The project is done in Java, using Spring Boot and Maven.
The project is divided in 3 subprojects:
- ui: the interface
- api: the resource server
- oauth: the authorization server
The authorization server is used for issuing tokens which are used in api
and
get the authorization code which is used in the ui
.
The api
has a few endpoints to create, get, delete and update employees from a company. It is secured by tokens, so you need to issue a token from oauth
The oauth
is a simple app with a basic frontend that consumes data from api
and does the login through oauth
To prepare the system to run the app we can just execute one script or go step by step.
The app requires:
- Java JDK 11
- Maven
- Docker
- Docker-compose
Run the following command:
$ sudo chmod +x install_basic.sh
$ ./install_basic.sh
This project uses Java JDK 11 and maven. So we need to install them with the following commands:
$ sudo apt-get install openjdk-11-jdk maven
Also we need to execute a mysql server in a docker container, which will be used by our application to manage data.
In case we have to install docker and docker-compose, just use the following command:
$ sudo apt-get install docker docker-compose
For this porpuse we have the docker-compose.yml
.
We can run it with:
$ docker-compose -f docker-compose.yml up -d
And then check the mysql image is running
$ docker ps
-
url: localhost:9000
-
client_id: acme
-
client_secret: acmesecret
# cd oauth
$ mvn clean spring-boot:run
This app does not have controllers apart from the ones from Oauth2 authorization server.
It has 2 users created and loaded in DB with the following credentials:
User 1:
- username: admin
- password: admin
User 2:
- username: jes
- password: admin
We can issue tokens using those credentials and grant_type
equal to password
Here an example with curl:
curl acme:acmesecret@localhost:9000/auth/oauth/token -d grant_type=password -d client_id=acme -d username=jes -d password=admin
We should see something like:
{"access_token":"KqQI9Lu75I-CN6L0M2SA-7UKC3Y","token_type":"bearer","refresh_token":"svZm5dEgxzXCh6igLcusxXKv1Q8","expires_in":43035,"scope":"openid"}
-
url: localhost:8090
-
endpoints:
-
GET /employees -> return employees in a company
- Response 200
-
POST /employees -> create employee
- Params:
(application/json)
{ "name": "string", "surname": "string", "email": "string", "address": "string", "salary": float, }
- Response 201
-
GET /employees/{id} -> search employee by id
- Response 200
-
PUT /employees/{id} -> update employee
- Params:
(application/json)
{ "name": "string", "surname": "string", "email": "string", "address": "string", "salary": float, } * Response 201
-
DELETE /employees/{id} -> remove employee
- Response 204
-
GET /employees/avg-salary -> get average salary in company
- Response 200
-
The authentication process identifies to which company belongs the user who issued the token, so it is showing only the employee information from the same company as the authenticated user, and not from others.
$ cd api
$ mvn clean spring-boot:run
First we need is a token generated by oauth
server.
Then we can just try to request to any of the endpoints:
curl -H "Authorization: Bearer <Token here>" localhost:8090/employees
We should see something like:
[{"id":183,"name":"Pri","surname":"Jes","email":"[email protected]","address":"Fake address","salary":500.0,"company":{"id":178,"name":"Company2"}}]
Also is available the route /swagger-ui.html
to see in the browser the endpoints.
- url: localhost:8080
$ cd api
$ mvn clean spring-boot:run
Go to the url http://localhost:8080
in the browser and you will see the webpage.
The home will be empty until you login, you can use any of the credentials from the oauth
:
User 1:
- username: admin
- password: admin
User 2:
- username: jes
- password: admin
Depends with which credentials you log in, you will be able to see the employees from your company.