Compare commits
4 commits
5db4d4dab8
...
2953e81da9
Author | SHA1 | Date | |
---|---|---|---|
2953e81da9 | |||
3a174b64c1 | |||
1d4efc1f2b | |||
13a8ee5d50 |
20 changed files with 36 additions and 783 deletions
|
@ -1,7 +1,7 @@
|
||||||
<component name="ProjectRunConfigurationManager">
|
<component name="ProjectRunConfigurationManager">
|
||||||
<configuration default="false" name="Run" type="SpringBootApplicationConfigurationType" factoryName="Spring Boot">
|
<configuration default="false" name="Run" type="SpringBootApplicationConfigurationType" factoryName="Spring Boot">
|
||||||
<module name="Project_Management_Tool.main" />
|
<module name="Project_Management_Tool.main" />
|
||||||
<option name="SPRING_BOOT_MAIN_CLASS" value="de.hmmh.pmt.OpenAPISpringBoot" />
|
<option name="SPRING_BOOT_MAIN_CLASS" value="de.hmmh.pmt.ProjectManagementToolApplication" />
|
||||||
<method v="2">
|
<method v="2">
|
||||||
<option name="Make" enabled="true" />
|
<option name="Make" enabled="true" />
|
||||||
<option name="RunConfigurationTask" enabled="false" run_configuration_name="Postgres" run_configuration_type="docker-deploy" />
|
<option name="RunConfigurationTask" enabled="false" run_configuration_name="Postgres" run_configuration_type="docker-deploy" />
|
||||||
|
|
473
api/employee.yml
473
api/employee.yml
|
@ -1,473 +0,0 @@
|
||||||
openapi: 3.0.1
|
|
||||||
info:
|
|
||||||
title: Employees Management Micro-Service
|
|
||||||
description: "\n## Overview\n\nEmployees Management Service API manages the employees\
|
|
||||||
\ of HighTec Gmbh including their qualifications. It offers the possibility to\
|
|
||||||
\ create, read, update and delete employees and qualifications. Existing employees\
|
|
||||||
\ can be assigned new qualifications or have them withdrawn. \nThe API is organized\
|
|
||||||
\ around REST. It has predictable resource-oriented URLs, accepts JSON-encoded\
|
|
||||||
\ request bodies, returns JSON-encoded responses, uses standard HTTP response\
|
|
||||||
\ codes and authentication.\n\n## Authentication\n\nEmployees Management Service\
|
|
||||||
\ API uses JWTs to authenticate requests. You will receive a bearer token by making\
|
|
||||||
\ a POST-Request in IntelliJ on:\n\n\n```\nPOST http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token\n\
|
|
||||||
Content-Type: application/x-www-form-urlencoded\ngrant_type=password&client_id=employee-management-service&username=user&password=test\n\
|
|
||||||
```\n\n\nor by CURL\n```\ncurl -X POST 'http://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token'\n\
|
|
||||||
--header 'Content-Type: application/x-www-form-urlencoded'\n--data-urlencode 'grant_type=password'\n\
|
|
||||||
--data-urlencode 'client_id=employee-management-service'\n--data-urlencode 'username=user'\n\
|
|
||||||
--data-urlencode 'password=test'\n```\n\nTo get a bearer-token in Postman, you\
|
|
||||||
\ have to follow the instructions in \n [Postman-Documentation](https://documenter.getpostman.com/view/7294517/SzmfZHnd).\n\
|
|
||||||
\nAll API requests must be made over HTTPS. Calls made over plain HTTP will fail.\
|
|
||||||
\ API requests without authentication will also fail. Each request has the URL\
|
|
||||||
\ \n `https://employee.szut.dev` and the address of the desired resource."
|
|
||||||
version: 1.0.1
|
|
||||||
servers:
|
|
||||||
- url: ""
|
|
||||||
security:
|
|
||||||
- bearerAuth: []
|
|
||||||
paths:
|
|
||||||
/qualifications/{id}:
|
|
||||||
put:
|
|
||||||
tags:
|
|
||||||
- qualification-controller
|
|
||||||
summary: updates a qualification
|
|
||||||
operationId: updateQualification
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
requestBody:
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/QualificationPostDTO'
|
|
||||||
required: true
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"400":
|
|
||||||
description: invalid JSON posted
|
|
||||||
"200":
|
|
||||||
description: updated qualification
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/QualificationPostDTO'
|
|
||||||
"404":
|
|
||||||
description: resource not found
|
|
||||||
delete:
|
|
||||||
tags:
|
|
||||||
- qualification-controller
|
|
||||||
summary: deletes a qualification by id
|
|
||||||
operationId: deleteQualificationByDesignation
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"403":
|
|
||||||
description: qualification is in use
|
|
||||||
"204":
|
|
||||||
description: delete successful
|
|
||||||
"404":
|
|
||||||
description: resource not found
|
|
||||||
/employees/{id}:
|
|
||||||
get:
|
|
||||||
tags:
|
|
||||||
- employee-controller
|
|
||||||
summary: find employee by id
|
|
||||||
operationId: findById
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"200":
|
|
||||||
description: employee
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeeResponseDTO'
|
|
||||||
"404":
|
|
||||||
description: resource not found
|
|
||||||
put:
|
|
||||||
tags:
|
|
||||||
- employee-controller
|
|
||||||
summary: updates employee by id - only changes the fields that are posted
|
|
||||||
operationId: updateEmployee
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
requestBody:
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeeRequestPutDTO'
|
|
||||||
required: true
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"200":
|
|
||||||
description: employee
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeeResponseDTO'
|
|
||||||
"404":
|
|
||||||
description: resource not found
|
|
||||||
delete:
|
|
||||||
tags:
|
|
||||||
- employee-controller
|
|
||||||
summary: deletes a employee by id
|
|
||||||
operationId: deleteCustomer
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"204":
|
|
||||||
description: delete successful
|
|
||||||
"404":
|
|
||||||
description: resource not found
|
|
||||||
/qualifications:
|
|
||||||
get:
|
|
||||||
tags:
|
|
||||||
- qualification-controller
|
|
||||||
summary: delivers a list of all available qualifications
|
|
||||||
operationId: findAll
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"200":
|
|
||||||
description: list of qualifications
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/QualificationPostDTO'
|
|
||||||
post:
|
|
||||||
tags:
|
|
||||||
- qualification-controller
|
|
||||||
summary: creates a new qualification with its id and designation
|
|
||||||
operationId: createQualification
|
|
||||||
requestBody:
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/QualificationPostDTO'
|
|
||||||
required: true
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"201":
|
|
||||||
description: created qualification
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/QualificationPostDTO'
|
|
||||||
"400":
|
|
||||||
description: invalid JSON posted
|
|
||||||
/employees:
|
|
||||||
get:
|
|
||||||
tags:
|
|
||||||
- employee-controller
|
|
||||||
summary: delivers a list of all employees
|
|
||||||
operationId: findAll_1
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"200":
|
|
||||||
description: list of employees
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
type: array
|
|
||||||
items:
|
|
||||||
$ref: '#/components/schemas/EmployeeResponseDTO'
|
|
||||||
post:
|
|
||||||
tags:
|
|
||||||
- employee-controller
|
|
||||||
summary: creates a new employee
|
|
||||||
operationId: createEmployee
|
|
||||||
requestBody:
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeeRequestDTO'
|
|
||||||
required: true
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"400":
|
|
||||||
description: invalid JSON posted
|
|
||||||
"201":
|
|
||||||
description: created employee
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeeResponseDTO'
|
|
||||||
/employees/{id}/qualifications:
|
|
||||||
get:
|
|
||||||
tags:
|
|
||||||
- employee-controller
|
|
||||||
summary: finds all qualifications of an employee by id
|
|
||||||
operationId: findAllQualificationOfAEmployeeById
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"200":
|
|
||||||
description: employee with a list of his qualifications
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeeNameAndSkillDataDTO'
|
|
||||||
"404":
|
|
||||||
description: resource not found
|
|
||||||
post:
|
|
||||||
tags:
|
|
||||||
- employee-controller
|
|
||||||
summary: adds a qualification to an employee by id
|
|
||||||
operationId: addQualificationToEmployeeById
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
requestBody:
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/QualificationPostDTO'
|
|
||||||
required: true
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"400":
|
|
||||||
description: invalid JSON posted or employee already has this qualification
|
|
||||||
"200":
|
|
||||||
description: employee with a list of his qualifications
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeeNameAndSkillDataDTO'
|
|
||||||
"404":
|
|
||||||
description: resource not found
|
|
||||||
delete:
|
|
||||||
tags:
|
|
||||||
- employee-controller
|
|
||||||
summary: deletes a qualification of an employee by id
|
|
||||||
operationId: removeQualificationFromEmployee
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
requestBody:
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/QualificationPostDTO'
|
|
||||||
required: true
|
|
||||||
responses:
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"200":
|
|
||||||
description: employee with a list of his qualifications
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeeNameAndSkillDataDTO'
|
|
||||||
"404":
|
|
||||||
description: resource not found
|
|
||||||
/qualifications/{id}/employees:
|
|
||||||
get:
|
|
||||||
tags:
|
|
||||||
- qualification-controller
|
|
||||||
summary: find employees by qualification id
|
|
||||||
operationId: findAllEmployeesByQualification
|
|
||||||
parameters:
|
|
||||||
- name: id
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
responses:
|
|
||||||
"200":
|
|
||||||
description: List of employees who have the desired qualification
|
|
||||||
content:
|
|
||||||
application/json:
|
|
||||||
schema:
|
|
||||||
$ref: '#/components/schemas/EmployeesForAQualificationDTO'
|
|
||||||
"401":
|
|
||||||
description: not authorized
|
|
||||||
"404":
|
|
||||||
description: qualification id does not exist
|
|
||||||
components:
|
|
||||||
schemas:
|
|
||||||
QualificationPostDTO:
|
|
||||||
required:
|
|
||||||
- skill
|
|
||||||
type: object
|
|
||||||
properties:
|
|
||||||
skill:
|
|
||||||
type: string
|
|
||||||
EmployeeRequestPutDTO:
|
|
||||||
type: object
|
|
||||||
properties:
|
|
||||||
lastName:
|
|
||||||
type: string
|
|
||||||
firstName:
|
|
||||||
type: string
|
|
||||||
street:
|
|
||||||
type: string
|
|
||||||
postcode:
|
|
||||||
type: string
|
|
||||||
city:
|
|
||||||
type: string
|
|
||||||
phone:
|
|
||||||
type: string
|
|
||||||
skillSet:
|
|
||||||
type: array
|
|
||||||
items:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
EmployeeResponseDTO:
|
|
||||||
required:
|
|
||||||
- city
|
|
||||||
- firstName
|
|
||||||
- lastName
|
|
||||||
- phone
|
|
||||||
- postcode
|
|
||||||
- street
|
|
||||||
type: object
|
|
||||||
properties:
|
|
||||||
id:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
lastName:
|
|
||||||
type: string
|
|
||||||
firstName:
|
|
||||||
type: string
|
|
||||||
street:
|
|
||||||
type: string
|
|
||||||
postcode:
|
|
||||||
maxLength: 5
|
|
||||||
minLength: 5
|
|
||||||
type: string
|
|
||||||
city:
|
|
||||||
type: string
|
|
||||||
phone:
|
|
||||||
type: string
|
|
||||||
skillSet:
|
|
||||||
type: array
|
|
||||||
items:
|
|
||||||
$ref: '#/components/schemas/QualificationGetDTO'
|
|
||||||
QualificationGetDTO:
|
|
||||||
type: object
|
|
||||||
properties:
|
|
||||||
skill:
|
|
||||||
type: string
|
|
||||||
id:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
EmployeeRequestDTO:
|
|
||||||
required:
|
|
||||||
- city
|
|
||||||
- firstName
|
|
||||||
- lastName
|
|
||||||
- phone
|
|
||||||
- postcode
|
|
||||||
- street
|
|
||||||
type: object
|
|
||||||
properties:
|
|
||||||
lastName:
|
|
||||||
type: string
|
|
||||||
firstName:
|
|
||||||
type: string
|
|
||||||
street:
|
|
||||||
type: string
|
|
||||||
postcode:
|
|
||||||
maxLength: 5
|
|
||||||
minLength: 5
|
|
||||||
type: string
|
|
||||||
city:
|
|
||||||
type: string
|
|
||||||
phone:
|
|
||||||
type: string
|
|
||||||
skillSet:
|
|
||||||
type: array
|
|
||||||
items:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
EmployeeNameAndSkillDataDTO:
|
|
||||||
type: object
|
|
||||||
properties:
|
|
||||||
id:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
lastName:
|
|
||||||
type: string
|
|
||||||
firstName:
|
|
||||||
type: string
|
|
||||||
skillSet:
|
|
||||||
uniqueItems: true
|
|
||||||
type: array
|
|
||||||
items:
|
|
||||||
$ref: '#/components/schemas/QualificationPostDTO'
|
|
||||||
EmployeeNameDataDTO:
|
|
||||||
type: object
|
|
||||||
properties:
|
|
||||||
id:
|
|
||||||
type: integer
|
|
||||||
format: int64
|
|
||||||
lastName:
|
|
||||||
type: string
|
|
||||||
firstName:
|
|
||||||
type: string
|
|
||||||
EmployeesForAQualificationDTO:
|
|
||||||
type: object
|
|
||||||
properties:
|
|
||||||
qualification:
|
|
||||||
$ref: '#/components/schemas/QualificationGetDTO'
|
|
||||||
employees:
|
|
||||||
uniqueItems: true
|
|
||||||
type: array
|
|
||||||
items:
|
|
||||||
$ref: '#/components/schemas/EmployeeNameDataDTO'
|
|
||||||
securitySchemes:
|
|
||||||
bearerAuth:
|
|
||||||
type: http
|
|
||||||
scheme: bearer
|
|
||||||
bearerFormat: JWT
|
|
|
@ -10,7 +10,7 @@ repositories {
|
||||||
plugins {
|
plugins {
|
||||||
java
|
java
|
||||||
checkstyle
|
checkstyle
|
||||||
id("com.github.spotbugs") version "6.0.23"
|
id("com.github.spotbugs") version "6.0.22"
|
||||||
id("org.springframework.boot") version "3.3.3"
|
id("org.springframework.boot") version "3.3.3"
|
||||||
id("io.spring.dependency-management") version "1.1.6"
|
id("io.spring.dependency-management") version "1.1.6"
|
||||||
id("org.hidetake.swagger.generator") version "2.19.2"
|
id("org.hidetake.swagger.generator") version "2.19.2"
|
||||||
|
@ -44,25 +44,19 @@ configurations {
|
||||||
}
|
}
|
||||||
|
|
||||||
dependencies {
|
dependencies {
|
||||||
// Spring
|
//Spring
|
||||||
implementation("org.springframework.boot:spring-boot-starter-data-jpa")
|
implementation("org.springframework.boot:spring-boot-starter-data-jpa")
|
||||||
implementation("org.springframework.boot:spring-boot-starter-validation")
|
implementation("org.springframework.boot:spring-boot-starter-validation")
|
||||||
implementation("org.springframework.boot:spring-boot-starter-web")
|
implementation("org.springframework.boot:spring-boot-starter-web")
|
||||||
implementation("org.springframework.boot:spring-boot-starter-security")
|
|
||||||
implementation("org.springframework.boot:spring-boot-starter-oauth2-client")
|
|
||||||
implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server")
|
|
||||||
|
|
||||||
// Postgres
|
|
||||||
runtimeOnly("org.postgresql:postgresql")
|
runtimeOnly("org.postgresql:postgresql")
|
||||||
|
|
||||||
// Lombok
|
//Lombok
|
||||||
compileOnly("org.projectlombok:lombok")
|
compileOnly("org.projectlombok:lombok")
|
||||||
annotationProcessor("org.projectlombok:lombok")
|
annotationProcessor("org.projectlombok:lombok")
|
||||||
|
|
||||||
// Test
|
//Test
|
||||||
testImplementation("org.springframework.boot:spring-boot-starter-test")
|
testImplementation("org.springframework.boot:spring-boot-starter-test")
|
||||||
testImplementation("org.springframework.boot:spring-boot-testcontainers")
|
testImplementation("org.springframework.boot:spring-boot-testcontainers")
|
||||||
testImplementation("org.springframework.security:spring-security-test")
|
|
||||||
testImplementation("org.testcontainers:junit-jupiter")
|
testImplementation("org.testcontainers:junit-jupiter")
|
||||||
testImplementation("org.testcontainers:postgresql")
|
testImplementation("org.testcontainers:postgresql")
|
||||||
testRuntimeOnly("org.junit.platform:junit-platform-launcher")
|
testRuntimeOnly("org.junit.platform:junit-platform-launcher")
|
||||||
|
@ -70,32 +64,25 @@ dependencies {
|
||||||
//OAS
|
//OAS
|
||||||
swaggerCodegen("io.swagger.codegen.v3:swagger-codegen-cli:3.0.61")
|
swaggerCodegen("io.swagger.codegen.v3:swagger-codegen-cli:3.0.61")
|
||||||
implementation("io.swagger.core.v3:swagger-annotations:2.2.22")
|
implementation("io.swagger.core.v3:swagger-annotations:2.2.22")
|
||||||
implementation("jakarta.xml.bind:jakarta.xml.bind-api") //Needed for XML/HTML Validation
|
|
||||||
}
|
}
|
||||||
|
|
||||||
swaggerSources {
|
swaggerSources {
|
||||||
register("pmt") {
|
register("pmt") {
|
||||||
setInputFile(file("${rootDir}/api/pmt.yml"))
|
setInputFile(file("${rootDir}/src/main/resources/api.yml"))
|
||||||
code.configFile = file("${rootDir}/gen/config-pmt.json")
|
code.configFile = file("${rootDir}/src/main/resources/gen-config.json")
|
||||||
val validationTask = validation
|
val validationTask = validation
|
||||||
code(delegateClosureOf<GenerateSwaggerCode> {
|
code(delegateClosureOf<GenerateSwaggerCode> {
|
||||||
language = "spring"
|
language = "spring"
|
||||||
|
components = listOf("models", "apis")
|
||||||
code.rawOptions =
|
code.rawOptions =
|
||||||
listOf("--ignore-file-override=" + file("${rootDir}/gen/.ignore-pmt").absolutePath)
|
listOf("--ignore-file-override=" + file("${rootDir}/src/main/resources/.codegen-ignore").absolutePath)
|
||||||
dependsOn(validationTask)
|
dependsOn(validationTask)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
create("employee") {
|
|
||||||
setInputFile(file("${rootDir}/api/employee.yml"))
|
|
||||||
code.configFile = file("${rootDir}/gen/config-employee.json")
|
|
||||||
code(delegateClosureOf<GenerateSwaggerCode> {
|
|
||||||
language = "java"
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
tasks {
|
tasks {
|
||||||
withType()
|
|
||||||
withType<Checkstyle> {
|
withType<Checkstyle> {
|
||||||
reports {
|
reports {
|
||||||
xml.required.set(true)
|
xml.required.set(true)
|
||||||
|
@ -113,7 +100,6 @@ tasks {
|
||||||
}
|
}
|
||||||
named("compileJava").configure {
|
named("compileJava").configure {
|
||||||
dependsOn(swaggerSources.getByName("pmt").code)
|
dependsOn(swaggerSources.getByName("pmt").code)
|
||||||
dependsOn(swaggerSources.getByName("employee").code)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -121,8 +107,5 @@ sourceSets {
|
||||||
main {
|
main {
|
||||||
java.srcDir("${swaggerSources.getByName("pmt").code.outputDir}/src/main/java")
|
java.srcDir("${swaggerSources.getByName("pmt").code.outputDir}/src/main/java")
|
||||||
resources.srcDir("${swaggerSources.getByName("pmt").code.outputDir}/src/main/resources")
|
resources.srcDir("${swaggerSources.getByName("pmt").code.outputDir}/src/main/resources")
|
||||||
|
|
||||||
java.srcDir("${swaggerSources.getByName("employee").code.outputDir}/src/main/java")
|
|
||||||
resources.srcDir("${swaggerSources.getByName("employee").code.outputDir}/src/main/resources")
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
**/*ApiController.java
|
|
||||||
**/*application.properties
|
|
||||||
**/io/swagger/configuration/HomeController.java
|
|
||||||
**/io/swagger/configuration/SwaggerUiConfiguration.java
|
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
"modelPackage": "de.hmmh.pmt.employee.dtos",
|
|
||||||
"apiPackage": "de.hmmh.pmt.employee.api",
|
|
||||||
"invokerPackage": "de.hmmh.pmt.employee",
|
|
||||||
"java8": false,
|
|
||||||
"java11": true,
|
|
||||||
"dateLibrary": "java11",
|
|
||||||
"library": "resttemplate",
|
|
||||||
"serializableModel": true,
|
|
||||||
"jakarta": true
|
|
||||||
}
|
|
|
@ -1,4 +0,0 @@
|
||||||
POST https://keycloak.szut.dev/auth/realms/szut/protocol/openid-connect/token
|
|
||||||
Content-Type: application/x-www-form-urlencoded
|
|
||||||
|
|
||||||
grant_type=password&client_id=employee-management-service&username=user&password=test
|
|
|
@ -1,30 +1,27 @@
|
||||||
package de.hmmh.pmt;
|
package de.hmmh.pmt;
|
||||||
|
|
||||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
import de.hmmh.pmt.employee.ApiClientFactory;
|
|
||||||
import de.hmmh.pmt.db.Project;
|
import de.hmmh.pmt.db.Project;
|
||||||
import de.hmmh.pmt.db.ProjectRepository;
|
import de.hmmh.pmt.db.ProjectRepository;
|
||||||
import de.hmmh.pmt.oas.DefaultApi;
|
import de.hmmh.pmt.oas.DefaultApi;
|
||||||
import de.hmmh.pmt.dtos.GetAllProjectsDTO;
|
import de.hmmh.pmt.oas.dtos.GetAllProjectsDTO;
|
||||||
import de.hmmh.pmt.dtos.ProjectInfo;
|
import de.hmmh.pmt.oas.dtos.ProjectInfo;
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
|
|
||||||
@Controller
|
@Controller
|
||||||
@RequestMapping("${openapi.projectManagement.base-path:/api/v1}")
|
@RequestMapping("${openapi.projectManagement.base-path:/api/v1}")
|
||||||
public class ApiController implements DefaultApi {
|
public class ApiController implements DefaultApi {
|
||||||
@Autowired
|
|
||||||
private ApiClientFactory apiClientFactory;
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private ProjectRepository projectRepository;
|
private ProjectRepository projectRepository;
|
||||||
|
|
||||||
// apiClientFactory.getEmployeeApi().findAll1()
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Optional<ObjectMapper> getObjectMapper() {
|
public Optional<ObjectMapper> getObjectMapper() {
|
||||||
return Optional.empty();
|
return Optional.empty();
|
||||||
|
|
|
@ -1,13 +0,0 @@
|
||||||
package de.hmmh.pmt;
|
|
||||||
|
|
||||||
import org.springframework.context.annotation.Bean;
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.web.client.RestTemplate;
|
|
||||||
|
|
||||||
@Configuration
|
|
||||||
public class Config {
|
|
||||||
@Bean
|
|
||||||
public RestTemplate restTemplate() {
|
|
||||||
return new RestTemplate();
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
package de.hmmh.pmt;
|
||||||
|
|
||||||
|
import org.springframework.boot.SpringApplication;
|
||||||
|
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||||
|
|
||||||
|
@SpringBootApplication
|
||||||
|
public class ProjectManagementToolApplication {
|
||||||
|
|
||||||
|
public static void main(String[] args) {
|
||||||
|
SpringApplication.run(ProjectManagementToolApplication.class, args);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -1,57 +0,0 @@
|
||||||
package de.hmmh.pmt.auth;
|
|
||||||
|
|
||||||
import org.springframework.context.annotation.Bean;
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
||||||
import org.springframework.security.core.session.SessionRegistry;
|
|
||||||
import org.springframework.security.core.session.SessionRegistryImpl;
|
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
|
||||||
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
|
|
||||||
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
|
||||||
import org.springframework.security.web.session.HttpSessionEventPublisher;
|
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
|
|
||||||
@Configuration
|
|
||||||
@EnableWebSecurity
|
|
||||||
@EnableMethodSecurity
|
|
||||||
public class AuthConfig {
|
|
||||||
|
|
||||||
private final JWT jwt;
|
|
||||||
|
|
||||||
AuthConfig(JWT jwt) {
|
|
||||||
this.jwt = jwt;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
|
||||||
public SessionRegistry sessionRegistry() {
|
|
||||||
return new SessionRegistryImpl();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
|
||||||
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
|
|
||||||
return new RegisterSessionAuthenticationStrategy(sessionRegistry());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
|
||||||
public HttpSessionEventPublisher httpSessionEventPublisher() {
|
|
||||||
return new HttpSessionEventPublisher();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Bean
|
|
||||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
|
||||||
http
|
|
||||||
.authorizeHttpRequests(auth -> auth
|
|
||||||
.anyRequest()
|
|
||||||
.authenticated()
|
|
||||||
)
|
|
||||||
.oauth2ResourceServer(resourceServer -> resourceServer
|
|
||||||
.jwt(jwt -> jwt
|
|
||||||
.jwtAuthenticationConverter(this.jwt.jwtAuthenticationConverter())
|
|
||||||
)
|
|
||||||
);
|
|
||||||
return http.build();
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,71 +0,0 @@
|
||||||
package de.hmmh.pmt.auth;
|
|
||||||
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.http.ResponseEntity;
|
|
||||||
import org.springframework.security.core.Authentication;
|
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
|
||||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|
||||||
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
|
|
||||||
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
|
|
||||||
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
import org.springframework.web.client.RestTemplate;
|
|
||||||
import org.springframework.web.util.UriComponentsBuilder;
|
|
||||||
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
@Component
|
|
||||||
public class JWT implements LogoutHandler {
|
|
||||||
private static final String REALM_ACCESS_CLAIM = "realm_access";
|
|
||||||
private static final String ROLES_CLAIM = "roles";
|
|
||||||
private static final String ROLE_PREFIX = "ROLE_";
|
|
||||||
private static final String OIDC_LOGOUT_ROUTE = "/protocol/openid-connect/logout";
|
|
||||||
private static final String OIDC_TOKEN_HINT_QUERY_PARAMETER = "id_token_hin";
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private RestTemplate template;
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
|
|
||||||
OidcUser user = (OidcUser) authentication.getPrincipal();
|
|
||||||
String endSessionEndpoint = user.getIssuer() + OIDC_LOGOUT_ROUTE;
|
|
||||||
UriComponentsBuilder builder = UriComponentsBuilder
|
|
||||||
.fromUriString(endSessionEndpoint)
|
|
||||||
.queryParam(OIDC_TOKEN_HINT_QUERY_PARAMETER, user.getIdToken().getTokenValue());
|
|
||||||
|
|
||||||
ResponseEntity<String> logoutResponse = template.getForEntity(builder.toUriString(), String.class);
|
|
||||||
if (logoutResponse.getStatusCode().is2xxSuccessful()) {
|
|
||||||
System.out.println("Logged out successfully");
|
|
||||||
} else {
|
|
||||||
System.out.println("Failed to logout");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public JwtAuthenticationConverter jwtAuthenticationConverter() {
|
|
||||||
JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
|
|
||||||
jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwt -> {
|
|
||||||
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
|
|
||||||
|
|
||||||
Map<String, Object> realmAccess = jwt.getClaim(REALM_ACCESS_CLAIM);
|
|
||||||
if (realmAccess == null || !realmAccess.containsKey(ROLES_CLAIM)) {
|
|
||||||
return grantedAuthorities;
|
|
||||||
}
|
|
||||||
|
|
||||||
Object rolesClaim = realmAccess.get(ROLES_CLAIM);
|
|
||||||
if (!(rolesClaim instanceof List<?>)) {
|
|
||||||
return grantedAuthorities;
|
|
||||||
}
|
|
||||||
for (Object role : (List<?>) rolesClaim) {
|
|
||||||
assert role instanceof String;
|
|
||||||
grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + role));
|
|
||||||
}
|
|
||||||
|
|
||||||
return grantedAuthorities;
|
|
||||||
});
|
|
||||||
return jwtAuthenticationConverter;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,12 +0,0 @@
|
||||||
package de.hmmh.pmt.auth;
|
|
||||||
|
|
||||||
import lombok.Getter;
|
|
||||||
import lombok.Setter;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
|
|
||||||
@Getter
|
|
||||||
@Setter
|
|
||||||
@Component
|
|
||||||
public class JwtToken{
|
|
||||||
private String token;
|
|
||||||
}
|
|
|
@ -1,38 +0,0 @@
|
||||||
package de.hmmh.pmt.auth;
|
|
||||||
|
|
||||||
import jakarta.servlet.FilterChain;
|
|
||||||
import jakarta.servlet.ServletException;
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
import org.springframework.web.filter.OncePerRequestFilter;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
|
|
||||||
@Component
|
|
||||||
public class JwtTokenFilter extends OncePerRequestFilter {
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private JwtToken token;
|
|
||||||
|
|
||||||
@Override
|
|
||||||
protected void doFilterInternal(
|
|
||||||
HttpServletRequest request,
|
|
||||||
HttpServletResponse response,
|
|
||||||
FilterChain filterChain
|
|
||||||
) throws ServletException, IOException {
|
|
||||||
token.setToken(null);
|
|
||||||
String authHeader = request.getHeader("Authorization");
|
|
||||||
if (authHeader == null) {
|
|
||||||
filterChain.doFilter(request, response);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
if (!authHeader.startsWith("Bearer ")) {
|
|
||||||
filterChain.doFilter(request, response);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
token.setToken(authHeader.substring("Bearer ".length()));
|
|
||||||
filterChain.doFilter(request, response);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
package de.hmmh.pmt.employee;
|
|
||||||
|
|
||||||
import de.hmmh.pmt.auth.JwtToken;
|
|
||||||
import de.hmmh.pmt.employee.api.EmployeeControllerApi;
|
|
||||||
import de.hmmh.pmt.employee.api.QualificationControllerApi;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
|
|
||||||
@Component
|
|
||||||
public class ApiClientFactory {
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private ApiClient apiClient;
|
|
||||||
@Autowired
|
|
||||||
private JwtToken apiToken;
|
|
||||||
@Autowired
|
|
||||||
private EmployeeControllerApi employee;
|
|
||||||
@Autowired
|
|
||||||
private QualificationControllerApi qualification;
|
|
||||||
|
|
||||||
public EmployeeControllerApi getEmployeeApi() {
|
|
||||||
prepareApiClient();
|
|
||||||
employee.setApiClient(apiClient);
|
|
||||||
return employee;
|
|
||||||
}
|
|
||||||
|
|
||||||
public QualificationControllerApi getQualificationApi() {
|
|
||||||
prepareApiClient();
|
|
||||||
qualification.setApiClient(apiClient);
|
|
||||||
return qualification;
|
|
||||||
}
|
|
||||||
|
|
||||||
private void prepareApiClient() {
|
|
||||||
apiClient.setAccessToken(apiToken.getToken());
|
|
||||||
apiClient.setBasePath("https://employee.szut.dev");
|
|
||||||
}
|
|
||||||
}
|
|
2
src/main/resources/.codegen-ignore
Normal file
2
src/main/resources/.codegen-ignore
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
**/*ApiController.java
|
||||||
|
**/org/openapitools/configuration/
|
|
@ -5,15 +5,7 @@ info:
|
||||||
version: 1.0.0
|
version: 1.0.0
|
||||||
servers:
|
servers:
|
||||||
- url: /api/v1
|
- url: /api/v1
|
||||||
security:
|
|
||||||
- JWTAuth: []
|
|
||||||
|
|
||||||
components:
|
components:
|
||||||
securitySchemes:
|
|
||||||
JWTAuth:
|
|
||||||
type: http
|
|
||||||
scheme: bearer
|
|
||||||
bearerFormat: JWT
|
|
||||||
schemas:
|
schemas:
|
||||||
ProjectInfo:
|
ProjectInfo:
|
||||||
type: object
|
type: object
|
|
@ -7,11 +7,3 @@ spring.datasource.url=jdbc:postgresql://localhost:5432/pmt
|
||||||
spring.datasource.username=pmt_user
|
spring.datasource.username=pmt_user
|
||||||
spring.datasource.password=pmt123
|
spring.datasource.password=pmt123
|
||||||
spring.jpa.hibernate.ddl-auto=create-drop
|
spring.jpa.hibernate.ddl-auto=create-drop
|
||||||
|
|
||||||
# JWT Auth
|
|
||||||
spring.security.oauth2.client.registration.keycloak.client-id=employee-management-service
|
|
||||||
spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code
|
|
||||||
spring.security.oauth2.client.registration.keycloak.scope=openid
|
|
||||||
spring.security.oauth2.client.provider.keycloak.issuer-uri=https://keycloak.szut.dev/auth/realms/szut
|
|
||||||
spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username
|
|
||||||
spring.security.oauth2.resourceserver.jwt.issuer-uri=https://keycloak.szut.dev/auth/realms/szut
|
|
||||||
|
|
|
@ -5,5 +5,5 @@
|
||||||
>
|
>
|
||||||
|
|
||||||
<suppressions>
|
<suppressions>
|
||||||
<suppress files="build[\\/]" checks="."/>
|
<suppress files="[\\/]de[\\/]hmmh[\\/]pmt[\\/]oas" checks="."/>
|
||||||
</suppressions>
|
</suppressions>
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"modelPackage": "de.hmmh.pmt.dtos",
|
"modelPackage": "de.hmmh.pmt.oas.dtos",
|
||||||
"apiPackage": "de.hmmh.pmt.oas",
|
"apiPackage": "de.hmmh.pmt.oas",
|
||||||
"invokerPackage": "de.hmmh.pmt",
|
"invokerPackage": "de.hmmh.pmt.oas",
|
||||||
"java8": false,
|
"java8": false,
|
||||||
"java11": true,
|
"java11": true,
|
||||||
"dateLibrary": "java11",
|
"dateLibrary": "java11",
|
|
@ -1,11 +1,5 @@
|
||||||
<FindBugsFilter xmlns="https://raw.githubusercontent.com/spotbugs/spotbugs/4.8.6/spotbugs/etc/findbugsfilter.xsd">
|
<FindBugsFilter>
|
||||||
<Match>
|
<Match>
|
||||||
<!-- We Want This Exposure of Resources the Way it is for our usage -->
|
<Package name="de.hmmh.pmt.oas"/>
|
||||||
<Class name="de.hmmh.pmt.employee.ApiClientFactory"/>
|
|
||||||
<Bug code="M,V,EI"/>
|
|
||||||
</Match>
|
|
||||||
<Match>
|
|
||||||
<!--Ignore Auto Generated Code -->
|
|
||||||
<Source name="~.*build/.*"/>
|
|
||||||
</Match>
|
</Match>
|
||||||
</FindBugsFilter>
|
</FindBugsFilter>
|
||||||
|
|
Loading…
Reference in a new issue