├── .gitignore ├── .mvn └── wrapper │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── mvnw ├── mvnw.cmd ├── openssl-commands.txt ├── pom.xml ├── pri.pem ├── products └── product-service │ ├── .gitignore │ ├── .mvn │ └── wrapper │ │ ├── maven-wrapper.jar │ │ └── maven-wrapper.properties │ ├── mvnw │ ├── mvnw.cmd │ ├── pom.xml │ └── src │ ├── main │ ├── java │ │ └── org │ │ │ └── sid │ │ │ └── productservice │ │ │ ├── ProductServiceApplication.java │ │ │ ├── RsaKeyProperties.java │ │ │ ├── SecurityConfig.java │ │ │ └── web │ │ │ └── TestRestController.java │ └── resources │ │ ├── application.properties │ │ └── certs │ │ └── pub.pem │ └── test │ └── java │ └── org │ └── sid │ └── productservice │ └── ProductServiceApplicationTests.java ├── pub.pem └── src ├── main ├── java │ └── org │ │ └── sid │ │ └── secservice │ │ ├── AuthController.java │ │ ├── GenerateKayPair.java │ │ ├── MyRestAPI.java │ │ ├── RsaKeyProperties.java │ │ ├── SecServiceApplication.java │ │ ├── SecurityConfig.java │ │ ├── dto │ │ └── LoginRequest.java │ │ ├── entities │ │ ├── AppRole.java │ │ └── AppUser.java │ │ ├── repo │ │ ├── AppRoleRepository.java │ │ └── AppUserRepository.java │ │ └── services │ │ ├── AccountService.java │ │ └── TokenService.java └── resources │ ├── application.properties │ └── certs │ ├── keypair.pem │ ├── pri.pem │ ├── private.pem │ ├── pub.pem │ └── public.pem └── test └── java └── org └── sid └── secservice └── SecServiceApplicationTests.java /.gitignore: -------------------------------------------------------------------------------- 1 | HELP.md 2 | target/ 3 | !.mvn/wrapper/maven-wrapper.jar 4 | !**/src/main/**/target/ 5 | !**/src/test/**/target/ 6 | 7 | ### STS ### 8 | .apt_generated 9 | .classpath 10 | .factorypath 11 | .project 12 | .settings 13 | .springBeans 14 | .sts4-cache 15 | 16 | ### IntelliJ IDEA ### 17 | .idea 18 | *.iws 19 | *.iml 20 | *.ipr 21 | 22 | ### NetBeans ### 23 | /nbproject/private/ 24 | /nbbuild/ 25 | /dist/ 26 | /nbdist/ 27 | /.nb-gradle/ 28 | build/ 29 | !**/src/main/**/build/ 30 | !**/src/test/**/build/ 31 | 32 | ### VS Code ### 33 | .vscode/ 34 | -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mohamedYoussfi/security-service-springsecurity-jwt-oauth2/01e2f33eddf045edcddac0ea7888ccf2d4428ca3/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.6/apache-maven-3.8.6-bin.zip 2 | wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar 3 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # https://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /usr/local/etc/mavenrc ] ; then 40 | . /usr/local/etc/mavenrc 41 | fi 42 | 43 | if [ -f /etc/mavenrc ] ; then 44 | . /etc/mavenrc 45 | fi 46 | 47 | if [ -f "$HOME/.mavenrc" ] ; then 48 | . "$HOME/.mavenrc" 49 | fi 50 | 51 | fi 52 | 53 | # OS specific support. $var _must_ be set to either true or false. 54 | cygwin=false; 55 | darwin=false; 56 | mingw=false 57 | case "`uname`" in 58 | CYGWIN*) cygwin=true ;; 59 | MINGW*) mingw=true;; 60 | Darwin*) darwin=true 61 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 62 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 63 | if [ -z "$JAVA_HOME" ]; then 64 | if [ -x "/usr/libexec/java_home" ]; then 65 | export JAVA_HOME="`/usr/libexec/java_home`" 66 | else 67 | export JAVA_HOME="/Library/Java/Home" 68 | fi 69 | fi 70 | ;; 71 | esac 72 | 73 | if [ -z "$JAVA_HOME" ] ; then 74 | if [ -r /etc/gentoo-release ] ; then 75 | JAVA_HOME=`java-config --jre-home` 76 | fi 77 | fi 78 | 79 | if [ -z "$M2_HOME" ] ; then 80 | ## resolve links - $0 may be a link to maven's home 81 | PRG="$0" 82 | 83 | # need this for relative symlinks 84 | while [ -h "$PRG" ] ; do 85 | ls=`ls -ld "$PRG"` 86 | link=`expr "$ls" : '.*-> \(.*\)$'` 87 | if expr "$link" : '/.*' > /dev/null; then 88 | PRG="$link" 89 | else 90 | PRG="`dirname "$PRG"`/$link" 91 | fi 92 | done 93 | 94 | saveddir=`pwd` 95 | 96 | M2_HOME=`dirname "$PRG"`/.. 97 | 98 | # make it fully qualified 99 | M2_HOME=`cd "$M2_HOME" && pwd` 100 | 101 | cd "$saveddir" 102 | # echo Using m2 at $M2_HOME 103 | fi 104 | 105 | # For Cygwin, ensure paths are in UNIX format before anything is touched 106 | if $cygwin ; then 107 | [ -n "$M2_HOME" ] && 108 | M2_HOME=`cygpath --unix "$M2_HOME"` 109 | [ -n "$JAVA_HOME" ] && 110 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 111 | [ -n "$CLASSPATH" ] && 112 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 113 | fi 114 | 115 | # For Mingw, ensure paths are in UNIX format before anything is touched 116 | if $mingw ; then 117 | [ -n "$M2_HOME" ] && 118 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 119 | [ -n "$JAVA_HOME" ] && 120 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 121 | fi 122 | 123 | if [ -z "$JAVA_HOME" ]; then 124 | javaExecutable="`which javac`" 125 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 126 | # readlink(1) is not available as standard on Solaris 10. 127 | readLink=`which readlink` 128 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 129 | if $darwin ; then 130 | javaHome="`dirname \"$javaExecutable\"`" 131 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 132 | else 133 | javaExecutable="`readlink -f \"$javaExecutable\"`" 134 | fi 135 | javaHome="`dirname \"$javaExecutable\"`" 136 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 137 | JAVA_HOME="$javaHome" 138 | export JAVA_HOME 139 | fi 140 | fi 141 | fi 142 | 143 | if [ -z "$JAVACMD" ] ; then 144 | if [ -n "$JAVA_HOME" ] ; then 145 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 146 | # IBM's JDK on AIX uses strange locations for the executables 147 | JAVACMD="$JAVA_HOME/jre/sh/java" 148 | else 149 | JAVACMD="$JAVA_HOME/bin/java" 150 | fi 151 | else 152 | JAVACMD="`\\unset -f command; \\command -v java`" 153 | fi 154 | fi 155 | 156 | if [ ! -x "$JAVACMD" ] ; then 157 | echo "Error: JAVA_HOME is not defined correctly." >&2 158 | echo " We cannot execute $JAVACMD" >&2 159 | exit 1 160 | fi 161 | 162 | if [ -z "$JAVA_HOME" ] ; then 163 | echo "Warning: JAVA_HOME environment variable is not set." 164 | fi 165 | 166 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 167 | 168 | # traverses directory structure from process work directory to filesystem root 169 | # first directory with .mvn subdirectory is considered project base directory 170 | find_maven_basedir() { 171 | 172 | if [ -z "$1" ] 173 | then 174 | echo "Path not specified to find_maven_basedir" 175 | return 1 176 | fi 177 | 178 | basedir="$1" 179 | wdir="$1" 180 | while [ "$wdir" != '/' ] ; do 181 | if [ -d "$wdir"/.mvn ] ; then 182 | basedir=$wdir 183 | break 184 | fi 185 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 186 | if [ -d "${wdir}" ]; then 187 | wdir=`cd "$wdir/.."; pwd` 188 | fi 189 | # end of workaround 190 | done 191 | echo "${basedir}" 192 | } 193 | 194 | # concatenates all lines of a file 195 | concat_lines() { 196 | if [ -f "$1" ]; then 197 | echo "$(tr -s '\n' ' ' < "$1")" 198 | fi 199 | } 200 | 201 | BASE_DIR=`find_maven_basedir "$(pwd)"` 202 | if [ -z "$BASE_DIR" ]; then 203 | exit 1; 204 | fi 205 | 206 | ########################################################################################## 207 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 208 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 209 | ########################################################################################## 210 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then 211 | if [ "$MVNW_VERBOSE" = true ]; then 212 | echo "Found .mvn/wrapper/maven-wrapper.jar" 213 | fi 214 | else 215 | if [ "$MVNW_VERBOSE" = true ]; then 216 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." 217 | fi 218 | if [ -n "$MVNW_REPOURL" ]; then 219 | jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 220 | else 221 | jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 222 | fi 223 | while IFS="=" read key value; do 224 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;; 225 | esac 226 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" 227 | if [ "$MVNW_VERBOSE" = true ]; then 228 | echo "Downloading from: $jarUrl" 229 | fi 230 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" 231 | if $cygwin; then 232 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"` 233 | fi 234 | 235 | if command -v wget > /dev/null; then 236 | if [ "$MVNW_VERBOSE" = true ]; then 237 | echo "Found wget ... using wget" 238 | fi 239 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 240 | wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 241 | else 242 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 243 | fi 244 | elif command -v curl > /dev/null; then 245 | if [ "$MVNW_VERBOSE" = true ]; then 246 | echo "Found curl ... using curl" 247 | fi 248 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 249 | curl -o "$wrapperJarPath" "$jarUrl" -f 250 | else 251 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f 252 | fi 253 | 254 | else 255 | if [ "$MVNW_VERBOSE" = true ]; then 256 | echo "Falling back to using Java to download" 257 | fi 258 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" 259 | # For Cygwin, switch paths to Windows format before running javac 260 | if $cygwin; then 261 | javaClass=`cygpath --path --windows "$javaClass"` 262 | fi 263 | if [ -e "$javaClass" ]; then 264 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 265 | if [ "$MVNW_VERBOSE" = true ]; then 266 | echo " - Compiling MavenWrapperDownloader.java ..." 267 | fi 268 | # Compiling the Java class 269 | ("$JAVA_HOME/bin/javac" "$javaClass") 270 | fi 271 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 272 | # Running the downloader 273 | if [ "$MVNW_VERBOSE" = true ]; then 274 | echo " - Running MavenWrapperDownloader.java ..." 275 | fi 276 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") 277 | fi 278 | fi 279 | fi 280 | fi 281 | ########################################################################################## 282 | # End of extension 283 | ########################################################################################## 284 | 285 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 286 | if [ "$MVNW_VERBOSE" = true ]; then 287 | echo $MAVEN_PROJECTBASEDIR 288 | fi 289 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 290 | 291 | # For Cygwin, switch paths to Windows format before running java 292 | if $cygwin; then 293 | [ -n "$M2_HOME" ] && 294 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 295 | [ -n "$JAVA_HOME" ] && 296 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 297 | [ -n "$CLASSPATH" ] && 298 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 299 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 300 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 301 | fi 302 | 303 | # Provide a "standardized" way to retrieve the CLI args that will 304 | # work with both Windows and non-Windows executions. 305 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@" 306 | export MAVEN_CMD_LINE_ARGS 307 | 308 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 309 | 310 | exec "$JAVACMD" \ 311 | $MAVEN_OPTS \ 312 | $MAVEN_DEBUG_OPTS \ 313 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 314 | "-Dmaven.home=${M2_HOME}" \ 315 | "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 316 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 317 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM https://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM set title of command window 39 | title %0 40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' 41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 42 | 43 | @REM set %HOME% to equivalent of $HOME 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 45 | 46 | @REM Execute a user defined script before this one 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 49 | if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %* 50 | if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %* 51 | :skipRcPre 52 | 53 | @setlocal 54 | 55 | set ERROR_CODE=0 56 | 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal 58 | @setlocal 59 | 60 | @REM ==== START VALIDATION ==== 61 | if not "%JAVA_HOME%" == "" goto OkJHome 62 | 63 | echo. 64 | echo Error: JAVA_HOME not found in your environment. >&2 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2 66 | echo location of your Java installation. >&2 67 | echo. 68 | goto error 69 | 70 | :OkJHome 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init 72 | 73 | echo. 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2 77 | echo location of your Java installation. >&2 78 | echo. 79 | goto error 80 | 81 | @REM ==== END VALIDATION ==== 82 | 83 | :init 84 | 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 86 | @REM Fallback to current working directory if not found. 87 | 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 90 | 91 | set EXEC_DIR=%CD% 92 | set WDIR=%EXEC_DIR% 93 | :findBaseDir 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 95 | cd .. 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 97 | set WDIR=%CD% 98 | goto findBaseDir 99 | 100 | :baseDirFound 101 | set MAVEN_PROJECTBASEDIR=%WDIR% 102 | cd "%EXEC_DIR%" 103 | goto endDetectBaseDir 104 | 105 | :baseDirNotFound 106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 107 | cd "%EXEC_DIR%" 108 | 109 | :endDetectBaseDir 110 | 111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 112 | 113 | @setlocal EnableExtensions EnableDelayedExpansion 114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 116 | 117 | :endReadAdditionalConfig 118 | 119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 122 | 123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 124 | 125 | FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B 127 | ) 128 | 129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 131 | if exist %WRAPPER_JAR% ( 132 | if "%MVNW_VERBOSE%" == "true" ( 133 | echo Found %WRAPPER_JAR% 134 | ) 135 | ) else ( 136 | if not "%MVNW_REPOURL%" == "" ( 137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 138 | ) 139 | if "%MVNW_VERBOSE%" == "true" ( 140 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 141 | echo Downloading from: %DOWNLOAD_URL% 142 | ) 143 | 144 | powershell -Command "&{"^ 145 | "$webclient = new-object System.Net.WebClient;"^ 146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ 147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ 148 | "}"^ 149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^ 150 | "}" 151 | if "%MVNW_VERBOSE%" == "true" ( 152 | echo Finished downloading %WRAPPER_JAR% 153 | ) 154 | ) 155 | @REM End of extension 156 | 157 | @REM Provide a "standardized" way to retrieve the CLI args that will 158 | @REM work with both Windows and non-Windows executions. 159 | set MAVEN_CMD_LINE_ARGS=%* 160 | 161 | %MAVEN_JAVA_EXE% ^ 162 | %JVM_CONFIG_MAVEN_PROPS% ^ 163 | %MAVEN_OPTS% ^ 164 | %MAVEN_DEBUG_OPTS% ^ 165 | -classpath %WRAPPER_JAR% ^ 166 | "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^ 167 | %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 168 | if ERRORLEVEL 1 goto error 169 | goto end 170 | 171 | :error 172 | set ERROR_CODE=1 173 | 174 | :end 175 | @endlocal & set ERROR_CODE=%ERROR_CODE% 176 | 177 | if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost 178 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 179 | if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat" 180 | if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd" 181 | :skipRcPost 182 | 183 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 184 | if "%MAVEN_BATCH_PAUSE%"=="on" pause 185 | 186 | if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE% 187 | 188 | cmd /C exit /B %ERROR_CODE% 189 | -------------------------------------------------------------------------------- /openssl-commands.txt: -------------------------------------------------------------------------------- 1 | # Generate keypair 2 | > openssl genrsa -out keypair.pem 2048 3 | # generate public key 4 | > openssl rsa -in keypair.pem -pubout -out public.pem 5 | # generate private key 6 | > openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in keypair.pem -out private.pem 7 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework.boot 7 | spring-boot-starter-parent 8 | 2.7.5 9 | 10 | 11 | org.sid 12 | sec-service 13 | 0.0.1-SNAPSHOT 14 | sec-service 15 | sec-service 16 | 17 | 17 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter-oauth2-resource-server 23 | 24 | 25 | org.springframework.boot 26 | spring-boot-starter-web 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-data-jpa 31 | 32 | 33 | com.h2database 34 | h2 35 | 36 | 37 | 38 | org.bouncycastle 39 | bcpkix-jdk18on 40 | 1.72 41 | 42 | 43 | 44 | 45 | org.springframework.boot 46 | spring-boot-configuration-processor 47 | true 48 | 49 | 50 | org.projectlombok 51 | lombok 52 | true 53 | 54 | 55 | org.springframework.boot 56 | spring-boot-starter-test 57 | test 58 | 59 | 60 | 61 | 62 | 63 | 64 | org.springframework.boot 65 | spring-boot-maven-plugin 66 | 67 | 68 | 69 | org.projectlombok 70 | lombok 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | -------------------------------------------------------------------------------- /pri.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCuAAhVDSzLUmaa 3 | Ne/bRZ/Wlw7WKmm2MdjDqHM4/xHtwvmeZ/1aR4DuCxKnknMakBppMSLjJAfW6gN7 4 | +bideJIrRQNEbkQkN67MviVySHFIRbhPVpCclvIJ7Jwb3J1VotKEokpmSZ4Dy7jz 5 | xXVUIQY0aiObiVjVezSUiWEy6d+H6QkXzSGZx02ITdyBGwk3VFUM6KRpNC6FcTsN 6 | W6akNG3TPAe8hXh/F5aV/Cld7VY+rfLX0hDc1BijxV45IGeFipWtDuI/AMbxR1oQ 7 | L+GkmpNY8NV0nBFhYTxL4N+FvMEK2Ic6GSIo6oBFZZe6ah/0T79Ku3N2Keo9Gh6T 8 | 2BsoamllAgMBAAECggEACA8pU6MqFXrKFM91vh7B8gMKJWJOhilV5G4bdCLgVjZn 9 | MG6ZngJc1um9YfSXDz5ocsHbX1DuagZpxebBpc2NW6K1LYi78D+CAaq2+k2frZzJ 10 | FieoyA/3wvzqGCJGSU6i2JDZyFYVkxBvDx9wuUZUTr4xywT4D99GhrC8R0rs1xMg 11 | 7x1tNHHfuwXir4Un3fUWQkgW5i2i9XuhX3TpCOmfLdf3BNaAUz26IFj1PZlNy91x 12 | 7lu/hdKSmJhjsvZv46V1/NBqtkEBfKKvDzQl75nnKrzAoIpdus6KIlP/con3CCUC 13 | WtFEMGAbjutcHPeCN/SAQ4x2wRcjH24ORuoN2wbg+wKBgQC7OrPnQbkYvvE2K2mP 14 | v0UqzcUbWGidODGlyfyS2csuML6ffymXYKv9TCKGBKBYOpheNTHYQ739NQ+VluXs 15 | vlaKL7zFh9NZEIjFy+ilZQVtZHAJf1p6pz8Qsja2k5S54KSvMqXYBBwkRumZ5xIJ 16 | ft/jeSSzUOKgRHh3Pz7wxBHmpwKBgQDt6WGPiJV3IAG3+AKSjJlJwcl9/r6RgKSr 17 | 0Mcl2na8CEVAXZ2QGCIHAKPTHrngx42mMY8nOAzr5TPXHBTg5rcXOyrvqoJAEmdR 18 | WyhmJFsaWN52atH9hG5qGpoyg8+YrSE0r6WjJdXUIKWmgsslz5Krs4ENA0IgY2KN 19 | pyJ7pGu9EwKBgFNIaX4U3iEDzogqB2rJyhqgLW1chixpMqxsjM1F0/tX83M/PWD4 20 | v4iMtU6oACs+5UgCoYlxmLFpSOVhmiUVBamyUmYLZRfZIv3ZFkN8DE38v1l6LOUi 21 | QAtNOsk8HIwSQS8teFf+fAYnBQJQptVSeoTU/l5FPInN60gf+f9fOBdBAoGAb3nP 22 | UOX6wtqoc38uFWTz3m+C7hqTSLIydp9Y8Q+wWuK1MDetQHtOVmGiYaYgCob2hEzs 23 | er/0rgOzirOJxOfWGniK4cnPRh5ZcvF3uISIe4vwkSP0SQnogqb8YXcJqsxUps82 24 | mX989exmMeNPNORSIUn2yhYgwfRPlXge3DhqkykCgYATriFz5/ptpnZbKdnn7TMd 25 | PxzBF35HaR6ayfL20WyZSOojXXduSoLxfaP9sXeJFOEBCER0qCyTxJTanQ4V+Mwi 26 | Mpz7FrOB6A/v3Fzskk6C/q/ybV84dNlPCMkCtnaaUf0sfq3jn7niu13pdlvxOPOn 27 | 8EYm+Po4xFm4ekhuDde1RQ== 28 | -----END PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /products/product-service/.gitignore: -------------------------------------------------------------------------------- 1 | HELP.md 2 | target/ 3 | !.mvn/wrapper/maven-wrapper.jar 4 | !**/src/main/**/target/ 5 | !**/src/test/**/target/ 6 | 7 | ### STS ### 8 | .apt_generated 9 | .classpath 10 | .factorypath 11 | .project 12 | .settings 13 | .springBeans 14 | .sts4-cache 15 | 16 | ### IntelliJ IDEA ### 17 | .idea 18 | *.iws 19 | *.iml 20 | *.ipr 21 | 22 | ### NetBeans ### 23 | /nbproject/private/ 24 | /nbbuild/ 25 | /dist/ 26 | /nbdist/ 27 | /.nb-gradle/ 28 | build/ 29 | !**/src/main/**/build/ 30 | !**/src/test/**/build/ 31 | 32 | ### VS Code ### 33 | .vscode/ 34 | -------------------------------------------------------------------------------- /products/product-service/.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mohamedYoussfi/security-service-springsecurity-jwt-oauth2/01e2f33eddf045edcddac0ea7888ccf2d4428ca3/products/product-service/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /products/product-service/.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.6/apache-maven-3.8.6-bin.zip 2 | wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar 3 | -------------------------------------------------------------------------------- /products/product-service/mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # https://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /usr/local/etc/mavenrc ] ; then 40 | . /usr/local/etc/mavenrc 41 | fi 42 | 43 | if [ -f /etc/mavenrc ] ; then 44 | . /etc/mavenrc 45 | fi 46 | 47 | if [ -f "$HOME/.mavenrc" ] ; then 48 | . "$HOME/.mavenrc" 49 | fi 50 | 51 | fi 52 | 53 | # OS specific support. $var _must_ be set to either true or false. 54 | cygwin=false; 55 | darwin=false; 56 | mingw=false 57 | case "`uname`" in 58 | CYGWIN*) cygwin=true ;; 59 | MINGW*) mingw=true;; 60 | Darwin*) darwin=true 61 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 62 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 63 | if [ -z "$JAVA_HOME" ]; then 64 | if [ -x "/usr/libexec/java_home" ]; then 65 | export JAVA_HOME="`/usr/libexec/java_home`" 66 | else 67 | export JAVA_HOME="/Library/Java/Home" 68 | fi 69 | fi 70 | ;; 71 | esac 72 | 73 | if [ -z "$JAVA_HOME" ] ; then 74 | if [ -r /etc/gentoo-release ] ; then 75 | JAVA_HOME=`java-config --jre-home` 76 | fi 77 | fi 78 | 79 | if [ -z "$M2_HOME" ] ; then 80 | ## resolve links - $0 may be a link to maven's home 81 | PRG="$0" 82 | 83 | # need this for relative symlinks 84 | while [ -h "$PRG" ] ; do 85 | ls=`ls -ld "$PRG"` 86 | link=`expr "$ls" : '.*-> \(.*\)$'` 87 | if expr "$link" : '/.*' > /dev/null; then 88 | PRG="$link" 89 | else 90 | PRG="`dirname "$PRG"`/$link" 91 | fi 92 | done 93 | 94 | saveddir=`pwd` 95 | 96 | M2_HOME=`dirname "$PRG"`/.. 97 | 98 | # make it fully qualified 99 | M2_HOME=`cd "$M2_HOME" && pwd` 100 | 101 | cd "$saveddir" 102 | # echo Using m2 at $M2_HOME 103 | fi 104 | 105 | # For Cygwin, ensure paths are in UNIX format before anything is touched 106 | if $cygwin ; then 107 | [ -n "$M2_HOME" ] && 108 | M2_HOME=`cygpath --unix "$M2_HOME"` 109 | [ -n "$JAVA_HOME" ] && 110 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 111 | [ -n "$CLASSPATH" ] && 112 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 113 | fi 114 | 115 | # For Mingw, ensure paths are in UNIX format before anything is touched 116 | if $mingw ; then 117 | [ -n "$M2_HOME" ] && 118 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 119 | [ -n "$JAVA_HOME" ] && 120 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 121 | fi 122 | 123 | if [ -z "$JAVA_HOME" ]; then 124 | javaExecutable="`which javac`" 125 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 126 | # readlink(1) is not available as standard on Solaris 10. 127 | readLink=`which readlink` 128 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 129 | if $darwin ; then 130 | javaHome="`dirname \"$javaExecutable\"`" 131 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 132 | else 133 | javaExecutable="`readlink -f \"$javaExecutable\"`" 134 | fi 135 | javaHome="`dirname \"$javaExecutable\"`" 136 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 137 | JAVA_HOME="$javaHome" 138 | export JAVA_HOME 139 | fi 140 | fi 141 | fi 142 | 143 | if [ -z "$JAVACMD" ] ; then 144 | if [ -n "$JAVA_HOME" ] ; then 145 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 146 | # IBM's JDK on AIX uses strange locations for the executables 147 | JAVACMD="$JAVA_HOME/jre/sh/java" 148 | else 149 | JAVACMD="$JAVA_HOME/bin/java" 150 | fi 151 | else 152 | JAVACMD="`\\unset -f command; \\command -v java`" 153 | fi 154 | fi 155 | 156 | if [ ! -x "$JAVACMD" ] ; then 157 | echo "Error: JAVA_HOME is not defined correctly." >&2 158 | echo " We cannot execute $JAVACMD" >&2 159 | exit 1 160 | fi 161 | 162 | if [ -z "$JAVA_HOME" ] ; then 163 | echo "Warning: JAVA_HOME environment variable is not set." 164 | fi 165 | 166 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 167 | 168 | # traverses directory structure from process work directory to filesystem root 169 | # first directory with .mvn subdirectory is considered project base directory 170 | find_maven_basedir() { 171 | 172 | if [ -z "$1" ] 173 | then 174 | echo "Path not specified to find_maven_basedir" 175 | return 1 176 | fi 177 | 178 | basedir="$1" 179 | wdir="$1" 180 | while [ "$wdir" != '/' ] ; do 181 | if [ -d "$wdir"/.mvn ] ; then 182 | basedir=$wdir 183 | break 184 | fi 185 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 186 | if [ -d "${wdir}" ]; then 187 | wdir=`cd "$wdir/.."; pwd` 188 | fi 189 | # end of workaround 190 | done 191 | echo "${basedir}" 192 | } 193 | 194 | # concatenates all lines of a file 195 | concat_lines() { 196 | if [ -f "$1" ]; then 197 | echo "$(tr -s '\n' ' ' < "$1")" 198 | fi 199 | } 200 | 201 | BASE_DIR=`find_maven_basedir "$(pwd)"` 202 | if [ -z "$BASE_DIR" ]; then 203 | exit 1; 204 | fi 205 | 206 | ########################################################################################## 207 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 208 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 209 | ########################################################################################## 210 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then 211 | if [ "$MVNW_VERBOSE" = true ]; then 212 | echo "Found .mvn/wrapper/maven-wrapper.jar" 213 | fi 214 | else 215 | if [ "$MVNW_VERBOSE" = true ]; then 216 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." 217 | fi 218 | if [ -n "$MVNW_REPOURL" ]; then 219 | jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 220 | else 221 | jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 222 | fi 223 | while IFS="=" read key value; do 224 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;; 225 | esac 226 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" 227 | if [ "$MVNW_VERBOSE" = true ]; then 228 | echo "Downloading from: $jarUrl" 229 | fi 230 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" 231 | if $cygwin; then 232 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"` 233 | fi 234 | 235 | if command -v wget > /dev/null; then 236 | if [ "$MVNW_VERBOSE" = true ]; then 237 | echo "Found wget ... using wget" 238 | fi 239 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 240 | wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 241 | else 242 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 243 | fi 244 | elif command -v curl > /dev/null; then 245 | if [ "$MVNW_VERBOSE" = true ]; then 246 | echo "Found curl ... using curl" 247 | fi 248 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 249 | curl -o "$wrapperJarPath" "$jarUrl" -f 250 | else 251 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f 252 | fi 253 | 254 | else 255 | if [ "$MVNW_VERBOSE" = true ]; then 256 | echo "Falling back to using Java to download" 257 | fi 258 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" 259 | # For Cygwin, switch paths to Windows format before running javac 260 | if $cygwin; then 261 | javaClass=`cygpath --path --windows "$javaClass"` 262 | fi 263 | if [ -e "$javaClass" ]; then 264 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 265 | if [ "$MVNW_VERBOSE" = true ]; then 266 | echo " - Compiling MavenWrapperDownloader.java ..." 267 | fi 268 | # Compiling the Java class 269 | ("$JAVA_HOME/bin/javac" "$javaClass") 270 | fi 271 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 272 | # Running the downloader 273 | if [ "$MVNW_VERBOSE" = true ]; then 274 | echo " - Running MavenWrapperDownloader.java ..." 275 | fi 276 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") 277 | fi 278 | fi 279 | fi 280 | fi 281 | ########################################################################################## 282 | # End of extension 283 | ########################################################################################## 284 | 285 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 286 | if [ "$MVNW_VERBOSE" = true ]; then 287 | echo $MAVEN_PROJECTBASEDIR 288 | fi 289 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 290 | 291 | # For Cygwin, switch paths to Windows format before running java 292 | if $cygwin; then 293 | [ -n "$M2_HOME" ] && 294 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 295 | [ -n "$JAVA_HOME" ] && 296 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 297 | [ -n "$CLASSPATH" ] && 298 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 299 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 300 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 301 | fi 302 | 303 | # Provide a "standardized" way to retrieve the CLI args that will 304 | # work with both Windows and non-Windows executions. 305 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@" 306 | export MAVEN_CMD_LINE_ARGS 307 | 308 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 309 | 310 | exec "$JAVACMD" \ 311 | $MAVEN_OPTS \ 312 | $MAVEN_DEBUG_OPTS \ 313 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 314 | "-Dmaven.home=${M2_HOME}" \ 315 | "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 316 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 317 | -------------------------------------------------------------------------------- /products/product-service/mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM https://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM set title of command window 39 | title %0 40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' 41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 42 | 43 | @REM set %HOME% to equivalent of $HOME 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 45 | 46 | @REM Execute a user defined script before this one 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 49 | if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %* 50 | if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %* 51 | :skipRcPre 52 | 53 | @setlocal 54 | 55 | set ERROR_CODE=0 56 | 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal 58 | @setlocal 59 | 60 | @REM ==== START VALIDATION ==== 61 | if not "%JAVA_HOME%" == "" goto OkJHome 62 | 63 | echo. 64 | echo Error: JAVA_HOME not found in your environment. >&2 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2 66 | echo location of your Java installation. >&2 67 | echo. 68 | goto error 69 | 70 | :OkJHome 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init 72 | 73 | echo. 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2 77 | echo location of your Java installation. >&2 78 | echo. 79 | goto error 80 | 81 | @REM ==== END VALIDATION ==== 82 | 83 | :init 84 | 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 86 | @REM Fallback to current working directory if not found. 87 | 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 90 | 91 | set EXEC_DIR=%CD% 92 | set WDIR=%EXEC_DIR% 93 | :findBaseDir 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 95 | cd .. 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 97 | set WDIR=%CD% 98 | goto findBaseDir 99 | 100 | :baseDirFound 101 | set MAVEN_PROJECTBASEDIR=%WDIR% 102 | cd "%EXEC_DIR%" 103 | goto endDetectBaseDir 104 | 105 | :baseDirNotFound 106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 107 | cd "%EXEC_DIR%" 108 | 109 | :endDetectBaseDir 110 | 111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 112 | 113 | @setlocal EnableExtensions EnableDelayedExpansion 114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 116 | 117 | :endReadAdditionalConfig 118 | 119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 122 | 123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 124 | 125 | FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B 127 | ) 128 | 129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 131 | if exist %WRAPPER_JAR% ( 132 | if "%MVNW_VERBOSE%" == "true" ( 133 | echo Found %WRAPPER_JAR% 134 | ) 135 | ) else ( 136 | if not "%MVNW_REPOURL%" == "" ( 137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 138 | ) 139 | if "%MVNW_VERBOSE%" == "true" ( 140 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 141 | echo Downloading from: %DOWNLOAD_URL% 142 | ) 143 | 144 | powershell -Command "&{"^ 145 | "$webclient = new-object System.Net.WebClient;"^ 146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ 147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ 148 | "}"^ 149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^ 150 | "}" 151 | if "%MVNW_VERBOSE%" == "true" ( 152 | echo Finished downloading %WRAPPER_JAR% 153 | ) 154 | ) 155 | @REM End of extension 156 | 157 | @REM Provide a "standardized" way to retrieve the CLI args that will 158 | @REM work with both Windows and non-Windows executions. 159 | set MAVEN_CMD_LINE_ARGS=%* 160 | 161 | %MAVEN_JAVA_EXE% ^ 162 | %JVM_CONFIG_MAVEN_PROPS% ^ 163 | %MAVEN_OPTS% ^ 164 | %MAVEN_DEBUG_OPTS% ^ 165 | -classpath %WRAPPER_JAR% ^ 166 | "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^ 167 | %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 168 | if ERRORLEVEL 1 goto error 169 | goto end 170 | 171 | :error 172 | set ERROR_CODE=1 173 | 174 | :end 175 | @endlocal & set ERROR_CODE=%ERROR_CODE% 176 | 177 | if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost 178 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 179 | if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat" 180 | if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd" 181 | :skipRcPost 182 | 183 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 184 | if "%MAVEN_BATCH_PAUSE%"=="on" pause 185 | 186 | if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE% 187 | 188 | cmd /C exit /B %ERROR_CODE% 189 | -------------------------------------------------------------------------------- /products/product-service/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework.boot 7 | spring-boot-starter-parent 8 | 2.7.5 9 | 10 | 11 | org.sid 12 | product-service 13 | 0.0.1-SNAPSHOT 14 | product-service 15 | product-service 16 | 17 | 17 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter-data-jpa 23 | 24 | 25 | org.springframework.boot 26 | spring-boot-starter-oauth2-resource-server 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-web 31 | 32 | 33 | 34 | com.h2database 35 | h2 36 | runtime 37 | 38 | 39 | org.springframework.boot 40 | spring-boot-configuration-processor 41 | true 42 | 43 | 44 | org.projectlombok 45 | lombok 46 | true 47 | 48 | 49 | org.springframework.boot 50 | spring-boot-starter-test 51 | test 52 | 53 | 54 | 55 | 56 | 57 | 58 | org.springframework.boot 59 | spring-boot-maven-plugin 60 | 61 | 62 | 63 | org.projectlombok 64 | lombok 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | -------------------------------------------------------------------------------- /products/product-service/src/main/java/org/sid/productservice/ProductServiceApplication.java: -------------------------------------------------------------------------------- 1 | package org.sid.productservice; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | import org.springframework.boot.context.properties.EnableConfigurationProperties; 6 | 7 | @SpringBootApplication 8 | @EnableConfigurationProperties(RsaKeyProperties.class) 9 | public class ProductServiceApplication { 10 | 11 | public static void main(String[] args) { 12 | SpringApplication.run(ProductServiceApplication.class, args); 13 | } 14 | 15 | } 16 | -------------------------------------------------------------------------------- /products/product-service/src/main/java/org/sid/productservice/RsaKeyProperties.java: -------------------------------------------------------------------------------- 1 | package org.sid.productservice; 2 | 3 | import org.springframework.boot.context.properties.ConfigurationProperties; 4 | 5 | import java.security.interfaces.RSAPrivateKey; 6 | import java.security.interfaces.RSAPublicKey; 7 | 8 | @ConfigurationProperties(prefix = "rsa") 9 | public record RsaKeyProperties(RSAPublicKey publicKey) { 10 | } 11 | -------------------------------------------------------------------------------- /products/product-service/src/main/java/org/sid/productservice/SecurityConfig.java: -------------------------------------------------------------------------------- 1 | package org.sid.productservice; 2 | import org.springframework.beans.factory.annotation.Autowired; 3 | import org.springframework.context.annotation.Bean; 4 | import org.springframework.context.annotation.Configuration; 5 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; 6 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 7 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 8 | import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer; 9 | import org.springframework.security.config.http.SessionCreationPolicy; 10 | import org.springframework.security.oauth2.jwt.JwtDecoder; 11 | import org.springframework.security.oauth2.jwt.NimbusJwtDecoder; 12 | import org.springframework.security.web.SecurityFilterChain; 13 | 14 | @Configuration 15 | @EnableWebSecurity 16 | @EnableGlobalMethodSecurity(prePostEnabled = true) 17 | public class SecurityConfig { 18 | @Autowired private RsaKeyProperties rsaKeyProperties; 19 | @Bean 20 | public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception{ 21 | return http.csrf(csrf->csrf.disable()) 22 | .headers().frameOptions().disable().and() 23 | .authorizeRequests(auth -> auth.antMatchers("/h2-console/**").permitAll() ) 24 | .authorizeRequests(auth -> auth.anyRequest().authenticated() ) 25 | .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt) 26 | .build(); 27 | } 28 | @Bean 29 | JwtDecoder jwtDecoder(){ 30 | System.out.println(rsaKeyProperties.publicKey()); 31 | return NimbusJwtDecoder.withPublicKey(rsaKeyProperties.publicKey()).build(); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /products/product-service/src/main/java/org/sid/productservice/web/TestRestController.java: -------------------------------------------------------------------------------- 1 | package org.sid.productservice.web; 2 | 3 | import org.springframework.security.access.prepost.PreAuthorize; 4 | import org.springframework.security.core.Authentication; 5 | import org.springframework.web.bind.annotation.GetMapping; 6 | import org.springframework.web.bind.annotation.RestController; 7 | 8 | import java.security.Principal; 9 | import java.util.Map; 10 | 11 | @RestController 12 | public class TestRestController { 13 | @GetMapping("/infos") 14 | @PreAuthorize("hasAuthority('SCOPE_USER')") 15 | public Map dataTest(Principal principal, Authentication authentication){ 16 | return Map.of("name","Compuer","price",7600,"username",principal.getName(),"authorities",authentication.getAuthorities()); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /products/product-service/src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | server.port=8086 2 | rsa.public-key=classpath:certs/pub.pem 3 | -------------------------------------------------------------------------------- /products/product-service/src/main/resources/certs/pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kkAjkeFD8LnTUfZBvsO 3 | tpo4SFKdFmTunrFWlGkIevG1OTjtNCQ8V3qM17goaja4arpxVYVI9FgX/JAftckg 4 | PQEjry8ZlEeOA8hYksA3tVYZCmq+cjswMnTyloSD1ccd9VhgSoKXpG/4ZAK2YiNE 5 | ytwkcLJYfY6CQODzv6vo0X4u1Lw71Uz61x4ERDXpVEbf9PKdss+VeZCIzvbQkX3j 6 | lWGjZZM2mIN7UHmFGgQU09c7bew4vUWG8GzkIQPnYzB17WPvL7gwLkzoAieE19Ns 7 | 33/uHArIcAcyWIyneBlvLkGiL26am1BBF1LvBYuql48eSXPQhLACy0+NSaeBxZeB 8 | MQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /products/product-service/src/test/java/org/sid/productservice/ProductServiceApplicationTests.java: -------------------------------------------------------------------------------- 1 | package org.sid.productservice; 2 | 3 | import org.junit.jupiter.api.Test; 4 | import org.springframework.boot.test.context.SpringBootTest; 5 | 6 | @SpringBootTest 7 | class ProductServiceApplicationTests { 8 | 9 | @Test 10 | void contextLoads() { 11 | } 12 | 13 | } 14 | -------------------------------------------------------------------------------- /pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgAIVQ0sy1JmmjXv20Wf 3 | 1pcO1ipptjHYw6hzOP8R7cL5nmf9WkeA7gsSp5JzGpAaaTEi4yQH1uoDe/m4nXiS 4 | K0UDRG5EJDeuzL4lckhxSEW4T1aQnJbyCeycG9ydVaLShKJKZkmeA8u488V1VCEG 5 | NGojm4lY1Xs0lIlhMunfh+kJF80hmcdNiE3cgRsJN1RVDOikaTQuhXE7DVumpDRt 6 | 0zwHvIV4fxeWlfwpXe1WPq3y19IQ3NQYo8VeOSBnhYqVrQ7iPwDG8UdaEC/hpJqT 7 | WPDVdJwRYWE8S+DfhbzBCtiHOhkiKOqARWWXumof9E+/SrtzdinqPRoek9gbKGpp 8 | ZQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/AuthController.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice; 2 | 3 | import org.sid.secservice.dto.LoginRequest; 4 | import org.sid.secservice.entities.AppUser; 5 | import org.sid.secservice.services.AccountService; 6 | import org.sid.secservice.services.TokenService; 7 | import org.slf4j.Logger; 8 | import org.slf4j.LoggerFactory; 9 | import org.springframework.http.HttpStatus; 10 | import org.springframework.http.ResponseEntity; 11 | import org.springframework.security.authentication.AuthenticationManager; 12 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 13 | import org.springframework.security.core.Authentication; 14 | import org.springframework.security.core.GrantedAuthority; 15 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 16 | import org.springframework.security.oauth2.jwt.Jwt; 17 | import org.springframework.security.oauth2.jwt.JwtDecoder; 18 | import org.springframework.web.bind.annotation.PostMapping; 19 | import org.springframework.web.bind.annotation.RestController; 20 | 21 | import javax.servlet.http.HttpServletRequest; 22 | import java.util.Collection; 23 | import java.util.HashMap; 24 | import java.util.Map; 25 | import java.util.stream.Collectors; 26 | 27 | @RestController 28 | public class AuthController { 29 | private static final Logger LOGGER= LoggerFactory.getLogger(AuthController.class); 30 | private final TokenService tokenService; 31 | private final AccountService accountService; 32 | private final JwtDecoder jwtDecoder; 33 | private AuthenticationManager authenticationManager; 34 | 35 | public AuthController(TokenService tokenService, AccountService accountService, JwtDecoder jwtDecoder, AuthenticationManager authenticationManager) { 36 | this.tokenService = tokenService; 37 | this.accountService = accountService; 38 | this.jwtDecoder = jwtDecoder; 39 | this.authenticationManager = authenticationManager; 40 | } 41 | 42 | /* 43 | @PostMapping("/token") 44 | public String requestForToken(Authentication authentication){ 45 | return tokenService.generateJwtToken(authentication); 46 | } 47 | */ 48 | @PostMapping("/token") 49 | public ResponseEntity> requestForToken(LoginRequest loginRequest){ 50 | Map response; 51 | if(loginRequest.grantType().equals("password")){ 52 | Authentication authentication=authenticationManager.authenticate( 53 | new UsernamePasswordAuthenticationToken( 54 | loginRequest.username(),loginRequest.password() 55 | ) 56 | ); 57 | response=tokenService.generateJwtToken(authentication.getName(),authentication.getAuthorities(),loginRequest.withRefreshToken()); 58 | return ResponseEntity.ok(response); 59 | } else if(loginRequest.grantType().equals("refreshToken")){ 60 | String refreshToken=loginRequest.refreshToken(); 61 | if(refreshToken==null) { 62 | return new ResponseEntity<>(Map.of("error","RefreshToken Not Present"),HttpStatus.UNAUTHORIZED); 63 | } 64 | Jwt decodedJwt = jwtDecoder.decode(refreshToken); 65 | String username=decodedJwt.getSubject(); 66 | AppUser appUser=accountService.findByUserName(username); 67 | Collection authorities=appUser.getAppRoles() 68 | .stream() 69 | .map(role->new SimpleGrantedAuthority(role.getRoleName())) 70 | .collect(Collectors.toList()); 71 | response=tokenService.generateJwtToken(appUser.getUsername(),authorities,loginRequest.withRefreshToken()); 72 | return ResponseEntity.ok(response); 73 | } 74 | return new ResponseEntity(Map.of("error",String.format("grantType <<%s>> not supported ",loginRequest.grantType())),HttpStatus.UNAUTHORIZED); 75 | } 76 | } 77 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/GenerateKayPair.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice; 2 | 3 | import org.bouncycastle.util.io.pem.PemObject; 4 | import org.bouncycastle.util.io.pem.PemWriter; 5 | import java.io.*; 6 | import java.security.KeyPairGenerator; 7 | import java.security.NoSuchAlgorithmException; 8 | public class GenerateKayPair { 9 | public static void main(String[] args) throws NoSuchAlgorithmException, IOException { 10 | KeyPairGenerator keyPairGenerator=KeyPairGenerator.getInstance("RSA"); 11 | var keyPair=keyPairGenerator.generateKeyPair(); 12 | byte[] pub = keyPair.getPublic().getEncoded(); 13 | byte[] pri = keyPair.getPrivate().getEncoded(); 14 | PemWriter pemWriter = new PemWriter(new OutputStreamWriter(new FileOutputStream("pub.pem"))); 15 | PemObject pemObject=new PemObject("PUBLIC KEY",pub); 16 | pemWriter.writeObject(pemObject); 17 | pemWriter.close(); 18 | PemWriter pemWriter2 = new PemWriter(new OutputStreamWriter(new FileOutputStream("pri.pem"))); 19 | PemObject pemObject2=new PemObject("PRIVATE KEY",pri); 20 | pemWriter2.writeObject(pemObject2); 21 | pemWriter2.close(); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/MyRestAPI.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice; 2 | 3 | import org.springframework.beans.factory.annotation.Autowired; 4 | import org.springframework.security.access.prepost.PreAuthorize; 5 | import org.springframework.security.authentication.AuthenticationManager; 6 | import org.springframework.security.core.Authentication; 7 | import org.springframework.web.bind.annotation.GetMapping; 8 | import org.springframework.web.bind.annotation.RestController; 9 | 10 | import java.security.Principal; 11 | import java.util.Map; 12 | 13 | @RestController 14 | public class MyRestAPI { 15 | @GetMapping("/infos") 16 | @PreAuthorize("hasAuthority('SCOPE_USER')") 17 | public Map dataTest(Principal principal, Authentication authentication){ 18 | return Map.of("name","Compuer","price",7600,"username",principal.getName(),"authorities",authentication.getAuthorities()); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/RsaKeyProperties.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice; 2 | 3 | import org.springframework.boot.context.properties.ConfigurationProperties; 4 | 5 | import java.security.interfaces.RSAPrivateKey; 6 | import java.security.interfaces.RSAPublicKey; 7 | @ConfigurationProperties(prefix = "rsa") 8 | public record RsaKeyProperties(RSAPublicKey publicKey, RSAPrivateKey privateKey) { 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/SecServiceApplication.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice; 2 | 3 | import com.nimbusds.jose.util.Base64URL; 4 | import org.apache.tomcat.util.net.jsse.PEMFile; 5 | import org.bouncycastle.util.io.pem.PemObject; 6 | import org.bouncycastle.util.io.pem.PemWriter; 7 | import org.sid.secservice.entities.AppRole; 8 | import org.sid.secservice.entities.AppUser; 9 | import org.sid.secservice.services.AccountService; 10 | import org.springframework.boot.CommandLineRunner; 11 | import org.springframework.boot.SpringApplication; 12 | import org.springframework.boot.autoconfigure.SpringBootApplication; 13 | import org.springframework.boot.context.properties.EnableConfigurationProperties; 14 | import org.springframework.context.annotation.Bean; 15 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 16 | import org.springframework.security.crypto.password.PasswordEncoder; 17 | 18 | import java.io.FileNotFoundException; 19 | import java.io.FileOutputStream; 20 | import java.io.IOException; 21 | import java.io.OutputStreamWriter; 22 | import java.security.KeyPair; 23 | import java.security.KeyPairGenerator; 24 | import java.security.NoSuchAlgorithmException; 25 | import java.util.Base64; 26 | 27 | @SpringBootApplication 28 | @EnableConfigurationProperties(RsaKeyProperties.class) 29 | public class SecServiceApplication { 30 | 31 | public static void main(String[] args) { 32 | SpringApplication.run(SecServiceApplication.class, args); 33 | } 34 | 35 | @Bean 36 | CommandLineRunner start(AccountService accountService, PasswordEncoder passwordEncoder){ 37 | return args -> { 38 | accountService.newUser(AppUser.builder().username("user1").password(passwordEncoder.encode("1234")).build()); 39 | accountService.newUser(AppUser.builder().username("user2").password(passwordEncoder.encode("1234")).build()); 40 | accountService.newUser(AppUser.builder().username("admin").password(passwordEncoder.encode("1234")).build()); 41 | accountService.newRole(AppRole.builder().roleName("USER").build()); 42 | accountService.newRole(AppRole.builder().roleName("ADMIN").build()); 43 | accountService.addRoleToUser("user1","USER"); 44 | accountService.addRoleToUser("user2","USER"); 45 | accountService.addRoleToUser("admin","USER"); 46 | accountService.addRoleToUser("admin","ADMIN"); 47 | }; 48 | } 49 | @Bean 50 | PasswordEncoder passwordEncoder(){ 51 | return new BCryptPasswordEncoder(); 52 | } 53 | @Bean 54 | KeyPair keyPair() throws NoSuchAlgorithmException, IOException { 55 | KeyPairGenerator keyPairGenerator=KeyPairGenerator.getInstance("RSA"); 56 | var keyPair=keyPairGenerator.generateKeyPair(); 57 | return keyPair; 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/SecurityConfig.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice; 2 | 3 | import com.nimbusds.jose.jwk.JWK; 4 | import com.nimbusds.jose.jwk.JWKSet; 5 | import com.nimbusds.jose.jwk.RSAKey; 6 | import com.nimbusds.jose.jwk.source.ImmutableJWKSet; 7 | import com.nimbusds.jose.jwk.source.JWKSource; 8 | import com.nimbusds.jose.proc.SecurityContext; 9 | import org.sid.secservice.entities.AppUser; 10 | import org.sid.secservice.services.AccountService; 11 | import org.springframework.beans.factory.annotation.Autowired; 12 | import org.springframework.context.annotation.Bean; 13 | import org.springframework.context.annotation.Configuration; 14 | import org.springframework.http.HttpMethod; 15 | import org.springframework.security.authentication.AuthenticationManager; 16 | import org.springframework.security.authentication.ProviderManager; 17 | import org.springframework.security.authentication.dao.DaoAuthenticationProvider; 18 | import org.springframework.security.config.Customizer; 19 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 20 | import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; 21 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; 22 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 23 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 24 | import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer; 25 | import org.springframework.security.config.http.SessionCreationPolicy; 26 | import org.springframework.security.core.Authentication; 27 | import org.springframework.security.core.GrantedAuthority; 28 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 29 | import org.springframework.security.core.userdetails.User; 30 | import org.springframework.security.core.userdetails.UserDetails; 31 | import org.springframework.security.core.userdetails.UserDetailsService; 32 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 33 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 34 | import org.springframework.security.crypto.password.PasswordEncoder; 35 | import org.springframework.security.oauth2.jwt.JwtDecoder; 36 | import org.springframework.security.oauth2.jwt.JwtEncoder; 37 | import org.springframework.security.oauth2.jwt.NimbusJwtDecoder; 38 | import org.springframework.security.oauth2.jwt.NimbusJwtEncoder; 39 | import org.springframework.security.provisioning.InMemoryUserDetailsManager; 40 | import org.springframework.security.web.SecurityFilterChain; 41 | 42 | import java.security.AuthProvider; 43 | import java.security.KeyPair; 44 | import java.security.interfaces.RSAPublicKey; 45 | import java.util.Collection; 46 | import java.util.List; 47 | import java.util.stream.Collectors; 48 | 49 | @Configuration 50 | @EnableWebSecurity 51 | @EnableGlobalMethodSecurity(prePostEnabled = true) 52 | public class SecurityConfig { 53 | 54 | @Autowired private RsaKeyProperties rsaKeyProperties; 55 | @Autowired private PasswordEncoder passwordEncoder; 56 | @Autowired private KeyPair keyPair; 57 | 58 | //@Bean 59 | AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception { 60 | return authenticationConfiguration.getAuthenticationManager(); 61 | } 62 | @Bean 63 | public AuthenticationManager authenticationManager(UserDetailsService userDetailsService){ 64 | var daoAuthProvider = new DaoAuthenticationProvider(); 65 | daoAuthProvider.setPasswordEncoder(passwordEncoder); 66 | daoAuthProvider.setUserDetailsService(userDetailsService); 67 | return new ProviderManager(daoAuthProvider); 68 | } 69 | //@Bean 70 | public UserDetailsService inMemoryUserDetailsManager(){ 71 | return new InMemoryUserDetailsManager( 72 | User.withUsername("user1").password("{noop}1234").authorities("USER").build(), 73 | User.withUsername("admin").password("{noop}1234").authorities("USER","ADMIN").build() 74 | ); 75 | } 76 | @Bean 77 | public UserDetailsService userDetailsService(){ 78 | return new UserDetailsService() { 79 | @Autowired private AccountService accountService; 80 | @Override 81 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 82 | AppUser appUser=accountService.findByUserName(username); 83 | if (appUser==null) throw new UsernameNotFoundException("User not found"); 84 | //Collection authorities= List.of(new SimpleGrantedAuthority("USER")); 85 | Collection authorities=appUser.getAppRoles().stream().map(r->new SimpleGrantedAuthority(r.getRoleName())).collect(Collectors.toList()); 86 | return new User(username,appUser.getPassword(),authorities); 87 | } 88 | }; 89 | } 90 | @Bean 91 | public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception{ 92 | return http.csrf(csrf->csrf.disable()) 93 | .headers().frameOptions().disable().and() 94 | .authorizeRequests(auth -> auth.antMatchers("/h2-console/**").permitAll() ) 95 | .authorizeRequests(auth -> auth.antMatchers("/idToken/**","/token/**").permitAll() ) 96 | .authorizeRequests(auth -> auth.anyRequest().authenticated() ) 97 | .sessionManagement(session->session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) 98 | //.httpBasic(Customizer.withDefaults()) 99 | .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt) 100 | .build(); 101 | } 102 | @Bean 103 | JwtDecoder jwtDecoder(){ 104 | return NimbusJwtDecoder.withPublicKey(rsaKeyProperties.publicKey()).build(); 105 | //return NimbusJwtDecoder.withPublicKey((RSAPublicKey) keyPair.getPublic()).build(); 106 | } 107 | @Bean 108 | JwtEncoder jwtEncoder(){ 109 | JWK jwk=new RSAKey.Builder(rsaKeyProperties.publicKey()).privateKey(rsaKeyProperties.privateKey()).build(); 110 | //JWK jwk=new RSAKey.Builder((RSAPublicKey)keyPair.getPublic()).privateKey(keyPair.getPrivate()).build(); 111 | JWKSource jwkSource=new ImmutableJWKSet<>(new JWKSet(jwk)); 112 | return new NimbusJwtEncoder(jwkSource); 113 | } 114 | } 115 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/dto/LoginRequest.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice.dto; 2 | 3 | public record LoginRequest( 4 | String grantType, 5 | String username, 6 | String password, 7 | boolean withRefreshToken, 8 | String refreshToken 9 | ) { 10 | } 11 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/entities/AppRole.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice.entities; 2 | 3 | import lombok.AllArgsConstructor; 4 | import lombok.Builder; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | 8 | import javax.persistence.Entity; 9 | import javax.persistence.GeneratedValue; 10 | import javax.persistence.GenerationType; 11 | import javax.persistence.Id; 12 | 13 | @Entity 14 | @Data @NoArgsConstructor @AllArgsConstructor @Builder 15 | public class AppRole { 16 | @Id @GeneratedValue(strategy = GenerationType.IDENTITY) 17 | private Long id; 18 | private String roleName; 19 | } 20 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/entities/AppUser.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice.entities; 2 | 3 | import lombok.AllArgsConstructor; 4 | import lombok.Builder; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | 8 | import javax.persistence.*; 9 | import java.util.List; 10 | @Entity 11 | @Data @NoArgsConstructor @AllArgsConstructor @Builder 12 | public class AppUser { 13 | @Id @GeneratedValue(strategy = GenerationType.IDENTITY) 14 | private Long id; 15 | private String username; 16 | private String password; 17 | private String email; 18 | @ManyToMany(fetch = FetchType.EAGER) 19 | private List appRoles; 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/repo/AppRoleRepository.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice.repo; 2 | 3 | import org.sid.secservice.entities.AppRole; 4 | import org.sid.secservice.entities.AppUser; 5 | import org.springframework.data.jpa.repository.JpaRepository; 6 | 7 | public interface AppRoleRepository extends JpaRepository { 8 | AppRole findByRoleName(String roleName); 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/repo/AppUserRepository.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice.repo; 2 | 3 | import org.sid.secservice.entities.AppUser; 4 | import org.springframework.data.jpa.repository.JpaRepository; 5 | 6 | public interface AppUserRepository extends JpaRepository { 7 | AppUser findByUsername(String username); 8 | } 9 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/services/AccountService.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice.services; 2 | 3 | import org.sid.secservice.entities.AppRole; 4 | import org.sid.secservice.entities.AppUser; 5 | import org.sid.secservice.repo.AppRoleRepository; 6 | import org.sid.secservice.repo.AppUserRepository; 7 | import org.springframework.security.core.Transient; 8 | import org.springframework.stereotype.Service; 9 | import org.springframework.transaction.annotation.Transactional; 10 | 11 | @Service 12 | @Transactional 13 | public class AccountService { 14 | private AppUserRepository appUserRepository; 15 | private AppRoleRepository appRoleRepository; 16 | 17 | public AccountService(AppUserRepository appUserRepository, AppRoleRepository appRoleRepository) { 18 | this.appUserRepository = appUserRepository; 19 | this.appRoleRepository = appRoleRepository; 20 | } 21 | 22 | public AppUser newUser(AppUser appUser){ 23 | return appUserRepository.save(appUser); 24 | } 25 | public AppRole newRole(AppRole appRole){ 26 | return appRoleRepository.save(appRole); 27 | } 28 | public void addRoleToUser(String userName,String roleName){ 29 | AppUser appUser=appUserRepository.findByUsername(userName); 30 | AppRole appRole=appRoleRepository.findByRoleName(roleName); 31 | appUser.getAppRoles().add(appRole); 32 | } 33 | public AppUser findByUserName(String userName){ 34 | return appUserRepository.findByUsername(userName); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /src/main/java/org/sid/secservice/services/TokenService.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice.services; 2 | 3 | import org.springframework.security.core.Authentication; 4 | import org.springframework.security.core.GrantedAuthority; 5 | import org.springframework.security.oauth2.jwt.JwtClaimsSet; 6 | import org.springframework.security.oauth2.jwt.JwtEncoder; 7 | import org.springframework.security.oauth2.jwt.JwtEncoderParameters; 8 | import org.springframework.stereotype.Service; 9 | 10 | import java.time.Instant; 11 | import java.time.temporal.ChronoUnit; 12 | import java.util.Collection; 13 | import java.util.HashMap; 14 | import java.util.Map; 15 | import java.util.stream.Collectors; 16 | @Service 17 | public class TokenService { 18 | private final JwtEncoder jwtEncoder; 19 | public TokenService(JwtEncoder jwtEncoder) { 20 | this.jwtEncoder = jwtEncoder; 21 | } 22 | public Map generateJwtToken(String username, Collection authorities, boolean withRefreshToken){ 23 | Map idToken=new HashMap<>(); 24 | Instant instant=Instant.now(); 25 | String scope=authorities.stream() 26 | .map(GrantedAuthority::getAuthority) 27 | .collect(Collectors.joining(" ")); 28 | JwtClaimsSet jwtClaimsSet=JwtClaimsSet.builder() 29 | .issuer("auth-service") 30 | .issuedAt(instant) 31 | .expiresAt(instant.plus(withRefreshToken?5:30, ChronoUnit.MINUTES)) 32 | .subject(username) 33 | .claim("scope",scope) 34 | .build(); 35 | String accessToken = this.jwtEncoder.encode(JwtEncoderParameters.from(jwtClaimsSet)).getTokenValue(); 36 | idToken.put("accessToken",accessToken); 37 | if(withRefreshToken){ 38 | JwtClaimsSet jwtRefreshTokenClaimsSet=JwtClaimsSet.builder() 39 | .issuer("auth-service") 40 | .issuedAt(instant) 41 | .expiresAt(instant.plus(10, ChronoUnit.MINUTES)) 42 | .subject(username) 43 | .build(); 44 | String refreshToken = this.jwtEncoder.encode(JwtEncoderParameters.from(jwtRefreshTokenClaimsSet)).getTokenValue(); 45 | idToken.put("refreshToken",refreshToken); 46 | } 47 | return idToken; 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | server.port=8083 2 | rsa.private-key=classpath:certs/pri.pem 3 | rsa.public-key=classpath:certs/pub.pem 4 | spring.datasource.url=jdbc:h2:mem:accounts-db 5 | spring.h2.console.enabled=true 6 | -------------------------------------------------------------------------------- /src/main/resources/certs/keypair.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAyvVo1JwXuxq9v4t3gdai1BvejHbTEvN6x1CZnF/SrXo4RoOw 3 | BQLUn2c8Uw1/N7mj5rYcREiUlifuf84K/JiQUWR8wGAG+i/FAO+JxvbjDiIm+xDQ 4 | blEcQtiVk8ijafM6YpGZBp7OaXUcC7J7OmA8lJGZ1fci3VPLmzfuuX+/cMHI6Kp7 5 | hvhqe8oUnn0j0F5UOETZuUUMjo4zkzByRwofwWzgzlLs6sKTvHeIX1YinwimZEcF 6 | lZ8lxxdSbrYZGBuLuQh6L5EnxYSjSqW6vvgty4Ux37v5SOaWT4/hX/mXuYCHzioS 7 | wfNwrgFk/FuPsWcpREh4w2heH4rZ5CESFm2DIwIDAQABAoIBAQCFpd0GRFOMLivN 8 | OnXT1hcbPc7rCEQuMo8jOPwucRs2iUkNhiIe6qJA5aZfun+PnntDraAnhvPxfRIc 9 | rv2lIIHIVzefJpzxmwtLdnFvx5v07qBkq8nVGyxVCHJXAsQ5PKWxytbN+T1LTIbP 10 | XRSweDbsToTS1Q7sWAW3jLlzBaB3CrfTqac+EnXB6L6IycbeWSdg7exIJ2B3ePz8 11 | UtV0/OqZcTa9ZtaVOM7Xqz8JVFG+1xnbk+YTQnkiY2C7Nlz42Aj7w7SLHaljcIie 12 | 0Y3aMVycv83H4xbXuKN5ZPHB80MX0XgxlY+pVggPDPoVyNOEv2Td+E6nnz07dVit 13 | B1aOJKDBAoGBAPVGYrvjHIZTzvTAMtbguFHTbVrDexFWFTmhALZvjtsdsfHmNW3D 14 | nOKgK4vOIgok6J4Jmf1o1f9oJzFSaa23LoUqSxBHHZ856RjMf2nQXoB6MG5BrOUj 15 | pl22vkMsrNfD4vfkTj1RDQh6q4mF1hIo8r48KK03UepYEoov2LQLSA0ZAoGBANPV 16 | VXhErSX5oCYxz3yzGEXEyiFFKSZvlXJzveB6hn5tOnguPtWd7rzaXk/rd9gbuwrs 17 | teV3T82fnf0ZmVIEqntY68aw5CqlyrAa9Es3EeO2k1HL8YV0AboFOp5rpb80oiQ9 18 | 9q+yTscU9SK/tGSDtzPVJlcdbvPAVhhPLZrTV92bAoGAfMXIlmILcb4SqulXM35v 19 | 5ZhTqfeFlKUg+QcRcL1Bg/AQRMliZqs7FQJ8BIvhPx3VhAfIYWRCcMJQJcQR5IAq 20 | Vy3Tr70tsYFpNedZ7b9FQ8BlAMHCLXK8QDIlidChQMXyoT5wGrsvkR+uQbBm3Sgd 21 | jG7YFn3s2vTgwZFjgPu4NIkCgYBm+usWEKzsLTKB3u0zfg1qvYRWMD0VBmHsxf+k 22 | xWvkwk0OZ8z8JE8PWElJKPuV/8UqRnEXIK2XFOXFSVCT4tjOJihY613AreCfRDtG 23 | 5Xq47OUpeq/rZL4CJNCee06UaY35eHYYa+KIPdP+FJwp0S6a8CA3cYOi0/oGz1co 24 | UV4ByQKBgQCuBhWBNSVFR2S7F/f1GfV9/YjATLBU2JObDp0ftahKCirGfl1HUvia 25 | stg2ntXpNDQpwXVfhBW3J7WUUd2Gk87U5Ap/WEddwXWxN0mAAGTAbUyMuZJvFXXs 26 | ANtVkLvhKSU7fl0ixiicbhzU5E6pn+alxZ2EYsEtDFQTiG8OGmgUmA== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /src/main/resources/certs/pri.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaSQCOR4UPwudN 3 | R9kG+w62mjhIUp0WZO6esVaUaQh68bU5OO00JDxXeozXuChqNrhqunFVhUj0WBf8 4 | kB+1ySA9ASOvLxmUR44DyFiSwDe1VhkKar5yOzAydPKWhIPVxx31WGBKgpekb/hk 5 | ArZiI0TK3CRwslh9joJA4PO/q+jRfi7UvDvVTPrXHgRENelURt/08p2yz5V5kIjO 6 | 9tCRfeOVYaNlkzaYg3tQeYUaBBTT1ztt7Di9RYbwbOQhA+djMHXtY+8vuDAuTOgC 7 | J4TX02zff+4cCshwBzJYjKd4GW8uQaIvbpqbUEEXUu8Fi6qXjx5Jc9CEsALLT41J 8 | p4HFl4ExAgMBAAECggEAMc5NZ6lu9XkxwKLfpKWdJlIK/ImJGUZ/Ycsx55wNmMvU 9 | 31EbYnXQJN+sCj6VTiLdMlEHMg2+5y3Aj1qtOZPCHNlJNJwpGHm5MCjC+P0N2Pzj 10 | qspPWQ4jQagIgAqNcDZGIih/lBC3HAiGYv9xcPP+KtFPKT2wTjm5g6cwRrApZ78Y 11 | dUJvq6Un7HgiXZu8pwlUdvyEm4L4mCCClpV1VZ3KWJVxV6LyJBTe8dGfN8u/Og8h 12 | Q5FAAkmNp6Oqta4nkxHJaVtxP+XhwsqrwFDwU7UiwSx7MU1XEVxZ+aZilOXg1tTT 13 | ZrO5ivFr03lp/rYlim/jeBw7Bk/mPX7syjvkGjHgTwKBgQDm0DYdhpU7y/2f+V2O 14 | X7WnSxHqWEjpLfQyEfM2hbm78YG7p4TFdJQSHz2WLU2LKY43qiyB0KTWcjaj43sm 15 | 8iy7cpbYv7ukc7QJxF6hut9Tu9kFr6N3Far4I47OfKyirxQWK8U+ezYAlLZcw3Lq 16 | chO1IQmfNV7LbS/heAGgQ0HxuwKBgQDyGtDLvwSEv6UFbYCWJGQ9PNnZ4Y6A5Sfl 17 | Lnc9CHxUYn1Jy1qADRsXaqlAMYbDxdvns7dMhBW/IroiqyvbDN3RLZFjqKRb/M8T 18 | uT+/PqeDgejC4jIEiIQ2nKDZZY87Kes2aBVzH3YPf4jVMbgfWQxFYt3ir8v9VWPL 19 | VWpd7xREAwKBgQC0PTlU+yiEJnqqtsb5DAJFXljiIAjnlgwQIXZESE7O1fvR9zG2 20 | I6AROrYUFNJt7ohxLYFN6gkesNe8SUJ9GjYWNphXL/oupG+eBOtE7jHBKHqDdzF2 21 | J8R3uwSkeDUzYPaVjZ6ceQilkXuKmtGdBHIhSmhCHCInRt9R+S2D4aGYSwKBgQDv 22 | p8/MAFiOt8644r6I4ZlAbT4RSg/wU+b8HNT327CHL79qDxyU6WRJ99F2tA/9N50J 23 | bYMjARUt0UiEDQEqoz/oUr0687NPQ6AQnC4YOANGUJCCabqtdh26ma03xirUnBg0 24 | ETA6d4g8qzheIgtrLJDTFp0iSncZXS+eFf1m4sUi1QKBgC/UckMj4XF1lU/dc0mz 25 | qdROjlebNo5FEKTOb7wGc9N/G8RwcypgyKngXes3MX80RHph8U76QkuYdwseRbL1 26 | vmPIcEAj4uCXhYYVVCjc0xprDrr4UKtlfafoIt5NP2hbzo073rklhSTnSjiUWuxN 27 | s3cUaxAwsDR483sX8hIY9v0/ 28 | -----END PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /src/main/resources/certs/private.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDK9WjUnBe7Gr2/ 3 | i3eB1qLUG96MdtMS83rHUJmcX9KtejhGg7AFAtSfZzxTDX83uaPmthxESJSWJ+5/ 4 | zgr8mJBRZHzAYAb6L8UA74nG9uMOIib7ENBuURxC2JWTyKNp8zpikZkGns5pdRwL 5 | sns6YDyUkZnV9yLdU8ubN+65f79wwcjoqnuG+Gp7yhSefSPQXlQ4RNm5RQyOjjOT 6 | MHJHCh/BbODOUuzqwpO8d4hfViKfCKZkRwWVnyXHF1JuthkYG4u5CHovkSfFhKNK 7 | pbq++C3LhTHfu/lI5pZPj+Ff+Ze5gIfOKhLB83CuAWT8W4+xZylESHjDaF4fitnk 8 | IRIWbYMjAgMBAAECggEBAIWl3QZEU4wuK806ddPWFxs9zusIRC4yjyM4/C5xGzaJ 9 | SQ2GIh7qokDlpl+6f4+ee0OtoCeG8/F9Ehyu/aUggchXN58mnPGbC0t2cW/Hm/Tu 10 | oGSrydUbLFUIclcCxDk8pbHK1s35PUtMhs9dFLB4NuxOhNLVDuxYBbeMuXMFoHcK 11 | t9Oppz4SdcHovojJxt5ZJ2Dt7EgnYHd4/PxS1XT86plxNr1m1pU4zterPwlUUb7X 12 | GduT5hNCeSJjYLs2XPjYCPvDtIsdqWNwiJ7RjdoxXJy/zcfjFte4o3lk8cHzQxfR 13 | eDGVj6lWCA8M+hXI04S/ZN34TqefPTt1WK0HVo4koMECgYEA9UZiu+MchlPO9MAy 14 | 1uC4UdNtWsN7EVYVOaEAtm+O2x2x8eY1bcOc4qAri84iCiTongmZ/WjV/2gnMVJp 15 | rbcuhSpLEEcdnznpGMx/adBegHowbkGs5SOmXba+Qyys18Pi9+ROPVENCHqriYXW 16 | EijyvjworTdR6lgSii/YtAtIDRkCgYEA09VVeEStJfmgJjHPfLMYRcTKIUUpJm+V 17 | cnO94HqGfm06eC4+1Z3uvNpeT+t32Bu7Cuy15XdPzZ+d/RmZUgSqe1jrxrDkKqXK 18 | sBr0SzcR47aTUcvxhXQBugU6nmulvzSiJD32r7JOxxT1Ir+0ZIO3M9UmVx1u88BW 19 | GE8tmtNX3ZsCgYB8xciWYgtxvhKq6Vczfm/lmFOp94WUpSD5BxFwvUGD8BBEyWJm 20 | qzsVAnwEi+E/HdWEB8hhZEJwwlAlxBHkgCpXLdOvvS2xgWk151ntv0VDwGUAwcIt 21 | crxAMiWJ0KFAxfKhPnAauy+RH65BsGbdKB2MbtgWfeza9ODBkWOA+7g0iQKBgGb6 22 | 6xYQrOwtMoHe7TN+DWq9hFYwPRUGYezF/6TFa+TCTQ5nzPwkTw9YSUko+5X/xSpG 23 | cRcgrZcU5cVJUJPi2M4mKFjrXcCt4J9EO0blerjs5Sl6r+tkvgIk0J57TpRpjfl4 24 | dhhr4og90/4UnCnRLprwIDdxg6LT+gbPVyhRXgHJAoGBAK4GFYE1JUVHZLsX9/UZ 25 | 9X39iMBMsFTYk5sOnR+1qEoKKsZ+XUdS+Jqy2Dae1ek0NCnBdV+EFbcntZRR3YaT 26 | ztTkCn9YR13BdbE3SYAAZMBtTIy5km8VdewA21WQu+EpJTt+XSLGKJxuHNTkTqmf 27 | 5qXFnYRiwS0MVBOIbw4aaBSY 28 | -----END PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /src/main/resources/certs/pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kkAjkeFD8LnTUfZBvsO 3 | tpo4SFKdFmTunrFWlGkIevG1OTjtNCQ8V3qM17goaja4arpxVYVI9FgX/JAftckg 4 | PQEjry8ZlEeOA8hYksA3tVYZCmq+cjswMnTyloSD1ccd9VhgSoKXpG/4ZAK2YiNE 5 | ytwkcLJYfY6CQODzv6vo0X4u1Lw71Uz61x4ERDXpVEbf9PKdss+VeZCIzvbQkX3j 6 | lWGjZZM2mIN7UHmFGgQU09c7bew4vUWG8GzkIQPnYzB17WPvL7gwLkzoAieE19Ns 7 | 33/uHArIcAcyWIyneBlvLkGiL26am1BBF1LvBYuql48eSXPQhLACy0+NSaeBxZeB 8 | MQIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /src/main/resources/certs/public.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvVo1JwXuxq9v4t3gdai 3 | 1BvejHbTEvN6x1CZnF/SrXo4RoOwBQLUn2c8Uw1/N7mj5rYcREiUlifuf84K/JiQ 4 | UWR8wGAG+i/FAO+JxvbjDiIm+xDQblEcQtiVk8ijafM6YpGZBp7OaXUcC7J7OmA8 5 | lJGZ1fci3VPLmzfuuX+/cMHI6Kp7hvhqe8oUnn0j0F5UOETZuUUMjo4zkzByRwof 6 | wWzgzlLs6sKTvHeIX1YinwimZEcFlZ8lxxdSbrYZGBuLuQh6L5EnxYSjSqW6vvgt 7 | y4Ux37v5SOaWT4/hX/mXuYCHzioSwfNwrgFk/FuPsWcpREh4w2heH4rZ5CESFm2D 8 | IwIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /src/test/java/org/sid/secservice/SecServiceApplicationTests.java: -------------------------------------------------------------------------------- 1 | package org.sid.secservice; 2 | 3 | import org.junit.jupiter.api.Test; 4 | import org.springframework.boot.test.context.SpringBootTest; 5 | 6 | @SpringBootTest 7 | class SecServiceApplicationTests { 8 | 9 | @Test 10 | void contextLoads() { 11 | } 12 | 13 | } 14 | --------------------------------------------------------------------------------