8000 GitHub - Karan-patel/mycoolservice: Spring boot application with trending reactive webflux and webclient for RESTful API along with powerful spring security, jwt for authentication and OPA(Open Policy Agent) for authorization.
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
/ mycoolservice Public

Spring boot application with trending reactive webflux and webclient for RESTful API along with powerful spring security, jwt for authentication and OPA(Open Policy Agent) for authorization.

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Karan-patel/mycoolservice

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.mvn/wrapper
.mvn/wrapper
 
 
src
src
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
mvnw
mvnw
 
 
mvnw.cmd
mvnw.cmd
 
 
pom.xml
pom.xml
 
 

Repository files navigation

MyCoolService

Overview

Welcome to MyCoolService! This project showcases the latest in software development trends by combining the power of reactive programming with state-of-the-art security features. Built using Spring Boot 3, Spring Security, and Spring WebFlux, MyCoolService delivers high-performance, scalable, and secure RESTful services, perfect for modern applications.

Key Features

  • Reactive Programming with WebFlux: Utilizes Spring WebFlux to create non-blocking, event-driven RESTful services, ensuring high throughput and responsiveness.
  • Advanced Security:
    • Spring Security: Implements the 8000 latest Spring Security features for robust authentication.
    • JWT Tokens: Uses JSON Web Tokens (JWT) for secure and stateless authentication.
    • Open Policy Agent (OPA): Integrates OPA for flexible and powerful authorization policies.

Technologies Used

  • Spring Boot 3: The backbone of the application, providing ease of setup and configuration with the latest features and improvements.
  • Spring WebFlux: A reactive, non-blocking web framework that enables the creation of responsive and resilient services.
  • Spring Security: Industry-standard framework, powerful & highly customizable authentication and access-control with protection against common attacks. The de-facto standard for securing Spring-based applications.
  • JWT (JSON Web Tokens): A compact, URL-safe means of representing claims to be transferred between two parties.
  • OPA (Open Policy Agent): A policy engine that decouples policy decision-making from your application, enabling dynamic and fine-grained authorization.

Getting Started

Prerequisites

Ensure you have the following installed:

  • JDK 17 or higher
  • Maven 3.9.6 or higher
  • Docker (optional, for containerized deployment)
  • Minikube (optional, for k8 deployment & orchestration)

Installation

  1. Clone the repository:
git clone https://github.com/Karan-patel/mycoolservice.git
cd mycoolservice
  1. Build the application:
mvn clean install
  1. Run the application:
mvn spring-boot:run

Docker Deployment (Optional)

To deploy the application using Docker, follow these steps:

  1. Build the Docker image:
docker build -t mycoolservice-v1:latest .
  1. Run the Docker container:
docker run -p 8080:8080 mycoolservice-v1:latest
  1. Deploy into minikube: Now since we have container that runs and exposes port 8080, all we require to run in minikube is deployment.yaml. Speaking of Kubernetes, here comes the magic ! :) kubectl will do it for us. Run the following commands !
kubectl create namespace mycoolservice
minikube image load mycoolservice-v1:latest
kubectl create deployment mycoolservice --image=mycoolservice-v1:latest --dry-run=client -o=yaml > deployment.yaml -n mycoolservice
echo --- >> deployment.yaml
kubectl create service clusterip mycoolservice --tcp=8080:8080 --dry-run=client -o=yaml >> deployment.yaml -n mycoolservice
kubectl apply -f deployment.yaml -n mycoolservice
  1. Time to check if application is running !
kubectl get all -n mycoolservice
  1. To connect with application running in container exposed as service, sometimes need SSH-tunneling Better to use Ingress addon for minikube.
kubectl port-forward svc/mycoolservice 8080:8080 -n mycoolservice
  1. Final step
curl localhost:8080/actuator/health
  1. For OPA based policy authorization deploy opa container To load OPA with above policy in Minikube follow guideline here. Git repository for detailed guide to load policy in Open Policy Agent (OPA) and deploy in Minikube.

It is better to deploy OPA first!

git clone https://github.com/Karan-patel/mycoolservice.git
Note : This service use inmemory db to store user credentials, you can configure user, role and password into SecurityConfig.java. Default, I have added 2 users swisscom, user with role admin, user resp. This will be required to fetch authorization token as explained below.

Usage

API Endpoints

The application exposes a set of RESTful endpoints. Here are a few examples:

  • GET /mycoolservice/authenticate: To obtain a jwt token for authentication and authorization.
curl --location 'http://localhost:8080/mycoolservice/authenticate' \
--header 'Content-Type: application/json' \
--data '{
    "username" : "user",
    "password" : "password"
}'

Output :
eyJhbGciOiJIUzI1NiJ9.eyJyb2xlcyI6WyJhZG1pbiJdLCJzdWIiOiJzd2lzc2NvbSIsImlhdCI6MTcxNzE2OTM0MywiZXhwIjoxNzE3MjA1MzQzfQ.NU3TkVFkigKwtzf07KRvnPtC2vvaqkvq5DK9VOOxMSw

Note : This token generation API is provided for demonstration/testing purposes only. In a real-world scenario, login credentials should be encrypted and securely transmitted over HTTPS to ensure the security of user data.

  • POST /mycoolservice/api/users: Creates a new user.
curl --location 'http://localhost:8080/mycoolservice/api/users' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJyb2xlcyI6WyJhZG1pbiJdLCJzdWIiOiJzd2lzc2NvbSIsImlhdCI6MTcxNzE2OTM0MywiZXhwIjoxNzE3MjA1MzQzfQ.NU3TkVFkigKwtzf07KRvnPtC2vvaqkvq5DK9VOOxMSw' \
--data-raw '{
"name":"John wick",
"email":"John@matrix.com"
}'
  • GET /mycoolservice/api/users: Get list of user.
curl --location 'http://localhost:8080/mycoolservice/api/users' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJyb2xlcyI6WyJhZG1pbiJdLCJzdWIiOiJzd2lzc2NvbSIsImlhdCI6MTcxNzE2OTM0MywiZXhwIjoxNzE3MjA1MzQzfQ.NU3TkVFkigKwtzf07KRvnPtC2vvaqkvq5DK9VOOxMSw'

Authentication and Authorization

  • Authentication: Users authenticate using JWT tokens. Obtain a token by providing valid credentials to the /mycoolservice/authenticate endpoint.
  • Authorization: All endpoints are secured using OPA policies, ensuring fine-grained access control.

Authorization policy

  • Only users with "admin" role can create new user
  • Only authenticated users can read the list of users
  • Everyone else has no access

Contributing

We welcome contributions! Please follow these steps to contribute:

  1. Fork the repository.
  2. Create a new branch (git checkout -b feature-branch).
  3. Make your changes.
  4. Commit your changes (git commit -am 'Add new feature').
  5. Push to the branch (git push origin feature-branch).
  6. Create a new Pull Request.

Contact

For any questions or feedback, please reach out to Karan Patel.

By leveraging the power of reactive programming, advanced security mechanisms, and modern authorization frameworks, MyCoolService is designed to be a high-performance, secure, and scalable solution for your RESTful service needs. Enjoy building with the latest tech trends!

About

Spring boot application with trending reactive webflux and webclient for RESTful API along with powerful spring security, jwt for authentication and OPA(Open Policy Agent) for authorization.

Topics

spring-boot reactive-programming spring-security opa jwt-token springsecurity jwt-authentication webflux spring-security-jwt openpolicyagent

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages
0