├── .gitignore
├── .mvn
└── wrapper
│ ├── maven-wrapper.jar
│ └── maven-wrapper.properties
├── README.md
├── mvnw
├── mvnw.cmd
├── pom.xml
└── src
├── main
├── docker
│ ├── Dockerfile
│ └── README.md
├── java
│ └── com
│ │ └── nouhoun
│ │ └── springboot
│ │ └── jwt
│ │ └── integration
│ │ ├── SpringbootJwtApplication.java
│ │ ├── config
│ │ ├── AdditionalWebConfig.java
│ │ ├── AuthorizationServerConfig.java
│ │ ├── DatasourceConfig.java
│ │ ├── ResourceServerConfig.java
│ │ └── SecurityConfig.java
│ │ ├── controller
│ │ └── ResourceController.java
│ │ ├── domain
│ │ ├── RandomCity.java
│ │ ├── Role.java
│ │ └── User.java
│ │ ├── repository
│ │ ├── RandomCityRepository.java
│ │ ├── RoleRepository.java
│ │ └── UserRepository.java
│ │ └── service
│ │ ├── GenericService.java
│ │ └── impl
│ │ ├── AppUserDetailsService.java
│ │ └── GenericServiceImpl.java
└── resources
│ ├── application.properties
│ └── sql-scripts
│ ├── data.sql
│ └── schema.sql
└── test
└── java
└── com
└── nouhoun
└── springboot
└── jwt
└── integration
└── SpringbootJwtApplicationTests.java
/.gitignore:
--------------------------------------------------------------------------------
1 | target/
2 | !.mvn/wrapper/maven-wrapper.jar
3 |
4 | ### STS ###
5 | .apt_generated
6 | .classpath
7 | .factorypath
8 | .project
9 | .settings
10 | .springBeans
11 |
12 | ### IntelliJ IDEA ###
13 | .idea
14 | *.iws
15 | *.iml
16 | *.ipr
17 |
18 | ### NetBeans ###
19 | nbproject/private/
20 | build/
21 | nbbuild/
22 | dist/
23 | nbdist/
24 | .nb-gradle/
25 |
26 |
27 | # Created by https://www.gitignore.io/api/intellij+iml
28 |
29 | ### Intellij+iml ###
30 | # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
31 | # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
32 |
33 | # User-specific stuff:
34 | .idea/**/workspace.xml
35 | .idea/**/tasks.xml
36 | .idea/dictionaries
37 |
38 | # Sensitive or high-churn files:
39 | .idea/**/dataSources/
40 | .idea/**/dataSources.ids
41 | .idea/**/dataSources.xml
42 | .idea/**/dataSources.local.xml
43 | .idea/**/sqlDataSources.xml
44 | .idea/**/dynamic.xml
45 | .idea/**/uiDesigner.xml
46 |
47 | # Gradle:
48 | .idea/**/gradle.xml
49 | .idea/**/libraries
50 |
51 | # CMake
52 | cmake-build-debug/
53 |
54 | # Mongo Explorer plugin:
55 | .idea/**/mongoSettings.xml
56 |
57 | ## Plugin-specific files:
58 |
59 | # IntelliJ
60 | /out/
61 |
62 | # mpeltonen/sbt-idea plugin
63 | .idea_modules/
64 |
65 | # JIRA plugin
66 | atlassian-ide-plugin.xml
67 |
68 | # Cursive Clojure plugin
69 | .idea/replstate.xml
70 |
71 | # Crashlytics plugin (for Android Studio and IntelliJ)
72 | com_crashlytics_export_strings.xml
73 | crashlytics.properties
74 | crashlytics-build.properties
75 | fabric.properties
76 |
77 | ### Intellij+iml Patch ###
78 | # Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-249601023
79 |
80 | modules.xml
81 | .idea/misc.xml
82 |
83 | # End of https://www.gitignore.io/api/intellij+iml
84 | src/main/resources/static/
85 | src/main/resources/templates/
86 |
87 | # Created by https://www.gitignore.io/api/java,maven
88 |
89 | ### Java ###
90 | # Compiled class file
91 | *.class
92 |
93 | # Log file
94 | *.log
95 |
96 | # BlueJ files
97 | *.ctxt
98 |
99 | # Mobile Tools for Java (J2ME)
100 | .mtj.tmp/
101 |
102 | # Package Files #
103 | *.jar
104 | *.war
105 | *.ear
106 | *.zip
107 | *.tar.gz
108 | *.rar
109 |
110 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
111 | hs_err_pid*
112 |
113 | ### Maven ###
114 | pom.xml.tag
115 | pom.xml.releaseBackup
116 | pom.xml.versionsBackup
117 | pom.xml.next
118 | release.properties
119 | dependency-reduced-pom.xml
120 | buildNumber.properties
121 | .mvn/timing.properties
122 |
123 | # Avoid ignoring Maven wrapper jar file (.jar files are usually ignored)
124 | !/.mvn/wrapper/maven-wrapper.jar
125 |
126 | # End of https://www.gitignore.io/api/java,maven
--------------------------------------------------------------------------------
/.mvn/wrapper/maven-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nydiarra/springboot-jwt/5aa238cc8ada09e0974760b9e58b6131f1b945a5/.mvn/wrapper/maven-wrapper.jar
--------------------------------------------------------------------------------
/.mvn/wrapper/maven-wrapper.properties:
--------------------------------------------------------------------------------
1 | distributionUrl=https://repo1.maven.org/maven2/org/apache/maven/apache-maven/3.5.0/apache-maven-3.5.0-bin.zip
2 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # springboot-jwt
2 | ## An Example Spring Boot Application for Securing a REST API with JSON Web Token (JWT)
3 |
4 | This application can be used as a seed to quick start your spring boot REST API project with a fully functional security module.
5 |
6 | ## Main building blocks
7 | * Spring Boot 1.5.3.RELEASE go to http://docs.spring.io/spring-boot/docs/1.5.3.RELEASE/reference/htmlsingle/ to learn more about spring boot
8 | * JSON Web Token go to https://jwt.io/ to decode your generated token and learn more
9 | * H2 Database Engine - used for rapid prototyping and development, but not suitable for production at least in most cases. Go to www.h2database.com to learn more
10 |
11 |
12 |
13 | ## To run the application
14 | Use one of the several ways of running a Spring Boot application. Below are just three options:
15 |
16 | 1. Build using maven goal: `mvn clean package` and execute the resulting artifact as follows `java -jar springboot-jwt-0.0.1-SNAPSHOT.jar` or
17 | 2. On Unix/Linux based systems: run `mvn clean package` then run the resulting jar as any other executable `./springboot-jwt-0.0.1-SNAPSHOT.jar`
18 | 3. Build and start as a Docker container. Instructions at: [README](src/main/docker/README.md)
19 |
20 |
21 | ## To test the application
22 |
23 | ### First you will need the following basic pieces of information:
24 |
25 | * client: testjwtclientid
26 | * secret: XY7kmzoNzl100
27 | * Non-admin username and password: john.doe and jwtpass
28 | * Admin user: admin.admin and jwtpass
29 | * Example of resource accessible to all authenticated users: http://localhost:8080/springjwt/cities
30 | * Example of resource accessible to only an admin user: http://localhost:8080/springjwt/users
31 |
32 | 1. Generate an access token
33 |
34 | Use the following generic command to generate an access token:
35 | `$ curl client:secret@localhost:8080/oauth/token -d grant_type=password -d username=user -d password=pwd`
36 |
37 | For this specific application, to generate an access token for the non-admin user john.doe, run:
38 | `$ curl testjwtclientid:XY7kmzoNzl100@localhost:8080/oauth/token -d grant_type=password -d username=john.doe -d password=jwtpass`
39 | You'll receive a response similar to below
40 |
41 | `
42 | {
43 | "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsidGVzdGp3dHJlc291cmNlaWQiXSwidXNlcl9uYW1lIjoiYWRtaW4uYWRtaW4iLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiZXhwIjoxNDk0NDU0MjgyLCJhdXRob3JpdGllcyI6WyJTVEFOREFSRF9VU0VSIiwiQURNSU5fVVNFUiJdLCJqdGkiOiIwYmQ4ZTQ1MC03ZjVjLTQ5ZjMtOTFmMC01Nzc1YjdiY2MwMGYiLCJjbGllbnRfaWQiOiJ0ZXN0and0Y2xpZW50aWQifQ.rvEAa4dIz8hT8uxzfjkEJKG982Ree5PdUW17KtFyeec",
44 | "token_type": "bearer",
45 | "expires_in": 43199,
46 | "scope": "read write",
47 | "jti": "0bd8e450-7f5c-49f3-91f0-5775b7bcc00f"
48 | }`
49 |
50 | 2. Use the token to access resources through your RESTful API
51 |
52 | * Access content available to all authenticated users
53 |
54 | Use the generated token as the value of the Bearer in the Authorization header as follows:
55 | `curl http://localhost:8080/springjwt/cities -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsidGVzdGp3dHJlc291cmNlaWQiXSwidXNlcl9uYW1lIjoiYWRtaW4uYWRtaW4iLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiZXhwIjoxNDk0NDU0MjgyLCJhdXRob3JpdGllcyI6WyJTVEFOREFSRF9VU0VSIiwiQURNSU5fVVNFUiJdLCJqdGkiOiIwYmQ4ZTQ1MC03ZjVjLTQ5ZjMtOTFmMC01Nzc1YjdiY2MwMGYiLCJjbGllbnRfaWQiOiJ0ZXN0and0Y2xpZW50aWQifQ.rvEAa4dIz8hT8uxzfjkEJKG982Ree5PdUW17KtFyeec" `
56 |
57 | The response will be:
58 | `
59 | [
60 | {
61 | "id": 1,
62 | "name": "Bamako"
63 | },
64 | {
65 | "id": 2,
66 | "name": "Nonkon"
67 | },
68 | {
69 | "id": 3,
70 | "name": "Houston"
71 | },
72 | {
73 | "id": 4,
74 | "name": "Toronto"
75 | },
76 | {
77 | "id": 5,
78 | "name": "New York"
79 | },
80 | {
81 | "id": 6,
82 | "name": "Mopti"
83 | },
84 | {
85 | "id": 7,
86 | "name": "Koulikoro"
87 | },
88 | {
89 | "id": 8,
90 | "name": "Moscow"
91 | }
92 | ]`
93 |
94 | * Access content available only to an admin user
95 |
96 | As with the previous example first generate an access token for the admin user with the credentials provided above then run
97 | `curl http://localhost:8080/springjwt/users -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsidGVzdGp3dHJlc291cmNlaWQiXSwidXNlcl9uYW1lIjoiYWRtaW4uYWRtaW4iLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiZXhwIjoxNDk0NDU0OTIzLCJhdXRob3JpdGllcyI6WyJTVEFOREFSRF9VU0VSIiwiQURNSU5fVVNFUiJdLCJqdGkiOiIyMTAzMjRmMS05MTE0LTQ1NGEtODRmMy1hZjUzZmUxNzdjNzIiLCJjbGllbnRfaWQiOiJ0ZXN0and0Y2xpZW50aWQifQ.OuprVlyNnKuLkoQmP8shP38G3Hje91GBhu4E0HD2Fes" `
98 | The result will be:
99 | `
100 | [
101 | {
102 | "id": 1,
103 | "username": "john.doe",
104 | "firstName": "John",
105 | "lastName": "Doe",
106 | "roles": [
107 | {
108 | "id": 1,
109 | "roleName": "STANDARD_USER",
110 | "description": "Standard User - Has no admin rights"
111 | }
112 | ]
113 | },
114 | {
115 | "id": 2,
116 | "username": "admin.admin",
117 | "firstName": "Admin",
118 | "lastName": "Admin",
119 | "roles": [
120 | {
121 | "id": 1,
122 | "roleName": "STANDARD_USER",
123 | "description": "Standard User - Has no admin rights"
124 | },
125 | {
126 | "id": 2,
127 | "roleName": "ADMIN_USER",
128 | "description": "Admin User - Has permission to perform admin tasks"
129 | }
130 | ]
131 | }
132 | ]
133 | `
134 |
--------------------------------------------------------------------------------
/mvnw:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # ----------------------------------------------------------------------------
3 | # Licensed to the Apache Software Foundation (ASF) under one
4 | # or more contributor license agreements. See the NOTICE file
5 | # distributed with this work for additional information
6 | # regarding copyright ownership. The ASF licenses this file
7 | # to you under the Apache License, Version 2.0 (the
8 | # "License"); you may not use this file except in compliance
9 | # with the License. You may obtain a copy of the License at
10 | #
11 | # http://www.apache.org/licenses/LICENSE-2.0
12 | #
13 | # Unless required by applicable law or agreed to in writing,
14 | # software distributed under the License is distributed on an
15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 | # KIND, either express or implied. See the License for the
17 | # specific language governing permissions and limitations
18 | # under the License.
19 | # ----------------------------------------------------------------------------
20 |
21 | # ----------------------------------------------------------------------------
22 | # Maven2 Start Up Batch script
23 | #
24 | # Required ENV vars:
25 | # ------------------
26 | # JAVA_HOME - location of a JDK home dir
27 | #
28 | # Optional ENV vars
29 | # -----------------
30 | # M2_HOME - location of maven2's installed home dir
31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven
32 | # e.g. to debug Maven itself, use
33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files
35 | # ----------------------------------------------------------------------------
36 |
37 | if [ -z "$MAVEN_SKIP_RC" ] ; then
38 |
39 | if [ -f /etc/mavenrc ] ; then
40 | . /etc/mavenrc
41 | fi
42 |
43 | if [ -f "$HOME/.mavenrc" ] ; then
44 | . "$HOME/.mavenrc"
45 | fi
46 |
47 | fi
48 |
49 | # OS specific support. $var _must_ be set to either true or false.
50 | cygwin=false;
51 | darwin=false;
52 | mingw=false
53 | case "`uname`" in
54 | CYGWIN*) cygwin=true ;;
55 | MINGW*) mingw=true;;
56 | Darwin*) darwin=true
57 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
58 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html
59 | if [ -z "$JAVA_HOME" ]; then
60 | if [ -x "/usr/libexec/java_home" ]; then
61 | export JAVA_HOME="`/usr/libexec/java_home`"
62 | else
63 | export JAVA_HOME="/Library/Java/Home"
64 | fi
65 | fi
66 | ;;
67 | esac
68 |
69 | if [ -z "$JAVA_HOME" ] ; then
70 | if [ -r /etc/gentoo-release ] ; then
71 | JAVA_HOME=`java-config --jre-home`
72 | fi
73 | fi
74 |
75 | if [ -z "$M2_HOME" ] ; then
76 | ## resolve links - $0 may be a link to maven's home
77 | PRG="$0"
78 |
79 | # need this for relative symlinks
80 | while [ -h "$PRG" ] ; do
81 | ls=`ls -ld "$PRG"`
82 | link=`expr "$ls" : '.*-> \(.*\)$'`
83 | if expr "$link" : '/.*' > /dev/null; then
84 | PRG="$link"
85 | else
86 | PRG="`dirname "$PRG"`/$link"
87 | fi
88 | done
89 |
90 | saveddir=`pwd`
91 |
92 | M2_HOME=`dirname "$PRG"`/..
93 |
94 | # make it fully qualified
95 | M2_HOME=`cd "$M2_HOME" && pwd`
96 |
97 | cd "$saveddir"
98 | # echo Using m2 at $M2_HOME
99 | fi
100 |
101 | # For Cygwin, ensure paths are in UNIX format before anything is touched
102 | if $cygwin ; then
103 | [ -n "$M2_HOME" ] &&
104 | M2_HOME=`cygpath --unix "$M2_HOME"`
105 | [ -n "$JAVA_HOME" ] &&
106 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
107 | [ -n "$CLASSPATH" ] &&
108 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
109 | fi
110 |
111 | # For Migwn, ensure paths are in UNIX format before anything is touched
112 | if $mingw ; then
113 | [ -n "$M2_HOME" ] &&
114 | M2_HOME="`(cd "$M2_HOME"; pwd)`"
115 | [ -n "$JAVA_HOME" ] &&
116 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
117 | # TODO classpath?
118 | fi
119 |
120 | if [ -z "$JAVA_HOME" ]; then
121 | javaExecutable="`which javac`"
122 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
123 | # readlink(1) is not available as standard on Solaris 10.
124 | readLink=`which readlink`
125 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
126 | if $darwin ; then
127 | javaHome="`dirname \"$javaExecutable\"`"
128 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
129 | else
130 | javaExecutable="`readlink -f \"$javaExecutable\"`"
131 | fi
132 | javaHome="`dirname \"$javaExecutable\"`"
133 | javaHome=`expr "$javaHome" : '\(.*\)/bin'`
134 | JAVA_HOME="$javaHome"
135 | export JAVA_HOME
136 | fi
137 | fi
138 | fi
139 |
140 | if [ -z "$JAVACMD" ] ; then
141 | if [ -n "$JAVA_HOME" ] ; then
142 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
143 | # IBM's JDK on AIX uses strange locations for the executables
144 | JAVACMD="$JAVA_HOME/jre/sh/java"
145 | else
146 | JAVACMD="$JAVA_HOME/bin/java"
147 | fi
148 | else
149 | JAVACMD="`which java`"
150 | fi
151 | fi
152 |
153 | if [ ! -x "$JAVACMD" ] ; then
154 | echo "Error: JAVA_HOME is not defined correctly." >&2
155 | echo " We cannot execute $JAVACMD" >&2
156 | exit 1
157 | fi
158 |
159 | if [ -z "$JAVA_HOME" ] ; then
160 | echo "Warning: JAVA_HOME environment variable is not set."
161 | fi
162 |
163 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
164 |
165 | # traverses directory structure from process work directory to filesystem root
166 | # first directory with .mvn subdirectory is considered project base directory
167 | find_maven_basedir() {
168 |
169 | if [ -z "$1" ]
170 | then
171 | echo "Path not specified to find_maven_basedir"
172 | return 1
173 | fi
174 |
175 | basedir="$1"
176 | wdir="$1"
177 | while [ "$wdir" != '/' ] ; do
178 | if [ -d "$wdir"/.mvn ] ; then
179 | basedir=$wdir
180 | break
181 | fi
182 | # workaround for JBEAP-8937 (on Solaris 10/Sparc)
183 | if [ -d "${wdir}" ]; then
184 | wdir=`cd "$wdir/.."; pwd`
185 | fi
186 | # end of workaround
187 | done
188 | echo "${basedir}"
189 | }
190 |
191 | # concatenates all lines of a file
192 | concat_lines() {
193 | if [ -f "$1" ]; then
194 | echo "$(tr -s '\n' ' ' < "$1")"
195 | fi
196 | }
197 |
198 | BASE_DIR=`find_maven_basedir "$(pwd)"`
199 | if [ -z "$BASE_DIR" ]; then
200 | exit 1;
201 | fi
202 |
203 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
204 | echo $MAVEN_PROJECTBASEDIR
205 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
206 |
207 | # For Cygwin, switch paths to Windows format before running java
208 | if $cygwin; then
209 | [ -n "$M2_HOME" ] &&
210 | M2_HOME=`cygpath --path --windows "$M2_HOME"`
211 | [ -n "$JAVA_HOME" ] &&
212 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
213 | [ -n "$CLASSPATH" ] &&
214 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
215 | [ -n "$MAVEN_PROJECTBASEDIR" ] &&
216 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
217 | fi
218 |
219 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
220 |
221 | exec "$JAVACMD" \
222 | $MAVEN_OPTS \
223 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
224 | "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
225 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"
226 |
--------------------------------------------------------------------------------
/mvnw.cmd:
--------------------------------------------------------------------------------
1 | @REM ----------------------------------------------------------------------------
2 | @REM Licensed to the Apache Software Foundation (ASF) under one
3 | @REM or more contributor license agreements. See the NOTICE file
4 | @REM distributed with this work for additional information
5 | @REM regarding copyright ownership. The ASF licenses this file
6 | @REM to you under the Apache License, Version 2.0 (the
7 | @REM "License"); you may not use this file except in compliance
8 | @REM with the License. You may obtain a copy of the License at
9 | @REM
10 | @REM http://www.apache.org/licenses/LICENSE-2.0
11 | @REM
12 | @REM Unless required by applicable law or agreed to in writing,
13 | @REM software distributed under the License is distributed on an
14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 | @REM KIND, either express or implied. See the License for the
16 | @REM specific language governing permissions and limitations
17 | @REM under the License.
18 | @REM ----------------------------------------------------------------------------
19 |
20 | @REM ----------------------------------------------------------------------------
21 | @REM Maven2 Start Up Batch script
22 | @REM
23 | @REM Required ENV vars:
24 | @REM JAVA_HOME - location of a JDK home dir
25 | @REM
26 | @REM Optional ENV vars
27 | @REM M2_HOME - location of maven2's installed home dir
28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a key stroke before ending
30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
31 | @REM e.g. to debug Maven itself, use
32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
34 | @REM ----------------------------------------------------------------------------
35 |
36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
37 | @echo off
38 | @REM enable echoing my setting MAVEN_BATCH_ECHO to 'on'
39 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO%
40 |
41 | @REM set %HOME% to equivalent of $HOME
42 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
43 |
44 | @REM Execute a user defined script before this one
45 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
46 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending
47 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat"
48 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd"
49 | :skipRcPre
50 |
51 | @setlocal
52 |
53 | set ERROR_CODE=0
54 |
55 | @REM To isolate internal variables from possible post scripts, we use another setlocal
56 | @setlocal
57 |
58 | @REM ==== START VALIDATION ====
59 | if not "%JAVA_HOME%" == "" goto OkJHome
60 |
61 | echo.
62 | echo Error: JAVA_HOME not found in your environment. >&2
63 | echo Please set the JAVA_HOME variable in your environment to match the >&2
64 | echo location of your Java installation. >&2
65 | echo.
66 | goto error
67 |
68 | :OkJHome
69 | if exist "%JAVA_HOME%\bin\java.exe" goto init
70 |
71 | echo.
72 | echo Error: JAVA_HOME is set to an invalid directory. >&2
73 | echo JAVA_HOME = "%JAVA_HOME%" >&2
74 | echo Please set the JAVA_HOME variable in your environment to match the >&2
75 | echo location of your Java installation. >&2
76 | echo.
77 | goto error
78 |
79 | @REM ==== END VALIDATION ====
80 |
81 | :init
82 |
83 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
84 | @REM Fallback to current working directory if not found.
85 |
86 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
87 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
88 |
89 | set EXEC_DIR=%CD%
90 | set WDIR=%EXEC_DIR%
91 | :findBaseDir
92 | IF EXIST "%WDIR%"\.mvn goto baseDirFound
93 | cd ..
94 | IF "%WDIR%"=="%CD%" goto baseDirNotFound
95 | set WDIR=%CD%
96 | goto findBaseDir
97 |
98 | :baseDirFound
99 | set MAVEN_PROJECTBASEDIR=%WDIR%
100 | cd "%EXEC_DIR%"
101 | goto endDetectBaseDir
102 |
103 | :baseDirNotFound
104 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
105 | cd "%EXEC_DIR%"
106 |
107 | :endDetectBaseDir
108 |
109 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
110 |
111 | @setlocal EnableExtensions EnableDelayedExpansion
112 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
113 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
114 |
115 | :endReadAdditionalConfig
116 |
117 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
118 |
119 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
120 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
121 |
122 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
123 | if ERRORLEVEL 1 goto error
124 | goto end
125 |
126 | :error
127 | set ERROR_CODE=1
128 |
129 | :end
130 | @endlocal & set ERROR_CODE=%ERROR_CODE%
131 |
132 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost
133 | @REM check for post script, once with legacy .bat ending and once with .cmd ending
134 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat"
135 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd"
136 | :skipRcPost
137 |
138 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
139 | if "%MAVEN_BATCH_PAUSE%" == "on" pause
140 |
141 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE%
142 |
143 | exit /B %ERROR_CODE%
144 |
--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | com.nouhoun.springboot.jwt.integration
7 | springboot-jwt
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | springboot-jwt
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 2.0.4.RELEASE
18 |
19 |
20 |
21 |
22 | UTF-8
23 | UTF-8
24 | 1.8
25 | 9081
26 | 127.0.0.1
27 | readme
28 | 1.18.10
29 |
30 |
31 |
32 |
33 | org.springframework.boot
34 | spring-boot-starter-actuator
35 |
36 |
37 | org.springframework.boot
38 | spring-boot-starter-data-jpa
39 |
40 |
41 | org.springframework.boot
42 | spring-boot-starter-security
43 |
44 |
45 | org.springframework.boot
46 | spring-boot-starter-web
47 |
48 |
49 |
50 | org.springframework.boot
51 | spring-boot-devtools
52 | runtime
53 |
54 |
55 | com.h2database
56 | h2
57 | runtime
58 |
59 |
60 | org.springframework.boot
61 | spring-boot-starter-test
62 | test
63 |
64 |
65 | org.springframework.security
66 | spring-security-jwt
67 | 1.0.7.RELEASE
68 |
69 |
70 |
71 | org.springframework.security.oauth
72 | spring-security-oauth2
73 | 2.1.0.RELEASE
74 |
75 |
76 | com.fasterxml.jackson.core
77 | jackson-databind
78 | 2.9.10.8
79 |
80 |
81 |
82 | org.projectlombok
83 | lombok
84 | ${lombok.version}
85 | provided
86 |
87 |
88 |
89 |
90 |
91 |
92 | org.springframework.boot
93 | spring-boot-maven-plugin
94 |
95 | true
96 | true
97 |
98 |
99 |
100 |
101 | repackage
102 |
103 |
104 |
105 |
106 |
107 |
108 | io.fabric8
109 | docker-maven-plugin
110 | true
111 |
112 |
113 |
114 |
115 | springboot-jwt
116 | springboot-jwt
117 |
118 | @
119 | ${project.basedir}/src/main/docker
120 |
121 | artifact
122 |
123 |
124 |
125 | alias
126 |
127 | ${tomcat.port}:8080
128 |
129 |
130 |
131 | http://${tomcat.ip}:${tomcat.port}/actuator/health
132 |
133 |
134 |
135 |
136 |
137 |
138 |
139 |
140 |
141 |
142 |
143 | org.apache.maven.plugins
144 | maven-compiler-plugin
145 | 3.8.1
146 |
147 | 1.8
148 | 1.8
149 |
150 |
151 | org.projectlombok
152 | lombok
153 | ${lombok.version}
154 |
155 |
156 |
157 |
158 |
159 |
160 |
161 |
162 |
--------------------------------------------------------------------------------
/src/main/docker/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM openjdk:8-alpine
2 | ADD maven/springboot-jwt-0.0.1-SNAPSHOT.jar app.jar
3 | #RUN sh -c 'touch /app.jar'
4 | ENV JAVA_OPTS=""
5 | ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -Djava.security.egd=file:/dev/./urandom -jar /app.jar" ]
--------------------------------------------------------------------------------
/src/main/docker/README.md:
--------------------------------------------------------------------------------
1 | ## SpringBoot JWT Container
2 |
3 | Following instructions explain how to publish springboot-jwt tutorial APIs via a portable Docker container.
4 |
5 | ### Pre-requisites
6 | You need to have:
7 | - a Docker installation available locally. See [Docker website](https://docs.docker.com/install/) on installation instructions for Windows and Linux users.
8 | - at least 100MB of local storage.
9 | - springboot-jwt project sources locally compiled, and shell pointing to project root.
10 |
11 |
12 | ### Build image
13 | `mvn clean package docker:build`
14 |
15 | Now if you issue a `docker images` command you should see `springboot-jwt:latest` image listed.
16 |
17 |
18 | ### Start container
19 |
20 | #### From Maven, default endpoint
21 | Basic usage with defaults: server IP 127.0.0.1, server port 9081
22 |
23 | `mvn docker:start`
24 |
25 | #### From Maven, custom endpoint
26 | Advanced usage: custom server IP and server port
27 |
28 | `mvn docker:start "-Dtomcat.ip=" "-Dtomcat.port="`
29 |
30 | where `` and `` are the IP address and port where Maven will test health check against (usually localhost, 127.0.0.1, or 192.168.99.100 on legacy Docker Toolbox).
31 |
32 | #### From command line
33 | `docker run -d -p :8080 springboot-jwt`
34 |
35 | Now if you issue a `docker ps` command you should see a new running container listed.
36 |
37 | To see logs:
38 | `docker logs -f `
39 |
40 | ### Access to APIs
41 | Point your local browser to:
42 | `http://:/health`
43 |
44 | You should see `{ status: "UP" }` message!
45 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/SpringbootJwtApplication.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 |
6 | @SpringBootApplication
7 | public class SpringbootJwtApplication {
8 |
9 | public static void main(String[] args) {
10 | SpringApplication.run(SpringbootJwtApplication.class, args);
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/config/AdditionalWebConfig.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.config;
2 |
3 | import org.springframework.boot.web.servlet.FilterRegistrationBean;
4 | import org.springframework.context.annotation.Bean;
5 | import org.springframework.context.annotation.Configuration;
6 | import org.springframework.web.cors.CorsConfiguration;
7 | import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
8 | import org.springframework.web.filter.CorsFilter;
9 |
10 | /**
11 | * Created by nydiarra on 06/05/17.
12 | */
13 | @Configuration
14 | public class AdditionalWebConfig {
15 | /**
16 | * Allowing all origins, headers and methods here is only intended to keep this example simple.
17 | * This is not a default recommended configuration. Make adjustments as
18 | * necessary to your use case.
19 | *
20 | */
21 | @Bean
22 | public FilterRegistrationBean corsFilter() {
23 | UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
24 | CorsConfiguration config = new CorsConfiguration();
25 | config.setAllowCredentials(true);
26 | config.addAllowedOrigin("*");
27 | config.addAllowedHeader("*");
28 | config.addAllowedMethod("*");
29 | source.registerCorsConfiguration("/**", config);
30 | FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
31 | bean.setOrder(0);
32 | return bean;
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/config/AuthorizationServerConfig.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.config;
2 |
3 | import java.util.Arrays;
4 |
5 | import org.springframework.beans.factory.annotation.Autowired;
6 | import org.springframework.beans.factory.annotation.Value;
7 | import org.springframework.context.annotation.Configuration;
8 | import org.springframework.security.authentication.AuthenticationManager;
9 | import org.springframework.security.crypto.password.PasswordEncoder;
10 | import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
11 | import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
12 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
13 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
14 | import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
15 | import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
16 | import org.springframework.security.oauth2.provider.token.TokenStore;
17 | import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
18 |
19 | /**
20 | * Created by nydiarra on 06/05/17.
21 | */
22 | @Configuration
23 | @EnableAuthorizationServer
24 | public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
25 |
26 | @Value("${security.jwt.client-id}")
27 | private String clientId;
28 |
29 | @Value("${security.jwt.client-secret}")
30 | private String clientSecret;
31 |
32 | @Value("${security.jwt.grant-type}")
33 | private String grantType;
34 |
35 | @Value("${security.jwt.scope-read}")
36 | private String scopeRead;
37 |
38 | @Value("${security.jwt.scope-write}")
39 | private String scopeWrite = "write";
40 |
41 | @Value("${security.jwt.resource-ids}")
42 | private String resourceIds;
43 |
44 | @Autowired
45 | private TokenStore tokenStore;
46 |
47 | @Autowired
48 | private JwtAccessTokenConverter accessTokenConverter;
49 |
50 | @Autowired
51 | private AuthenticationManager authenticationManager;
52 |
53 | @Autowired
54 | private PasswordEncoder passwordEncoder;
55 |
56 | @Override
57 | public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
58 | configurer
59 | .inMemory()
60 | .withClient(clientId)
61 | .secret(passwordEncoder.encode(clientSecret))
62 | .authorizedGrantTypes(grantType)
63 | .scopes(scopeRead, scopeWrite)
64 | .resourceIds(resourceIds);
65 | }
66 |
67 | @Override
68 | public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
69 | TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
70 | enhancerChain.setTokenEnhancers(Arrays.asList(accessTokenConverter));
71 | endpoints.tokenStore(tokenStore)
72 | .accessTokenConverter(accessTokenConverter)
73 | .tokenEnhancer(enhancerChain)
74 | .authenticationManager(authenticationManager);
75 | }
76 |
77 | }
78 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/config/DatasourceConfig.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.config;
2 |
3 | import org.springframework.beans.factory.annotation.Qualifier;
4 | import org.springframework.context.annotation.Bean;
5 | import org.springframework.context.annotation.Configuration;
6 | import org.springframework.context.annotation.Profile;
7 | import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
8 | import org.springframework.jdbc.datasource.embedded.EmbeddedDatabase;
9 | import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
10 | import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
11 | import org.springframework.orm.jpa.JpaTransactionManager;
12 | import org.springframework.orm.jpa.JpaVendorAdapter;
13 | import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
14 | import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter;
15 | import org.springframework.transaction.PlatformTransactionManager;
16 | import org.springframework.transaction.annotation.EnableTransactionManagement;
17 |
18 | import javax.persistence.EntityManagerFactory;
19 | import javax.sql.DataSource;
20 | import java.beans.PropertyVetoException;
21 |
22 | /**
23 | * Created by nydiarra on 06/05/17.
24 | */
25 | @Configuration
26 | @EnableTransactionManagement
27 | @EnableJpaRepositories(basePackages = "com.nouhoun.springboot.jwt.integration.repository")
28 | public class DatasourceConfig {
29 |
30 | @Bean
31 | public DataSource datasource() throws PropertyVetoException {
32 | EmbeddedDatabaseBuilder builder = new EmbeddedDatabaseBuilder();
33 | EmbeddedDatabase dataSource = builder
34 | .setType(EmbeddedDatabaseType.H2)
35 | .addScript("sql-scripts/schema.sql")
36 | .addScript("sql-scripts/data.sql")
37 | .build();
38 |
39 | return dataSource;
40 | }
41 |
42 | @Bean
43 | public LocalContainerEntityManagerFactoryBean entityManagerFactory(@Qualifier("datasource") DataSource ds) throws PropertyVetoException{
44 | LocalContainerEntityManagerFactoryBean entityManagerFactory = new LocalContainerEntityManagerFactoryBean();
45 | entityManagerFactory.setDataSource(ds);
46 | entityManagerFactory.setPackagesToScan(new String[]{"com.nouhoun.springboot.jwt.integration.domain"});
47 | JpaVendorAdapter jpaVendorAdapter = new HibernateJpaVendorAdapter();
48 | entityManagerFactory.setJpaVendorAdapter(jpaVendorAdapter);
49 | return entityManagerFactory;
50 | }
51 |
52 | @Bean
53 | public PlatformTransactionManager transactionManager(EntityManagerFactory entityManagerFactory){
54 | JpaTransactionManager transactionManager = new JpaTransactionManager();
55 | transactionManager.setEntityManagerFactory(entityManagerFactory);
56 | return transactionManager;
57 | }
58 | }
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/config/ResourceServerConfig.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.config;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.beans.factory.annotation.Value;
5 | import org.springframework.context.annotation.Configuration;
6 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
7 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
8 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
9 | import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
10 | import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
11 |
12 | @Configuration
13 | @EnableResourceServer
14 | public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
15 | @Autowired
16 | private ResourceServerTokenServices tokenServices;
17 |
18 | @Value("${security.jwt.resource-ids}")
19 | private String resourceIds;
20 |
21 | @Override
22 | public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
23 | resources.resourceId(resourceIds).tokenServices(tokenServices);
24 | }
25 |
26 | @Override
27 | public void configure(HttpSecurity http) throws Exception {
28 | http
29 | .requestMatchers()
30 | .and()
31 | .authorizeRequests()
32 | .antMatchers("/actuator/**", "/api-docs/**").permitAll()
33 | .antMatchers("/springjwt/**" ).authenticated();
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/config/SecurityConfig.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.config;
2 |
3 | import org.springframework.beans.factory.annotation.Value;
4 | import org.springframework.context.annotation.Bean;
5 | import org.springframework.context.annotation.Configuration;
6 | import org.springframework.context.annotation.Primary;
7 | import org.springframework.security.authentication.AuthenticationManager;
8 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
10 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
11 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
12 | import org.springframework.security.config.http.SessionCreationPolicy;
13 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
14 | import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
15 | import org.springframework.security.oauth2.provider.token.TokenStore;
16 | import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
17 | import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
18 |
19 | /**
20 | * Created by nydiarra on 06/05/17.
21 | */
22 | @Configuration
23 | @EnableWebSecurity
24 | @EnableGlobalMethodSecurity(prePostEnabled = true)
25 | public class SecurityConfig extends WebSecurityConfigurerAdapter {
26 |
27 | @Value("${security.signing-key}")
28 | private String signingKey;
29 |
30 | @Value("${security.encoding-strength}")
31 | private Integer encodingStrength;
32 |
33 | @Value("${security.security-realm}")
34 | private String securityRealm;
35 |
36 | @Bean
37 | @Override
38 | protected AuthenticationManager authenticationManager() throws Exception {
39 | return super.authenticationManager();
40 | }
41 |
42 | @Bean
43 | public BCryptPasswordEncoder passwordEncoder() {
44 | return new BCryptPasswordEncoder();
45 | }
46 |
47 | @Override
48 | protected void configure(HttpSecurity http) throws Exception {
49 | http
50 | .sessionManagement()
51 | .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
52 | .and()
53 | .httpBasic()
54 | .realmName(securityRealm)
55 | .and()
56 | .csrf()
57 | .disable();
58 |
59 | }
60 |
61 | @Bean
62 | public JwtAccessTokenConverter accessTokenConverter() {
63 | JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
64 | converter.setSigningKey(signingKey);
65 | return converter;
66 | }
67 |
68 | @Bean
69 | public TokenStore tokenStore() {
70 | return new JwtTokenStore(accessTokenConverter());
71 | }
72 |
73 | @Bean
74 | @Primary //Making this primary to avoid any accidental duplication with another token service instance of the same name
75 | public DefaultTokenServices tokenServices() {
76 | DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
77 | defaultTokenServices.setTokenStore(tokenStore());
78 | defaultTokenServices.setSupportRefreshToken(true);
79 | return defaultTokenServices;
80 | }
81 | }
82 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/controller/ResourceController.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.controller;
2 |
3 | import com.nouhoun.springboot.jwt.integration.domain.RandomCity;
4 | import com.nouhoun.springboot.jwt.integration.domain.User;
5 | import com.nouhoun.springboot.jwt.integration.service.GenericService;
6 | import org.springframework.beans.factory.annotation.Autowired;
7 | import org.springframework.security.access.prepost.PreAuthorize;
8 | import org.springframework.web.bind.annotation.PathVariable;
9 | import org.springframework.web.bind.annotation.RequestMapping;
10 | import org.springframework.web.bind.annotation.RequestMethod;
11 | import org.springframework.web.bind.annotation.RestController;
12 |
13 | import java.util.List;
14 |
15 | /**
16 | * Created by nydiarra on 06/05/17.
17 | */
18 | @RestController
19 | @RequestMapping("/springjwt")
20 | public class ResourceController {
21 | @Autowired
22 | private GenericService userService;
23 |
24 | @RequestMapping(value ="/cities")
25 | @PreAuthorize("hasAuthority('ADMIN_USER') or hasAuthority('STANDARD_USER')")
26 | public List getUser(){
27 | return userService.findAllRandomCities();
28 | }
29 |
30 | @RequestMapping(value ="/users", method = RequestMethod.GET)
31 | @PreAuthorize("hasAuthority('ADMIN_USER')")
32 | public List getUsers(){
33 | return userService.findAllUsers();
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/domain/RandomCity.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.domain;
2 |
3 | import javax.persistence.*;
4 | import lombok.Getter;
5 | import lombok.Setter;
6 |
7 | /**
8 | * Created by nydiarra on 10/05/17.
9 | */
10 | @Entity
11 | @Table(name = "random_city")
12 | @Getter
13 | @Setter
14 | public class RandomCity {
15 | @Id
16 | @GeneratedValue(strategy = GenerationType.IDENTITY)
17 | @Column(name = "id")
18 | private Long id;
19 |
20 | @Column(name = "name")
21 | private String name;
22 | }
23 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/domain/Role.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.domain;
2 |
3 | import javax.persistence.*;
4 | import lombok.Getter;
5 | import lombok.Setter;
6 |
7 | /**
8 | * Created by nydiarra on 06/05/17.
9 | */
10 | @Entity
11 | @Table(name="app_role")
12 | @Getter
13 | @Setter
14 | public class Role {
15 | private static final long serialVersionUID = 1L;
16 | @Id
17 | @GeneratedValue(strategy = GenerationType.IDENTITY)
18 | private Long id;
19 |
20 | @Column(name="role_name")
21 | private String roleName;
22 |
23 | @Column(name="description")
24 | private String description;
25 | }
26 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/domain/User.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.domain;
2 |
3 | import com.fasterxml.jackson.annotation.JsonIgnore;
4 | import lombok.Getter;
5 | import lombok.Setter;
6 | import org.hibernate.validator.constraints.NotEmpty;
7 |
8 | import javax.persistence.*;
9 | import java.util.List;
10 |
11 | /**
12 | * Created by nydiarra on 06/05/17.
13 | */
14 | @Entity
15 | @Table(name = "app_user")
16 | @Getter
17 | @Setter
18 | public class User {
19 | @Id
20 | @GeneratedValue(strategy = GenerationType.IDENTITY)
21 | @Column(name = "id")
22 | private Long id;
23 |
24 | @Column(name = "username")
25 | private String username;
26 |
27 | @Column(name = "password")
28 | @JsonIgnore
29 | private String password;
30 |
31 | @Column(name = "first_name")
32 | private String firstName;
33 |
34 | @Column(name = "last_name")
35 | private String lastName;
36 |
37 | /**
38 | * Roles are being eagerly loaded here because
39 | * they are a fairly small collection of items for this example.
40 | */
41 | @ManyToMany(fetch = FetchType.EAGER)
42 | @JoinTable(name = "user_role", joinColumns
43 | = @JoinColumn(name = "user_id",
44 | referencedColumnName = "id"),
45 | inverseJoinColumns = @JoinColumn(name = "role_id",
46 | referencedColumnName = "id"))
47 | private List roles;
48 | }
49 |
50 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/repository/RandomCityRepository.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.repository;
2 |
3 | import com.nouhoun.springboot.jwt.integration.domain.RandomCity;
4 | import org.springframework.data.repository.CrudRepository;
5 |
6 | /**
7 | * Created by nydiarra on 10/05/17.
8 | */
9 | public interface RandomCityRepository extends CrudRepository {
10 | }
11 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/repository/RoleRepository.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.repository;
2 |
3 | import com.nouhoun.springboot.jwt.integration.domain.Role;
4 | import org.springframework.data.repository.CrudRepository;
5 |
6 | /**
7 | * Created by nydiarra on 06/05/17.
8 | */
9 | public interface RoleRepository extends CrudRepository {
10 | }
11 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/repository/UserRepository.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.repository;
2 |
3 | import com.nouhoun.springboot.jwt.integration.domain.User;
4 | import org.springframework.data.repository.CrudRepository;
5 | import org.springframework.data.repository.PagingAndSortingRepository;
6 |
7 | /**
8 | * Created by nydiarra on 06/05/17.
9 | */
10 | public interface UserRepository extends CrudRepository {
11 | User findByUsername(String username);
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/service/GenericService.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.service;
2 |
3 | import com.nouhoun.springboot.jwt.integration.domain.RandomCity;
4 | import com.nouhoun.springboot.jwt.integration.domain.User;
5 |
6 | import java.util.List;
7 |
8 | /**
9 | * Created by nydiarra on 06/05/17.
10 | */
11 | public interface GenericService {
12 | User findByUsername(String username);
13 |
14 | List findAllUsers();
15 |
16 | List findAllRandomCities();
17 | }
18 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/service/impl/AppUserDetailsService.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.service.impl;
2 |
3 | import com.nouhoun.springboot.jwt.integration.domain.User;
4 | import com.nouhoun.springboot.jwt.integration.repository.UserRepository;
5 | import org.springframework.beans.factory.annotation.Autowired;
6 | import org.springframework.security.core.GrantedAuthority;
7 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
8 | import org.springframework.security.core.userdetails.UserDetails;
9 | import org.springframework.security.core.userdetails.UserDetailsService;
10 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
11 | import org.springframework.stereotype.Component;
12 |
13 | import java.util.ArrayList;
14 | import java.util.List;
15 |
16 | /**
17 | * Created by nydiarra on 06/05/17.
18 | */
19 | @Component
20 | public class AppUserDetailsService implements UserDetailsService {
21 | @Autowired
22 | private UserRepository userRepository;
23 |
24 | @Override
25 | public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
26 | User user = userRepository.findByUsername(s);
27 |
28 | if(user == null) {
29 | throw new UsernameNotFoundException(String.format("The username %s doesn't exist", s));
30 | }
31 |
32 | List authorities = new ArrayList<>();
33 | user.getRoles().forEach(role -> {
34 | authorities.add(new SimpleGrantedAuthority(role.getRoleName()));
35 | });
36 |
37 | UserDetails userDetails = new org.springframework.security.core.userdetails.
38 | User(user.getUsername(), user.getPassword(), authorities);
39 |
40 | return userDetails;
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/src/main/java/com/nouhoun/springboot/jwt/integration/service/impl/GenericServiceImpl.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration.service.impl;
2 |
3 | import com.nouhoun.springboot.jwt.integration.domain.RandomCity;
4 | import com.nouhoun.springboot.jwt.integration.domain.User;
5 | import com.nouhoun.springboot.jwt.integration.repository.RandomCityRepository;
6 | import com.nouhoun.springboot.jwt.integration.repository.UserRepository;
7 | import com.nouhoun.springboot.jwt.integration.service.GenericService;
8 | import org.springframework.beans.factory.annotation.Autowired;
9 | import org.springframework.stereotype.Service;
10 |
11 | import java.util.List;
12 |
13 | /**
14 | * Created by nydiarra on 07/05/17.
15 | */
16 | @Service
17 | public class GenericServiceImpl implements GenericService {
18 | @Autowired
19 | private UserRepository userRepository;
20 |
21 | @Autowired
22 | private RandomCityRepository randomCityRepository;
23 |
24 | @Override
25 | public User findByUsername(String username) {
26 | return userRepository.findByUsername(username);
27 | }
28 |
29 | @Override
30 | public List findAllUsers() {
31 | return (List)userRepository.findAll();
32 | }
33 |
34 | @Override
35 | public List findAllRandomCities() {
36 | return (List)randomCityRepository.findAll();
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | security.oauth2.resource.filter-order=3
2 |
3 | security.signing-key=MaYzkSjmkzPC57L
4 | security.encoding-strength=256
5 | security.security-realm=Spring Boot JWT Example Realm
6 |
7 | security.jwt.client-id=testjwtclientid
8 | security.jwt.client-secret=XY7kmzoNzl100
9 | security.jwt.grant-type=password
10 | security.jwt.scope-read=read
11 | security.jwt.scope-write=write
12 | security.jwt.resource-ids=testjwtresourceid
--------------------------------------------------------------------------------
/src/main/resources/sql-scripts/data.sql:
--------------------------------------------------------------------------------
1 | INSERT INTO app_role (id, role_name, description) VALUES (1, 'STANDARD_USER', 'Standard User - Has no admin rights');
2 | INSERT INTO app_role (id, role_name, description) VALUES (2, 'ADMIN_USER', 'Admin User - Has permission to perform admin tasks');
3 |
4 | -- USER
5 | -- non-encrypted password: jwtpass
6 | INSERT INTO app_user (id, first_name, last_name, password, username) VALUES (1, 'John', 'Doe', '$2a$10$qtH0F1m488673KwgAfFXEOWxsoZSeHqqlB/8BTt3a6gsI5c2mdlfe', 'john.doe');
7 | INSERT INTO app_user (id, first_name, last_name, password, username) VALUES (2, 'Admin', 'Admin', '$2a$10$qtH0F1m488673KwgAfFXEOWxsoZSeHqqlB/8BTt3a6gsI5c2mdlfe', 'admin.admin');
8 |
9 |
10 | INSERT INTO user_role(user_id, role_id) VALUES(1,1);
11 | INSERT INTO user_role(user_id, role_id) VALUES(2,1);
12 | INSERT INTO user_role(user_id, role_id) VALUES(2,2);
13 |
14 | -- Populate random city table
15 |
16 | INSERT INTO random_city(id, name) VALUES (1, 'Bamako');
17 | INSERT INTO random_city(id, name) VALUES (2, 'Nonkon');
18 | INSERT INTO random_city(id, name) VALUES (3, 'Houston');
19 | INSERT INTO random_city(id, name) VALUES (4, 'Toronto');
20 | INSERT INTO random_city(id, name) VALUES (5, 'New York City');
21 | INSERT INTO random_city(id, name) VALUES (6, 'Mopti');
22 | INSERT INTO random_city(id, name) VALUES (7, 'Koulikoro');
23 | INSERT INTO random_city(id, name) VALUES (8, 'Moscow');
24 |
--------------------------------------------------------------------------------
/src/main/resources/sql-scripts/schema.sql:
--------------------------------------------------------------------------------
1 | CREATE TABLE random_city (
2 | id bigint(20) NOT NULL AUTO_INCREMENT,
3 | name varchar(255) DEFAULT NULL,
4 | PRIMARY KEY (id)
5 | );
6 |
7 | CREATE TABLE app_role (
8 | id bigint(20) NOT NULL AUTO_INCREMENT,
9 | description varchar(255) DEFAULT NULL,
10 | role_name varchar(255) DEFAULT NULL,
11 | PRIMARY KEY (id)
12 | );
13 |
14 |
15 | CREATE TABLE app_user (
16 | id bigint(20) NOT NULL AUTO_INCREMENT,
17 | first_name varchar(255) NOT NULL,
18 | last_name varchar(255) NOT NULL,
19 | password varchar(255) NOT NULL,
20 | username varchar(255) NOT NULL,
21 | PRIMARY KEY (id)
22 | );
23 |
24 |
25 | CREATE TABLE user_role (
26 | user_id bigint(20) NOT NULL,
27 | role_id bigint(20) NOT NULL,
28 | CONSTRAINT FK859n2jvi8ivhui0rl0esws6o FOREIGN KEY (user_id) REFERENCES app_user (id),
29 | CONSTRAINT FKa68196081fvovjhkek5m97n3y FOREIGN KEY (role_id) REFERENCES app_role (id)
30 | );
--------------------------------------------------------------------------------
/src/test/java/com/nouhoun/springboot/jwt/integration/SpringbootJwtApplicationTests.java:
--------------------------------------------------------------------------------
1 | package com.nouhoun.springboot.jwt.integration;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.boot.test.context.SpringBootTest;
6 | import org.springframework.test.context.junit4.SpringRunner;
7 |
8 | @RunWith(SpringRunner.class)
9 | @SpringBootTest
10 | public class SpringbootJwtApplicationTests {
11 |
12 | @Test
13 | public void contextLoads() {
14 | }
15 |
16 | }
17 |
--------------------------------------------------------------------------------