Fixed consul issue - build authentication-service, build person-service, build user-service, build kotlin-service

Author: Rodrigo Dos Santos

.github/workflows/kubernetes/deployment-authentication-service.yml

@@ -32,8 +32,8 @@ spec:
     spec:
       containers:
         - name: authentication-service
-          image: fielcapao/microservices-design-patterns-authentication-service:latest #eu.gcr.io/api-project-646370370811/authentication-service #eu.gcr.io/api-project-646370370811/authentication-service:7f79c29fbc58052bb7d86bceeb7722b0185c66c4
-          #          imagePullPolicy: IfNotPresent
+          image: authentication-service #fielcapao/microservices-design-patterns-authentication-service:latest #eu.gcr.io/api-project-646370370811/authentication-service #eu.gcr.io/api-project-646370370811/authentication-service:7f79c29fbc58052bb7d86bceeb7722b0185c66c4
+          imagePullPolicy: Never
           resources:
             requests:
               memory: "256Mi"
@@ -45,7 +45,7 @@ spec:
             - name: SERVER_PORT
               value: "9999"
             - name: SPRING_PROFILES_ACTIVE
-              value: dev
+              value: prod
             - name: SPRING_DATA_MONGODB_URI
               value: mongodb://mongodb:27017
             - name: SPRING_DATA_MONGODB_DATABASE
@@ -58,12 +58,22 @@ spec:
               value: "false"
             - name: SPRING_CLOUD_KUBERNETES_CONFIG_NAMESPACE
               value: "default"
-            - name: LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_SECURITY
-              value: debug
-            - name: CLIENT_ID
-              value: ${CLIENT_ID}
-            - name: CLIENT_SECRET
-              value: ${CLIENT_SECRET}
+            - name: LOGGING_LEVEL_ROOT
+              value: trace
+#            - name: CLIENT_ID
+#              value: ${CLIENT_ID}
+#            - name: CLIENT_SECRET
+#              value: ${CLIENT_SECRET}
+            - name: MANAGEMENT_ENDPOINTS_WEB_CORS_ALLOW_CREDENTIALS
+              value: "false"
+            - name: SPRING_MAIN_ALLOW_CIRCULAR_REFERENCES
+              value: "true"
+            - name: KEYSTORE_PASSWORD
+              value: Cert202!
+            - name: KEYSTORE
+              value: file:/etc/ssl_certs/www.spendingbetter.com.jks
+            - name: KEYSTORE_ALIAS
+              value: spendingbetter
           ports:
             - containerPort: 9999
           livenessProbe:

authentication-common/src/main/java/com/microservice/authentication/autoconfigure/AuthenticationCommonConfiguration.java

@@ -1,5 +1,7 @@
 package com.microservice.authentication.autoconfigure;
 
+import java.security.KeyPair;
+import java.security.interfaces.RSAPublicKey;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
@@ -20,6 +22,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
+import org.springframework.context.annotation.Profile;
 import org.springframework.core.annotation.AnnotationAwareOrderComparator;
 import org.springframework.core.io.FileSystemResource;
 import org.springframework.core.io.Resource;
@@ -125,12 +128,8 @@ public OAuth2AccessToken enhance(
             }
             converter.setVerifierKey(keyValue);
         } else if (jwt.getKeyStore() != null) {
-            Resource keyStore = new FileSystemResource(jwt.getKeyStore().replaceFirst("file:", ""));
-            char[] keyStorePassword = Base64DecodeUtil.decodePassword(jwt.getKeyStorePassword());
-            KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(keyStore, keyStorePassword);
-
-            String keyAlias = jwt.getKeyAlias();
-            converter.setKeyPair(keyStoreKeyFactory.getKeyPair(keyAlias, keyStorePassword));
+            KeyPair keyPair = getKeyPair(authenticationProperties);
+            converter.setKeyPair(keyPair);
         }
         if (!CollectionUtils.isEmpty(this.configurers)) {
             AnnotationAwareOrderComparator.sort(this.configurers);
@@ -141,6 +140,25 @@ public OAuth2AccessToken enhance(
         return converter;
     }
 
+    @Profile("prod")
+    @Bean
+    KeyPair getKeyPair(AuthenticationProperties authenticationProperties) {
+        AuthenticationProperties.Jwt jwt = authenticationProperties.getJwt();
+        Resource keyStore = new FileSystemResource(jwt.getKeyStore().replaceFirst("file:", ""));
+        char[] keyStorePassword = Base64DecodeUtil.decodePassword(jwt.getKeyStorePassword());
+        KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(keyStore, keyStorePassword);
+
+        String keyAlias = jwt.getKeyAlias();
+        return keyStoreKeyFactory.getKeyPair(keyAlias, keyStorePassword);
+    }
+
+
+    @Profile("prod")
+    @Bean
+    RSAPublicKey publicKey(KeyPair keyPair) {
+        return (RSAPublicKey) keyPair.getPublic();
+    }
+
     @Bean
     UserDetailsService sharedAuthenticationService(AuthenticationCommonRepository authenticationCommonRepository) {
         return new SharedAuthenticationServiceImpl(authenticationCommonRepository);

authentication-service/src/main/java/com/microservice/authentication/AuthenticationServiceApplication.java

@@ -1,13 +1,12 @@
 package com.microservice.authentication;
 
-import java.security.KeyPair;
+import java.util.Collections;
 import java.util.Properties;
 import java.util.UUID;
 
-import com.microservice.authentication.autoconfigure.AuthenticationProperties;
 import com.microservice.authentication.common.model.Authentication;
+import com.microservice.authentication.common.model.Authority;
 import com.microservice.authentication.common.repository.AuthenticationCommonRepository;
-import com.microservice.authentication.common.service.Base64DecodeUtil;
 import com.microservice.authentication.service.CustomLogoutSuccessHandler;
 import com.microservice.authentication.service.RedisTokenStoreService;
 import com.microservice.web.common.util.constants.DefaultUsers;
@@ -23,8 +22,6 @@
 import org.springframework.boot.info.GitProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Primary;
-import org.springframework.context.annotation.Profile;
-import org.springframework.core.io.FileSystemResource;
 import org.springframework.data.mongodb.core.MongoTemplate;
 import org.springframework.data.mongodb.core.mapping.event.ValidatingMongoEventListener;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
@@ -34,7 +31,6 @@
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
-import org.springframework.security.rsa.crypto.KeyStoreKeyFactory;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 import org.springframework.session.web.http.CookieSerializer;
 import org.springframework.session.web.http.DefaultCookieSerializer;
@@ -52,16 +48,6 @@ public static void main(String[] args) {
 		SpringApplication.run(AuthenticationServiceApplication.class, args);
 	}
 
-	@Profile("prod")
-	@ConditionalOnMissingBean
-	@Bean
-    KeyPair keyPair(AuthenticationProperties properties) {
-        AuthenticationProperties.Jwt jwt = properties.getJwt();
-        char[] password = Base64DecodeUtil.decodePassword(jwt.getKeyStorePassword());
-        KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(new FileSystemResource(jwt.getKeyStore().replaceFirst("file:", "")), password);
-        return keyStoreKeyFactory.getKeyPair(jwt.getKeyAlias());
-    }
-
     @ConditionalOnProperty(prefix = "configuration", name = "initialLoad", havingValue = "true", matchIfMissing = true)
     @Bean
     CommandLineRunner runner(AuthenticationCommonRepository authenticationCommonRepository,
@@ -80,6 +66,19 @@ CommandLineRunner runner(AuthenticationCommonRepository authenticationCommonRepo
                 authentication = mongoTemplate.save(authentication, "users_login");
                 log.debug("Created Default Authentication: {}", authentication);
             }
+            if (authenticationCommonRepository.findByEmail("admin@gmail.com") == null) {
+                Authentication authentication = Authentication.builder()
+                    .email("admin@gmail.com")
+                    .password(passwordEncoder.encode("P@ssword2020!"))
+                    .fullName("Admin")
+                    .enabled(true)
+                    .id(UUID.randomUUID().toString())
+                    .authorities(Collections.singletonList(new Authority("ROLE_ADMIN")))
+                    .build();
+                log.debug("Creating admin authentication: {}", authentication);
+                authentication = mongoTemplate.save(authentication, "users_login");
+                log.debug("Created admin Authentication: {}", authentication);
+            }
         };
     }
 

authentication-service/src/main/java/com/microservice/authentication/config/SpringSecurityFormConfiguration.java

@@ -2,7 +2,6 @@
 
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
-import java.security.KeyPair;
 import java.security.interfaces.RSAPublicKey;
 import java.util.Collections;
 import java.util.Map;
@@ -146,8 +145,7 @@ public JwtDecoder jwtDecoder(AuthenticationProperties properties) {
             SecretKeySpec secretKeySpec = new SecretKeySpec(jwt.getKeyValue().getBytes(StandardCharsets.UTF_8), "HS256");
             return NimbusJwtDecoder.withSecretKey(secretKeySpec).build();
         } else {
-            KeyPair keyPair = getApplicationContext().getBean(KeyPair.class);
-            RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
+            RSAPublicKey publicKey = getApplicationContext().getBean(RSAPublicKey.class);
             return NimbusJwtDecoder.withPublicKey(publicKey).build();
         }
     }

authentication-service/src/main/resources/application.yml

@@ -18,14 +18,17 @@ opentracing:
     spring:
         web:
             skip-pattern: "/actuator.*|/api-docs.*|/swagger.*|.*\\.png|.*\\.css|.*\\.js|.*\\.html|/favicon.ico|/hystrix.stream"
+
 ---
 spring:
     config:
-        import: consul:${consul_url:localhost:8500}
         activate:
             on-profile: consul
+        import: consul:${consul_url:localhost:8500}
     cloud:
         consul:
             config:
                 fail-fast: ${FAIL_FAST:true}
                 format: yaml
+    autoconfigure:
+        exclude: org.springframework.cloud.consul.config.ConsulConfigAutoConfiguration

authentication-service/src/test/java/com/microservice/authentication/AuthenticationServiceApplicationIntegrationTest.java

@@ -308,7 +308,7 @@ public void shouldReturnOkWithToken() throws Exception {
             .expirationTime(Date.from(ZonedDateTime.now().plusMinutes(1).toInstant()))
             .issueTime(new Date())
             .notBeforeTime(new Date())
-            .claim("authorities", Collections.singletonList("ROLE_ADMIN"))
+            .claim("authorities", Collections.singletonList("ADMIN"))
             .jwtID(UUID.randomUUID().toString())
             .issuer("jwt")
             .build();

edge-server/src/main/java/com/springboot/edgeserver/config/AuthenticationZuulFilter.java

@@ -49,7 +49,7 @@ public Object run() {
             log.debug("User is not authenticated: {}", authentication.getName());
             context.setResponseStatusCode(HttpStatus.UNAUTHORIZED.value());
             context.setResponseBody(String.format("To access(%s) user must be authenticated!", request.getRequestURI()));
-        } else if (authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).anyMatch("ROLE_ADMIN"::equals)) {
+        } else if (authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).anyMatch("ADMIN"::equals)) {
             log.debug("User has admin role: {}", authentication.getAuthorities());
             context.addZuulRequestHeader("X-WEBAUTH-USER", "admin");
         } else {

kotlin-service/pom.xml

@@ -97,6 +97,12 @@
             <version>5.0.0</version>
         </dependency>
 
+        <dependency>
+            <groupId>com.github.javafaker</groupId>
+            <artifactId>javafaker</artifactId>
+            <version>1.0.2</version>
+        </dependency>
+
         <!-- Test dependencies -->
         <dependency>
             <groupId>org.springframework.boot</groupId>

kotlin-service/src/main/kotlin/com/microservice/kotlin/config/ServiceConfiguration.kt

@@ -1,22 +1,50 @@
 package com.microservice.kotlin.config
 
+import com.github.javafaker.Faker
+import com.microservice.kotlin.model.Task
 import com.microservice.kotlin.repository.TaskRepository
+import org.slf4j.LoggerFactory
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.CommandLineRunner
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.context.annotation.Primary
 import org.springframework.data.mongodb.config.EnableMongoAuditing
 import org.springframework.data.mongodb.core.mapping.event.ValidatingMongoEventListener
 import org.springframework.data.mongodb.repository.config.EnableMongoRepositories
 import org.springframework.validation.beanvalidation.LocalValidatorFactoryBean
+import java.util.stream.IntStream
 
 @Configuration
 @EnableMongoAuditing
 @EnableMongoRepositories(basePackageClasses = [TaskRepository::class])
 class ServiceConfiguration {
+    private val log = LoggerFactory.getLogger(javaClass)
+
+    var faker: Faker = Faker()
+
     @Bean
     fun validatingMongoEventListener(validator: LocalValidatorFactoryBean): ValidatingMongoEventListener = ValidatingMongoEventListener(validator)
 
     @Primary
     @Bean
     fun validator(): LocalValidatorFactoryBean = LocalValidatorFactoryBean()
+
+    @ConditionalOnProperty(prefix = "load.data", name = ["tasks"], havingValue = "true")
+    @Bean
+    fun runner(
+        @Value("\${load.data.tasks.total:20}") total: Int?,
+        taskRepository: TaskRepository
+    ): CommandLineRunner? {
+        return CommandLineRunner {
+            if (taskRepository.count() == 0L) {
+                val book = faker.book()
+                IntStream.range(0, total!!).forEach {
+                    val task = Task(name = book.genre())
+                    log.info("task: {}", taskRepository.save(task))
+                }
+            }
+        }
+    }
 }

kotlin-service/src/main/resources/application.yml

@@ -1,15 +1,8 @@
 spring:
     application:
         name: kotlin-service
-    cloud:
-        consul:
-            config:
-                fail-fast: ${FAIL_FAST:true}
-                format: yaml
     main:
         allow-bean-definition-overriding: true
-    config:
-        import: consul:${consul_url:localhost:8500}
 management:
     endpoints:
         web:
@@ -22,3 +15,17 @@ opentracing:
     spring:
         web:
             skip-pattern: "/actuator.*|/api-docs.*|/swagger.*|.*\\.png|.*\\.css|.*\\.js|.*\\.html|/favicon.ico|/hystrix.stream"
+
+---
+spring:
+    config:
+        activate:
+            on-profile: consul
+        import: consul:${consul_url:localhost:8500}
+    cloud:
+        consul:
+            config:
+                fail-fast: ${FAIL_FAST:true}
+                format: yaml
+    autoconfigure:
+        exclude: org.springframework.cloud.consul.config.ConsulConfigAutoConfiguration