Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Java 21, Spring, code refactor and deploy as standalone container. #163

Merged
merged 224 commits into from
Jun 7, 2024
Merged

Java 21, Spring, code refactor and deploy as standalone container. #163

merged 224 commits into from
Jun 7, 2024

Conversation

Gcolon021
Copy link
Contributor

@Gcolon021 Gcolon021 commented Apr 17, 2024
edited
Loading

Deployment and Regression Testing:
The changes have been thoroughly regression tested and are currently live in the Nhanes Production environment.

Java Version:

  • Updated to use Amazon Corretto Java 21.0.1.

Dependencies:

  • Upgraded all dependencies to their latest versions, with Spring Boot updated to 3.2.4 and other Spring dependencies to 6.1.5.
  • Removed all unused dependencies.
  • Added new dependencies including Spring Data JPA, Spring Dev Tools, Spring Security, and Spring Web.

Docker Configuration:

  • Introduced a development version for both Docker Compose and Dockerfile.
  • Transitioned to a multi-stage Dockerfile where the application is built using Maven, eliminating the need for a JRE on the build server.
  • Changed deployment from a WAR file on the PIC-SURE WildFly server to a standalone Docker container using Tomcat as the application server.

Application Configuration:

  • Eliminated WildFly-specific configurations.
  • Replaced standalone.xml with application.properties for managing application variables and configurations.
  • Updated to use MySQL 8 connector.
  • Defined unprotected routes in the SecurityConfig.java.
  • Integrated application variables directly in classes using Spring's @Value annotation, removing the JAXRSConfiguration class.

Controller and Service Layers:

  • Refactored Services that were functioning as controllers into true services, adding necessary Controllers.
  • Renamed all Controllers to include the keyword 'Controller' and ensured all services contain 'Service' in their names.
  • Controller Annotations:
    • @API -> @Tag
    • @Path -> @RequestMapping
    • @ApiOperation -> @Operation
    • @Get, @Post, @Put, @Delete, etc. -> @GetMapping, @PostMapping, @PutMapping, @DeleteMapping, etc.
    • @RolesAllowed -> @Secured
    • @ApiParam -> @Parameter
    • @PathParam -> @PathParameter
    • No annotation for request bodies -> @RequestBody required

Services:

  • Separated business logic into a true service layer to improve organization and testability.
  • Utilized the @Service annotation for Spring auto-wiring.
  • Adopted @Transactional where necessary and removed the use of BaseEntityService in favor of Spring Data JPA.

Repositories:

  • Transitioned all entity classes to use Spring Data JPA repositories, extending JpaRepository.

Entities and Models:

  • Replaced BaseEntity with a local implementation to support Java 21.
  • Added models like TokenInspection and CustomUserDetails for enhanced authentication processes.

Enums and Utilities:

  • Introduced a SecurityRoles enum to centralize role management.
  • Replaced outdated utility classes with RestClientUtil
  • updated JWTUtil JWT handling with Java 21 compatible libraries.

Filters and Unit Tests:

  • Updated JWTFilter to support Java 21, Spring Web, and Spring Security.
  • Confirmed that all unit tests pass, with additional mocks implemented due to the transition to Spring Data JPA.
  • Increased unit test line coverage from 11% to 61% and method coverage from 14% to 89% for the service layer. I have increased the number of unit test cases from 29 to 176.

Luke Sikina and others added 30 commits January 18, 2024 15:05
@Luke-Sikina
[ALS-5508] Dependabot dep bumps
3f5ff7d 
- httpd
- Jackson
- deleted some commented out stuff
@Luke-Sikina
Label checker GH action
0da626c
@Luke-Sikina
Add deps to label checker + release config
bac5e6d
@dependabot @Luke-Sikina
Bump com.jayway.jsonpath:json-path in /pic-sure-auth-services
4a4d1c2 
Bumps [com.jayway.jsonpath:json-path](https://github.com/jayway/JsonPath) from 2.4.0 to 2.9.0.
- [Release notes](https://github.com/jayway/JsonPath/releases)
- [Changelog](https://github.com/json-path/JsonPath/blob/master/changelog.md)
- [Commits](json-path/JsonPath@json-path-2.4.0...json-path-2.9.0)

---
updated-dependencies:
- dependency-name: com.jayway.jsonpath:json-path
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@Gcolon021
[ALS-5612] Create stored procedure to create a user (#154)
f58525c 
* Add a new stored procedure to enable user creation

* Specific database Auth

* Update CreateUserWithRole stored procedure in auth DB

The stored procedure, CreateUserWithRole, in the 'auth' database has been updated to improve user creation. It now checks for existing users and roles, and generates a new UUID if needed. Additionally, it associates new users with roles if they exist.

* Rename CreateUserWithRole stored procedure file

* Add general metadata parameter to CreateUserWithRole procedure
@Gcolon021
[ALS-5612] Updated stored procedure (#155)
0ed9bf0 
* Add connectionSubPrefix to user creation stored procedure

* Refactor connection prefix manipulation in SQL procedure

* Update user creation stored procedure
The changes made address the process of user creation in the stored procedure. A new variable, @baseUUID, has been introduced for storing UUIDs during processing. Additionally, the preparation of @connectionSubPrefix has been adjusted to concatenate LONG_TERM_TOKEN with existing values instead of overriding them.

* Add PIC-SURE User role assignment in CreateUserWithRole procedure

Improved the CreateUserWithRole stored procedure in the auth-db. All new users are now automatically assigned the 'PIC-SURE User' role in addition to specific roles designated during account creation. This ensures all users have access to the base level of functionalities.
@Gcolon021
Start major refactor of PSAMA
6403f7c 
- Updated target java from 11 to 21
- Updated Spring dependencies to 3 or 6 based on the library
- Started re-organizing the code base so there is an appropriate separation of concerns. The means we will have a repositories, services, controllers, configuration, filters, and more separated appropriately.
- Fixed naming conventions and started to remove javax to jakarta or spring dependencies instead.
@Gcolon021
WIP: Continuing to migrate to Java 21, Spring 6, and Tomcat
e2a49bb 
I am continuing to migrate the psama application over to java 21, Spring 6, and an embedded tomcat. As I do this I have been utilizing the time to refactor controller, configuration, etc. In order to improve the overall code quality of the application and to allow for better application testing. By separating our application layers we can more readily and reliably test our service layer.
@Gcolon021
WIP: Refactored UserController and UserMetadataMappingWebController
aa8112e 
Both classes have been refactored to separate out the controller and service.
@Gcolon021
Refactor name of application.default.uuid in JSON and properties files
5a8cc18 
This commit removes the mention of 'application.default.application.uuid' in the JSON and properties files, and replaces it with 'application.default.uuid'. The refactoring clarifies the parameter's functionality.
@Gcolon021
Update JWTFilter and remove unused imports
fcc15f8 
This commit updates JWTFilter with explicit injection of application properties and removes unused imports in AuthSecurityContext. Also, the JWTFilter has been added to SecurityConfig, enhancing security by ensuring request authenticity.
@Gcolon021
Refactor code and add spring-boot-starter-mail dependency
cc440c1 
This commit mainly removes unused imports across various files, updates some classes with value injection and cleans out unnecessary comments. It also renames the 'MailService' class to 'BasicMailService' and updates the related references accordingly. The pom.xml file has been updated with the 'spring-boot-starter-mail' dependency addition. 'JWTUtil' class has been updated to include spring '@value' for properties instead of using static variables.
@Gcolon021
Remove BaseEntityService and improve user-specific behaviour
b6f8bb4 
Removed the BaseEntityService class to streamline services. Updated several methods in the UserService to directly use the UserRepository, enhancing their reliability and readability. The AuthenticationService now also benefits from dependency injection for configuration properties, and ConnectionRepository has been incorporated.
@Gcolon021
Update UserService and User entity classes
3d85ebd
@Gcolon021
Update more dependencies to jakarta
aff802a 
Updated swagger, mail, and jackson dependencies to java 21 versions.
@Gcolon021
Add trace level logging to improve debugging
b612748
@Gcolon021
Refactor logging in JWTFilter
dfce735
@Gcolon021
Refactor security configuration and improve authentication handling
a4dabcc 
Code changes include an extensive refactoring of the security configuration to disable CSRF, enable stateless sessions, and other settings. A spring-boot-devtools dependency was added to the pom.xml file for development purposes. Authentication handling was also improved in the AuthController by adding additional checks and better handling of null requests. Trace logging for spring security was deactivated from application.properties file. A test file for authentication was also added.
@Gcolon021
Update authorized request paths in SecurityConfig
3450930 
The commit expands the permitted public paths within the SecurityConfig file. The "/actuator/health", "/actuator/info", "/authentication/**", "/swagger.yaml", "/swagger.json" paths have been added to the request matchers to allow these requests to pass through unhindered.
@Gcolon021
Remove test code
f666158
@Gcolon021
Optimize log message formatting in AuthenticationService
d2ed5fc 
This update replaces string concatenation in a logging statement with parameterized logging. This change improves logging efficiency by avoiding unnecessary string concatenation when the logging level is set such that the log message wouldn't be outputted.
@Gcolon021
Update dependency and refactor JWTUtil
56339f0 
Updated com.auth0 dependency version from 1.8.0 to 2.10.1 in pom.xml. Also, modified import statement and argument on Base64.decodeBase64 in JWTUtil. The change was needed to support the upgrade and ensure proper parsing of Base64 encoded client secrets.
@Gcolon021
Update import statement in JsonUtils.java
0387850 
The import statement for NotNull annotation in JsonUtils.java file has been updated. The previous import from org.jetbrains.annotations.NotNull has been replaced with jakarta.validation.constraints.NotNull.
@Gcolon021
Update pom.xml version and dependencies
cb6ac1c 
Increased the pic-sure-auth-services version from 1.0 to 2.0 and changed the packaging from war to jar. Removed some dependencies, added and reordered some others to improve the project setup. Also, updated the build plugins not only to reflect these changes but to streamline the build process as well.
@Gcolon021
Update pom.xml version
23996d5 
Increased the pic-sure-auth-services version from 1.0 to 2.0.
@Gcolon021
Move original dockerfile to bak
3dbd705 
Moved original dockerfile to the bak directory in order to be able to quickly reference it fow now.
@Gcolon021
Create new Dockerfile for java 21 and tomcat
60a588e
@Gcolon021
Update pom.xml to repackage application
25785c4
@Gcolon021
Update application.properties to use environment variables
4129b21 
The application.properties file has been updated to make use of environment variables. This brings more flexibility and security as it allows for passing sensitive data, like server port numbers and passwords, through the system environment rather than having them in the plain text files. The default values are set to maintain backward compatibility.
@Gcolon021
Add Dockerfile and docker-compose for auth services for development
1e75a38
Gcolon021 and others added 12 commits May 15, 2024 14:39
@Gcolon021
Removed unnecessary contains methods
5337420
@Gcolon021 @Luke-Sikina
Update pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avil…
84690a0 
…lach/auth/service/RoleService.java

Co-authored-by: Luke Sikina <[email protected]>
@Gcolon021
Fixed missing character
240c25b
@Gcolon021
Update null handling in OauthUserMatchingService
840cd02
@Gcolon021
Remove contains method
35de2ff
@Luke-Sikina
I don't like ResponseEntity<?> (#171)
9ea2091 
Co-authored-by: Luke Sikina <[email protected]>
@Gcolon021
Change method name
db16150
@Gcolon021
Update role logging in JWTFilter
47ae043
@Gcolon021
Remove unused import in JWTFilter.java
dcda7a8
@Gcolon021
Refine return types in API responses
27988f8 
Refactored the code to specify the return types in various API responses. Previously, the methods used to return a generic ResponseEntity object, which has now been replaced with ResponseEntity of specific types. This change increases the readability and robustness of the code.
@Gcolon021
Add function to fetch roles by UUIDs in bulk
04508e2 
This update includes adding a new method in RoleRepository to fetch multiple roles using a set of UUIDs, and applies this method in UserService. The change aims to ensure all roles can be fetched using their UUIDs and optimizes performance by reducing the number of queries to the database.
@Gcolon021
Add logging for user privileges in JWTFilter
7ae7667
@Gcolon021
Merge branch 'refs/heads/release' into feature/java-21
722a8c6 
# Conflicts:
#	pic-sure-auth-services/pom.xml
#	pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/JAXRSConfiguration.java
@Gcolon021 Gcolon021 merged commit f42ab2d into release Jun 7, 2024
1 of 2 checks passed
@Gcolon021 Gcolon021 deleted the feature/java-21 branch June 7, 2024 15:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Luke-Sikina Luke-Sikina Luke-Sikina left review comments

@ramari16 ramari16 Awaiting requested review from ramari16

@TDeSain TDeSain Awaiting requested review from TDeSain

Assignees

@Gcolon021 Gcolon021

Labels
dependencies Pull requests that update a dependency file enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Gcolon021 @TDeSain @Luke-Sikina