├── .gitignore ├── .mvn └── wrapper │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── README.md ├── com.springboilerplate.app.user.User ├── segments_14 └── write.lock ├── com.springboilerplate.model.User ├── segments_2b └── write.lock ├── mvnw ├── mvnw.cmd ├── pom.xml └── src ├── main ├── java │ └── com │ │ └── springboilerplate │ │ ├── SpringBoilerplateApplication.java │ │ ├── app │ │ ├── auth │ │ │ ├── AccountCredentials.java │ │ │ ├── AuthController.java │ │ │ └── JwtAuthenticationResponse.java │ │ ├── passwordRestToken │ │ │ ├── PasswordDto.java │ │ │ ├── PasswordResetToken.java │ │ │ ├── PasswordResetTokenController.java │ │ │ ├── PasswordResetTokenRepository.java │ │ │ ├── PasswordResetTokenService.java │ │ │ └── PasswordResetTokenServiceImpl.java │ │ ├── role │ │ │ ├── Role.java │ │ │ ├── RoleRepository.java │ │ │ └── RoleType.java │ │ ├── search │ │ │ ├── HibernateSearchService.java │ │ │ └── UserSearchService.java │ │ ├── user │ │ │ ├── User.java │ │ │ ├── UserController.java │ │ │ ├── UserDto.java │ │ │ ├── UserDtoMapper.java │ │ │ ├── UserRepository.java │ │ │ ├── UserService.java │ │ │ └── UserServiceImpl.java │ │ └── userRole │ │ │ ├── UserRole.java │ │ │ └── UserRoleRepository.java │ │ ├── config │ │ ├── HibernateSearchConfig.java │ │ ├── MailConfig.java │ │ ├── MethodSecurityConfig.java │ │ ├── ModelMapperConfig.java │ │ ├── ObjectMapperConfig.java │ │ ├── SwaggerConfig.java │ │ ├── WebMvcConfig.java │ │ └── WebSecurityConfig.java │ │ ├── exceptions │ │ ├── ApiError.java │ │ ├── CentralizedExceptionHandler.java │ │ ├── ExpiredTokenException.java │ │ ├── InvalidPasswordResetToken.java │ │ ├── InvalidTokenException.java │ │ ├── NoTokenException.java │ │ ├── RoleDoesNotExistException.java │ │ └── SendingTokenException.java │ │ ├── helper │ │ ├── AsyncMailer.java │ │ ├── MailData.java │ │ ├── MailService.java │ │ ├── MailServiceImpl.java │ │ └── SecurityHelper.java │ │ ├── security │ │ ├── CustomUserService.java │ │ ├── JwtAuthenticationEntryPoint.java │ │ ├── JwtAuthorizationTokenFilter.java │ │ ├── JwtTokenUtil.java │ │ └── JwtUserDetailsService.java │ │ └── utils │ │ ├── DbSeed.java │ │ ├── JsonUtils.java │ │ └── SecurityUtils.java └── resources │ ├── application.properties │ └── db │ └── migration │ └── V1_0__init.sql └── test ├── java └── com │ └── springboilerplate │ ├── app │ ├── auth │ │ └── AuthControllerTest.java │ ├── passwordResetToken │ │ ├── PasswordResetTokenMocks.java │ │ ├── PasswordResetTokenRepositoryTest.java │ │ ├── PasswordResetTokenServiceImplTest.java │ │ └── PasswordResetTokenStubs.java │ ├── role │ │ ├── RoleMocks.java │ │ ├── RoleRepositoryTest.java │ │ └── RoleStubs.java │ ├── search │ │ └── UserSearchServiceTest.java │ ├── user │ │ ├── EnvironmentMocks.java │ │ ├── MailServiceMocks.java │ │ ├── UserMocks.java │ │ ├── UserRepositoryTest.java │ │ ├── UserServiceImplTest.java │ │ └── UserStubs.java │ └── userRole │ │ ├── UserRoleRepositoryTest.java │ │ └── UserRoleStubs.java │ ├── dtoMapper │ ├── MapperMocks.java │ └── UserDtoMapperTest.java │ ├── helper │ └── MailServiceImplTest.java │ ├── mocks │ └── DataGenerator.java │ └── security │ ├── CustomUserDetailsServiceTest.java │ ├── JwtTokenUtilTest.java │ ├── SecurityHelperMocks.java │ └── UserDetailsStub.java └── resources └── application.properties /.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | !.mvn/wrapper/maven-wrapper.jar 3 | 4 | ### STS ### 5 | .apt_generated 6 | .classpath 7 | .factorypath 8 | .project 9 | .settings 10 | .springBeans 11 | 12 | ### IntelliJ IDEA ### 13 | .idea 14 | *.iws 15 | *.iml 16 | *.ipr 17 | 18 | ### NetBeans ### 19 | nbproject/private/ 20 | build/ 21 | nbbuild/ 22 | dist/ 23 | nbdist/ 24 | .nb-gradle/ 25 | 26 | #Hibernate search's indexes. 27 | com.springboilerplate.springboilerplate.app.user.User -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/patrick-emmanuel/spring-boot-boilerplate/12f3c81043f582260f790fea445adba2f8476efe/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo1.maven.org/maven2/org/apache/maven/apache-maven/3.5.0/apache-maven-3.5.0-bin.zip 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Spring Boot Boilerplate 2 | A project to bootstrap a spring boot app with user authentication with a database, and test samples. 3 | 4 | # Worthy Mention 5 | JWT implementation inspired by [szerhusenBC](https://github.com/szerhusenBC/jwt-spring-security-demo). 6 | -------------------------------------------------------------------------------- /com.springboilerplate.app.user.User/segments_14: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/patrick-emmanuel/spring-boot-boilerplate/12f3c81043f582260f790fea445adba2f8476efe/com.springboilerplate.app.user.User/segments_14 -------------------------------------------------------------------------------- /com.springboilerplate.app.user.User/write.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/patrick-emmanuel/spring-boot-boilerplate/12f3c81043f582260f790fea445adba2f8476efe/com.springboilerplate.app.user.User/write.lock -------------------------------------------------------------------------------- /com.springboilerplate.model.User/segments_2b: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/patrick-emmanuel/spring-boot-boilerplate/12f3c81043f582260f790fea445adba2f8476efe/com.springboilerplate.model.User/segments_2b -------------------------------------------------------------------------------- /com.springboilerplate.model.User/write.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/patrick-emmanuel/spring-boot-boilerplate/12f3c81043f582260f790fea445adba2f8476efe/com.springboilerplate.model.User/write.lock -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven2 Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /etc/mavenrc ] ; then 40 | . /etc/mavenrc 41 | fi 42 | 43 | if [ -f "$HOME/.mavenrc" ] ; then 44 | . "$HOME/.mavenrc" 45 | fi 46 | 47 | fi 48 | 49 | # OS specific support. $var _must_ be set to either true or false. 50 | cygwin=false; 51 | darwin=false; 52 | mingw=false 53 | case "`uname`" in 54 | CYGWIN*) cygwin=true ;; 55 | MINGW*) mingw=true;; 56 | Darwin*) darwin=true 57 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 58 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 59 | if [ -z "$JAVA_HOME" ]; then 60 | if [ -x "/usr/libexec/java_home" ]; then 61 | export JAVA_HOME="`/usr/libexec/java_home`" 62 | else 63 | export JAVA_HOME="/Library/Java/Home" 64 | fi 65 | fi 66 | ;; 67 | esac 68 | 69 | if [ -z "$JAVA_HOME" ] ; then 70 | if [ -r /etc/gentoo-release ] ; then 71 | JAVA_HOME=`java-config --jre-home` 72 | fi 73 | fi 74 | 75 | if [ -z "$M2_HOME" ] ; then 76 | ## resolve links - $0 may be a link to maven's home 77 | PRG="$0" 78 | 79 | # need this for relative symlinks 80 | while [ -h "$PRG" ] ; do 81 | ls=`ls -ld "$PRG"` 82 | link=`expr "$ls" : '.*-> \(.*\)$'` 83 | if expr "$link" : '/.*' > /dev/null; then 84 | PRG="$link" 85 | else 86 | PRG="`dirname "$PRG"`/$link" 87 | fi 88 | done 89 | 90 | saveddir=`pwd` 91 | 92 | M2_HOME=`dirname "$PRG"`/.. 93 | 94 | # make it fully qualified 95 | M2_HOME=`cd "$M2_HOME" && pwd` 96 | 97 | cd "$saveddir" 98 | # echo Using m2 at $M2_HOME 99 | fi 100 | 101 | # For Cygwin, ensure paths are in UNIX format before anything is touched 102 | if $cygwin ; then 103 | [ -n "$M2_HOME" ] && 104 | M2_HOME=`cygpath --unix "$M2_HOME"` 105 | [ -n "$JAVA_HOME" ] && 106 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 107 | [ -n "$CLASSPATH" ] && 108 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 109 | fi 110 | 111 | # For Migwn, ensure paths are in UNIX format before anything is touched 112 | if $mingw ; then 113 | [ -n "$M2_HOME" ] && 114 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 115 | [ -n "$JAVA_HOME" ] && 116 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 117 | # TODO classpath? 118 | fi 119 | 120 | if [ -z "$JAVA_HOME" ]; then 121 | javaExecutable="`which javac`" 122 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 123 | # readlink(1) is not available as standard on Solaris 10. 124 | readLink=`which readlink` 125 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 126 | if $darwin ; then 127 | javaHome="`dirname \"$javaExecutable\"`" 128 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 129 | else 130 | javaExecutable="`readlink -f \"$javaExecutable\"`" 131 | fi 132 | javaHome="`dirname \"$javaExecutable\"`" 133 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 134 | JAVA_HOME="$javaHome" 135 | export JAVA_HOME 136 | fi 137 | fi 138 | fi 139 | 140 | if [ -z "$JAVACMD" ] ; then 141 | if [ -n "$JAVA_HOME" ] ; then 142 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 143 | # IBM's JDK on AIX uses strange locations for the executables 144 | JAVACMD="$JAVA_HOME/jre/sh/java" 145 | else 146 | JAVACMD="$JAVA_HOME/bin/java" 147 | fi 148 | else 149 | JAVACMD="`which java`" 150 | fi 151 | fi 152 | 153 | if [ ! -x "$JAVACMD" ] ; then 154 | echo "Error: JAVA_HOME is not defined correctly." >&2 155 | echo " We cannot execute $JAVACMD" >&2 156 | exit 1 157 | fi 158 | 159 | if [ -z "$JAVA_HOME" ] ; then 160 | echo "Warning: JAVA_HOME environment variable is not set." 161 | fi 162 | 163 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 164 | 165 | # traverses directory structure from process work directory to filesystem root 166 | # first directory with .mvn subdirectory is considered project base directory 167 | find_maven_basedir() { 168 | 169 | if [ -z "$1" ] 170 | then 171 | echo "Path not specified to find_maven_basedir" 172 | return 1 173 | fi 174 | 175 | basedir="$1" 176 | wdir="$1" 177 | while [ "$wdir" != '/' ] ; do 178 | if [ -d "$wdir"/.mvn ] ; then 179 | basedir=$wdir 180 | break 181 | fi 182 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 183 | if [ -d "${wdir}" ]; then 184 | wdir=`cd "$wdir/.."; pwd` 185 | fi 186 | # end of workaround 187 | done 188 | echo "${basedir}" 189 | } 190 | 191 | # concatenates all lines of a file 192 | concat_lines() { 193 | if [ -f "$1" ]; then 194 | echo "$(tr -s '\n' ' ' < "$1")" 195 | fi 196 | } 197 | 198 | BASE_DIR=`find_maven_basedir "$(pwd)"` 199 | if [ -z "$BASE_DIR" ]; then 200 | exit 1; 201 | fi 202 | 203 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 204 | echo $MAVEN_PROJECTBASEDIR 205 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 206 | 207 | # For Cygwin, switch paths to Windows format before running java 208 | if $cygwin; then 209 | [ -n "$M2_HOME" ] && 210 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 211 | [ -n "$JAVA_HOME" ] && 212 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 213 | [ -n "$CLASSPATH" ] && 214 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 215 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 216 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 217 | fi 218 | 219 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 220 | 221 | exec "$JAVACMD" \ 222 | $MAVEN_OPTS \ 223 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 224 | "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 225 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 226 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM http://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven2 Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a key stroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM enable echoing my setting MAVEN_BATCH_ECHO to 'on' 39 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 40 | 41 | @REM set %HOME% to equivalent of $HOME 42 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 43 | 44 | @REM Execute a user defined script before this one 45 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 46 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 47 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat" 48 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd" 49 | :skipRcPre 50 | 51 | @setlocal 52 | 53 | set ERROR_CODE=0 54 | 55 | @REM To isolate internal variables from possible post scripts, we use another setlocal 56 | @setlocal 57 | 58 | @REM ==== START VALIDATION ==== 59 | if not "%JAVA_HOME%" == "" goto OkJHome 60 | 61 | echo. 62 | echo Error: JAVA_HOME not found in your environment. >&2 63 | echo Please set the JAVA_HOME variable in your environment to match the >&2 64 | echo location of your Java installation. >&2 65 | echo. 66 | goto error 67 | 68 | :OkJHome 69 | if exist "%JAVA_HOME%\bin\java.exe" goto init 70 | 71 | echo. 72 | echo Error: JAVA_HOME is set to an invalid directory. >&2 73 | echo JAVA_HOME = "%JAVA_HOME%" >&2 74 | echo Please set the JAVA_HOME variable in your environment to match the >&2 75 | echo location of your Java installation. >&2 76 | echo. 77 | goto error 78 | 79 | @REM ==== END VALIDATION ==== 80 | 81 | :init 82 | 83 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 84 | @REM Fallback to current working directory if not found. 85 | 86 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 87 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 88 | 89 | set EXEC_DIR=%CD% 90 | set WDIR=%EXEC_DIR% 91 | :findBaseDir 92 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 93 | cd .. 94 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 95 | set WDIR=%CD% 96 | goto findBaseDir 97 | 98 | :baseDirFound 99 | set MAVEN_PROJECTBASEDIR=%WDIR% 100 | cd "%EXEC_DIR%" 101 | goto endDetectBaseDir 102 | 103 | :baseDirNotFound 104 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 105 | cd "%EXEC_DIR%" 106 | 107 | :endDetectBaseDir 108 | 109 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 110 | 111 | @setlocal EnableExtensions EnableDelayedExpansion 112 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 113 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 114 | 115 | :endReadAdditionalConfig 116 | 117 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 118 | 119 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 120 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 121 | 122 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 123 | if ERRORLEVEL 1 goto error 124 | goto end 125 | 126 | :error 127 | set ERROR_CODE=1 128 | 129 | :end 130 | @endlocal & set ERROR_CODE=%ERROR_CODE% 131 | 132 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost 133 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 134 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat" 135 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd" 136 | :skipRcPost 137 | 138 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 139 | if "%MAVEN_BATCH_PAUSE%" == "on" pause 140 | 141 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE% 142 | 143 | exit /B %ERROR_CODE% 144 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.spring-boilerplate 7 | spring-boilerplate 8 | 0.0.1-SNAPSHOT 9 | jar 10 | 11 | spring-boilerplate 12 | Demo project for Spring Boot 13 | 14 | 15 | org.springframework.boot 16 | spring-boot-starter-parent 17 | 2.0.0.RELEASE 18 | 19 | 20 | 21 | 22 | UTF-8 23 | UTF-8 24 | 1.8 25 | 26 | 27 | 28 | spring-snapshot 29 | http://maven.springframework.org/snapshot 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | org.postgresql 38 | postgresql 39 | 9.4-1200-jdbc41 40 | 41 | 42 | org.springframework.boot 43 | spring-boot-starter-data-jpa 44 | 2.0.0.RELEASE 45 | 46 | 47 | org.springframework.boot 48 | spring-boot-starter-logging 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | org.springframework.boot 60 | spring-boot-starter-web 61 | 2.0.0.RELEASE 62 | 63 | 64 | org.hibernate.validator 65 | hibernate-validator 66 | 6.0.8.Final 67 | 68 | 69 | org.hibernate 70 | hibernate-search-orm 71 | 5.11.5.Final 72 | 73 | 74 | org.hibernate 75 | hibernate-core 76 | 5.2.3.Final 77 | 78 | 79 | com.h2database 80 | h2 81 | test 82 | 83 | 84 | 85 | org.springframework.boot 86 | spring-boot-starter-data-rest 87 | 88 | 89 | 90 | org.springframework.boot 91 | spring-boot-starter-actuator 92 | 93 | 94 | org.springframework.boot 95 | spring-boot-devtools 96 | runtime 97 | 98 | 99 | 100 | org.springframework.boot 101 | spring-boot-starter-test 102 | test 103 | 104 | 105 | org.springframework.security 106 | spring-security-test 107 | test 108 | 109 | 110 | 111 | io.jsonwebtoken 112 | jjwt 113 | 0.9.0 114 | 115 | 116 | org.springframework.boot 117 | spring-boot-starter-security 118 | 119 | 120 | io.springfox 121 | springfox-swagger2 122 | 2.7.0 123 | 124 | 125 | io.springfox 126 | springfox-swagger-ui 127 | 2.9.2 128 | 129 | 130 | 131 | org.springframework.boot 132 | spring-boot-starter-mail 133 | 134 | 135 | org.modelmapper.extensions 136 | modelmapper-spring 137 | 2.3.6 138 | 139 | 140 | com.google.code.gson 141 | gson 142 | 143 | 144 | 145 | commons-io 146 | commons-io 147 | 2.6 148 | 149 | 150 | 151 | 152 | 153 | org.springframework.boot 154 | spring-boot-starter-cache 155 | 2.2.5.RELEASE 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | org.springframework.boot 164 | spring-boot-maven-plugin 165 | 166 | 167 | 168 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/SpringBoilerplateApplication.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class SpringBoilerplateApplication { 8 | public static void main(String[] args) { 9 | SpringApplication.run(SpringBoilerplateApplication.class, args); 10 | } 11 | 12 | 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/auth/AccountCredentials.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.auth; 2 | 3 | import java.io.Serializable; 4 | 5 | public class AccountCredentials implements Serializable{ 6 | private String email; 7 | private String password; 8 | 9 | public String getEmail() { 10 | return email; 11 | } 12 | 13 | public void setEmail(String email) { 14 | this.email = email; 15 | } 16 | 17 | public String getPassword() { 18 | return password; 19 | } 20 | 21 | public void setPassword(String password) { 22 | this.password = password; 23 | } 24 | 25 | public AccountCredentials() {} 26 | 27 | public AccountCredentials(String email, String password) { 28 | this.email = email; 29 | this.password = password; 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/auth/AuthController.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.auth; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import com.springboilerplate.security.CustomUserService; 5 | import com.springboilerplate.security.JwtTokenUtil; 6 | import io.swagger.annotations.Api; 7 | import org.slf4j.Logger; 8 | import org.slf4j.LoggerFactory; 9 | import org.springframework.beans.factory.annotation.Autowired; 10 | import org.springframework.beans.factory.annotation.Value; 11 | import org.springframework.http.ResponseEntity; 12 | import org.springframework.security.authentication.AuthenticationManager; 13 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 14 | import org.springframework.security.core.AuthenticationException; 15 | import org.springframework.web.bind.annotation.*; 16 | 17 | import javax.servlet.http.HttpServletRequest; 18 | import javax.validation.constraints.NotNull; 19 | 20 | @RestController 21 | @Api(value="Authentication", description="Operations that handle user authentication") 22 | public class AuthController { 23 | 24 | private Logger logger = LoggerFactory.getLogger(AuthController.class); 25 | @Value("${jwt.header}") 26 | private String tokenHeader; 27 | @Autowired 28 | private JwtTokenUtil jwtTokenUtil; 29 | @Autowired 30 | private AuthenticationManager authenticationManager; 31 | @Autowired 32 | private CustomUserService customUserService; 33 | 34 | @GetMapping(value = "/user") 35 | public User getAuthenticatedUser(HttpServletRequest request) { 36 | String token = request.getHeader(tokenHeader).substring(7); 37 | logger.info("Retrieved token: '{}'", token); 38 | String email = jwtTokenUtil.getEmailFromToken(token); 39 | logger.info("Retrieved user from token: '{}'", email); 40 | return customUserService.loadUserByUsername(email); 41 | } 42 | 43 | @PostMapping(value = "${jwt.route.authentication.path}") 44 | public ResponseEntity createAuthenticationToken(@RequestBody AccountCredentials accountCredentials) { 45 | authenticateUser(accountCredentials); 46 | final User userDetails = customUserService.loadUserByUsername(accountCredentials.getEmail()); 47 | logger.info("Loaded user details: '{}' '{}'", userDetails); 48 | final String token = jwtTokenUtil.generateToken(userDetails); 49 | logger.info("Generated token: '{}'", token); 50 | return ResponseEntity.ok(new JwtAuthenticationResponse(token)); 51 | } 52 | 53 | @GetMapping(value = "${jwt.route.authentication.refresh}") 54 | public ResponseEntity refreshAndGetAuthenticationToken(HttpServletRequest request) { 55 | String authToken = request.getHeader(tokenHeader); 56 | final String token = authToken.substring(7); 57 | String email = jwtTokenUtil.getEmailFromToken(token); 58 | User user = customUserService.loadUserByUsername(email); 59 | if (jwtTokenUtil.canTokenBeRefreshed(token, user.getLastPasswordResetDate())) { 60 | String refreshedToken = jwtTokenUtil.refreshToken(token); 61 | return ResponseEntity.ok(new JwtAuthenticationResponse(refreshedToken)); 62 | } else { 63 | return ResponseEntity.badRequest().body(null); 64 | } 65 | } 66 | 67 | private void authenticateUser(@NotNull AccountCredentials accountCredentials) throws AuthenticationException{ 68 | String email = accountCredentials.getEmail(), password = accountCredentials.getPassword(); 69 | logger.info("Authenticating with the following email and password: '{}' '{}'", email, password); 70 | authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(email, password)); 71 | logger.info("Authenticated with email: '{}' '{}'", email, password); 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/auth/JwtAuthenticationResponse.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.auth; 2 | 3 | import java.io.Serializable; 4 | 5 | public class JwtAuthenticationResponse implements Serializable { 6 | 7 | private static final long serialVersionUID = 1250166508152483573L; 8 | 9 | private final String token; 10 | 11 | public JwtAuthenticationResponse(String token) { 12 | this.token = token; 13 | } 14 | 15 | public String getToken() { 16 | return this.token; 17 | } 18 | } -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/passwordRestToken/PasswordDto.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordRestToken; 2 | 3 | public class PasswordDto { 4 | private String newPassword; 5 | 6 | public String getNewPassword() { 7 | return newPassword; 8 | } 9 | 10 | public void setNewPassword(String newPassword) { 11 | this.newPassword = newPassword; 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/passwordRestToken/PasswordResetToken.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordRestToken; 2 | 3 | import com.fasterxml.jackson.annotation.JsonRootName; 4 | import com.springboilerplate.app.user.User; 5 | 6 | import javax.persistence.*; 7 | import javax.validation.constraints.NotNull; 8 | import java.time.Instant; 9 | 10 | @Entity 11 | @Table(name = "password_reset_token") 12 | @JsonRootName(value = "payload") 13 | public class PasswordResetToken { 14 | 15 | private Long id; 16 | private String token; 17 | private User user; 18 | private Instant expiryDate = Instant.now().plusSeconds(86400L); 19 | 20 | public PasswordResetToken() { 21 | } 22 | 23 | @Id 24 | @GeneratedValue(strategy= GenerationType.IDENTITY) 25 | @Column(name = "password_reset_token_id") 26 | public Long getId() { 27 | return id; 28 | } 29 | 30 | public void setId(Long id) { 31 | this.id = id; 32 | } 33 | 34 | @NotNull 35 | public String getToken() { 36 | return token; 37 | } 38 | 39 | public void setToken(String token) { 40 | this.token = token; 41 | } 42 | 43 | @OneToOne(targetEntity = User.class, fetch = FetchType.LAZY) 44 | @JoinColumn(nullable = false, name = "user_id") 45 | public User getUser() { 46 | return user; 47 | } 48 | 49 | public void setUser(User user) { 50 | this.user = user; 51 | } 52 | 53 | @Column(name = "expiry_date") 54 | public Instant getExpiryDate() { 55 | return expiryDate; 56 | } 57 | 58 | public void setExpiryDate(Instant expiryDate) { 59 | this.expiryDate = expiryDate; 60 | } 61 | 62 | public PasswordResetToken(String token, User user) { 63 | this.token = token; 64 | this.user = user; 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/passwordRestToken/PasswordResetTokenController.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordRestToken; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import com.springboilerplate.utils.SecurityUtils; 5 | import io.swagger.annotations.Api; 6 | import org.springframework.beans.factory.annotation.Autowired; 7 | import org.springframework.http.HttpStatus; 8 | import org.springframework.http.ResponseEntity; 9 | import org.springframework.web.bind.annotation.PostMapping; 10 | import org.springframework.web.bind.annotation.RequestParam; 11 | import org.springframework.web.bind.annotation.RestController; 12 | 13 | @RestController("/passwordResetToken") 14 | @Api(value="Reset Password", description="Operations to enable the user replace their password") 15 | public class PasswordResetTokenController { 16 | 17 | private PasswordResetTokenService passwordResetTokenService; 18 | 19 | @Autowired 20 | public PasswordResetTokenController(PasswordResetTokenService passwordResetTokenService) { 21 | this.passwordResetTokenService = passwordResetTokenService; 22 | } 23 | 24 | @PostMapping(value = "/resetPassword") 25 | public ResponseEntity resetPassword() throws Exception{ 26 | User user = SecurityUtils.getLoggedInUser(); 27 | passwordResetTokenService.createPasswordResetTokenForUser(user); 28 | return new ResponseEntity<>(HttpStatus.OK); 29 | } 30 | 31 | //If successfully validated, then the user can update his password. 32 | @PostMapping(value = "/validateToken") 33 | public ResponseEntity validateUserPassword(@RequestParam("userId") long userId, 34 | @RequestParam("token") String token) { 35 | boolean valid = passwordResetTokenService.validateResetToken(userId, token); 36 | return new ResponseEntity<>(valid, HttpStatus.OK); 37 | } 38 | 39 | } 40 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/passwordRestToken/PasswordResetTokenRepository.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordRestToken; 2 | import org.springframework.data.jpa.repository.JpaRepository; 3 | 4 | import java.util.Optional; 5 | 6 | public interface PasswordResetTokenRepository extends JpaRepository{ 7 | 8 | Optional findByToken(String token); 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/passwordRestToken/PasswordResetTokenService.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordRestToken; 2 | 3 | import com.springboilerplate.app.user.User; 4 | 5 | import javax.mail.MessagingException; 6 | 7 | public interface PasswordResetTokenService { 8 | void createPasswordResetTokenForUser(User user) throws MessagingException; 9 | 10 | boolean validateResetToken(Long userId, String token); 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/passwordRestToken/PasswordResetTokenServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordRestToken; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import com.springboilerplate.helper.MailService; 5 | import com.springboilerplate.helper.SecurityHelper; 6 | import org.springframework.beans.factory.annotation.Autowired; 7 | import org.springframework.stereotype.Service; 8 | 9 | import javax.mail.MessagingException; 10 | import java.time.Instant; 11 | import java.util.Optional; 12 | import java.util.UUID; 13 | @Service 14 | public class PasswordResetTokenServiceImpl implements PasswordResetTokenService { 15 | 16 | private PasswordResetTokenRepository passwordTokenRepository; 17 | private MailService mailService; 18 | private SecurityHelper securityHelper; 19 | 20 | @Autowired 21 | public PasswordResetTokenServiceImpl(PasswordResetTokenRepository passwordTokenRepository, 22 | MailService mailService, SecurityHelper securityHelper) { 23 | this.passwordTokenRepository = passwordTokenRepository; 24 | this.mailService = mailService; 25 | this.securityHelper = securityHelper; 26 | } 27 | 28 | @Override 29 | public void createPasswordResetTokenForUser(User user) throws MessagingException { 30 | String token = UUID.randomUUID().toString(); 31 | PasswordResetToken userToken = new PasswordResetToken(token, user); 32 | passwordTokenRepository.save(userToken); 33 | mailService.sendMail(user.getEmail(), "Your reset password is: " + token, "Password Reset Token"); 34 | } 35 | 36 | @Override 37 | public boolean validateResetToken(Long userId, String tokenValue) { 38 | Optional optionalToken = passwordTokenRepository.findByToken(tokenValue); 39 | boolean validToken = optionalToken 40 | .filter(userToken -> !isTokenExpired(userToken)) 41 | .filter(userToken -> isTokenValid(userToken, userId)) 42 | .isPresent(); 43 | if(validToken){ 44 | securityHelper.grantUserChangePasswordPrivilege(optionalToken.get()); 45 | return true; 46 | } 47 | return false; 48 | } 49 | 50 | private boolean isTokenValid(PasswordResetToken userToken, Long userId) { 51 | return Optional.ofNullable(userToken) 52 | .map(PasswordResetToken::getUser) 53 | .filter(user -> user.getId().equals(userId)) 54 | .isPresent(); 55 | } 56 | 57 | private boolean isTokenExpired(PasswordResetToken userToken){ 58 | Instant currentTime = Instant.now(); 59 | Instant expiryTime = userToken.getExpiryDate(); 60 | return expiryTime.isBefore(currentTime); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/role/Role.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.role; 2 | 3 | import javax.persistence.*; 4 | import javax.validation.constraints.NotNull; 5 | import java.time.LocalDateTime; 6 | import java.util.ArrayList; 7 | import java.util.List; 8 | 9 | import com.fasterxml.jackson.annotation.JsonFormat; 10 | import com.fasterxml.jackson.annotation.JsonIdentityInfo; 11 | import com.fasterxml.jackson.annotation.JsonRootName; 12 | import com.fasterxml.jackson.annotation.ObjectIdGenerators; 13 | import com.springboilerplate.app.userRole.UserRole; 14 | import org.hibernate.search.annotations.DocumentId; 15 | 16 | @Entity 17 | @Table(name="role") 18 | @JsonIdentityInfo( 19 | generator = ObjectIdGenerators.PropertyGenerator.class, 20 | property = "id", scope = Role.class) 21 | @JsonRootName(value = "payload") 22 | public class Role { 23 | @Transient 24 | private LocalDateTime now = LocalDateTime.now(); 25 | 26 | private Long id; 27 | private RoleType name; 28 | private List userRoles = new ArrayList<>(); 29 | private boolean enabled = true; 30 | private boolean deleted = false; 31 | private LocalDateTime createdAt = now; 32 | private LocalDateTime modifiedAt = now; 33 | 34 | public Role(RoleType name) { 35 | this.name = name; 36 | } 37 | 38 | public Role() { 39 | } 40 | 41 | @Id 42 | @GeneratedValue(strategy=GenerationType.IDENTITY) 43 | @DocumentId 44 | @Column(name="role_id") 45 | public Long getId() { 46 | return id; 47 | } 48 | 49 | public void setId(Long id) { 50 | this.id = id; 51 | } 52 | 53 | @NotNull 54 | @Column(name="name", unique = true, length = 50) 55 | @Enumerated(EnumType.STRING) 56 | public RoleType getName() { 57 | return name; 58 | } 59 | 60 | public void setName(RoleType name) { 61 | this.name = name; 62 | } 63 | 64 | @OneToMany(mappedBy = "role", orphanRemoval = true) 65 | public List getUserRoles() { 66 | return userRoles; 67 | } 68 | 69 | public void setUserRoles(List userRoles) { 70 | this.userRoles = userRoles; 71 | } 72 | 73 | public void addUserRole(UserRole userRole){ 74 | userRoles.add(userRole); 75 | userRole.setRole(this); 76 | } 77 | 78 | @Column 79 | public boolean isEnabled() { 80 | return enabled; 81 | } 82 | 83 | public void setEnabled(boolean enabled) { 84 | this.enabled = enabled; 85 | } 86 | 87 | @Column 88 | public boolean isDeleted() { 89 | return deleted; 90 | } 91 | 92 | public void setDeleted(boolean deleted) { 93 | this.deleted = deleted; 94 | } 95 | 96 | @Column(name = "created_at") 97 | @JsonFormat(pattern="yyyy-MM-dd HH:mm:ss") 98 | public LocalDateTime getCreatedAt() { 99 | return createdAt; 100 | } 101 | 102 | public void setCreatedAt(LocalDateTime createdAt) { 103 | this.createdAt = createdAt; 104 | } 105 | 106 | @Column(name = "modified_at") 107 | @JsonFormat(pattern="yyyy-MM-dd HH:mm:ss") 108 | public LocalDateTime getModifiedAt() { 109 | return modifiedAt; 110 | } 111 | 112 | public void setModifiedAt(LocalDateTime modifiedAt) { 113 | this.modifiedAt = modifiedAt; 114 | } 115 | } 116 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/role/RoleRepository.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.role; 2 | 3 | import org.springframework.data.jpa.repository.JpaRepository; 4 | import org.springframework.transaction.annotation.Transactional; 5 | 6 | import java.util.Optional; 7 | 8 | @Transactional 9 | public interface RoleRepository extends JpaRepository{ 10 | Optional findByName(RoleType name); 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/role/RoleType.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.role; 2 | 3 | public enum RoleType { 4 | ROLE_USER, ROLE_ADMIN 5 | } 6 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/search/HibernateSearchService.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.search; 2 | 3 | 4 | import org.hibernate.search.jpa.FullTextEntityManager; 5 | import org.hibernate.search.jpa.Search; 6 | import org.springframework.beans.factory.annotation.Autowired; 7 | import org.springframework.stereotype.Service; 8 | import org.springframework.transaction.annotation.Transactional; 9 | 10 | import javax.persistence.EntityManager; 11 | 12 | @Service 13 | public class HibernateSearchService { 14 | 15 | private EntityManager entityManager; 16 | 17 | @Autowired 18 | public HibernateSearchService(EntityManager entityManager) { 19 | this.entityManager = entityManager; 20 | } 21 | 22 | public HibernateSearchService() { 23 | } 24 | 25 | public EntityManager getEntityManager() { 26 | return entityManager; 27 | } 28 | 29 | @Transactional 30 | public void initializeHibernateSearch() throws InterruptedException { 31 | FullTextEntityManager fullTextEntityManager = 32 | Search.getFullTextEntityManager(entityManager); 33 | fullTextEntityManager.createIndexer().startAndWait(); 34 | } 35 | } -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/search/UserSearchService.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.search; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import org.apache.lucene.search.Query; 5 | import org.hibernate.search.jpa.FullTextEntityManager; 6 | import org.hibernate.search.jpa.Search; 7 | import org.hibernate.search.query.dsl.QueryBuilder; 8 | import org.springframework.beans.factory.annotation.Autowired; 9 | import org.springframework.stereotype.Service; 10 | import org.springframework.transaction.annotation.Transactional; 11 | 12 | import javax.annotation.PostConstruct; 13 | import java.util.List; 14 | 15 | @Service 16 | public class UserSearchService { 17 | 18 | HibernateSearchService hibernateSearchService; 19 | 20 | @Autowired 21 | public UserSearchService(HibernateSearchService hibernateSearchService) { 22 | this.hibernateSearchService = hibernateSearchService; 23 | } 24 | 25 | @PostConstruct 26 | public void initHibernateSearch() throws Exception{ 27 | hibernateSearchService.initializeHibernateSearch(); 28 | } 29 | @Transactional 30 | public List findUsersByKeyword(String keyword){ 31 | FullTextEntityManager fullTextEntityManager = 32 | Search.getFullTextEntityManager(hibernateSearchService.getEntityManager()); 33 | fullTextEntityManager.flushToIndexes(); 34 | QueryBuilder queryBuilder = fullTextEntityManager 35 | .getSearchFactory().buildQueryBuilder().forEntity(User.class).get(); 36 | Query luceneQuery = queryBuilder.keyword().fuzzy().withEditDistanceUpTo(1) 37 | .withPrefixLength(1).onFields("firstname", "lastname", "email") 38 | .matching(keyword).createQuery(); 39 | javax.persistence.Query jpaQuery = fullTextEntityManager. 40 | createFullTextQuery(luceneQuery, User.class); 41 | return jpaQuery.getResultList(); 42 | } 43 | } -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/user/User.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import com.fasterxml.jackson.annotation.JsonFormat; 4 | import com.fasterxml.jackson.annotation.JsonIgnore; 5 | import com.fasterxml.jackson.annotation.JsonRootName; 6 | import com.springboilerplate.app.userRole.UserRole; 7 | import org.hibernate.Hibernate; 8 | import org.hibernate.annotations.Where; 9 | import org.hibernate.search.annotations.*; 10 | import org.hibernate.search.annotations.Index; 11 | import org.hibernate.validator.constraints.Email; 12 | import org.springframework.security.core.GrantedAuthority; 13 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 14 | import org.springframework.security.core.userdetails.UserDetails; 15 | 16 | import javax.persistence.*; 17 | import javax.validation.constraints.NotNull; 18 | import javax.validation.constraints.Size; 19 | import java.time.LocalDateTime; 20 | import java.util.ArrayList; 21 | import java.util.Collection; 22 | import java.util.Date; 23 | import java.util.List; 24 | import java.util.stream.Collectors; 25 | 26 | @Entity 27 | @Table(name="users") 28 | @Indexed 29 | @Where(clause = "deleted = false") 30 | @JsonRootName(value = "payload") 31 | public class User implements UserDetails{ 32 | @Transient 33 | private LocalDateTime now = LocalDateTime.now(); 34 | private Long id; 35 | private String firstname; 36 | private String lastname; 37 | private String password; 38 | private String email; 39 | private List userRoles = new ArrayList<>(); 40 | private Date lastPasswordResetDate; 41 | private LocalDateTime lastLogin = now; 42 | private LocalDateTime createdAt = now; 43 | private LocalDateTime modifiedAt = now; 44 | private boolean enabled = true; 45 | private boolean deleted = false; 46 | 47 | public User(String firstname, String lastname, String password, String email) { 48 | this.firstname = firstname; 49 | this.lastname = lastname; 50 | this.password = password; 51 | this.email = email; 52 | } 53 | 54 | public User(String firstname, String lastname, String password, String email, List userRoles) { 55 | this.firstname = firstname; 56 | this.lastname = lastname; 57 | this.password = password; 58 | this.email = email; 59 | this.userRoles = userRoles; 60 | } 61 | 62 | public User() { 63 | } 64 | 65 | @Id 66 | @GeneratedValue(strategy=GenerationType.IDENTITY) 67 | @DocumentId 68 | @Column(name="user_id", unique = true) 69 | public Long getId() { 70 | return id; 71 | } 72 | 73 | public void setId(Long id) { 74 | this.id = id; 75 | } 76 | 77 | @NotNull 78 | @Size(min=2, max=30, message="The length of firstname should be within the range of 2 to 30.") 79 | @Column(name = "firstname") 80 | @Field(index= Index.YES, analyze= Analyze.YES, store= Store.NO) 81 | public String getFirstname() { 82 | return firstname; 83 | } 84 | 85 | public void setFirstname(String firstname) { 86 | this.firstname = firstname; 87 | } 88 | 89 | @NotNull 90 | @Size(min=2, max=30, message="The length lastname should be within the range of 2 to 30.") 91 | @Column(name = "lastname") 92 | @Field(index= Index.YES, analyze= Analyze.YES, store= Store.NO) 93 | public String getLastname() { 94 | return lastname; 95 | } 96 | 97 | public void setLastname(String lastname) { 98 | this.lastname = lastname; 99 | } 100 | 101 | @NotNull 102 | @Size(min=2, max=100, message="The length of password should be within the range of 2 to 30.") 103 | @Column(name = "password") 104 | public String getPassword() { 105 | return password; 106 | } 107 | 108 | public void setPassword(String password) { 109 | this.password = password; 110 | } 111 | 112 | @NotNull 113 | @Column(name = "email", unique = true) 114 | @Email(message = "Email is not valid.") 115 | @Field(index= Index.YES, analyze= Analyze.YES, store= Store.NO) 116 | public String getEmail() { 117 | return email; 118 | } 119 | public void setEmail(String email) { 120 | this.email = email; 121 | } 122 | 123 | 124 | @OneToMany(mappedBy="user", orphanRemoval = true, fetch = FetchType.EAGER) 125 | public List getUserRoles() { 126 | return userRoles; 127 | } 128 | 129 | public void setUserRoles(List userRoles) { 130 | this.userRoles = userRoles; 131 | } 132 | 133 | public void addUserRole(UserRole userRole){ 134 | userRoles.add(userRole); 135 | userRole.setUser(this); 136 | } 137 | 138 | @Column(name = "enabled") 139 | public boolean isEnabled() { 140 | return enabled; 141 | } 142 | 143 | public void setEnabled(boolean enabled) { 144 | this.enabled = enabled; 145 | } 146 | 147 | @Column(name = "created_at") 148 | @JsonFormat(pattern="yyyy-MM-dd HH:mm:ss") 149 | public LocalDateTime getCreatedAt() { 150 | return createdAt; 151 | } 152 | 153 | public void setCreatedAt(LocalDateTime createdAt) { 154 | this.createdAt = createdAt; 155 | } 156 | 157 | @Column(name = "modified_at") 158 | @JsonFormat(pattern="yyyy-MM-dd HH:mm:ss") 159 | public LocalDateTime getModifiedAt() { 160 | return modifiedAt; 161 | } 162 | 163 | public void setModifiedAt(LocalDateTime modifiedAt) { 164 | this.modifiedAt = modifiedAt; 165 | } 166 | 167 | @Column(name = "deleted") 168 | public boolean isDeleted() { 169 | return deleted; 170 | } 171 | 172 | public void setDeleted(boolean deleted) { 173 | this.deleted = deleted; 174 | } 175 | 176 | @Column(name = "last_login") 177 | @JsonFormat(pattern="yyyy-MM-dd HH:mm:ss") 178 | public LocalDateTime getLastLogin() { 179 | return lastLogin; 180 | } 181 | 182 | public void setLastLogin(LocalDateTime lastLogin) { 183 | this.lastLogin = lastLogin; 184 | } 185 | 186 | @Column(name = "last_password_reset_data") 187 | @JsonIgnore 188 | public Date getLastPasswordResetDate() { 189 | return lastPasswordResetDate; 190 | } 191 | 192 | public void setLastPasswordResetDate(Date lastPasswordResetDate) { 193 | this.lastPasswordResetDate = lastPasswordResetDate; 194 | } 195 | 196 | @Override 197 | @JsonIgnore 198 | @Transient 199 | public Collection getAuthorities() { 200 | //Hibernate initialize because role on userRole is lazily loaded. 201 | userRoles.forEach(userRole -> Hibernate.initialize(userRole.getRole())); 202 | return userRoles.stream().map(userRole -> new SimpleGrantedAuthority( 203 | userRole.getRole().getName().name())).collect(Collectors.toList()); 204 | } 205 | 206 | @Override 207 | @JsonIgnore 208 | @Transient 209 | public String getUsername() { 210 | return email; 211 | } 212 | 213 | @Override 214 | @JsonIgnore 215 | @Transient 216 | public boolean isAccountNonExpired() { 217 | return true; 218 | } 219 | 220 | @Override 221 | @JsonIgnore 222 | @Transient 223 | public boolean isAccountNonLocked() { 224 | return true; 225 | } 226 | 227 | @Override 228 | @JsonIgnore 229 | @Transient 230 | public boolean isCredentialsNonExpired() { 231 | return true; 232 | } 233 | } -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/user/UserController.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import com.springboilerplate.app.role.RoleType; 4 | import com.springboilerplate.app.search.UserSearchService; 5 | import com.springboilerplate.app.passwordRestToken.PasswordDto; 6 | import com.springboilerplate.utils.SecurityUtils; 7 | import io.swagger.annotations.Api; 8 | import org.springframework.beans.factory.annotation.Autowired; 9 | import org.springframework.http.HttpStatus; 10 | import org.springframework.http.ResponseEntity; 11 | import org.springframework.web.bind.annotation.*; 12 | 13 | import javax.validation.Valid; 14 | import java.util.List; 15 | 16 | @RestController 17 | @RequestMapping("/users") 18 | @Api(value="User", description="Operations that pertains to managing user operations") 19 | public class UserController { 20 | 21 | private UserService userService; 22 | private UserSearchService userSearchService; 23 | 24 | @Autowired 25 | public UserController(UserService userService, UserSearchService userSearchService) { 26 | this.userService = userService; 27 | this.userSearchService = userSearchService; 28 | } 29 | 30 | @PostMapping(path="/register") 31 | public ResponseEntity registerUser(@Valid @RequestBody UserDto user) throws Exception { 32 | userService.saveUser(user, RoleType.ROLE_USER); 33 | return new ResponseEntity<>(HttpStatus.CREATED); 34 | } 35 | 36 | @PostMapping(value = "/savePassword") 37 | public ResponseEntity savePassword(@Valid PasswordDto passwordDto) { 38 | User user = SecurityUtils.getLoggedInUser(); 39 | userService.changeUserPassword(user, passwordDto); 40 | return new ResponseEntity(HttpStatus.OK); 41 | } 42 | 43 | //TODO Enable pagination on hibernate search 44 | @GetMapping(path = "/search") 45 | public ResponseEntity searchUser(@RequestParam("keyword") String keyword) throws Exception{ 46 | List users = userSearchService.findUsersByKeyword(keyword); 47 | return new ResponseEntity<>(users, HttpStatus.OK); 48 | } 49 | 50 | @GetMapping(path = "/hello") 51 | public String getHello(){ 52 | return "hey!"; 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/user/UserDto.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import org.hibernate.validator.constraints.Email; 4 | 5 | import javax.validation.constraints.NotNull; 6 | import javax.validation.constraints.Size; 7 | 8 | public class UserDto { 9 | 10 | @NotNull 11 | @Size(min=2, max=30, message="The length lastname should be within the range of 2 to 30.") 12 | private String firstname; 13 | 14 | @NotNull 15 | @Size(min=2, max=30, message="The length of password should be within the range of 2 to 30.") 16 | private String lastname; 17 | 18 | @NotNull 19 | @Email(message = "Email is not valid.") 20 | private String email; 21 | 22 | @NotNull 23 | @Size(min=2, max=30, message="The length of password should be within the range of 2 to 30.") 24 | private String password; 25 | 26 | public String getFirstname() { 27 | return firstname; 28 | } 29 | 30 | public void setFirstname(String firstname) { 31 | this.firstname = firstname; 32 | } 33 | 34 | public String getLastname() { 35 | return lastname; 36 | } 37 | 38 | public void setLastname(String lastname) { 39 | this.lastname = lastname; 40 | } 41 | 42 | public String getEmail() { 43 | return email; 44 | } 45 | 46 | public void setEmail(String email) { 47 | this.email = email; 48 | } 49 | 50 | public String getPassword() { 51 | return password; 52 | } 53 | 54 | public void setPassword(String password) { 55 | this.password = password; 56 | } 57 | 58 | public UserDto() { 59 | } 60 | 61 | public UserDto(String firstname, String lastname, String email, String password) { 62 | this.firstname = firstname; 63 | this.lastname = lastname; 64 | this.email = email; 65 | this.password = password; 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/user/UserDtoMapper.java: -------------------------------------------------------------------------------- 1 | 2 | package com.springboilerplate.app.user; 3 | 4 | import org.modelmapper.ModelMapper; 5 | import org.springframework.stereotype.Component; 6 | 7 | @Component 8 | public class UserDtoMapper { 9 | 10 | private ModelMapper modelMapper; 11 | public UserDtoMapper(ModelMapper modelMapper) { 12 | this.modelMapper = modelMapper; 13 | } 14 | 15 | public UserDto toUserDto(User user) { 16 | return modelMapper.map(user, UserDto.class); 17 | } 18 | 19 | public User toUser(UserDto userDto) { 20 | return modelMapper.map(userDto, User.class); 21 | } 22 | } -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/user/UserRepository.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import org.springframework.data.repository.PagingAndSortingRepository; 4 | import org.springframework.stereotype.Repository; 5 | 6 | import java.util.Optional; 7 | 8 | @Repository 9 | public interface UserRepository extends PagingAndSortingRepository { 10 | Optional getByEmail(String username); 11 | 12 | Optional findByIdAndDeletedIsFalse(Long id); 13 | 14 | Optional getByEmailAndDeletedFalse(String username); 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/user/UserService.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import com.springboilerplate.app.role.RoleType; 4 | import com.springboilerplate.app.passwordRestToken.PasswordDto; 5 | 6 | 7 | public interface UserService { 8 | 9 | User saveUser(UserDto userDto, RoleType roleType); 10 | 11 | void changeUserPassword(User user, PasswordDto passwordDto); 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/user/UserServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import com.springboilerplate.app.role.Role; 4 | import com.springboilerplate.app.role.RoleRepository; 5 | import com.springboilerplate.app.role.RoleType; 6 | import com.springboilerplate.app.passwordRestToken.PasswordDto; 7 | import com.springboilerplate.app.userRole.UserRole; 8 | import com.springboilerplate.exceptions.RoleDoesNotExistException; 9 | import org.springframework.beans.factory.annotation.Autowired; 10 | import org.springframework.security.crypto.password.PasswordEncoder; 11 | import org.springframework.stereotype.Service; 12 | 13 | import java.util.Date; 14 | import java.util.Optional; 15 | 16 | 17 | @Service 18 | public class UserServiceImpl implements UserService{ 19 | private RoleRepository roleRepository; 20 | private UserRepository userRepository; 21 | private UserDtoMapper userDtoMapper; 22 | private PasswordEncoder passwordEncoder; 23 | 24 | @Autowired 25 | public UserServiceImpl(RoleRepository roleRepository, 26 | UserRepository userRepository, 27 | UserDtoMapper userDtoMapper, 28 | PasswordEncoder passwordEncoder) { 29 | this.roleRepository = roleRepository; 30 | this.userRepository = userRepository; 31 | this.userDtoMapper = userDtoMapper; 32 | this.passwordEncoder = passwordEncoder; 33 | } 34 | 35 | @Override 36 | public User saveUser(UserDto userDto, RoleType roleType) { 37 | User user = userDtoMapper.toUser(userDto); 38 | user.setPassword(passwordEncoder.encode(userDto.getPassword())); 39 | return setUserRole(user, roleType); 40 | } 41 | 42 | @Override 43 | public void changeUserPassword(User user, PasswordDto passwordDto){ 44 | user.setPassword(passwordDto.getNewPassword()); 45 | user.setLastPasswordResetDate(new Date()); 46 | userRepository.save(user); 47 | } 48 | 49 | private User setUserRole(User user, RoleType roleType){ 50 | Optional optionalRole = roleRepository.findByName(roleType); 51 | Role role = optionalRole.orElseThrow(() -> new RoleDoesNotExistException("There is no role such as: " + roleType.name())) ; 52 | UserRole userRole = new UserRole(user, role); 53 | user.addUserRole(userRole); 54 | return userRepository.save(user); 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/userRole/UserRole.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.userRole; 2 | 3 | import com.fasterxml.jackson.annotation.JsonIdentityInfo; 4 | import com.fasterxml.jackson.annotation.JsonRootName; 5 | import com.fasterxml.jackson.annotation.ObjectIdGenerators; 6 | import com.springboilerplate.app.role.Role; 7 | import com.springboilerplate.app.user.User; 8 | 9 | import javax.persistence.*; 10 | import javax.validation.constraints.NotNull; 11 | 12 | @Entity 13 | @Table(name = "user_role", uniqueConstraints=@UniqueConstraint(columnNames={"user_id", "role_id"})) 14 | @JsonIdentityInfo(generator = ObjectIdGenerators.PropertyGenerator.class, property = "id", scope = UserRole.class) 15 | @JsonRootName(value = "payload") 16 | public class UserRole { 17 | 18 | @Id 19 | @GeneratedValue(strategy=GenerationType.IDENTITY) 20 | @Column(name = "user_role_id") 21 | private Long id; 22 | 23 | @NotNull 24 | @JoinColumn(name="user_id") 25 | @ManyToOne(cascade = {CascadeType.PERSIST, CascadeType.DETACH, CascadeType.REFRESH, CascadeType.MERGE}) 26 | private User user; 27 | 28 | @NotNull 29 | @JoinColumn(name="role_id") 30 | @ManyToOne(cascade = {CascadeType.PERSIST, CascadeType.DETACH, CascadeType.REFRESH, CascadeType.MERGE}) 31 | private Role role; 32 | 33 | public UserRole() { 34 | } 35 | 36 | public UserRole(@NotNull User user, @NotNull Role role) { 37 | this.user = user; 38 | this.role = role; 39 | } 40 | 41 | public Long getId() { 42 | return id; 43 | } 44 | 45 | public void setId(Long id) { 46 | this.id = id; 47 | } 48 | 49 | public User getUser() { 50 | return user; 51 | } 52 | 53 | public void setUser(User user) { 54 | this.user = user; 55 | } 56 | 57 | public Role getRole() { 58 | return role; 59 | } 60 | 61 | public void setRole(Role role) { 62 | this.role = role; 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/app/userRole/UserRoleRepository.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.userRole; 2 | 3 | import org.springframework.data.jpa.repository.JpaRepository; 4 | 5 | import java.util.Optional; 6 | 7 | public interface UserRoleRepository extends JpaRepository{ 8 | Optional findByUserIdAndRoleId(Long userId, Long roleId); 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/config/HibernateSearchConfig.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.config; 2 | 3 | import com.springboilerplate.app.search.HibernateSearchService; 4 | import org.springframework.beans.factory.annotation.Autowired; 5 | import org.springframework.context.annotation.Bean; 6 | import org.springframework.context.annotation.Configuration; 7 | 8 | import javax.persistence.EntityManager; 9 | 10 | @Configuration 11 | public class HibernateSearchConfig { 12 | 13 | @Autowired 14 | private EntityManager entityManager; 15 | @Bean 16 | public HibernateSearchService hibernateSearchService(){ 17 | return new HibernateSearchService(entityManager); 18 | } 19 | 20 | 21 | 22 | } -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/config/MailConfig.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.config; 2 | 3 | import org.springframework.context.annotation.Bean; 4 | import org.springframework.context.annotation.Configuration; 5 | import org.springframework.core.env.Environment; 6 | import org.springframework.mail.javamail.JavaMailSender; 7 | import org.springframework.mail.javamail.JavaMailSenderImpl; 8 | 9 | import java.util.Properties; 10 | 11 | @Configuration 12 | public class MailConfig { 13 | @Bean 14 | public JavaMailSender mailSender(Environment env) { 15 | JavaMailSenderImpl mailSender = new JavaMailSenderImpl(); 16 | mailSender.setHost(env.getProperty("MOBSTAFF_MAIL_HOST")); 17 | mailSender.setPort(465); 18 | mailSender.setUsername("mobstaffwg@gmail.com"); 19 | mailSender.setPassword("kingsley2000"); 20 | mailSender.setProtocol("smtp"); 21 | Properties props = new Properties(); 22 | props.put("mail.smtp.auth", "true"); 23 | props.put("mail.debug", "false"); 24 | props.put("mail.smtp.socketFactory.port", 465); 25 | props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory"); 26 | props.put("mail.smtp.socketFactory.fallback", "false"); 27 | mailSender.setJavaMailProperties(props); 28 | return mailSender; 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/config/MethodSecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.config; 2 | 3 | public class MethodSecurityConfig { 4 | } 5 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/config/ModelMapperConfig.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.config; 2 | 3 | import org.modelmapper.ModelMapper; 4 | import org.springframework.context.annotation.Bean; 5 | import org.springframework.context.annotation.Configuration; 6 | 7 | @Configuration 8 | public class ModelMapperConfig { 9 | @Bean 10 | public ModelMapper modelMapper() { 11 | return new ModelMapper(); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/config/ObjectMapperConfig.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.config; 2 | 3 | import com.fasterxml.jackson.databind.DeserializationFeature; 4 | import com.fasterxml.jackson.databind.ObjectMapper; 5 | import com.fasterxml.jackson.databind.SerializationFeature; 6 | import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; 7 | import org.springframework.context.annotation.Bean; 8 | import org.springframework.context.annotation.Configuration; 9 | import org.springframework.context.annotation.Primary; 10 | 11 | @Configuration 12 | public class ObjectMapperConfig { 13 | @Bean 14 | @Primary 15 | public ObjectMapper objectMapper() { 16 | ObjectMapper objectMapper = new ObjectMapper(); 17 | objectMapper.registerModule(new JavaTimeModule()); 18 | objectMapper.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false); 19 | objectMapper.configure(SerializationFeature.WRAP_ROOT_VALUE, true); 20 | objectMapper.configure(DeserializationFeature.UNWRAP_ROOT_VALUE, true); 21 | return objectMapper; 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/config/SwaggerConfig.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.config; 2 | 3 | import io.swagger.models.*; 4 | import io.swagger.models.auth.ApiKeyAuthDefinition; 5 | import io.swagger.models.auth.In; 6 | import io.swagger.models.auth.OAuth2Definition; 7 | import org.springframework.context.annotation.Bean; 8 | import org.springframework.context.annotation.Configuration; 9 | import springfox.documentation.builders.PathSelectors; 10 | import springfox.documentation.builders.RequestHandlerSelectors; 11 | import springfox.documentation.spi.DocumentationType; 12 | import springfox.documentation.spring.web.plugins.Docket; 13 | import springfox.documentation.swagger2.annotations.EnableSwagger2; 14 | 15 | import javax.servlet.ServletConfig; 16 | import javax.servlet.ServletContext; 17 | import javax.servlet.ServletException; 18 | import javax.servlet.http.HttpServlet; 19 | 20 | 21 | @Configuration 22 | @EnableSwagger2 23 | public class SwaggerConfig extends HttpServlet{ 24 | 25 | @Bean 26 | public Docket api() { 27 | return new Docket(DocumentationType.SWAGGER_2) 28 | .select() 29 | .apis(RequestHandlerSelectors.any()) 30 | .paths(PathSelectors.any()) 31 | .build(); 32 | } 33 | 34 | @Override 35 | public void init(ServletConfig config) throws ServletException { 36 | Info info = new Info() 37 | .title("Spring Boot Boilerplate") 38 | .description("This is a production ready boilerplate for spring boot.") 39 | .contact(new Contact() 40 | .email("github.com/Bionic-SeeSharp")) 41 | .license(new License() 42 | .name("Apache 2.0") 43 | .url("http://www.apache.org/licenses/LICENSE-2.0.html")); 44 | 45 | ServletContext context = config.getServletContext(); 46 | Swagger swagger = new Swagger().info(info); 47 | swagger.externalDocs(new ExternalDocs("Find code here", "https://github.com/Bionic-SeeSharp/Spring-Boot-Boilerplate")); 48 | swagger.securityDefinition("api_key", new ApiKeyAuthDefinition("api_key", In.HEADER)); 49 | swagger.tag(new Tag() 50 | .name("Hibernate Search") 51 | .description("Google for your entities") 52 | .externalDocs(new ExternalDocs("Find out more", "http://hibernate.org/search/"))); 53 | swagger.tag(new Tag() 54 | .name("Spring Boot") 55 | .description("Spring Boot makes it easy to create stand-alone, production-grade Spring based Applications that you can \"just run\". ")); 56 | context.setAttribute("swagger", swagger); 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/config/WebMvcConfig.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.config; 2 | 3 | import org.springframework.context.annotation.Configuration; 4 | import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; 5 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; 6 | 7 | @Configuration 8 | public class WebMvcConfig implements WebMvcConfigurer{ 9 | 10 | public WebMvcConfig() { 11 | super(); 12 | } 13 | 14 | @Override 15 | public void addResourceHandlers(final ResourceHandlerRegistry registry) { 16 | registry.addResourceHandler("swagger-ui.html").addResourceLocations("classpath:/META-INF/resources/"); 17 | 18 | registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/config/WebSecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.config; 2 | 3 | import com.springboilerplate.security.JwtUserDetailsService; 4 | import com.springboilerplate.security.*; 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.beans.factory.annotation.Value; 7 | import org.springframework.context.annotation.Bean; 8 | import org.springframework.context.annotation.Configuration; 9 | import org.springframework.http.HttpMethod; 10 | import org.springframework.security.authentication.AuthenticationManager; 11 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 12 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; 13 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 14 | import org.springframework.security.config.annotation.web.builders.WebSecurity; 15 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 16 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 17 | import org.springframework.security.config.http.SessionCreationPolicy; 18 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 19 | import org.springframework.security.crypto.password.PasswordEncoder; 20 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 21 | 22 | @EnableWebSecurity 23 | @Configuration 24 | @EnableGlobalMethodSecurity(prePostEnabled = true) 25 | public class WebSecurityConfig extends WebSecurityConfigurerAdapter { 26 | 27 | @Autowired 28 | private JwtAuthenticationEntryPoint unauthorizedHandler; 29 | @Autowired 30 | private JwtTokenUtil jwtTokenUtil; 31 | @Autowired 32 | private JwtUserDetailsService customUserService; 33 | 34 | @Value("${jwt.header}") 35 | private String tokenHeader; 36 | 37 | @Value("${jwt.route.authentication.path}") 38 | private String authenticationPath; 39 | 40 | @Autowired 41 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { 42 | auth.userDetailsService(customUserService) 43 | .passwordEncoder(passwordEncoder()); 44 | } 45 | 46 | @Bean 47 | @Override 48 | public AuthenticationManager authenticationManagerBean() throws Exception { 49 | return super.authenticationManagerBean(); 50 | } 51 | 52 | @Bean 53 | public PasswordEncoder passwordEncoder(){ 54 | return new BCryptPasswordEncoder(); 55 | } 56 | 57 | @Override 58 | protected void configure(HttpSecurity httpSecurity) throws Exception { 59 | // we don't need CSRF because our token is invulnerable 60 | httpSecurity 61 | .csrf().disable() 62 | .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and() 63 | // don't create session 64 | .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() 65 | .authorizeRequests() 66 | // Un-secure H2 Database 67 | .antMatchers("/h2-console/**/**").permitAll() 68 | .antMatchers("/auth/**").permitAll() 69 | .antMatchers("/users/**").authenticated() 70 | .antMatchers("/actuator/**").authenticated() 71 | .antMatchers("/v2/api-docs").permitAll()//Add authentication in prod environment 72 | .antMatchers("/swagger-resources/**").permitAll()//Add authentication in prod environment 73 | .antMatchers(HttpMethod.POST, "/v1/users/register").permitAll()//Add authentication in prod environment 74 | 75 | 76 | .anyRequest().authenticated(); 77 | 78 | // Custom JWT based security filter 79 | JwtAuthorizationTokenFilter authenticationTokenFilter = new JwtAuthorizationTokenFilter(userDetailsService(), jwtTokenUtil, tokenHeader); 80 | httpSecurity 81 | .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class); 82 | // disable page caching 83 | httpSecurity 84 | .headers() 85 | .frameOptions().sameOrigin() // required to set for H2 else H2 Console will be blank. 86 | .cacheControl(); 87 | } 88 | 89 | @Override 90 | public void configure(WebSecurity web) throws Exception { 91 | // AuthenticationTokenFilter will ignore the below paths 92 | web 93 | .ignoring() 94 | .antMatchers( 95 | HttpMethod.POST, 96 | authenticationPath 97 | ) 98 | 99 | // allow anonymous resource requests 100 | .and() 101 | .ignoring() 102 | .antMatchers( 103 | HttpMethod.GET, 104 | "/", 105 | "/*.html", 106 | "/favicon.ico", 107 | "/**/*.html", 108 | "/**/*.css", 109 | "/**/*.js" 110 | ) 111 | 112 | // Un-secure H2 Database (for testing purposes, H2 console shouldn't be unprotected in production) 113 | .and() 114 | .ignoring() 115 | .antMatchers("/h2-console/**/**")//Add authentication for production environment. 116 | //.antMatchers("/actuator/**") 117 | .antMatchers("/v2/api-docs/**") 118 | .antMatchers("/swagger-resources/**") 119 | .antMatchers("/swagger-ui.html/**"); 120 | } 121 | } 122 | 123 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/exceptions/ApiError.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.exceptions; 2 | 3 | import org.springframework.http.HttpStatus; 4 | 5 | import java.util.Arrays; 6 | import java.util.List; 7 | 8 | public class ApiError { 9 | private HttpStatus status; 10 | private String message; 11 | private List errors; 12 | 13 | public ApiError(HttpStatus status, String message, List errors) { 14 | super(); 15 | this.status = status; 16 | this.message = message; 17 | this.errors = errors; 18 | } 19 | 20 | public ApiError(HttpStatus status, String message, String error) { 21 | super(); 22 | this.status = status; 23 | this.message = message; 24 | this.errors = Arrays.asList(error); 25 | } 26 | 27 | public HttpStatus getStatus() { 28 | return status; 29 | } 30 | 31 | public void setStatus(HttpStatus status) { 32 | this.status = status; 33 | } 34 | 35 | public String getMessage() { 36 | return message; 37 | } 38 | 39 | public void setMessage(String message) { 40 | this.message = message; 41 | } 42 | 43 | public List getErrors() { 44 | return errors; 45 | } 46 | 47 | public void setErrors(List errors) { 48 | this.errors = errors; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/exceptions/CentralizedExceptionHandler.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.exceptions; 2 | 3 | 4 | import org.springframework.http.HttpHeaders; 5 | import org.springframework.http.HttpStatus; 6 | import org.springframework.http.ResponseEntity; 7 | import org.springframework.validation.FieldError; 8 | import org.springframework.web.bind.MethodArgumentNotValidException; 9 | import org.springframework.web.bind.MissingServletRequestParameterException; 10 | import org.springframework.web.bind.annotation.ControllerAdvice; 11 | import org.springframework.web.bind.annotation.ExceptionHandler; 12 | import org.springframework.web.context.request.WebRequest; 13 | import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler; 14 | 15 | import java.util.List; 16 | import java.util.stream.Collectors; 17 | 18 | @ControllerAdvice 19 | public class CentralizedExceptionHandler extends ResponseEntityExceptionHandler { 20 | 21 | @Override 22 | protected ResponseEntity handleMissingServletRequestParameter( 23 | MissingServletRequestParameterException exception, HttpHeaders headers, 24 | HttpStatus status, WebRequest request){ 25 | logger.error("Missing servlet request parameter exception."); 26 | String error = String.format("%s parameter is missing", exception.getParameterName()); 27 | ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, exception.getLocalizedMessage(), error); 28 | return new ResponseEntity<>(apiError, new HttpHeaders(), apiError.getStatus()); 29 | } 30 | 31 | @Override 32 | protected ResponseEntity handleMethodArgumentNotValid(MethodArgumentNotValidException exception, HttpHeaders headers, 33 | HttpStatus status, WebRequest request){ 34 | logger.error("Method argument not valid."); 35 | List fieldErrors = exception.getBindingResult().getFieldErrors(); 36 | String error = fieldErrors.stream() 37 | .map(fieldError -> fieldError.getField() + " : " + fieldError.getDefaultMessage()) 38 | .collect(Collectors.joining()); 39 | ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, exception.getMessage(), error); 40 | return new ResponseEntity<>(apiError, apiError.getStatus()); 41 | } 42 | 43 | @ExceptionHandler({ExpiredTokenException.class}) 44 | public ResponseEntity handleExpiredTokenException(ExpiredTokenException ex, WebRequest webRequest){ 45 | String error = ex.getMessage(); 46 | ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, ex.getMessage(), error); 47 | return new ResponseEntity<>(apiError, apiError.getStatus()); 48 | } 49 | 50 | @ExceptionHandler({InvalidTokenException.class}) 51 | public ResponseEntity handleInvalidTokenException(InvalidTokenException ex, WebRequest webRequest){ 52 | String error = ex.getMessage(); 53 | ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, ex.getMessage(), error); 54 | return new ResponseEntity<>(apiError, apiError.getStatus()); 55 | } 56 | 57 | @ExceptionHandler({InvalidPasswordResetToken.class}) 58 | public ResponseEntity handleInvalidPasswordResetToken(InvalidPasswordResetToken ex, WebRequest webRequest){ 59 | String error = ex.getMessage(); 60 | ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, ex.getMessage(), error); 61 | return new ResponseEntity<>(apiError, apiError.getStatus()); 62 | } 63 | 64 | @ExceptionHandler({NoTokenException.class}) 65 | public ResponseEntity handleNoTokenException(NoTokenException ex, WebRequest webRequest){ 66 | String error = ex.getMessage(); 67 | ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, ex.getMessage(), error); 68 | return new ResponseEntity<>(apiError, apiError.getStatus()); 69 | } 70 | 71 | @ExceptionHandler({SendingTokenException.class}) 72 | public ResponseEntity handleSendingTokenException(SendingTokenException ex, WebRequest webRequest){ 73 | String error = ex.getMessage(); 74 | ApiError apiError = new ApiError(HttpStatus.INTERNAL_SERVER_ERROR, ex.getMessage(), error); 75 | return new ResponseEntity<>(apiError, apiError.getStatus()); 76 | } 77 | 78 | @ExceptionHandler({RoleDoesNotExistException.class}) 79 | public ResponseEntity handleRoleDoesNotExistException(RoleDoesNotExistException ex, WebRequest webRequest){ 80 | String error = ex.getMessage(); 81 | ApiError apiError = new ApiError(HttpStatus.NOT_FOUND, ex.getMessage(), error); 82 | return new ResponseEntity<>(apiError, apiError.getStatus()); 83 | } 84 | } 85 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/exceptions/ExpiredTokenException.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.exceptions; 2 | 3 | public class ExpiredTokenException extends RuntimeException { 4 | 5 | public ExpiredTokenException(String message) { 6 | super(message); 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/exceptions/InvalidPasswordResetToken.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.exceptions; 2 | 3 | public class InvalidPasswordResetToken extends RuntimeException { 4 | 5 | public InvalidPasswordResetToken(String message) { 6 | super(message); 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/exceptions/InvalidTokenException.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.exceptions; 2 | 3 | public class InvalidTokenException extends RuntimeException { 4 | 5 | public InvalidTokenException(String message) { 6 | super(message); 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/exceptions/NoTokenException.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.exceptions; 2 | 3 | public class NoTokenException extends RuntimeException{ 4 | public NoTokenException() { 5 | super(); 6 | } 7 | 8 | public NoTokenException(String message) { 9 | super(message); 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/exceptions/RoleDoesNotExistException.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.exceptions; 2 | 3 | public class RoleDoesNotExistException extends RuntimeException { 4 | 5 | public RoleDoesNotExistException() { 6 | } 7 | 8 | public RoleDoesNotExistException(String message) { 9 | super(message); 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/exceptions/SendingTokenException.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.exceptions; 2 | 3 | public class SendingTokenException extends RuntimeException { 4 | 5 | public SendingTokenException() { 6 | } 7 | 8 | public SendingTokenException(String message) { 9 | super(message); 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/helper/AsyncMailer.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.helper; 2 | 3 | import org.springframework.scheduling.annotation.Async; 4 | import org.springframework.stereotype.Service; 5 | 6 | import javax.mail.MessagingException; 7 | 8 | @Service 9 | public class AsyncMailer { 10 | @Async 11 | public void sendMail(MailData mailData) throws MessagingException { 12 | mailData.sendMessage(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/helper/MailData.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.helper; 2 | 3 | import org.springframework.core.io.InputStreamResource; 4 | import org.springframework.mail.javamail.JavaMailSender; 5 | import org.springframework.mail.javamail.MimeMessageHelper; 6 | 7 | import javax.mail.MessagingException; 8 | import javax.mail.internet.MimeMessage; 9 | 10 | public class MailData { 11 | private static final String from = "noreply@mobstaff.com"; 12 | private String to; 13 | private String subject; 14 | private String text; 15 | private String fileName; 16 | private InputStreamResource inputStreamResource; 17 | private JavaMailSender mailSender; 18 | 19 | public String getTo() { 20 | return this.to; 21 | } 22 | 23 | public void setTo(String to) { 24 | this.to = to; 25 | } 26 | 27 | public String getSubject() { 28 | return this.subject; 29 | } 30 | 31 | public void setSubject(String subject) { 32 | this.subject = subject; 33 | } 34 | 35 | public String getText() { 36 | return this.text; 37 | } 38 | 39 | public void setText(String text) { 40 | this.text = text; 41 | } 42 | 43 | public String getFileName() { 44 | return this.fileName; 45 | } 46 | 47 | public void setFileName(String fileName) { 48 | this.fileName = fileName; 49 | } 50 | 51 | public InputStreamResource getInputStreamResource() { 52 | return this.inputStreamResource; 53 | } 54 | 55 | public void setInputStreamResource(InputStreamResource inputStreamResource) { 56 | this.inputStreamResource = inputStreamResource; 57 | } 58 | 59 | public MailData(String to, String subject, String text, JavaMailSender mailSender) { 60 | this.to = to; 61 | this.subject = subject; 62 | this.text = text; 63 | this.mailSender = mailSender; 64 | } 65 | 66 | public MailData(String to, String subject, String text, JavaMailSender mailSender, String fileName, InputStreamResource inputStreamResource) { 67 | this.to = to; 68 | this.subject = subject; 69 | this.text = text; 70 | this.mailSender = mailSender; 71 | this.fileName = fileName; 72 | this.inputStreamResource = inputStreamResource; 73 | } 74 | 75 | public MimeMessage toMimeMessage() throws MessagingException { 76 | MimeMessage message = this.mailSender.createMimeMessage(); 77 | MimeMessageHelper helper = new MimeMessageHelper(message, true); 78 | helper.setFrom("noreply@boilerplate.com"); 79 | helper.setTo(this.to); 80 | helper.setSubject(this.subject); 81 | helper.setText(this.text, true); 82 | if (this.inputStreamResource != null) { 83 | helper.addAttachment(this.fileName, this.inputStreamResource); 84 | } 85 | 86 | return message; 87 | } 88 | 89 | public void sendMessage() throws MessagingException { 90 | this.mailSender.send(this.toMimeMessage()); 91 | } 92 | } 93 | 94 | 95 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/helper/MailService.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.helper; 2 | 3 | import javax.mail.MessagingException; 4 | 5 | 6 | public interface MailService { 7 | 8 | void sendMail(String email, String message, String subject) throws MessagingException; 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/helper/MailServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.helper; 2 | 3 | import org.springframework.beans.factory.annotation.Autowired; 4 | import org.springframework.mail.javamail.JavaMailSender; 5 | import org.springframework.stereotype.Component; 6 | 7 | import javax.mail.MessagingException; 8 | 9 | @Component 10 | public class MailServiceImpl implements MailService{ 11 | 12 | private JavaMailSender mailSender; 13 | private AsyncMailer asyncMailer; 14 | 15 | @Autowired 16 | public MailServiceImpl(JavaMailSender mailSender, AsyncMailer asyncMailer) { 17 | this.mailSender = mailSender; 18 | this.asyncMailer = asyncMailer; 19 | } 20 | 21 | @Override 22 | public void sendMail(String email, String message, String subject) throws MessagingException { 23 | MailData mailData = new MailData(email, subject, message, mailSender); 24 | asyncMailer.sendMail(mailData); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/helper/SecurityHelper.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.helper; 2 | 3 | import com.springboilerplate.app.passwordRestToken.PasswordResetToken; 4 | import com.springboilerplate.app.user.User; 5 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 6 | import org.springframework.security.core.Authentication; 7 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 8 | import org.springframework.security.core.context.SecurityContextHolder; 9 | import org.springframework.stereotype.Component; 10 | 11 | import java.util.Arrays; 12 | 13 | @Component 14 | public class SecurityHelper { 15 | public SecurityHelper() { 16 | } 17 | 18 | public void grantUserChangePasswordPrivilege(PasswordResetToken passwordResetToken){ 19 | User user = passwordResetToken.getUser(); 20 | Authentication auth = new UsernamePasswordAuthenticationToken(user, null, 21 | Arrays.asList(new SimpleGrantedAuthority("CHANGE_PASSWORD_PRIVILEGE"))); 22 | SecurityContextHolder.getContext().setAuthentication(auth); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/security/CustomUserService.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import org.springframework.security.core.userdetails.UserDetailsService; 5 | 6 | public interface CustomUserService extends UserDetailsService { 7 | User loadUserByUsername(String username); 8 | } 9 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/security/JwtAuthenticationEntryPoint.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import org.springframework.security.core.AuthenticationException; 4 | import org.springframework.security.web.AuthenticationEntryPoint; 5 | import org.springframework.stereotype.Component; 6 | 7 | import javax.servlet.ServletException; 8 | import javax.servlet.http.HttpServletRequest; 9 | import javax.servlet.http.HttpServletResponse; 10 | import java.io.IOException; 11 | import java.io.Serializable; 12 | 13 | 14 | @Component 15 | public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint, Serializable { 16 | 17 | @Override 18 | public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException, ServletException { 19 | httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/security/JwtAuthorizationTokenFilter.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import com.springboilerplate.exceptions.ExpiredTokenException; 4 | import com.springboilerplate.exceptions.InvalidTokenException; 5 | import io.jsonwebtoken.ExpiredJwtException; 6 | import org.slf4j.Logger; 7 | import org.slf4j.LoggerFactory; 8 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 9 | import org.springframework.security.core.context.SecurityContextHolder; 10 | import org.springframework.security.core.userdetails.UserDetails; 11 | import org.springframework.security.core.userdetails.UserDetailsService; 12 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; 13 | import org.springframework.web.filter.OncePerRequestFilter; 14 | 15 | import javax.servlet.FilterChain; 16 | import javax.servlet.ServletException; 17 | import javax.servlet.http.HttpServletRequest; 18 | import javax.servlet.http.HttpServletResponse; 19 | import java.io.IOException; 20 | 21 | public class JwtAuthorizationTokenFilter extends OncePerRequestFilter{ 22 | 23 | private final Logger logger = LoggerFactory.getLogger(this.getClass()); 24 | 25 | private UserDetailsService userDetailsService; 26 | private JwtTokenUtil jwtTokenUtil; 27 | private String tokenHeader; 28 | 29 | public JwtAuthorizationTokenFilter(UserDetailsService userDetailsService, JwtTokenUtil jwtTokenUtil, String tokenHeader) { 30 | this.userDetailsService = userDetailsService; 31 | this.jwtTokenUtil = jwtTokenUtil; 32 | this.tokenHeader = tokenHeader; 33 | } 34 | 35 | @Override 36 | protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException { 37 | logger.debug("Processing authentication for " + httpServletRequest.getRequestURL()); 38 | final String requestHeader = httpServletRequest.getHeader(this.tokenHeader); 39 | String email = null, authToken = null; 40 | if (requestHeader != null && requestHeader.startsWith("Bearer ")) { 41 | authToken = requestHeader.substring(7); 42 | email = parseUser(authToken); 43 | } else { 44 | logger.warn("couldn't find bearer string, will ignore the header"); 45 | } 46 | logger.debug("checking authentication for user " + email); 47 | setAuthentication(httpServletRequest, email, authToken); 48 | filterChain.doFilter(httpServletRequest, httpServletResponse); 49 | } 50 | 51 | private void setAuthentication(HttpServletRequest httpServletRequest, String email, String authToken) { 52 | if (email != null && SecurityContextHolder.getContext().getAuthentication() == null) { 53 | logger.debug("security context was null, so authorizing user"); 54 | 55 | // It is not compelling necessary to load the use details from the database. 56 | // You could also store the information in the token and read it from it. It's up to you ;) 57 | UserDetails userDetails = this.userDetailsService.loadUserByUsername(email); 58 | // For simple validation it is completely sufficient to just check the token integrity. 59 | // You don't have to call the database compellingly. Again it's up to you ;) 60 | if (jwtTokenUtil.validateToken(authToken, userDetails)) { 61 | UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); 62 | authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest)); 63 | logger.info("Authorized user '{}', setting security context" + email); 64 | SecurityContextHolder.getContext().setAuthentication(authentication); 65 | } 66 | } 67 | } 68 | 69 | private String parseUser(String authToken) { 70 | String email; 71 | try { 72 | email = jwtTokenUtil.getEmailFromToken(authToken); 73 | } catch (IllegalArgumentException e) { 74 | logger.error("an error occured during getting email from token", e); 75 | throw new InvalidTokenException("Error parsing the username from the token"); 76 | } catch (ExpiredJwtException e) { 77 | logger.warn("the token is expired and not valid anymore", e); 78 | throw new ExpiredTokenException("The token is not valid"); 79 | } 80 | return email; 81 | } 82 | } 83 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/security/JwtTokenUtil.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import io.jsonwebtoken.Claims; 5 | import io.jsonwebtoken.Clock; 6 | import io.jsonwebtoken.Jwts; 7 | import io.jsonwebtoken.SignatureAlgorithm; 8 | import io.jsonwebtoken.impl.DefaultClock; 9 | import org.springframework.beans.factory.annotation.Value; 10 | import org.springframework.security.core.userdetails.UserDetails; 11 | import org.springframework.stereotype.Component; 12 | 13 | import java.io.Serializable; 14 | import java.util.Date; 15 | import java.util.HashMap; 16 | import java.util.Map; 17 | import java.util.function.Function; 18 | 19 | @Component 20 | public class JwtTokenUtil implements Serializable{ 21 | static final String CLAIM_KEY_USERNAME = "sub"; 22 | static final String CLAIM_KEY_CREATED = "iat"; 23 | private static final long serialVersionUID = -3301605591108950415L; 24 | 25 | @Value("${jwt.secret}") 26 | private String secret; 27 | 28 | @Value("${jwt.expiration}") 29 | private Long expiration; 30 | 31 | private Clock clock = DefaultClock.INSTANCE; 32 | 33 | public String getEmailFromToken(String token) { 34 | return getClaimFromToken(token, Claims::getSubject); 35 | } 36 | 37 | public Date getIssuedAtDateFromToken(String token) { 38 | return getClaimFromToken(token, Claims::getIssuedAt); 39 | } 40 | 41 | public Date getExpirationDateFromToken(String token) { 42 | return getClaimFromToken(token, Claims::getExpiration); 43 | } 44 | 45 | public T getClaimFromToken(String token, Function claimsResolver) { 46 | final Claims claims = getAllClaimsFromToken(token); 47 | return claimsResolver.apply(claims); 48 | } 49 | 50 | public String generateToken(UserDetails userDetails) { 51 | Map claims = new HashMap<>(); 52 | return doGenerateToken(claims, userDetails.getUsername()); 53 | } 54 | 55 | public Boolean validateToken(String token, UserDetails userDetails) { 56 | User user = (User) userDetails; 57 | final String email = getEmailFromToken(token); 58 | final Date created = getIssuedAtDateFromToken(token); 59 | //final Date expiration = getExpirationDateFromToken(token); 60 | return ( 61 | email.equals(user.getUsername()) 62 | && !isTokenExpired(token) 63 | && !isCreatedBeforeLastPasswordReset(created, user.getLastPasswordResetDate()) 64 | ); 65 | } 66 | 67 | public Boolean canTokenBeRefreshed(String token, Date lastPasswordReset) { 68 | final Date created = getIssuedAtDateFromToken(token); 69 | return !isCreatedBeforeLastPasswordReset(created, lastPasswordReset) 70 | && (!isTokenExpired(token) || ignoreTokenExpiration(token)); 71 | } 72 | 73 | public String refreshToken(String token) { 74 | final Date createdDate = clock.now(); 75 | final Date expirationDate = calculateExpirationDate(createdDate); 76 | final Claims claims = getAllClaimsFromToken(token); 77 | claims.setIssuedAt(createdDate); 78 | claims.setExpiration(expirationDate); 79 | return Jwts.builder() 80 | .setClaims(claims) 81 | .signWith(SignatureAlgorithm.HS512, secret) 82 | .compact(); 83 | } 84 | 85 | 86 | private Claims getAllClaimsFromToken(String token) { 87 | return Jwts.parser() 88 | .setSigningKey(secret) 89 | .parseClaimsJws(token) 90 | .getBody(); 91 | } 92 | 93 | private Boolean isTokenExpired(String token) { 94 | final Date expiration = getExpirationDateFromToken(token); 95 | return expiration.before(clock.now()); 96 | } 97 | 98 | private Boolean isCreatedBeforeLastPasswordReset(Date created, Date lastPasswordReset) { 99 | return (lastPasswordReset != null && created.before(lastPasswordReset)); 100 | } 101 | 102 | private Boolean ignoreTokenExpiration(String token) { 103 | // here you specify tokens, for that the expiration is ignored 104 | return false; 105 | } 106 | 107 | 108 | private String doGenerateToken(Map claims, String subject) { 109 | final Date createdDate = clock.now(); 110 | final Date expirationDate = calculateExpirationDate(createdDate); 111 | return Jwts.builder() 112 | .setClaims(claims) 113 | .setSubject(subject) 114 | .setIssuedAt(createdDate) 115 | .setExpiration(expirationDate) 116 | .signWith(SignatureAlgorithm.HS512, secret) 117 | .compact(); 118 | } 119 | 120 | private Date calculateExpirationDate(Date createdDate) { 121 | return new Date(createdDate.getTime() + expiration * 1000); 122 | } 123 | } 124 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/security/JwtUserDetailsService.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import com.springboilerplate.app.user.UserRepository; 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 7 | import org.springframework.stereotype.Service; 8 | import org.springframework.transaction.annotation.Transactional; 9 | 10 | import java.time.LocalDateTime; 11 | import java.util.Optional; 12 | 13 | @Service 14 | @Transactional 15 | public class JwtUserDetailsService implements CustomUserService{ 16 | 17 | private UserRepository userRepository; 18 | 19 | @Autowired 20 | public JwtUserDetailsService(UserRepository userRepository) { 21 | this.userRepository = userRepository; 22 | } 23 | 24 | @Override 25 | public User loadUserByUsername(String username) throws UsernameNotFoundException { 26 | Optional optionalUser = userRepository.getByEmailAndDeletedFalse(username); 27 | return optionalUser.map(this::reflectLogin) 28 | .orElseThrow(() -> new UsernameNotFoundException("User with '" + username + "' email not found.")); 29 | } 30 | 31 | private User reflectLogin(User user) { 32 | user.setLastLogin(LocalDateTime.now()); 33 | return userRepository.save(user); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/utils/DbSeed.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.utils; 2 | 3 | 4 | import com.springboilerplate.app.role.Role; 5 | import com.springboilerplate.app.role.RoleType; 6 | import com.springboilerplate.app.user.User; 7 | import com.springboilerplate.app.userRole.UserRole; 8 | import com.springboilerplate.app.userRole.UserRoleRepository; 9 | import org.slf4j.Logger; 10 | import org.slf4j.LoggerFactory; 11 | import org.springframework.boot.CommandLineRunner; 12 | import org.springframework.stereotype.Component; 13 | 14 | import java.time.LocalDateTime; 15 | 16 | @Component 17 | public class DbSeed implements CommandLineRunner { 18 | 19 | private final Logger logger = LoggerFactory.getLogger(DbSeed.class); 20 | 21 | private UserRoleRepository userRoleRepository; 22 | 23 | public DbSeed(UserRoleRepository userRoleRepository) { 24 | this.userRoleRepository = userRoleRepository; 25 | } 26 | 27 | @Override 28 | public void run(String... strings) throws Exception { 29 | //Password is 'password' but it has been encrypted. 30 | logger.info("Loading data..."); 31 | User user = getUser(); 32 | Role roleUser = new Role(RoleType.ROLE_USER); 33 | UserRole userRole = new UserRole(); 34 | userRole.setUser(user); 35 | userRole.setRole(roleUser); 36 | userRoleRepository.save(userRole); 37 | logger.info("Saved user"); 38 | 39 | // User admin = getAdmin(); 40 | // Role roleAdmin = new Role(RoleType.ROLE_ADMIN); 41 | // UserRole adminRole = new UserRole(); 42 | // userRole.setUser(admin); 43 | // userRole.setRole(roleAdmin); 44 | // logger.info("Saved admin"); 45 | // 46 | // userRoleRepository.save(adminRole); 47 | logger.info("Done."); 48 | } 49 | 50 | private User getAdmin() { 51 | User admin = new User(); 52 | admin.setPassword("$2a$10$a1i476ODUG7jqm1x30ThA.v8qYsAQlbLBpfPSW.8ISm2Z8QiC5ASm"); 53 | admin.setEmail("admin@email.com"); 54 | admin.setFirstname("Emmanuel"); 55 | admin.setLastname("Pat"); 56 | admin.setLastLogin(LocalDateTime.now()); 57 | return admin; 58 | } 59 | 60 | private User getUser() { 61 | User user = new User(); 62 | user.setPassword("$2a$10$a1i476ODUG7jqm1x30ThA.v8qYsAQlbLBpfPSW.8ISm2Z8QiC5ASm"); 63 | user.setEmail("user@email.com"); 64 | user.setFirstname("Emmanuel"); 65 | user.setLastname("Pat"); 66 | user.setLastLogin(LocalDateTime.now()); 67 | return user; 68 | } 69 | } 70 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/utils/JsonUtils.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.utils; 2 | 3 | import com.fasterxml.jackson.core.JsonProcessingException; 4 | import com.fasterxml.jackson.databind.ObjectMapper; 5 | import com.google.gson.Gson; 6 | 7 | import java.io.*; 8 | import java.nio.charset.Charset; 9 | 10 | public class JsonUtils { 11 | 12 | 13 | public static T getElement(String value, Class clazz) { 14 | return new Gson().fromJson(value, clazz); 15 | } 16 | 17 | public static T[] getElements(String value, Class clazz) { 18 | return new Gson().fromJson(value, clazz); 19 | } 20 | 21 | public static String getJson(T element) { 22 | return new Gson().toJson(element); 23 | } 24 | 25 | public static String getJsonRecursive(T element) { 26 | ObjectMapper mapper = new ObjectMapper(); 27 | String jsonInString; 28 | try { 29 | jsonInString = mapper.writeValueAsString(element); 30 | return jsonInString; 31 | } catch (JsonProcessingException e) { 32 | e.printStackTrace(); 33 | return null; 34 | } 35 | } 36 | 37 | public static T[] loadJsonFromFile(String path, Class clazz, Class loaderClazz) { 38 | InputStream in = loaderClazz.getResourceAsStream(path); 39 | Reader reader = new BufferedReader(new InputStreamReader(in, Charset.forName("UTF-8"))); 40 | Gson gson = new Gson(); 41 | return gson.fromJson(reader, clazz); 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /src/main/java/com/springboilerplate/utils/SecurityUtils.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.utils; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import org.springframework.security.core.Authentication; 5 | import org.springframework.security.core.context.SecurityContextHolder; 6 | import org.springframework.stereotype.Service; 7 | 8 | @Service 9 | public class SecurityUtils { 10 | public static User getLoggedInUser() { 11 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 12 | return ((User) authentication.getPrincipal()); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | #EMBEDDED SERVER CONFIGURATION 2 | server.servlet.contextPath=/api.boilerplate.com/v1 3 | 4 | spring.jpa.hibernate.ddl-auto=create-drop 5 | spring.database.driverClassName=org.postgresql.Driver 6 | spring.datasource.url=jdbc:postgresql://localhost:5432/boilerplate 7 | spring.datasource.username=postgres 8 | spring.datasource.password=postgres 9 | 10 | #Set to false for production settings. 11 | hibernate.generate_statistics = true 12 | org.hibernate.stat = DEBUG 13 | 14 | #HIBERNATE Search# =============================== 15 | spring.jpa.properties.hibernate.search.default.directory_provider = filesystem 16 | #Change directory for a production environment. 17 | spring.jpa.properties.hibernate.search.default.indexBase = /home/bionic/lucene/indexes 18 | 19 | #Jackson 20 | spring.jackson.serialization.INDENT_OUTPUT=true 21 | 22 | #H2 23 | spring.h2.console.enabled=true 24 | 25 | #JWT CONFIG 26 | jwt.header=Authorization 27 | jwt.secret=mySecret 28 | jwt.expiration=604800 29 | jwt.route.authentication.path=/auth 30 | jwt.route.authentication.refresh=/refresh 31 | 32 | #Console color codes 33 | spring.output.ansi.enabled=always 34 | 35 | 36 | 37 | -------------------------------------------------------------------------------- /src/main/resources/db/migration/V1_0__init.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE role( 2 | role_id BIGSERIAL, 3 | name VARCHAR(15) NOT NULL, 4 | enabled BOOLEAN DEFAULT TRUE, 5 | deleted BOOLEAN DEFAULT FALSE, 6 | created_at TIMESTAMP, 7 | modified_at TIMESTAMP, 8 | CONSTRAINT roles_pkey PRIMARY KEY(role_id), 9 | UNIQUE(name) 10 | ); 11 | 12 | CREATE TABLE users( 13 | user_id BIGSERIAL, 14 | role_id BIGINT, 15 | firstname VARCHAR(30) NOT NULL, 16 | lastname VARCHAR(30) NOT NULL, 17 | password VARCHAR(100) NOT NULL, 18 | email VARCHAR(100) NOT NULL, 19 | created_at TIMESTAMP, 20 | modified_at TIMESTAMP, 21 | last_login TIMESTAMP, 22 | last_password_reset_data timestamp, 23 | enabled BOOLEAN DEFAULT true, 24 | deleted BOOLEAN DEFAULT false, 25 | CONSTRAINT FK_users_roles 26 | FOREIGN KEY (role_id) REFERENCES role(role_id), 27 | CONSTRAINT users_pkey PRIMARY KEY(user_id), 28 | UNIQUE(email) 29 | ); 30 | 31 | create table user_role( 32 | user_role_id bigserial, 33 | role_id bigint, 34 | user_id bigint, 35 | primary key (user_role_id), 36 | constraint UK_user_id_role_id unique (user_id, role_id), 37 | constraint FK_user_role_role foreign key (role_id) references role(role_id), 38 | constraint FK_user_role_user foreign key (user_id) references users(user_id) 39 | ); 40 | 41 | CREATE TABLE password_reset_token( 42 | password_reset_token_id BIGSERIAL, 43 | token VARCHAR(255) NOT NULL, 44 | expiry_date TIMESTAMP, 45 | user_id BIGINT, 46 | CONSTRAINT FK_password_reset_tokens_users 47 | FOREIGN KEY (user_id) REFERENCES users(user_id), 48 | CONSTRAINT password_reset_token_pkey PRIMARY KEY(password_reset_token_id) 49 | ); 50 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/auth/AuthControllerTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.auth; 2 | 3 | import com.springboilerplate.app.role.Role; 4 | import com.springboilerplate.app.role.RoleType; 5 | import com.springboilerplate.app.user.User; 6 | import com.springboilerplate.app.userRole.UserRole; 7 | import com.springboilerplate.security.JwtUserDetailsService; 8 | import com.springboilerplate.security.JwtTokenUtil; 9 | import com.springboilerplate.utils.JsonUtils; 10 | import org.junit.Before; 11 | import org.junit.Test; 12 | import org.junit.runner.RunWith; 13 | import org.springframework.beans.factory.annotation.Autowired; 14 | import org.springframework.boot.test.context.SpringBootTest; 15 | import org.springframework.boot.test.mock.mockito.MockBean; 16 | import org.springframework.http.MediaType; 17 | import org.springframework.security.authentication.AuthenticationManager; 18 | import org.springframework.security.test.context.support.WithAnonymousUser; 19 | import org.springframework.security.test.context.support.WithMockUser; 20 | import org.springframework.test.context.junit4.SpringRunner; 21 | import org.springframework.test.web.servlet.MockMvc; 22 | import org.springframework.test.web.servlet.setup.MockMvcBuilders; 23 | import org.springframework.web.context.WebApplicationContext; 24 | 25 | import java.util.Arrays; 26 | import java.util.Date; 27 | import java.util.List; 28 | 29 | import static org.mockito.ArgumentMatchers.any; 30 | import static org.mockito.ArgumentMatchers.eq; 31 | import static org.mockito.Mockito.when; 32 | import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; 33 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; 34 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; 35 | import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; 36 | 37 | @RunWith(SpringRunner.class) 38 | @SpringBootTest 39 | public class AuthControllerTest { 40 | 41 | private MockMvc mvc; 42 | @Autowired 43 | private WebApplicationContext context; 44 | @MockBean 45 | private AuthenticationManager authenticationManager; 46 | @MockBean 47 | private JwtTokenUtil jwtTokenUtil; 48 | @MockBean 49 | private JwtUserDetailsService jwtUserDetailsService; 50 | 51 | @Before 52 | public void setup() { 53 | mvc = MockMvcBuilders 54 | .webAppContextSetup(context) 55 | .apply(springSecurity()) 56 | .build(); 57 | } 58 | 59 | @Test 60 | @WithAnonymousUser 61 | public void successfulAuthenticationWithAnonymousUser() throws Exception { 62 | AccountCredentials accountCredentials = new AccountCredentials("email@email.com", "password"); 63 | mvc.perform(post("/auth") 64 | .contentType(MediaType.APPLICATION_JSON) 65 | .content(JsonUtils.getJson(accountCredentials))) 66 | .andExpect(status().is2xxSuccessful()); 67 | } 68 | 69 | @Test 70 | @WithMockUser(roles = "USER") 71 | public void successfulRefreshTokenWithUserRole() throws Exception { 72 | User user = getUser(); 73 | when(jwtTokenUtil.getEmailFromToken(any())).thenReturn(user.getUsername()); 74 | when(jwtUserDetailsService.loadUserByUsername(eq(user.getUsername()))).thenReturn(user); 75 | when(jwtTokenUtil.canTokenBeRefreshed(any(), any())).thenReturn(true); 76 | mvc.perform(get("/refresh") 77 | .header("Authorization", "Bearer 5d1103e-b3e1-4ae9-b606-46c9c1bc915a")) 78 | .andExpect(status().is2xxSuccessful()); 79 | } 80 | 81 | @Test 82 | @WithMockUser(roles = "ADMIN") 83 | public void successfulRefreshTokenWithAdminRole() throws Exception { 84 | User user = getUser(); 85 | when(jwtTokenUtil.getEmailFromToken(any())).thenReturn(user.getUsername()); 86 | when(jwtUserDetailsService.loadUserByUsername(eq(user.getUsername()))).thenReturn(user); 87 | when(jwtTokenUtil.canTokenBeRefreshed(any(), any())).thenReturn(true); 88 | 89 | mvc.perform(get("/refresh") 90 | .header("Authorization", "Bearer 5d1103e-b3e1-4ae9-b606-46c9c1bc915a")) 91 | .andExpect(status().is2xxSuccessful()); 92 | } 93 | 94 | @Test 95 | @WithAnonymousUser 96 | public void shouldGetUnauthorizedWithAnonymousUser() throws Exception { 97 | mvc.perform(get("/refresh")) 98 | .andExpect(status().isUnauthorized()); 99 | } 100 | 101 | private User getUser() { 102 | Role role = new Role(); 103 | role.setId(0L); 104 | role.setName(RoleType.ROLE_USER); 105 | User user = new User(); 106 | user.setEmail("username"); 107 | UserRole userRole = new UserRole(user, role); 108 | List authorities = Arrays.asList(userRole); 109 | user.setUserRoles(authorities); 110 | user.setEnabled(Boolean.TRUE); 111 | user.setLastPasswordResetDate(new Date(System.currentTimeMillis() + 1000 * 1000)); 112 | return user; 113 | } 114 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/passwordResetToken/PasswordResetTokenMocks.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordResetToken; 2 | 3 | import com.springboilerplate.app.passwordRestToken.PasswordResetToken; 4 | import com.springboilerplate.app.passwordRestToken.PasswordResetTokenRepository; 5 | 6 | import static org.mockito.Matchers.any; 7 | import static org.mockito.Matchers.anyString; 8 | import static org.mockito.Mockito.when; 9 | 10 | public class PasswordResetTokenMocks { 11 | public void initMocks(PasswordResetTokenRepository passwordResetTokenRepository){ 12 | when(passwordResetTokenRepository.save(any(PasswordResetToken.class))) 13 | .thenReturn(PasswordResetTokenStubs.generatePasswordResetToken()); 14 | when(passwordResetTokenRepository.findByToken(anyString())) 15 | .thenReturn(PasswordResetTokenStubs.generateOptionalPasswordResetToken()); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/passwordResetToken/PasswordResetTokenRepositoryTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordResetToken; 2 | 3 | import com.springboilerplate.app.user.UserStubs; 4 | import com.springboilerplate.app.passwordRestToken.PasswordResetToken; 5 | import com.springboilerplate.app.passwordRestToken.PasswordResetTokenRepository; 6 | import com.springboilerplate.app.user.User; 7 | import org.junit.Before; 8 | import org.junit.Test; 9 | import org.junit.runner.RunWith; 10 | import org.springframework.beans.factory.annotation.Autowired; 11 | import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest; 12 | import org.springframework.boot.test.autoconfigure.orm.jpa.TestEntityManager; 13 | import org.springframework.test.context.junit4.SpringRunner; 14 | 15 | import java.util.Optional; 16 | 17 | import static org.assertj.core.api.Assertions.assertThat; 18 | 19 | @RunWith(SpringRunner.class) 20 | @DataJpaTest 21 | public class PasswordResetTokenRepositoryTest { 22 | 23 | @Autowired 24 | private TestEntityManager entityManager; 25 | @Autowired 26 | private PasswordResetTokenRepository resetTokenRepository; 27 | 28 | private PasswordResetToken passwordToken; 29 | private User user; 30 | 31 | @Before 32 | public void setUp() throws Exception { 33 | user = UserStubs.generateUserWithNoRole(); 34 | entityManager.persistAndFlush(user); 35 | passwordToken = PasswordResetTokenStubs.generatePasswordResetToken(); 36 | } 37 | 38 | @Test 39 | public void findByTokenWhenTokenIsValidShouldRetrieveToken() throws Exception { 40 | passwordToken.setUser(user); 41 | entityManager.persistAndFlush(passwordToken); 42 | String tokenValue = passwordToken.getToken(); 43 | 44 | Optional retrivedOptionalToken = resetTokenRepository.findByToken(tokenValue); 45 | 46 | assertThat(retrivedOptionalToken.isPresent()).isTrue(); 47 | } 48 | 49 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/passwordResetToken/PasswordResetTokenServiceImplTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordResetToken; 2 | 3 | import com.springboilerplate.app.user.MailServiceMocks; 4 | import com.springboilerplate.app.user.UserStubs; 5 | import com.springboilerplate.app.passwordRestToken.PasswordResetTokenService; 6 | import com.springboilerplate.app.passwordRestToken.PasswordResetTokenServiceImpl; 7 | import com.springboilerplate.helper.MailService; 8 | import com.springboilerplate.helper.SecurityHelper; 9 | import com.springboilerplate.security.SecurityHelperMocks; 10 | import com.springboilerplate.app.passwordRestToken.PasswordResetToken; 11 | import com.springboilerplate.app.user.User; 12 | import com.springboilerplate.app.passwordRestToken.PasswordResetTokenRepository; 13 | import org.junit.Before; 14 | import org.junit.Test; 15 | import org.junit.runner.RunWith; 16 | import org.springframework.boot.test.mock.mockito.MockBean; 17 | import org.springframework.test.context.junit4.SpringRunner; 18 | 19 | import java.time.Instant; 20 | import java.util.Optional; 21 | 22 | import static org.assertj.core.api.Assertions.assertThat; 23 | import static org.mockito.Matchers.any; 24 | import static org.mockito.Matchers.anyString; 25 | import static org.mockito.Mockito.verify; 26 | import static org.mockito.Mockito.when; 27 | 28 | @RunWith(SpringRunner.class) 29 | public class PasswordResetTokenServiceImplTest { 30 | 31 | @MockBean 32 | private PasswordResetTokenRepository passwordResetTokenRepository; 33 | @MockBean 34 | private MailService mailService; 35 | @MockBean 36 | private SecurityHelper securityHelper; 37 | private PasswordResetTokenService passwordResetTokenService; 38 | 39 | 40 | PasswordResetTokenMocks passwordResetToken = new PasswordResetTokenMocks(); 41 | MailServiceMocks mailServiceMocks = new MailServiceMocks(); 42 | SecurityHelperMocks securityHelperMocks = new SecurityHelperMocks(); 43 | User user; 44 | 45 | @Before 46 | public void setUp() throws Exception { 47 | passwordResetToken.initMocks(passwordResetTokenRepository); 48 | mailServiceMocks.initMocks(mailService); 49 | securityHelperMocks.initMocks(securityHelper); 50 | passwordResetTokenService = 51 | new PasswordResetTokenServiceImpl(passwordResetTokenRepository, mailService, securityHelper); 52 | user = UserStubs.generateUser(); 53 | } 54 | 55 | @Test 56 | public void createPasswordResetTokenForUserShouldCreatePasswordToken() throws Exception { 57 | passwordResetTokenService.createPasswordResetTokenForUser(user); 58 | 59 | verify(passwordResetTokenRepository).save(any(PasswordResetToken.class)); 60 | verify(mailService).sendMail(anyString(), anyString(), anyString()); 61 | } 62 | 63 | @Test 64 | public void validatePasswordShouldReturnTrueWhenTokenIsValid() throws Exception { 65 | 66 | boolean valid = passwordResetTokenService.validateResetToken(1L, "token"); 67 | 68 | assertThat(valid).isTrue(); 69 | verify(securityHelper).grantUserChangePasswordPrivilege(any(PasswordResetToken.class)); 70 | 71 | } 72 | 73 | @Test 74 | public void validatePasswordShouldReturnFalseWhenTokenHasExpired() throws Exception { 75 | Optional optionalToken = PasswordResetTokenStubs.generateOptionalPasswordResetToken(); 76 | optionalToken.get().setExpiryDate(Instant.now().minusSeconds(84000L)); 77 | when(passwordResetTokenRepository.findByToken(anyString())).thenReturn(optionalToken); 78 | 79 | boolean valid = passwordResetTokenService.validateResetToken(1L, "token"); 80 | 81 | assertThat(valid).isFalse(); 82 | } 83 | 84 | @Test 85 | public void validatePasswordShouldReturnFalseWhenTokenIsNull() throws Exception { 86 | when(passwordResetTokenRepository.findByToken(anyString())).thenReturn(Optional.empty()); 87 | 88 | boolean valid = passwordResetTokenService.validateResetToken(1L, "token"); 89 | 90 | assertThat(valid).isFalse(); 91 | verify(passwordResetTokenRepository).findByToken(anyString()); 92 | } 93 | 94 | @Test 95 | public void validatePasswordShouldReturnFalseWhenIdDontMatch() throws Exception { 96 | when(passwordResetTokenRepository.findByToken(anyString())).thenReturn(Optional.empty()); 97 | 98 | boolean valid = passwordResetTokenService.validateResetToken(100L, "token"); 99 | 100 | assertThat(valid).isFalse(); 101 | verify(passwordResetTokenRepository).findByToken(anyString()); 102 | } 103 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/passwordResetToken/PasswordResetTokenStubs.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.passwordResetToken; 2 | 3 | import com.springboilerplate.app.user.UserStubs; 4 | import com.springboilerplate.app.passwordRestToken.PasswordResetToken; 5 | import com.springboilerplate.app.user.User; 6 | 7 | import java.util.Optional; 8 | import java.util.UUID; 9 | 10 | public class PasswordResetTokenStubs { 11 | 12 | public static Optional generateOptionalPasswordResetToken() { 13 | User user = UserStubs.generateUser(); 14 | user.setId(1L); 15 | PasswordResetToken passwordResetToken = 16 | new PasswordResetToken(UUID.randomUUID().toString(), user); 17 | return Optional.of(passwordResetToken); 18 | } 19 | 20 | public static PasswordResetToken generatePasswordResetToken() { 21 | User user = UserStubs.generateUser(); 22 | user.setId(1L); 23 | PasswordResetToken passwordResetToken = new PasswordResetToken(UUID.randomUUID().toString(), user); 24 | return passwordResetToken; 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/role/RoleMocks.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.role; 2 | 3 | import static org.mockito.ArgumentMatchers.any; 4 | import static org.mockito.Matchers.anyString; 5 | import static org.mockito.Mockito.when; 6 | 7 | public class RoleMocks { 8 | 9 | public void initMocks(RoleRepository roleRepository){ 10 | when(roleRepository.findByName(any(RoleType.class))).thenReturn(RoleStubs.generateOptionalRole()); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/role/RoleRepositoryTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.role; 2 | 3 | import org.junit.Before; 4 | import org.junit.Test; 5 | import org.junit.runner.RunWith; 6 | import org.springframework.beans.factory.annotation.Autowired; 7 | import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest; 8 | import org.springframework.boot.test.autoconfigure.orm.jpa.TestEntityManager; 9 | import org.springframework.boot.test.context.SpringBootTest; 10 | import org.springframework.test.context.junit4.SpringRunner; 11 | 12 | import java.util.Optional; 13 | 14 | import static org.assertj.core.api.Assertions.assertThat; 15 | 16 | @RunWith(SpringRunner.class) 17 | @DataJpaTest 18 | public class RoleRepositoryTest { 19 | 20 | @Autowired 21 | private TestEntityManager entityManager; 22 | @Autowired 23 | private RoleRepository roleRepository; 24 | private Role roleToPersist; 25 | 26 | @Before 27 | public void setUp() throws Exception { 28 | roleToPersist = RoleStubs.generateRole(); 29 | } 30 | 31 | 32 | @Test 33 | public void findByNameShouldReturnRole() throws Exception { 34 | entityManager.persistAndFlush(roleToPersist); 35 | 36 | Optional optionalRole = roleRepository.findByName(RoleType.ROLE_USER); 37 | 38 | assertThat(optionalRole.isPresent()).isTrue(); 39 | assertThat(optionalRole.get().getName()).isEqualTo(roleToPersist.getName()); 40 | } 41 | 42 | @Test 43 | public void findByNameWhenRoleIsInvalidShouldReturnNoRole() throws Exception { 44 | entityManager.persistAndFlush(roleToPersist); 45 | 46 | Optional optionalRole = roleRepository.findByName(RoleType.ROLE_ADMIN); 47 | 48 | assertThat(optionalRole.isPresent()).isFalse(); 49 | } 50 | 51 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/role/RoleStubs.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.role; 2 | 3 | import java.util.Optional; 4 | 5 | public class RoleStubs { 6 | 7 | public static Role generateRole(){ 8 | return new Role(RoleType.ROLE_USER); 9 | } 10 | public static Optional generateOptionalRole(){ 11 | return Optional.of(new Role(RoleType.ROLE_USER)); 12 | } 13 | 14 | } 15 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/search/UserSearchServiceTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.search; 2 | 3 | import com.springboilerplate.mocks.DataGenerator; 4 | import com.springboilerplate.app.user.User; 5 | import com.springboilerplate.app.role.RoleRepository; 6 | import com.springboilerplate.app.user.UserRepository; 7 | import org.junit.Before; 8 | import org.junit.Test; 9 | import org.junit.runner.RunWith; 10 | import org.springframework.beans.factory.annotation.Autowired; 11 | import org.springframework.boot.test.context.SpringBootTest; 12 | import org.springframework.test.annotation.Rollback; 13 | import org.springframework.test.context.junit4.SpringRunner; 14 | import org.springframework.transaction.annotation.Transactional; 15 | 16 | import static org.assertj.core.api.Assertions.assertThat; 17 | import java.util.List; 18 | 19 | @RunWith(SpringRunner.class) 20 | @SpringBootTest 21 | @Transactional 22 | public class UserSearchServiceTest { 23 | 24 | @Autowired 25 | private UserRepository userRepository; 26 | @Autowired 27 | private RoleRepository roleRepository; 28 | @Autowired 29 | private HibernateSearchService hibernateSearchService; 30 | 31 | private UserSearchService userSearchService; 32 | 33 | @Before 34 | @Rollback 35 | public void setUp() throws Exception { 36 | userSearchService = new UserSearchService(hibernateSearchService); 37 | DataGenerator dataGenerator = new DataGenerator.Builder(userRepository, roleRepository).build(); 38 | User user = dataGenerator.createUser(); 39 | } 40 | 41 | @Test 42 | @Rollback 43 | public void findUsersByKeywordShouldReturnListOfUsersWhenFirstnameMatches() throws Exception { 44 | List users = userSearchService.findUsersByKeyword("Patrick"); 45 | 46 | assertThat(users.size()).isGreaterThan(0); 47 | } 48 | 49 | @Test 50 | @Rollback 51 | public void findUsersByKeywordShouldReturnListOfUsersWhenLastnameMatches() throws Exception { 52 | List users = userSearchService.findUsersByKeyword("Emmanuel"); 53 | 54 | assertThat(users.size()).isGreaterThan(0); 55 | } 56 | 57 | @Test 58 | @Rollback 59 | public void findUsersByKeywordShouldReturnListOfUsersWhenEmailMatches() throws Exception { 60 | List users = userSearchService.findUsersByKeyword("email@email.com"); 61 | 62 | assertThat(users.size()).isGreaterThan(0); 63 | } 64 | 65 | @Test 66 | @Rollback 67 | public void findUsersByKeywordShouldReturnListOfUsersWhenNameMatchesFuzzy() throws Exception { 68 | List users = userSearchService.findUsersByKeyword("Emmanue"); 69 | 70 | assertThat(users.size()).isGreaterThan(0); 71 | } 72 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/user/EnvironmentMocks.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | 4 | import org.springframework.core.env.Environment; 5 | 6 | import static org.mockito.Matchers.anyString; 7 | import static org.mockito.Mockito.when; 8 | 9 | public class EnvironmentMocks { 10 | public void initMocks(Environment environment){ 11 | when(environment.getProperty(anyString())).thenReturn("password_key"); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/user/MailServiceMocks.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import com.springboilerplate.helper.MailService; 4 | import org.mockito.Mockito; 5 | 6 | import javax.mail.MessagingException; 7 | 8 | import static org.mockito.Matchers.anyString; 9 | 10 | public class MailServiceMocks { 11 | public void initMocks(MailService mailService) throws MessagingException { 12 | Mockito.doNothing().when(mailService).sendMail(anyString(), anyString(), anyString()); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/user/UserMocks.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import com.springboilerplate.app.role.RoleType; 4 | 5 | import static org.mockito.Matchers.any; 6 | import static org.mockito.Matchers.anyString; 7 | import static org.mockito.Mockito.doNothing; 8 | import static org.mockito.Mockito.when; 9 | 10 | public class UserMocks { 11 | public void initMocks(UserRepository userRepository){ 12 | when(userRepository.save(any(User.class))).thenReturn(UserStubs.generateUser()); 13 | when(userRepository.getByEmailAndDeletedFalse(anyString())).thenReturn(UserStubs.generateOptionalUser()); 14 | } 15 | public void initUserServiceMocks(UserService userService){ 16 | when(doNothing().when(userService).saveUser(any(UserDto.class), any(RoleType.class))); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/user/UserRepositoryTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import org.assertj.core.api.Assertions; 4 | import org.junit.Before; 5 | import org.junit.Test; 6 | import org.junit.runner.RunWith; 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest; 9 | import org.springframework.boot.test.autoconfigure.orm.jpa.TestEntityManager; 10 | import org.springframework.test.context.junit4.SpringRunner; 11 | 12 | import static org.assertj.core.api.Assertions.assertThat; 13 | 14 | import java.util.Optional; 15 | 16 | @RunWith(SpringRunner.class) 17 | @DataJpaTest 18 | public class UserRepositoryTest { 19 | 20 | @Autowired 21 | private TestEntityManager entityManager; 22 | @Autowired 23 | private UserRepository userRepository; 24 | private User userToSave; 25 | 26 | @Before 27 | public void setUp() throws Exception { 28 | userToSave = UserStubs.generateUserWithNoRole(); 29 | } 30 | 31 | @Test 32 | public void getByEmailShouldReturnUser() throws Exception { 33 | entityManager.persistAndFlush(userToSave); 34 | 35 | Optional optionalUser = userRepository.getByEmail("email@email.com"); 36 | 37 | assertThat(optionalUser.isPresent()).isTrue(); 38 | Assertions.assertThat(optionalUser.map(User::getEmail).orElse("No email")) 39 | .isEqualTo(userToSave.getEmail()); 40 | } 41 | 42 | @Test 43 | public void getByEmailWhenEmailIsInvalidShouldNotReturnUser() throws Exception { 44 | entityManager.persistAndFlush(userToSave); 45 | 46 | Optional user = userRepository.getByEmail("invalid@email.com"); 47 | 48 | assertThat(user.isPresent()).isFalse(); 49 | } 50 | 51 | @Test 52 | public void findByIdAndDeletedIsFalseShouldReturnUser() throws Exception { 53 | User savedUser = entityManager.persistAndFlush(userToSave); 54 | 55 | Optional user = userRepository.findByIdAndDeletedIsFalse(savedUser.getId()); 56 | 57 | assertThat(user.isPresent()).isTrue(); 58 | } 59 | 60 | @Test 61 | public void findByIdAndDeletedIsFalseWhenDeletedIsTrueShouldNotReturnUser() throws Exception { 62 | userToSave.setDeleted(true); 63 | User savedUser = entityManager.persistAndFlush(userToSave); 64 | 65 | Optional user = userRepository.findByIdAndDeletedIsFalse(savedUser.getId()); 66 | 67 | assertThat(user.isPresent()).isFalse(); 68 | } 69 | 70 | @Test 71 | public void getByEmailAndDeletedFalseShouldReturnUser() throws Exception { 72 | entityManager.persistAndFlush(userToSave); 73 | 74 | Optional user = userRepository.getByEmailAndDeletedFalse("email@email.com"); 75 | 76 | assertThat(user.isPresent()).isTrue(); 77 | } 78 | 79 | @Test 80 | public void getByEmailAndDeletedFalseWhenDeletedIsTrueShouldNotReturnUser() throws Exception { 81 | userToSave.setDeleted(true); 82 | entityManager.persistAndFlush(userToSave); 83 | 84 | Optional user = userRepository.getByEmailAndDeletedFalse("email@email.com"); 85 | 86 | assertThat(user.isPresent()).isFalse(); 87 | } 88 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/user/UserServiceImplTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import com.springboilerplate.app.role.RoleMocks; 4 | import com.springboilerplate.dtoMapper.MapperMocks; 5 | import com.springboilerplate.app.role.RoleType; 6 | import com.springboilerplate.app.role.RoleRepository; 7 | import org.junit.Before; 8 | import org.junit.Test; 9 | import org.junit.runner.RunWith; 10 | import org.springframework.boot.test.mock.mockito.MockBean; 11 | import org.springframework.security.crypto.password.PasswordEncoder; 12 | import org.springframework.test.context.junit4.SpringRunner; 13 | import static org.assertj.core.api.Assertions.assertThat; 14 | import static org.mockito.ArgumentMatchers.anyString; 15 | import static org.mockito.Mockito.when; 16 | 17 | @RunWith(SpringRunner.class) 18 | public class UserServiceImplTest { 19 | 20 | //dependencies 21 | @MockBean 22 | private RoleRepository roleRepository; 23 | @MockBean 24 | private UserRepository userRepository; 25 | @MockBean 26 | private UserDtoMapper userDtoMapper; 27 | @MockBean 28 | private PasswordEncoder passwordEncoder; 29 | 30 | //system under test. 31 | private UserService userService; 32 | 33 | //Mocks. 34 | private MapperMocks mapperMocks = new MapperMocks(); 35 | private RoleMocks roleMocks = new RoleMocks(); 36 | private UserMocks userMocks = new UserMocks(); 37 | 38 | @Before 39 | public void setUp() throws Exception { 40 | mapperMocks.initMocks(userDtoMapper); 41 | roleMocks.initMocks(roleRepository); 42 | userMocks.initMocks(userRepository); 43 | when(passwordEncoder.encode(anyString())).thenReturn("encryptedPassword"); 44 | userService = new UserServiceImpl(roleRepository, userRepository, userDtoMapper, passwordEncoder); 45 | } 46 | 47 | @Test 48 | public void saveUserShouldSave() throws Exception { 49 | UserDto userDto = UserStubs.generateUserDto(); 50 | 51 | User user = userService.saveUser(userDto, RoleType.ROLE_USER); 52 | 53 | assertThat(user).isNotNull(); 54 | } 55 | 56 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/user/UserStubs.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.user; 2 | 3 | import com.springboilerplate.app.userRole.UserRoleStubs; 4 | 5 | import java.util.Optional; 6 | 7 | public class UserStubs { 8 | 9 | public static User generateUser(){ 10 | return new User("Patrick", "Emmanuel", 11 | "Password", "email@email.com", UserRoleStubs.generateUserRoles()); 12 | } 13 | 14 | public static User generateUser(int i){ 15 | return new User("Patrick" + i, "Emmanuel" + i, 16 | "Password", "email@email.com" + i, UserRoleStubs.generateUserRoles()); 17 | } 18 | public static User generateUserWithEncyptedPassword(){ 19 | return new User("Patrick", "Emmanuel", 20 | "f1dc2596efa04da1e8652955bcc2aa355e053a7739b2c68a6f99e15aae7bbe8e941b1bdf2dffcf5d", "email@email.com"); 21 | } 22 | 23 | public static Optional generateOptionalUser(){ 24 | return Optional.of(new User("Patrick", "Emmanuel", 25 | "Password", "email@email.com", UserRoleStubs.generateUserRoles())); 26 | } 27 | public static UserDto generateUserDto(){ 28 | return new UserDto("Patrick", "Emmanuel", 29 | "email@email.com", "Password"); 30 | } 31 | 32 | public static User generateUserWithNoRole(){ 33 | return new User("Patrick", "Emmanuel", 34 | "Password", "email@email.com"); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/userRole/UserRoleRepositoryTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.userRole; 2 | 3 | import com.springboilerplate.app.role.Role; 4 | import com.springboilerplate.app.role.RoleStubs; 5 | import com.springboilerplate.app.user.User; 6 | import com.springboilerplate.app.user.UserStubs; 7 | import org.junit.Before; 8 | import org.junit.Test; 9 | import org.junit.runner.RunWith; 10 | import org.springframework.beans.factory.annotation.Autowired; 11 | import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest; 12 | import org.springframework.boot.test.autoconfigure.orm.jpa.TestEntityManager; 13 | import org.springframework.test.context.junit4.SpringRunner; 14 | 15 | import java.util.Optional; 16 | 17 | import static org.assertj.core.api.Assertions.assertThat; 18 | 19 | @RunWith(SpringRunner.class) 20 | @DataJpaTest 21 | public class UserRoleRepositoryTest { 22 | 23 | @Autowired 24 | private TestEntityManager entityManager; 25 | 26 | @Autowired 27 | private UserRoleRepository userRoleRepository; 28 | 29 | private UserRole userRole; 30 | private User user; 31 | private Role role; 32 | 33 | @Before 34 | public void setUp() throws Exception { 35 | user = UserStubs.generateUserWithNoRole(); 36 | role = RoleStubs.generateRole(); 37 | entityManager.persistAndFlush(user); 38 | entityManager.persistAndFlush(role); 39 | } 40 | 41 | @Test 42 | public void findByUserIdAndRoleIdShouldReturnSavedUserRole() { 43 | entityManager.persistAndFlush(new UserRole(user, role)); 44 | 45 | Optional savedUserRole = userRoleRepository.findByUserIdAndRoleId(user.getId(), role.getId()); 46 | 47 | assertThat(savedUserRole.isPresent()).isTrue(); 48 | assertThat(savedUserRole.get().getId()).isNotNull(); 49 | } 50 | 51 | @Test 52 | public void findByUserIdAndRoleIdShouldReturnSavedUserRoleWithCorrectRole() { 53 | entityManager.persistAndFlush(new UserRole(user, role)); 54 | 55 | Optional savedUserRole = userRoleRepository.findByUserIdAndRoleId(user.getId(), role.getId()); 56 | 57 | assertThat(savedUserRole.isPresent()).isTrue(); 58 | assertThat(savedUserRole.get().getRole().getId()).isEqualTo(role.getId()); 59 | } 60 | 61 | @Test 62 | public void findByUserIdAndRoleIdShouldReturnSavedUserRoleWithCorrectUser() { 63 | entityManager.persistAndFlush(new UserRole(user, role)); 64 | 65 | Optional savedUserRole = userRoleRepository.findByUserIdAndRoleId(user.getId(), role.getId()); 66 | 67 | assertThat(savedUserRole.isPresent()).isTrue(); 68 | assertThat(savedUserRole.get().getUser().getId()).isEqualTo(user.getId()); 69 | } 70 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/app/userRole/UserRoleStubs.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.app.userRole; 2 | 3 | import com.springboilerplate.app.role.Role; 4 | import com.springboilerplate.app.role.RoleStubs; 5 | import com.springboilerplate.app.user.User; 6 | import com.springboilerplate.app.user.UserStubs; 7 | 8 | import java.util.ArrayList; 9 | import java.util.List; 10 | 11 | public class UserRoleStubs { 12 | public static UserRole generateUserRole(){ 13 | User user = UserStubs.generateUserWithNoRole(); 14 | Role role = RoleStubs.generateRole(); 15 | return new UserRole(user, role); 16 | } 17 | 18 | public static List generateUserRoles(){ 19 | List userRoles = new ArrayList<>(); 20 | userRoles.add(generateUserRole()); 21 | return userRoles; 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/dtoMapper/MapperMocks.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.dtoMapper; 2 | 3 | import com.springboilerplate.app.user.UserStubs; 4 | import com.springboilerplate.app.user.UserDto; 5 | import com.springboilerplate.app.user.UserDtoMapper; 6 | 7 | import static org.mockito.Matchers.any; 8 | import static org.mockito.Mockito.when; 9 | 10 | public class MapperMocks { 11 | 12 | public void initMocks(UserDtoMapper userDtoMapper){ 13 | when(userDtoMapper.toUser(any(UserDto.class))).thenReturn(UserStubs.generateUser()); 14 | } 15 | 16 | } 17 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/dtoMapper/UserDtoMapperTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.dtoMapper; 2 | 3 | import com.springboilerplate.app.user.UserStubs; 4 | import com.springboilerplate.app.user.UserDto; 5 | import com.springboilerplate.app.user.User; 6 | import com.springboilerplate.app.user.UserDtoMapper; 7 | import org.junit.Before; 8 | import org.junit.Test; 9 | import static org.assertj.core.api.Assertions.assertThat; 10 | import org.modelmapper.ModelMapper; 11 | 12 | 13 | public class UserDtoMapperTest { 14 | 15 | private ModelMapper mapper = new ModelMapper(); 16 | UserDtoMapper userDtoMapper = new UserDtoMapper(mapper); 17 | private User user; 18 | private UserDto userDto; 19 | 20 | @Before 21 | public void setUp() throws Exception { 22 | user = UserStubs.generateUser(); 23 | userDto = UserStubs.generateUserDto(); 24 | } 25 | 26 | @Test 27 | public void toUserDtoWhenUserEmailAndDtoEmailAreSameShouldReturnTrue() throws Exception { 28 | UserDto userDto = userDtoMapper.toUserDto(user); 29 | 30 | assertThat(userDto.getEmail()).isEqualTo(user.getEmail()); 31 | } 32 | 33 | @Test 34 | public void toUserDtoWhenUserPasswordAndDtoPasswordAreSameShouldReturnTrue() throws Exception { 35 | UserDto userDto = userDtoMapper.toUserDto(user); 36 | 37 | assertThat(userDto.getPassword()).isEqualTo(user.getPassword()); 38 | } 39 | @Test 40 | public void toUserDtoWhenUserFirstnameAndDtoFirstnameAreSameShouldReturnTrue() throws Exception { 41 | UserDto userDto = userDtoMapper.toUserDto(user); 42 | 43 | assertThat(userDto.getFirstname()).isEqualTo(user.getFirstname()); 44 | } 45 | 46 | @Test 47 | public void toUserDtoWhenUserLastnameAndDtoLastnameAreSameShouldReturnTrue() throws Exception { 48 | UserDto userDto = userDtoMapper.toUserDto(user); 49 | 50 | assertThat(userDto.getLastname()).isEqualTo(user.getLastname()); 51 | } 52 | 53 | @Test 54 | public void toUserWhenUserEmailAndDtoEmailAreSameShouldReturnTrue() throws Exception { 55 | User user = userDtoMapper.toUser(userDto); 56 | 57 | assertThat(user.getEmail()).isEqualTo(userDto.getEmail()); 58 | } 59 | 60 | @Test 61 | public void toUserWhenUserFirstnameAndDtoFirstnameAreSameShouldReturnTrue() throws Exception { 62 | User user = userDtoMapper.toUser(userDto); 63 | 64 | assertThat(user.getFirstname()).isEqualTo(userDto.getFirstname()); 65 | } 66 | 67 | @Test 68 | public void toUserWhenUserLastnameAndDtoLastnameAreSameShouldReturnTrue() throws Exception { 69 | User user = userDtoMapper.toUser(userDto); 70 | 71 | assertThat(user.getLastname()).isEqualTo(userDto.getLastname()); 72 | } 73 | 74 | @Test 75 | public void toUserWhenUserPasswordAndDtoPasswordAreSameShouldReturnTrue() throws Exception { 76 | User user = userDtoMapper.toUser(userDto); 77 | 78 | assertThat(user.getPassword()).isEqualTo(userDto.getPassword()); 79 | } 80 | 81 | 82 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/helper/MailServiceImplTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.helper; 2 | 3 | import org.junit.Before; 4 | import org.junit.Test; 5 | import org.junit.runner.RunWith; 6 | import org.springframework.boot.test.mock.mockito.MockBean; 7 | import org.springframework.mail.javamail.JavaMailSender; 8 | import org.springframework.test.context.junit4.SpringRunner; 9 | 10 | import static org.mockito.Matchers.any; 11 | import static org.mockito.Mockito.doNothing; 12 | import static org.mockito.Mockito.verify; 13 | 14 | @RunWith(SpringRunner.class) 15 | public class MailServiceImplTest { 16 | 17 | @MockBean 18 | private AsyncMailer asyncMailer; 19 | @MockBean 20 | private JavaMailSender mailSender; 21 | 22 | private MailService mailService; 23 | 24 | @Before 25 | public void setUp() throws Exception { 26 | mailService = new MailServiceImpl(mailSender, asyncMailer); 27 | doNothing().when(asyncMailer).sendMail(any(MailData.class)); 28 | } 29 | 30 | @Test 31 | public void sendMail() throws Exception { 32 | mailService.sendMail("mail", "message", "subject"); 33 | 34 | verify(asyncMailer).sendMail(any(MailData.class)); 35 | } 36 | 37 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/mocks/DataGenerator.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.mocks; 2 | 3 | import com.springboilerplate.app.role.Role; 4 | import com.springboilerplate.app.role.RoleRepository; 5 | import com.springboilerplate.app.role.RoleStubs; 6 | import com.springboilerplate.app.role.RoleType; 7 | import com.springboilerplate.app.user.User; 8 | import com.springboilerplate.app.user.UserRepository; 9 | import com.springboilerplate.app.user.UserStubs; 10 | import com.springboilerplate.app.userRole.UserRole; 11 | import com.springboilerplate.app.userRole.UserRoleRepository; 12 | import com.springboilerplate.app.userRole.UserRoleStubs; 13 | 14 | import java.util.Optional; 15 | 16 | public class DataGenerator { 17 | private UserRepository userRepository; 18 | private RoleRepository roleRepository; 19 | private UserRoleRepository userRoleRepository; 20 | 21 | 22 | public static class Builder { 23 | private UserRepository userRepository; 24 | private RoleRepository roleRepository; 25 | private UserRoleRepository userRoleRepository; 26 | 27 | public Builder(UserRepository userRepository, RoleRepository roleRepository) { 28 | this.userRepository = userRepository; 29 | this.roleRepository = roleRepository; 30 | } 31 | public Builder userRoleRepo(UserRoleRepository userRoleRepository) { 32 | this.userRoleRepository = userRoleRepository; 33 | return this; 34 | } 35 | public DataGenerator build() { 36 | return new DataGenerator(this); 37 | } 38 | } 39 | 40 | private DataGenerator(Builder builder) { 41 | userRepository = builder.userRepository; 42 | roleRepository = builder.roleRepository; 43 | userRoleRepository = builder.userRoleRepository; 44 | } 45 | 46 | public User createUser(int i) { 47 | User user = UserStubs.generateUser(i); 48 | return userRepository.save(user); 49 | } 50 | 51 | public User createUser() { 52 | User user = UserStubs.generateUser(); 53 | user.addUserRole(UserRoleStubs.generateUserRole()); 54 | return userRepository.save(user); 55 | } 56 | 57 | public UserRole createUserRole(){ 58 | UserRole userRole = UserRoleStubs.generateUserRole(); 59 | return userRoleRepository.save(userRole); 60 | } 61 | 62 | 63 | 64 | public Role createRole(RoleType roleType) { 65 | Optional optionalRole = roleRepository.findByName(roleType); 66 | if(optionalRole.isPresent()){ 67 | return optionalRole.get(); 68 | } 69 | Role role = RoleStubs.generateRole(); 70 | return roleRepository.saveAndFlush(role); 71 | } 72 | } 73 | 74 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/security/CustomUserDetailsServiceTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import com.springboilerplate.app.user.UserMocks; 4 | import com.springboilerplate.app.user.User; 5 | import com.springboilerplate.app.user.UserRepository; 6 | import org.junit.Before; 7 | import org.junit.Rule; 8 | import org.junit.Test; 9 | import org.junit.rules.ExpectedException; 10 | import org.junit.runner.RunWith; 11 | import org.mockito.InjectMocks; 12 | import org.mockito.Mockito; 13 | import org.springframework.boot.test.mock.mockito.MockBean; 14 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 15 | import org.springframework.test.context.junit4.SpringRunner; 16 | 17 | import java.util.Optional; 18 | 19 | import static org.assertj.core.api.AssertionsForClassTypes.assertThat; 20 | import static org.mockito.Matchers.anyString; 21 | import static org.mockito.Mockito.verify; 22 | import static org.mockito.Mockito.when; 23 | 24 | @RunWith(SpringRunner.class) 25 | public class CustomUserDetailsServiceTest { 26 | 27 | @MockBean 28 | private UserRepository userRepository; 29 | 30 | private UserMocks userMocks = new UserMocks(); 31 | 32 | @Rule 33 | public ExpectedException thrown = ExpectedException.none(); 34 | 35 | @InjectMocks 36 | private JwtUserDetailsService jwtUserDetailsService; 37 | 38 | @Before 39 | public void setUp() throws Exception { 40 | jwtUserDetailsService = new JwtUserDetailsService(userRepository); 41 | userMocks.initMocks(userRepository); 42 | } 43 | 44 | @Test 45 | public void loadUserByUsername() throws Exception { 46 | User user = jwtUserDetailsService.loadUserByUsername("username"); 47 | 48 | assertThat(user).isNotNull(); 49 | verify(userRepository).getByEmailAndDeletedFalse(anyString()); 50 | verify(userRepository).save(Mockito.any(User.class)); 51 | } 52 | 53 | @Test 54 | public void loadUserByUsernameShouldReturnTheUserFirstnameWhenUserIsPresent() throws Exception { 55 | User user = jwtUserDetailsService.loadUserByUsername("notvalid"); 56 | 57 | assertThat(user.getFirstname()).isEqualTo("Patrick"); 58 | verify(userRepository).getByEmailAndDeletedFalse(anyString()); 59 | verify(userRepository).save(Mockito.any(User.class)); 60 | } 61 | 62 | @Test 63 | public void loadUserByUsernameShouldThrowUsernameNotFoundExceptionWhenUserIsInvalid() throws Exception { 64 | when(userRepository.getByEmailAndDeletedFalse(anyString())).thenReturn(Optional.empty()); 65 | 66 | thrown.expect(UsernameNotFoundException.class); 67 | thrown.expectMessage("User with '" + "username" + "' email not found."); 68 | 69 | User user = jwtUserDetailsService.loadUserByUsername("username"); 70 | } 71 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/security/JwtTokenUtilTest.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import com.springboilerplate.app.user.User; 4 | import io.jsonwebtoken.Clock; 5 | import io.jsonwebtoken.ExpiredJwtException; 6 | import org.assertj.core.util.DateUtil; 7 | import org.junit.Before; 8 | import org.junit.Test; 9 | import org.mockito.InjectMocks; 10 | import org.mockito.Mock; 11 | import org.mockito.MockitoAnnotations; 12 | import org.springframework.security.core.userdetails.UserDetails; 13 | import org.springframework.test.util.ReflectionTestUtils; 14 | import static org.assertj.core.api.Assertions.assertThat; 15 | 16 | import java.util.Date; 17 | 18 | import static org.assertj.core.api.AssertionsForClassTypes.within; 19 | import static org.mockito.Mockito.mock; 20 | import static org.mockito.Mockito.when; 21 | 22 | public class JwtTokenUtilTest { 23 | 24 | private static final String TEST_USERNAME = "testUser"; 25 | 26 | @Mock 27 | private Clock clockMock; 28 | 29 | @InjectMocks 30 | private JwtTokenUtil jwtTokenUtil; 31 | 32 | @Before 33 | public void init() { 34 | MockitoAnnotations.initMocks(this); 35 | 36 | ReflectionTestUtils.setField(jwtTokenUtil, "expiration", 3600L); // one hour 37 | ReflectionTestUtils.setField(jwtTokenUtil, "secret", "mySecret"); 38 | } 39 | 40 | @Test 41 | public void testGenerateTokenGeneratesDifferentTokensForDifferentCreationDates() throws Exception { 42 | when(clockMock.now()).thenReturn(DateUtil.yesterday()).thenReturn(DateUtil.now()); 43 | 44 | final String token = createToken(); 45 | final String laterToken = createToken(); 46 | 47 | assertThat(token).isNotEqualTo(laterToken); 48 | } 49 | 50 | @Test 51 | public void getUsernameFromToken() throws Exception { 52 | when(clockMock.now()).thenReturn(DateUtil.now()); 53 | 54 | final String token = createToken(); 55 | 56 | assertThat(jwtTokenUtil.getEmailFromToken(token)).isEqualTo(TEST_USERNAME); 57 | } 58 | 59 | @Test 60 | public void getCreatedDateFromToken() throws Exception { 61 | final Date now = DateUtil.now(); 62 | when(clockMock.now()).thenReturn(now); 63 | 64 | final String token = createToken(); 65 | 66 | assertThat(jwtTokenUtil.getIssuedAtDateFromToken(token)).isInSameMinuteWindowAs(now); 67 | } 68 | 69 | @Test 70 | public void getExpirationDateFromToken() throws Exception { 71 | final Date now = DateUtil.now(); 72 | when(clockMock.now()).thenReturn(now); 73 | final String token = createToken(); 74 | 75 | final Date expirationDateFromToken = jwtTokenUtil.getExpirationDateFromToken(token); 76 | assertThat(DateUtil.timeDifference(expirationDateFromToken, now)).isCloseTo(3600000L, within(1000L)); 77 | } 78 | 79 | @Test(expected = ExpiredJwtException.class) 80 | public void expiredTokenCannotBeRefreshed() throws Exception { 81 | when(clockMock.now()) 82 | .thenReturn(DateUtil.yesterday()); 83 | String token = createToken(); 84 | jwtTokenUtil.canTokenBeRefreshed(token, DateUtil.tomorrow()); 85 | } 86 | 87 | @Test 88 | public void changedPasswordCannotBeRefreshed() throws Exception { 89 | when(clockMock.now()) 90 | .thenReturn(DateUtil.now()); 91 | String token = createToken(); 92 | assertThat(jwtTokenUtil.canTokenBeRefreshed(token, DateUtil.tomorrow())).isFalse(); 93 | } 94 | 95 | @Test 96 | public void notExpiredCanBeRefreshed() { 97 | when(clockMock.now()) 98 | .thenReturn(DateUtil.now()); 99 | String token = createToken(); 100 | assertThat(jwtTokenUtil.canTokenBeRefreshed(token, DateUtil.yesterday())).isTrue(); 101 | } 102 | 103 | @Test 104 | public void canRefreshToken() throws Exception { 105 | when(clockMock.now()) 106 | .thenReturn(DateUtil.now()) 107 | .thenReturn(DateUtil.tomorrow()); 108 | String firstToken = createToken(); 109 | String refreshedToken = jwtTokenUtil.refreshToken(firstToken); 110 | Date firstTokenDate = jwtTokenUtil.getIssuedAtDateFromToken(firstToken); 111 | Date refreshedTokenDate = jwtTokenUtil.getIssuedAtDateFromToken(refreshedToken); 112 | assertThat(firstTokenDate).isBefore(refreshedTokenDate); 113 | } 114 | 115 | @Test 116 | public void canValidateToken() throws Exception { 117 | when(clockMock.now()).thenReturn(DateUtil.now()); 118 | UserDetails userDetails = mock(User.class); 119 | when(userDetails.getUsername()).thenReturn(TEST_USERNAME); 120 | 121 | String token = createToken(); 122 | assertThat(jwtTokenUtil.validateToken(token, userDetails)).isTrue(); 123 | } 124 | 125 | private String createToken() { 126 | return jwtTokenUtil.generateToken(new UserDetailsStub(TEST_USERNAME)); 127 | } 128 | } -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/security/SecurityHelperMocks.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import com.springboilerplate.helper.SecurityHelper; 4 | import com.springboilerplate.app.passwordRestToken.PasswordResetToken; 5 | import org.mockito.Mockito; 6 | 7 | import static org.mockito.Matchers.any; 8 | 9 | public class SecurityHelperMocks { 10 | 11 | public void initMocks(SecurityHelper securityHelper){ 12 | Mockito.doNothing().when(securityHelper) 13 | .grantUserChangePasswordPrivilege(any(PasswordResetToken.class)); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /src/test/java/com/springboilerplate/security/UserDetailsStub.java: -------------------------------------------------------------------------------- 1 | package com.springboilerplate.security; 2 | 3 | import org.springframework.security.core.GrantedAuthority; 4 | import org.springframework.security.core.userdetails.UserDetails; 5 | 6 | import java.util.Collection; 7 | 8 | public class UserDetailsStub implements UserDetails { 9 | private final String username; 10 | 11 | public UserDetailsStub(String username) { 12 | this.username = username; 13 | } 14 | 15 | @Override 16 | public Collection getAuthorities() { 17 | return null; 18 | } 19 | 20 | @Override 21 | public String getPassword() { 22 | return null; 23 | } 24 | 25 | @Override 26 | public String getUsername() { 27 | return username; 28 | } 29 | 30 | @Override 31 | public boolean isAccountNonExpired() { 32 | return false; 33 | } 34 | 35 | @Override 36 | public boolean isAccountNonLocked() { 37 | return false; 38 | } 39 | 40 | @Override 41 | public boolean isCredentialsNonExpired() { 42 | return false; 43 | } 44 | 45 | @Override 46 | public boolean isEnabled() { 47 | return false; 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /src/test/resources/application.properties: -------------------------------------------------------------------------------- 1 | # spring.datasource.x 2 | spring.datasource.driver-class-name=org.h2.Driver 3 | spring.datasource.url=jdbc:h2:mem:db;DB_CLOSE_DELAY=-1 4 | spring.datasource.username=sa 5 | spring.datasource.password=sa 6 | spring.jpa.hibernate.ddl-auto=create 7 | hibernate.dialect=org.hibernate.dialect.H2Dialect 8 | 9 | #JWT CONFIG 10 | jwt.header=Authorization 11 | jwt.secret=mySecret 12 | jwt.expiration=604800 13 | jwt.route.authentication.path=/auth 14 | jwt.route.authentication.refresh=/refresh --------------------------------------------------------------------------------