diff --git a/README.md b/README.md index 6fcb5a302..83aa2cc5d 100644 --- a/README.md +++ b/README.md @@ -1,35 +1,127 @@ -![PicPay](https://user-images.githubusercontent.com/1765696/26998603-711fcf30-4d5c-11e7-9281-0d9eb20337ad.png) +# Example Java Spring Boot API -# Teste Backend +## Prerequisites -O desafio é criar uma API REST que busca usuarios pelo nome e username a partir de uma palavra chave. Faça o download do arquivo [users.csv.gz](https://s3.amazonaws.com/careers-picpay/users.csv.gz) que contém o banco de dados que deve ser usado na busca. Ele contém os IDs, nomes e usernames dos usuários. +Docker -###### Exemplo -| ID | Nome | Username | -|--------------------------------------|-------------------|----------------------| -| 065d8403-8a8f-484d-b602-9138ff7dedcf | Wadson marcia | wadson.marcia | -| 5761be9e-3e27-4be8-87bc-5455db08408 | Kylton Saura | kylton.saura | -| ef735189-105d-4784-8e2d-c8abb07e72d3 | Edmundo Cassemiro | edmundo.cassemiro | -| aaa40f4e-da26-42ee-b707-cb81e00610d5 | Raimundira M | raimundiram | -| 51ba0961-8d5b-47be-bcb4-54633a567a99 | Pricila Kilder | pricilakilderitaliani| +## Installing +Baixe este projeto. No prompt de comando, acesse o diretório do projeto e execute o comando para subir os containers: +``` +$ docker-compose up --build +``` -Também são fornecidas duas listas de usuários que devem ser utilizadas para priorizar os resultados da busca. A lista 1 tem mais prioridade que a lista 2. Ou seja, se dois usuarios casam com os criterios de busca, aquele que está na lista 1 deverá ser exibido primeiro em relação àquele que está na lista 2. Os que não estão em nenhuma das listas são exibidos em seguida. +O Docker realizará o download do Banco de Dados remoto disponibilizado (cerca de 500mb). Dependendo da velocidade da internet, realizar o download e subir os containers poderá demorar de 30 a 40 minutos. +Aguarde a execução da aplicação. Ao final, o sistema irá retornar uma mensagem nos logs: +``` +Started ExampleApiApplication in x seconds +``` -As listas podem ser encontradas na raiz deste repositório ([lista_relevancia_1.txt](lista_relevancia_1.txt) e [lista_relevancia_2.txt](lista_relevancia_2.txt)). -Os resultados devem ser retornados paginados de 15 em 15 registros. +Este procedimento deverá levar alguns minutos devido às migrações executadas para o banco de dados da aplicação. -Escolha as tecnologias que você vai usar e tente montar uma solução completa para rodar a aplicação. +## Getting Started -Faça um ***Fork*** deste repositório e abra um ***Pull Request***, **com seu nome na descrição**, para participar. Assim que terminar, envie um e-mail para ***desafio@picpay.com*** com o seu usuário do Github nos avisando. +Para ter acesso aos serviços criados para este teste, utilize a URL abaixo para importar o projeto no Postman e realizar através dele as requisições necessárias para teste. +Todas as requisições já estarão pré criadas, necessitando apenas a solicitação de um novo token para autenticação. +``` +https://www.getpostman.com/collections/850a6e83659cebf54efa +``` ------ +## Running the tests -### Diferenciais +Realizar um POST na seguinte URL: -- Criar um frontend para realizar a busca com uma UX elaborada -- Criar uma solução de autenticação entre o frontend e o backend -- Ter um desempenho elevado num conjunto de dados muito grande -- Utilizar o Docker +``` +http://localhost:8083/oauth/token +``` + +### Authorization + +Utilizar a Basic Auth com as seguintes informações: +* Username = my-frontend +* Password = myFr0nt3nd + + +O corpo da requisição (Content-Type: application/x-www-form-urlencoded) deverá conter as seguintes informações (key=value): +* client = my-frontend +* username = admin +* password = admin +* grant_type = password + +O sistema retornará um "access_token", que deverá ser utilizado como autenticação (Bearer Token) nas requisições de busca de pessoas: +``` +{ + "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJhZG1pbiIsInNjb3BlIjpbInJlYWQiLCJ3cml0ZSJdLCJleHAiOjE1NDQ0MTIwOTYsImF1dGhvcml0aWVzIjpbIlJPTEVfU0VBUkNIX1BFUlNPTiJdLCJqdGkiOiI5NGE3ZDQ4OC0yZjAwLTRiNDktYmVkNC02YjI4ZjcyMTM4YmQiLCJjbGllbnRfaWQiOiJteS1mcm9udGVuZCIsInVzZXJuYW1lIjoiYWRtaW4ifQ.gQDucn1CuAiyKrnvSfLJlvYVocTw21TkPZb3Nl2eEsk", + "token_type": "bearer", + "expires_in": 3599, + "scope": "read write", + "username": "admin", + "jti": "94a7d488-2f00-4b49-bed4-6b28f72138bd" +} +``` + +### Renew Token + +Ao obter a mensagem de token expirado, basta enviar um POST para a mesma URL, porém o corpo da requisição (Content-Type: application/x-www-form-urlencoded) deverá conter apenas: +* grant_type = refesh_token + +### Search Users + +Realizar um GET com a seguinte URL: + +``` +http://localhost:8083/people?searchString= +``` + +Para passar uma String de busca, basta preencher o parâmetro searchString com o valor desejado. +O sistema retornará a primeira página de resultados. + +A lista de prioridades foi incorporada à tabela de pessoas e o valor da prioridade também será retornada no resultado busca. + +``` +{ + "content": [ + { + "id": "6e172695-c76c-4364-8dd9-44e6d2d3aed9", + "name": "Heitor Rovaron", + "username": "heitor.rovaron", + "priority": null + } + ], + "pageable": { + "sort": { + "unsorted": true, + "sorted": false, + "empty": true + }, + "pageSize": 15, + "pageNumber": 0, + "offset": 0, + "paged": true, + "unpaged": false + }, + "totalPages": 1, + "totalElements": 1, + "last": true, + "first": true, + "sort": { + "unsorted": true, + "sorted": false, + "empty": true + }, + "numberOfElements": 1, + "size": 15, + "number": 0, + "empty": false +} +``` + +## Stopping Containers + +Para parar os containers em execução: + +``` +$ docker-compose stop +``` diff --git a/app/.gitignore b/app/.gitignore new file mode 100644 index 000000000..82eca336e --- /dev/null +++ b/app/.gitignore @@ -0,0 +1,25 @@ +/target/ +!.mvn/wrapper/maven-wrapper.jar + +### STS ### +.apt_generated +.classpath +.factorypath +.project +.settings +.springBeans +.sts4-cache + +### IntelliJ IDEA ### +.idea +*.iws +*.iml +*.ipr + +### NetBeans ### +/nbproject/private/ +/build/ +/nbbuild/ +/dist/ +/nbdist/ +/.nb-gradle/ \ No newline at end of file diff --git a/app/.mvn/wrapper/maven-wrapper.jar b/app/.mvn/wrapper/maven-wrapper.jar new file mode 100644 index 000000000..01e679973 Binary files /dev/null and b/app/.mvn/wrapper/maven-wrapper.jar differ diff --git a/app/.mvn/wrapper/maven-wrapper.properties b/app/.mvn/wrapper/maven-wrapper.properties new file mode 100644 index 000000000..717934671 --- /dev/null +++ b/app/.mvn/wrapper/maven-wrapper.properties @@ -0,0 +1 @@ +distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.5.4/apache-maven-3.5.4-bin.zip diff --git a/app/Dockerfile b/app/Dockerfile new file mode 100644 index 000000000..b1757a0cc --- /dev/null +++ b/app/Dockerfile @@ -0,0 +1,17 @@ +#FROM alpine:3.8 as dwnldr +# +#RUN apk --update add wget \ +# gzip + +#RUN wget "http://res.cloudinary.com/dbgv8nukd/raw/upload/v1537738980/picpay/users.csv.gz" +#RUN wget "https://s3.amazonaws.com/careers-picpay/users.csv.gz" + +#RUN gunzip users.csv.gz +#RUN cp users.csv /tmp +#RUN mv users.csv /tmp + +FROM maven:3.5-jdk-8 + +#COPY --from=dwnldr /tmp /tmp + +#RUN ls /tmp \ No newline at end of file diff --git a/app/mvnw b/app/mvnw new file mode 100644 index 000000000..5551fde8e --- /dev/null +++ b/app/mvnw @@ -0,0 +1,286 @@ +#!/bin/sh +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- + +# ---------------------------------------------------------------------------- +# Maven2 Start Up Batch script +# +# Required ENV vars: +# ------------------ +# JAVA_HOME - location of a JDK home dir +# +# Optional ENV vars +# ----------------- +# M2_HOME - location of maven2's installed home dir +# MAVEN_OPTS - parameters passed to the Java VM when running Maven +# e.g. to debug Maven itself, use +# set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 +# MAVEN_SKIP_RC - flag to disable loading of mavenrc files +# ---------------------------------------------------------------------------- + +if [ -z "$MAVEN_SKIP_RC" ] ; then + + if [ -f /etc/mavenrc ] ; then + . /etc/mavenrc + fi + + if [ -f "$HOME/.mavenrc" ] ; then + . "$HOME/.mavenrc" + fi + +fi + +# OS specific support. $var _must_ be set to either true or false. +cygwin=false; +darwin=false; +mingw=false +case "`uname`" in + CYGWIN*) cygwin=true ;; + MINGW*) mingw=true;; + Darwin*) darwin=true + # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home + # See https://developer.apple.com/library/mac/qa/qa1170/_index.html + if [ -z "$JAVA_HOME" ]; then + if [ -x "/usr/libexec/java_home" ]; then + export JAVA_HOME="`/usr/libexec/java_home`" + else + export JAVA_HOME="/Library/Java/Home" + fi + fi + ;; +esac + +if [ -z "$JAVA_HOME" ] ; then + if [ -r /etc/gentoo-release ] ; then + JAVA_HOME=`java-config --jre-home` + fi +fi + +if [ -z "$M2_HOME" ] ; then + ## resolve links - $0 may be a link to maven's home + PRG="$0" + + # need this for relative symlinks + while [ -h "$PRG" ] ; do + ls=`ls -ld "$PRG"` + link=`expr "$ls" : '.*-> \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG="`dirname "$PRG"`/$link" + fi + done + + saveddir=`pwd` + + M2_HOME=`dirname "$PRG"`/.. + + # make it fully qualified + M2_HOME=`cd "$M2_HOME" && pwd` + + cd "$saveddir" + # echo Using m2 at $M2_HOME +fi + +# For Cygwin, ensure paths are in UNIX format before anything is touched +if $cygwin ; then + [ -n "$M2_HOME" ] && + M2_HOME=`cygpath --unix "$M2_HOME"` + [ -n "$JAVA_HOME" ] && + JAVA_HOME=`cygpath --unix "$JAVA_HOME"` + [ -n "$CLASSPATH" ] && + CLASSPATH=`cygpath --path --unix "$CLASSPATH"` +fi + +# For Mingw, ensure paths are in UNIX format before anything is touched +if $mingw ; then + [ -n "$M2_HOME" ] && + M2_HOME="`(cd "$M2_HOME"; pwd)`" + [ -n "$JAVA_HOME" ] && + JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" + # TODO classpath? +fi + +if [ -z "$JAVA_HOME" ]; then + javaExecutable="`which javac`" + if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then + # readlink(1) is not available as standard on Solaris 10. + readLink=`which readlink` + if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then + if $darwin ; then + javaHome="`dirname \"$javaExecutable\"`" + javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" + else + javaExecutable="`readlink -f \"$javaExecutable\"`" + fi + javaHome="`dirname \"$javaExecutable\"`" + javaHome=`expr "$javaHome" : '\(.*\)/bin'` + JAVA_HOME="$javaHome" + export JAVA_HOME + fi + fi +fi + +if [ -z "$JAVACMD" ] ; then + if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + else + JAVACMD="`which java`" + fi +fi + +if [ ! -x "$JAVACMD" ] ; then + echo "Error: JAVA_HOME is not defined correctly." >&2 + echo " We cannot execute $JAVACMD" >&2 + exit 1 +fi + +if [ -z "$JAVA_HOME" ] ; then + echo "Warning: JAVA_HOME environment variable is not set." +fi + +CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher + +# traverses directory structure from process work directory to filesystem root +# first directory with .mvn subdirectory is considered project base directory +find_maven_basedir() { + + if [ -z "$1" ] + then + echo "Path not specified to find_maven_basedir" + return 1 + fi + + basedir="$1" + wdir="$1" + while [ "$wdir" != '/' ] ; do + if [ -d "$wdir"/.mvn ] ; then + basedir=$wdir + break + fi + # workaround for JBEAP-8937 (on Solaris 10/Sparc) + if [ -d "${wdir}" ]; then + wdir=`cd "$wdir/.."; pwd` + fi + # end of workaround + done + echo "${basedir}" +} + +# concatenates all lines of a file +concat_lines() { + if [ -f "$1" ]; then + echo "$(tr -s '\n' ' ' < "$1")" + fi +} + +BASE_DIR=`find_maven_basedir "$(pwd)"` +if [ -z "$BASE_DIR" ]; then + exit 1; +fi + +########################################################################################## +# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central +# This allows using the maven wrapper in projects that prohibit checking in binary data. +########################################################################################## +if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then + if [ "$MVNW_VERBOSE" = true ]; then + echo "Found .mvn/wrapper/maven-wrapper.jar" + fi +else + if [ "$MVNW_VERBOSE" = true ]; then + echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." + fi + jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.4.2/maven-wrapper-0.4.2.jar" + while IFS="=" read key value; do + case "$key" in (wrapperUrl) jarUrl="$value"; break ;; + esac + done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" + if [ "$MVNW_VERBOSE" = true ]; then + echo "Downloading from: $jarUrl" + fi + wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" + + if command -v wget > /dev/null; then + if [ "$MVNW_VERBOSE" = true ]; then + echo "Found wget ... using wget" + fi + wget "$jarUrl" -O "$wrapperJarPath" + elif command -v curl > /dev/null; then + if [ "$MVNW_VERBOSE" = true ]; then + echo "Found curl ... using curl" + fi + curl -o "$wrapperJarPath" "$jarUrl" + else + if [ "$MVNW_VERBOSE" = true ]; then + echo "Falling back to using Java to download" + fi + javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" + if [ -e "$javaClass" ]; then + if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then + if [ "$MVNW_VERBOSE" = true ]; then + echo " - Compiling MavenWrapperDownloader.java ..." + fi + # Compiling the Java class + ("$JAVA_HOME/bin/javac" "$javaClass") + fi + if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then + # Running the downloader + if [ "$MVNW_VERBOSE" = true ]; then + echo " - Running MavenWrapperDownloader.java ..." + fi + ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") + fi + fi + fi +fi +########################################################################################## +# End of extension +########################################################################################## + +export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} +if [ "$MVNW_VERBOSE" = true ]; then + echo $MAVEN_PROJECTBASEDIR +fi +MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" + +# For Cygwin, switch paths to Windows format before running java +if $cygwin; then + [ -n "$M2_HOME" ] && + M2_HOME=`cygpath --path --windows "$M2_HOME"` + [ -n "$JAVA_HOME" ] && + JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` + [ -n "$CLASSPATH" ] && + CLASSPATH=`cygpath --path --windows "$CLASSPATH"` + [ -n "$MAVEN_PROJECTBASEDIR" ] && + MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` +fi + +WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain + +exec "$JAVACMD" \ + $MAVEN_OPTS \ + -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ + "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ + ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" diff --git a/app/mvnw.cmd b/app/mvnw.cmd new file mode 100644 index 000000000..e5cfb0ae9 --- /dev/null +++ b/app/mvnw.cmd @@ -0,0 +1,161 @@ +@REM ---------------------------------------------------------------------------- +@REM Licensed to the Apache Software Foundation (ASF) under one +@REM or more contributor license agreements. See the NOTICE file +@REM distributed with this work for additional information +@REM regarding copyright ownership. The ASF licenses this file +@REM to you under the Apache License, Version 2.0 (the +@REM "License"); you may not use this file except in compliance +@REM with the License. You may obtain a copy of the License at +@REM +@REM http://www.apache.org/licenses/LICENSE-2.0 +@REM +@REM Unless required by applicable law or agreed to in writing, +@REM software distributed under the License is distributed on an +@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +@REM KIND, either express or implied. See the License for the +@REM specific language governing permissions and limitations +@REM under the License. +@REM ---------------------------------------------------------------------------- + +@REM ---------------------------------------------------------------------------- +@REM Maven2 Start Up Batch script +@REM +@REM Required ENV vars: +@REM JAVA_HOME - location of a JDK home dir +@REM +@REM Optional ENV vars +@REM M2_HOME - location of maven2's installed home dir +@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands +@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a key stroke before ending +@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven +@REM e.g. to debug Maven itself, use +@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 +@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files +@REM ---------------------------------------------------------------------------- + +@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' +@echo off +@REM set title of command window +title %0 +@REM enable echoing my setting MAVEN_BATCH_ECHO to 'on' +@if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% + +@REM set %HOME% to equivalent of $HOME +if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") + +@REM Execute a user defined script before this one +if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre +@REM check for pre script, once with legacy .bat ending and once with .cmd ending +if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat" +if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd" +:skipRcPre + +@setlocal + +set ERROR_CODE=0 + +@REM To isolate internal variables from possible post scripts, we use another setlocal +@setlocal + +@REM ==== START VALIDATION ==== +if not "%JAVA_HOME%" == "" goto OkJHome + +echo. +echo Error: JAVA_HOME not found in your environment. >&2 +echo Please set the JAVA_HOME variable in your environment to match the >&2 +echo location of your Java installation. >&2 +echo. +goto error + +:OkJHome +if exist "%JAVA_HOME%\bin\java.exe" goto init + +echo. +echo Error: JAVA_HOME is set to an invalid directory. >&2 +echo JAVA_HOME = "%JAVA_HOME%" >&2 +echo Please set the JAVA_HOME variable in your environment to match the >&2 +echo location of your Java installation. >&2 +echo. +goto error + +@REM ==== END VALIDATION ==== + +:init + +@REM Find the project base dir, i.e. the directory that contains the folder ".mvn". +@REM Fallback to current working directory if not found. + +set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% +IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir + +set EXEC_DIR=%CD% +set WDIR=%EXEC_DIR% +:findBaseDir +IF EXIST "%WDIR%"\.mvn goto baseDirFound +cd .. +IF "%WDIR%"=="%CD%" goto baseDirNotFound +set WDIR=%CD% +goto findBaseDir + +:baseDirFound +set MAVEN_PROJECTBASEDIR=%WDIR% +cd "%EXEC_DIR%" +goto endDetectBaseDir + +:baseDirNotFound +set MAVEN_PROJECTBASEDIR=%EXEC_DIR% +cd "%EXEC_DIR%" + +:endDetectBaseDir + +IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig + +@setlocal EnableExtensions EnableDelayedExpansion +for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a +@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% + +:endReadAdditionalConfig + +SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" +set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" +set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain + +set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.4.2/maven-wrapper-0.4.2.jar" +FOR /F "tokens=1,2 delims==" %%A IN (%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties) DO ( + IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B +) + +@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central +@REM This allows using the maven wrapper in projects that prohibit checking in binary data. +if exist %WRAPPER_JAR% ( + echo Found %WRAPPER_JAR% +) else ( + echo Couldn't find %WRAPPER_JAR%, downloading it ... + echo Downloading from: %DOWNLOAD_URL% + powershell -Command "(New-Object Net.WebClient).DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')" + echo Finished downloading %WRAPPER_JAR% +) +@REM End of extension + +%MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* +if ERRORLEVEL 1 goto error +goto end + +:error +set ERROR_CODE=1 + +:end +@endlocal & set ERROR_CODE=%ERROR_CODE% + +if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost +@REM check for post script, once with legacy .bat ending and once with .cmd ending +if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat" +if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd" +:skipRcPost + +@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' +if "%MAVEN_BATCH_PAUSE%" == "on" pause + +if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE% + +exit /B %ERROR_CODE% diff --git a/app/pom.xml b/app/pom.xml new file mode 100644 index 000000000..a680296cf --- /dev/null +++ b/app/pom.xml @@ -0,0 +1,135 @@ + + + 4.0.0 + + com.picpay.example-api + picpay-example-api + 1.0.0 + jar + + picpay-example-api + Demo project for Spring Boot + + + org.springframework.boot + spring-boot-starter-parent + 2.1.1.RELEASE + + + + + UTF-8 + UTF-8 + 1.8 + + + + + org.springframework.boot + spring-boot-starter-data-jpa + + + + org.springframework.boot + spring-boot-starter-web + + + + org.springframework.boot + spring-boot-devtools + runtime + + + + org.springframework.boot + spring-boot-starter-test + test + + + + mysql + mysql-connector-java + runtime + + + + org.flywaydb + flyway-core + + + + org.hibernate + hibernate-java8 + + + + com.fasterxml.jackson.datatype + jackson-datatype-jsr310 + + + + org.apache.commons + commons-lang3 + + + + org.springframework.boot + spring-boot-starter-security + + + + org.springframework.security.oauth + spring-security-oauth2 + 2.3.4.RELEASE + + + + org.springframework.security + spring-security-jwt + 1.0.9.RELEASE + + + + org.springframework.boot + spring-boot-configuration-processor + true + + + + + + + + org.springframework.boot + spring-boot-maven-plugin + + + + + + + + diff --git a/app/src/main/java/com/example/picpay/api/ExampleApiApplication.java b/app/src/main/java/com/example/picpay/api/ExampleApiApplication.java new file mode 100644 index 000000000..d0cf00a80 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/ExampleApiApplication.java @@ -0,0 +1,19 @@ +package com.example.picpay.api; + +import java.util.TimeZone; +import javax.annotation.PostConstruct; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class ExampleApiApplication { + + @PostConstruct + void started() { + TimeZone.setDefault(TimeZone.getTimeZone("UTC")); + } + + public static void main(String[] args) { + SpringApplication.run(ExampleApiApplication.class, args); + } +} diff --git a/app/src/main/java/com/example/picpay/api/config/AuthorizationServerConfig.java b/app/src/main/java/com/example/picpay/api/config/AuthorizationServerConfig.java new file mode 100644 index 000000000..02bd1ef3a --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/config/AuthorizationServerConfig.java @@ -0,0 +1,59 @@ + +package com.example.picpay.api.config; + +import java.util.Arrays; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; +import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; +import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; +import org.springframework.security.oauth2.provider.token.TokenEnhancer; +import org.springframework.security.oauth2.provider.token.TokenEnhancerChain; +import org.springframework.security.oauth2.provider.token.TokenStore; +import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; +import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; +import com.example.picpay.api.config.token.CustomTokenEnhancer; + +@Configuration +@EnableAuthorizationServer +public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { + + @Autowired + private AuthenticationManager manager; + + @Override + public void configure(ClientDetailsServiceConfigurer clients) throws Exception { + clients.inMemory().withClient("my-frontend").authorizedGrantTypes("password", "refresh_token") + .secret("{noop}myFr0nt3nd").scopes("read", "write").accessTokenValiditySeconds(60 * 60) + .refreshTokenValiditySeconds(60 * 60 * 12); + } + + @Override + public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { + TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain(); + tokenEnhancerChain.setTokenEnhancers(Arrays.asList(tokenEnhancer(), accessTokenConverter())); + endpoints.tokenStore(tokenStore()).tokenEnhancer(tokenEnhancerChain).reuseRefreshTokens(false) + .authenticationManager(manager); + } + + @Bean + public JwtAccessTokenConverter accessTokenConverter() { + JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); + converter.setSigningKey("example-picpay-api"); + return converter; + } + + @Bean + public TokenStore tokenStore() { + return new JwtTokenStore(accessTokenConverter()); + } + + @Bean + public TokenEnhancer tokenEnhancer() { + return new CustomTokenEnhancer(); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/config/ResourceServerConfig.java b/app/src/main/java/com/example/picpay/api/config/ResourceServerConfig.java new file mode 100644 index 000000000..b3cd765ea --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/config/ResourceServerConfig.java @@ -0,0 +1,45 @@ + +package com.example.picpay.api.config; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; +import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; +import org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler; + +@Configuration +@EnableWebSecurity +@EnableResourceServer +@EnableGlobalMethodSecurity(prePostEnabled = true) +public class ResourceServerConfig extends ResourceServerConfigurerAdapter { + + @Autowired + public void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.inMemoryAuthentication().withUser("admin").password("{noop}admin").roles("SEARCH_PERSON"); + } + + @Override + public void configure(HttpSecurity http) throws Exception { + http.authorizeRequests().anyRequest().authenticated().and().sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().csrf().disable(); + } + + @Override + public void configure(ResourceServerSecurityConfigurer resources) throws Exception { + resources.stateless(true); + } + + @Bean + public MethodSecurityExpressionHandler createExpressionHandler() { + return new OAuth2MethodSecurityExpressionHandler(); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/config/property/ExampleApiProperty.java b/app/src/main/java/com/example/picpay/api/config/property/ExampleApiProperty.java new file mode 100644 index 000000000..1d17a9f48 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/config/property/ExampleApiProperty.java @@ -0,0 +1,12 @@ +package com.example.picpay.api.config.property; + +import org.springframework.boot.context.properties.ConfigurationProperties; + +@ConfigurationProperties("example.picpay.api") +public class ExampleApiProperty { + + public String getRealPath() { + return System.getProperty("user.dir"); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/config/security/SecurityConfig.java b/app/src/main/java/com/example/picpay/api/config/security/SecurityConfig.java new file mode 100644 index 000000000..d47304990 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/config/security/SecurityConfig.java @@ -0,0 +1,18 @@ + +package com.example.picpay.api.config.security; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +@Configuration +public class SecurityConfig extends WebSecurityConfigurerAdapter { + + @Bean + @Override + public AuthenticationManager authenticationManagerBean() throws Exception { + return super.authenticationManagerBean(); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/config/token/CustomTokenEnhancer.java b/app/src/main/java/com/example/picpay/api/config/token/CustomTokenEnhancer.java new file mode 100644 index 000000000..0456ad2a1 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/config/token/CustomTokenEnhancer.java @@ -0,0 +1,25 @@ +package com.example.picpay.api.config.token; + +import java.util.HashMap; +import java.util.Map; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; +import org.springframework.security.oauth2.common.OAuth2AccessToken; +import org.springframework.security.oauth2.provider.OAuth2Authentication; +import org.springframework.security.oauth2.provider.token.TokenEnhancer; + +public class CustomTokenEnhancer implements TokenEnhancer { + + @Override + public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, + OAuth2Authentication authentication) { + User user = (User) authentication.getPrincipal(); + + Map addInfo = new HashMap<>(); + addInfo.put("username", user.getUsername()); + + ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(addInfo); + return accessToken; + } + +} diff --git a/app/src/main/java/com/example/picpay/api/cors/CorsFilter.java b/app/src/main/java/com/example/picpay/api/cors/CorsFilter.java new file mode 100644 index 000000000..71a9745a9 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/cors/CorsFilter.java @@ -0,0 +1,49 @@ + +package com.example.picpay.api.cors; + +import java.io.IOException; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.springframework.core.Ordered; +import org.springframework.core.annotation.Order; +import org.springframework.stereotype.Component; + +@Component +@Order(Ordered.HIGHEST_PRECEDENCE) +public class CorsFilter implements Filter { + + @Override + public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) + throws IOException, ServletException { + + HttpServletRequest request = (HttpServletRequest) req; + HttpServletResponse response = (HttpServletResponse) resp; + + response.setHeader("Access-Control-Allow-Origin", "*"); + response.setHeader("Access-Control-Allow-Credentials", "true"); + + if ("OPTIONS".equals(request.getMethod())) { + response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE, PUT, OPTIONS"); + response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept"); + response.setHeader("Access-Control-Max-Age", "3600"); + + response.setStatus(HttpServletResponse.SC_OK); + } else { + chain.doFilter(req, resp); + } + + } + + @Override + public void destroy() {} + + @Override + public void init(FilterConfig arg0) throws ServletException {} + +} diff --git a/app/src/main/java/com/example/picpay/api/dialect/MySQL5DialectCustom.java b/app/src/main/java/com/example/picpay/api/dialect/MySQL5DialectCustom.java new file mode 100644 index 000000000..94996c5d7 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/dialect/MySQL5DialectCustom.java @@ -0,0 +1,15 @@ +package com.example.picpay.api.dialect; + +import org.hibernate.dialect.MySQL5Dialect; +import org.hibernate.dialect.function.SQLFunctionTemplate; +import org.hibernate.type.StandardBasicTypes; + +public class MySQL5DialectCustom extends MySQL5Dialect { + + public MySQL5DialectCustom() { + super(); + registerFunction("match", new SQLFunctionTemplate(StandardBasicTypes.BOOLEAN, + " match(?1, ?2) against (?3 in boolean mode) ")); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/model/Person.java b/app/src/main/java/com/example/picpay/api/model/Person.java new file mode 100644 index 000000000..df1af7e23 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/model/Person.java @@ -0,0 +1,55 @@ +package com.example.picpay.api.model; + +import javax.persistence.Entity; +import javax.persistence.Id; +import javax.persistence.Table; +import javax.validation.constraints.NotNull; + +@Entity +@Table(name = "users") +public class Person { + + @Id + private String id; + + @NotNull + private String name; + + @NotNull + private String username; + + private Integer priority; + + public String getId() { + return id; + } + + public void setId(String id) { + this.id = id; + } + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + public Integer getPriority() { + return priority; + } + + public void setPriority(Integer priority) { + this.priority = priority; + } + +} diff --git a/app/src/main/java/com/example/picpay/api/model/Person_.java b/app/src/main/java/com/example/picpay/api/model/Person_.java new file mode 100644 index 000000000..0890c3f63 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/model/Person_.java @@ -0,0 +1,17 @@ +package com.example.picpay.api.model; + +import javax.annotation.Generated; +import javax.persistence.metamodel.SingularAttribute; +import javax.persistence.metamodel.StaticMetamodel; + +@Generated(value = "org.hibernate.jpamodelgen.JPAMetaModelEntityProcessor") +@StaticMetamodel(Person.class) +public abstract class Person_ { + + public static volatile SingularAttribute name; + public static volatile SingularAttribute id; + public static volatile SingularAttribute priority; + public static volatile SingularAttribute username; + +} + diff --git a/app/src/main/java/com/example/picpay/api/repository/PersonRepository.java b/app/src/main/java/com/example/picpay/api/repository/PersonRepository.java new file mode 100644 index 000000000..d1567a896 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/repository/PersonRepository.java @@ -0,0 +1,10 @@ + +package com.example.picpay.api.repository; + +import org.springframework.data.jpa.repository.JpaRepository; +import com.example.picpay.api.model.Person; +import com.example.picpay.api.repository.person.PersonRepositoryQuery; + +public interface PersonRepository extends JpaRepository, PersonRepositoryQuery { + +} diff --git a/app/src/main/java/com/example/picpay/api/repository/person/PersonRepositoryImpl.java b/app/src/main/java/com/example/picpay/api/repository/person/PersonRepositoryImpl.java new file mode 100644 index 000000000..b943b15f0 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/repository/person/PersonRepositoryImpl.java @@ -0,0 +1,52 @@ + +package com.example.picpay.api.repository.person; + +import java.math.BigInteger; +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.Query; +import org.apache.commons.lang3.StringUtils; +import org.springframework.data.domain.Page; +import org.springframework.data.domain.PageImpl; +import org.springframework.data.domain.Pageable; +import com.example.picpay.api.model.Person; + +public class PersonRepositoryImpl implements PersonRepositoryQuery { + + @PersistenceContext + private EntityManager manager; + + @SuppressWarnings("unchecked") + @Override + public Page filtrar(String searchString, Pageable pageable) { + String queryStr = " select * from users u "; + if (StringUtils.isNotEmpty(searchString)) + queryStr += " where match(u.name, u.username) against (:searchString in boolean mode) "; + queryStr += " order by coalesce(u.priority, 99), u.name limit :firstResult,:maxResults "; + + int currentPage = pageable.getPageNumber(); + int maxResults = pageable.getPageSize(); + int firstResult = currentPage * maxResults; + + Query query = manager.createNativeQuery(queryStr, Person.class); + if (StringUtils.isNotEmpty(searchString)) + query.setParameter("searchString", searchString); + query.setParameter("firstResult", firstResult); + query.setParameter("maxResults", maxResults); + + return new PageImpl(query.getResultList(), pageable, this.total(searchString)); + } + + private long total(String searchString) { + String queryCount = " select count(1) from users u "; + if (StringUtils.isNotEmpty(searchString)) + queryCount += " where match(u.name, u.username) against (:searchString in boolean mode) "; + + Query query = manager.createNativeQuery(queryCount); + if (StringUtils.isNotEmpty(searchString)) + query.setParameter("searchString", searchString); + + return ((BigInteger) query.getSingleResult()).longValue(); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/repository/person/PersonRepositoryQuery.java b/app/src/main/java/com/example/picpay/api/repository/person/PersonRepositoryQuery.java new file mode 100644 index 000000000..5322815fd --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/repository/person/PersonRepositoryQuery.java @@ -0,0 +1,12 @@ + +package com.example.picpay.api.repository.person; + +import org.springframework.data.domain.Page; +import org.springframework.data.domain.Pageable; +import com.example.picpay.api.model.Person; + +public interface PersonRepositoryQuery { + + public Page filtrar(String searchString, Pageable pageable); + +} diff --git a/app/src/main/java/com/example/picpay/api/resource/PersonResource.java b/app/src/main/java/com/example/picpay/api/resource/PersonResource.java new file mode 100644 index 000000000..e1fe760b0 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/resource/PersonResource.java @@ -0,0 +1,29 @@ + +package com.example.picpay.api.resource; + +import javax.websocket.server.PathParam; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.domain.Page; +import org.springframework.data.domain.Pageable; +import org.springframework.security.access.prepost.PreAuthorize; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; +import com.example.picpay.api.model.Person; +import com.example.picpay.api.repository.PersonRepository; + +@RestController +@RequestMapping("/people") +public class PersonResource { + + @Autowired + private PersonRepository personRepository; + + @GetMapping + @PreAuthorize("hasAuthority('ROLE_SEARCH_PERSON') and #oauth2.hasScope('read')") + public Page filtrar(@PathParam("searchString") String searchString, Pageable pageable) { + // @PageableDefault(size = 15)) { + return personRepository.filtrar(searchString, pageable); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/resource/TokenResource.java b/app/src/main/java/com/example/picpay/api/resource/TokenResource.java new file mode 100644 index 000000000..d8a863124 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/resource/TokenResource.java @@ -0,0 +1,27 @@ +package com.example.picpay.api.resource; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.springframework.http.HttpStatus; +import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseStatus; +import org.springframework.web.bind.annotation.RestController; + +@RestController +@RequestMapping("/tokens") +public class TokenResource { + + @DeleteMapping("/revoke") + @ResponseStatus(HttpStatus.NO_CONTENT) + public void revoke(HttpServletRequest req, HttpServletResponse resp) { + Cookie cookie = new Cookie("refreshToken", null); + cookie.setHttpOnly(true); + cookie.setSecure(false); // https não configurável + cookie.setPath(req.getContextPath() + "/oauth/token"); + cookie.setMaxAge(0); + resp.addCookie(cookie); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/service/PersonService.java b/app/src/main/java/com/example/picpay/api/service/PersonService.java new file mode 100644 index 000000000..0e39b8d01 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/service/PersonService.java @@ -0,0 +1,14 @@ +package com.example.picpay.api.service; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; +import com.example.picpay.api.repository.PersonRepository; + +@Service +public class PersonService { + + @Autowired + private PersonRepository personRepository; + + +} diff --git a/app/src/main/java/com/example/picpay/api/token/RefreshTokenPostProcessor.java b/app/src/main/java/com/example/picpay/api/token/RefreshTokenPostProcessor.java new file mode 100644 index 000000000..27455a75c --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/token/RefreshTokenPostProcessor.java @@ -0,0 +1,60 @@ + +package com.example.picpay.api.token; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.springframework.core.MethodParameter; +import org.springframework.http.MediaType; +import org.springframework.http.converter.HttpMessageConverter; +import org.springframework.http.server.ServerHttpRequest; +import org.springframework.http.server.ServerHttpResponse; +import org.springframework.http.server.ServletServerHttpRequest; +import org.springframework.http.server.ServletServerHttpResponse; +import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; +import org.springframework.security.oauth2.common.OAuth2AccessToken; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice; + +@ControllerAdvice +public class RefreshTokenPostProcessor implements ResponseBodyAdvice { + + public static final String REFRESH_TOKEN_COOKIE_NAME = "refreshToken"; + + @Override + public boolean supports(MethodParameter returnType, + Class> converterType) { + return returnType.getMethod().getName().equals("postAccessToken"); + } + + @Override + public OAuth2AccessToken beforeBodyWrite(OAuth2AccessToken body, MethodParameter returnType, + MediaType selectedContentType, Class> selectedConverterType, + ServerHttpRequest request, ServerHttpResponse response) { + HttpServletRequest req = ((ServletServerHttpRequest) request).getServletRequest(); + HttpServletResponse res = ((ServletServerHttpResponse) response).getServletResponse(); + + String refreshToken = body.getRefreshToken().getValue(); + this.createRefreshTokenSafeCookie(req, res, refreshToken); + + DefaultOAuth2AccessToken token = (DefaultOAuth2AccessToken) body; + this.removeRefreshTokenFromBody(token); + + return body; + } + + private void removeRefreshTokenFromBody(DefaultOAuth2AccessToken token) { + token.setRefreshToken(null); + } + + private void createRefreshTokenSafeCookie(HttpServletRequest req, HttpServletResponse res, + String refreshToken) { + Cookie cookie = new Cookie(REFRESH_TOKEN_COOKIE_NAME, refreshToken); + cookie.setHttpOnly(true); + cookie.setSecure(false); // https não configurável + cookie.setPath(req.getContextPath() + "/oauth/token"); + cookie.setMaxAge(2592000); + res.addCookie(cookie); + } + +} diff --git a/app/src/main/java/com/example/picpay/api/token/RefreshTokenPreProcessorFilter.java b/app/src/main/java/com/example/picpay/api/token/RefreshTokenPreProcessorFilter.java new file mode 100644 index 000000000..43c0a3ae1 --- /dev/null +++ b/app/src/main/java/com/example/picpay/api/token/RefreshTokenPreProcessorFilter.java @@ -0,0 +1,78 @@ + +package com.example.picpay.api.token; + +import java.io.IOException; +import java.util.Map; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletRequestWrapper; +import org.apache.catalina.util.ParameterMap; +import org.springframework.core.Ordered; +import org.springframework.core.annotation.Order; +import org.springframework.stereotype.Component; + +@Component +@Order(Ordered.HIGHEST_PRECEDENCE) +public class RefreshTokenPreProcessorFilter implements Filter { + + /** + * Interceptando com alta prioridade as requisições que possuem um grant_type = 'refresh_token' + * chamarem o endpoint "/oauth/token" + */ + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) + throws IOException, ServletException { + HttpServletRequest req = (HttpServletRequest) request; + if ("/oauth/token".equalsIgnoreCase(req.getRequestURI()) + && "refresh_token".equalsIgnoreCase(req.getParameter("grant_type")) + && req.getCookies() != null) { + for (Cookie cookie : req.getCookies()) { + if (cookie.getName().equals("refreshToken")) { + String refreshToken = cookie.getValue(); + req = new MyServletRequestWrapper(req, refreshToken); + } + } + } + + // Continua a cadeia com a nova requisição que possui o novo parâmetro + chain.doFilter(req, response); + } + + @Override + public void init(FilterConfig filterConfig) throws ServletException {} + + @Override + public void destroy() {} + + /* + * Sobrescrevendo o request e passando a requisição com o mapa de parametros atualizado com o + * refreshToken - Desta forma o OAuth2 irá recuperar normalmente o refreshToken, como se estivesse + * vindo direto da requisição + */ + + static class MyServletRequestWrapper extends HttpServletRequestWrapper { + + private String refreshToken; + + public MyServletRequestWrapper(HttpServletRequest request, String refreshToken) { + super(request); + this.refreshToken = refreshToken; + } + + @Override + public Map getParameterMap() { + ParameterMap map = new ParameterMap<>(getRequest().getParameterMap()); + map.put("refresh_token", new String[] {refreshToken}); + map.setLocked(true); + return map; + } + + } + +} diff --git a/app/src/main/java/db/migration/V001__Create_table_users.java b/app/src/main/java/db/migration/V001__Create_table_users.java new file mode 100644 index 000000000..8ac3a811b --- /dev/null +++ b/app/src/main/java/db/migration/V001__Create_table_users.java @@ -0,0 +1,45 @@ +package db.migration; + +import org.flywaydb.core.api.migration.BaseJavaMigration; +import org.flywaydb.core.api.migration.Context; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.datasource.SingleConnectionDataSource; + + +public class V001__Create_table_users extends BaseJavaMigration { + + public void migrate(Context context) { + JdbcTemplate template = + new JdbcTemplate(new SingleConnectionDataSource(context.getConnection(), true)); + + template.execute("CREATE TABLE IF NOT EXISTS users (" + + " id VARCHAR(64) PRIMARY KEY," + + " name VARCHAR(64)," + + " username VARCHAR(32)," + + " priority TINYINT" + + ") ENGINE=MyISAM DEFAULT CHARSET=utf8"); + + template.execute("set unique_checks=0"); + template.execute("set foreign_key_checks=0"); + template.execute("set sql_log_bin=0"); + template.execute("set global local_infile='ON'"); + + template.execute("GRANT FILE ON *.* TO 'root'@'localhost';"); + + //template.execute("load data local infile '/users.csv'" + template.execute("load data infile '/tmp/users.csv'" + + " into table picpay_example.users" + + " fields terminated by ','" + + " enclosed by '\"'" + + " lines terminated by '\r\n'" + + " (id,name,username)"); + + template.execute("ALTER TABLE users ADD FULLTEXT full_text(name,username)"); + + template.execute("set unique_checks=1"); + template.execute("set foreign_key_checks=1"); + template.execute("set sql_log_bin=1"); + + } + +} diff --git a/app/src/main/java/db/migration/V002__Create_priorities.java b/app/src/main/java/db/migration/V002__Create_priorities.java new file mode 100644 index 000000000..34d9a6450 --- /dev/null +++ b/app/src/main/java/db/migration/V002__Create_priorities.java @@ -0,0 +1,47 @@ +package db.migration; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.util.stream.Stream; +import org.flywaydb.core.api.migration.BaseJavaMigration; +import org.flywaydb.core.api.migration.Context; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.datasource.SingleConnectionDataSource; + + +public class V002__Create_priorities extends BaseJavaMigration { + + public void migrate(Context context) { + JdbcTemplate template = + new JdbcTemplate(new SingleConnectionDataSource(context.getConnection(), true)); + + template.execute( + "CREATE TABLE priority1 (id VARCHAR(128) PRIMARY KEY) ENGINE=InnoDB DEFAULT CHARSET=utf8"); + + template.execute( + "CREATE TABLE priority2 (id VARCHAR(128) PRIMARY KEY) ENGINE=InnoDB DEFAULT CHARSET=utf8"); + + ClassLoader classLoader = getClass().getClassLoader(); + File lista_relevancia_1 = + new File(classLoader.getResource("db/initial-data/lista_relevancia_1.txt").getFile()); + try (Stream stream = Files.lines(lista_relevancia_1.toPath())) { + stream.forEach(str -> { + template.update("INSERT INTO priority1 (id) VALUES ('" + str + "')"); + }); + } catch (IOException e) { + e.printStackTrace(); + } + + File lista_relevancia_2 = + new File(classLoader.getResource("db/initial-data/lista_relevancia_2.txt").getFile()); + try (Stream stream = Files.lines(lista_relevancia_2.toPath())) { + stream.forEach(str -> { + template.update("INSERT INTO priority2 (id) VALUES ('" + str + "')"); + }); + } catch (IOException e) { + e.printStackTrace(); + } + } + +} diff --git a/app/src/main/java/db/migration/V003__Update_users_priorities.java b/app/src/main/java/db/migration/V003__Update_users_priorities.java new file mode 100644 index 000000000..a87c8bc63 --- /dev/null +++ b/app/src/main/java/db/migration/V003__Update_users_priorities.java @@ -0,0 +1,28 @@ +package db.migration; + +import org.flywaydb.core.api.migration.BaseJavaMigration; +import org.flywaydb.core.api.migration.Context; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.datasource.SingleConnectionDataSource; + + +public class V003__Update_users_priorities extends BaseJavaMigration { + + public void migrate(Context context) { + JdbcTemplate template = + new JdbcTemplate(new SingleConnectionDataSource(context.getConnection(), true)); + + template.update( + "UPDATE users AS u" + + " INNER JOIN priority1 AS p ON u.id = p.id" + + " SET u.priority = 1"); + + template.update( + "UPDATE users AS u" + + " INNER JOIN priority2 AS p ON u.id = p.id" + + " SET u.priority = 2"); + + template.execute("CREATE INDEX index_users_priority ON users (priority)"); + } + +} diff --git a/app/src/main/resources/application.properties b/app/src/main/resources/application.properties new file mode 100644 index 000000000..ab219c5a7 --- /dev/null +++ b/app/src/main/resources/application.properties @@ -0,0 +1,16 @@ +server.port=8083 + +spring.data.web.pageable.default-page-size=15 +spring.data.web.pageable.max-page-size=15 + +spring.datasource.url=jdbc:mysql://mysql-db:3306/picpay_example?createDatabaseIfNotExist=true&useSSL=false&allowPublicKeyRetrieval=true&useTimezone=true&serverTimezone=UTC +spring.datasource.username=root +spring.datasource.password=root + +spring.jpa.database=MYSQL + +#spring.jpa.properties.hibernate.dialect=com.example.picpay.api.dialect.MySQL5DialectCustom +spring.jpa.show-sql=true + +spring.jackson.deserialization.fail-on-unknown-properties=true +spring.jackson.date-format=yyyy-MM-dd diff --git a/lista_relevancia_1.txt b/app/src/main/resources/db/initial-data/lista_relevancia_1.txt similarity index 100% rename from lista_relevancia_1.txt rename to app/src/main/resources/db/initial-data/lista_relevancia_1.txt diff --git a/lista_relevancia_2.txt b/app/src/main/resources/db/initial-data/lista_relevancia_2.txt similarity index 100% rename from lista_relevancia_2.txt rename to app/src/main/resources/db/initial-data/lista_relevancia_2.txt diff --git a/app/src/test/java/com/example/picpay/api/ExampleApiApplicationTests.java b/app/src/test/java/com/example/picpay/api/ExampleApiApplicationTests.java new file mode 100644 index 000000000..6e01c46ca --- /dev/null +++ b/app/src/test/java/com/example/picpay/api/ExampleApiApplicationTests.java @@ -0,0 +1,16 @@ +package com.example.picpay.api; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.junit4.SpringRunner; + +@RunWith(SpringRunner.class) +@SpringBootTest +public class ExampleApiApplicationTests { + + @Test + public void contextLoads() { + } + +} diff --git a/db/Dockerfile b/db/Dockerfile new file mode 100644 index 000000000..78b681536 --- /dev/null +++ b/db/Dockerfile @@ -0,0 +1,13 @@ +FROM alpine:3.8 as dwnldr + +RUN apk --update add wget \ + gzip + +RUN wget "https://s3.amazonaws.com/careers-picpay/users.csv.gz" -P /tmp/ +RUN gunzip /tmp/users.csv.gz + +FROM mysql:8.0.13 + +COPY --from=dwnldr /tmp/users.csv /tmp/users.csv + +RUN chmod -R 777 /tmp/users.csv diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 000000000..94157f403 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,30 @@ +version: '3' + +services: + + mysql-db: + restart: always + build: ./db + environment: + MYSQL_ROOT_PASSWORD: 'root' + MYSQL_DATABASE: 'picpay_example' + MYSQL_USER: 'root' + MYSQL_PASSWORD: 'root' + ports: + - "3306:3306" + command: --local-infile=1 --secure-file-priv=/tmp + + picpay-app: + restart: always + build: ./app + working_dir: /app + volumes: + - ./app:/app + - ~/.m2:/root/.m2 + expose: + - "8083" + command: mvn clean spring-boot:run + ports: + - "8083:8083" + depends_on: + - mysql-db