{"id":14983140,"url":"https://github.com/rocketbase-io/commons-auth","last_synced_at":"2025-10-09T17:12:15.507Z","repository":{"id":30596260,"uuid":"125485761","full_name":"rocketbase-io/commons-auth","owner":"rocketbase-io","description":"simple implementation of an authentication endpoint with jwt, password-reset etc.","archived":false,"fork":false,"pushed_at":"2024-08-22T07:45:20.000Z","size":1470,"stargazers_count":16,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-30T22:41:50.086Z","etag":null,"topics":["jpa","jwt","mongo","rest-api","spring-boot","spring-mvc"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rocketbase-io.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-03-16T08:21:33.000Z","updated_at":"2025-02-19T23:57:27.000Z","dependencies_parsed_at":"2024-09-28T08:41:11.313Z","dependency_job_id":"7e47b726-065f-41c7-92ee-59d1c2f173c3","html_url":"https://github.com/rocketbase-io/commons-auth","commit_stats":{"total_commits":380,"total_committers":2,"mean_commits":190.0,"dds":"0.013157894736842146","last_synced_commit":"c86f5c1caba8c63f9f91fd4828395162f35f23bc"},"previous_names":[],"tags_count":80,"template":false,"template_full_name":null,"purl":"pkg:github/rocketbase-io/commons-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rocketbase-io%2Fcommons-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rocketbase-io%2Fcommons-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rocketbase-io%2Fcommons-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rocketbase-io%2Fcommons-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rocketbase-io","download_url":"https://codeload.github.com/rocketbase-io/commons-auth/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rocketbase-io%2Fcommons-auth/sbom","scorecard":{"id":781823,"data":{"date":"2025-08-11","repo":{"name":"github.com/rocketbase-io/commons-auth","commit":"c86f5c1caba8c63f9f91fd4828395162f35f23bc"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/boot.yml:1","Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/release-to-maven-central.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/boot.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rocketbase-io/commons-auth/boot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/boot.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rocketbase-io/commons-auth/boot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rocketbase-io/commons-auth/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rocketbase-io/commons-auth/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-to-maven-central.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/rocketbase-io/commons-auth/release-to-maven-central.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-to-maven-central.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/rocketbase-io/commons-auth/release-to-maven-central.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-to-maven-central.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/rocketbase-io/commons-auth/release-to-maven-central.yml/master?enable=pin","Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release-to-maven-central.yml:11"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":1,"reason":"9 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-h46c-h94j-95f3","Warn: Project is vulnerable to: GHSA-4gc7-5j7h-4qph","Warn: Project is vulnerable to: GHSA-4wp7-92pw-q264","Warn: Project is vulnerable to: GHSA-9cmq-m9j5-mvww","Warn: Project is vulnerable to: GHSA-2rmj-mq67-h97g","Warn: Project is vulnerable to: GHSA-2wrp-6fg6-hmc5","Warn: Project is vulnerable to: GHSA-4wrc-f8pq-fpqp","Warn: Project is vulnerable to: GHSA-ccgv-vj62-xf9h","Warn: Project is vulnerable to: GHSA-hgjh-9rj2-g67j"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T05:05:19.396Z","repository_id":30596260,"created_at":"2025-08-23T05:05:19.396Z","updated_at":"2025-08-23T05:05:19.396Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279001887,"owners_count":26083197,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["jpa","jwt","mongo","rest-api","spring-boot","spring-mvc"],"created_at":"2024-09-24T14:06:47.626Z","updated_at":"2025-10-09T17:12:15.489Z","avatar_url":"https://github.com/rocketbase-io.png","language":"Java","readme":"# commons-auth\n\n![logo](assets/commons-logo.svg)\n\n\n![build](https://github.com/rocketbase-io/commons-auth/actions/workflows/ci.yml/badge.svg)\n[![Maven Central](https://maven-badges.herokuapp.com/maven-central/io.rocketbase.commons/commons-auth/badge.svg)](https://maven-badges.herokuapp.com/maven-central/io.rocketbase.commons/commons-auth)\n\nAdds auth services to your spring-boot applications. We at [rocketbase.io](https://www.rocketbase.io) develop many microservices and tried different tools and projects. All of them didn't matched our needs or were too bloated for smaller projects.\n\nThe implementation bases on spring-boot: mainly on **spring-mvc**, **spring-data**, **javax.mail** and **jjwt**\n\n**Features:**\n* authentication with jwt-tokens\n* refresh token flow\n* oauth2 endpoints\n* registration + verification flow\n* optional gravatar integration\n* optional key values pairs to hold custom properties to user\n* password forgot/reset flow\n* admin endpoints to crud users + invites\n* invite user flow to allow others to join your application\n* forms to register/forgot-password/invite etc.\n* as admin - impersonate as someone else to check app-behaviour\n\nI've added an swagger api-documentation. You can find it within [src](./commons-auth-api/src/doc/swagger) of [swaggerHub](https://app.swaggerhub.com/apis-docs/melistik/commons-auth/)\n\n## commons-auth-api\n\nThis module provides the DTOs and a client to communicate with the authentication endpoints.\n\n## commons-auth-core\n\nContaining an implementation for Token-Generators, Interfaces, Filters and many more...\n\n## commons-auth-adapter\n\nContaining spring security beans for an easy use within other spring application that are connected to a commons-auth backend...\n\n### configuration properties\n\nYou can configure the behaviour of the service by following properties\n\n| property | default | explanation |\n| ------------------------------ | --------------- | ------------------------------------------------------------ |\n| auth.role-admin | ADMIN | |\n| auth.role-user | USER | |\n| auth.token-secret | *fixed 32chars* | **should get changed for production**\u003cbr\u003eused to generate reset + verification tokens |\n| auth.use-cache-time | 30 | time in minutes - 0 means disabled |\n| auth.verification-url | null | full qualified url to a custom UI that proceed the verification\u003cbr /\u003e?verification=VALUE will get append |\n| auth.password-reset-url | null | full qualified url to a custom UI that proceed the password reset\u003cbr /\u003e?verification=VALUE will get append |\n| auth.password-reset-expiration | 60 | time in minutes - after this period the token is invalid |\n| auth.invite-expiration | 10080 | time in minutes (default 7-days) - after this period the token is invalid |\n| auth.base-url | http://localhost:8080 | required for authFormsController etc. need to specify correctly when you use it |\n| auth.invite.enabled | true | activate invite endpoints (for \"admins\" and \"invited\") |\nFor handling the JWT-Tokens and it's expirations you can use these properties:\n\n| property | default | explanation |\n| ------------------------------ | --------------- | ------------------------------------------------------------ |\n| auth.jwt.header | Authorization | standard approach |\n| auth.jwt.token-prefix | Bearer | standard approach with \" \" at the end |\n| auth.jwt.uri-param | token | token could also get provided via url-param in case of downloads etc. |\n| auth.jwt.secet | **required** | a base64 encoded jwt secret |\n| auth.jwt.access-token-expiration | 60 | time in minutes |\n| auth.jwt.refresh-token-expiration | 43200 | time in minutes - default means 30 days |\n\nThe required security for password could be configured by the following properties:\n\n| property | default | explanation |\n| ------------------------ | ------- | ------------------------------------------------------------ |\n| auth.password.min-length | 8 | minimum length of password |\n| auth.password.max-length | 100 | maximum length of password |\n| auth.password.lowercase | 1 | at least X chars of lowercase |\n| auth.password.uppercase | 1 | at least X chars of uppercase |\n| auth.password.digit | 1 | at least X chars of digit |\n| auth.password.special | 1 | at least X chars of special\u003cbr /\u003e!\"#$%\u0026'()*+,-./:;\u003c=\u003e?@[\\]^_`{\\|}~ |\n\nYou can also configure the setup ot the username:\n\n| property | default | explanation |\n| -------------------------------- | ------- | ------------------------------------------------------------ |\n| auth.username.min-length | 3 | minimum length of username |\n| auth.username.max-length | 20 | maximum length of username |\n| auth.username.special-characters | .-_ | allowed char apart from a-z and digits\u003cbr /\u003eusername need to be lowercase in total |\n\nThe service contains also an registration flow that is by default enabled\n\n\n| property | default | explanation |\n| ------------------------------ | --------------- | ------------------------------------------------------------ |\n| auth.registration.enabled | true | allow users to register |\n| auth.registration.verification | true | registered used needs to verify their email |\n| auth.registration.verification-expiration | 1440 | time in minutes - default means 1 day |\n| auth.registration.role | USER | role of user after registration |\n\nGravatar is been used by default to fetch an avatar if nothing is provided.\n\n| property | default | explanation |\n| ------------------------------ | --------------- | ------------------------------------------------------------ |\n| auth.gravatar.enabled | true | should the avatar been initially loaded via gravatar service |\n| auth.gravatar.size | 256 | size of image |\n| auth.gravatar.image | RETRO | type of placeholder style\u003cbr /\u003ehttps://gravatar.com/site/implement/images/ |\n| auth.gravatar.rating | null | filter for spefic rating\u003cbr /\u003ehttps://gravatar.com/site/implement/images/ |\n\nThe Content of the emails (forgot-password + registration-verification) is been highly configurable. Furthermore a simple EmailTempalte engine is implemented that could also be used for other purposes.\n\n\n| property | default | explanation |\n| ------------------------------ | --------------- | ------------------------------------------------------------ |\n| auth.email.subject-prefix | [Auth] | prefix of email subject |\n| auth.email.service-name | commons-auth | will get displayed in email-text |\n| auth.email.support-email | support@localhost | will get displayed in email-text |\n| auth.email.from-email | no-reply@localhost | sender of emails |\n| auth.email.copyright-name | commons-auth | name of sender |\n| auth.email.copyright-url | link to github repro | will get displayed in email-text |\n\nForms configuration:\n\n| property | default |\n| --------------------------------------------------- | ---------- |\n| auth.forms.title | commons-auth |\n| auth.forms.logo-src | ./assets/rocketbase.svg |\n\n\n## commons-auth-service\n\nContaining nearly all services and functions to perform any task within the application - services for working with entities (without db-layer), performing invites, forgot/password-reset/registration flows, sending emails etc.\n\n| Layout | Emails |\n|:-------:|:-------:|\n| ![](assets/email/email-verify.png) \u003cbr\u003e\u003cbr\u003e confirm email after registration| ![](assets/email/email-change-password.png) \u003cbr\u003e\u003cbr\u003e request password reset |\n| ![](assets/email/email-invite.png) \u003cbr\u003e\u003cbr\u003e invite person to application | ![](assets/email/email-change-email.png) \u003cbr\u003e\u003cbr\u003e confirm new email-address |\n\n\n## commons-auth-email-postmark\n\nPreconfigures an EmailSender that uses [rocketbase/postmark-spring](https://github.com/rocketbase-io/postmark-spring) to sent emails via REST-API.\n\n\n| | default | explanation |\n| -------------------- | ------- | ----------------------------- |\n| postmark.token | *required* | server-api-token of postmark |\n| postmark.api.url | https://api.postmarkapp.com/ | normally no change is required |\n| postmark.api.header | X-Postmark-Server-Token | normally no change is required |\n\n\n## commons-auth-email-smtp\n\nPreconfigures an EmailSender that uses spring-boot-starter-mail to sent emails via SMTP.\n\nTo send emails via spring-boot-starter-mail. This needs also some configurations:\n\n| property | default |\n| ------------------------------------------------ | ---------- |\n| spring.mail.host | *required* |\n| spring.mail.port | *required* |\n| spring.mail.username | *required* |\n| spring.mail.password | *required* |\n| spring.mail.properties.mail.smtp.auth | *required* |\n| spring.mail.properties.mail.smtp.starttls.enable | *required* |\n\n## commons-auth-server\n\nOnly spring rest-controller + exception handler - logic is used from service-module\n\n### configure spring-security\n\nApart from the configuration properties to get it running you need to configure and activate the security filter etc. Here you can find an example:\n\n```java\n@Configuration\n@EnableWebSecurity\n@EnableGlobalMethodSecurity(prePostEnabled = true)\n@EnableConfigurationProperties({AuthProperties.class, FormsProperties.class})\n@RequiredArgsConstructor\npublic class SecurityConfig extends WebSecurityConfigurerAdapter {\n\n private final AuthProperties authProperties;\n\n private final FormsProperties formsProperties;\n\n @Resource\n private UserDetailsService userDetailsService;\n\n @Bean\n public RoleHierarchy roleHierarchy() {\n RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();\n roleHierarchy.setHierarchy(\"ROLE_ADMIN \u003e ROLE_USER\");\n return roleHierarchy;\n }\n\n @Autowired\n public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {\n authenticationManagerBuilder\n .userDetailsService(this.userDetailsService)\n .passwordEncoder(passwordEncoder());\n }\n\n @Bean\n @Override\n public AuthenticationManager authenticationManagerBean() throws Exception {\n return super.authenticationManagerBean();\n }\n\n @Bean\n public PasswordEncoder passwordEncoder() {\n return new BCryptPasswordEncoder();\n }\n\n @Bean\n public JwtAuthenticationTokenFilter authenticationTokenFilterBean() throws Exception {\n return new JwtAuthenticationTokenFilter();\n }\n\n @Override\n protected void configure(HttpSecurity httpSecurity) throws Exception {\n // @formatter:off\n httpSecurity\n // activate CorsConfigurationSource\n .cors().and()\n // we don't need CSRF because our token is invulnerable\n .csrf().disable()\n\n // don't create session\n .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)\n .and()\n\n .authorizeRequests()\n .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()\n\n // allow anonymous resource requests\n .antMatchers(HttpMethod.GET,\n \"/\",\n \"/assets/**\",\n \"/favicon.ico\"\n ).permitAll()\n // configure auth endpoint\n .antMatchers(authProperties.getAllPublicRestEndpointPaths()).permitAll()\n // allow logged in users get profile details etc.\n .antMatchers(authProperties.getAllAuthenticatedRestEndpointPaths()).authenticated()\n // login/logout, forgot, reset-password forms etc\n .antMatchers(formsProperties.getFormEndpointPaths()).permitAll()\n // registration form\n .antMatchers(formsProperties.getRegistrationEndpointPaths()).permitAll()\n // invite form\n .antMatchers(formsProperties.getInviteEndpointPaths()).permitAll()\n // user-management is only allowed by ADMINS\n .antMatchers(authProperties.getApiRestEndpointPaths()).hasRole(authProperties.getRoleAdmin())\n .antMatchers(authProperties.getApiInviteRestEndpointPaths()).hasRole(authProperties.getRoleAdmin())\n .antMatchers(authProperties.getImpersonateEndpointPaths()).hasRole(authProperties.getRoleAdmin())\n .antMatchers(authProperties.getUserSearchRestEndpointPaths()).authenticated()\n // secure all other api-endpoints\n .antMatchers(authProperties.getPrefix()+\"/api/**\").authenticated()\n .anyRequest().authenticated();\n\n // Custom JWT based security filter\n httpSecurity\n .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);\n\n // allow also basic auth (optional)\n httpSecurity.httpBasic();\n\n // disable page caching templates\n httpSecurity.headers().cacheControl().disable();\n // @formatter:on\n }\n\n @Override\n public void configure(WebSecurity web) {\n // needed when basic auth is also set and oauth (with header auth is used)\n web.ignoring().antMatchers(authProperties.getOauthRestEndpointPaths());\n }\n\n // cors allow all\n @Bean\n public CorsConfigurationSource corsConfigurationSource() {\n CorsConfiguration configuration = new CorsConfiguration();\n configuration.addAllowedOrigin(CorsConfiguration.ALL);\n configuration.addAllowedMethod(CorsConfiguration.ALL);\n configuration.addAllowedHeader(CorsConfiguration.ALL);\n configuration.setAllowCredentials(true);\n configuration.setMaxAge(1800L);\n UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();\n source.registerCorsConfiguration(\"/**\", configuration);\n return source;\n }\n\n}\n```\n\n\n## commons-auth-forms\n\nContaining all forms for login, logout, forgot-password, register, email-verifaction etc.\n\nIt's based on Thymeleaf and uses [Bulma](http://bulma.io) from CDN.\n\n## commons-auth-mongo\n\nContaining the persistence layer for user via spring-data-mongo\n\nWill create a collection with name of **user**\n\n## commons-auth-jpa\n\nContaining the persistence layer for user via jpa\n\nWill create 3 tables: **USER**, **USER_ROLES**, **USER_KEYVALUE_PAIRS**\n\nIn order to get it running you need to add the following annotations to your project, so that jpa detects also the provided entites and repositories...\n\n```java\n@EnableJpaRepositories(basePackages = {\"io.rocketbase.commons\", \"YOUR_PACKAGE\"})\n@EntityScan({\"io.rocketbase.commons\", \"YOUR_PACKAGE\"})\n```\n\n## commons-auth-test\n\nSome base test classes and configurations.\n\n## dependencies\n\nHere you can find a simplified dependency-tree of commons-auth created 2020-01\n\n```\n---------------\u003c io.rocketbase.commons:commons-auth-api \u003e---------------\n\nio.rocketbase.commons:commons-auth-api:jar:LATEST-SNAPSHOT\n+- io.rocketbase.commons:commons-rest-api:jar:2.0.0:compile\n+- com.google.guava:guava:jar:28.2-jre:compile\n\n--------------\u003c io.rocketbase.commons:commons-auth-core \u003e---------------\n\nio.rocketbase.commons:commons-auth-core:jar:LATEST-SNAPSHOT\n+- io.rocketbase.commons:commons-auth-api:jar:LATEST-SNAPSHOT:compile\n+- org.springframework.boot:spring-boot:jar:2.2.4.RELEASE:compile\n+- org.springframework.security:spring-security-core:jar:5.2.1.RELEASE:compile\n+- io.jsonwebtoken:jjwt-api:jar:0.10.7:compile\n\n-------------\u003c io.rocketbase.commons:commons-auth-adapter \u003e-------------\n\nio.rocketbase.commons:commons-auth-adapter:jar:LATEST-SNAPSHOT\n+- io.rocketbase.commons:commons-auth-core:jar:LATEST-SNAPSHOT:compile\n+- org.springframework.boot:spring-boot-autoconfigure:jar:2.2.4.RELEASE:compile\n+- org.springframework.security:spring-security-config:jar:5.2.1.RELEASE:compile\n+- org.springframework.security:spring-security-web:jar:5.2.1.RELEASE:compile\n\n-------------\u003c io.rocketbase.commons:commons-auth-service \u003e-------------\n\nio.rocketbase.commons:commons-auth-service:jar:LATEST-SNAPSHOT\n+- io.rocketbase.commons:email-template-builder:jar:1.4.0:compile\n| +- io.pebbletemplates:pebble:jar:3.1.2:compile\n| \\- org.jsoup:jsoup:jar:1.12.1:compile\n+- org.springframework.data:spring-data-commons:jar:2.2.4.RELEASE:compile\n+- org.springframework.boot:spring-boot-autoconfigure:jar:2.2.4.RELEASE:compile\n+- org.springframework:spring-webmvc:jar:5.2.3.RELEASE:compile\n+- org.passay:passay:jar:1.0:compile\n+- org.springframework.boot:spring-boot-starter-mail:jar:2.2.4.RELEASE:compile\n+- org.springframework.security:spring-security-config:jar:5.2.1.RELEASE:compile\n+- org.springframework.security:spring-security-web:jar:5.2.1.RELEASE:compile\n+- org.springframework.boot:spring-boot-configuration-processor:jar:2.2.4.RELEASE:compile\n\n-------------\u003c io.rocketbase.commons:commons-auth-server \u003e--------------\n\nio.rocketbase.commons:commons-auth-server:jar:LATEST-SNAPSHOT\n+- io.rocketbase.commons:commons-auth-adapter:jar:LATEST-SNAPSHOT:compile\n+- io.rocketbase.commons:commons-auth-service:jar:LATEST-SNAPSHOT:compile\n+- io.rocketbase.commons:commons-rest-server:jar:2.0.0:compile\n+- io.rocketbase.commons:commons-rest-errorpage:jar:2.0.0:compile\n+- io.rocketbase.commons:email-template-builder:jar:1.4.0:compile\n| +- io.pebbletemplates:pebble:jar:3.1.2:compile\n| \\- org.jsoup:jsoup:jar:1.12.1:compile\n+- org.springframework.data:spring-data-commons:jar:2.2.4.RELEASE:compile\n+- org.springframework.boot:spring-boot-autoconfigure:jar:2.2.4.RELEASE:compile\n+- org.springframework:spring-webmvc:jar:5.2.3.RELEASE:compile\n+- org.passay:passay:jar:1.0:compile\n+- org.springframework.boot:spring-boot-starter-mail:jar:2.2.4.RELEASE:compile\n+- org.springframework.security:spring-security-config:jar:5.2.1.RELEASE:compile\n+- org.springframework.security:spring-security-web:jar:5.2.1.RELEASE:compile\n+- org.springframework.boot:spring-boot-configuration-processor:jar:2.2.4.RELEASE:compile\n\n--------------\u003c io.rocketbase.commons:commons-auth-mongo \u003e--------------\n\nio.rocketbase.commons:commons-auth-mongo:jar:LATEST-SNAPSHOT\n+- io.rocketbase.commons:commons-auth-service:jar:LATEST-SNAPSHOT:compile\n+- org.springframework.data:spring-data-mongodb:jar:2.2.4.RELEASE:compile\n\n---------------\u003c io.rocketbase.commons:commons-auth-jpa \u003e---------------\n\nio.rocketbase.commons:commons-auth-jpa:jar:LATEST-SNAPSHOT\n+- io.rocketbase.commons:commons-auth-service:jar:LATEST-SNAPSHOT:compile\n+- org.springframework.data:spring-data-jpa:jar:2.2.4.RELEASE:compile\n\n--------------\u003c io.rocketbase.commons:commons-auth-forms \u003e--------------\n\nio.rocketbase.commons:commons-auth-forms:jar:LATEST-SNAPSHOT\n+- io.rocketbase.commons:commons-auth-adapter:jar:LATEST-SNAPSHOT:compile\n+- io.rocketbase.commons:commons-rest-errorpage:jar:2.0.0:compile\n+- org.thymeleaf:thymeleaf:jar:3.0.11.RELEASE:compile\n+- org.springframework:spring-webmvc:jar:5.2.3.RELEASE:compile\n+- org.hibernate.validator:hibernate-validator:jar:6.0.18.Final:compile\n+- org.springframework.boot:spring-boot-autoconfigure:jar:2.2.4.RELEASE:compile\n+- org.springframework.security:spring-security-config:jar:5.2.1.RELEASE:compile\n+- org.springframework.security:spring-security-web:jar:5.2.1.RELEASE:compile\n```\n\n\n### The MIT License (MIT)\nCopyright (c) 2019 rocketbase.io\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frocketbase-io%2Fcommons-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frocketbase-io%2Fcommons-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frocketbase-io%2Fcommons-auth/lists"}