├── .mvn └── wrapper │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── .travis.yml ├── .gitignore ├── src ├── main │ ├── resources │ │ └── application.properties │ └── java │ │ └── com │ │ └── staxrt │ │ └── tutorial │ │ ├── repository │ │ └── UserRepository.java │ │ ├── exception │ │ ├── AuthenticationException.java │ │ ├── ResourceNotFoundException.java │ │ ├── GlobalExceptionHandler.java │ │ └── ErrorResponse.java │ │ ├── Application.java │ │ ├── service │ │ └── UserDetailServiceImpl.java │ │ ├── security │ │ ├── JWTAuthenticationFilter.java │ │ └── JWTAuthorizationFilter.java │ │ ├── configuration │ │ └── WebSecurity.java │ │ ├── controller │ │ └── UserController.java │ │ └── model │ │ └── User.java └── test │ └── java │ └── com │ └── staxrt │ └── tutorial │ └── ApplicationTests.java ├── README.md ├── pom.xml ├── mvnw.cmd ├── mvnw └── LICENSE /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/givanthak/spring-boot-rest-api-auth-jwt-tutorial/HEAD/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.5.4/apache-maven-3.5.4-bin.zip 2 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: java 2 | jdk: oraclejdk8 3 | install: true 4 | script: mvn clean install -DskipTests=true -Dmaven.javadoc.skip=true -B -V 5 | cache: 6 | directories: 7 | - $HOME/.m2 8 | after_success: 9 | - bash <(curl -s https://codecov.io/bash) 10 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /target/ 2 | !.mvn/wrapper/maven-wrapper.jar 3 | 4 | ### STS ### 5 | .apt_generated 6 | .classpath 7 | .factorypath 8 | .project 9 | .settings 10 | .springBeans 11 | .sts4-cache 12 | 13 | ### IntelliJ IDEA ### 14 | .idea 15 | *.iws 16 | *.iml 17 | *.ipr 18 | 19 | ### NetBeans ### 20 | /nbproject/private/ 21 | /build/ 22 | /nbbuild/ 23 | /dist/ 24 | /nbdist/ 25 | /.nb-gradle/ -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | ## Database Properties 2 | spring.datasource.url = jdbc:mysql://localhost:3306/users_database?useSSL=false 3 | spring.datasource.username = root 4 | spring.datasource.password = root 5 | 6 | 7 | ## Hibernate Properties 8 | # The SQL dialect makes Hibernate generate better SQL for the chosen database 9 | spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5InnoDBDialect 10 | 11 | # Hibernate ddl auto (create, create-drop, validate, update) 12 | spring.jpa.hibernate.ddl-auto = update 13 | spring.jpa.hibernate.show-sql=true -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/repository/UserRepository.java: -------------------------------------------------------------------------------- 1 | package com.staxrt.tutorial.repository; 2 | 3 | import com.staxrt.tutorial.model.User; 4 | import org.springframework.data.jpa.repository.JpaRepository; 5 | import org.springframework.stereotype.Repository; 6 | 7 | /** 8 | * The interface User repository. 9 | * 10 | * @author Givantha Kalansuriya 11 | */ 12 | @Repository 13 | public interface UserRepository extends JpaRepository { 14 | 15 | /** 16 | * Find by username user. 17 | * 18 | * @param username the username 19 | * @return the user 20 | */ 21 | User findByUsername(String username); 22 | } 23 | 24 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/exception/AuthenticationException.java: -------------------------------------------------------------------------------- 1 | package com.staxrt.tutorial.exception; 2 | 3 | import org.springframework.http.HttpStatus; 4 | import org.springframework.web.bind.annotation.ResponseStatus; 5 | 6 | /** 7 | * @author Givantha Kalansuriya 8 | * @Project spring-boot-rest-api-auth-jwt-tutorial 9 | */ 10 | @ResponseStatus(value = HttpStatus.UNAUTHORIZED) 11 | public class AuthenticationException extends Exception { 12 | 13 | /** 14 | * Instantiates a new Resource not found exception. 15 | * 16 | * @param message the message 17 | */ 18 | public AuthenticationException(String message) { 19 | super(message); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/Application.java: -------------------------------------------------------------------------------- 1 | package com.staxrt.tutorial; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | import org.springframework.context.annotation.Bean; 6 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 7 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 8 | 9 | /** 10 | * The type Application. 11 | * 12 | * @author Givantha Kalansuriya 13 | */ 14 | @SpringBootApplication 15 | public class Application { 16 | 17 | /** 18 | * B crypt password encoder b crypt password encoder. 19 | * 20 | * @return the b crypt password encoder 21 | */ 22 | @Bean 23 | public BCryptPasswordEncoder bCryptPasswordEncoder() { 24 | return new BCryptPasswordEncoder(); 25 | } 26 | 27 | /** 28 | * The entry point of application. 29 | * 30 | * @param args the input arguments 31 | */ 32 | public static void main(String[] args) { 33 | SpringApplication.run(Application.class, args); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/exception/ResourceNotFoundException.java: -------------------------------------------------------------------------------- 1 | /* 2 | * 3 | * Copyright (c) 2018-2020 Givantha Kalansuriya, This source is a part of 4 | * Staxrt - sample application source code. 5 | * http://staxrt.com 6 | * 7 | * Licensed under the Apache License, Version 2.0 (the "License"); 8 | * you may not use this file except in compliance with the License. 9 | * You may obtain a copy of the License at 10 | * 11 | * http://www.apache.org/licenses/LICENSE-2.0 12 | * 13 | * Unless required by applicable law or agreed to in writing, software 14 | * distributed under the License is distributed on an "AS IS" BASIS, 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | * See the License for the specific language governing permissions and 17 | * limitations under the License. 18 | * 19 | */ 20 | 21 | package com.staxrt.tutorial.exception; 22 | 23 | import org.springframework.http.HttpStatus; 24 | import org.springframework.web.bind.annotation.ResponseStatus; 25 | 26 | /** 27 | * The type Resource not found exception. 28 | * 29 | * @author Givantha Kalansuriya 30 | */ 31 | @ResponseStatus(value = HttpStatus.NOT_FOUND) 32 | public class ResourceNotFoundException extends Exception { 33 | 34 | /** 35 | * Instantiates a new Resource not found exception. 36 | * 37 | * @param message the message 38 | */ 39 | public ResourceNotFoundException(String message) { 40 | super(message); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/service/UserDetailServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.staxrt.tutorial.service; 2 | 3 | import com.staxrt.tutorial.model.User; 4 | import com.staxrt.tutorial.repository.UserRepository; 5 | import org.springframework.security.core.userdetails.UserDetails; 6 | import org.springframework.security.core.userdetails.UserDetailsService; 7 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 8 | import org.springframework.stereotype.Service; 9 | 10 | import java.util.ArrayList; 11 | 12 | /** 13 | * The type User detail service. 14 | * 15 | * @author Givantha Kalansuriya @Project spring -boot-rest-api-auth-jwt-tutorial 16 | */ 17 | @Service 18 | public class UserDetailServiceImpl implements UserDetailsService { 19 | 20 | private UserRepository userRepository; 21 | 22 | /** 23 | * Instantiates a new User detail service. 24 | * 25 | * @param userRepository the user repository 26 | */ 27 | public UserDetailServiceImpl(UserRepository userRepository) { 28 | this.userRepository = userRepository; 29 | } 30 | 31 | @Override 32 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 33 | 34 | User userDetails = userRepository.findByUsername(username); 35 | if(userDetails == null){ 36 | throw new UsernameNotFoundException(username); 37 | } 38 | return new org.springframework.security.core.userdetails.User(userDetails.getUsername(),userDetails.getPassword(), new ArrayList<>()); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Build Status](https://travis-ci.com/givanthak/spring-boot-rest-api-auth-jwt-tutorial.svg?branch=master)](https://travis-ci.com/givanthak/spring-boot-rest-api-auth-jwt-tutorial) 2 | [![Known Vulnerabilities](https://snyk.io/test/github/givanthak/spring-boot-rest-api-tutorial/badge.svg)](https://snyk.io/test/github/givanthak/spring-boot-rest-api-tutorial) 3 | 4 | # Sample REST CRUD API Securing with Spring Security and JWT 5 | 6 | ## Steps to Setup 7 | 8 | **1. Clone the application** 9 | 10 | ```bash 11 | https://github.com/givanthak/spring-boot-rest-api-auth-jwt-tutorial.git 12 | ``` 13 | 14 | **2. Create Mysql database** 15 | ```bash 16 | create database user_database 17 | ``` 18 | 19 | **3. Change mysql username and password as per your installation** 20 | 21 | + open `src/main/resources/application.properties` 22 | 23 | + change `spring.datasource.username` and `spring.datasource.password` as per your mysql installation 24 | 25 | **4. Build and run the app using maven** 26 | 27 | ```bash 28 | mvn package 29 | java -jar target/spring-boot-rest-api-auth-jwt-tutorial-0.0.1-SNAPSHOT.jar 30 | ``` 31 | 32 | Alternatively, you can run the app without packaging it using - 33 | 34 | ```bash 35 | mvn spring-boot:run 36 | ``` 37 | 38 | The app will start running at . 39 | 40 | ## Explore Rest APIs 41 | 42 | The app defines following CRUD APIs. 43 | 44 | GET /api/v1/users 45 | 46 | POST /api/v1/users 47 | 48 | GET /api/v1/users/{userId} 49 | 50 | PUT /api/v1/users/{userId} 51 | 52 | DELETE /api/v1/users/{userId} 53 | 54 | POST /api/v1/auth/login 55 | 56 | Create User 57 | 58 | POST /api/v1/users 59 | 60 | { 61 | "username": "givantha90", 62 | "password": "welcome@123", 63 | "firstName": "Givantha", 64 | "lastName": "Kalansuriya", 65 | "email": "givanhta@gmail.com", 66 | "createdBy": "Givantha", 67 | "updatedBy": "Givantha" 68 | } 69 | 70 | POST /api/v1/auth/login 71 | 72 | { 73 | "username": "givantha12", 74 | "password": "welcome@123" 75 | } 76 | 77 | 78 | You can find the tutorial for this application on my blog - 79 | 80 | 81 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/exception/GlobalExceptionHandler.java: -------------------------------------------------------------------------------- 1 | /* 2 | * 3 | * Copyright (c) 2018-2020 Givantha Kalansuriya, This source is a part of 4 | * Staxrt - sample application source code. 5 | * http://staxrt.com 6 | * 7 | * Licensed under the Apache License, Version 2.0 (the "License"); 8 | * you may not use this file except in compliance with the License. 9 | * You may obtain a copy of the License at 10 | * 11 | * http://www.apache.org/licenses/LICENSE-2.0 12 | * 13 | * Unless required by applicable law or agreed to in writing, software 14 | * distributed under the License is distributed on an "AS IS" BASIS, 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | * See the License for the specific language governing permissions and 17 | * limitations under the License. 18 | * 19 | */ 20 | 21 | package com.staxrt.tutorial.exception; 22 | 23 | import org.springframework.http.HttpStatus; 24 | import org.springframework.http.ResponseEntity; 25 | import org.springframework.web.bind.annotation.ControllerAdvice; 26 | import org.springframework.web.bind.annotation.ExceptionHandler; 27 | import org.springframework.web.context.request.WebRequest; 28 | 29 | import java.util.Date; 30 | 31 | /** 32 | * The type Global exception handler. 33 | * 34 | * @author Givantha Kalansuriya 35 | */ 36 | @ControllerAdvice 37 | public class GlobalExceptionHandler { 38 | 39 | /** 40 | * Resource not found exception response entity. 41 | * 42 | * @param ex the ex 43 | * @param request the request 44 | * @return the response entity 45 | */ 46 | @ExceptionHandler(ResourceNotFoundException.class) 47 | public ResponseEntity resourceNotFoundException( 48 | ResourceNotFoundException ex, WebRequest request) { 49 | ErrorResponse errorDetails = 50 | new ErrorResponse(new Date(), HttpStatus.NOT_FOUND.toString(), ex.getMessage(), request.getDescription(false)); 51 | return new ResponseEntity<>(errorDetails, HttpStatus.NOT_FOUND); 52 | } 53 | 54 | /** 55 | * Globle excpetion handler response entity. 56 | * 57 | * @param ex the ex 58 | * @param request the request 59 | * @return the response entity 60 | */ 61 | @ExceptionHandler(Exception.class) 62 | public ResponseEntity globleExcpetionHandler(Exception ex, WebRequest request) { 63 | ErrorResponse errorDetails = 64 | new ErrorResponse(new Date(), HttpStatus.INTERNAL_SERVER_ERROR.toString() ,ex.getMessage(), request.getDescription(false)); 65 | return new ResponseEntity<>(errorDetails, HttpStatus.INTERNAL_SERVER_ERROR); 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/security/JWTAuthenticationFilter.java: -------------------------------------------------------------------------------- 1 | package com.staxrt.tutorial.security; 2 | 3 | import com.auth0.jwt.JWT; 4 | import com.auth0.jwt.algorithms.Algorithm; 5 | import com.fasterxml.jackson.databind.ObjectMapper; 6 | import org.springframework.security.authentication.AuthenticationManager; 7 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 8 | import org.springframework.security.core.Authentication; 9 | import org.springframework.security.core.AuthenticationException; 10 | import org.springframework.security.core.userdetails.User; 11 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 12 | 13 | import javax.servlet.FilterChain; 14 | import javax.servlet.ServletException; 15 | import javax.servlet.http.HttpServletRequest; 16 | import javax.servlet.http.HttpServletResponse; 17 | import java.io.IOException; 18 | import java.util.ArrayList; 19 | import java.util.Date; 20 | 21 | /** @author Givantha Kalansuriya @Project spring-boot-rest-api-auth-jwt-tutorial */ 22 | public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilter { 23 | 24 | public static final String SECRET = "121341werw244234w25234wewerwerwer"; 25 | public static final long EXPIRATION_TIME = 86400000; // 1 days 26 | public static final String TOKEN_PREFIX = "Bearer "; 27 | public static final String HEADER_STRING = "Authorization"; 28 | 29 | private AuthenticationManager authenticationManager; 30 | 31 | public JWTAuthenticationFilter(AuthenticationManager authenticationManager) { 32 | this.authenticationManager = authenticationManager; 33 | } 34 | 35 | @Override 36 | public Authentication attemptAuthentication( 37 | HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { 38 | try { 39 | 40 | com.staxrt.tutorial.model.User loginUser = 41 | new ObjectMapper() 42 | .readValue(request.getInputStream(), com.staxrt.tutorial.model.User.class); 43 | 44 | return authenticationManager.authenticate( 45 | new UsernamePasswordAuthenticationToken( 46 | loginUser.getUsername(), loginUser.getPassword(), new ArrayList<>())); 47 | } catch (IOException e) { 48 | throw new RuntimeException(e); 49 | } 50 | } 51 | 52 | @Override 53 | protected void successfulAuthentication( 54 | HttpServletRequest request, 55 | HttpServletResponse response, 56 | FilterChain chain, 57 | Authentication authResult) 58 | throws IOException, ServletException { 59 | String token = 60 | JWT.create() 61 | .withSubject( 62 | ((User) authResult.getPrincipal()).getUsername()) // Payload register sub claim 63 | .withExpiresAt( 64 | new Date(System.currentTimeMillis() + EXPIRATION_TIME)) // JWT token validity time 65 | .sign(Algorithm.HMAC512(SECRET.getBytes())); // JWT Signature 66 | response.addHeader(HEADER_STRING, TOKEN_PREFIX + token); 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /src/test/java/com/staxrt/tutorial/ApplicationTests.java: -------------------------------------------------------------------------------- 1 | package com.staxrt.tutorial; 2 | 3 | import com.staxrt.tutorial.model.User; 4 | import org.junit.Assert; 5 | import org.junit.Test; 6 | import org.junit.runner.RunWith; 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.boot.test.context.SpringBootTest; 9 | import org.springframework.boot.test.web.client.TestRestTemplate; 10 | import org.springframework.boot.web.server.LocalServerPort; 11 | import org.springframework.http.*; 12 | import org.springframework.test.context.junit4.SpringRunner; 13 | import org.springframework.web.client.HttpClientErrorException; 14 | 15 | @RunWith(SpringRunner.class) 16 | @SpringBootTest(classes = Application.class, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) 17 | public class ApplicationTests { 18 | 19 | @Autowired 20 | private TestRestTemplate restTemplate; 21 | 22 | @LocalServerPort 23 | private int port; 24 | 25 | private String getRootUrl() { 26 | return "http://localhost:" + port; 27 | } 28 | 29 | @Test 30 | public void contextLoads() { 31 | } 32 | 33 | @Test 34 | public void testGetAllUsers() { 35 | HttpHeaders headers = new HttpHeaders(); 36 | HttpEntity entity = new HttpEntity(null, headers); 37 | 38 | ResponseEntity response = restTemplate.exchange(getRootUrl() + "/users", 39 | HttpMethod.GET, entity, String.class); 40 | 41 | Assert.assertNotNull(response.getBody()); 42 | } 43 | 44 | @Test 45 | public void testGetUserById() { 46 | User user = restTemplate.getForObject(getRootUrl() + "/users/1", User.class); 47 | System.out.println(user.getFirstName()); 48 | Assert.assertNotNull(user); 49 | } 50 | 51 | @Test 52 | public void testCreateUser() { 53 | User user = new User(); 54 | user.setEmail("admin@gmail.com"); 55 | user.setFirstName("admin"); 56 | user.setLastName("admin"); 57 | user.setCreatedBy("admin"); 58 | user.setUpdatedBy("admin"); 59 | 60 | ResponseEntity postResponse = restTemplate.postForEntity(getRootUrl() + "/users", user, User.class); 61 | Assert.assertNotNull(postResponse); 62 | Assert.assertNotNull(postResponse.getBody()); 63 | } 64 | 65 | @Test 66 | public void testUpdatePost() { 67 | int id = 1; 68 | User user = restTemplate.getForObject(getRootUrl() + "/users/" + id, User.class); 69 | user.setFirstName("admin1"); 70 | user.setLastName("admin2"); 71 | 72 | restTemplate.put(getRootUrl() + "/users/" + id, user); 73 | 74 | User updatedUser = restTemplate.getForObject(getRootUrl() + "/users/" + id, User.class); 75 | Assert.assertNotNull(updatedUser); 76 | } 77 | 78 | @Test 79 | public void testDeletePost() { 80 | int id = 2; 81 | User user = restTemplate.getForObject(getRootUrl() + "/users/" + id, User.class); 82 | Assert.assertNotNull(user); 83 | 84 | restTemplate.delete(getRootUrl() + "/users/" + id); 85 | 86 | try { 87 | user = restTemplate.getForObject(getRootUrl() + "/users/" + id, User.class); 88 | } catch (final HttpClientErrorException e) { 89 | Assert.assertEquals(e.getStatusCode(), HttpStatus.NOT_FOUND); 90 | } 91 | } 92 | 93 | } 94 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/exception/ErrorResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * 3 | * Copyright (c) 2018-2020 Givantha Kalansuriya, This source is a part of 4 | * Staxrt - sample application source code. 5 | * http://staxrt.com 6 | * 7 | * Licensed under the Apache License, Version 2.0 (the "License"); 8 | * you may not use this file except in compliance with the License. 9 | * You may obtain a copy of the License at 10 | * 11 | * http://www.apache.org/licenses/LICENSE-2.0 12 | * 13 | * Unless required by applicable law or agreed to in writing, software 14 | * distributed under the License is distributed on an "AS IS" BASIS, 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | * See the License for the specific language governing permissions and 17 | * limitations under the License. 18 | * 19 | */ 20 | 21 | package com.staxrt.tutorial.exception; 22 | 23 | import java.util.Date; 24 | 25 | /** 26 | * The type Error response. 27 | * 28 | * @author Givantha Kalansuriya 29 | */ 30 | public class ErrorResponse { 31 | 32 | private Date timestamp; 33 | private String status; 34 | private String message; 35 | private String details; 36 | 37 | /** 38 | * Instantiates a new Error response. 39 | * 40 | * @param timestamp the timestamp 41 | * @param status the status 42 | * @param message the message 43 | * @param details the details 44 | */ 45 | public ErrorResponse(Date timestamp, String status, String message, String details) { 46 | this.timestamp = timestamp; 47 | this.status = status; 48 | this.message = message; 49 | this.details = details; 50 | } 51 | 52 | /** 53 | * Gets timestamp. 54 | * 55 | * @return the timestamp 56 | */ 57 | public Date getTimestamp() { 58 | return timestamp; 59 | } 60 | 61 | /** 62 | * Sets timestamp. 63 | * 64 | * @param timestamp the timestamp 65 | */ 66 | public void setTimestamp(Date timestamp) { 67 | this.timestamp = timestamp; 68 | } 69 | 70 | /** 71 | * Gets status. 72 | * 73 | * @return the status 74 | */ 75 | public String getStatus() { 76 | return status; 77 | } 78 | 79 | /** 80 | * Sets status. 81 | * 82 | * @param status the status 83 | */ 84 | public void setStatus(String status) { 85 | this.status = status; 86 | } 87 | 88 | /** 89 | * Gets message. 90 | * 91 | * @return the message 92 | */ 93 | public String getMessage() { 94 | return message; 95 | } 96 | 97 | /** 98 | * Sets message. 99 | * 100 | * @param message the message 101 | */ 102 | public void setMessage(String message) { 103 | this.message = message; 104 | } 105 | 106 | /** 107 | * Gets details. 108 | * 109 | * @return the details 110 | */ 111 | public String getDetails() { 112 | return details; 113 | } 114 | 115 | /** 116 | * Sets details. 117 | * 118 | * @param details the details 119 | */ 120 | public void setDetails(String details) { 121 | this.details = details; 122 | } 123 | } 124 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.staxrt.tutorial 7 | spring-boot-rest-api-auth-jwt-tutorial 8 | 0.0.1-SNAPSHOT 9 | jar 10 | 11 | spring-boot-rest-api-auth-jwt-tutorial 12 | Sample REST CRUD API project using Spring Boot, Spring Security, JWTs, Mysql, JPA and Hibernate 13 | 14 | 15 | org.springframework.boot 16 | spring-boot-starter-parent 17 | 2.1.2.RELEASE 18 | 19 | 20 | 21 | 22 | UTF-8 23 | UTF-8 24 | 1.8 25 | 26 | 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-actuator 31 | 32 | 33 | org.springframework.boot 34 | spring-boot-starter-data-jpa 35 | 36 | 37 | org.springframework.boot 38 | spring-boot-starter-web 39 | 40 | 41 | org.springframework.boot 42 | spring-boot-devtools 43 | runtime 44 | 45 | 46 | mysql 47 | mysql-connector-java 48 | runtime 49 | 50 | 51 | org.springframework.boot 52 | spring-boot-starter-test 53 | test 54 | 55 | 56 | 57 | org.springframework.boot 58 | spring-boot-starter-security 59 | 60 | 61 | 62 | com.auth0 63 | java-jwt 64 | 3.4.1 65 | 66 | 67 | 68 | 69 | 70 | 71 | org.springframework.boot 72 | spring-boot-maven-plugin 73 | 74 | 75 | org.jacoco 76 | jacoco-maven-plugin 77 | 0.7.9 78 | 79 | 80 | 81 | prepare-agent 82 | 83 | 84 | 85 | report 86 | test 87 | 88 | report 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/configuration/WebSecurity.java: -------------------------------------------------------------------------------- 1 | package com.staxrt.tutorial.configuration; 2 | 3 | import com.staxrt.tutorial.security.JWTAuthenticationFilter; 4 | import com.staxrt.tutorial.security.JWTAuthorizationFilter; 5 | import com.staxrt.tutorial.service.UserDetailServiceImpl; 6 | import org.springframework.beans.factory.annotation.Autowired; 7 | import org.springframework.context.annotation.Bean; 8 | import org.springframework.http.HttpMethod; 9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 10 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 11 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 12 | import org.springframework.security.config.http.SessionCreationPolicy; 13 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 14 | import org.springframework.web.cors.CorsConfiguration; 15 | import org.springframework.web.cors.CorsConfigurationSource; 16 | import org.springframework.web.cors.UrlBasedCorsConfigurationSource; 17 | 18 | /** @author Givantha Kalansuriya @Project spring-boot-rest-api-auth-jwt-tutorial */ 19 | @EnableWebSecurity 20 | public class WebSecurity extends WebSecurityConfigurerAdapter { 21 | 22 | public static final String SIGN_UP_URL = "/api/v1/users"; 23 | 24 | @Autowired private UserDetailServiceImpl userDetailService; 25 | 26 | @Autowired private BCryptPasswordEncoder bCryptPasswordEncoder; 27 | 28 | public WebSecurity( 29 | UserDetailServiceImpl userDetailService, BCryptPasswordEncoder bCryptPasswordEncoder) { 30 | this.userDetailService = userDetailService; 31 | this.bCryptPasswordEncoder = bCryptPasswordEncoder; 32 | } 33 | 34 | @Override 35 | protected void configure(HttpSecurity http) throws Exception { 36 | http.cors() 37 | .and() 38 | .csrf() 39 | .disable() 40 | .authorizeRequests() // Add a new custom security filter 41 | .antMatchers(HttpMethod.POST, SIGN_UP_URL) 42 | .permitAll() // Only Allow Permission for create user endpoint 43 | .anyRequest() 44 | .authenticated() 45 | .and() 46 | .addFilter(this.getJWTAuthenticationFilter()) // Add JWT Authentication Filter 47 | .addFilter( 48 | new JWTAuthorizationFilter(authenticationManager())) // Add JWT Authorization Filter 49 | .sessionManagement() 50 | .sessionCreationPolicy( 51 | SessionCreationPolicy.STATELESS); // this disables session creation on Spring Security 52 | } 53 | 54 | @Bean 55 | CorsConfigurationSource corsConfigurationSource() { 56 | final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); 57 | source.registerCorsConfiguration( 58 | "/**", 59 | new CorsConfiguration() 60 | .applyPermitDefaultValues()); // Allow/restrict our CORS permitting requests from any 61 | // source 62 | return source; 63 | } 64 | 65 | public JWTAuthenticationFilter getJWTAuthenticationFilter() throws Exception { 66 | final JWTAuthenticationFilter filter = new JWTAuthenticationFilter(authenticationManager()); 67 | filter.setFilterProcessesUrl("/api/v1/auth/login"); // override the default spring login url 68 | return filter; 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/security/JWTAuthorizationFilter.java: -------------------------------------------------------------------------------- 1 | package com.staxrt.tutorial.security; 2 | 3 | import com.auth0.jwt.JWT; 4 | import com.auth0.jwt.algorithms.Algorithm; 5 | import com.auth0.jwt.exceptions.SignatureVerificationException; 6 | import com.auth0.jwt.exceptions.TokenExpiredException; 7 | import org.springframework.http.HttpStatus; 8 | import org.springframework.security.authentication.AuthenticationManager; 9 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 10 | import org.springframework.security.core.context.SecurityContextHolder; 11 | import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; 12 | 13 | import javax.servlet.FilterChain; 14 | import javax.servlet.ServletException; 15 | import javax.servlet.http.HttpServletRequest; 16 | import javax.servlet.http.HttpServletResponse; 17 | import java.io.IOException; 18 | import java.util.ArrayList; 19 | 20 | /** 21 | * The type Jwt authorization filter. 22 | * 23 | * @author Givantha Kalansuriya @Project spring -boot-rest-api-auth-jwt-tutorial 24 | */ 25 | public class JWTAuthorizationFilter extends BasicAuthenticationFilter { 26 | 27 | /** 28 | * Instantiates a new Jwt authorization filter. 29 | * 30 | * @param authenticationManager the authentication manager 31 | */ 32 | public JWTAuthorizationFilter(AuthenticationManager authenticationManager) { 33 | super(authenticationManager); 34 | } 35 | 36 | @Override 37 | protected void doFilterInternal( 38 | HttpServletRequest request, HttpServletResponse response, FilterChain chain) 39 | throws IOException, ServletException { 40 | 41 | // read the request header and extract the JWT token 42 | String header = request.getHeader(JWTAuthenticationFilter.HEADER_STRING); 43 | 44 | if (header == null || !header.startsWith(JWTAuthenticationFilter.TOKEN_PREFIX)) { 45 | chain.doFilter(request, response); 46 | return; 47 | } 48 | 49 | try { 50 | // validate the JWT Token 51 | UsernamePasswordAuthenticationToken authentication = getAuthentication(request); 52 | // if user is valid with token allow priced the request with adding user to security context 53 | SecurityContextHolder.getContext().setAuthentication(authentication); 54 | chain.doFilter(request, response); 55 | } catch (SignatureVerificationException e) { 56 | response.setStatus(HttpStatus.UNAUTHORIZED.value()); 57 | response.getWriter().write("Authentication error, SignatureVerification fail."); 58 | } catch (TokenExpiredException e) { 59 | response.setStatus(HttpStatus.UNAUTHORIZED.value()); 60 | response.getWriter().write("Authentication error, The Token's Expired."); 61 | } 62 | } 63 | 64 | private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) { 65 | String token = request.getHeader(JWTAuthenticationFilter.HEADER_STRING); 66 | if (token != null) { 67 | // parse the token. 68 | String user = 69 | JWT.require(Algorithm.HMAC512(JWTAuthenticationFilter.SECRET.getBytes())) 70 | .build() 71 | .verify(token.replace(JWTAuthenticationFilter.TOKEN_PREFIX, "")) 72 | .getSubject(); 73 | 74 | if (user != null) { 75 | return new UsernamePasswordAuthenticationToken(user, null, new ArrayList<>()); 76 | } 77 | return null; 78 | } 79 | return null; 80 | } 81 | } 82 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/controller/UserController.java: -------------------------------------------------------------------------------- 1 | /* 2 | * 3 | * Copyright (c) 2018-2020 Givantha Kalansuriya, This source is a part of 4 | * Staxrt - sample application source code. 5 | * http://staxrt.com 6 | * 7 | * Licensed under the Apache License, Version 2.0 (the "License"); 8 | * you may not use this file except in compliance with the License. 9 | * You may obtain a copy of the License at 10 | * 11 | * http://www.apache.org/licenses/LICENSE-2.0 12 | * 13 | * Unless required by applicable law or agreed to in writing, software 14 | * distributed under the License is distributed on an "AS IS" BASIS, 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | * See the License for the specific language governing permissions and 17 | * limitations under the License. 18 | * 19 | */ 20 | 21 | package com.staxrt.tutorial.controller; 22 | 23 | import com.staxrt.tutorial.exception.ResourceNotFoundException; 24 | import com.staxrt.tutorial.model.User; 25 | import com.staxrt.tutorial.repository.UserRepository; 26 | import org.springframework.beans.factory.annotation.Autowired; 27 | import org.springframework.http.ResponseEntity; 28 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 29 | import org.springframework.web.bind.annotation.*; 30 | 31 | import javax.validation.Valid; 32 | import java.util.Date; 33 | import java.util.HashMap; 34 | import java.util.List; 35 | import java.util.Map; 36 | 37 | /** 38 | * The type User controller. 39 | * 40 | * @author Givantha Kalansuriya 41 | */ 42 | @RestController 43 | @RequestMapping("/api/v1") 44 | public class UserController { 45 | 46 | @Autowired 47 | private UserRepository userRepository; 48 | 49 | @Autowired 50 | private BCryptPasswordEncoder bCryptPasswordEncoder; 51 | /** 52 | * Get all users list. 53 | * 54 | * @return the list 55 | */ 56 | @GetMapping("/users") 57 | public List getAllUsers() { 58 | return userRepository.findAll(); 59 | } 60 | 61 | /** 62 | * Gets users by id. 63 | * 64 | * @param userId the user id 65 | * @return the users by id 66 | * @throws ResourceNotFoundException the resource not found exception 67 | */ 68 | @GetMapping("/users/{id}") 69 | public ResponseEntity getUsersById(@PathVariable(value = "id") Long userId) 70 | throws ResourceNotFoundException { 71 | User user = 72 | userRepository 73 | .findById(userId) 74 | .orElseThrow(() -> new ResourceNotFoundException("User not found on :: " + userId)); 75 | return ResponseEntity.ok().body(user); 76 | } 77 | 78 | /** 79 | * Create user user. 80 | * 81 | * @param user the user 82 | * @return the user 83 | */ 84 | @PostMapping("/users") 85 | public User createUser(@Valid @RequestBody User user) { 86 | 87 | user.setPassword(bCryptPasswordEncoder.encode(user.getPassword())); 88 | return userRepository.save(user); 89 | } 90 | 91 | /** 92 | * Update user response entity. 93 | * 94 | * @param userId the user id 95 | * @param userDetails the user details 96 | * @return the response entity 97 | * @throws ResourceNotFoundException the resource not found exception 98 | */ 99 | @PutMapping("/users/{id}") 100 | public ResponseEntity updateUser( 101 | @PathVariable(value = "id") Long userId, @Valid @RequestBody User userDetails) 102 | throws ResourceNotFoundException { 103 | 104 | User user = 105 | userRepository 106 | .findById(userId) 107 | .orElseThrow(() -> new ResourceNotFoundException("User not found on :: " + userId)); 108 | 109 | user.setEmail(userDetails.getEmail()); 110 | user.setLastName(userDetails.getLastName()); 111 | user.setFirstName(userDetails.getFirstName()); 112 | final User updatedUser = userRepository.save(user); 113 | return ResponseEntity.ok(updatedUser); 114 | } 115 | 116 | /** 117 | * Delete user map. 118 | * 119 | * @param userId the user id 120 | * @return the map 121 | * @throws Exception the exception 122 | */ 123 | @DeleteMapping("/user/{id}") 124 | public Map deleteUser(@PathVariable(value = "id") Long userId) throws Exception { 125 | User user = 126 | userRepository 127 | .findById(userId) 128 | .orElseThrow(() -> new ResourceNotFoundException("User not found on :: " + userId)); 129 | 130 | userRepository.delete(user); 131 | Map response = new HashMap<>(); 132 | response.put("deleted", Boolean.TRUE); 133 | return response; 134 | } 135 | } 136 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM http://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven2 Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a key stroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM set title of command window 39 | title %0 40 | @REM enable echoing my setting MAVEN_BATCH_ECHO to 'on' 41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 42 | 43 | @REM set %HOME% to equivalent of $HOME 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 45 | 46 | @REM Execute a user defined script before this one 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 49 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat" 50 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd" 51 | :skipRcPre 52 | 53 | @setlocal 54 | 55 | set ERROR_CODE=0 56 | 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal 58 | @setlocal 59 | 60 | @REM ==== START VALIDATION ==== 61 | if not "%JAVA_HOME%" == "" goto OkJHome 62 | 63 | echo. 64 | echo Error: JAVA_HOME not found in your environment. >&2 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2 66 | echo location of your Java installation. >&2 67 | echo. 68 | goto error 69 | 70 | :OkJHome 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init 72 | 73 | echo. 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2 77 | echo location of your Java installation. >&2 78 | echo. 79 | goto error 80 | 81 | @REM ==== END VALIDATION ==== 82 | 83 | :init 84 | 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 86 | @REM Fallback to current working directory if not found. 87 | 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 90 | 91 | set EXEC_DIR=%CD% 92 | set WDIR=%EXEC_DIR% 93 | :findBaseDir 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 95 | cd .. 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 97 | set WDIR=%CD% 98 | goto findBaseDir 99 | 100 | :baseDirFound 101 | set MAVEN_PROJECTBASEDIR=%WDIR% 102 | cd "%EXEC_DIR%" 103 | goto endDetectBaseDir 104 | 105 | :baseDirNotFound 106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 107 | cd "%EXEC_DIR%" 108 | 109 | :endDetectBaseDir 110 | 111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 112 | 113 | @setlocal EnableExtensions EnableDelayedExpansion 114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 116 | 117 | :endReadAdditionalConfig 118 | 119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 122 | 123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.4.2/maven-wrapper-0.4.2.jar" 124 | FOR /F "tokens=1,2 delims==" %%A IN (%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties) DO ( 125 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B 126 | ) 127 | 128 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 129 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 130 | if exist %WRAPPER_JAR% ( 131 | echo Found %WRAPPER_JAR% 132 | ) else ( 133 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 134 | echo Downloading from: %DOWNLOAD_URL% 135 | powershell -Command "(New-Object Net.WebClient).DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')" 136 | echo Finished downloading %WRAPPER_JAR% 137 | ) 138 | @REM End of extension 139 | 140 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 141 | if ERRORLEVEL 1 goto error 142 | goto end 143 | 144 | :error 145 | set ERROR_CODE=1 146 | 147 | :end 148 | @endlocal & set ERROR_CODE=%ERROR_CODE% 149 | 150 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost 151 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 152 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat" 153 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd" 154 | :skipRcPost 155 | 156 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 157 | if "%MAVEN_BATCH_PAUSE%" == "on" pause 158 | 159 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE% 160 | 161 | exit /B %ERROR_CODE% 162 | -------------------------------------------------------------------------------- /src/main/java/com/staxrt/tutorial/model/User.java: -------------------------------------------------------------------------------- 1 | /* 2 | * 3 | * Copyright (c) 2018-2020 Givantha Kalansuriya, This source is a part of 4 | * Staxrt - sample application source code. 5 | * http://staxrt.com 6 | * 7 | * Licensed under the Apache License, Version 2.0 (the "License"); 8 | * you may not use this file except in compliance with the License. 9 | * You may obtain a copy of the License at 10 | * 11 | * http://www.apache.org/licenses/LICENSE-2.0 12 | * 13 | * Unless required by applicable law or agreed to in writing, software 14 | * distributed under the License is distributed on an "AS IS" BASIS, 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | * See the License for the specific language governing permissions and 17 | * limitations under the License. 18 | * 19 | */ 20 | 21 | package com.staxrt.tutorial.model; 22 | 23 | import com.fasterxml.jackson.annotation.JsonIgnore; 24 | import com.fasterxml.jackson.annotation.JsonProperty; 25 | import org.hibernate.annotations.CreationTimestamp; 26 | import org.hibernate.annotations.UpdateTimestamp; 27 | import org.springframework.data.annotation.CreatedBy; 28 | import org.springframework.data.annotation.LastModifiedBy; 29 | import org.springframework.data.jpa.domain.support.AuditingEntityListener; 30 | 31 | import javax.persistence.*; 32 | import java.util.Date; 33 | 34 | /** 35 | * The type User. 36 | * 37 | * @author Givantha Kalansuriya 38 | */ 39 | @Entity 40 | @Table(name = "users") 41 | @EntityListeners(AuditingEntityListener.class) 42 | public class User { 43 | 44 | @Id 45 | @GeneratedValue(strategy = GenerationType.AUTO) 46 | private long id; 47 | 48 | @Column(name = "username", nullable = false) 49 | private String username; 50 | 51 | @Column(name = "password", nullable = false) 52 | private String password; 53 | 54 | @Column(name = "first_name", nullable = false) 55 | private String firstName; 56 | 57 | @Column(name = "last_name", nullable = false) 58 | private String lastName; 59 | 60 | @Column(name = "email_address", nullable = false) 61 | private String email; 62 | 63 | @CreationTimestamp 64 | @Temporal(TemporalType.TIMESTAMP) 65 | @Column(name = "created_at", nullable = false) 66 | private Date createdAt; 67 | 68 | @Column(name = "created_by", nullable = false) 69 | @CreatedBy 70 | private String createdBy; 71 | 72 | @UpdateTimestamp 73 | @Temporal(TemporalType.TIMESTAMP) 74 | @Column(name = "updated_at", nullable = false) 75 | private Date updatedAt; 76 | 77 | @Column(name = "updated_by", nullable = false) 78 | @LastModifiedBy 79 | private String updatedBy; 80 | 81 | /** 82 | * Gets id. 83 | * 84 | * @return the id 85 | */ 86 | public long getId() { 87 | return id; 88 | } 89 | 90 | /** 91 | * Sets id. 92 | * 93 | * @param id the id 94 | */ 95 | public void setId(long id) { 96 | this.id = id; 97 | } 98 | 99 | /** 100 | * Gets username. 101 | * 102 | * @return the username 103 | */ 104 | public String getUsername() { 105 | return username; 106 | } 107 | 108 | /** 109 | * Sets username. 110 | * 111 | * @param username the username 112 | */ 113 | public void setUsername(String username) { 114 | this.username = username; 115 | } 116 | 117 | /** 118 | * Gets password. 119 | * 120 | * @return the password 121 | */ 122 | @JsonIgnore 123 | @JsonProperty(value = "password") 124 | public String getPassword() { 125 | return password; 126 | } 127 | 128 | /** 129 | * Sets password. 130 | * 131 | * @param password the password 132 | */ 133 | public void setPassword(String password) { 134 | this.password = password; 135 | } 136 | 137 | /** 138 | * Gets first name. 139 | * 140 | * @return the first name 141 | */ 142 | public String getFirstName() { 143 | return firstName; 144 | } 145 | 146 | /** 147 | * Sets first name. 148 | * 149 | * @param firstName the first name 150 | */ 151 | public void setFirstName(String firstName) { 152 | this.firstName = firstName; 153 | } 154 | 155 | /** 156 | * Gets last name. 157 | * 158 | * @return the last name 159 | */ 160 | public String getLastName() { 161 | return lastName; 162 | } 163 | 164 | /** 165 | * Sets last name. 166 | * 167 | * @param lastName the last name 168 | */ 169 | public void setLastName(String lastName) { 170 | this.lastName = lastName; 171 | } 172 | 173 | /** 174 | * Gets email. 175 | * 176 | * @return the email 177 | */ 178 | public String getEmail() { 179 | return email; 180 | } 181 | 182 | /** 183 | * Sets email. 184 | * 185 | * @param email the email 186 | */ 187 | public void setEmail(String email) { 188 | this.email = email; 189 | } 190 | 191 | /** 192 | * Gets created at. 193 | * 194 | * @return the created at 195 | */ 196 | public Date getCreatedAt() { 197 | return createdAt; 198 | } 199 | 200 | /** 201 | * Sets created at. 202 | * 203 | * @param createdAt the created at 204 | */ 205 | public void setCreatedAt(Date createdAt) { 206 | this.createdAt = createdAt; 207 | } 208 | 209 | /** 210 | * Gets created by. 211 | * 212 | * @return the created by 213 | */ 214 | public String getCreatedBy() { 215 | return createdBy; 216 | } 217 | 218 | /** 219 | * Sets created by. 220 | * 221 | * @param createdBy the created by 222 | */ 223 | public void setCreatedBy(String createdBy) { 224 | this.createdBy = createdBy; 225 | } 226 | 227 | /** 228 | * Gets updated at. 229 | * 230 | * @return the updated at 231 | */ 232 | public Date getUpdatedAt() { 233 | return updatedAt; 234 | } 235 | 236 | /** 237 | * Sets updated at. 238 | * 239 | * @param updatedAt the updated at 240 | */ 241 | public void setUpdatedAt(Date updatedAt) { 242 | this.updatedAt = updatedAt; 243 | } 244 | 245 | /** 246 | * Gets updated by. 247 | * 248 | * @return the updated by 249 | */ 250 | public String getUpdatedBy() { 251 | return updatedBy; 252 | } 253 | 254 | /** 255 | * Sets updated by. 256 | * 257 | * @param updatedBy the updated by 258 | */ 259 | public void setUpdatedBy(String updatedBy) { 260 | this.updatedBy = updatedBy; 261 | } 262 | 263 | @Override 264 | public String toString() { 265 | return "User{" + 266 | "id=" + id + 267 | ", firstName='" + firstName + '\'' + 268 | ", lastName='" + lastName + '\'' + 269 | ", email='" + email + '\'' + 270 | ", createdAt=" + createdAt + 271 | ", createdBy='" + createdBy + '\'' + 272 | ", updatedAt=" + updatedAt + 273 | ", updatedby='" + updatedBy + '\'' + 274 | '}'; 275 | } 276 | 277 | 278 | } 279 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven2 Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /etc/mavenrc ] ; then 40 | . /etc/mavenrc 41 | fi 42 | 43 | if [ -f "$HOME/.mavenrc" ] ; then 44 | . "$HOME/.mavenrc" 45 | fi 46 | 47 | fi 48 | 49 | # OS specific support. $var _must_ be set to either true or false. 50 | cygwin=false; 51 | darwin=false; 52 | mingw=false 53 | case "`uname`" in 54 | CYGWIN*) cygwin=true ;; 55 | MINGW*) mingw=true;; 56 | Darwin*) darwin=true 57 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 58 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 59 | if [ -z "$JAVA_HOME" ]; then 60 | if [ -x "/usr/libexec/java_home" ]; then 61 | export JAVA_HOME="`/usr/libexec/java_home`" 62 | else 63 | export JAVA_HOME="/Library/Java/Home" 64 | fi 65 | fi 66 | ;; 67 | esac 68 | 69 | if [ -z "$JAVA_HOME" ] ; then 70 | if [ -r /etc/gentoo-release ] ; then 71 | JAVA_HOME=`java-config --jre-home` 72 | fi 73 | fi 74 | 75 | if [ -z "$M2_HOME" ] ; then 76 | ## resolve links - $0 may be a link to maven's home 77 | PRG="$0" 78 | 79 | # need this for relative symlinks 80 | while [ -h "$PRG" ] ; do 81 | ls=`ls -ld "$PRG"` 82 | link=`expr "$ls" : '.*-> \(.*\)$'` 83 | if expr "$link" : '/.*' > /dev/null; then 84 | PRG="$link" 85 | else 86 | PRG="`dirname "$PRG"`/$link" 87 | fi 88 | done 89 | 90 | saveddir=`pwd` 91 | 92 | M2_HOME=`dirname "$PRG"`/.. 93 | 94 | # make it fully qualified 95 | M2_HOME=`cd "$M2_HOME" && pwd` 96 | 97 | cd "$saveddir" 98 | # echo Using m2 at $M2_HOME 99 | fi 100 | 101 | # For Cygwin, ensure paths are in UNIX format before anything is touched 102 | if $cygwin ; then 103 | [ -n "$M2_HOME" ] && 104 | M2_HOME=`cygpath --unix "$M2_HOME"` 105 | [ -n "$JAVA_HOME" ] && 106 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 107 | [ -n "$CLASSPATH" ] && 108 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 109 | fi 110 | 111 | # For Mingw, ensure paths are in UNIX format before anything is touched 112 | if $mingw ; then 113 | [ -n "$M2_HOME" ] && 114 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 115 | [ -n "$JAVA_HOME" ] && 116 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 117 | # TODO classpath? 118 | fi 119 | 120 | if [ -z "$JAVA_HOME" ]; then 121 | javaExecutable="`which javac`" 122 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 123 | # readlink(1) is not available as standard on Solaris 10. 124 | readLink=`which readlink` 125 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 126 | if $darwin ; then 127 | javaHome="`dirname \"$javaExecutable\"`" 128 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 129 | else 130 | javaExecutable="`readlink -f \"$javaExecutable\"`" 131 | fi 132 | javaHome="`dirname \"$javaExecutable\"`" 133 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 134 | JAVA_HOME="$javaHome" 135 | export JAVA_HOME 136 | fi 137 | fi 138 | fi 139 | 140 | if [ -z "$JAVACMD" ] ; then 141 | if [ -n "$JAVA_HOME" ] ; then 142 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 143 | # IBM's JDK on AIX uses strange locations for the executables 144 | JAVACMD="$JAVA_HOME/jre/sh/java" 145 | else 146 | JAVACMD="$JAVA_HOME/bin/java" 147 | fi 148 | else 149 | JAVACMD="`which java`" 150 | fi 151 | fi 152 | 153 | if [ ! -x "$JAVACMD" ] ; then 154 | echo "Error: JAVA_HOME is not defined correctly." >&2 155 | echo " We cannot execute $JAVACMD" >&2 156 | exit 1 157 | fi 158 | 159 | if [ -z "$JAVA_HOME" ] ; then 160 | echo "Warning: JAVA_HOME environment variable is not set." 161 | fi 162 | 163 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 164 | 165 | # traverses directory structure from process work directory to filesystem root 166 | # first directory with .mvn subdirectory is considered project base directory 167 | find_maven_basedir() { 168 | 169 | if [ -z "$1" ] 170 | then 171 | echo "Path not specified to find_maven_basedir" 172 | return 1 173 | fi 174 | 175 | basedir="$1" 176 | wdir="$1" 177 | while [ "$wdir" != '/' ] ; do 178 | if [ -d "$wdir"/.mvn ] ; then 179 | basedir=$wdir 180 | break 181 | fi 182 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 183 | if [ -d "${wdir}" ]; then 184 | wdir=`cd "$wdir/.."; pwd` 185 | fi 186 | # end of workaround 187 | done 188 | echo "${basedir}" 189 | } 190 | 191 | # concatenates all lines of a file 192 | concat_lines() { 193 | if [ -f "$1" ]; then 194 | echo "$(tr -s '\n' ' ' < "$1")" 195 | fi 196 | } 197 | 198 | BASE_DIR=`find_maven_basedir "$(pwd)"` 199 | if [ -z "$BASE_DIR" ]; then 200 | exit 1; 201 | fi 202 | 203 | ########################################################################################## 204 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 205 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 206 | ########################################################################################## 207 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then 208 | if [ "$MVNW_VERBOSE" = true ]; then 209 | echo "Found .mvn/wrapper/maven-wrapper.jar" 210 | fi 211 | else 212 | if [ "$MVNW_VERBOSE" = true ]; then 213 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." 214 | fi 215 | jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.4.2/maven-wrapper-0.4.2.jar" 216 | while IFS="=" read key value; do 217 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;; 218 | esac 219 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" 220 | if [ "$MVNW_VERBOSE" = true ]; then 221 | echo "Downloading from: $jarUrl" 222 | fi 223 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" 224 | 225 | if command -v wget > /dev/null; then 226 | if [ "$MVNW_VERBOSE" = true ]; then 227 | echo "Found wget ... using wget" 228 | fi 229 | wget "$jarUrl" -O "$wrapperJarPath" 230 | elif command -v curl > /dev/null; then 231 | if [ "$MVNW_VERBOSE" = true ]; then 232 | echo "Found curl ... using curl" 233 | fi 234 | curl -o "$wrapperJarPath" "$jarUrl" 235 | else 236 | if [ "$MVNW_VERBOSE" = true ]; then 237 | echo "Falling back to using Java to download" 238 | fi 239 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" 240 | if [ -e "$javaClass" ]; then 241 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 242 | if [ "$MVNW_VERBOSE" = true ]; then 243 | echo " - Compiling MavenWrapperDownloader.java ..." 244 | fi 245 | # Compiling the Java class 246 | ("$JAVA_HOME/bin/javac" "$javaClass") 247 | fi 248 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 249 | # Running the downloader 250 | if [ "$MVNW_VERBOSE" = true ]; then 251 | echo " - Running MavenWrapperDownloader.java ..." 252 | fi 253 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") 254 | fi 255 | fi 256 | fi 257 | fi 258 | ########################################################################################## 259 | # End of extension 260 | ########################################################################################## 261 | 262 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 263 | if [ "$MVNW_VERBOSE" = true ]; then 264 | echo $MAVEN_PROJECTBASEDIR 265 | fi 266 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 267 | 268 | # For Cygwin, switch paths to Windows format before running java 269 | if $cygwin; then 270 | [ -n "$M2_HOME" ] && 271 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 272 | [ -n "$JAVA_HOME" ] && 273 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 274 | [ -n "$CLASSPATH" ] && 275 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 276 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 277 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 278 | fi 279 | 280 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 281 | 282 | exec "$JAVACMD" \ 283 | $MAVEN_OPTS \ 284 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 285 | "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 286 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 287 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | --------------------------------------------------------------------------------