https://github.com/open-eo/openeo-spring-driver

openEO driver build on spring using WCPS and ODC storage access
https://github.com/open-eo/openeo-spring-driver

Last synced: 4 months ago
JSON representation

openEO driver build on spring using WCPS and ODC storage access

• Host: GitHub
• URL: https://github.com/open-eo/openeo-spring-driver
• Owner: Open-EO
• License: apache-2.0
• Created: 2020-06-30T12:45:49.000Z (almost 6 years ago)
• Default Branch: master
• Last Pushed: 2024-12-12T14:21:03.000Z (over 1 year ago)
• Last Synced: 2025-04-12T07:51:41.336Z (about 1 year ago)
• Language: Java
• Size: 1.48 MB
• Stars: 0
• Watchers: 8
• Forks: 0
• Open Issues: 38
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# OpenAPI generated server

Spring Boot Server 

## Overview  

This server was generated by the [OpenAPI Generator](https://openapi-generator.tech) project.

By using the [OpenAPI-Spec](https://openapis.org), you can easily generate a server stub.

This is an example of building a OpenAPI-enabled server in Java using the SpringBoot framework.

The underlying library integrating OpenAPI to SpringBoot is [springfox](https://github.com/springfox/springfox)

Start your server as a simple java application

You can view the api documentation in swagger-ui by pointing to  

https://localhost:8443/

## Configuration setup hints

This back-end is only functional if an `application.properties` file is added to */src/main/resources*.

This file should contain at least the following:

```

# authentication

spring.security.enable-basic={true,false}

spring.security.enable-keycloak={true,false}

spring.jackson.date-format=org.openeo.spring.RFC3339DateFormat

spring.jackson.serialization.WRITE_DATES_AS_TIMESTAMPS=false

spring.h2.console.enabled=true

spring.h2.console.settings.web-allow-others=true

server.tomcat.port=8081

server.port=8443

spring.datasource.jdbc=jdbc:h2:/path/to/openeo.db;DB_CLOSE_DELAY=-1

spring.datasource.username=my_username

spring.datasource.initialization-mode

server.ssl.key-store-type=PKCS12

server.ssl.key-store=classpath:my_keystore.p12

server.ssl.key-store-password=my_keystore_password

server.ssl.key-alias=my_alias

#server.ssl.trust-store=classpath:my_truststore.p12

#server.ssl.trust-store-password=my_truststore_password

security.require-ssl=true

spring.security.filter.order=5

spring.jackson.serialization.write-dates-as-timestamps=false

co.elasticsearch.endpoint=https://my_elastic:9200

co.elasticsearch.service.name=openeo

co.elasticsearch.service.node.name=elk_node_hostname

co.elasticsearch.service.index.name=es_index_name

co.elasticsearch.service.truststore.password=my_password

co.elasticsearch.service.truststore.path=/path/to/elastic-certificates.p12

co.elasticsearch.service.keystore.password=my_password

co.elasticsearch.service.keystore.path=/path/to/http.p12

co.elasticsearch.service.username=elastic_uname

co.elasticsearch.service.password=my_password

	

org.openeo.tmp.dir=tmp/

org.openeo.tmp.file.expiry=60

org.openeo.file.expiry=1

org.openeo.querycollectionsonstartup=true

org.openeo.parallelizedHarvest=true

org.openeo.wcps.endpoint=http://my_wcps_server:8080

org.openeo.wcps.endpoint.version=2.0.1

org.openeo.wcps.provider.name=My Company

org.openeo.wcps.provider.url=http://www.my-company.url

org.openeo.wcps.provider.type=host

org.openeo.wcps.processes.list=classpath:processes_wcps.json

org.openeo.wcps.collections.list=collections_wcps.json

org.openeo.odc.endpoint=http://my_open_data_cube_endpoint

org.openeo.odc.deleteResultEndpoint=http://my_open_data_cube_endpoint_for_stopping_a_job

org.openeo.odc.collectionsEndpoint=http://my_open_data_cube_endpoint/collections/

org.openeo.odc.provider.name=open data cube provider name

org.openeo.odc.provider.url=http://www.open_data_cube_provider.url

org.openeo.odc.provider.type=host

org.openeo.odc.processes.list=classpath:processes_odc.json

org.openeo.odc.collections.list=collections_odc.json

org.openeo.endpoint=https://my_openeo.url

org.openeo.public.endpoint=https://my_openeo_public.url

org.openeo.udf.python.endpoint=http://my_openeo_python_udf_service.url

org.openeo.udf.candela.endpoint=http://my_openeo_candela_service.url

org.openeo.udf.r.endpoint=http://my_openeo_R_udf_service.url

org.openeo.udf.dir=/my/udf/working/directory/

org.openeo.udf.importscript=/my/udf/import/script/import_udf.sh

spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration

```

Further files needed are for authentication management through an external Keycloak server.

The `keycloak.properties`:

```

spring.security.oauth2.client.registration.keycloak.client-id=openEO

spring.security.oauth2.client.registration.keycloak.client-secret={{secret}}

spring.security.oauth2.client.registration.keycloak.authorization-grant-type=authorization_code

spring.security.oauth2.client.registration.keycloak.scope=openid

# OpenID Connect (OIDC)

spring.security.oauth2.client.provider.keycloak.issuer-uri=https://my_keycloak.url/auth/realms/my_realm

spring.security.oauth2.client.provider.keycloak.user-name-attribute=preferred_username

# OAUTH2-JWT token

spring.security.oauth2.resourceserver.jwt.issuer-uri=https://my_keycloak.url/auth/realms/my_realm

# openEO credentials

org.openeo.oidc.providers.list=classpath:oidc_providers.json

```

and for the support of default client id configuration: `oidc_providers.json`

```

{

	"providers": [

		{

			"id": "my_default_provider",

			"issuer": "https://my_keycloak.url/auth/realms/my_realm",

			"scopes": [

				"email",

				"profile",

				"roles",

				"web-origins",

				"address",

				"microprofile-jwt",

				"offline_access",

				"phone"

			],

			"title": "My Deault Provider",

			"description": "Some more information about my default oidc provider and setup.",

			"default_clients": [

				{

					"id": "my_client_id",

					"grant_types": [

						"authorization_code+pkce",

						"refresh-token"

					],

					"redirect_urls": [

						"https://editor.openeo.org/",

						"http://localhost:1410/*"

					]

				}

			]

		}

	]

}

```

For internal basic authentication instead, a bearer token issuer configuration file shall also be created: ``jwt.properties``

```

jwt.secret={{secret-hash}}

jwt.issuer=ACME Srl

jwt.type=JWT

jwt.audience=openEO

jwt.exp-minutes={{N}}

```

## Logging

All logging can be controlled through **log4j2**.

For tweaking of log level and file output modify

`log4j2.xml` in *./src/main/resources*.

The latest server rolllog is stored in the `openeo_$VERSION.log`, which is rolled after reaching 250MB of size, storing the compressed rolled logs in monthly subfolders *YYYY-MM/*. The root log folder can be set via the `OPENEO_LOGS_DIR` environment variable (default to *./logs/*).