├── .gitignore ├── .mvn └── wrapper │ ├── MavenWrapperDownloader.java │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── LICENSE.md ├── README.md ├── mvnw ├── mvnw.cmd ├── pom.xml └── src └── main ├── frontend └── themes │ └── flowwithjwtauthentication │ ├── main-layout.css │ ├── styles.css │ └── theme.json ├── java └── com │ └── example │ └── application │ ├── Application.java │ ├── data │ ├── Role.java │ ├── entity │ │ ├── AbstractEntity.java │ │ └── User.java │ └── service │ │ ├── UserRepository.java │ │ └── UserService.java │ ├── security │ ├── AuthenticatedUser.java │ ├── SecurityConfiguration.java │ └── UserDetailsServiceImpl.java │ └── views │ ├── MainLayout.java │ ├── helloworld │ └── HelloWorldView.java │ └── login │ └── LoginView.java └── resources ├── META-INF └── resources │ ├── icons │ └── icon.png │ └── images │ ├── empty-plant.png │ └── logo.png ├── application.properties ├── banner.txt └── data.sql /.gitignore: -------------------------------------------------------------------------------- 1 | /target/ 2 | .idea/ 3 | .settings 4 | .project 5 | .classpath 6 | 7 | *.iml 8 | .DS_Store 9 | 10 | # The following files are generated/updated by vaadin-maven-plugin 11 | node_modules/ 12 | frontend/generated/ 13 | pnpmfile.js 14 | vite.generated.ts 15 | 16 | # Browser drivers for local integration tests 17 | drivers/ 18 | # Error screenshots generated by TestBench for failed integration tests 19 | error-screenshots/ 20 | webpack.generated.js 21 | src/main/frontend/generated 22 | -------------------------------------------------------------------------------- /.mvn/wrapper/MavenWrapperDownloader.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2007-present the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | import java.io.*; 17 | import java.net.*; 18 | import java.nio.channels.*; 19 | import java.util.Properties; 20 | 21 | public class MavenWrapperDownloader { 22 | 23 | private static final String WRAPPER_VERSION = "0.5.6"; 24 | /** 25 | * Default URL to download the maven-wrapper.jar from, if no 'downloadUrl' is 26 | * provided. 27 | */ 28 | private static final String DEFAULT_DOWNLOAD_URL = "https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/" 29 | + WRAPPER_VERSION + "/maven-wrapper-" + WRAPPER_VERSION + ".jar"; 30 | 31 | /** 32 | * Path to the maven-wrapper.properties file, which might contain a downloadUrl 33 | * property to use instead of the default one. 34 | */ 35 | private static final String MAVEN_WRAPPER_PROPERTIES_PATH = ".mvn/wrapper/maven-wrapper.properties"; 36 | 37 | /** 38 | * Path where the maven-wrapper.jar will be saved to. 39 | */ 40 | private static final String MAVEN_WRAPPER_JAR_PATH = ".mvn/wrapper/maven-wrapper.jar"; 41 | 42 | /** 43 | * Name of the property which should be used to override the default download 44 | * url for the wrapper. 45 | */ 46 | private static final String PROPERTY_NAME_WRAPPER_URL = "wrapperUrl"; 47 | 48 | public static void main(String args[]) { 49 | System.out.println("- Downloader started"); 50 | File baseDirectory = new File(args[0]); 51 | System.out.println("- Using base directory: " + baseDirectory.getAbsolutePath()); 52 | 53 | // If the maven-wrapper.properties exists, read it and check if it contains a 54 | // custom 55 | // wrapperUrl parameter. 56 | File mavenWrapperPropertyFile = new File(baseDirectory, MAVEN_WRAPPER_PROPERTIES_PATH); 57 | String url = DEFAULT_DOWNLOAD_URL; 58 | if (mavenWrapperPropertyFile.exists()) { 59 | FileInputStream mavenWrapperPropertyFileInputStream = null; 60 | try { 61 | mavenWrapperPropertyFileInputStream = new FileInputStream(mavenWrapperPropertyFile); 62 | Properties mavenWrapperProperties = new Properties(); 63 | mavenWrapperProperties.load(mavenWrapperPropertyFileInputStream); 64 | url = mavenWrapperProperties.getProperty(PROPERTY_NAME_WRAPPER_URL, url); 65 | } catch (IOException e) { 66 | System.out.println("- ERROR loading '" + MAVEN_WRAPPER_PROPERTIES_PATH + "'"); 67 | } finally { 68 | try { 69 | if (mavenWrapperPropertyFileInputStream != null) { 70 | mavenWrapperPropertyFileInputStream.close(); 71 | } 72 | } catch (IOException e) { 73 | // Ignore ... 74 | } 75 | } 76 | } 77 | System.out.println("- Downloading from: " + url); 78 | 79 | File outputFile = new File(baseDirectory.getAbsolutePath(), MAVEN_WRAPPER_JAR_PATH); 80 | if (!outputFile.getParentFile().exists()) { 81 | if (!outputFile.getParentFile().mkdirs()) { 82 | System.out.println( 83 | "- ERROR creating output directory '" + outputFile.getParentFile().getAbsolutePath() + "'"); 84 | } 85 | } 86 | System.out.println("- Downloading to: " + outputFile.getAbsolutePath()); 87 | try { 88 | downloadFileFromURL(url, outputFile); 89 | System.out.println("Done"); 90 | System.exit(0); 91 | } catch (Throwable e) { 92 | System.out.println("- Error downloading"); 93 | e.printStackTrace(); 94 | System.exit(1); 95 | } 96 | } 97 | 98 | private static void downloadFileFromURL(String urlString, File destination) throws Exception { 99 | if (System.getenv("MVNW_USERNAME") != null && System.getenv("MVNW_PASSWORD") != null) { 100 | String username = System.getenv("MVNW_USERNAME"); 101 | char[] password = System.getenv("MVNW_PASSWORD").toCharArray(); 102 | Authenticator.setDefault(new Authenticator() { 103 | @Override 104 | protected PasswordAuthentication getPasswordAuthentication() { 105 | return new PasswordAuthentication(username, password); 106 | } 107 | }); 108 | } 109 | URL website = new URL(urlString); 110 | ReadableByteChannel rbc; 111 | rbc = Channels.newChannel(website.openStream()); 112 | FileOutputStream fos = new FileOutputStream(destination); 113 | fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE); 114 | fos.close(); 115 | rbc.close(); 116 | } 117 | 118 | } 119 | -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mstahv/flow-with-jwt-authentication/f19ffec17f325266dfa1b8c23e11cf6a9cbe3f50/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.1/apache-maven-3.8.1-bin.zip 2 | wrapperUrl=https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar 3 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | This is free and unencumbered software released into the public domain. 2 | 3 | Anyone is free to copy, modify, publish, use, compile, sell, or 4 | distribute this software, either in source code form or as a compiled 5 | binary, for any purpose, commercial or non-commercial, and by any 6 | means. 7 | 8 | In jurisdictions that recognize copyright laws, the author or authors 9 | of this software dedicate any and all copyright interest in the 10 | software to the public domain. We make this dedication for the benefit 11 | of the public at large and to the detriment of our heirs and 12 | successors. We intend this dedication to be an overt act of 13 | relinquishment in perpetuity of all present and future rights to this 14 | software under copyright law. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 19 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR 20 | OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 21 | ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 22 | OTHER DEALINGS IN THE SOFTWARE. 23 | 24 | For more information, please refer to 25 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Vaadin Flow example with JWT authentication 2 | 3 | This example project is generated using start.vaadin.com, with Spring Security on. After 4 | that the Spring Security configuration is modified so that it JWT is used to 5 | store the authentication information, instead of the usual Java Servlet Session. 6 | 7 | Even though Vaadin Flow app needs session for end-users anyways, this approach improves 8 | developer and end user experience when deploying new versions (no need to re-login when 9 | new UI is deployed). 10 | 11 | The `HelloWorldView` contains a hack that makes this rather trivial Vaadin UI 12 | non-serializable and this way lose the session on server restart. This is just to 13 | make testing the approach easier. To compare to "default behaviour", uncomment the 14 | JWT configuration from [SecurityConfiguration](https://github.com/mstahv/flow-with-jwt-authentication/blob/main/src/main/java/com/example/application/security/SecurityConfiguration.java#L39) 15 | and restart the application (also clear cookies). 16 | 17 | 18 | ## Running the application 19 | 20 | The project is a standard Maven project. To run it from the command line, 21 | type `mvnw` (Windows), or `./mvnw` (Mac & Linux), then open 22 | http://localhost:8080 in your browser. 23 | 24 | You can also import the project to your IDE of choice as you would with any 25 | Maven project. Read more on [how to import Vaadin projects to different 26 | IDEs](https://vaadin.com/docs/latest/flow/guide/step-by-step/importing) (Eclipse, IntelliJ IDEA, NetBeans, and VS Code). 27 | 28 | ## Deploying to Production 29 | 30 | To create a production build, call `mvnw clean package -Pproduction` (Windows), 31 | or `./mvnw clean package -Pproduction` (Mac & Linux). 32 | This will build a JAR file with all the dependencies and front-end resources, 33 | ready to be deployed. The file can be found in the `target` folder after the build completes. 34 | 35 | Once the JAR file is built, you can run it using 36 | `java -jar target/flowwithjwtauthentication-1.0-SNAPSHOT.jar` 37 | 38 | ## Project structure 39 | 40 | - `MainLayout.java` in `src/main/java` contains the navigation setup (i.e., the 41 | side/top bar and the main menu). This setup uses 42 | [App Layout](https://vaadin.com/components/vaadin-app-layout). 43 | - `views` package in `src/main/java` contains the server-side Java views of your application. 44 | - `views` folder in `frontend/` contains the client-side JavaScript views of your application. 45 | - `themes` folder in `frontend/` contains the custom CSS styles. 46 | 47 | ## Useful links 48 | 49 | - Read the documentation at [vaadin.com/docs](https://vaadin.com/docs). 50 | - Follow the tutorials at [vaadin.com/tutorials](https://vaadin.com/tutorials). 51 | - Watch training videos and get certified at [vaadin.com/learn/training](https://vaadin.com/learn/training). 52 | - Create new projects at [start.vaadin.com](https://start.vaadin.com/). 53 | - Search UI components and their usage examples at [vaadin.com/components](https://vaadin.com/components). 54 | - View use case applications that demonstrate Vaadin capabilities at [vaadin.com/examples-and-demos](https://vaadin.com/examples-and-demos). 55 | - Discover Vaadin's set of CSS utility classes that enable building any UI without custom CSS in the [docs](https://vaadin.com/docs/latest/ds/foundation/utility-classes). 56 | - Find a collection of solutions to common use cases in [Vaadin Cookbook](https://cookbook.vaadin.com/). 57 | - Find Add-ons at [vaadin.com/directory](https://vaadin.com/directory). 58 | - Ask questions on [Stack Overflow](https://stackoverflow.com/questions/tagged/vaadin) or join our [Discord channel](https://discord.gg/MYFq5RTbBn). 59 | - Report issues, create pull requests in [GitHub](https://github.com/vaadin/platform). 60 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /etc/mavenrc ] ; then 40 | . /etc/mavenrc 41 | fi 42 | 43 | if [ -f "$HOME/.mavenrc" ] ; then 44 | . "$HOME/.mavenrc" 45 | fi 46 | 47 | fi 48 | 49 | # OS specific support. $var _must_ be set to either true or false. 50 | cygwin=false; 51 | darwin=false; 52 | mingw=false 53 | case "`uname`" in 54 | CYGWIN*) cygwin=true ;; 55 | MINGW*) mingw=true;; 56 | Darwin*) darwin=true 57 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 58 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 59 | if [ -z "$JAVA_HOME" ]; then 60 | if [ -x "/usr/libexec/java_home" ]; then 61 | export JAVA_HOME="`/usr/libexec/java_home`" 62 | else 63 | export JAVA_HOME="/Library/Java/Home" 64 | fi 65 | fi 66 | ;; 67 | esac 68 | 69 | if [ -z "$JAVA_HOME" ] ; then 70 | if [ -r /etc/gentoo-release ] ; then 71 | JAVA_HOME=`java-config --jre-home` 72 | fi 73 | fi 74 | 75 | if [ -z "$M2_HOME" ] ; then 76 | ## resolve links - $0 may be a link to maven's home 77 | PRG="$0" 78 | 79 | # need this for relative symlinks 80 | while [ -h "$PRG" ] ; do 81 | ls=`ls -ld "$PRG"` 82 | link=`expr "$ls" : '.*-> \(.*\)$'` 83 | if expr "$link" : '/.*' > /dev/null; then 84 | PRG="$link" 85 | else 86 | PRG="`dirname "$PRG"`/$link" 87 | fi 88 | done 89 | 90 | saveddir=`pwd` 91 | 92 | M2_HOME=`dirname "$PRG"`/.. 93 | 94 | # make it fully qualified 95 | M2_HOME=`cd "$M2_HOME" && pwd` 96 | 97 | cd "$saveddir" 98 | # echo Using m2 at $M2_HOME 99 | fi 100 | 101 | # For Cygwin, ensure paths are in UNIX format before anything is touched 102 | if $cygwin ; then 103 | [ -n "$M2_HOME" ] && 104 | M2_HOME=`cygpath --unix "$M2_HOME"` 105 | [ -n "$JAVA_HOME" ] && 106 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 107 | [ -n "$CLASSPATH" ] && 108 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 109 | fi 110 | 111 | # For Mingw, ensure paths are in UNIX format before anything is touched 112 | if $mingw ; then 113 | [ -n "$M2_HOME" ] && 114 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 115 | [ -n "$JAVA_HOME" ] && 116 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 117 | fi 118 | 119 | if [ -z "$JAVA_HOME" ]; then 120 | javaExecutable="`which javac`" 121 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 122 | # readlink(1) is not available as standard on Solaris 10. 123 | readLink=`which readlink` 124 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 125 | if $darwin ; then 126 | javaHome="`dirname \"$javaExecutable\"`" 127 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 128 | else 129 | javaExecutable="`readlink -f \"$javaExecutable\"`" 130 | fi 131 | javaHome="`dirname \"$javaExecutable\"`" 132 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 133 | JAVA_HOME="$javaHome" 134 | export JAVA_HOME 135 | fi 136 | fi 137 | fi 138 | 139 | if [ -z "$JAVACMD" ] ; then 140 | if [ -n "$JAVA_HOME" ] ; then 141 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 142 | # IBM's JDK on AIX uses strange locations for the executables 143 | JAVACMD="$JAVA_HOME/jre/sh/java" 144 | else 145 | JAVACMD="$JAVA_HOME/bin/java" 146 | fi 147 | else 148 | JAVACMD="`which java`" 149 | fi 150 | fi 151 | 152 | if [ ! -x "$JAVACMD" ] ; then 153 | echo "Error: JAVA_HOME is not defined correctly." >&2 154 | echo " We cannot execute $JAVACMD" >&2 155 | exit 1 156 | fi 157 | 158 | if [ -z "$JAVA_HOME" ] ; then 159 | echo "Warning: JAVA_HOME environment variable is not set." 160 | fi 161 | 162 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 163 | 164 | # traverses directory structure from process work directory to filesystem root 165 | # first directory with .mvn subdirectory is considered project base directory 166 | find_maven_basedir() { 167 | 168 | if [ -z "$1" ] 169 | then 170 | echo "Path not specified to find_maven_basedir" 171 | return 1 172 | fi 173 | 174 | basedir="$1" 175 | wdir="$1" 176 | while [ "$wdir" != '/' ] ; do 177 | if [ -d "$wdir"/.mvn ] ; then 178 | basedir=$wdir 179 | break 180 | fi 181 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 182 | if [ -d "${wdir}" ]; then 183 | wdir=`cd "$wdir/.."; pwd` 184 | fi 185 | # end of workaround 186 | done 187 | echo "${basedir}" 188 | } 189 | 190 | # concatenates all lines of a file 191 | concat_lines() { 192 | if [ -f "$1" ]; then 193 | echo "$(tr -s '\n' ' ' < "$1")" 194 | fi 195 | } 196 | 197 | BASE_DIR=`find_maven_basedir "$(pwd)"` 198 | if [ -z "$BASE_DIR" ]; then 199 | exit 1; 200 | fi 201 | 202 | ########################################################################################## 203 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 204 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 205 | ########################################################################################## 206 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then 207 | if [ "$MVNW_VERBOSE" = true ]; then 208 | echo "Found .mvn/wrapper/maven-wrapper.jar" 209 | fi 210 | else 211 | if [ "$MVNW_VERBOSE" = true ]; then 212 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." 213 | fi 214 | if [ -n "$MVNW_REPOURL" ]; then 215 | jarUrl="$MVNW_REPOURL/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 216 | else 217 | jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 218 | fi 219 | while IFS="=" read key value; do 220 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;; 221 | esac 222 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" 223 | if [ "$MVNW_VERBOSE" = true ]; then 224 | echo "Downloading from: $jarUrl" 225 | fi 226 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" 227 | if $cygwin; then 228 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"` 229 | fi 230 | 231 | if command -v wget > /dev/null; then 232 | if [ "$MVNW_VERBOSE" = true ]; then 233 | echo "Found wget ... using wget" 234 | fi 235 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 236 | wget "$jarUrl" -O "$wrapperJarPath" 237 | else 238 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" 239 | fi 240 | elif command -v curl > /dev/null; then 241 | if [ "$MVNW_VERBOSE" = true ]; then 242 | echo "Found curl ... using curl" 243 | fi 244 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 245 | curl -o "$wrapperJarPath" "$jarUrl" -f 246 | else 247 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f 248 | fi 249 | 250 | else 251 | if [ "$MVNW_VERBOSE" = true ]; then 252 | echo "Falling back to using Java to download" 253 | fi 254 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" 255 | # For Cygwin, switch paths to Windows format before running javac 256 | if $cygwin; then 257 | javaClass=`cygpath --path --windows "$javaClass"` 258 | fi 259 | if [ -e "$javaClass" ]; then 260 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 261 | if [ "$MVNW_VERBOSE" = true ]; then 262 | echo " - Compiling MavenWrapperDownloader.java ..." 263 | fi 264 | # Compiling the Java class 265 | ("$JAVA_HOME/bin/javac" "$javaClass") 266 | fi 267 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 268 | # Running the downloader 269 | if [ "$MVNW_VERBOSE" = true ]; then 270 | echo " - Running MavenWrapperDownloader.java ..." 271 | fi 272 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") 273 | fi 274 | fi 275 | fi 276 | fi 277 | ########################################################################################## 278 | # End of extension 279 | ########################################################################################## 280 | 281 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 282 | if [ "$MVNW_VERBOSE" = true ]; then 283 | echo $MAVEN_PROJECTBASEDIR 284 | fi 285 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 286 | 287 | # For Cygwin, switch paths to Windows format before running java 288 | if $cygwin; then 289 | [ -n "$M2_HOME" ] && 290 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 291 | [ -n "$JAVA_HOME" ] && 292 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 293 | [ -n "$CLASSPATH" ] && 294 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 295 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 296 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 297 | fi 298 | 299 | # Provide a "standardized" way to retrieve the CLI args that will 300 | # work with both Windows and non-Windows executions. 301 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@" 302 | export MAVEN_CMD_LINE_ARGS 303 | 304 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 305 | 306 | exec "$JAVACMD" \ 307 | $MAVEN_OPTS \ 308 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 309 | "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 310 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 311 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM http://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM set title of command window 39 | title %0 40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' 41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 42 | 43 | @REM set %HOME% to equivalent of $HOME 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 45 | 46 | @REM Execute a user defined script before this one 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 49 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat" 50 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd" 51 | :skipRcPre 52 | 53 | @setlocal 54 | 55 | set ERROR_CODE=0 56 | 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal 58 | @setlocal 59 | 60 | @REM ==== START VALIDATION ==== 61 | if not "%JAVA_HOME%" == "" goto OkJHome 62 | 63 | echo. 64 | echo Error: JAVA_HOME not found in your environment. >&2 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2 66 | echo location of your Java installation. >&2 67 | echo. 68 | goto error 69 | 70 | :OkJHome 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init 72 | 73 | echo. 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2 77 | echo location of your Java installation. >&2 78 | echo. 79 | goto error 80 | 81 | @REM ==== END VALIDATION ==== 82 | 83 | :init 84 | 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 86 | @REM Fallback to current working directory if not found. 87 | 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 90 | 91 | set EXEC_DIR=%CD% 92 | set WDIR=%EXEC_DIR% 93 | :findBaseDir 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 95 | cd .. 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 97 | set WDIR=%CD% 98 | goto findBaseDir 99 | 100 | :baseDirFound 101 | set MAVEN_PROJECTBASEDIR=%WDIR% 102 | cd "%EXEC_DIR%" 103 | goto endDetectBaseDir 104 | 105 | :baseDirNotFound 106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 107 | cd "%EXEC_DIR%" 108 | 109 | :endDetectBaseDir 110 | 111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 112 | 113 | @setlocal EnableExtensions EnableDelayedExpansion 114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 116 | 117 | :endReadAdditionalConfig 118 | 119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 122 | 123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 124 | 125 | FOR /F "tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B 127 | ) 128 | 129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 131 | if exist %WRAPPER_JAR% ( 132 | if "%MVNW_VERBOSE%" == "true" ( 133 | echo Found %WRAPPER_JAR% 134 | ) 135 | ) else ( 136 | if not "%MVNW_REPOURL%" == "" ( 137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 138 | ) 139 | if "%MVNW_VERBOSE%" == "true" ( 140 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 141 | echo Downloading from: %DOWNLOAD_URL% 142 | ) 143 | 144 | powershell -Command "&{"^ 145 | "$webclient = new-object System.Net.WebClient;"^ 146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ 147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ 148 | "}"^ 149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^ 150 | "}" 151 | if "%MVNW_VERBOSE%" == "true" ( 152 | echo Finished downloading %WRAPPER_JAR% 153 | ) 154 | ) 155 | @REM End of extension 156 | 157 | @REM Provide a "standardized" way to retrieve the CLI args that will 158 | @REM work with both Windows and non-Windows executions. 159 | set MAVEN_CMD_LINE_ARGS=%* 160 | 161 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 162 | if ERRORLEVEL 1 goto error 163 | goto end 164 | 165 | :error 166 | set ERROR_CODE=1 167 | 168 | :end 169 | @endlocal & set ERROR_CODE=%ERROR_CODE% 170 | 171 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost 172 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 173 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat" 174 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd" 175 | :skipRcPost 176 | 177 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 178 | if "%MAVEN_BATCH_PAUSE%" == "on" pause 179 | 180 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE% 181 | 182 | exit /B %ERROR_CODE% 183 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example.application 7 | flowwithjwtauthentication 8 | Stateless JWT authentication for Spring Boot and Vaadin Flow 9 | 1.0-SNAPSHOT 10 | jar 11 | 12 | 13 | 17 14 | 24.6.0 15 | 16 | 17 | 18 | org.springframework.boot 19 | spring-boot-starter-parent 20 | 3.4.1 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | central 29 | https://repo.maven.apache.org/maven2 30 | 31 | false 32 | 33 | 34 | 35 | vaadin-prereleases 36 | 37 | https://maven.vaadin.com/vaadin-prereleases/ 38 | 39 | 40 | 41 | 42 | Vaadin Directory 43 | https://maven.vaadin.com/vaadin-addons 44 | 45 | false 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | central 54 | https://repo.maven.apache.org/maven2 55 | 56 | false 57 | 58 | 59 | 60 | vaadin-prereleases 61 | 62 | https://maven.vaadin.com/vaadin-prereleases/ 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | com.vaadin 71 | vaadin-bom 72 | ${vaadin.version} 73 | pom 74 | import 75 | 76 | 77 | 78 | 79 | 80 | 81 | com.vaadin 82 | 83 | vaadin 84 | 85 | 86 | com.vaadin 87 | vaadin-spring-boot-starter 88 | 89 | 90 | org.parttio 91 | line-awesome 92 | 2.1.0 93 | 94 | 95 | 96 | org.springframework.boot 97 | spring-boot-starter-security 98 | 99 | 100 | org.springframework.security 101 | spring-security-oauth2-jose 102 | 103 | 104 | org.springframework.security 105 | spring-security-oauth2-resource-server 106 | 107 | 108 | com.vaadin 109 | exampledata 110 | 6.2.0 111 | 112 | 113 | 114 | com.h2database 115 | h2 116 | 117 | 118 | 119 | org.springframework.boot 120 | spring-boot-starter-data-jpa 121 | 122 | 123 | 124 | org.springframework.boot 125 | spring-boot-starter-validation 126 | 127 | 128 | org.springframework.boot 129 | spring-boot-devtools 130 | true 131 | 132 | 133 | org.springframework.boot 134 | spring-boot-starter-test 135 | test 136 | 137 | 138 | 139 | 140 | 141 | spring-boot:run 142 | 143 | 144 | org.springframework.boot 145 | spring-boot-maven-plugin 146 | 148 | 149 | 500 150 | 240 151 | 152 | 153 | 154 | 159 | 160 | com.vaadin 161 | vaadin-maven-plugin 162 | ${vaadin.version} 163 | 164 | 165 | 166 | prepare-frontend 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | production 178 | 179 | 180 | 181 | com.vaadin 182 | vaadin-maven-plugin 183 | ${vaadin.version} 184 | 185 | 186 | 187 | build-frontend 188 | 189 | compile 190 | 191 | 192 | 193 | true 194 | true 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | it 203 | 204 | 205 | 206 | org.springframework.boot 207 | spring-boot-maven-plugin 208 | 209 | 210 | start-spring-boot 211 | pre-integration-test 212 | 213 | start 214 | 215 | 216 | 217 | stop-spring-boot 218 | post-integration-test 219 | 220 | stop 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | org.apache.maven.plugins 229 | maven-failsafe-plugin 230 | 231 | 232 | 233 | integration-test 234 | verify 235 | 236 | 237 | 238 | 239 | false 240 | true 241 | 242 | 243 | 244 | 245 | 246 | 247 | 248 | 249 | -------------------------------------------------------------------------------- /src/main/frontend/themes/flowwithjwtauthentication/main-layout.css: -------------------------------------------------------------------------------- 1 | vaadin-scroller[slot="drawer"] { 2 | padding: var(--lumo-space-s); 3 | } 4 | 5 | [slot="drawer"]:is(header, footer) { 6 | display: flex; 7 | align-items: center; 8 | gap: var(--lumo-space-s); 9 | padding: var(--lumo-space-s) var(--lumo-space-m); 10 | min-height: var(--lumo-size-xl); 11 | box-sizing: border-box; 12 | } 13 | 14 | [slot="drawer"]:is(header, footer):is(:empty) { 15 | display: none; 16 | } 17 | -------------------------------------------------------------------------------- /src/main/frontend/themes/flowwithjwtauthentication/styles.css: -------------------------------------------------------------------------------- 1 | @import url('./main-layout.css'); 2 | -------------------------------------------------------------------------------- /src/main/frontend/themes/flowwithjwtauthentication/theme.json: -------------------------------------------------------------------------------- 1 | { 2 | "lumoImports" : [ "typography", "color", "spacing", "badge", "utility" ] 3 | } -------------------------------------------------------------------------------- /src/main/java/com/example/application/Application.java: -------------------------------------------------------------------------------- 1 | package com.example.application; 2 | 3 | import com.vaadin.flow.component.dependency.NpmPackage; 4 | import com.vaadin.flow.component.page.AppShellConfigurator; 5 | import com.vaadin.flow.server.PWA; 6 | import com.vaadin.flow.theme.Theme; 7 | import org.springframework.boot.SpringApplication; 8 | import org.springframework.boot.autoconfigure.SpringBootApplication; 9 | 10 | /** 11 | * The entry point of the Spring Boot application. 12 | * 13 | * Use the @PWA annotation make the application installable on phones, tablets 14 | * and some desktop browsers. 15 | * 16 | */ 17 | @SpringBootApplication 18 | @Theme(value = "flowwithjwtauthentication") 19 | @PWA(name = "Flow with JWT authentication", shortName = "Flow with JWT authentication", offlineResources = { 20 | "images/logo.png"}) 21 | public class Application implements AppShellConfigurator { 22 | 23 | public static void main(String[] args) { 24 | SpringApplication.run(Application.class, args); 25 | } 26 | 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/data/Role.java: -------------------------------------------------------------------------------- 1 | package com.example.application.data; 2 | 3 | public enum Role { 4 | USER("user"), ADMIN("admin"); 5 | 6 | private String roleName; 7 | 8 | private Role(String roleName) { 9 | this.roleName = roleName; 10 | } 11 | 12 | public String getRoleName() { 13 | return roleName; 14 | } 15 | 16 | } 17 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/data/entity/AbstractEntity.java: -------------------------------------------------------------------------------- 1 | package com.example.application.data.entity; 2 | 3 | import jakarta.persistence.GeneratedValue; 4 | import jakarta.persistence.GenerationType; 5 | import jakarta.persistence.Id; 6 | import jakarta.persistence.MappedSuperclass; 7 | import jakarta.persistence.SequenceGenerator; 8 | import jakarta.persistence.Version; 9 | 10 | @MappedSuperclass 11 | public abstract class AbstractEntity { 12 | 13 | @Id 14 | @GeneratedValue(strategy = GenerationType.SEQUENCE, generator = "idgenerator") 15 | // The initial value is to account for data.sql demo data ids 16 | @SequenceGenerator(name = "idgenerator", initialValue = 1000) 17 | private Long id; 18 | 19 | @Version 20 | private int version; 21 | 22 | public Long getId() { 23 | return id; 24 | } 25 | 26 | public void setId(Long id) { 27 | this.id = id; 28 | } 29 | 30 | public int getVersion() { 31 | return version; 32 | } 33 | 34 | @Override 35 | public int hashCode() { 36 | if (getId() != null) { 37 | return getId().hashCode(); 38 | } 39 | return super.hashCode(); 40 | } 41 | 42 | @Override 43 | public boolean equals(Object obj) { 44 | if (!(obj instanceof AbstractEntity)) { 45 | return false; // null or other class 46 | } 47 | AbstractEntity other = (AbstractEntity) obj; 48 | 49 | if (getId() != null) { 50 | return getId().equals(other.getId()); 51 | } 52 | return super.equals(other); 53 | } 54 | } -------------------------------------------------------------------------------- /src/main/java/com/example/application/data/entity/User.java: -------------------------------------------------------------------------------- 1 | package com.example.application.data.entity; 2 | 3 | import com.example.application.data.Role; 4 | import com.fasterxml.jackson.annotation.JsonIgnore; 5 | import jakarta.persistence.Column; 6 | import jakarta.persistence.ElementCollection; 7 | import jakarta.persistence.Entity; 8 | import jakarta.persistence.EnumType; 9 | import jakarta.persistence.Enumerated; 10 | import jakarta.persistence.FetchType; 11 | import jakarta.persistence.Lob; 12 | import jakarta.persistence.Table; 13 | import java.util.Set; 14 | 15 | @Entity 16 | @Table(name = "application_user") 17 | public class User extends AbstractEntity { 18 | 19 | private String username; 20 | private String name; 21 | @JsonIgnore 22 | private String hashedPassword; 23 | @Enumerated(EnumType.STRING) 24 | @ElementCollection(fetch = FetchType.EAGER) 25 | private Set roles; 26 | @Lob 27 | @Column(length = 1000000) 28 | private byte[] profilePicture; 29 | 30 | public String getUsername() { 31 | return username; 32 | } 33 | public void setUsername(String username) { 34 | this.username = username; 35 | } 36 | public String getName() { 37 | return name; 38 | } 39 | public void setName(String name) { 40 | this.name = name; 41 | } 42 | public String getHashedPassword() { 43 | return hashedPassword; 44 | } 45 | public void setHashedPassword(String hashedPassword) { 46 | this.hashedPassword = hashedPassword; 47 | } 48 | public Set getRoles() { 49 | return roles; 50 | } 51 | public void setRoles(Set roles) { 52 | this.roles = roles; 53 | } 54 | public byte[] getProfilePicture() { 55 | return profilePicture; 56 | } 57 | public void setProfilePicture(byte[] profilePicture) { 58 | this.profilePicture = profilePicture; 59 | } 60 | 61 | } 62 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/data/service/UserRepository.java: -------------------------------------------------------------------------------- 1 | package com.example.application.data.service; 2 | 3 | import com.example.application.data.entity.User; 4 | import org.springframework.data.jpa.repository.JpaRepository; 5 | import org.springframework.data.jpa.repository.JpaSpecificationExecutor; 6 | 7 | public interface UserRepository extends JpaRepository, JpaSpecificationExecutor { 8 | 9 | User findByUsername(String username); 10 | } 11 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/data/service/UserService.java: -------------------------------------------------------------------------------- 1 | package com.example.application.data.service; 2 | 3 | import com.example.application.data.entity.User; 4 | import java.util.Optional; 5 | import org.springframework.data.domain.Page; 6 | import org.springframework.data.domain.Pageable; 7 | import org.springframework.data.jpa.domain.Specification; 8 | import org.springframework.stereotype.Service; 9 | 10 | @Service 11 | public class UserService { 12 | 13 | private final UserRepository repository; 14 | 15 | public UserService(UserRepository repository) { 16 | this.repository = repository; 17 | } 18 | 19 | public Optional get(Long id) { 20 | return repository.findById(id); 21 | } 22 | 23 | public User update(User entity) { 24 | return repository.save(entity); 25 | } 26 | 27 | public void delete(Long id) { 28 | repository.deleteById(id); 29 | } 30 | 31 | public Page list(Pageable pageable) { 32 | return repository.findAll(pageable); 33 | } 34 | 35 | public Page list(Pageable pageable, Specification filter) { 36 | return repository.findAll(filter, pageable); 37 | } 38 | 39 | public int count() { 40 | return (int) repository.count(); 41 | } 42 | 43 | } 44 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/security/AuthenticatedUser.java: -------------------------------------------------------------------------------- 1 | package com.example.application.security; 2 | 3 | import com.example.application.data.entity.User; 4 | import com.example.application.data.service.UserRepository; 5 | import com.vaadin.flow.server.VaadinServletRequest; 6 | 7 | import java.util.Optional; 8 | 9 | import com.vaadin.flow.server.VaadinServletResponse; 10 | import com.vaadin.flow.spring.security.AuthenticationContext; 11 | import jakarta.servlet.http.Cookie; 12 | import jakarta.servlet.http.HttpServletRequest; 13 | import jakarta.servlet.http.HttpServletResponse; 14 | import org.springframework.beans.factory.annotation.Autowired; 15 | import org.springframework.security.authentication.AnonymousAuthenticationToken; 16 | import org.springframework.security.core.Authentication; 17 | import org.springframework.security.core.context.SecurityContext; 18 | import org.springframework.security.core.context.SecurityContextHolder; 19 | import org.springframework.stereotype.Component; 20 | 21 | @Component 22 | public class AuthenticatedUser { 23 | 24 | @Autowired 25 | private UserRepository userRepository; 26 | private final AuthenticationContext authenticationContext; 27 | 28 | 29 | public AuthenticatedUser(AuthenticationContext authenticationContext, UserRepository userRepository) { 30 | this.userRepository = userRepository; 31 | this.authenticationContext = authenticationContext; 32 | } 33 | 34 | 35 | 36 | 37 | 38 | private Optional getAuthentication() { 39 | SecurityContext context = SecurityContextHolder.getContext(); 40 | return Optional.ofNullable(context.getAuthentication()) 41 | .filter(authentication -> !(authentication instanceof AnonymousAuthenticationToken)); 42 | } 43 | 44 | public Optional get() { 45 | return getAuthentication().map(authentication -> userRepository.findByUsername(authentication.getName())); 46 | } 47 | 48 | public void logout() { 49 | authenticationContext.logout(); 50 | clearCookies(); 51 | } 52 | 53 | private static final String JWT_HEADER_AND_PAYLOAD_COOKIE_NAME = "jwt.headerAndPayload"; 54 | private static final String JWT_SIGNATURE_COOKIE_NAME = "jwt.signature"; 55 | 56 | private void clearCookies() { 57 | clearCookie(JWT_HEADER_AND_PAYLOAD_COOKIE_NAME); 58 | clearCookie(JWT_SIGNATURE_COOKIE_NAME); 59 | } 60 | 61 | private void clearCookie(String cookieName) { 62 | HttpServletRequest request = VaadinServletRequest.getCurrent() 63 | .getHttpServletRequest(); 64 | HttpServletResponse response = VaadinServletResponse.getCurrent() 65 | .getHttpServletResponse(); 66 | 67 | Cookie k = new Cookie( 68 | cookieName, null); 69 | k.setPath(getRequestContextPath(request)); 70 | k.setMaxAge(0); 71 | k.setSecure(request.isSecure()); 72 | k.setHttpOnly(false); 73 | response.addCookie(k); 74 | } 75 | 76 | private String getRequestContextPath(HttpServletRequest request) { 77 | final String contextPath = request.getContextPath(); 78 | return "".equals(contextPath) ? "/" : contextPath; 79 | } 80 | 81 | } 82 | 83 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/security/SecurityConfiguration.java: -------------------------------------------------------------------------------- 1 | package com.example.application.security; 2 | 3 | import com.example.application.views.login.LoginView; 4 | import com.vaadin.flow.spring.security.VaadinWebSecurity; 5 | import org.springframework.beans.factory.annotation.Value; 6 | import org.springframework.context.annotation.Bean; 7 | import org.springframework.context.annotation.Configuration; 8 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 9 | import org.springframework.security.config.annotation.web.builders.WebSecurity; 10 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 11 | import org.springframework.security.config.http.SessionCreationPolicy; 12 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 13 | import org.springframework.security.crypto.password.PasswordEncoder; 14 | import org.springframework.security.oauth2.jose.jws.JwsAlgorithms; 15 | 16 | import javax.crypto.spec.SecretKeySpec; 17 | import java.util.Base64; 18 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher; 19 | 20 | @EnableWebSecurity 21 | @Configuration 22 | public class SecurityConfiguration extends VaadinWebSecurity { 23 | 24 | public static final String LOGOUT_URL = "/"; 25 | 26 | @Value("${jwt.auth.secret}") 27 | private String authSecret; 28 | 29 | @Bean 30 | public PasswordEncoder passwordEncoder() { 31 | return new BCryptPasswordEncoder(); 32 | } 33 | 34 | @Override 35 | protected void configure(HttpSecurity http) throws Exception { 36 | 37 | http.authorizeHttpRequests().requestMatchers(new AntPathRequestMatcher("/images/*.png")).permitAll(); 38 | 39 | // Icons from the line-awesome addon 40 | http.authorizeHttpRequests().requestMatchers(new AntPathRequestMatcher("/line-awesome/**/*.svg")).permitAll(); 41 | super.configure(http); 42 | setLoginView(http, LoginView.class); 43 | setStatelessAuthentication(http, new SecretKeySpec(Base64.getDecoder().decode(authSecret), JwsAlgorithms.HS256), "com.example.application"); 44 | 45 | } 46 | 47 | 48 | } 49 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/security/UserDetailsServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.example.application.security; 2 | 3 | import com.example.application.data.entity.User; 4 | import com.example.application.data.service.UserRepository; 5 | import java.util.List; 6 | import java.util.stream.Collectors; 7 | import org.springframework.security.core.GrantedAuthority; 8 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 9 | import org.springframework.security.core.userdetails.UserDetails; 10 | import org.springframework.security.core.userdetails.UserDetailsService; 11 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 12 | import org.springframework.stereotype.Service; 13 | 14 | @Service 15 | public class UserDetailsServiceImpl implements UserDetailsService { 16 | 17 | private final UserRepository userRepository; 18 | 19 | public UserDetailsServiceImpl(UserRepository userRepository) { 20 | this.userRepository = userRepository; 21 | } 22 | 23 | @Override 24 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 25 | User user = userRepository.findByUsername(username); 26 | if (user == null) { 27 | throw new UsernameNotFoundException("No user present with username: " + username); 28 | } else { 29 | return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getHashedPassword(), 30 | getAuthorities(user)); 31 | } 32 | } 33 | 34 | private static List getAuthorities(User user) { 35 | return user.getRoles().stream().map(role -> new SimpleGrantedAuthority("ROLE_" + role)) 36 | .collect(Collectors.toList()); 37 | 38 | } 39 | 40 | } 41 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/views/MainLayout.java: -------------------------------------------------------------------------------- 1 | package com.example.application.views; 2 | 3 | import com.example.application.data.entity.User; 4 | import com.example.application.security.AuthenticatedUser; 5 | import com.example.application.views.helloworld.HelloWorldView; 6 | import com.vaadin.flow.component.applayout.AppLayout; 7 | import com.vaadin.flow.component.applayout.DrawerToggle; 8 | import com.vaadin.flow.component.avatar.Avatar; 9 | import com.vaadin.flow.component.contextmenu.MenuItem; 10 | import com.vaadin.flow.component.html.Anchor; 11 | import com.vaadin.flow.component.html.Div; 12 | import com.vaadin.flow.component.html.Footer; 13 | import com.vaadin.flow.component.html.H1; 14 | import com.vaadin.flow.component.html.H2; 15 | import com.vaadin.flow.component.html.Header; 16 | import com.vaadin.flow.component.icon.Icon; 17 | import com.vaadin.flow.component.menubar.MenuBar; 18 | import com.vaadin.flow.component.orderedlayout.Scroller; 19 | import com.vaadin.flow.component.sidenav.SideNav; 20 | import com.vaadin.flow.component.sidenav.SideNavItem; 21 | import com.vaadin.flow.router.PageTitle; 22 | import com.vaadin.flow.server.StreamResource; 23 | import com.vaadin.flow.server.auth.AccessAnnotationChecker; 24 | import com.vaadin.flow.theme.lumo.LumoUtility; 25 | import org.vaadin.lineawesome.LineAwesomeIcon; 26 | 27 | import java.io.ByteArrayInputStream; 28 | import java.util.Optional; 29 | 30 | /** 31 | * The main view is a top-level placeholder for other views. 32 | */ 33 | public class MainLayout extends AppLayout { 34 | 35 | private H2 viewTitle; 36 | 37 | private AuthenticatedUser authenticatedUser; 38 | private AccessAnnotationChecker accessChecker; 39 | 40 | public MainLayout(AuthenticatedUser authenticatedUser, AccessAnnotationChecker accessChecker) { 41 | this.authenticatedUser = authenticatedUser; 42 | this.accessChecker = accessChecker; 43 | 44 | setPrimarySection(Section.DRAWER); 45 | addDrawerContent(); 46 | addHeaderContent(); 47 | } 48 | 49 | private void addHeaderContent() { 50 | DrawerToggle toggle = new DrawerToggle(); 51 | toggle.getElement().setAttribute("aria-label", "Menu toggle"); 52 | 53 | viewTitle = new H2(); 54 | viewTitle.addClassNames(LumoUtility.FontSize.LARGE, LumoUtility.Margin.NONE); 55 | 56 | addToNavbar(true, toggle, viewTitle); 57 | } 58 | 59 | private void addDrawerContent() { 60 | H1 appName = new H1("My App"); 61 | appName.addClassNames(LumoUtility.FontSize.LARGE, LumoUtility.Margin.NONE); 62 | Header header = new Header(appName); 63 | 64 | Scroller scroller = new Scroller(createNavigation()); 65 | 66 | addToDrawer(header, scroller, createFooter()); 67 | } 68 | 69 | private SideNav createNavigation() { 70 | // AppNav is not yet an official component. 71 | // For documentation, visit https://github.com/vaadin/vcf-nav#readme 72 | SideNav nav = new SideNav(); 73 | 74 | if (accessChecker.hasAccess(HelloWorldView.class)) { 75 | nav.addItem(new SideNavItem("Hello World", HelloWorldView.class, LineAwesomeIcon.GLOBE_SOLID.create())); 76 | 77 | } 78 | 79 | return nav; 80 | } 81 | 82 | private Footer createFooter() { 83 | Footer layout = new Footer(); 84 | 85 | Optional maybeUser = authenticatedUser.get(); 86 | if (maybeUser.isPresent()) { 87 | User user = maybeUser.get(); 88 | 89 | Avatar avatar = new Avatar(user.getName()); 90 | StreamResource resource = new StreamResource("profile-pic", 91 | () -> new ByteArrayInputStream(user.getProfilePicture())); 92 | avatar.setImageResource(resource); 93 | avatar.setThemeName("xsmall"); 94 | avatar.getElement().setAttribute("tabindex", "-1"); 95 | 96 | MenuBar userMenu = new MenuBar(); 97 | userMenu.setThemeName("tertiary-inline contrast"); 98 | 99 | MenuItem userName = userMenu.addItem(""); 100 | Div div = new Div(); 101 | div.add(avatar); 102 | div.add(user.getName()); 103 | div.add(new Icon("lumo", "dropdown")); 104 | div.getElement().getStyle().set("display", "flex"); 105 | div.getElement().getStyle().set("align-items", "center"); 106 | div.getElement().getStyle().set("gap", "var(--lumo-space-s)"); 107 | userName.add(div); 108 | userName.getSubMenu().addItem("Sign out", e -> { 109 | authenticatedUser.logout(); 110 | }); 111 | 112 | layout.add(userMenu); 113 | } else { 114 | Anchor loginLink = new Anchor("login", "Sign in"); 115 | layout.add(loginLink); 116 | } 117 | 118 | return layout; 119 | } 120 | 121 | @Override 122 | protected void afterNavigation() { 123 | super.afterNavigation(); 124 | viewTitle.setText(getCurrentPageTitle()); 125 | } 126 | 127 | private String getCurrentPageTitle() { 128 | PageTitle title = getContent().getClass().getAnnotation(PageTitle.class); 129 | return title == null ? "" : title.value(); 130 | } 131 | } 132 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/views/helloworld/HelloWorldView.java: -------------------------------------------------------------------------------- 1 | package com.example.application.views.helloworld; 2 | 3 | import com.example.application.security.AuthenticatedUser; 4 | import com.example.application.views.MainLayout; 5 | import com.vaadin.flow.component.button.Button; 6 | import com.vaadin.flow.component.notification.Notification; 7 | import com.vaadin.flow.component.orderedlayout.VerticalLayout; 8 | import com.vaadin.flow.router.PageTitle; 9 | import com.vaadin.flow.router.Route; 10 | import com.vaadin.flow.router.RouteAlias; 11 | import com.vaadin.flow.server.VaadinSession; 12 | import org.springframework.beans.factory.annotation.Autowired; 13 | 14 | import jakarta.annotation.security.PermitAll; 15 | 16 | @PageTitle("Hello World") 17 | @Route(value = "hello", layout = MainLayout.class) 18 | @RouteAlias(value = "", layout = MainLayout.class) 19 | @PermitAll 20 | public class HelloWorldView extends VerticalLayout { 21 | 22 | @Autowired 23 | AuthenticatedUser authenticatedUser; 24 | 25 | private Button sayHello; 26 | 27 | public HelloWorldView() { 28 | 29 | /* 30 | * This trivial Vaadin session serializes just fine. To make testing 31 | * pros of JWT authentication, make it non-serializable. Object does 32 | * not serialize because of Java :-). This hack will make the session 33 | * lost on each server restart. 34 | */ 35 | VaadinSession.getCurrent().setAttribute("foo", new Object()); 36 | 37 | sayHello = new Button("Say hello!"); 38 | sayHello.addClickListener(e -> { 39 | Notification.show("Hello " + authenticatedUser.get().get().getName()); 40 | }); 41 | 42 | add(sayHello); 43 | } 44 | 45 | } 46 | -------------------------------------------------------------------------------- /src/main/java/com/example/application/views/login/LoginView.java: -------------------------------------------------------------------------------- 1 | package com.example.application.views.login; 2 | 3 | import com.vaadin.flow.component.login.LoginI18n; 4 | import com.vaadin.flow.component.login.LoginOverlay; 5 | import com.vaadin.flow.router.PageTitle; 6 | import com.vaadin.flow.router.Route; 7 | 8 | @PageTitle("Login") 9 | @Route(value = "login") 10 | public class LoginView extends LoginOverlay { 11 | public LoginView() { 12 | setAction("login"); 13 | 14 | LoginI18n i18n = LoginI18n.createDefault(); 15 | i18n.setHeader(new LoginI18n.Header()); 16 | i18n.getHeader().setTitle("Flow with JWT authentication"); 17 | i18n.getHeader().setDescription("Login using user/user or admin/admin"); 18 | i18n.setAdditionalInformation(null); 19 | setI18n(i18n); 20 | 21 | setForgotPasswordButtonVisible(false); 22 | setOpened(true); 23 | } 24 | 25 | } 26 | -------------------------------------------------------------------------------- /src/main/resources/META-INF/resources/icons/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mstahv/flow-with-jwt-authentication/f19ffec17f325266dfa1b8c23e11cf6a9cbe3f50/src/main/resources/META-INF/resources/icons/icon.png -------------------------------------------------------------------------------- /src/main/resources/META-INF/resources/images/empty-plant.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mstahv/flow-with-jwt-authentication/f19ffec17f325266dfa1b8c23e11cf6a9cbe3f50/src/main/resources/META-INF/resources/images/empty-plant.png -------------------------------------------------------------------------------- /src/main/resources/META-INF/resources/images/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mstahv/flow-with-jwt-authentication/f19ffec17f325266dfa1b8c23e11cf6a9cbe3f50/src/main/resources/META-INF/resources/images/logo.png -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | server.port=${PORT:8080} 2 | logging.level.org.atmosphere = warn 3 | spring.mustache.check-template-location = false 4 | 5 | # Launch the default browser when starting the application in development mode 6 | vaadin.launch-browser=true 7 | # To improve the performance during development. 8 | # For more information https://vaadin.com/docs/flow/spring/tutorial-spring-configuration.html#special-configuration-parameters 9 | vaadin.whitelisted-packages = com.vaadin,org.vaadin,dev.hilla,com.example.application 10 | spring.jpa.defer-datasource-initialization = true 11 | spring.sql.init.mode = always 12 | 13 | server.servlet.session.tracking-modes = cookie 14 | ## For encryption of JWT tokens 15 | ## Change this parameter in production servers! You can generate 16 | ## a key by running `openssl rand -base64 32` and then passing the 17 | ## result to Springn Boot process by using the parameter `--jwt.auth.secret=` 18 | jwt.auth.secret=J6GOtcwC2NJI1l0VkHu20PacPFGTxpirBxWwynoHjsc= 19 | -------------------------------------------------------------------------------- /src/main/resources/banner.txt: -------------------------------------------------------------------------------- 1 | _____ _ _ _ _ _ __ __ _____ _ _ _ _ _ _ 2 | | ___|| | ___ __ __ __ __(_)| |_ | |__ | |\ \ / /|_ _| __ _ _ _ | |_ | |__ ___ _ __ | |_ (_) ___ __ _ | |_ (_) ___ _ __ 3 | | |_ | | / _ \ \ \ /\ / / \ \ /\ / /| || __|| '_ \ _ | | \ \ /\ / / | | / _` || | | || __|| '_ \ / _ \| '_ \ | __|| | / __| / _` || __|| | / _ \ | '_ \ 4 | | _| | || (_) | \ V V / \ V V / | || |_ | | | | | |_| | \ V V / | | | (_| || |_| || |_ | | | || __/| | | || |_ | || (__ | (_| || |_ | || (_) || | | | 5 | |_| |_| \___/ \_/\_/ \_/\_/ |_| \__||_| |_| \___/ \_/\_/ |_| \__,_| \__,_| \__||_| |_| \___||_| |_| \__||_| \___| \__,_| \__||_| \___/ |_| |_| 6 | 7 | -------------------------------------------------------------------------------- /src/main/resources/data.sql: -------------------------------------------------------------------------------- 1 | insert into application_user (version, id, username,name,hashed_password,profile_picture) values (1, '1','user','John Normal','$2a$10$xdbKoM48VySZqVSU/cSlVeJn0Z04XCZ7KZBjUBC00eKo5uLswyOpe',x'ffd8ffe000104a46494600010101004800480000ffe20c584943435f50524f46494c4500010100000c484c696e6f021000006d6e74725247422058595a2007ce00020009000600310000616373704d5346540000000049454320735247420000000000000000000000000000f6d6000100000000d32d4850202000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001163707274000001500000003364657363000001840000006c77747074000001f000000014626b707400000204000000147258595a00000218000000146758595a0000022c000000146258595a0000024000000014646d6e640000025400000070646d6464000002c400000088767565640000034c0000008676696577000003d4000000246c756d69000003f8000000146d6561730000040c0000002474656368000004300000000c725452430000043c0000080c675452430000043c0000080c625452430000043c0000080c7465787400000000436f70797269676874202863292031393938204865776c6574742d5061636b61726420436f6d70616e790000646573630000000000000012735247422049454336313936362d322e31000000000000000000000012735247422049454336313936362d322e31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000058595a20000000000000f35100010000000116cc58595a200000000000000000000000000000000058595a200000000000006fa2000038f50000039058595a2000000000000062990000b785000018da58595a2000000000000024a000000f840000b6cf64657363000000000000001649454320687474703a2f2f7777772e6965632e636800000000000000000000001649454320687474703a2f2f7777772e6965632e63680000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064657363000000000000002e4945432036313936362d322e312044656661756c742052474220636f6c6f7572207370616365202d207352474200000000000000000000002e4945432036313936362d322e312044656661756c742052474220636f6c6f7572207370616365202d20735247420000000000000000000000000000000000000000000064657363000000000000002c5265666572656e63652056696577696e6720436f6e646974696f6e20696e2049454336313936362d322e3100000000000000000000002c5265666572656e63652056696577696e6720436f6e646974696f6e20696e2049454336313936362d322e31000000000000000000000000000000000000000000000000000076696577000000000013a4fe00145f2e0010cf140003edcc0004130b00035c9e0000000158595a2000000000004c09560050000000571fe76d6561730000000000000001000000000000000000000000000000000000028f0000000273696720000000004352542063757276000000000000040000000005000a000f00140019001e00230028002d00320037003b00400045004a004f00540059005e00630068006d00720077007c00810086008b00900095009a009f00a400a900ae00b200b700bc00c100c600cb00d000d500db00e000e500eb00f000f600fb01010107010d01130119011f0125012b01320138013e0145014c0152015901600167016e0175017c0183018b0192019a01a101a901b101b901c101c901d101d901e101e901f201fa0203020c0214021d0226022f02380241024b0254025d02670271027a0284028e029802a202ac02b602c102cb02d502e002eb02f50300030b03160321032d03380343034f035a03660372037e038a039603a203ae03ba03c703d303e003ec03f9040604130420042d043b0448045504630471047e048c049a04a804b604c404d304e104f004fe050d051c052b053a05490558056705770586059605a605b505c505d505e505f6060606160627063706480659066a067b068c069d06af06c006d106e306f507070719072b073d074f076107740786079907ac07bf07d207e507f8080b081f08320846085a086e0882089608aa08be08d208e708fb09100925093a094f09640979098f09a409ba09cf09e509fb0a110a270a3d0a540a6a0a810a980aae0ac50adc0af30b0b0b220b390b510b690b800b980bb00bc80be10bf90c120c2a0c430c5c0c750c8e0ca70cc00cd90cf30d0d0d260d400d5a0d740d8e0da90dc30dde0df80e130e2e0e490e640e7f0e9b0eb60ed20eee0f090f250f410f5e0f7a0f960fb30fcf0fec1009102610431061107e109b10b910d710f511131131114f116d118c11aa11c911e81207122612451264128412a312c312e31303132313431363138313a413c513e5140614271449146a148b14ad14ce14f01512153415561578159b15bd15e0160316261649166c168f16b216d616fa171d17411765178917ae17d217f7181b18401865188a18af18d518fa19201945196b199119b719dd1a041a2a1a511a771a9e1ac51aec1b141b3b1b631b8a1bb21bda1c021c2a1c521c7b1ca31ccc1cf51d1e1d471d701d991dc31dec1e161e401e6a1e941ebe1ee91f131f3e1f691f941fbf1fea20152041206c209820c420f0211c2148217521a121ce21fb22272255228222af22dd230a23382366239423c223f0241f244d247c24ab24da250925382568259725c725f726272657268726b726e827182749277a27ab27dc280d283f287128a228d429062938296b299d29d02a022a352a682a9b2acf2b022b362b692b9d2bd12c052c392c6e2ca22cd72d0c2d412d762dab2de12e162e4c2e822eb72eee2f242f5a2f912fc72ffe3035306c30a430db3112314a318231ba31f2322a3263329b32d4330d3346337f33b833f1342b3465349e34d83513354d358735c235fd3637367236ae36e937243760379c37d738143850388c38c839053942397f39bc39f93a363a743ab23aef3b2d3b6b3baa3be83c273c653ca43ce33d223d613da13de03e203e603ea03ee03f213f613fa23fe24023406440a640e74129416a41ac41ee4230427242b542f7433a437d43c044034447448a44ce45124555459a45de4622466746ab46f04735477b47c04805484b489148d7491d496349a949f04a374a7d4ac44b0c4b534b9a4be24c2a4c724cba4d024d4a4d934ddc4e254e6e4eb74f004f494f934fdd5027507150bb51065150519b51e65231527c52c75313535f53aa53f65442548f54db5528557555c2560f565c56a956f75744579257e0582f587d58cb591a596959b85a075a565aa65af55b455b955be55c355c865cd65d275d785dc95e1a5e6c5ebd5f0f5f615fb36005605760aa60fc614f61a261f56249629c62f06343639763eb6440649464e9653d659265e7663d669266e8673d679367e9683f689668ec6943699a69f16a486a9f6af76b4f6ba76bff6c576caf6d086d606db96e126e6b6ec46f1e6f786fd1702b708670e0713a719571f0724b72a67301735d73b87414747074cc7528758575e1763e769b76f8775677b37811786e78cc792a798979e77a467aa57b047b637bc27c217c817ce17d417da17e017e627ec27f237f847fe5804780a8810a816b81cd8230829282f4835783ba841d848084e3854785ab860e867286d7873b879f8804886988ce8933899989fe8a648aca8b308b968bfc8c638cca8d318d988dff8e668ece8f368f9e9006906e90d6913f91a89211927a92e3934d93b69420948a94f4955f95c99634969f970a977597e0984c98b89924999099fc9a689ad59b429baf9c1c9c899cf79d649dd29e409eae9f1d9f8b9ffaa069a0d8a147a1b6a226a296a306a376a3e6a456a4c7a538a5a9a61aa68ba6fda76ea7e0a852a8c4a937a9a9aa1caa8fab02ab75abe9ac5cacd0ad44adb8ae2daea1af16af8bb000b075b0eab160b1d6b24bb2c2b338b3aeb425b49cb513b58ab601b679b6f0b768b7e0b859b8d1b94ab9c2ba3bbab5bb2ebba7bc21bc9bbd15bd8fbe0abe84beffbf7abff5c070c0ecc167c1e3c25fc2dbc358c3d4c451c4cec54bc5c8c646c6c3c741c7bfc83dc8bcc93ac9b9ca38cab7cb36cbb6cc35ccb5cd35cdb5ce36ceb6cf37cfb8d039d0bad13cd1bed23fd2c1d344d3c6d449d4cbd54ed5d1d655d6d8d75cd7e0d864d8e8d96cd9f1da76dafbdb80dc05dc8add10dd96de1cdea2df29dfafe036e0bde144e1cce253e2dbe363e3ebe473e4fce584e60de696e71fe7a9e832e8bce946e9d0ea5beae5eb70ebfbec86ed11ed9cee28eeb4ef40efccf058f0e5f172f1fff28cf319f3a7f434f4c2f550f5def66df6fbf78af819f8a8f938f9c7fa57fae7fb77fc07fc98fd29fdbafe4bfedcff6dffffffdb004300090606080605090807080a09090a0d160e0d0c0c0d1a131410161f1c21201f1c1e1e2327322a23252f251e1e2b3b2c2f3335383838212a3d413c364132373835ffdb004301090a0a0d0b0d190e0e1935241e243535353535353535353535353535353535353535353535353535353535353535353535353535353535353535353535353535ffc0001108001a001a03012200021101031101ffc4001a000002020300000000000000000000000005060107030408ffc4002e10000103020404030901000000000000000102030400110506122113314161075171151623243234425263d1ffc40017010101010100000000000000000000000001030002ffc4001a110003000301000000000000000000000000010203122131ffda000c03010002110311003f00796d8bf4a0f27376090a7ae2bf21c41697c371ee02cb28579172da47973b5e995b481b9e94baec44c9c36630f14f001712b6cb62ca049ff68c95a2298637e0614ca4a2e2c41dc11c8d63e0d46070bd9d97e1425385d547610d6b50dd5615b5a3b5764d8b39c33fc7cb0fa61351d52e6adbd653ab4a1b04eda8f7b1e40d2546f112ecc97a74171f9ab376d285da3a7b904f4f3b1268467d5139f315b927e327aff3450547d07d6b54aaf422dcf516165df1516db8db38fb2d9413a4cb676d3dd483d3d0d59a14149052a4949dc1bd736382e8503cad56b6013247bb9877cc3bf6ad7e67f414a03fffd9') 2 | insert into user_roles (user_id, roles) values ('1', 'USER') 3 | insert into application_user (version, id, username,name,hashed_password,profile_picture) values (1, '2','admin','Emma Powerful','$2a$10$jpLNVNeA7Ar/ZQ2DKbKCm.MuT2ESe.Qop96jipKMq7RaUgCoQedV.',x'ffd8ffe000104a46494600010101004800480000ffe20c584943435f50524f46494c4500010100000c484c696e6f021000006d6e74725247422058595a2007ce00020009000600310000616373704d5346540000000049454320735247420000000000000000000000000000f6d6000100000000d32d4850202000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001163707274000001500000003364657363000001840000006c77747074000001f000000014626b707400000204000000147258595a00000218000000146758595a0000022c000000146258595a0000024000000014646d6e640000025400000070646d6464000002c400000088767565640000034c0000008676696577000003d4000000246c756d69000003f8000000146d6561730000040c0000002474656368000004300000000c725452430000043c0000080c675452430000043c0000080c625452430000043c0000080c7465787400000000436f70797269676874202863292031393938204865776c6574742d5061636b61726420436f6d70616e790000646573630000000000000012735247422049454336313936362d322e31000000000000000000000012735247422049454336313936362d322e31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000058595a20000000000000f35100010000000116cc58595a200000000000000000000000000000000058595a200000000000006fa2000038f50000039058595a2000000000000062990000b785000018da58595a2000000000000024a000000f840000b6cf64657363000000000000001649454320687474703a2f2f7777772e6965632e636800000000000000000000001649454320687474703a2f2f7777772e6965632e63680000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064657363000000000000002e4945432036313936362d322e312044656661756c742052474220636f6c6f7572207370616365202d207352474200000000000000000000002e4945432036313936362d322e312044656661756c742052474220636f6c6f7572207370616365202d20735247420000000000000000000000000000000000000000000064657363000000000000002c5265666572656e63652056696577696e6720436f6e646974696f6e20696e2049454336313936362d322e3100000000000000000000002c5265666572656e63652056696577696e6720436f6e646974696f6e20696e2049454336313936362d322e31000000000000000000000000000000000000000000000000000076696577000000000013a4fe00145f2e0010cf140003edcc0004130b00035c9e0000000158595a2000000000004c09560050000000571fe76d6561730000000000000001000000000000000000000000000000000000028f0000000273696720000000004352542063757276000000000000040000000005000a000f00140019001e00230028002d00320037003b00400045004a004f00540059005e00630068006d00720077007c00810086008b00900095009a009f00a400a900ae00b200b700bc00c100c600cb00d000d500db00e000e500eb00f000f600fb01010107010d01130119011f0125012b01320138013e0145014c0152015901600167016e0175017c0183018b0192019a01a101a901b101b901c101c901d101d901e101e901f201fa0203020c0214021d0226022f02380241024b0254025d02670271027a0284028e029802a202ac02b602c102cb02d502e002eb02f50300030b03160321032d03380343034f035a03660372037e038a039603a203ae03ba03c703d303e003ec03f9040604130420042d043b0448045504630471047e048c049a04a804b604c404d304e104f004fe050d051c052b053a05490558056705770586059605a605b505c505d505e505f6060606160627063706480659066a067b068c069d06af06c006d106e306f507070719072b073d074f076107740786079907ac07bf07d207e507f8080b081f08320846085a086e0882089608aa08be08d208e708fb09100925093a094f09640979098f09a409ba09cf09e509fb0a110a270a3d0a540a6a0a810a980aae0ac50adc0af30b0b0b220b390b510b690b800b980bb00bc80be10bf90c120c2a0c430c5c0c750c8e0ca70cc00cd90cf30d0d0d260d400d5a0d740d8e0da90dc30dde0df80e130e2e0e490e640e7f0e9b0eb60ed20eee0f090f250f410f5e0f7a0f960fb30fcf0fec1009102610431061107e109b10b910d710f511131131114f116d118c11aa11c911e81207122612451264128412a312c312e31303132313431363138313a413c513e5140614271449146a148b14ad14ce14f01512153415561578159b15bd15e0160316261649166c168f16b216d616fa171d17411765178917ae17d217f7181b18401865188a18af18d518fa19201945196b199119b719dd1a041a2a1a511a771a9e1ac51aec1b141b3b1b631b8a1bb21bda1c021c2a1c521c7b1ca31ccc1cf51d1e1d471d701d991dc31dec1e161e401e6a1e941ebe1ee91f131f3e1f691f941fbf1fea20152041206c209820c420f0211c2148217521a121ce21fb22272255228222af22dd230a23382366239423c223f0241f244d247c24ab24da250925382568259725c725f726272657268726b726e827182749277a27ab27dc280d283f287128a228d429062938296b299d29d02a022a352a682a9b2acf2b022b362b692b9d2bd12c052c392c6e2ca22cd72d0c2d412d762dab2de12e162e4c2e822eb72eee2f242f5a2f912fc72ffe3035306c30a430db3112314a318231ba31f2322a3263329b32d4330d3346337f33b833f1342b3465349e34d83513354d358735c235fd3637367236ae36e937243760379c37d738143850388c38c839053942397f39bc39f93a363a743ab23aef3b2d3b6b3baa3be83c273c653ca43ce33d223d613da13de03e203e603ea03ee03f213f613fa23fe24023406440a640e74129416a41ac41ee4230427242b542f7433a437d43c044034447448a44ce45124555459a45de4622466746ab46f04735477b47c04805484b489148d7491d496349a949f04a374a7d4ac44b0c4b534b9a4be24c2a4c724cba4d024d4a4d934ddc4e254e6e4eb74f004f494f934fdd5027507150bb51065150519b51e65231527c52c75313535f53aa53f65442548f54db5528557555c2560f565c56a956f75744579257e0582f587d58cb591a596959b85a075a565aa65af55b455b955be55c355c865cd65d275d785dc95e1a5e6c5ebd5f0f5f615fb36005605760aa60fc614f61a261f56249629c62f06343639763eb6440649464e9653d659265e7663d669266e8673d679367e9683f689668ec6943699a69f16a486a9f6af76b4f6ba76bff6c576caf6d086d606db96e126e6b6ec46f1e6f786fd1702b708670e0713a719571f0724b72a67301735d73b87414747074cc7528758575e1763e769b76f8775677b37811786e78cc792a798979e77a467aa57b047b637bc27c217c817ce17d417da17e017e627ec27f237f847fe5804780a8810a816b81cd8230829282f4835783ba841d848084e3854785ab860e867286d7873b879f8804886988ce8933899989fe8a648aca8b308b968bfc8c638cca8d318d988dff8e668ece8f368f9e9006906e90d6913f91a89211927a92e3934d93b69420948a94f4955f95c99634969f970a977597e0984c98b89924999099fc9a689ad59b429baf9c1c9c899cf79d649dd29e409eae9f1d9f8b9ffaa069a0d8a147a1b6a226a296a306a376a3e6a456a4c7a538a5a9a61aa68ba6fda76ea7e0a852a8c4a937a9a9aa1caa8fab02ab75abe9ac5cacd0ad44adb8ae2daea1af16af8bb000b075b0eab160b1d6b24bb2c2b338b3aeb425b49cb513b58ab601b679b6f0b768b7e0b859b8d1b94ab9c2ba3bbab5bb2ebba7bc21bc9bbd15bd8fbe0abe84beffbf7abff5c070c0ecc167c1e3c25fc2dbc358c3d4c451c4cec54bc5c8c646c6c3c741c7bfc83dc8bcc93ac9b9ca38cab7cb36cbb6cc35ccb5cd35cdb5ce36ceb6cf37cfb8d039d0bad13cd1bed23fd2c1d344d3c6d449d4cbd54ed5d1d655d6d8d75cd7e0d864d8e8d96cd9f1da76dafbdb80dc05dc8add10dd96de1cdea2df29dfafe036e0bde144e1cce253e2dbe363e3ebe473e4fce584e60de696e71fe7a9e832e8bce946e9d0ea5beae5eb70ebfbec86ed11ed9cee28eeb4ef40efccf058f0e5f172f1fff28cf319f3a7f434f4c2f550f5def66df6fbf78af819f8a8f938f9c7fa57fae7fb77fc07fc98fd29fdbafe4bfedcff6dffffffdb004300090606080605090807080a09090a0d160e0d0c0c0d1a131410161f1c21201f1c1e1e2327322a23252f251e1e2b3b2c2f3335383838212a3d413c364132373835ffdb004301090a0a0d0b0d190e0e1935241e243535353535353535353535353535353535353535353535353535353535353535353535353535353535353535353535353535ffc0001108001a001a03012200021101031101ffc400190000020301000000000000000000000000040500020706ffc4002b100001030302050109000000000000000001020311000405061213213141517314152233376182a2b1ffc400160101010100000000000000000000000000020103ffc4001a110003010101010000000000000000000000010221031112ffda000c03010002110311003f00ccd02051d7f84c958636defae2dcb76f7090b6d532483d2476a0c2429241e7222b43ba2de574f58a5e7dd71a36282d927e127985a48fb181e68f4af9487ce15b68ce1077a4cf51536d428e15c2900c804a41ec62ad14d699bc1f6274c3d91c35c655e743166cee4a206e5bcb1d93e04f2934d34d241d0d93f783894b4d3db994adcd813b809dbf9f9eb4ef1ff4cf17e8b47f6a49af9b43790b1421094a38cb3b408131d6b57cd35a49b72f0e598c7a9ec81b70a0a093f311cc19ee0d303a695b8c5d263d334669648f666390ea3fa69dc0f15661781aa7e9ffd9') 4 | insert into user_roles (user_id, roles) values ('2', 'USER') 5 | insert into user_roles (user_id, roles) values ('2', 'ADMIN') 6 | --------------------------------------------------------------------------------