-
Notifications
You must be signed in to change notification settings - Fork 179
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Add authorization server. - Making Gateway and Store services to be the Resource Servers. - Add HTTPS support. - Change test cases to work with security. - Update docker-compose*.yml to add auth-server. - Secure Eureka service.
- Loading branch information
1 parent
a83dfd7
commit eb372c5
Showing
46 changed files
with
1,176 additions
and
125 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -59,3 +59,6 @@ build/ | |
|
||
### VS Code ### | ||
.vscode/ | ||
|
||
### Special files | ||
test-em-all-external-auth.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,9 +8,40 @@ | |
<artifactId>store-aggregator</artifactId> | ||
<version>1.0-SNAPSHOT</version> | ||
<name>Springy Store Aggregator</name> | ||
<description>Aggregator pom project for Springy μServices</description> | ||
<description>Aggregator pom project for all Springy Store μServices</description> | ||
<packaging>pom</packaging> | ||
|
||
<!-- Start - Springy Store Project Owner --> | ||
<developers> | ||
<developer> | ||
<id>0001</id> | ||
<name>Mohamed Taman</name> | ||
<email>[email protected]</email> | ||
<roles> | ||
<role> | ||
Sr. Enterprise Architect | ||
</role> | ||
<role> | ||
Lead Software Architect | ||
</role> | ||
</roles> | ||
</developer> | ||
</developers> | ||
<!-- End - Springy Store Project Owner --> | ||
<!-- Start - Springy Store source repository --> | ||
<scm> | ||
<connection>https://github.com/mohamed-taman/Springy-Store-Microservices.git</connection> | ||
<developerConnection>[email protected]:mohamed-taman/Springy-Store-Microservices.git</developerConnection> | ||
<tag>HEAD</tag> | ||
</scm> | ||
<!-- End - Springy Store source repository --> | ||
<!-- Start - Springy Store issue management --> | ||
<issueManagement> | ||
<system>GitHub</system> | ||
<url>https://github.com/mohamed-taman/Springy-Store-Microservices/issues</url> | ||
</issueManagement> | ||
<!-- End - Springy Store issue management --> | ||
|
||
<properties> | ||
<maven.install.skip>true</maven.install.skip> | ||
<maven.deploy.skip>true</maven.deploy.skip> | ||
|
@@ -28,7 +59,6 @@ | |
<module>store-services/store-service</module> | ||
<module>store-cloud-infra/eureka-server</module> | ||
<module>store-cloud-infra/edge-server</module> | ||
|
||
|
||
<module>store-cloud-infra/authorization-server</module> | ||
</modules> | ||
</project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
#### Start of builder image | ||
# ------------------------ | ||
# Builder stage to prepare application for final image | ||
FROM openjdk:14-slim-buster as builder | ||
WORKDIR temp | ||
|
||
# Fatjar location, but could be set to different location from command line | ||
ARG JAR_FILE=target/*.jar | ||
|
||
# Copy fat jar file to current image builder | ||
COPY ${JAR_FILE} application.jar | ||
|
||
# Extract the jar file layers | ||
RUN java -Djarmode=layertools -jar --enable-preview application.jar extract | ||
|
||
# Workaround to avoid Copy command failure when directory is not exists. | ||
RUN test ! -d ./snapshot-dependencies \ | ||
&& mkdir snapshot-dependencies \ | ||
&& echo "Directory [snapshot-dependencies] created." | ||
|
||
#### End of builder stage | ||
|
||
#### Start of actual image | ||
# ------------------------ | ||
# Build image based on JDK 14 base image, based on latest debian buster OS | ||
FROM openjdk:14-slim-buster | ||
VOLUME /tmp | ||
|
||
# Set image information, but could be set to different location from command line | ||
ARG IMAGE_VERSION="1.0-SNAPSHOT" | ||
ARG IMAGE_NAME="Authorization Server" | ||
ARG MAINTAINER="Mohamed Taman <[email protected]>" | ||
|
||
LABEL version=${IMAGE_VERSION} name=${IMAGE_NAME} maintainer=${MAINTAINER} | ||
|
||
# Limiting security access to not user root user | ||
RUN addgroup siriusxi && useradd -g siriusxi -ms /bin/bash taman | ||
|
||
# Setting user to current created user | ||
USER taman | ||
|
||
# Set working directory to application folder | ||
WORKDIR /home/taman/application | ||
|
||
# Copy all layers from builder stage to current image | ||
COPY --from=builder temp/dependencies/ ./ | ||
COPY --from=builder temp/snapshot-dependencies/ ./ | ||
COPY --from=builder temp/spring-boot-loader/ ./ | ||
COPY --from=builder temp/application/ ./ | ||
|
||
# Expose current server to port 9999 | ||
EXPOSE 9999 | ||
|
||
ARG JAVA_OPTS="" | ||
|
||
# Run the application with JVM configs if any | ||
ENTRYPOINT ["bash", "-c", \ | ||
"java -server --enable-preview -XX:+UseContainerSupport -XX:+ShowCodeDetailsInExceptionMessages \ | ||
-XX:+AlwaysActAsServerClassMachine -XX:+UseG1GC -XX:+UseStringDeduplication ${JAVA_OPTS} \ | ||
org.springframework.boot.loader.JarLauncher ${0} ${@}"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
<parent> | ||
<groupId>com.siriusxi.ms.store</groupId> | ||
<artifactId>store-cloud-chassis</artifactId> | ||
<version>1.0-SNAPSHOT</version> | ||
<relativePath>../../store-base/store-cloud-chassis/pom.xml</relativePath> | ||
</parent> | ||
|
||
<groupId>com.siriusxi.cloud.infra</groupId> | ||
<artifactId>auth-server</artifactId> | ||
<version>0.0.1-SNAPSHOT</version> | ||
<name>Authorization Server</name> | ||
<description>OAuth2 Authorization Server, based on Spring boot.</description> | ||
<packaging>jar</packaging> | ||
|
||
<properties> | ||
<spring.security.jwt.jose.version>5.0.0.M5</spring.security.jwt.jose.version> | ||
</properties> | ||
|
||
<dependencies> | ||
<!-- Start - To register API Gateway server with Eureka Discovery Server --> | ||
<dependency> | ||
<groupId>org.springframework.cloud</groupId> | ||
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId> | ||
</dependency> | ||
<!-- End - To register API Gateway server with Eureka Discovery Server --> | ||
|
||
<dependency> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-starter-web</artifactId> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>org.springframework.security.oauth.boot</groupId> | ||
<artifactId>spring-security-oauth2-autoconfigure</artifactId> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>org.springframework.security</groupId> | ||
<artifactId>spring-security-jwt-jose</artifactId> | ||
<version>${spring.security.jwt.jose.version}</version> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>org.springframework.security</groupId> | ||
<artifactId>spring-security-test</artifactId> | ||
<scope>test</scope> | ||
</dependency> | ||
</dependencies> | ||
</project> |
15 changes: 15 additions & 0 deletions
15
...zation-server/src/main/java/com/siriusxi/cloud/infra/auth/server/AuthorizationServer.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
package com.siriusxi.cloud.infra.auth.server; | ||
|
||
import org.springframework.boot.SpringApplication; | ||
import org.springframework.boot.autoconfigure.SpringBootApplication; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; | ||
|
||
@EnableAuthorizationServer | ||
@SpringBootApplication | ||
public class AuthorizationServer { | ||
|
||
public static void main(String[] args) { | ||
SpringApplication.run(AuthorizationServer.class, args); | ||
} | ||
|
||
} |
Oops, something went wrong.