DEV Community: Suraj The latest articles on DEV Community by Suraj (@s2agrahari). https://dev.to/s2agrahari https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F227298%2Fe18b3f4a-5283-4cb7-946e-9ae75ec8d930.jpeg DEV Community: Suraj https://dev.to/s2agrahari en How to update the default exception body thrown by Sping-Boot Suraj Sun, 14 Jun 2020 08:40:38 +0000 https://dev.to/s2agrahari/how-to-update-the-default-exception-body-thrown-by-sping-boot-2a0k https://dev.to/s2agrahari/how-to-update-the-default-exception-body-thrown-by-sping-boot-2a0k <p>The default exception in spring, if thrown (and not handled by <a href="https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/bind/annotation/ControllerAdvice.html">ControllerAdvice</a>) follows the exception format as<br> </p> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="nl">"timestamp"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2020-06-14T05:46:37.538+00:00"</span><span class="p">,</span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">401</span><span class="p">,</span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="nl">"error"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Unauthorized"</span><span class="p">,</span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Unauthorized"</span><span class="p">,</span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="nl">"path"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/path_requested"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p>To change this default exception body to return your own custom fields, you just have to override the <code>BasicErrorController</code>(provided by the framework) and its <code>error</code> method.</p> <ul> <li>How to override </li> </ul> <div class="highlight"><pre class="highlight java"><code><span class="nd">@RestController</span> <span class="nd">@RequestMapping</span><span class="o">({</span><span class="s">"${server.error.path:${error.path:/error}}"</span><span class="o">})</span> <span class="nd">@Slf4j</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">BasicErrorControllerOverride</span> <span class="kd">extends</span> <span class="nc">AbstractErrorController</span> <span class="o">{</span> <span class="err"> </span> <span class="kd">public</span> <span class="nf">BasicErrorControllerOverride</span><span class="o">(</span><span class="nc">ErrorAttributes</span> <span class="n">errorAttributes</span><span class="o">)</span> <span class="o">{</span> <span class="err"> </span> <span class="err"> </span> <span class="kd">super</span><span class="o">(</span><span class="n">errorAttributes</span><span class="o">);</span> <span class="err"> </span> <span class="o">}</span> <span class="err"> </span> <span class="nd">@RequestMapping</span> <span class="err"> </span> <span class="kd">public</span> <span class="nc">ResponseEntity</span><span class="o">&lt;</span><span class="nc">Map</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">Object</span><span class="o">&gt;&gt;</span> <span class="nf">error</span><span class="o">(</span><span class="nc">HttpServletRequest</span> <span class="n">request</span><span class="o">)</span> <span class="o">{</span> <span class="err"> </span> <span class="err"> </span> <span class="nc">HttpStatus</span> <span class="n">status</span> <span class="o">=</span> <span class="k">this</span><span class="o">.</span><span class="na">getStatus</span><span class="o">(</span><span class="n">request</span><span class="o">);</span> <span class="err"> </span> <span class="err"> </span> <span class="nc">Map</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">Object</span><span class="o">&gt;</span> <span class="n">errorCustomAttribute</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">HashMap</span><span class="o">&lt;&gt;();</span> <span class="err"> </span> <span class="err"> </span> <span class="n">errorCustomAttribute</span><span class="o">.</span><span class="na">put</span><span class="o">(</span><span class="s">"custome_message"</span><span class="o">,</span> <span class="s">"error"</span><span class="o">);</span> <span class="err"> </span> <span class="err"> </span> <span class="n">errorCustomAttribute</span><span class="o">.</span><span class="na">put</span><span class="o">(</span><span class="s">"custom_status_field"</span><span class="o">,</span> <span class="n">status</span><span class="o">.</span><span class="na">name</span><span class="o">());</span> <span class="err"> </span> <span class="err"> </span> <span class="k">return</span> <span class="k">new</span> <span class="nc">ResponseEntity</span><span class="o">(</span><span class="n">errorCustomAttribute</span><span class="o">,</span> <span class="n">status</span><span class="o">);</span> <span class="err"> </span> <span class="o">}</span> <span class="err"> </span> <span class="nd">@Override</span> <span class="err"> </span> <span class="kd">public</span> <span class="nc">String</span> <span class="nf">getErrorPath</span><span class="o">()</span> <span class="o">{</span> <span class="err"> </span> <span class="err"> </span> <span class="k">return</span> <span class="s">"/error"</span><span class="o">;</span> <span class="err"> </span> <span class="o">}</span> <span class="o">}</span> </code></pre></div> <ul> <li>How the error will now look like: </li> </ul> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="nl">"custome_message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"UNAUTHORIZED"</span><span class="p">,</span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="err"> </span><span class="w"> </span><span class="nl">"custom_status_field"</span><span class="p">:</span><span class="w"> </span><span class="s2">"error"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p>🍻 If you enjoyed this story, please click the ❤️ button and share it to help others find it! Feel free to leave a comment below.</p> <p>Read more: 👇</p> <ul> <li><a href="https://dev.to/s2agrahari/global-header-in-swagger-ui-spring-boot-5188">Global Header in Swagger-Ui using springfox</a></li> <li><a href="https://dev.to/s2agrahari/grouping-apis-in-swagger-55kk">Grouping APIs in Swagger using springdoc-openapi</a></li> </ul> springboot exception default errors Grouping APIs in Swagger Suraj Tue, 09 Jun 2020 20:16:18 +0000 https://dev.to/s2agrahari/grouping-apis-in-swagger-55kk https://dev.to/s2agrahari/grouping-apis-in-swagger-55kk <p>We develop and manage lot of APIs but when it comes to sharing apis to other teams, most used approach is to expose them using <a href="https://swagger.io/docs/specification/2-0/what-is-swagger/" rel="noopener noreferrer">swagger</a>.</p> <p>But, listing so many APIs in a single page in <a href="https://swagger.io/docs/specification/2-0/what-is-swagger/" rel="noopener noreferrer">swagger</a> can create confusion for the consumer. And also, there are some critical APIs that might change our database state or some configuration and we might not want to expose them. </p> <p>To solve this, we can group APIs in <a href="https://swagger.io/docs/specification/2-0/what-is-swagger/" rel="noopener noreferrer">Swagger</a> (using <a href="https://springdoc.org/" rel="noopener noreferrer">springdoc-openapi</a>) so that only limited APIs are displayed in one group.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fspringdocopenapi_grouped_swagger_options.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fspringdocopenapi_grouped_swagger_options.png%3Fraw%3Dtrue"></a></p> <p>Let' see how to accomplish this using spring-boot and <a href="https://springdoc.org/" rel="noopener noreferrer">springdoc-openapi</a>.</p> <ul> <li>Include <a href="https://springdoc.org/" rel="noopener noreferrer">springdoc-openapi-ui</a> in <code>pom.xml</code> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="s">&lt;dependency&gt;</span> <span class="s">&lt;groupId&gt;org.springdoc&lt;/groupId&gt;</span> <span class="s">&lt;artifactId&gt;springdoc-openapi-ui&lt;/artifactId&gt;</span> <span class="s">&lt;version&gt;1.4.0&lt;/version&gt;</span> <span class="s">&lt;/dependency&gt;</span> </code></pre> </div> <ul> <li>Make a simple <code>ToDoController</code> with 6 APIs i.e 2 for user,1 for admin, 3 for ops</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="nd">@RequestMapping</span><span class="o">(</span><span class="s">"/todo"</span><span class="o">)</span> <span class="nd">@RestController</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">ToDoController</span> <span class="o">{</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">Map</span><span class="o">&lt;</span><span class="nc">Integer</span><span class="o">,</span> <span class="nc">String</span><span class="o">&gt;</span> <span class="n">todoMap</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">HashMap</span><span class="o">&lt;&gt;(</span><span class="mi">30</span><span class="o">);</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">Random</span> <span class="n">random</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Random</span><span class="o">();</span> <span class="nd">@GetMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/user"</span><span class="o">)</span> <span class="nd">@Operation</span><span class="o">(</span><span class="n">summary</span> <span class="o">=</span> <span class="s">"Get All ToDo List"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">Map</span><span class="o">&lt;</span><span class="nc">Integer</span><span class="o">,</span> <span class="nc">String</span><span class="o">&gt;</span> <span class="nf">getAllTodoList</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="n">todoMap</span><span class="o">;</span> <span class="o">}</span> <span class="nd">@GetMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/user/{todo_id}"</span><span class="o">)</span> <span class="nd">@Operation</span><span class="o">(</span><span class="n">summary</span> <span class="o">=</span> <span class="s">"Get ToDo item for todo id"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">String</span> <span class="nf">getTodo</span><span class="o">(</span><span class="nd">@PathVariable</span><span class="o">(</span><span class="s">"todo_id"</span><span class="o">)</span> <span class="nc">Integer</span> <span class="n">todoId</span><span class="o">)</span> <span class="o">{</span> <span class="k">return</span> <span class="n">todoMap</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="n">todoId</span><span class="o">);</span> <span class="o">}</span> <span class="nd">@PostMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/admin"</span><span class="o">)</span> <span class="nd">@Operation</span><span class="o">(</span><span class="n">summary</span> <span class="o">=</span> <span class="s">"Post new ToDo"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">Integer</span> <span class="nf">postTodo</span><span class="o">(</span><span class="nd">@RequestParam</span><span class="o">(</span><span class="s">"todo"</span><span class="o">)</span> <span class="nc">String</span> <span class="n">todo</span><span class="o">)</span> <span class="o">{</span> <span class="kt">int</span> <span class="n">todoId</span> <span class="o">=</span> <span class="n">random</span><span class="o">.</span><span class="na">nextInt</span><span class="o">();</span> <span class="n">todoMap</span><span class="o">.</span><span class="na">put</span><span class="o">(</span><span class="n">todoId</span><span class="o">,</span> <span class="n">todo</span><span class="o">);</span> <span class="k">return</span> <span class="n">todoId</span><span class="o">;</span> <span class="o">}</span> <span class="nd">@GetMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/operation"</span><span class="o">)</span> <span class="nd">@Operation</span><span class="o">(</span><span class="n">summary</span> <span class="o">=</span> <span class="s">"Get All ToDo List"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">Map</span><span class="o">&lt;</span><span class="nc">Integer</span><span class="o">,</span> <span class="nc">String</span><span class="o">&gt;</span> <span class="nf">getAllTodoListByOps</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="n">todoMap</span><span class="o">;</span> <span class="o">}</span> <span class="nd">@GetMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/operation/{todo_id}"</span><span class="o">)</span> <span class="nd">@Operation</span><span class="o">(</span><span class="n">summary</span> <span class="o">=</span> <span class="s">"Get ToDo item for todo id"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">String</span> <span class="nf">getTodoByOps</span><span class="o">(</span><span class="nd">@PathVariable</span><span class="o">(</span><span class="s">"todo_id"</span><span class="o">)</span> <span class="nc">Integer</span> <span class="n">todoId</span><span class="o">)</span> <span class="o">{</span> <span class="k">return</span> <span class="n">todoMap</span><span class="o">.</span><span class="na">get</span><span class="o">(</span><span class="n">todoId</span><span class="o">);</span> <span class="o">}</span> <span class="nd">@PostMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/operation"</span><span class="o">)</span> <span class="nd">@Operation</span><span class="o">(</span><span class="n">summary</span> <span class="o">=</span> <span class="s">"Post new ToDo"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">Integer</span> <span class="nf">postTodoByOps</span><span class="o">(</span><span class="nd">@RequestParam</span><span class="o">(</span><span class="s">"todo"</span><span class="o">)</span> <span class="nc">String</span> <span class="n">todo</span><span class="o">)</span> <span class="o">{</span> <span class="kt">int</span> <span class="n">todoId</span> <span class="o">=</span> <span class="n">random</span><span class="o">.</span><span class="na">nextInt</span><span class="o">();</span> <span class="n">todoMap</span><span class="o">.</span><span class="na">put</span><span class="o">(</span><span class="n">todoId</span><span class="o">,</span> <span class="n">todo</span><span class="o">);</span> <span class="k">return</span> <span class="n">todoId</span><span class="o">;</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <ul> <li>Create three GroupedOpenApi beans i.e for user,admin and ops</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="nd">@Bean</span> <span class="nc">GroupedOpenApi</span> <span class="nf">userApis</span><span class="o">()</span> <span class="o">{</span> <span class="c1">// group all APIs with `user` in the path</span> <span class="k">return</span> <span class="nc">GroupedOpenApi</span><span class="o">.</span><span class="na">builder</span><span class="o">().</span><span class="na">group</span><span class="o">(</span><span class="s">"user"</span><span class="o">).</span><span class="na">pathsToMatch</span><span class="o">(</span><span class="s">"/**/user/**"</span><span class="o">).</span><span class="na">build</span><span class="o">();</span> <span class="o">}</span> <span class="nd">@Bean</span> <span class="nc">GroupedOpenApi</span> <span class="nf">adminApis</span><span class="o">()</span> <span class="o">{</span> <span class="c1">// group all APIs with `admin` in the path</span> <span class="k">return</span> <span class="nc">GroupedOpenApi</span><span class="o">.</span><span class="na">builder</span><span class="o">().</span><span class="na">group</span><span class="o">(</span><span class="s">"admin"</span><span class="o">).</span><span class="na">pathsToMatch</span><span class="o">(</span><span class="s">"/**/admin/**"</span><span class="o">).</span><span class="na">build</span><span class="o">();</span> <span class="o">}</span> <span class="nd">@Bean</span> <span class="nc">GroupedOpenApi</span> <span class="nf">opsApis</span><span class="o">()</span> <span class="o">{</span> <span class="c1">// group all APIs with `operation` in the path</span> <span class="k">return</span> <span class="nc">GroupedOpenApi</span><span class="o">.</span><span class="na">builder</span><span class="o">().</span><span class="na">group</span><span class="o">(</span><span class="s">"operation"</span><span class="o">).</span><span class="na">pathsToMatch</span><span class="o">(</span><span class="s">"/**/operation/**"</span><span class="o">).</span><span class="na">build</span><span class="o">();</span> <span class="o">}</span> </code></pre> </div> <p><em>Note -&gt; pathsToMatch() in above code accepts a regular expression of the API path which we are grouping.</em></p> <ul> <li>Now, run spring-boot application and open <a href="//localhost:8080/swagger-ui.html">localhost:8080/swagger-ui.html</a> </li> </ul> <p>Let's see the three groups created in <a href="https://swagger.io/docs/specification/2-0/what-is-swagger/" rel="noopener noreferrer">Swagger</a></p> <ul> <li>User Group</li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fspringdocopenapi_grouped_swagger_user_goup.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fspringdocopenapi_grouped_swagger_user_goup.png%3Fraw%3Dtrue"></a></p> <ul> <li>Operation Group</li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fspringdocopenapi_grouped_swagger_operation_group.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fspringdocopenapi_grouped_swagger_operation_group.png%3Fraw%3Dtrue"></a></p> <ul> <li>Admin Group</li> </ul> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fspringdocopenapi_grouped_swagger_admin_goup.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fspringdocopenapi_grouped_swagger_admin_goup.png%3Fraw%3Dtrue"></a></p> <p>Complete Code 👇 <br> </p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev.to%2Fassets%2Fgithub-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/s2agrahari" rel="noopener noreferrer"> s2agrahari </a> / <a href="https://github.com/s2agrahari/grouping-in-swagger-springdoc-openapi" rel="noopener noreferrer"> grouping-in-swagger-springdoc-openapi </a> </h2> <h3> grouping-in-swagger-springdoc-openapi </h3> </div> </div> <p>🍻 If you enjoyed this story, please click the ❤️ button and share it to help others find it! Feel free to leave a comment below.</p> <p>Read more: 👇</p> <p><a href="https://dev.to/s2agrahari/global-header-in-swagger-ui-spring-boot-5188">Global Header in Swagger-Ui using springfox</a></p> swagger springdoc openapi group Authentication between microservices - Part II Suraj Wed, 03 Jun 2020 12:04:52 +0000 https://dev.to/s2agrahari/authentication-between-microservices-part-ii-30l4 https://dev.to/s2agrahari/authentication-between-microservices-part-ii-30l4 <p>This is a continuation of <a href="https://dev.to/s2agrahari/authentication-between-microservices-part-i-3dpp">Authentication between microservices - Part I</a>.</p> <p>Please read <a href="https://dev.to/s2agrahari/authentication-between-microservices-part-i-3dpp">part I</a> to know the idea behind this implementation.</p> <p>We will use spring-boot to make two services and see how authentication can be implemented.</p> <p><strong>Let's build caller service A</strong></p> <ul> <li>First, configure the keys in <code>application.yml</code> that will be used to create JWT token </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">service</span><span class="pi">:</span> <span class="na">jwtAlgorithmKey</span><span class="pi">:</span> <span class="s">sampleJwtAlgorithmKey</span> <span class="c1">#will be used as key in JWT Algo</span> <span class="na">serviceBSecretKey</span><span class="pi">:</span> <span class="s">serviceB-SecretKey-To-Be-Provided-By-ServiceA</span> <span class="c1">#this is the key that called service (`service B`) will compare on decoding token</span> <span class="na">spring</span><span class="pi">:</span> <span class="na">application</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">service-a</span> <span class="c1">#application-name</span> </code></pre> </div> <ul> <li>Make a config class which will generate jwt tokens at the time of service startup using the values provided in <code>application.yml</code> file </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Configuration</span> <span class="nd">@ConfigurationProperties</span><span class="o">(</span><span class="n">prefix</span> <span class="o">=</span> <span class="s">"service"</span><span class="o">)</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">ServiceAuthConfig</span> <span class="o">{</span> <span class="nd">@Setter</span> <span class="nd">@Getter</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">jwtAlgorithmKey</span><span class="o">;</span> <span class="nd">@Setter</span> <span class="nd">@Getter</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">serviceBSecretKey</span><span class="o">;</span> <span class="nd">@Value</span><span class="o">(</span><span class="s">"${spring.application.name}"</span><span class="o">)</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">applicationName</span><span class="o">;</span> <span class="nd">@Getter</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">serviceBAuthToken</span><span class="o">;</span> <span class="cm">/* Generate auth token which will be passed in header when calling API of service B */</span> <span class="nd">@PostConstruct</span> <span class="kd">public</span> <span class="kt">void</span> <span class="nf">load</span><span class="o">()</span> <span class="o">{</span> <span class="n">serviceBAuthToken</span> <span class="o">=</span> <span class="n">createJwtToken</span><span class="o">(</span><span class="n">serviceBSecretKey</span><span class="o">);</span> <span class="o">}</span> <span class="cm">/* Create JWT Token with the algorithm key (common for both the called and caller service) Service Secret key is to be generate by caller service and then shared and stored in called service yml */</span> <span class="kd">private</span> <span class="nc">String</span> <span class="nf">createJwtToken</span><span class="o">(</span><span class="nc">String</span> <span class="n">serviceSecretKey</span><span class="o">)</span> <span class="o">{</span> <span class="k">return</span> <span class="no">JWT</span><span class="o">.</span><span class="na">create</span><span class="o">()</span> <span class="o">.</span><span class="na">withIssuer</span><span class="o">(</span><span class="n">applicationName</span><span class="o">)</span> <span class="o">.</span><span class="na">withSubject</span><span class="o">(</span><span class="n">serviceSecretKey</span><span class="o">)</span> <span class="o">.</span><span class="na">sign</span><span class="o">(</span><span class="nc">Algorithm</span><span class="o">.</span><span class="na">HMAC512</span><span class="o">(</span><span class="n">jwtAlgorithmKey</span><span class="o">));</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <ul> <li>Make a feign client to invoke service B's apis </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@FeignClient</span><span class="o">(</span><span class="n">name</span> <span class="o">=</span> <span class="s">"serviceBClient"</span><span class="o">,</span> <span class="n">url</span> <span class="o">=</span> <span class="s">"http://127.0.0.1:8081/service-b"</span><span class="o">)</span> <span class="kd">public</span> <span class="kd">interface</span> <span class="nc">ServiceBFeignClient</span> <span class="o">{</span> <span class="nd">@GetMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/get-greetings"</span><span class="o">)</span> <span class="nd">@ApiOperation</span><span class="o">(</span><span class="s">"Get Greetings from service B"</span><span class="o">)</span> <span class="nc">String</span> <span class="nf">getGreetings</span><span class="o">(</span><span class="nd">@RequestHeader</span><span class="o">(</span><span class="s">"SERVICE-AUTH-TOKEN"</span><span class="o">)</span> <span class="nc">String</span> <span class="n">serviceAuthToken</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <ul> <li>Make an api which will call service B's getGreetings API </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@RestController</span> <span class="nd">@RequestMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/service-a"</span><span class="o">)</span> <span class="nd">@Slf4j</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">ServiceAController</span> <span class="o">{</span> <span class="nd">@Autowired</span> <span class="kd">private</span> <span class="nc">ServiceAuthConfig</span> <span class="n">serviceAuthConfig</span><span class="o">;</span> <span class="nd">@Autowired</span> <span class="kd">private</span> <span class="nc">ServiceBFeignClient</span> <span class="n">serviceBFeignClient</span><span class="o">;</span> <span class="nd">@GetMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/get-greeting-from-service-b"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">ResponseEntity</span> <span class="nf">getGreetingFromServiceB</span><span class="o">()</span> <span class="o">{</span> <span class="k">try</span> <span class="o">{</span> <span class="nc">String</span> <span class="n">serviceBGreetingResponse</span> <span class="o">=</span> <span class="n">serviceBFeignClient</span><span class="o">.</span><span class="na">getGreetings</span><span class="o">(</span><span class="n">serviceAuthConfig</span><span class="o">.</span><span class="na">getServiceBAuthToken</span><span class="o">());</span> <span class="c1">// passing jwt auth token for service B</span> <span class="k">return</span> <span class="nc">ResponseEntity</span><span class="o">.</span><span class="na">ok</span><span class="o">(</span><span class="n">serviceBGreetingResponse</span><span class="o">);</span> <span class="o">}</span> <span class="k">catch</span> <span class="o">(</span><span class="nc">FeignException</span> <span class="n">exception</span><span class="o">)</span> <span class="o">{</span> <span class="cm">/* Extract the error thrown from service B and if the error is `INVALID_TOKEN`, then return 401 */</span> <span class="nc">String</span> <span class="n">error</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">String</span><span class="o">(</span><span class="n">exception</span><span class="o">.</span><span class="na">responseBody</span><span class="o">().</span><span class="na">get</span><span class="o">().</span><span class="na">array</span><span class="o">());</span> <span class="n">log</span><span class="o">.</span><span class="na">error</span><span class="o">(</span><span class="s">"Error {}"</span><span class="o">,</span> <span class="n">error</span><span class="o">);</span> <span class="k">if</span> <span class="o">(</span><span class="s">"INVALID_TOKEN"</span><span class="o">.</span><span class="na">equals</span><span class="o">(</span><span class="n">error</span><span class="o">))</span> <span class="o">{</span> <span class="k">return</span> <span class="nc">ResponseEntity</span><span class="o">.</span><span class="na">status</span><span class="o">(</span><span class="mi">401</span><span class="o">).</span><span class="na">body</span><span class="o">(</span><span class="n">error</span><span class="o">);</span> <span class="o">}</span> <span class="k">throw</span> <span class="n">exception</span><span class="o">;</span> <span class="o">}</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <p><strong>Now, Let's create a called service B</strong></p> <ul> <li>Configure the jwt algo key and the secret key provided by caller service A in <code>application.yml</code> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">service</span><span class="pi">:</span> <span class="na">jwtAlgorithmKey</span><span class="pi">:</span> <span class="s">sampleJwtAlgorithmKey</span> <span class="na">registeredSecretKeys</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">serviceB-SecretKey-To-Be-Provided-By-ServiceA</span> <span class="na">spring</span><span class="pi">:</span> <span class="na">application</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">service-b</span> </code></pre> </div> <ul> <li>Expose an api which will generate a greeting </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@RestController</span> <span class="nd">@RequestMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/service-b"</span><span class="o">)</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">ServiceBController</span> <span class="o">{</span> <span class="nd">@GetMapping</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"/get-greetings"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">ResponseEntity</span> <span class="nf">sayGreeting</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="nc">ResponseEntity</span><span class="o">.</span><span class="na">ok</span><span class="o">(</span><span class="s">"Hello There from Service B!!!"</span><span class="o">);</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <ul> <li>Create a config component to auto read the <code>application.yml</code> properties </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Configuration</span> <span class="nd">@ConfigurationProperties</span><span class="o">(</span><span class="n">prefix</span> <span class="o">=</span> <span class="s">"service"</span><span class="o">)</span> <span class="nd">@Slf4j</span> <span class="nd">@Setter</span> <span class="nd">@Getter</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">ServiceAuthConfig</span> <span class="o">{</span> <span class="kd">private</span> <span class="nc">String</span> <span class="n">jwtAlgorithmKey</span><span class="o">;</span> <span class="kd">private</span> <span class="nc">List</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">&gt;</span> <span class="n">registeredSecretKeys</span><span class="o">;</span> <span class="o">}</span> </code></pre> </div> <ul> <li>Finally, create a ServiceAuthFilter which will read the token from <code>SERVICE-AUTH-TOKEN</code> header, decode and validate it against the keys stored in config </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code><span class="nd">@Component</span> <span class="nd">@Slf4j</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">ServiceAuthFilter</span> <span class="kd">implements</span> <span class="nc">Filter</span> <span class="o">{</span> <span class="nd">@Autowired</span> <span class="kd">private</span> <span class="nc">ServiceAuthConfig</span> <span class="n">serviceAuthConfig</span><span class="o">;</span> <span class="nd">@Override</span> <span class="kd">public</span> <span class="kt">void</span> <span class="nf">doFilter</span><span class="o">(</span> <span class="nc">ServletRequest</span> <span class="n">servletRequest</span><span class="o">,</span> <span class="nc">ServletResponse</span> <span class="n">servletResponse</span><span class="o">,</span> <span class="nc">FilterChain</span> <span class="n">filterChain</span><span class="o">)</span> <span class="kd">throws</span> <span class="nc">IOException</span><span class="o">,</span> <span class="nc">ServletException</span> <span class="o">{</span> <span class="nc">HttpServletRequest</span> <span class="n">httpServletRequest</span> <span class="o">=</span> <span class="o">((</span><span class="nc">HttpServletRequest</span><span class="o">)</span> <span class="n">servletRequest</span><span class="o">);</span> <span class="nc">String</span> <span class="n">serviceAuthToken</span> <span class="o">=</span> <span class="n">httpServletRequest</span><span class="o">.</span><span class="na">getHeader</span><span class="o">(</span><span class="s">"SERVICE-AUTH-TOKEN"</span><span class="o">);</span> <span class="kt">boolean</span> <span class="n">isTokenValid</span> <span class="o">=</span> <span class="n">validateJwtToken</span><span class="o">(</span><span class="n">serviceAuthToken</span><span class="o">);</span> <span class="k">if</span> <span class="o">(!</span><span class="n">isTokenValid</span><span class="o">)</span> <span class="o">{</span> <span class="nc">HttpServletResponse</span> <span class="n">httpServletResponse</span> <span class="o">=</span> <span class="o">(</span><span class="nc">HttpServletResponse</span><span class="o">)</span> <span class="n">servletResponse</span><span class="o">;</span> <span class="n">httpServletResponse</span><span class="o">.</span><span class="na">setStatus</span><span class="o">(</span><span class="mi">401</span><span class="o">);</span> <span class="n">httpServletResponse</span><span class="o">.</span><span class="na">getWriter</span><span class="o">().</span><span class="na">write</span><span class="o">(</span><span class="s">"INVALID_TOKEN"</span><span class="o">);</span> <span class="o">}</span> <span class="k">else</span> <span class="o">{</span> <span class="n">filterChain</span><span class="o">.</span><span class="na">doFilter</span><span class="o">(</span><span class="n">servletRequest</span><span class="o">,</span> <span class="n">servletResponse</span><span class="o">);</span> <span class="o">}</span> <span class="o">}</span> <span class="cm">/* Validate the token by comparing the secret key in it against list of secret keys registered in service B */</span> <span class="kd">private</span> <span class="kt">boolean</span> <span class="nf">validateJwtToken</span><span class="o">(</span><span class="nc">String</span> <span class="n">jwtToken</span><span class="o">)</span> <span class="o">{</span> <span class="k">if</span> <span class="o">(</span><span class="nc">StringUtils</span><span class="o">.</span><span class="na">isEmpty</span><span class="o">(</span><span class="n">jwtToken</span><span class="o">))</span> <span class="o">{</span> <span class="k">return</span> <span class="kc">false</span><span class="o">;</span> <span class="o">}</span> <span class="nc">DecodedJWT</span> <span class="n">decodedJWT</span> <span class="o">=</span> <span class="no">JWT</span><span class="o">.</span><span class="na">require</span><span class="o">(</span><span class="nc">Algorithm</span><span class="o">.</span><span class="na">HMAC512</span><span class="o">(</span><span class="n">serviceAuthConfig</span><span class="o">.</span><span class="na">getJwtAlgorithmKey</span><span class="o">()))</span> <span class="o">.</span><span class="na">build</span><span class="o">()</span> <span class="o">.</span><span class="na">verify</span><span class="o">(</span><span class="n">jwtToken</span><span class="o">);</span> <span class="n">log</span><span class="o">.</span><span class="na">info</span><span class="o">(</span><span class="s">"Request Initiated from {}"</span><span class="o">,</span> <span class="n">decodedJWT</span><span class="o">.</span><span class="na">getIssuer</span><span class="o">());</span> <span class="k">return</span> <span class="n">serviceAuthConfig</span><span class="o">.</span><span class="na">getRegisteredSecretKeys</span><span class="o">().</span><span class="na">contains</span><span class="o">(</span><span class="n">decodedJWT</span><span class="o">.</span><span class="na">getSubject</span><span class="o">());</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <p><strong>Now, how to validate what has been built?</strong></p> <ul> <li><p>Build and start both, <code>service A</code> and <code>service B</code>.</p></li> <li><p>Invoke <code>get-greeting-from-service-b</code> api from caller service A and see the output by keeping the secret keys same in both services and then by changing it in one of them.</p></li> </ul> <p>More on implementation 👇 </p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev.to%2Fassets%2Fgithub-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/s2agrahari" rel="noopener noreferrer"> s2agrahari </a> / <a href="https://github.com/s2agrahari/authentication-between-microservices" rel="noopener noreferrer"> authentication-between-microservices </a> </h2> <h3> authentication-between-microservices </h3> </div> <div class="ltag-github-body"> <div id="readme" class="md"> <div class="markdown-heading"> <h1 class="heading-element">authentication-between-microservices</h1> </div> <p>authentication-between-microservices</p> </div> <br> <br> </div> <br> <div class="gh-btn-container"><a class="gh-btn" href="https://github.com/s2agrahari/authentication-between-microservices" rel="noopener noreferrer">View on GitHub</a></div> <br> </div> <br> <p>🍻 If you enjoyed this story, please click the ❤️ button and share it to help others find it! Feel free to leave a comment below.</p> authentication microservices jwt springboot Authentication between microservices - Part I Suraj Wed, 03 Jun 2020 12:04:37 +0000 https://dev.to/s2agrahari/authentication-between-microservices-part-i-3dpp https://dev.to/s2agrahari/authentication-between-microservices-part-i-3dpp <p>How to establish your <strong>own custom authentication</strong> between microservices?</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fvgosjwkyh1wh02ekzp03.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fvgosjwkyh1wh02ekzp03.png"></a></p> <p><strong>What and Why?</strong> 🤔</p> <p>Let's assume the interaction between 3 microservices.</p> <ul> <li> <strong>User Service</strong> - Handles user's registration/login and other user data.</li> <li> <strong>Product Service</strong> - Handles the product list present in the system.</li> <li> <strong>Order Service</strong>- Handles Order, invokes product service to validate the order and invokes user service to attach required user-details to the order.</li> </ul> <p><strong>Why Authentication is needed?</strong></p> <p>Let's say you want to keep control over which service is calling another service.</p> <p><em>Example here</em> - User service shouldn't be calling order service or product service. And similarly, product service shouldn't be calling order service.</p> <p><em>Explanation</em> - Sometimes, a service ends up invoking an API of other services, which it should not (<em>because that is not the service responsibility or may be to implement a new feature, etc</em>). <br> Say, <code>user-service</code> starts invoking <code>orders</code> API of <code>order-service</code> to know if a user has placed order and wants to send an email to that user. And similarly, any other service can call this API of <code>order-service</code>.<br> But say, if we want to know, what all services call this order API, we won't be able to tell. To do this kind of tracing or to <br> restrict this type of API calls, <code>order-service</code> service should know from which service the call is originating.</p> <ul> <li><p>But how will one service know, that it shouldn't allow any other service to use it's APIs except a few?</p></li> <li><p>If you are using container orchestration like k8s, this could be achieved by using namespace restriction.</p></li> </ul> <p><strong>But how to do it independent of k8s?</strong></p> <p>Let's make one more assumption here:</p> <ul> <li>Service A - Caller service</li> <li>Service B - Called service <em>i.e interaction happening from service A-&gt;B</em> </li> </ul> <p>For B to know if A is authorized to invoke its APIs, we can deploy one of the logics which is used for user authorization <em>i.e sharing an authorization token while calling each API</em>.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fmicroservice_auth_internal_sequence_diagram.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fmicroservice_auth_internal_sequence_diagram.png%3Fraw%3Dtrue"></a></p> <p><strong>Now, who will own the generation of the authorization token?</strong></p> <ul> <li>Each caller service(<em>service A</em>) will generate a token (<em>using a secret key</em>) and pass to the called service (<em>service B</em>).</li> </ul> <p><em>Note - Secret key that caller service (service A) uses to generate the token will also be present with called service (service B) for validation.</em></p> <p><strong>How the called service will validate the token it receives?</strong></p> <ul> <li>The called service(<em>service B</em>) will validate by decoding the token it received and comparing the secret key in the token with the stored secret key list.</li> </ul> <p><em>How to implement it?</em> <a href="https://dev.to/s2agrahari/authentication-between-microservices-part-ii-30l4">Authentication between micro-services - Part II</a></p> <p>If you enjoyed this story, please click the ❤️ button and share it to help others find it! Feel free to leave a comment below.</p> authentication microservices jwt springboot Global Header in Swagger-Ui Spring-Boot Suraj Sat, 23 May 2020 11:49:02 +0000 https://dev.to/s2agrahari/global-header-in-swagger-ui-spring-boot-5188 https://dev.to/s2agrahari/global-header-in-swagger-ui-spring-boot-5188 <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2FglobalOperationParameters.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2FglobalOperationParameters.png%3Fraw%3Dtrue"></a></p> <p>This article is about adding <strong>custom headers</strong> in all Apis globally without writing in each API method.</p> <p><strong>Why do we need it?</strong></p> <p>There are cases where we need some header value from consumers to validate the request. </p> <p><em>Example</em> - Basic-Auth-Token, which can be validated from a servlet filter, so we don’t need to add it as a header parameter in each API method.</p> <p>But, on exposing the API, we would want that the Basic-Auth-Token parameter reflects in each API under Swagger-UI to make testing easier.</p> <p>Like in below image</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fglobal-header-swagger-ui.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fglobal-header-swagger-ui.png%3Fraw%3Dtrue"></a></p> <h5> So, let's get on how to do it </h5> <ul> <li>The first step would be to create a docket bean as below</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="nd">@Bean</span> <span class="kd">public</span> <span class="nc">Docket</span> <span class="nf">docket</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">Docket</span><span class="o">(</span><span class="nc">DocumentationType</span><span class="o">.</span><span class="na">SWAGGER_2</span><span class="o">)</span> <span class="o">.</span><span class="na">forCodeGeneration</span><span class="o">(</span><span class="kc">true</span><span class="o">)</span> <span class="o">.</span><span class="na">globalOperationParameters</span><span class="o">(</span><span class="n">globalParameterList</span><span class="o">())</span> <span class="c1">// ^ here we are passing the global paramters to inlcude in swagger-ui</span> <span class="o">.</span><span class="na">select</span><span class="o">()</span> <span class="o">.</span><span class="na">apis</span><span class="o">(</span> <span class="nc">RequestHandlerSelectors</span><span class="o">.</span><span class="na">withClassAnnotation</span><span class="o">(</span><span class="nc">RestController</span><span class="o">.</span><span class="na">class</span><span class="o">))</span> <span class="o">.</span><span class="na">paths</span><span class="o">(</span><span class="nc">PathSelectors</span><span class="o">.</span><span class="na">any</span><span class="o">())</span> <span class="o">.</span><span class="na">build</span><span class="o">();</span> <span class="o">}</span> </code></pre> </div> <h6> Make sure that @EnableSwagger2 is added in the Application file </h6> <ul> <li>Now, let's add global parameters that we need to pass in above docket bean</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="kd">private</span> <span class="nc">List</span><span class="o">&lt;</span><span class="nc">Parameter</span><span class="o">&gt;</span> <span class="nf">globalParameterList</span><span class="o">()</span> <span class="o">{</span> <span class="n">val</span> <span class="n">authTokenHeader</span> <span class="o">=</span> <span class="k">new</span> <span class="nf">ParameterBuilder</span><span class="o">()</span> <span class="o">.</span><span class="na">name</span><span class="o">(</span><span class="s">"AUTH-TOKEN"</span><span class="o">)</span> <span class="c1">// name of the header</span> <span class="o">.</span><span class="na">modelRef</span><span class="o">(</span><span class="k">new</span> <span class="nc">ModelRef</span><span class="o">(</span><span class="s">"string"</span><span class="o">))</span> <span class="c1">// data-type of the header</span> <span class="o">.</span><span class="na">required</span><span class="o">(</span><span class="kc">true</span><span class="o">)</span> <span class="c1">// required/optional</span> <span class="o">.</span><span class="na">parameterType</span><span class="o">(</span><span class="s">"header"</span><span class="o">)</span> <span class="c1">// for query-param, this value can be 'query'</span> <span class="o">.</span><span class="na">description</span><span class="o">(</span><span class="s">"Basic Auth Token"</span><span class="o">)</span> <span class="o">.</span><span class="na">build</span><span class="o">();</span> <span class="k">return</span> <span class="nc">Collections</span><span class="o">.</span><span class="na">singletonList</span><span class="o">(</span><span class="n">authTokenHeader</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <ul> <li>Add a RequestFilter to log the incoming request header that we just added.</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="nd">@Component</span> <span class="nd">@Slf4j</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">RequestFilter</span> <span class="kd">implements</span> <span class="nc">Filter</span> <span class="o">{</span> <span class="nd">@Override</span> <span class="kd">public</span> <span class="kt">void</span> <span class="nf">doFilter</span><span class="o">(</span> <span class="nc">ServletRequest</span> <span class="n">servletRequest</span><span class="o">,</span> <span class="nc">ServletResponse</span> <span class="n">servletResponse</span><span class="o">,</span> <span class="nc">FilterChain</span> <span class="n">filterChain</span><span class="o">)</span> <span class="kd">throws</span> <span class="nc">IOException</span><span class="o">,</span> <span class="nc">ServletException</span> <span class="o">{</span> <span class="n">log</span><span class="o">.</span><span class="na">info</span><span class="o">(</span> <span class="s">"Value of AUTH-TOKEN -&gt; {}"</span><span class="o">,</span> <span class="o">((</span><span class="nc">HttpServletRequest</span><span class="o">)</span> <span class="n">servletRequest</span><span class="o">).</span><span class="na">getHeader</span><span class="o">(</span><span class="s">"AUTH-TOKEN"</span><span class="o">));</span> <span class="n">filterChain</span><span class="o">.</span><span class="na">doFilter</span><span class="o">(</span><span class="n">servletRequest</span><span class="o">,</span> <span class="n">servletResponse</span><span class="o">);</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <ul> <li>Finally, a simple hello-world controller to test what we just made.</li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="nd">@RestController</span> <span class="nd">@RequestMapping</span><span class="o">(</span><span class="s">"/hello-world"</span><span class="o">)</span> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">HelloWorldController</span> <span class="o">{</span> <span class="nd">@GetMapping</span> <span class="kd">public</span> <span class="nc">ResponseEntity</span> <span class="nf">sayHello</span><span class="o">()</span> <span class="o">{</span> <span class="c1">// No header needed here - that got covered in docket</span> <span class="k">return</span> <span class="nc">ResponseEntity</span><span class="o">.</span><span class="na">ok</span><span class="o">(</span><span class="s">"Hello There!!!"</span><span class="o">);</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <h5> How the output will look like </h5> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fpassing-auth-token-in-swagger-ui.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fpassing-auth-token-in-swagger-ui.png%3Fraw%3Dtrue"></a></p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fdummy-auth-token-in-swagger-ui-log.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fdummy-auth-token-in-swagger-ui-log.png%3Fraw%3Dtrue"></a></p> <p>Sample Project can be found at </p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev.to%2Fassets%2Fgithub-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/s2agrahari" rel="noopener noreferrer"> s2agrahari </a> / <a href="https://github.com/s2agrahari/swagger-global-header-spring-boot" rel="noopener noreferrer"> swagger-global-header-spring-boot </a> </h2> <h3> Global Header in Swagger without writing in Controller </h3> </div> <div class="ltag-github-body"> <div id="readme" class="md"> <div class="markdown-heading"> <h1 class="heading-element">swagger-global-header-spring-boot</h1> </div> <p>Global Header in Swagger without writing in Controller</p> <p>Blog link - <a href="https://dev.to/s2agrahari/global-header-in-swagger-ui-spring-boot-5188" rel="nofollow">https://dev.to/s2agrahari/global-header-in-swagger-ui-spring-boot-5188</a></p> </div> <br> <br> </div> <br> <div class="gh-btn-container"><a class="gh-btn" href="https://github.com/s2agrahari/swagger-global-header-spring-boot" rel="noopener noreferrer">View on GitHub</a></div> <br> </div> <br> <p>If you enjoyed this story, please click the ❤️ button and share it to help others find it! Feel free to leave a comment below.</p> <p>Read more: 👇</p> <p><a href="https://dev.to/s2agrahari/grouping-apis-in-swagger-55kk">Grouping APIs in Swagger using springdoc-openapi</a></p> swagger springboot header globaloperationparameters Moving from Hibernate Envers to Debezium Suraj Mon, 06 Jan 2020 17:35:09 +0000 https://dev.to/s2agrahari/moving-from-hibernate-envers-to-debezium-3bg4 https://dev.to/s2agrahari/moving-from-hibernate-envers-to-debezium-3bg4 <p>This article is about logging data change events asynchronously.</p> <h4> What is Hibernate Envers ? </h4> <p><a href="https://hibernate.org/orm/envers/" rel="noopener noreferrer">Envers</a> provide an easy auditing/versioning solution for entity classes.</p> <h4> Why to move from envers? </h4> <p>Envers is a <a href="https://stackoverflow.com/questions/44176965/how-does-hibernate-envers-work" rel="noopener noreferrer">synchronous audit logging mechanism</a>. So, there is an additional commit transaction required for the log table created by envers. This takes an additional millisecond for the write operation.</p> <p>And, if there is an error while writing into the log table, then whole data is rolled back (even the actual changes).</p> <h4> What is Debezium ? </h4> <p><a href="https://debezium.io/" rel="noopener noreferrer">Debezium</a> is an open source distributed platform for change data capture.</p> <p>It lets your apps react every time your data changes. It continuously monitors your databases and streams every row-level change in the same order they were committed in the database to any streaming platform i.e <a href="https://kafka.apache.org/" rel="noopener noreferrer">Kafka</a></p> <p>It uses <a href="https://docs.confluent.io/3.0.1/connect/intro.html" rel="noopener noreferrer">Kafka-Connect</a> to stream captured events to Kafka and then from Kafka to other systems.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fsc_kafka_connect_dbz_1.png%3Fraw%3Dtrue" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fs2agrahari%2Fimg-dump%2Fblob%2Fmaster%2Fsc_kafka_connect_dbz_1.png%3Fraw%3Dtrue"></a></p> How debezium uses Kafka connect to stream data change events. <h4> Why Debezium ? </h4> <ul> <li> <a href="https://vladmihalcea.com/a-beginners-guide-to-cdc-change-data-capture/" rel="noopener noreferrer">Data change</a> is captured asynchronously</li> <li>Reads from the <a href="https://en.wikipedia.org/wiki/Write-ahead_logging" rel="noopener noreferrer">WAL</a>. All changes, even the ones made from SQL console will be captured.</li> <li>Has a range of connectors to capture from (MySql, Postgres) and sink data to (MySql, Postgres, Elastic, etc)</li> </ul> <p>Let's start on a POC, where we will capture data change events from MySql DB and then store the emitted events in a different MySql DB.</p> <h4> We need to first install/download </h4> <ul> <li><a href="https://kafka.apache.org/quickstart" rel="noopener noreferrer">Kafka</a></li> <li><a href="https://debezium.io/releases/0.10/#releases" rel="noopener noreferrer">Debezium Connector</a></li> <li><a href="https://www.confluent.io/hub/confluentinc/kafka-connect-jdbc" rel="noopener noreferrer">Kafka Jbdc Sink Connector</a></li> </ul> <h4> Steps </h4> <ul> <li>Extract the downloaded <a href="https://debezium.io/releases/0.10/#releases" rel="noopener noreferrer">Debezium Connector</a> to get the jars.</li> <li> <p>Move the extracted jars to any classpath as specified in plugin.path <br> variable in /kafka/bin/config/connect-distributed.poperties file. <br> Or, move the jars to Kafka libs directory</p> <blockquote> <p><code>mv debezium-connector-mysql/* kafka/libs/</code></p> </blockquote> </li> <li><p>Extract the <a href="https://www.confluent.io/hub/confluentinc/kafka-connect-jdbc" rel="noopener noreferrer">Kafka Jbdc Sink Connector</a> jars <br> and place them at the same location as we did for <a href="https://debezium.io/releases/0.10/#releases" rel="noopener noreferrer">Debezium Connector</a> jars.</p></li> </ul> <ul> <li>Start <a href="//bin/zookeeper-server-start.sh%20config/zookeeper.properties">zookeeper</a>. Zookeeper is shipped with Kafka, so we don't need to download separately.</li> </ul> <blockquote> <p><code>/bin/zookeeper-server-start.sh /config/zookeeper.properties</code></p> </blockquote> <ul> <li>Start Kafka</li> </ul> <blockquote> <p><code>/bin/kafka-server-start.sh /config/server.properties</code></p> </blockquote> <ul> <li><a href="https://kafka.apache.org/documentation/#connect" rel="noopener noreferrer">Start kafka-connect</a></li> </ul> <blockquote> <p><code>/bin/connected-distributed.sh /config/connected-distributed.properties</code></p> </blockquote> <p>Now we have all the tools needed installed and running.</p> <h4> Let's create connectors </h4> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2Fs2agrahari%2Fimg-dump%2Fmaster%2Fsc_employee_table_dbz_1.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2Fs2agrahari%2Fimg-dump%2Fmaster%2Fsc_employee_table_dbz_1.png"></a></p> Let us assume the default initial data in the employee table be as shown in the above fig. <p>Give following access to debezium user, so that it can scan and create a snapshot of the table and database at the time of creating a connector.</p> <p><code>GRANT SELECT, RELOAD, SHOW DATABASES, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'debezium'@'%'</code></p> <p>We will first create a source connector that will capture the data change events of the employee table.</p> <blockquote> <p><code>curl -X POST \<br> http://localhost:8083/connectors/ \<br> -H 'Content-Type: application/json' \<br> -H 'Postman-Token: f4367baf-f2b3-4763-84d4-21ae2f68faeb' \<br> -H 'cache-control: no-cache' \<br> -d '{<br> "name": "producer-connector",<br> "config": {<br> "connector.class": "io.debezium.connector.mysql.MySqlConnector",<br> "database.hostname": "127.0.0.1",<br> "database.port": "3306",<br> "database.user": "debezium",<br> "database.password": "dbz",<br> "database.server.id": "12345",<br> "database.server.name": "localhost",<br> "database.history.kafka.bootstrap.servers": "localhost:9092",<br> "database.history.kafka.topic": "dbhistory",<br> "include.schema.changes": "true",<br> "table.whitelist": "employee",<br> "transforms": "Reroute", "transforms.Reroute.type":"io.debezium.transforms.ByLogicalTableRouter",<br> "transforms.Reroute.topic.regex": "([^.]+)\\.([^.]+)\\.([^.]+)",<br> "transforms.Reroute.topic.replacement": "$3"<br> }<br> }'</code></p> </blockquote> <p><em>Little about not so obvious input data</em></p> <p>i) Data change for each table is published in Kafka topic in the format <br> <code>server_name.database_name.table_name</code>.<br> ii) So, here we will transform the topic before they are created using <a href="https://docs.confluent.io/current/connect/transforms/index.html" rel="noopener noreferrer">transform</a>. The new topics that will be created will be of form <code>table_name</code></p> <p>We now will create the sink connector which will consume events from the <code>employee</code> topic and persist in the sink DB</p> <blockquote> <p><code>curl -X POST \<br> http://localhost6:8083/connectors/ \<br> -H 'Content-Type: application/json' \<br> -H 'Postman-Token: 453bb3ff-ac42-4934-a45f-4afb51052609' \<br> -H 'cache-control: no-cache' \<br> -d '{<br> "name": "sink-connector",<br> "config": {<br> "connector.class": "io.confluent.connect.jdbc.JdbcSinkConnector",<br> "tasks.max": "1",<br> "connection.url": "jdbc:mysql://localhost:3306/sink_db?user=sink&amp;password=snk",<br> "transforms": "unwrap",<br> "transforms.unwrap.type": "io.debezium.transforms.UnwrapFromEnvelope",<br> "auto.create": "true",<br> "insert.mode": "insert",<br> "topics.regex": "employee"<br> }<br> }'</code></p> </blockquote> <p>Now, let's make a few updates to the employee table</p> <p><code>update employee set salary = 10000 where emp_id = 1;</code><br> <code>update employee set emp_name = 'CLAIRE' where emp_id = 3;</code></p> <p>You can see in below image that the data changes are captured for the above two update queries<br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2Fs2agrahari%2Fimg-dump%2Fmaster%2Fsc_sink_employee_table_dbz_2.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2Fs2agrahari%2Fimg-dump%2Fmaster%2Fsc_sink_employee_table_dbz_2.png"></a></p> Logged data change events enversalternative debezium datachangecapture auditlog