCASE|LEN|MAX|MID|MIN|MOD|NOW|ROUND|SUM|UCASE)(?=\s*\()/i,keyword:/\b(?:ACTION|ADD|AFTER|ALGORITHM|ALL|ALTER|ANALYZE|ANY|APPLY|AS|ASC|AUTHORIZATION|AUTO_INCREMENT|BACKUP|BDB|BEGIN|BERKELEYDB|BIGINT|BINARY|BIT|BLOB|BOOL|BOOLEAN|BREAK|BROWSE|BTREE|BULK|BY|CALL|CASCADED?|CASE|CHAIN|CHAR(?:ACTER|SET)?|CHECK(?:POINT)?|CLOSE|CLUSTERED|COALESCE|COLLATE|COLUMNS?|COMMENT|COMMIT(?:TED)?|COMPUTE|CONNECT|CONSISTENT|CONSTRAINT|CONTAINS(?:TABLE)?|CONTINUE|CONVERT|CREATE|CROSS|CURRENT(?:_DATE|_TIME|_TIMESTAMP|_USER)?|CURSOR|CYCLE|DATA(?:BASES?)?|DATE(?:TIME)?|DAY|DBCC|DEALLOCATE|DEC|DECIMAL|DECLARE|DEFAULT|DEFINER|DELAYED|DELETE|DELIMITERS?|DENY|DESC|DESCRIBE|DETERMINISTIC|DISABLE|DISCARD|DISK|DISTINCT|DISTINCTROW|DISTRIBUTED|DO|DOUBLE|DROP|DUMMY|DUMP(?:FILE)?|DUPLICATE|ELSE(?:IF)?|ENABLE|ENCLOSED|END|ENGINE|ENUM|ERRLVL|ERRORS|ESCAPED?|EXCEPT|EXEC(?:UTE)?|EXISTS|EXIT|EXPLAIN|EXTENDED|FETCH|FIELDS|FILE|FILLFACTOR|FIRST|FIXED|FLOAT|FOLLOWING|FOR(?: EACH ROW)?|FORCE|FOREIGN|FREETEXT(?:TABLE)?|FROM|FULL|FUNCTION|GEOMETRY(?:COLLECTION)?|GLOBAL|GOTO|GRANT|GROUP|HANDLER|HASH|HAVING|HOLDLOCK|HOUR|IDENTITY(?:_INSERT|COL)?|IF|IGNORE|IMPORT|INDEX|INFILE|INNER|INNODB|INOUT|INSERT|INT|INTEGER|INTERSECT|INTERVAL|INTO|INVOKER|ISOLATION|ITERATE|JOIN|KEYS?|KILL|LANGUAGE|LAST|LEAVE|LEFT|LEVEL|LIMIT|LINENO|LINES|LINESTRING|LOAD|LOCAL|LOCK|LONG(?:BLOB|TEXT)|LOOP|MATCH(?:ED)?|MEDIUM(?:BLOB|INT|TEXT)|MERGE|MIDDLEINT|MINUTE|MODE|MODIFIES|MODIFY|MONTH|MULTI(?:LINESTRING|POINT|POLYGON)|NATIONAL|NATURAL|NCHAR|NEXT|NO|NONCLUSTERED|NULLIF|NUMERIC|OFF?|OFFSETS?|ON|OPEN(?:DATASOURCE|QUERY|ROWSET)?|OPTIMIZE|OPTION(?:ALLY)?|ORDER|OUT(?:ER|FILE)?|OVER|PARTIAL|PARTITION|PERCENT|PIVOT|PLAN|POINT|POLYGON|PRECEDING|PRECISION|PREPARE|PREV|PRIMARY|PRINT|PRIVILEGES|PROC(?:EDURE)?|PUBLIC|PURGE|QUICK|RAISERROR|READS?|REAL|RECONFIGURE|REFERENCES|RELEASE|RENAME|REPEAT(?:ABLE)?|REPLACE|REPLICATION|REQUIRE|RESIGNAL|RESTORE|RESTRICT|RETURNS?|REVOKE|RIGHT|ROLLBACK|ROUTINE|ROW(?:COUNT|GUIDCOL|S)?|RTREE|RULE|SAVE(?:POINT)?|SCHEMA|SECOND|SELECT|SERIAL(?:IZABLE)?|SESSION(?:_USER)?|SET(?:USER)?|SHARE|SHOW|SHUTDOWN|SIMPLE|SMALLINT|SNAPSHOT|SOME|SONAME|SQL|START(?:ING)?|STATISTICS|STATUS|STRIPED|SYSTEM_USER|TABLES?|TABLESPACE|TEMP(?:ORARY|TABLE)?|TERMINATED|TEXT(?:SIZE)?|THEN|TIME(?:STAMP)?|TINY(?:BLOB|INT|TEXT)|TOP?|TRAN(?:SACTIONS?)?|TRIGGER|TRUNCATE|TSEQUAL|TYPES?|UNBOUNDED|UNCOMMITTED|UNDEFINED|UNION|UNIQUE|UNLOCK|UNPIVOT|UNSIGNED|UPDATE(?:TEXT)?|USAGE|USE|USER|USING|VALUES?|VAR(?:BINARY|CHAR|CHARACTER|YING)|VIEW|WAITFOR|WARNINGS|WHEN|WHERE|WHILE|WITH(?: ROLLUP|IN)?|WORK|WRITE(?:TEXT)?|YEAR)\b/i,"boolean":/\b(?:TRUE|FALSE|NULL)\b/i,number:/\b0x[\da-f]+\b|\b\d+\.?\d*|\B\.\d+\b/i,operator:/[-+*\/=%^~]|&&?|\|\|?|!=?|<(?:=>?|<|>)?|>[>=]?|\b(?:AND|BETWEEN|IN|LIKE|NOT|OR|IS|DIV|REGEXP|RLIKE|SOUNDS LIKE|XOR)\b/i,punctuation:/[;[\]()`,.]/};
12 | Prism.languages.properties={comment:/^[ \t]*[#!].*$/m,"attr-value":{pattern:/(^[ \t]*(?:\\(?:\r\n|[\s\S])|[^\\\s:=])+?(?: *[=:] *| ))(?:\\(?:\r\n|[\s\S])|[^\\\r\n])+/m,lookbehind:!0},"attr-name":/^[ \t]*(?:\\(?:\r\n|[\s\S])|[^\\\s:=])+?(?= *[=:] *| )/m,punctuation:/[=:]/};
13 | Prism.languages.yaml={scalar:{pattern:/([\-:]\s*(?:![^\s]+)?[ \t]*[|>])[ \t]*(?:((?:\r?\n|\r)[ \t]+)[^\r\n]+(?:\2[^\r\n]+)*)/,lookbehind:!0,alias:"string"},comment:/#.*/,key:{pattern:/(\s*(?:^|[:\-,[{\r\n?])[ \t]*(?:![^\s]+)?[ \t]*)[^\r\n{[\]},#\s]+?(?=\s*:\s)/,lookbehind:!0,alias:"atrule"},directive:{pattern:/(^[ \t]*)%.+/m,lookbehind:!0,alias:"important"},datetime:{pattern:/([:\-,[{]\s*(?:![^\s]+)?[ \t]*)(?:\d{4}-\d\d?-\d\d?(?:[tT]|[ \t]+)\d\d?:\d{2}:\d{2}(?:\.\d*)?[ \t]*(?:Z|[-+]\d\d?(?::\d{2})?)?|\d{4}-\d{2}-\d{2}|\d\d?:\d{2}(?::\d{2}(?:\.\d*)?)?)(?=[ \t]*(?:$|,|]|}))/m,lookbehind:!0,alias:"number"},"boolean":{pattern:/([:\-,[{]\s*(?:![^\s]+)?[ \t]*)(?:true|false)[ \t]*(?=$|,|]|})/im,lookbehind:!0,alias:"important"},"null":{pattern:/([:\-,[{]\s*(?:![^\s]+)?[ \t]*)(?:null|~)[ \t]*(?=$|,|]|})/im,lookbehind:!0,alias:"important"},string:{pattern:/([:\-,[{]\s*(?:![^\s]+)?[ \t]*)("|')(?:(?!\2)[^\\\r\n]|\\.)*\2(?=[ \t]*(?:$|,|]|}))/m,lookbehind:!0,greedy:!0},number:{pattern:/([:\-,[{]\s*(?:![^\s]+)?[ \t]*)[+-]?(?:0x[\da-f]+|0o[0-7]+|(?:\d+\.?\d*|\.?\d+)(?:e[+-]?\d+)?|\.inf|\.nan)[ \t]*(?=$|,|]|})/im,lookbehind:!0},tag:/![^\s]+/,important:/[&*][\w]+/,punctuation:/---|[:[\]{}\-,|>?]|\.\.\./};
14 | !function(){if("undefined"!=typeof self&&self.Prism&&self.document){var t=[],e={},n=function(){};Prism.plugins.toolbar={};var a=Prism.plugins.toolbar.registerButton=function(n,a){var o;o="function"==typeof a?a:function(t){var e;return"function"==typeof a.onClick?(e=document.createElement("button"),e.type="button",e.addEventListener("click",function(){a.onClick.call(this,t)})):"string"==typeof a.url?(e=document.createElement("a"),e.href=a.url):e=document.createElement("span"),e.textContent=a.text,e},t.push(e[n]=o)},o=Prism.plugins.toolbar.hook=function(a){var o=a.element.parentNode;if(o&&/pre/i.test(o.nodeName)&&!o.parentNode.classList.contains("code-toolbar")){var r=document.createElement("div");r.classList.add("code-toolbar"),o.parentNode.insertBefore(r,o),r.appendChild(o);var i=document.createElement("div");i.classList.add("toolbar"),document.body.hasAttribute("data-toolbar-order")&&(t=document.body.getAttribute("data-toolbar-order").split(",").map(function(t){return e[t]||n})),t.forEach(function(t){var e=t(a);if(e){var n=document.createElement("div");n.classList.add("toolbar-item"),n.appendChild(e),i.appendChild(n)}}),r.appendChild(i)}};a("label",function(t){var e=t.element.parentNode;if(e&&/pre/i.test(e.nodeName)&&e.hasAttribute("data-label")){var n,a,o=e.getAttribute("data-label");try{a=document.querySelector("template#"+o)}catch(r){}return a?n=a.content:(e.hasAttribute("data-url")?(n=document.createElement("a"),n.href=e.getAttribute("data-url")):n=document.createElement("span"),n.textContent=o),n}}),Prism.hooks.add("complete",o)}}();
15 | !function(){if("undefined"!=typeof self&&self.Prism&&self.document){if(!Prism.plugins.toolbar)return console.warn("Copy to Clipboard plugin loaded before Toolbar plugin."),void 0;var o=window.ClipboardJS||void 0;o||"function"!=typeof require||(o=require("clipboard"));var e=[];if(!o){var t=document.createElement("script"),n=document.querySelector("head");t.onload=function(){if(o=window.ClipboardJS)for(;e.length;)e.pop()()},t.src="https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js",n.appendChild(t)}Prism.plugins.toolbar.registerButton("copy-to-clipboard",function(t){function n(){var e=new o(i,{text:function(){return t.code}});e.on("success",function(){i.textContent="Copied!",r()}),e.on("error",function(){i.textContent="Press Ctrl+C to copy",r()})}function r(){setTimeout(function(){i.textContent="Copy"},5e3)}var i=document.createElement("a");return i.textContent="Copy",o?n():e.push(n),i})}}();
16 | 


--------------------------------------------------------------------------------
/course_sections/_spring-mvc-view.adoc:
--------------------------------------------------------------------------------
  1 | 
  2 | image::mvc.png[]
  3 | 
  4 | ==== Introduction to views
  5 | 
  6 | If we were creating a REST service application we wouldn't need any view. Instead we are creating a Spring MVC app with a front end using a template engine. As we will see in a bit, we have many choices when it comes to what template engines we can use. 
  7 | 
  8 | ===== Static Content 
  9 | 
 10 | By default, Spring Boot serves static content from a directory called /static (or /public or /resources or /META-INF/resources) in the classpath or from the root of the ServletContext.
 11 | 
 12 | https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#boot-features-spring-mvc-static-content
 13 | 
 14 | ===== Welcome Page
 15 | 
 16 | Spring Boot supports both static and templated welcome pages. It first looks for an index.html file in the configured static content locations. If one is not found, it then looks for an index template. If either is found, it is automatically used as the welcome page of the application.
 17 | 
 18 | ```html
 19 | <!DOCTYPE html>
 20 | <html lang="en">
 21 | <head>
 22 |     <meta charset="UTF-8">
 23 |     <meta name="viewport" content="width=device-width, initial-scale=1.0">
 24 |     <meta http-equiv="X-UA-Compatible" content="ie=edge">
 25 |     <title>Springit</title>
 26 | </head>
 27 | <body>
 28 | 
 29 |     <h1>This is my welcome page</h1>
 30 | 
 31 | </body>
 32 | </html>
 33 | ```
 34 | 
 35 | ====== Custom Favicon
 36 | 
 37 | Spring Boot looks for a favicon.ico in the configured static content locations and the root of the classpath (in that order). If such a file is present, it is automatically used as the favicon of the application.
 38 | 
 39 | ==== Templates
 40 | 
 41 | Now that we know how to serve static content we need to understand how to serve dynamic content. This is where templates come into play and lucky for us Spring MVC supports a variety of template engines. 
 42 | 
 43 | ===== View Resolvers
 44 | 
 45 | Before we dive into the different template engines we need to understand how templates work behind the scenes. It's important to undstand that there is magic going on here. The reason I say this is because if you were creating a Spring MVC application from scratch a view resolver is something you would have to manually configured. 
 46 | 
 47 | A https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#howto-customize-view-resolvers[ViewResolver] is a core component of Spring MVC, translating view names in @Controller to actual View implementations.
 48 | 
 49 | ===== Template Engines
 50 | 
 51 | As well as REST web services, you can also use Spring MVC to serve dynamic HTML content. Spring MVC supports a variety of templating technologies, including Thymeleaf, FreeMarker, and JSPs. Also, many other templating engines include their own Spring MVC integrations.
 52 | 
 53 | Spring Boot includes auto-configuration support for the following templating engines:
 54 | 
 55 | * FreeMarker
 56 | * Groovy
 57 | * Thymeleaf
 58 | * Mustache
 59 | 
 60 | CAUTION: If possible, JSPs should be avoided. There are several known limitations when using them with embedded servlet containers.
 61 | 
 62 | 
 63 | ===== Getting Started with Thymeleaf 
 64 | 
 65 | To get started with https://www.thymeleaf.org/[Thymeleaf] you need to select it when you are creating your project 
 66 | 
 67 | image::thymeleaf_dependency.png[]
 68 | 
 69 | OR add the dependency to your project.
 70 | 
 71 | ```xml
 72 | <dependency>
 73 |     <groupId>org.springframework.boot</groupId>
 74 |     <artifactId>spring-boot-starter-thymeleaf</artifactId>
 75 | </dependency>
 76 | ```
 77 | 
 78 | ===== What is Thymeleaf
 79 | 
 80 | https://www.thymeleaf.org/[Thymeleaf] is a modern server-side Java template engine for both web and standalone environments.
 81 | 
 82 | Thymeleaf's main goal is to bring elegant natural templates to your development workflow — HTML that can be correctly displayed in browsers and also work as static prototypes, allowing for stronger collaboration in development teams.
 83 | 
 84 | ===== Natural Templates
 85 | 
 86 | HTML templates written in Thymeleaf still look and work like HTML, letting the actual templates that are run in your application keep working as useful design artifacts.
 87 | 
 88 | ```html
 89 | <table>
 90 |   <thead>
 91 |     <tr>
 92 |       <th th:text="#{msgs.headers.name}">Name</th>
 93 |       <th th:text="#{msgs.headers.price}">Price</th>
 94 |     </tr>
 95 |   </thead>
 96 |   <tbody>
 97 |     <tr th:each="prod: ${allProducts}">
 98 |       <td th:text="${prod.name}">Oranges</td>
 99 |       <td th:text="${#numbers.formatDecimal(prod.price, 1, 2)}">0.99</td>
100 |     </tr>
101 |   </tbody>
102 | </table>
103 | ```
104 | 
105 | ==== Hello, Thymeleaf!
106 | 
107 | Now that we know what template engines are in Spring Boot and we have selected Thymeleaf its time we give a quick test run. In our templates folder add a new file called `home.html`. 
108 | 
109 | ```html
110 | <!DOCTYPE html>
111 | <html lang="en" >
112 | <head>
113 |     <meta charset="UTF-8">
114 |     <meta name="viewport" content="width=device-width, initial-scale=1.0">
115 |     <meta http-equiv="X-UA-Compatible" content="ie=edge">
116 |     <title>Springit</title>
117 | </head>
118 | <body>
119 | 
120 |     <h1>Default Welcome Message</h1>
121 | 
122 | </body>
123 | </html>
124 | ```
125 | 
126 | Now we are going to add an attribute called title to our model that will be returned to our view for us.
127 | 
128 | ```java
129 | @Controller
130 | public class HomeController {
131 | 
132 |     @GetMapping("/home")
133 |     public String home(Model model) {
134 |         model.addAttribute("title","Hello, Thymeleaf!");
135 |         return "home";
136 |     }
137 | }
138 | ```
139 | 
140 | Remember that Thymeleaf is a natural template engine that allows us to use valid HTML. If we wanted to display our title we can use a data attribute. 
141 | 
142 | ```html
143 | <h1 data-th-text="${title}">Default Welcome Message</h1>
144 | ```
145 | 
146 | This works but it also gets pretty verbose. If we add a namespace to our html file we can use a shorthand.
147 | 
148 | ```html
149 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
150 | ```
151 | 
152 | Now instead of the data attribute we can just use th:
153 | 
154 | ```html
155 | <h1 th:text="${title}">Default Welcome Message</h1>
156 | ```
157 | 
158 | ===== Thymeleaf Standard Dialects
159 | 
160 | The first thing you will notice is that this file is HTML5 that can be correctly displayed by any browser because it does not include any non-HTML tags (browsers ignore all attributes they don’t understand, like th:text).
161 | 
162 | https://www.thymeleaf.org/doc/articles/standarddialect5minutes.html 
163 | 
164 | 
165 | ===== Template Reloading
166 | 
167 | If you use Thymeleaf, set spring.thymeleaf.cache to false. See ThymeleafAutoConfiguration for other Thymeleaf customization options.
168 | 
169 | 
170 | ==== SpringIt Templates
171 | 
172 | I mentioned these towards the beginning of the course and it's finally time to use them. If you missed it earlier I created these so we wouldn't have to waste time designing some basic templates. The point of this course is to teach you all about Spring Boot, not design. If you haven't already downloaded them please do so now. 
173 | 
174 | https://github.com/cfaddict/springit-templates
175 | 
176 | We are going to copy all of the templates over to our static folder. 
177 | 
178 | ===== What we are working on
179 | 
180 | TIP: Before we get started just a couple of notes before we get started with building out our templates.
181 | 
182 | * We are going to leave the voting mechanism (up vote/down vote) for a later section
183 | * Because we haven't talked about Security yet we aren't going to work on any of the following in this section
184 |     ** Login / Logout
185 |     ** Register / Account
186 |     ** username of who submitted the link
187 |     ** Add Comment
188 | 
189 | ==== Thymeleaf Layouts
190 | 
191 | In our templates, we will often want to include parts from other templates, parts like footers, headers, menus…
192 | 
193 | In order to do this, Thymeleaf needs us to define these parts, “fragments”, for inclusion, which can be done using the th:fragment attribute.
194 | 
195 | Say we want to add a head tag to all of our pages pages, we can do so by creating a fragment called head.
196 | 
197 | ```html
198 | <!DOCTYPE html>
199 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
200 | <head th:fragment="head">
201 |     <meta charset="utf-8">
202 |     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
203 |     <meta name="description" content="">
204 |     <meta name="author" content="">
205 |     <title>Springit - Spring Boot Reddit Clone</title>
206 |     <!-- Bootstrap core CSS -->
207 |     <link rel="stylesheet" th:href="@{/libs/bootstrap/css/bootstrap.min.css}"/>
208 |     <!-- Custom styles for this template -->
209 |     <link rel="stylesheet" th:href="@{/css/springit.css}">
210 |     <!-- Google Fonts -->
211 |     <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Oswald|Roboto" >
212 |     <!-- Font Awesome (for icons) -->
213 |     <script defer src="https://use.fontawesome.com/releases/v5.0.8/js/all.js"></script>
214 | </head>
215 | <body>
216 | ```
217 | 
218 | But what if we wanted any page using this layout to pass in its own title. No problem, we can use variables in our fragments as well.
219 | 
220 | ```html
221 | <!DOCTYPE html>
222 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
223 | <head th:fragment="head(title)">
224 |     <title th:text="${title}">Springit - Spring Boot Reddit Clone</title>
225 | </head>
226 | <body>
227 | ```
228 | 
229 | And then in a page using the head fragment we could do this.
230 | 
231 | ```html
232 | <!DOCTYPE html>
233 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
234 | <head th:replace="~{layouts/main_layout :: head(title = 'My Unique Title Goes here!')}">
235 | </head>
236 | <body>
237 | ```
238 | 
239 | There is a bunch we can do with this template approach. I would encourage you to read up on it before we moved forward. 
240 | 
241 | https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#template-layout 
242 | 
243 | We are going to build a layout page that our templates can use. Create a new folder under templates called layouts and create a main_layout.html. 
244 | 
245 | ```html
246 | <!DOCTYPE html>
247 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
248 | <head th:fragment="head(title)">
249 |     <meta charset="utf-8">
250 |     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
251 |     <meta name="description" content="">
252 |     <meta name="author" content="">
253 |     <title th:text="${title}">Springit - Spring Boot Reddit Clone</title>
254 |     <!-- Bootstrap core CSS -->
255 |     <link rel="stylesheet" th:href="@{/libs/bootstrap/css/bootstrap.min.css}"/>
256 |     <!-- Custom styles for this template -->
257 |     <link rel="stylesheet" th:href="@{/css/springit.css}">
258 |     <!-- Google Fonts -->
259 |     <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Oswald|Roboto" >
260 |     <!-- Font Awesome (for icons) -->
261 |     <script defer src="https://use.fontawesome.com/releases/v5.0.8/js/all.js"></script>
262 | </head>
263 | <body>
264 | 
265 |     <!-- Navigation -->
266 |     <nav class="navbar navbar-expand-lg navbar-dark bg-spring fixed-top" th:fragment="navigation">
267 |         <div class="container">
268 |             <a class="navbar-brand" href="/">
269 |                 <i class="fa fa-leaf" aria-hidden="true"></i>
270 |                 SPRINGIT
271 |             </a>
272 |             <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarResponsive" aria-controls="navbarResponsive"
273 |                     aria-expanded="false" aria-label="Toggle navigation">
274 |                 <span class="navbar-toggler-icon"></span>
275 |             </button>
276 |             <div class="collapse navbar-collapse" id="navbarResponsive">
277 |                 <ul class="navbar-nav ml-auto">
278 |                     <li class="nav-item active">
279 |                         <a class="nav-link" href="/">
280 |                             <i class="fas fa-home" aria-hidden="true"></i> Home
281 |                         </a>
282 |                     </li>
283 | 
284 |                     <!-- if user is signed in -->
285 |                     <li class="nav-item">
286 |                         <a class="nav-link" th:href="@{/link/submit}">
287 |                             <i class="fa fa-link" aria-hidden="true"></i> Submit Link</a>
288 |                     </li>
289 |                     <li class="nav-item">
290 |                         <a class="nav-link" href="../auth/profile.html">
291 |                             <i class="fa fa-user" aria-hidden="true"></i> Account</a>
292 |                     </li>
293 |                     <li class="nav-item">
294 |                         <a class="nav-link" href="#">
295 |                             <i class="fa fa-sign-out-alt" aria-hidden="true"></i> Sign Out</a>
296 |                     </li>
297 | 
298 |                     <!-- if user is not signed in -->
299 |                     <li class="nav-item">
300 |                         <a class="nav-link" href=../auth/login.html>
301 |                             <i class="fa fa-sign-in-alt" aria-hidden="true"></i> Sign In</a>
302 |                     </li>
303 |                     <li class="nav-item">
304 |                         <a class="nav-link" href="../auth/register.html">
305 |                             <i class="fa fa-user-plus" aria-hidden="true"></i> Register</a>
306 |                     </li>
307 |                 </ul>
308 |             </div>
309 |         </div>
310 |     </nav>
311 | 
312 |     <div class="jumbotron jumbotron-fluid" th:fragment="jumbotron">
313 |         <div class="container" align="center">
314 |             <h2 class="display-4">Spring Boot Reddit Clone</h2>
315 |             <p class="lead">This is a reddit clone built using <a href="#">Spring Boot 2</a>, <a href="#"></a>Spring Framework 5</a> & so many other great projects! If you would like to learn how to build this
316 |                 application you can check out my course, <a href="#">Getting Started with Spring Boot 2</a>.</p>
317 |             <a href="http://www.github.com/cfaddict/springit" class="btn btn-success" target="_blank"><i class="fab fa-github"></i>  Github Repo</a>
318 |             <a href="https://therealdanvega.teachable.com/p/spring-boot-2" class="btn btn-success" target="_blank"><i class="fas fa-graduation-cap"></i> Spring Boot 2 Course</a>
319 |         </div>
320 |     </div>
321 | 
322 |     <div class="container" th:fragment="content">
323 |         <p>This is your main content</p>
324 |     </div>
325 | 
326 | </body>
327 | </html>
328 | ```
329 | 
330 | I like to create a new file in this folder as well called new_page.html. This is what a basic starter page will look like.
331 | 
332 | ```html
333 | <!DOCTYPE html>
334 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
335 | <head th:replace="~{layouts/main_layout :: head(title = 'Springit - Spring Boot Reddit Clone')}">
336 | </head>
337 | <body>
338 | <nav th:replace="~{layouts/main_layout :: nav}"></nav>
339 | <div th:replace="~{layouts/main_layout :: jumbotron}"></div>
340 | <div th:replace="~{layouts/main_layout :: content}">
341 |     <p>This is my content</p>
342 | </div>
343 | </body>
344 | </html>
345 | ```
346 | 
347 | ==== Building our Link List Page
348 | 
349 | Now that we have our layout it's time to build our first page, our list of links. Before we get started it would be a good idea to have a list of links in our database. I went over to one of my favorite sub reddits https://www.reddit.com/r/springboot[/r/springboot] and just grabbed 11 items for testing. 
350 | 
351 | To do so I am going to move them into our database loader and remove the bean from the main application class. 
352 | 
353 | ```java
354 | @Component
355 | public class DatabaseLoader implements CommandLineRunner {
356 | 
357 |     private LinkRepository linkRepository;
358 |     private CommentRepository commentRepository;
359 | 
360 |     public DatabaseLoader(LinkRepository linkRepository, CommentRepository commentRepository) {
361 |         this.linkRepository = linkRepository;
362 |         this.commentRepository = commentRepository;
363 |     }
364 | 
365 |     @Override
366 |     public void run(String... args) {
367 |         Map<String,String> links = new HashMap<>();
368 |         links.put("Securing Spring Boot APIs and SPAs with OAuth 2.0","https://auth0.com/blog/securing-spring-boot-apis-and-spas-with-oauth2/?utm_source=reddit&utm_medium=sc&utm_campaign=springboot_spa_securing");
369 |         links.put("Easy way to detect Device in Java Web Application using Spring Mobile - Source code to download from GitHub","https://www.opencodez.com/java/device-detection-using-spring-mobile.htm");
370 |         links.put("Tutorial series about building microservices with SpringBoot (with Netflix OSS)","https://medium.com/@marcus.eisele/implementing-a-microservice-architecture-with-spring-boot-intro-cdb6ad16806c");
371 |         links.put("Detailed steps to send encrypted email using Java / Spring Boot - Source code to download from GitHub","https://www.opencodez.com/java/send-encrypted-email-using-java.htm");
372 |         links.put("Build a Secure Progressive Web App With Spring Boot and React","https://dzone.com/articles/build-a-secure-progressive-web-app-with-spring-boo");
373 |         links.put("Building Your First Spring Boot Web Application - DZone Java","https://dzone.com/articles/building-your-first-spring-boot-web-application-ex");
374 |         links.put("Building Microservices with Spring Boot Fat (Uber) Jar","https://jelastic.com/blog/building-microservices-with-spring-boot-fat-uber-jar/");
375 |         links.put("Spring Cloud GCP 1.0 Released","https://cloud.google.com/blog/products/gcp/calling-java-developers-spring-cloud-gcp-1-0-is-now-generally-available");
376 |         links.put("Simplest way to Upload and Download Files in Java with Spring Boot - Code to download from Github","https://www.opencodez.com/uncategorized/file-upload-and-download-in-java-spring-boot.htm");
377 |         links.put("Add Social Login to Your Spring Boot 2.0 app","https://developer.okta.com/blog/2018/07/24/social-spring-boot");
378 |         links.put("File download example using Spring REST Controller","https://www.jeejava.com/file-download-example-using-spring-rest-controller/");
379 | 
380 |         links.forEach((k,v) -> {
381 |             linkRepository.save(new Link(k,v));
382 |             // we will do something with comments later
383 |         });
384 | 
385 |         long linkCount = linkRepository.count();
386 |         System.out.println("Number of links in the database: " + linkCount );
387 |     }
388 | }
389 | ```
390 | 
391 | ===== Pretty Time
392 | 
393 | When we display time I don't want to just display the creation date. I want to display something like
394 | 
395 | * moments ago
396 | * 10 minutes ago
397 | * 1 hour ago
398 | * 7 hours ago
399 | * 1 day ago
400 | * 10 days ago
401 | * 1 year ago
402 | 
403 | To accomplish this we are going to include a neat little library called http://www.ocpsoft.org/prettytime/[Pretty Time].
404 | 
405 | ```
406 | <dependency>
407 |     <groupId>org.ocpsoft.prettytime</groupId>
408 |     <artifactId>prettytime</artifactId>
409 |     <version>4.0.1.Final</version>
410 | </dependency>
411 | ```
412 | 
413 | ====== Link Domain Class
414 | 
415 | These are a few helper methods if you get stuck.
416 | 
417 | ```java
418 | public String getDomainName() throws URISyntaxException {
419 |     URI uri = new URI(this.url);
420 |     String domain = uri.getHost();
421 |     return domain.startsWith("www.") ? domain.substring(4) : domain;
422 | }
423 | 
424 | public String getPrettyTime() {
425 |     PrettyTime pt = BeanUtil.getBean(PrettyTime.class);
426 |     return pt.format(convertToDateViaInstant(getCreationDate()));
427 | }
428 | 
429 | private Date convertToDateViaInstant(LocalDateTime dateToConvert) {
430 |     return java.util.Date.from(dateToConvert.atZone(ZoneId.systemDefault()).toInstant());
431 | }
432 | ```
433 | 
434 | Autowiring Beans into classes not managed by Spring
435 | 
436 | https://dzone.com/articles/autowiring-spring-beans-into-classes-not-managed-by-spring
437 | 
438 | 
439 | ```java
440 | package com.vega.springit.service;
441 | 
442 | import org.springframework.beans.BeansException;
443 | import org.springframework.context.ApplicationContext;
444 | import org.springframework.context.ApplicationContextAware;
445 | import org.springframework.stereotype.Service;
446 | 
447 | @Service
448 | public class BeanUtil implements ApplicationContextAware {
449 | 
450 |     private static ApplicationContext context;
451 | 
452 |     @Override
453 |     public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
454 |         context = applicationContext;
455 |     }
456 | 
457 |     public static <T> T getBean(Class<T> beanClass) {
458 |         return context.getBean(beanClass);
459 |     }
460 | }
461 | ```
462 | 
463 | This is what our link list page should look like:
464 | 
465 | ```html
466 | <!DOCTYPE html>
467 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
468 | <head th:replace="~{layouts/main_layout :: head(title='Springit - Spring Boot Reddit Clone')}">
469 | </head>
470 | <body>
471 |     <nav th:replace="~{layouts/main_layout :: nav}"></nav>
472 |     <div th:replace="~{layouts/main_layout :: jumbotron}"></div>
473 | 
474 |     <div class="container" th:fragment="content">
475 | 
476 |         <!-- links -->
477 |         <div class="row link" th:each="link : ${links}">
478 |             <div class="col-1">
479 |                 <div><a href="#" class="upvote"><i class="fas fa-arrow-up"></i></a></div>
480 |                 <div><span class="votecount">3</span></div>
481 |                 <div><a href="#" class="downvote"><i class="fas fa-arrow-down"></i></a></div>
482 |             </div>
483 |             <div class="col-11">
484 |                 <p class="title">
485 |                     <a class="title " th:href="@{'/link/' + ${link.id}}" th:text="${link.title}">
486 |                         Title Goes Here
487 |                     </a>
488 |                     <span class="domain">(<a th:href="${link.url}" th:text="${link.getDomainName()}">therealdanvega.com</a>)</span>
489 |                 </p>
490 |                 <p class="tagline ">submitted
491 |                     <!--<time title="Sat Mar 10 06:26:36 2018 UTC" datetime="2018-03-10T06:26:36+00:00" class="live-timestamp">2 hours ago</time> by-->
492 |                     <time th:title="${link.getCreationDate()}" th:datetime="${link.getCreationDate()}" class="live-timestamp" th:text="${link.getPrettyTime()}">1 hour(s)</time> by
493 |                     <a href="/" class="author">therealdanvega</a>
494 |                 </p>
495 |                 <p>
496 |                     <a th:href="@{'/link/' + ${link.id} + '#comments'}" class="comments" th:text="|${link.getComments().size()} comments|"><i class="fas fa-comments"></i> 0 comments</a>
497 |                     <a href="/" class="share"><i class="fas fa-share-square"></i> share</a>
498 |                 </p>
499 |             </div>
500 |         </div>
501 | 
502 |     </div>
503 | 
504 | </body>
505 | </html>
506 | ```
507 | 
508 | ==== Building our Link View Page
509 | 
510 | We already have a working list page and now we need to create a vew page for each link. We will start out by creating a new `@GetMapping` in our `LinkController`.
511 | 
512 | ```java
513 |     @GetMapping("/link/{id}")
514 |     public String read(@PathVariable Long id, Model model) {
515 |         return "link/view";
516 |     }
517 | ```
518 | 
519 | And we will create a new view page. I did this by renaming link to view and using our layout fragments.
520 | 
521 | ```html
522 | <!DOCTYPE html>
523 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
524 | <head th:replace="~{layouts/main_layout :: head(title = 'Springit - Spring Boot Reddit Clone')}">
525 | </head>
526 | <body>
527 | 
528 |     <nav th:replace="~{layouts/main_layout :: nav}"></nav>
529 |     <div th:replace="~{layouts/main_layout :: jumbotron}"></div>
530 | 
531 |     <div class="container">
532 | 
533 |         <!-- link -->
534 |         <div class="row link">
535 |             <div class="col-1">
536 |                 <div><a href="#" class="upvote"><i class="fas fa-arrow-up"></i></a></div>
537 |                 <div><span class="votecount">3</span></div>
538 |                 <div><a href="#" class="downvote"><i class="fas fa-arrow-down"></i></a></div>
539 |             </div>
540 |             <div class="col-11">
541 |                 <p class="title">
542 |                     <a class="title " href="http://therealdanvega.com/blog/2018/03/01/what-is-new-spring-boot-2">
543 |                         What's new in Spring Boot 2?
544 |                     </a>
545 |                     <span class="domain">(<a href="http://therealdanvega.com">therealdanvega.com</a>)</span>
546 |                 </p>
547 |                 <p class="tagline ">submitted
548 |                     <time title="Sat Mar 10 06:26:36 2018 UTC" datetime="2018-03-10T06:26:36+00:00" class="live-timestamp">2 hours ago</time> by
549 |                     <a href="https://www.reddit.com/user/therealdanvega" class="author">therealdanvega</a>
550 |                     <span class="userattrs"></span>
551 |                 </p>
552 |                 <p>
553 |                     <a href="#" class="comments"><i class="fas fa-comments"></i> 8 comments</a>
554 |                     <a href="#" class="share"><i class="fas fa-share-square"></i> share</a>
555 |                 </p>
556 |             </div>
557 |         </div>
558 | 
559 |         <!-- link comments -->
560 |         <div id="comments" class="comments">
561 |             <div class="row header">
562 |                 <div class="col-1">&nbsp;</div>
563 |                 <div class="col-11 title">
564 |                     all 21 comments
565 |                 </div>
566 |             </div>
567 |             <div class="row addcomment">
568 |                 <div class="col-1">&nbsp;</div>
569 |                 <div class="col-11">
570 |                     <div class="form-group">
571 |                         <textarea class="form-control" id="comment" rows="3"></textarea>
572 |                     </div>
573 |                     <button type="submit" class="btn btn-primary">Add Comment</button>
574 |                 </div>
575 |             </div>
576 |             <!-- single comment -->
577 |             <div class="row comment">
578 |                 <div class="col-1">&nbsp;</div>
579 |                 <div class="col-11">
580 |                     <span><a href="#"><i class="far fa-user"></i> therealdanvega</a></span>
581 |                     <span><i class="far fa-clock"></i> 4 hours ago</span>
582 |                     <p class="body">It’s one thing I never care about, new releases of maven. Yet I do for most other things.. I really should take a look at any features released in the last while! Pull my dependencies, run my tests and upload to nexus. I don’t care for much else, I wonder what if any I’m missing.</p>
583 |                     <a href="#" class="permalink"><i class="fas fa-link"></i> permalink</a>
584 |                     <a href="#" class="like"><i class="far fa-thumbs-up"></i> Like</a>
585 |                 </div>
586 |             </div>
587 | 
588 |         </div>
589 | 
590 |     </div>
591 | 
592 | </body>
593 | </html>
594 | ```
595 | 
596 | We need to get an instance of a link based on the id in the url. What happens if that id is something random though like 999? This is why Spring Data wants to return us an Optional by default. In this case we don't need to do any null checking, we can simply ask the optional if a link is present. If it is we will send it down to our view page, if not we can redirect to our list page. 
597 | 
598 | ```java
599 |     @GetMapping("/link/{id}")
600 |     public String read(@PathVariable Long id,Model model) {
601 |         Optional<Link> link = linkRepository.findById(id);
602 |         if( link.isPresent() ) {
603 |             model.addAttribute("link",link.get());
604 |             model.addAttribute("success", model.containsAttribute("success"));
605 |             return "link/view";
606 |         } else {
607 |             return "redirect:/";
608 |         }
609 |     }
610 | ```
611 | 
612 | ==== Building our Submit Page
613 | 
614 | We need to be able to add a new link to our database through the UI. To do so we are going to add a form that allows anyone to enter a title and a URL and submit it. When the submission happens we will perform some validation and if it passes, we will save that link to the database. After the link has been saved we will set a flash attribute and send the user to the view page for that link. 
615 | 
616 | For this to work we are going to need 2 different handler methods in our controller, one to show the page and one to handle the submission. I am also going to add a logger to our page so I can add some logging information in our methods. 
617 | 
618 | ```java
619 | private static final Logger logger = LoggerFactory.getLogger(LinkController.class);
620 | ```
621 | 
622 | ```java
623 |     @GetMapping("/link/submit")
624 |     public String newLinkForm(Model model) {
625 |         model.addAttribute("link",new Link());
626 |         return "link/submit";
627 |     }
628 | 
629 |     @PostMapping("/link/submit")
630 |     public String createLink(@Valid Link link, BindingResult bindingResult, Model model, RedirectAttributes redirectAttributes) {
631 |         return "link/submit";
632 |     }
633 | ```
634 | 
635 | This is what our submit page is going to look like. The key part to this page is the `th:object=""` expression. To learn more about Expressions on selections (asterisk syntax) https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#expressions-on-selections-asterisk-syntax[click here]. 
636 | 
637 | ```html
638 | <!DOCTYPE html>
639 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
640 | <head th:replace="~{layouts/main_layout :: head(title='Springit - Spring Boot Reddit Clone')}">
641 | </head>
642 | <body>
643 | 
644 |     <nav th:replace="~{layouts/main_layout :: nav}"></nav>
645 |     <div th:replace="~{layouts/main_layout :: jumbotron}"></div>
646 | 
647 |     <div class="container">
648 | 
649 |         <div class="row">
650 |             <div class="col-md-3"></div>
651 |             <div class="col-md-6">
652 |                 <h4>Submit Link</h4>
653 |                 <br/>
654 |                 <form id="frmAddLink" method="POST" th:action="@{/link/submit}" th:object="${link}">
655 |                     <div class="form-group">
656 |                         <label for="title">Title</label>
657 |                         <input type="text"
658 |                                class="form-control"
659 |                                id="title"
660 |                                placeholder="Enter Title"
661 |                                required="required"
662 |                                th:field="*{title}">
663 |                         <small th:errors="*{title}" style="color:red;"></small>
664 |                     </div>
665 |                     <div class="form-group">
666 |                         <label for="url">URL</label>
667 |                         <input type="url" class="form-control" id="url" placeholder="URL" required="required"
668 |                                th:field="*{url}">
669 |                         <small th:errors="*{url}" style="color:red;"></small>
670 |                     </div>
671 |                     <button type="submit" class="btn btn-primary">Submit</button>
672 |                 </form>
673 |             </div>
674 |             <div class="col-md-3"></div>
675 |         </div>
676 | 
677 |     </div>
678 | 
679 | </body>
680 | 
681 | </html>
682 | ```
683 | 
684 | ===== Validation 
685 | 
686 | We perform validation by adding validation rules to our entity objects. We can use rules like 
687 | 
688 | * @NotNull
689 | * @NotEmpty
690 | * @URL
691 | 
692 | There are so many validation rules and these are a part of the https://docs.jboss.org/hibernate/validator/5.1/api/org/hibernate/validator/constraints/package-summary.html[Hibernate Validation Library]. 
693 | 
694 | ===== Link Controller Methods Completed
695 | 
696 | If we want to we can add a nice success message to our view page
697 | 
698 | ```html
699 | <div class="alert alert-success" role="alert" th:if="${success}">
700 |     Your new link was created!
701 | </div>
702 | ```
703 | 
704 | This is what the final controller methods look like. 
705 | 
706 | ```java
707 | @GetMapping("/link/submit")
708 | public String newLinkForm(Model model) {
709 |     model.addAttribute("link",new Link());
710 |     return "link/submit";
711 | }
712 | 
713 | @PostMapping("/link/submit")
714 | public String createLink(@Valid Link link, BindingResult bindingResult, Model model, RedirectAttributes redirectAttributes) {
715 |     if( bindingResult.hasErrors() ) {
716 |         logger.info("Validation errors were found while submitting a new link.");
717 |         model.addAttribute("link",link);
718 |         return "link/submit";
719 |     } else {
720 |         // save our link
721 |         linkRepository.save(link);
722 |         logger.info("New Link was saved successfully.");
723 |         redirectAttributes
724 |                 .addAttribute("id", link.getId())
725 |                 .addFlashAttribute("success",true);
726 |         return "redirect:/link/{id}";
727 |     }
728 | }
729 | ```
730 | 
731 | 


--------------------------------------------------------------------------------
/course_sections/_spring-security.adoc:
--------------------------------------------------------------------------------
   1 | image::spring-security.jpeg[]
   2 | 
   3 | ==== Spring Security Introduction
   4 | 
   5 | IMPORTANT: CREATE NEW BRANCH CALLED spring-security
   6 | 
   7 | In this lesson we are going to discuss a very important topic and that is security. It turns out that Security is really hard and it isn't something that we want to build ourselves. Luckily for us the Spring Security project is the standard for securing Spring based applications and it is really good at it. 
   8 | 
   9 | There were some important changes in Spring Boot 2 & Spring Security 5 so we are going to dive right into those. In this section we will start by adding the spring boot security starter that will bring in most of everything we will need and from there we will gradually build on that until we have what we need to move forward. 
  10 | 
  11 | ===== What is Spring Security?
  12 | 
  13 | Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications.
  14 | 
  15 | Spring Security is a framework that focuses on providing both authentication and authorization to Java applications. Like all Spring projects, the real power of Spring Security is found in how easily it can be extended to meet custom requirements
  16 | 
  17 | **Features**
  18 | 
  19 | * Comprehensive and extensible support for both Authentication and Authorization
  20 | * Protection against attacks like session fixation, clickjacking, cross site request forgery, etc
  21 | * Servlet API integration
  22 | * Optional integration with Spring Web MVC
  23 | * Much more…
  24 | 
  25 | ===== What's new in Spring Boot 2.0
  26 | 
  27 | https://spring.io/blog/2017/09/15/security-changes-in-spring-boot-2-0-m4
  28 | 
  29 | ===== Getting Started
  30 | 
  31 | To get started with Spring Security you can select it in the Spring Initializer or you can just include the Spring Boot Starter Security.  
  32 | 
  33 | ```
  34 | <dependency>
  35 |     <groupId>org.springframework.boot</groupId>
  36 |     <artifactId>spring-boot-starter-security</artifactId>
  37 | </dependency>
  38 | ```
  39 | 
  40 | TIP: If you cmd+click (ctrl+click on pc) on the artifact you can see what the starter includes.
  41 | 
  42 | If we go ahead and run the application we should see that everything is locked down by default. The reason for this is that this is the default configuration for web security. 
  43 | 
  44 | ```
  45 | /**
  46 |  * The default configuration for web security. It relies on Spring Security's
  47 |  * content-negotiation strategy to determine what sort of authentication to use. If the
  48 |  * user specifies their own {@link WebSecurityConfigurerAdapter}, this will back-off
  49 |  * completely and the users should specify all the bits that they want to configure as
  50 |  * part of the custom security configuration.
  51 |  *
  52 |  * @author Madhura Bhave
  53 |  * @since 2.0.0
  54 |  */
  55 | @ConditionalOnClass(WebSecurityConfigurerAdapter.class)
  56 | @ConditionalOnMissingBean(WebSecurityConfigurerAdapter.class)
  57 | @ConditionalOnWebApplication(type = Type.SERVLET)
  58 | public class SpringBootWebSecurityConfiguration {
  59 | 
  60 | 	@Configuration
  61 | 	@Order(SecurityProperties.BASIC_AUTH_ORDER)
  62 | 	static class DefaultConfigurerAdapter extends WebSecurityConfigurerAdapter {
  63 | 
  64 | 	}
  65 | 
  66 | }
  67 | ```
  68 | 
  69 | TIP: The default username is `user` and the password is generated and displayed in the console.
  70 | 
  71 | ```
  72 | Using default security password: 78fa095d-3f4c-48b1-ad50-e24c31d5cf35
  73 | ```
  74 | 
  75 | If you want to learn more you can start digging through the Spring Boot Reference docs on security.
  76 | 
  77 | https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-security.html
  78 | 
  79 | ==== Spring Security Configuration
  80 | 
  81 | Now that Spring Security is on the class path everything is locked down. We don't want visitors to have to login just to view data like our home page listing of links and a single link. To do this we need to setup our own security configuration. I am going to create a package called security and create a new class called `SecurityConfiguration` that will extend the `WebSecurityConfigurerAdapter`. 
  82 | 
  83 | We are going to mark this class as a `@Configuration` class, `@EnableWebSecurity` and override the `configure(HttpSecurity http)` method. 
  84 | 
  85 | ```java
  86 | @Configuration
  87 | @EnableWebSecurity
  88 | public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
  89 | 
  90 |     @Override
  91 |     protected void configure(HttpSecurity http) throws Exception {
  92 | 
  93 |     }
  94 | 
  95 | }
  96 | ```
  97 | 
  98 | Now with that in place we can start to configure our application. If you want to learn more about what we are doing here check out the Spring Security documentation on https://docs.spring.io/spring-security/site/docs/current/reference/html/jc.html#jc-httpsecurity[HttpSecurity].
  99 | 
 100 | 
 101 | ```java
 102 | protected void configure(HttpSecurity http) throws Exception {
 103 |     http
 104 |         .authorizeRequests()
 105 |             .anyRequest().authenticated()
 106 |             .and()
 107 |         .formLogin()
 108 |             .and()
 109 |         .httpBasic();
 110 | }
 111 | ```
 112 | 
 113 | The default configuration above:
 114 | 
 115 | * Ensures that any request to our application requires the user to be authenticated
 116 | * Allows users to authenticate with form based login
 117 | * Allows users to authenticate with HTTP Basic authentication
 118 | 
 119 | TIP: Remember that rules are read top down. If you have a rule 1st it will override rules that follow. A quick way to test this is to have a rule that permits any request after the any request must be authenticated rule.
 120 | 
 121 | If we want to setup some roles for our default user we can by using the following property:
 122 | 
 123 | ```
 124 | spring.security.user.roles=
 125 | ```
 126 | 
 127 | ==== Users & Roles
 128 | 
 129 | In the last lesson we used the default user & auto generated password to test our configuration. While It was good for a quick test we really need to implement something a little bit better. In this lesson we are going to create our User & Role entities and hook them into Spring Security.  
 130 | 
 131 | ===== Authentication vs Authorization
 132 | 
 133 | We have heard these terms a couple of times now so it seems like its a good time to talk about them. Spring Security is both an `Authentication` and `Authorization` framework so it's important that we understand what both of those are. 
 134 | 
 135 | **Authentication** is the process of determining that somebody is really who they claim to be. 
 136 | 
 137 | **Authorization** is the process of verifying that you have access to something. Gaining access to a resource (e.g. a controller method or set of methods) because the permissions configured on it allow you access is authorization.
 138 | 
 139 | ==== User & Role Entities
 140 | 
 141 | **Authentication: User**
 142 | 
 143 | For Authentication we are going to create a user class. A user class normally has some type of username field and in our case we are going to use the email address as the users `username`. The user will also need a password which will be stored in the database as encrypted text. It is never a good idea to store plain text passwords and It's great to see that Spring Security doesn't even give us this option. 
 144 | 
 145 | To hook our user class into Spring Security we are going to implement Spring Security's UserDetails class. By implementing this this interface we will need to provide a concrete implementation for the following methods. 
 146 | 
 147 | * Collection<? extends GrantedAuthority> getAuthorities();
 148 | * String getPassword();
 149 | * String getUsername();
 150 | * boolean isAccountNonExpired();
 151 | * boolean isAccountNonLocked();
 152 | * boolean isCredentialsNonExpired();
 153 | * boolean isEnabled();
 154 | 
 155 | ```java
 156 | public class User implements UserDetails {
 157 | 
 158 |     @Id @GeneratedValue
 159 |     private Long id;
 160 | 
 161 |     @NonNull
 162 |     @Size(min = 8, max = 20)
 163 |     @Column(nullable = false, unique = true)
 164 |     private String email;
 165 |     @NonNull
 166 | 
 167 |     @Column(length = 100)
 168 |     private String password;
 169 | 
 170 |     @NonNull
 171 |     @Column(nullable = false)
 172 |     private boolean enabled;
 173 | 
 174 |     @ManyToMany(fetch = FetchType.EAGER)
 175 |     @JoinTable(
 176 |             name = "users_roles",
 177 |             joinColumns = @JoinColumn(name = "user_id",referencedColumnName = "id"),
 178 |             inverseJoinColumns = @JoinColumn(name = "role_id",referencedColumnName = "id")
 179 |     )
 180 |     private Set<Role> roles = new HashSet<>();
 181 | 
 182 |     @Override
 183 |     public Collection<? extends GrantedAuthority> getAuthorities() {
 184 |         return roles.stream().map(role -> new SimpleGrantedAuthority(role.getName())).collect(Collectors.toList());
 185 |     }
 186 | 
 187 |     public void addRole(Role role) {
 188 |         roles.add(role);
 189 |     }
 190 | 
 191 |     public void addRoles(Set<Role> roles) {
 192 |         roles.forEach(this::addRole);
 193 |     }
 194 | 
 195 |     @Override
 196 |     public String getUsername() {
 197 |         return email;
 198 |     }
 199 | 
 200 |     @Override
 201 |     public boolean isAccountNonExpired() {
 202 |         return true;
 203 |     }
 204 | 
 205 |     @Override
 206 |     public boolean isAccountNonLocked() {
 207 |         return true;
 208 |     }
 209 | 
 210 |     @Override
 211 |     public boolean isCredentialsNonExpired() {
 212 |         return true;
 213 |     }
 214 | 
 215 |     @Override
 216 |     public boolean isEnabled() {
 217 |         return enabled;
 218 |     }
 219 | }
 220 | ```
 221 | 
 222 | **Authorization: Role**
 223 | 
 224 | To make sure our user has access to something we will be creating a role class. This is simple class that contains the role name. When this is in place each user will have 1 or more roles that allow them to access certain parts of our application. For instance: 
 225 | 
 226 | * A user must contain the `ROLE_USER` role to add a comment
 227 | * A user must contain the `ROLE_USER` role to add a new link
 228 | * A user must contain the `ROLE_USER` role to vote on a link
 229 | * A user must contain the `ROLE_ADMIN` role to view actuator endpoints
 230 | * etc...
 231 | 
 232 | ```java
 233 | public class Role {
 234 | 
 235 |     @Id
 236 |     @GeneratedValue
 237 |     private Long id;
 238 | 
 239 |     @NonNull
 240 |     private String name;
 241 | 
 242 |     @ManyToMany( mappedBy = "roles")
 243 |     private Collection<User> users;
 244 | 
 245 | }
 246 | ```
 247 | 
 248 | ===== User & Role Repositories
 249 | 
 250 | We will also create a User & Role Repository.
 251 | 
 252 | ```java
 253 | public interface UserRepository extends JpaRepository<User,Long> {
 254 | 
 255 | }
 256 | ```
 257 | 
 258 | ```java
 259 | public interface RoleRepository extends JpaRepository<Role,Long> {
 260 | }
 261 | ```
 262 | 
 263 | ==== User Details Service
 264 | 
 265 | Core interface which loads user-specific data.It is used throughout the framework as a user DAO and is the strategy used by the DaoAuthenticationProvider.
 266 | 
 267 | The first thing we need to do is to override the configure method from our `WebSecurityConfigurerAdapter`
 268 | 
 269 | ```java
 270 | @Configuration
 271 | @EnableWebSecurity
 272 | public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 273 | 
 274 |     private UserDetailsServiceImpl userDetailsService;
 275 | 
 276 |     public SecurityConfiguration(UserDetailsServiceImpl userDetailsService) {
 277 |         this.userDetailsService = userDetailsService;
 278 |     }
 279 | 
 280 |     @Override
 281 |     protected void configure(HttpSecurity http) throws Exception {
 282 |         ...
 283 |     }
 284 | 
 285 |     @Override
 286 |     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
 287 |         auth.userDetailsService(userDetailsService);
 288 |     }
 289 | 
 290 | }
 291 | ```
 292 | 
 293 | And then actually create the implementation. 
 294 | 
 295 | ```java
 296 | @Service
 297 | public class UserDetailsServiceImpl implements UserDetailsService {
 298 | 
 299 |     private UserRepository userRepository;
 300 | 
 301 |     public UserDetailsServiceImpl(UserRepository userRepository) {
 302 |         this.userRepository = userRepository;
 303 |     }
 304 | 
 305 |     @Override
 306 |     public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
 307 |         Optional<User> user = userRepository.findByEmail(email);
 308 |         if( !user.isPresent() ){
 309 |             throw new UsernameNotFoundException(email);
 310 |         }
 311 |         return user.get();
 312 |     }
 313 | }
 314 | ```
 315 | 
 316 | ```java
 317 | public interface UserRepository extends JpaRepository<User,Long> {
 318 |     Optional<User> findByEmail(String email);
 319 | }
 320 | ```
 321 | 
 322 | ==== DatabaseLoader - Adding Users & Roles
 323 | 
 324 | Now that we have everything in place we can add some data for us to use in our development environment. Remember that I told you earlier that we can't store passwords in plain text, instead we encrypt them so that unwanted eyes can't see our passwords. Instead of a password of `password` in the database you will see something like this. 
 325 | 
 326 | ```
 327 | $2a$10$XPvPcEZrjS35pYtF8M/Q4ewkXkovcB5oiEHi8Uehljkum1tzGr0NG
 328 | ```
 329 | 
 330 | There are a few password encoders supported by Spring Security but in this example we will be using `BCrypt`. In the past we had to pass in a salt when encoding the password but BCrypt will generate a random salt for us. The Spring Security team announced that the PasswordEncoder in org.springframework.security.authentication.encoding as deprecated. The password encoder in `org.springframework.security.crypto.password` is what our BCrypt encoder is now using. 
 331 | 
 332 | ```java
 333 | /**
 334 |  * Service interface for encoding passwords.
 335 |  *
 336 |  * The preferred implementation is {@code BCryptPasswordEncoder}.
 337 |  *
 338 |  * @author Keith Donald
 339 |  */
 340 | public interface PasswordEncoder {
 341 | 
 342 | 	/**
 343 | 	 * Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or
 344 | 	 * greater hash combined with an 8-byte or greater randomly generated salt.
 345 | 	 */
 346 | 	String encode(CharSequence rawPassword);
 347 | 
 348 | 	/**
 349 | 	 * Verify the encoded password obtained from storage matches the submitted raw
 350 | 	 * password after it too is encoded. Returns true if the passwords match, false if
 351 | 	 * they do not. The stored password itself is never decoded.
 352 | 	 *
 353 | 	 * @param rawPassword the raw password to encode and match
 354 | 	 * @param encodedPassword the encoded password from storage to compare with
 355 | 	 * @return true if the raw password, after encoding, matches the encoded password from
 356 | 	 * storage
 357 | 	 */
 358 | 	boolean matches(CharSequence rawPassword, String encodedPassword);
 359 | 
 360 | }
 361 | ```
 362 | 
 363 | In the past you could only use a single password encoding algorithm. Spring Security 5 introduced the concept of password encoding delegation. We can no offer encoding passwords using different algorithms. The way that Spring Security recognizes which algorithm you're using is by prefixing the password with the encoder. Because we are using BCrypt we will end up storing our passwords in the database like this. 
 364 | 
 365 | ```
 366 | {bcrypt}$2a$10$XPvPcEZrjS35pYtF8M/Q4ewkXkovcB5oiEHi8Uehljkum1tzGr0NG
 367 | ```
 368 | 
 369 | If the password hash has no prefix, Spring Security will use the default `StandardPasswordEncoder`.
 370 | 
 371 | 
 372 | ```java
 373 | private void addUsersAndRoles() {
 374 |     BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
 375 |     String secret = "{bcrypt}" + encoder.encode("password");
 376 | 
 377 |     Role userRole = new Role("ROLE_USER");
 378 |     roleRepository.save(userRole);
 379 |     Role adminRole = new Role("ROLE_ADMIN");
 380 |     roleRepository.save(adminRole);
 381 | 
 382 |     User user = new User("user@gmail.com",secret,true);
 383 |     user.addRole(userRole);
 384 |     userRepository.save(user);
 385 | 
 386 |     User admin = new User("admin@gmail.com",secret,true);
 387 |     admin.addRole(adminRole);
 388 |     userRepository.save(admin);
 389 | 
 390 |     User master = new User("super@gmail.com",secret,true);
 391 |     master.addRoles(new HashSet<>(Arrays.asList(userRole,adminRole)));
 392 |     userRepository.save(master);
 393 | 
 394 | }
 395 | ```
 396 | 
 397 | ==== Auditing
 398 | 
 399 | Now that we have security in place and we have some users and roles it's time we revisit something we did a little bit earlier. Remember when we created the Auditable domain class that all of our other domain classes extended? Well we have the created & last updated dates working but now its time we tackle the user fields. 
 400 | 
 401 | To make this happen we are going to remove the `@EnableJpaAuditing` annotation from our main Application class.
 402 | 
 403 | ```java
 404 | @SpringBootApplication
 405 | @EnableJpaAuditing
 406 | public class SpringitApplication {}
 407 | ```
 408 | 
 409 | We are then going to create a new config package and a new class called JpaConfig. The auditorAwareRef configures the AuditorAware bean to be used to lookup the current principal.
 410 | 
 411 | ```java
 412 | @Configuration
 413 | @EnableJpaAuditing(auditorAwareRef = "auditorAware")
 414 | public class JpaConfig {
 415 |     @Bean
 416 |     public AuditorAware<String> auditorAware() {
 417 |         return new AuditorAwareImpl();
 418 |     }
 419 | }
 420 | ```
 421 | 
 422 | Next we will create the `AuditorAwareImpl` bean. We are implementing the `AuditorAware` interface and will need to override a single method called getCurrentAuditor. This will allow us to get the username (email in our case) of the currently logged in user.
 423 | 
 424 | ```java
 425 | public class AuditorAwareImpl implements AuditorAware<String> {
 426 |     @Override
 427 |     public Optional<String> getCurrentAuditor() {
 428 |         return Optional.of(((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getEmail());
 429 |     }
 430 | }
 431 | ```
 432 | 
 433 | If you try and run the application now you are going to run into some issues. Before reading any further do you know what is causing these issues? 
 434 | 
 435 | The problem here is that we are trying to add some links in our `DatabaseLoader` CommandLineRunner. At this point in time there is no logged in user. To make this work for our development environment we need to check to see if there is no authenticated user and if there isn't hard code an admin user. 
 436 | 
 437 | ```java
 438 | public class AuditorAwareImpl implements AuditorAware<String> {
 439 |     @Override
 440 |     public Optional<String> getCurrentAuditor() {
 441 |         if(SecurityContextHolder.getContext().getAuthentication() == null ) {
 442 |             return Optional.of("admin@gmail.com");
 443 |         } else {
 444 |             return Optional.of(((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getEmail());
 445 |         }
 446 |     }
 447 | }
 448 | ```
 449 | 
 450 | 
 451 | ==== Actuator Security
 452 | 
 453 | Now that Spring Boot has backed off of Security we have a little bit of an issue with our actuator endpoints. Right now they are all wide open, so any user can get to them. In some cases this might be ok but in most it's probably not. Let's think about some rules that we want to incorporate for our actuator endpoints. 
 454 | 
 455 | * The "info" endpoint should be available to anyone
 456 | * The "/actuator" endpoint that lists all available endpoints should be locked down
 457 | * All other endpoints should be locked down.
 458 | * Only users with the ROLE_ADMIN should be able to view the secure data
 459 | 
 460 | Spring Boot provides dedicated helpers to make your configuration more readable and explicit. For management endpoints and static resources, Spring Boot provides convenience factories that will supply the right RequestMatcher. For management endpoints, the RequestMatcher will be created based on the management.context-path. Using RequestMatchers gives users the flexibility to secure the application using existing Spring Security expressions such as permitAll, hasRole etc.
 461 | 
 462 | ```java
 463 | @Override
 464 | protected void configure(HttpSecurity http) throws Exception {
 465 |     http
 466 |         .authorizeRequests()
 467 |             .requestMatchers(EndpointRequest.to("info")).permitAll()
 468 |             .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ADMIN")
 469 |             .antMatchers("/actuator/").hasRole("ACTUATOR")
 470 |             .and()
 471 |         .formLogin();
 472 | }
 473 | ```
 474 | 
 475 | The EndpointRequest is especially helpful given that we can change our endpoint mappings from /actuator to something else like /monitoring using the following configuration property. Now if we were to change that our http security stays the same! 
 476 | 
 477 | ```
 478 | management.endpoints.web.base-path=/monitoring
 479 | ```
 480 | 
 481 | The final thing we need to talk about is the health status endpoint. We have a property that allows us to show-details of the health endpoint. The important thing to remember here is that when_authorized can be any user that is authorized. That is why it's important to remember to lock that endpoint down to a specific role like we did above. 
 482 | 
 483 | ```
 484 | management.endpoint.health.show-details=when_authorized
 485 | ```
 486 | 
 487 | ===== H2 Console
 488 | 
 489 | If we try and go to our H2 Console (/h2-console) we won't be able to get there. We need to do a couple of things to make this work. First we need to allow anyone to access /h2-console/**. This is only being used for development so I am fine with this rule for now.  We also need to disable CSRF and X-Frame-Options because H2 database console runs inside of a frame.
 490 | 
 491 | 
 492 | ```java
 493 | protected void configure(HttpSecurity http) throws Exception {
 494 |     http
 495 |         .authorizeRequests()
 496 |             .requestMatchers(EndpointRequest.to("info")).permitAll()
 497 |             .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR")
 498 |             .antMatchers("/actuator/").hasRole("ACTUATOR")
 499 |             .antMatchers("/link/submit").hasRole("USER")
 500 |             .antMatchers("/link/**").permitAll()
 501 |             .antMatchers("/").permitAll()
 502 |             .antMatchers("/h2-console/**").permitAll()
 503 |             .and()
 504 |         .formLogin()
 505 |             .and()
 506 |         .csrf().disable()
 507 |         .headers().frameOptions().disable();
 508 | }
 509 | ```
 510 | 
 511 | IMPORTANT: MAKE sure we have commits on our branch!
 512 | 
 513 | ==== Spring Security: The View Layer
 514 | 
 515 | What we looked at in the last section was how to configure Spring Security. Now that we have a head start on security it's time we integrate into our view layer. Here is what we are going to cover in this section:
 516 | 
 517 | * Custom Login Form
 518 | * Form Login and Logout
 519 | * Remember Me Feature
 520 | * Thymeleaf Spring Security Dialect
 521 | * Account & Registration Templates
 522 | 
 523 | IMPORTANT: We are going to keep the same branch, so don't go merging just yet!
 524 | 
 525 | ==== Form Login & Logout
 526 | 
 527 | You might be wondering where the login form came from when you were prompted to log in, since we made no mention of any HTML files or JSPs. Since Spring Security’s default configuration does not explicitly set a URL for the login page, Spring Security generates one automatically, based on the features that are enabled and using standard values for the URL which processes the submitted login, the default target URL the user will be sent to after logging in and so on.
 528 | 
 529 | While the automatically generated log in page is convenient to get up and running quickly, most applications will want to provide their own log in page. To do so we can update our configuration as seen below:
 530 | 
 531 | ```java
 532 | protected void configure(HttpSecurity http) throws Exception {
 533 |     http
 534 |         .authorizeRequests()
 535 |             .anyRequest().authenticated()
 536 |             .and()
 537 |         .formLogin()
 538 |             .loginPage("/login") // 1
 539 |             .permitAll(); // 2
 540 | }
 541 | ```
 542 | 
 543 | 1. The updated configuration specifies the location of the log in page.
 544 | 2. We must grant all users (i.e. unauthenticated users) access to our log in page. The formLogin().permitAll() method allows granting access to all users for all URLs associated with form based log in.
 545 | 
 546 | Now we need to setup a request handler for /login. I am going to create an `AuthController` that looks like this.
 547 | 
 548 | ```java
 549 | @Controller
 550 | public class AuthController {
 551 | 
 552 |     @GetMapping("/login")
 553 |     public String login(){
 554 |         return "auth/login";
 555 |     }
 556 | 
 557 | }
 558 | ```
 559 | 
 560 | Next we need to update our login template to use our layout. This form contains all of the pieces we will need for our form.
 561 | 
 562 | ```html
 563 | <!DOCTYPE html>
 564 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
 565 | <head th:replace="~{layouts/main_layout :: head(title = 'Springit - Login')}">
 566 | </head>
 567 | <body>
 568 | 
 569 |     <nav th:replace="~{layouts/main_layout :: nav}"></nav>
 570 |     <div th:replace="~{layouts/main_layout :: jumbotron}"></div>
 571 | 
 572 |     <div class="container">
 573 | 
 574 |         <!-- login -->
 575 |         <form class="form-horizontal" role="form" method="POST" th:action="@{/login}">
 576 |             <div class="row">
 577 |                 <div class="col-md-3"></div>
 578 |                 <div class="col-md-6">
 579 |                     <h2>Please Login</h2>
 580 |                     <hr>
 581 |                     <div class="alert alert-danger" th:if="${param.error != null}">
 582 |                         Invalid username and password.
 583 |                     </div>
 584 |                     <div class="alert alert-success" th:if="${param.logout != null}">
 585 |                         You have been logged out.
 586 |                     </div>
 587 |                 </div>
 588 |                 <div class="col-md-3"></div>
 589 |             </div>
 590 |             <div class="row">
 591 |                 <div class="col-md-3"></div>
 592 |                 <div class="col-md-6">
 593 |                     <div class="form-group has-danger">
 594 |                         <label class="sr-only" for="email">E-Mail Address</label>
 595 |                         <div class="input-group mb-2 mr-sm-2 mb-sm-0">
 596 |                             <div class="input-group-addon" style="width: 2.6rem"><i class="fa fa-at"></i></div>
 597 |                             <input type="text" name="email" class="form-control" id="email" placeholder="you@example.com" required autofocus>
 598 |                         </div>
 599 |                     </div>
 600 |                 </div>
 601 |                 <div class="col-md-3"></div>
 602 |             </div>
 603 |             <div class="row">
 604 |                 <div class="col-md-3"></div>
 605 |                 <div class="col-md-6">
 606 |                     <div class="form-group">
 607 |                         <label class="sr-only" for="password">Password</label>
 608 |                         <div class="input-group mb-2 mr-sm-2 mb-sm-0">
 609 |                             <div class="input-group-addon" style="width: 2.6rem"><i class="fa fa-key"></i></div>
 610 |                             <input type="password" name="password" class="form-control" id="password" placeholder="Password" required>
 611 |                         </div>
 612 |                     </div>
 613 |                 </div>
 614 |                 <div class="col-md-3"></div>
 615 |             </div>
 616 |             <div class="row">
 617 |                 <div class="col-md-3"></div>
 618 |                 <div class="col-md-6" style="padding-top: .35rem">
 619 |                     <div class="form-check mb-2 mr-sm-2 mb-sm-0">
 620 |                         <label class="form-check-label">
 621 |                             <input id="remember-me" name="remember-me" class="form-check-input" type="checkbox" >
 622 |                             <span style="padding-bottom: .15rem">Remember me</span>
 623 |                         </label>
 624 |                     </div>
 625 |                 </div>
 626 |                 <div class="col-md-3"></div>
 627 |             </div>
 628 |             <div class="row" style="padding-top: 1rem">
 629 |                 <div class="col-md-3"></div>
 630 |                 <div class="col-md-6">
 631 |                     <button type="submit" class="btn btn-success"><i class="fas fa-sign-in-alt"></i> Login</button>
 632 |                     <!-- <a class="btn btn-link" href="forgotPassword.html">Forgot Your Password?</a> -->
 633 |                 </div>
 634 |                 <div class="col-md-3"></div>
 635 |             </div>
 636 |         </form>
 637 | 
 638 |     </div>
 639 | 
 640 | </body>
 641 | </html>
 642 | ```
 643 | 
 644 | IMPORTANT: We turned off CSRF earlier for the H2 Console to work. We want this on, enable it and read more about it here https://docs.spring.io/spring-security/site/docs/current/reference/html/web-app-security.html#csrf-configure 
 645 | 
 646 | ===== Username & Password Form Parameters
 647 | 
 648 | There is just one more step to do to make this all work. I bet you're probably thinking that we need to create a handler method for our login submit but we actually don't have to. Spring Security handles all of that for us. When we submit a form Spring Security is expecting 2 things from us: 
 649 | 
 650 | * The username must be present as the HTTP parameter named username
 651 | * The password must be present as the HTTP parameter named password
 652 | 
 653 | Since our field is named "email" we just need to add one more configuration to our form login and that is `usernameParameter("email")`
 654 | 
 655 | ```java
 656 | @Override
 657 | protected void configure(HttpSecurity http) throws Exception {
 658 |     http
 659 |         .authorizeRequests()
 660 |             .requestMatchers(EndpointRequest.to("info")).permitAll()
 661 |             .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR")
 662 |             .antMatchers("/actuator/").hasRole("ACTUATOR")
 663 |             .antMatchers("/link/submit").hasRole("USER")
 664 |             .antMatchers("/link/**").permitAll()
 665 |             .antMatchers("/").permitAll()
 666 |             .antMatchers("/h2-console/**").permitAll()
 667 |             .and()
 668 |         .formLogin()
 669 |             .loginPage("/login").permitAll()
 670 |             .usernameParameter("email");
 671 | }
 672 | ```
 673 | 
 674 | ===== Form Logout
 675 | 
 676 | When using the WebSecurityConfigurerAdapter, logout capabilities are automatically applied. The default is that accessing the URL /logout will log the user out by:
 677 | 
 678 | * Invalidating the HTTP Session
 679 | * Cleaning up any RememberMe authentication that was configured
 680 | * Clearing the SecurityContextHolder
 681 | * Redirect to /login?logout
 682 | * Similar to configuring login capabilities, however, you also have various options to further customize your logout requirements:
 683 | 
 684 | 
 685 | 
 686 | If you wanted to you could further customize the logout experience 
 687 | 
 688 | ```java
 689 | protected void configure(HttpSecurity http) throws Exception {
 690 |     http
 691 |         .logout()
 692 |             .logoutUrl("/my/logout")
 693 |             .logoutSuccessUrl("/my/index")
 694 |             .logoutSuccessHandler(logoutSuccessHandler)
 695 |             .invalidateHttpSession(true)
 696 |             .addLogoutHandler(logoutHandler)
 697 |             .deleteCookies(cookieNamesToClear)
 698 |             .and()
 699 |         ...
 700 | }
 701 | ```
 702 | 
 703 | If you get a logout 404 error this is why https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#csrf-logout 
 704 | 
 705 | image::logout_404.png[]
 706 | 
 707 | I updated our main_layout to use a POST instead of a GET
 708 | 
 709 | ```html
 710 | <li class="nav-item">
 711 |     <form method="POST" th:action="@{/logout}">
 712 |     <button class="nav-link"><i class="fa fa-sign-out-alt" aria-hidden="true"></i> Sign Out</button>
 713 |     </form>
 714 | </li>
 715 | ```
 716 | 
 717 | Fixing our button style 
 718 | 
 719 | ```
 720 | button.nav-link {
 721 |     background: #2D2A27;
 722 |     border:none;
 723 |     cursor: pointer;
 724 | }
 725 | ```
 726 | 
 727 | And the logout started working just fine. 
 728 | 
 729 | 
 730 | ===== Remember Me
 731 | 
 732 | Remember-me or persistent-login authentication refers to web sites being able to remember the identity of a principal between sessions. This is typically accomplished by sending a cookie to the browser, with the cookie being detected during future sessions and causing automated login to take place. Spring Security provides the necessary hooks for these operations to take place, and has two concrete remember-me implementations. One uses hashing to preserve the security of cookie-based tokens and the other uses a database or other persistent storage mechanism to store the generated tokens.
 733 | 
 734 | Learn more about both approaches to remember-me: 
 735 | 
 736 | https://docs.spring.io/spring-security/site/docs/5.1.1.RELEASE/reference/htmlsingle/#remember-me
 737 | 
 738 | ```java
 739 | protected void configure(HttpSecurity http) throws Exception {
 740 |     http
 741 |         .authorizeRequests()
 742 |             .requestMatchers(EndpointRequest.to("info")).permitAll()
 743 |             .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR")
 744 |             .antMatchers("/actuator/").hasRole("ACTUATOR")
 745 |             .antMatchers("/link/submit").hasRole("USER")
 746 |             .antMatchers("/link/**").permitAll()
 747 |             .antMatchers("/").permitAll()
 748 |             .antMatchers("/vote/**").permitAll()
 749 |             .antMatchers("/h2-console/**").permitAll()
 750 |             .and()
 751 |         .formLogin()
 752 |             .loginPage("/login").permitAll()
 753 |             .usernameParameter("email")
 754 |             .and()
 755 |         .logout()
 756 |             .and()
 757 |         .rememberMe()
 758 |             .and()
 759 |         .csrf().disable()
 760 |         .headers().frameOptions().disable();
 761 | }
 762 | ```
 763 | 
 764 | 
 765 | ==== Thymeleaf + Spring Security
 766 | 
 767 | In Spring MVC environments, the https://github.com/thymeleaf/thymeleaf-extras-springsecurity[Spring Security integration module] works as a replacement of the Spring security taglib.
 768 | 
 769 | We use this dialect in the example in order to print the logged user credentials and to show different content to different roles.
 770 | 
 771 | The sec:authorize attribute renders its content when the attribute expression is evaluated to true:
 772 | 
 773 | ```html
 774 | <div sec:authorize="isAuthenticated()">
 775 |   This content is only shown to authenticated users.
 776 | </div>
 777 | <div sec:authorize="hasRole('ROLE_ADMIN')">
 778 |   This content is only shown to administrators.
 779 | </div>
 780 | <div sec:authorize="hasRole('ROLE_USER')">
 781 |   This content is only shown to users.
 782 | </div>
 783 | ```
 784 | 
 785 | The sec:authentication attribute is used to print logged user name and roles:
 786 | 
 787 | ```html
 788 | Logged user: <span sec:authentication="name">Bob</span>
 789 | Roles: <span sec:authentication="principal.authorities">[ROLE_USER, ROLE_ADMIN]</span>
 790 | ```
 791 | 
 792 | ===== Getting Started
 793 | 
 794 | This is one of the first dependencies that we will come across that isn't in the Spring Initializer and will need to be added manually. It also worth pointing out that this isn't officially a part of the Thymeleaf project. 
 795 | 
 796 | ```
 797 | <dependency>
 798 |     <groupId>org.thymeleaf.extras</groupId>
 799 |     <artifactId>thymeleaf-extras-springsecurity5</artifactId>
 800 |     <version>3.0.4.RELEASE</version>
 801 | </dependency>
 802 | ```
 803 | 
 804 | IMPORTANT: There is something you will need to do for now to get the dialect working. If you're on Spring Boot 2 and Spring Security 5 you will need to include this in your main application class until Spring Boot's starter includes it. 
 805 | 
 806 | ```java
 807 | // TODO * Configuring this bean should not be needed once Spring Boot's Thymeleaf starter includes configuration
 808 | // TODO   for thymeleaf-extras-springsecurity5 (instead of thymeleaf-extras-springsecurity4)
 809 | @Bean
 810 | public SpringSecurityDialect securityDialect() {
 811 |     return new SpringSecurityDialect();
 812 | }
 813 | ```
 814 | 
 815 | Anywhere that we are going to use the Spring Security Thymeleaf extras we will need to use the correct namespace. 
 816 | 
 817 | ```html
 818 | <html xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
 819 | ```
 820 | 
 821 | Now, lets update our main layout so only certain buttons are shown when we are logged in. 
 822 | 
 823 | 
 824 | ```html
 825 | <!-- if user is signed in -->
 826 | <li class="nav-item" sec:authorize="isAuthenticated()">
 827 |     <a class="nav-link" th:href="@{/link/submit}">
 828 |         <i class="fa fa-link" aria-hidden="true"></i> Submit Link</a>
 829 | </li>
 830 | <li class="nav-item" sec:authorize="isAuthenticated()">
 831 |     <a class="nav-link" th:href="@{/profile}">
 832 |         <i class="fa fa-user" aria-hidden="true"></i> Account</a>
 833 | </li>
 834 | <li class="nav-item">
 835 |     <form method="POST" th:action="@{/logout}" sec:authorize="isAuthenticated()">
 836 |     <button class="nav-link"><i class="fa fa-sign-out-alt" aria-hidden="true"></i> Sign Out</button>
 837 |     </form>
 838 | </li>
 839 | 
 840 | <!-- if user is not signed in -->
 841 | <li class="nav-item" sec:authorize="!isAuthenticated()">
 842 |     <a class="nav-link" th:href="@{/login}">
 843 |         <i class="fa fa-sign-in-alt" aria-hidden="true"></i> Sign In</a>
 844 | </li>
 845 | <li class="nav-item" sec:authorize="!isAuthenticated()">
 846 |     <a class="nav-link" th:href="@{/register}">
 847 |         <i class="fa fa-user-plus" aria-hidden="true"></i> Register</a>
 848 | </li>
 849 | ```
 850 | 
 851 | ==== Who Submitted the link
 852 | 
 853 | One thing that I noticed is that we never updated the display to show who actually submitted the link. I will admit that not having a username or a full name on the User object is going to hurt us here. I wanted to try and keep this simple so we are just going to display the Audit information and use the email. I might come back and add this as an assignment for you to work on later.
 854 | 
 855 | First we will need to update our home page to show the user who submitted the link. 
 856 | 
 857 | ```html
 858 | <p class="tagline ">submitted
 859 |     <time th:title="${link.getCreationDate()}" th:datetime="${link.getCreationDate()}" class="live-timestamp" th:text="${link.getPrettyTime()}">1 hour(s)</time> by
 860 |     <a href="/" class="author" th:text="${link.createdBy}">therealdanvega</a>
 861 | </p>
 862 | ```
 863 | 
 864 | Then we also need to update this in the view link. 
 865 | 
 866 | ```html
 867 | <p class="tagline ">submitted
 868 |     <time th:title="${link.getCreationDate()}" th:datetime="${link.getCreationDate()}" class="live-timestamp" th:text="${link.getPrettyTime()}">1 hour(s)</time> by
 869 |     <a href="/" class="author" th:text="${link.createdBy}">therealdanvega</a>
 870 |     <span class="userattrs"></span>
 871 | </p>
 872 | ```
 873 | 
 874 | Again not ideal because its showing the email address but for simplicity sake we will keep it for now. 
 875 | 
 876 | ==== Account & Registration
 877 | 
 878 | When we updated the links in the navbar I added some routes to them. The account link goes to `/profile` and the Register link goes to `/register`. 
 879 | 
 880 | ```html
 881 | <li class="nav-item" sec:authorize="isAuthenticated()">
 882 |     <a class="nav-link" th:href="@{/profile}">
 883 |         <i class="fa fa-user" aria-hidden="true"></i> Account</a>
 884 | </li>
 885 | <li class="nav-item" sec:authorize="!isAuthenticated()">
 886 |     <a class="nav-link" th:href="@{/register}">
 887 |         <i class="fa fa-user-plus" aria-hidden="true"></i> Register</a>
 888 | </li>
 889 | ```
 890 | 
 891 | We are going to need a couple of mappings for those and the `AuthController` seems like a good place to put them so let's add these there:
 892 | 
 893 | ```java
 894 | @GetMapping("/profile")
 895 | public String profile() {
 896 |     return "auth/profile";
 897 | }
 898 | 
 899 | @GetMapping("/register")
 900 | public String register() {
 901 |     return "auth/register";
 902 | }
 903 | ```
 904 | 
 905 | We just need to update those views so they use our layout. We aren't going to make these actually work just yet, I just want them looking nice.
 906 | 
 907 | ```html
 908 | <!DOCTYPE html>
 909 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
 910 | <head th:replace="~{layouts/main_layout :: head(title = 'Springit - Account Profile Page')}">
 911 | </head>
 912 | <body>
 913 | 
 914 |     <nav th:replace="~{layouts/main_layout :: nav}"></nav>
 915 |     <div th:replace="~{layouts/main_layout :: jumbotron}"></div>
 916 | 
 917 |     <!-- profile -->
 918 |     <div id="profile" class="container">
 919 | 
 920 |         <div class="row">
 921 |             <ul class="nav">
 922 |                 <li class="nav-item">
 923 |                     <a class="nav-link active" href="#">Overview</a>
 924 |                 </li>
 925 |                 <li class="nav-item">
 926 |                     <a class="nav-link" href="#">Posts</a>
 927 |                 </li>
 928 |                 <li class="nav-item">
 929 |                     <a class="nav-link" href="#">Comments</a>
 930 |                 </li>
 931 |                 <li class="nav-item">
 932 |                     <a class="nav-link" href="#">Preferences</a>
 933 |                 </li>
 934 |             </ul>
 935 |         </div>
 936 | 
 937 |         <div class="row">
 938 | 
 939 |             <div class="col-8">
 940 |                 <div class="row">
 941 |                     <div class="card col-12" style="width: 18rem;">
 942 |                         <div class="card-body">
 943 |                             <h5 class="card-title">What's new in Spring Boot 2</h5>
 944 |                             <h6 class="card-subtitle mb-2 text-muted">submitted 7 days ago by therealdanvega</h6>
 945 |                             <p class="card-text">Some quick example text to build on the card title and make up the bulk of the card's content.</p>
 946 |                             <a href="#" class="card-link">8 Comments</a>
 947 |                             <a href="#" class="card-link">Share</a>
 948 |                         </div>
 949 |                     </div>
 950 |                 </div>
 951 |                 <div class="row">
 952 |                     <div class="card col-12" style="width: 18rem;">
 953 |                         <div class="card-body">
 954 |                             <h5 class="card-title">What's new in Spring Boot 2</h5>
 955 |                             <h6 class="card-subtitle mb-2 text-muted">submitted 7 days ago by therealdanvega</h6>
 956 |                             <p class="card-text">Some quick example text to build on the card title and make up the bulk of the card's content.</p>
 957 |                             <a href="#" class="card-link">8 Comments</a>
 958 |                             <a href="#" class="card-link">Share</a>
 959 |                         </div>
 960 |                     </div>
 961 |                 </div>
 962 |                 <div class="row">
 963 |                     <div class="card col-12" style="width: 18rem;">
 964 |                         <div class="card-body">
 965 |                             <h5 class="card-title">What's new in Spring Boot 2</h5>
 966 |                             <h6 class="card-subtitle mb-2 text-muted">submitted 7 days ago by therealdanvega</h6>
 967 |                             <p class="card-text">Some quick example text to build on the card title and make up the bulk of the card's content.</p>
 968 |                             <a href="#" class="card-link">8 Comments</a>
 969 |                             <a href="#" class="card-link">Share</a>
 970 |                         </div>
 971 |                     </div>
 972 |                 </div>
 973 |                 <div class="row">
 974 |                     <div class="card col-12" style="width: 18rem;">
 975 |                         <div class="card-body">
 976 |                             <h5 class="card-title">What's new in Spring Boot 2</h5>
 977 |                             <h6 class="card-subtitle mb-2 text-muted">submitted 7 days ago by therealdanvega</h6>
 978 |                             <p class="card-text">Some quick example text to build on the card title and make up the bulk of the card's content.</p>
 979 |                             <a href="#" class="card-link">8 Comments</a>
 980 |                             <a href="#" class="card-link">Share</a>
 981 |                         </div>
 982 |                     </div>
 983 |                 </div>
 984 |                 <div class="row">
 985 |                     <div class="card col-12" style="width: 18rem;">
 986 |                         <div class="card-body">
 987 |                             <h5 class="card-title">What's new in Spring Boot 2</h5>
 988 |                             <h6 class="card-subtitle mb-2 text-muted">submitted 7 days ago by therealdanvega</h6>
 989 |                             <p class="card-text">Some quick example text to build on the card title and make up the bulk of the card's content.</p>
 990 |                             <a href="#" class="card-link">8 Comments</a>
 991 |                             <a href="#" class="card-link">Share</a>
 992 |                         </div>
 993 |                     </div>
 994 |                 </div>
 995 |             </div>
 996 |             <!-- Right Side -->
 997 |             <div class="col-3 offset-1">
 998 |                 <div class="row">
 999 |                     <div class="card col-12">
1000 |                         <img class="card-img-top" th:src="@{/images/profile_small.png}" alt="Card image cap">
1001 |                         <div class="card-body">
1002 |                             <p class="card-text">
1003 |                                 <a href="/u/therealdanvega">/u/therealdanvega</a>
1004 |                             </p>
1005 |                             <a href="../link/submit.html"><button type="button" class="btn btn-primary btn-lg btn-block">New Post</button></a>
1006 |                         </div>
1007 |                     </div>
1008 |                 </div>
1009 |                 <div class="row">
1010 |                     <div class="card col-12">
1011 |                         <!-- <img class="card-img-top" src="..." alt="Card image cap"> -->
1012 |                         <div class="card-body">
1013 |                             <h5 class="card-title">Your Information</h5>
1014 |                             <p class="card-text">
1015 |                                 Posts: 10<br/>
1016 |                                 Comments: 3<br/>
1017 |                                 User Since: November 23, 2017<br/>
1018 |                             </p>
1019 |                         </div>
1020 |                     </div>
1021 |                 </div>
1022 |                 <div class="row">
1023 |                     <div class="card col-12">
1024 |                         <h5 class="card-title recentLinks">Recent Links Clicked</h5>
1025 |                         <ul class="list-group list-group-flush">
1026 |                             <li class="list-group-item"><a href="#">What's new in Spring Boot 2</a></li>
1027 |                             <li class="list-group-item"><a href="#">10 Features in Java 10</a></li>
1028 |                             <li class="list-group-item"><a href="#">9 Features in Java 9</a></li>
1029 |                             <li class="list-group-item"><a href="#">8 Features in Java 8</a></li>
1030 |                             <li class="list-group-item"><a href="#">7 Reasons not to use Java 7</a></li>
1031 |                         </ul>
1032 |                     </div>
1033 |                 </div>
1034 |             </div>
1035 | 
1036 |         </div> <!-- // row -->
1037 | 
1038 |     </div><!-- // profile -->
1039 | 
1040 | </body>
1041 | </html>
1042 | ```
1043 | 
1044 | ```html
1045 | <!DOCTYPE html>
1046 | <html lang="en" xmlns:th="http://www.thymeleaf.org">
1047 | <head th:replace="~{layouts/main_layout :: head(title = 'Springit - Register for an account')}">
1048 | </head>
1049 | <body>
1050 |     <nav th:replace="~{layouts/main_layout :: nav}"></nav>
1051 |     <div th:replace="~{layouts/main_layout :: jumbotron}"></div>
1052 | 
1053 |     <!-- User Registration form -->
1054 |     <form class="form-horizontal" role="form" method="POST" action="">
1055 |         <div class="row">
1056 |             <div class="col-md-3"></div>
1057 |             <div class="col-md-6">
1058 |                 <h2>Register New User</h2>
1059 |                 <hr>
1060 |             </div>
1061 |         </div>
1062 |         <div class="row">
1063 |             <div class="col-md-3 field-label-responsive">
1064 |                 <label for="name">Name</label>
1065 |             </div>
1066 |             <div class="col-md-6">
1067 |                 <div class="form-group">
1068 |                     <div class="input-group mb-2 mr-sm-2 mb-sm-0">
1069 |                         <div class="input-group-addon" style="width: 2.6rem"><i class="fa fa-user"></i></div>
1070 |                         <input type="text" name="name" class="form-control" id="name"
1071 |                                placeholder="John Doe" required autofocus>
1072 |                     </div>
1073 |                 </div>
1074 |             </div>
1075 |             <div class="col-md-3">
1076 |                 <div class="form-control-feedback">
1077 |                             <span class="text-danger align-middle">
1078 |                                 <!-- Put name validation error messages here -->
1079 |                             </span>
1080 |                 </div>
1081 |             </div>
1082 |         </div>
1083 |         <div class="row">
1084 |             <div class="col-md-3 field-label-responsive">
1085 |                 <label for="email">E-Mail Address</label>
1086 |             </div>
1087 |             <div class="col-md-6">
1088 |                 <div class="form-group">
1089 |                     <div class="input-group mb-2 mr-sm-2 mb-sm-0">
1090 |                         <div class="input-group-addon" style="width: 2.6rem"><i class="fa fa-at"></i></div>
1091 |                         <input type="text" name="email" class="form-control" id="email"
1092 |                                placeholder="you@example.com" required autofocus>
1093 |                     </div>
1094 |                 </div>
1095 |             </div>
1096 |             <div class="col-md-3">
1097 |                 <div class="form-control-feedback">
1098 |                             <span class="text-danger align-middle">
1099 |                                 <!-- Put e-mail validation error messages here -->
1100 |                             </span>
1101 |                 </div>
1102 |             </div>
1103 |         </div>
1104 |         <div class="row">
1105 |             <div class="col-md-3 field-label-responsive">
1106 |                 <label for="password">Password</label>
1107 |             </div>
1108 |             <div class="col-md-6">
1109 |                 <div class="form-group has-danger">
1110 |                     <div class="input-group mb-2 mr-sm-2 mb-sm-0">
1111 |                         <div class="input-group-addon" style="width: 2.6rem"><i class="fas fa-key"></i></div>
1112 |                         <input type="password" name="password" class="form-control" id="password"
1113 |                                placeholder="Password" required>
1114 |                     </div>
1115 |                 </div>
1116 |             </div>
1117 |             <div class="col-md-3">
1118 |                 <div class="form-control-feedback">
1119 |                             <span class="text-danger align-middle">
1120 |                                 Example Error Message
1121 |                             </span>
1122 |                 </div>
1123 |             </div>
1124 |         </div>
1125 |         <div class="row">
1126 |             <div class="col-md-3 field-label-responsive">
1127 |                 <label for="password">Confirm Password</label>
1128 |             </div>
1129 |             <div class="col-md-6">
1130 |                 <div class="form-group">
1131 |                     <div class="input-group mb-2 mr-sm-2 mb-sm-0">
1132 |                         <div class="input-group-addon" style="width: 2.6rem">
1133 |                             <i class="fas fa-key"></i>
1134 |                         </div>
1135 |                         <input type="password" name="password-confirmation" class="form-control"
1136 |                                id="password-confirm" placeholder="Password" required>
1137 |                     </div>
1138 |                 </div>
1139 |             </div>
1140 |         </div>
1141 |         <div class="row">
1142 |             <div class="col-md-3"></div>
1143 |             <div class="col-md-6">
1144 |                 <button type="submit" class="btn btn-success"><i class="fa fa-user-plus"></i> Register</button>
1145 |             </div>
1146 |         </div>
1147 |     </form>
1148 | 
1149 | </body>
1150 | </html>
1151 | ```
1152 | 
1153 | 
1154 | 
1155 | 


--------------------------------------------------------------------------------