Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/transempiric/webfluxtemplate

Spring Webflux template application with working Spring Security, Web-sockets, Rest, Web MVC, and Authentication with JWT.
https://github.com/transempiric/webfluxtemplate

gradle java8 json-web-token jwt-authentication jwt-bearer-tokens microservices-architecture mongodb mongodb-database netty-websocket reactive restcontroller restful-api sping-reactive spring spring-boot spring-security web-sockets webflux websocket websockets

Last synced: 1 day ago
JSON representation

Spring Webflux template application with working Spring Security, Web-sockets, Rest, Web MVC, and Authentication with JWT.

Host: GitHub
URL: https://github.com/transempiric/webfluxtemplate
Owner: TransEmpiric
License: mit
Created: 2018-01-25T18:52:34.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2018-05-14T21:47:47.000Z (over 6 years ago)
Last Synced: 2024-09-23T01:31:22.078Z (3 days ago)
Topics: gradle, java8, json-web-token, jwt-authentication, jwt-bearer-tokens, microservices-architecture, mongodb, mongodb-database, netty-websocket, reactive, restcontroller, restful-api, sping-reactive, spring, spring-boot, spring-security, web-sockets, webflux, websocket, websockets
Language: Java
Size: 256 KB
Stars: 126
Watchers: 17
Forks: 39
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # Spring 5 Webflux Template

This code can be used to build the next generation of applications using micro-services, reactive programing, webs-sockets, rest, mongoDB, JWT (JSON Web Tokens) and Netty.

## What is this again?

This is a complete template example for Spring 5 Webflux.

The application shows how to use Spring 5 Webflux with Spring Security, web-sockets, @RestContorler, @Controller, Reactive MongoDB, and JWT.

Spring 5 is still new.  There are very few examples of how to use Spring Security with the Webflux stack.

Reactive Oauth2 support is not ready yet.  This application roles it's own Oauth2 like api with JWT tokens.

This app has integrated web-sockets and rest services into the Reactive Spring Security implementation.

#### MongoDB

MongoDB is used for this example, so you'll need this up and running on your local machine, if you are on OSX, you can easily install

MongoDB using Homebrew.

The MongoDB config is defined in application.yml.

## Running locally

```

	git clone https://github.com/TransEmpiric/webFluxTemplate.git

	cd webFluxTemplate

	./gradlew bootRun

```

If everything goes well you can go to the Secure Web-socket Example page [http://localhost:8443/test/ws](http://localhost:8443/test/ws)

#### Get a JWT for authentication

Endpoint:


http://localhost:8443/auth/token

Method:


POST:


Request headers:

```

content-type: application/json

```

Body:

```

{"username" : "jdev", "password":"jdev"}

```

Response:

```

{

"token": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJqZGV2IiwiYXVkIjoidW5rbm93biIsImV4cCI6MjEyMTcwNzgyMiwiaWF0IjoxNTE2OTA3ODIyfQ.TVwbWsz-BDfMQmgUDnB_GloXklEdS_ABMiF9iGzHrBNA1f4yOQb3day7vcFLNxcLefkQjZDlVlpU91AtkzQqLg",

"username": "jdev"

}

```

#### Use JWT on a secure rest endpoint

Endpoint:


http://localhost:8443/api/rest/user/list:


Method:


GET:


Request headers:

```

Content-Type: application/json

Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJqZGV2IiwiYXVkIjoidW5rbm93biIsImV4cCI6MjEyMTcwNzgyMiwiaWF0IjoxNTE2OTA3ODIyfQ.TVwbWsz-BDfMQmgUDnB_GloXklEdS_ABMiF9iGzHrBNA1f4yOQb3day7vcFLNxcLefkQjZDlVlpU91AtkzQqLg

```

Response:

```

[

   {

      "id":"5a6a2ef094bf49a0b8319a30",

      "username":"jdev",

      "firstname":"Joe",

      "lastname":"Developer",

      "email":"[email protected]",

      "roles":[

         "ROLE_ADMIN"

      ],

      "enabled":true,

      "lastPasswordResetDate":1516908272107,

      "accountNonExpired":true,

      "accountNonLocked":true,

      "credentialsNonExpired":true,

      "authorities":[

         {

            "authority":"ROLE_ADMIN"

         }

      ]

   }

]

```

#### Use JWT on a secure web-socket endpoint

Go to [http://localhost:8443/test/ws](http://localhost:8443/test/ws) in a browser.

JWT is hard coded in the JS within templates/websocket.ftl

You need to replace with a new token if the hard coded token has expired

```

    

        // Use wss:// for HTTPS

        var socket = new WebSocket("ws://" + location.host + "/api/ws/echotest?token=eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJqZGV2IiwiYXVkIjoidW5rbm93biIsImV4cCI6MjEyMTYwODkyMywiaWF0IjoxNTE2ODA4OTIzfQ.QdSkOuGb8tp1QKjRKzUPlUqobNzF0PuDNk4Y7qAXqrVdbVaKiNJPalxUYapDoeQxE_Dz9WqhdrpdLpGQnlgkkw");

        addEvent("keypress", document.getElementById('input'), function(event) {

            socket.send(event.key);

        });

        var output = document.getElementById("output");

        socket.onmessage = function(e) {

            output.innerHTML = output.innerHTML + e.data;

        }

    

```

#### Properties

```

Properties are in application.yml

You can set to HTTPS (test cert works) if you want, but make sure to update the call to web-socket endpoints with "wss://"

```

#### WILLDO

```

Verify password at auth end point with CustomPasswordEncoder

Make a UI for example token retrieval and a UI to use it

Finish Refresh Token code

Add React and/or Angular Front-end example to repo

```