From b78d20c133d00c0b3fd8485b729aa7b58c721b72 Mon Sep 17 00:00:00 2001 From: Araf Karsh Hamid Date: Sat, 21 Dec 2024 22:17:30 +0530 Subject: [PATCH] JWT Code Refactoring & Optimization in Progress --- application.properties | 4 +- src/docker/application.properties | 4 +- .../adapters/aop/ExceptionHandlerAdvice.java | 4 +- .../adapters/aop/InputValidatorAdvice.java | 2 +- .../domain/models/order/CardDetails.java | 16 +- .../domain/models/order/PaymentDetails.java | 11 +- src/main/resources/app.props.build | 4 +- src/main/resources/application.properties | 4 +- .../backup/application.properties.169 | 226 ++++++++++++++++++ 9 files changed, 260 insertions(+), 15 deletions(-) create mode 100644 src/main/resources/backup/application.properties.169 diff --git a/application.properties b/application.properties index bf4aaa6..88df955 100644 --- a/application.properties +++ b/application.properties @@ -1,8 +1,8 @@ # ======================================================================= # MS-Vanilla Service Properties # ======================================================================= -build.number=169 -build.date=Sat Dec 21 19:56:31 IST 2024 +build.number=170 +build.date=Sat Dec 21 22:17:16 IST 2024 # ------------------------------------------------------------------------ # Spring Profile # ------------------------------------------------------------------------ diff --git a/src/docker/application.properties b/src/docker/application.properties index bf4aaa6..88df955 100644 --- a/src/docker/application.properties +++ b/src/docker/application.properties @@ -1,8 +1,8 @@ # ======================================================================= # MS-Vanilla Service Properties # ======================================================================= -build.number=169 -build.date=Sat Dec 21 19:56:31 IST 2024 +build.number=170 +build.date=Sat Dec 21 22:17:16 IST 2024 # ------------------------------------------------------------------------ # Spring Profile # ------------------------------------------------------------------------ diff --git a/src/main/java/io/fusion/air/microservice/adapters/aop/ExceptionHandlerAdvice.java b/src/main/java/io/fusion/air/microservice/adapters/aop/ExceptionHandlerAdvice.java index e002456..0bd7b30 100644 --- a/src/main/java/io/fusion/air/microservice/adapters/aop/ExceptionHandlerAdvice.java +++ b/src/main/java/io/fusion/air/microservice/adapters/aop/ExceptionHandlerAdvice.java @@ -50,7 +50,7 @@ * @date: */ @ControllerAdvice -@Order(2) +@Order(2) // Make sure that the InputValidatorAdvice has the Highest Order Precedence public class ExceptionHandlerAdvice extends ResponseEntityExceptionHandler { // Set Logger -> Lookup will automatically determine the class name. @@ -199,7 +199,7 @@ private ResponseEntity createErrorResponse(Throwable exception, } // ================================================================================================================ - // SERVER EXCEPTIONS: ERROR CODES 430 - 439 + // SERVER EXCEPTIONS: ERROR CODES 590 - 599 // ================================================================================================================ /** * Handle Runtime Exception diff --git a/src/main/java/io/fusion/air/microservice/adapters/aop/InputValidatorAdvice.java b/src/main/java/io/fusion/air/microservice/adapters/aop/InputValidatorAdvice.java index 7ab5cc1..566f93a 100644 --- a/src/main/java/io/fusion/air/microservice/adapters/aop/InputValidatorAdvice.java +++ b/src/main/java/io/fusion/air/microservice/adapters/aop/InputValidatorAdvice.java @@ -46,7 +46,7 @@ * @date: */ @ControllerAdvice -@Order(1) +@Order(1) // Don't Change this Order Precedences. Changing this affect the Error Reporting. public class InputValidatorAdvice { // Set Logger -> Lookup will automatically determine the class name. diff --git a/src/main/java/io/fusion/air/microservice/domain/models/order/CardDetails.java b/src/main/java/io/fusion/air/microservice/domain/models/order/CardDetails.java index 5c91ab7..8e6af03 100644 --- a/src/main/java/io/fusion/air/microservice/domain/models/order/CardDetails.java +++ b/src/main/java/io/fusion/air/microservice/domain/models/order/CardDetails.java @@ -15,17 +15,31 @@ */ package io.fusion.air.microservice.domain.models.order; +import jakarta.validation.constraints.Min; +import jakarta.validation.constraints.NotNull; +import jakarta.validation.constraints.Size; + /** * * @author arafkarsh * */ public class CardDetails { - + + @NotNull(message = "Card number cannot be null") + @Size(min = 16, max = 16, message = "Card number must be 16 digits") private String cardNumber; + + @NotNull(message = "Card Name cannot be null") + @Size(min = 3, max = 32, message = "Card Name must be greater than 2 letters") private String holderName; + + @Min(value = 1, message = "Expiry month must be between 1 and 12") private int expiryMonth; + + @Min(value = 2025, message = "Expiry year must be current or in the future") private int expiryYear; + private int cardCode; private CardType cardType; diff --git a/src/main/java/io/fusion/air/microservice/domain/models/order/PaymentDetails.java b/src/main/java/io/fusion/air/microservice/domain/models/order/PaymentDetails.java index 2891907..93c6960 100644 --- a/src/main/java/io/fusion/air/microservice/domain/models/order/PaymentDetails.java +++ b/src/main/java/io/fusion/air/microservice/domain/models/order/PaymentDetails.java @@ -22,7 +22,9 @@ import io.fusion.air.microservice.utils.DateJsonSerializer; import io.fusion.air.microservice.utils.Utils; - +import jakarta.validation.Valid; +import jakarta.validation.constraints.Min; +import jakarta.validation.constraints.NotNull; /** * Payment Details * @@ -35,10 +37,13 @@ public class PaymentDetails { @JsonSerialize(using = DateJsonSerializer.class) private LocalDateTime transactionDate; - + + @Min(value = 1, message = "Order value must be greater than 0") private double orderValue; private PaymentType paymentType; - + + @Valid + @NotNull(message = "Card details are required") private CardDetails cardDetails; /** diff --git a/src/main/resources/app.props.build b/src/main/resources/app.props.build index ca59a28..b9ff98b 100644 --- a/src/main/resources/app.props.build +++ b/src/main/resources/app.props.build @@ -1,5 +1,5 @@ # ======================================================================= # MS-Vanilla Service Properties # ======================================================================= -build.number=169 -build.date=Sat Dec 21 19:56:31 IST 2024 +build.number=170 +build.date=Sat Dec 21 22:17:16 IST 2024 diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index bf4aaa6..88df955 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,8 +1,8 @@ # ======================================================================= # MS-Vanilla Service Properties # ======================================================================= -build.number=169 -build.date=Sat Dec 21 19:56:31 IST 2024 +build.number=170 +build.date=Sat Dec 21 22:17:16 IST 2024 # ------------------------------------------------------------------------ # Spring Profile # ------------------------------------------------------------------------ diff --git a/src/main/resources/backup/application.properties.169 b/src/main/resources/backup/application.properties.169 new file mode 100644 index 0000000..9126b2e --- /dev/null +++ b/src/main/resources/backup/application.properties.169 @@ -0,0 +1,226 @@ +# ======================================================================= +# MS-Vanilla Service Properties +# ======================================================================= +build.number=170 +build.date=Sat Dec 21 22:11:07 IST 2024 +# ------------------------------------------------------------------------ +# Spring Profile +# ------------------------------------------------------------------------ +spring.profiles.default=dev +# ======================================================================= +# Service Name & API Details - Version, Path +# ======================================================================= +service.org=orgname +service.name=MS-Vanilla +service.api.name=ms-vanilla +service.api.prefix=api +service.api.version=v1 +service.api.error.prefix=13 +service.container=ms-vanilla-service +service.api.repository=https://github.com/arafkarsh/ms-springboot-334-vanilla +service.api.path=/${service.api.name}/${service.api.prefix}/${service.api.version} +service.url=http://www.arafkarsh.com/ +service.license=Apache 2 License +service.license.url=https://github.com/arafkarsh/ms-springboot-334-vanilla?tab=Apache-2.0-1-ov-file +# ======================================================================= +# Microservice Server Properties +# ======================================================================= +server.port=9334 +server.version=0.1.5 +server.restart=false +server.leak.test=3 +server.resources.url=${service.url}${service.api.path} +server.api.url.print=true +# ------------------------------------------------------------------------ +# Host SSL Details : +# Rename the file fusionAir.pkcs12 in resources folder and uncomment the +# following lines to enable SSL +# ------------------------------------------------------------------------ +#server.ssl.key-store=classpath:fusionAir.pkcs12 +#server.ssl.key-store-type=PKCS12 +#server.ssl.key-store-password=Fusion.2023 +#server.ssl.key-alias=fusionAir +# ------------------------------------------------------------------------ +# Security & JWT Token (Type 1 = secret key, 2 = public / private key) +# ------------------------------------------------------------------------ +server.crypto.public.key=publicKey.pem +server.crypto.private.key=privateKey.pem +server.token.issuer=${service.org} +# Type 1 = Secret, Type 2 = Public / Private Key +server.token.type=1 +server.token.test=true +# Token Expiry Times - Security Policy will reject High Expiry Time +server.token.auth.expiry=600000 +server.token.refresh.expiry=3600000 +server.token.key=<([1234567890SecretKey!!To??Encrypt##Data@12345%6790])> +server.secure.data.key=<([1234567890SecretKEY!!TO??Encrypt##DATA@12345%6790])> +# ------------------------------------------------------------------------ +# Keycloak Details for OAuth 2 Authentication +# ------------------------------------------------------------------------ +server.keycloak.url=http://localhost:8080/realms/Fusion-Air/protocol/openid-connect/token +server.keycloak.certs=http://localhost:8080/realms/Fusion-Air/protocol/openid-connect/certs +server.keycloak.clientId=fusion-air-user-service +server.keycloak.secret=2AGe7XxP8evCmhdjD3cmgpE23y0g6PGU +server.keycloak.grantType=password +server.keycloak.publicKey=publicKey.KeyCloak.pem +server.keycloak.issuer=http://localhost:8080/realms/Fusion-Air +server.keycloak.enabled=false +# ------------------------------------------------------------------------ +# Host Details +# ------------------------------------------------------------------------ +server.host=localhost +server.host.dev=http://localhost:${server.port} +server.host.dev.desc=Development Server +server.host.uat=https://uat.${service.org}.com +server.host.uat.desc=UAT Server +server.host.prod=https://prod.${service.org}.com +server.host.prod.desc=Production Server +server.error.whitelabel.enabled=true +server.vulnerability.demos.allowed=false +# Service Properties Details +# ------------------------------------------------------------------------ +spring.codec.max-in-memory-size=3MB +app.property.product=fusion.air.product +app.property.product.list=/create, /status, /all/secured, /search/product, /search/price, /search/active, /deactivate, /activate, /update, /update/price, /update/details, /delete +app.property.list=element1, element2, element3 +app.property.map={key1:'val1', key2 : 'val2', key3 : 'val3'} +# ------------------------------------------------------------------------ +# Logging / Events: LogBack Setup / File Roll Over, +# ------------------------------------------------------------------------ +# Log Groups +logging.group.tomcat=org.apache.catalina, org.apache.coyote, org.apache.tomcat +# Logging Levels for various components +logging.level.org.springframework.boot.web.servlet=INFO +logging.level.org.springframework.web.servlet.DispatcherServlet=INFO +logging.level.org.springframework.security.web.FilterChainProxy=INFO +# Spring Default Groups +logging.level.web=INFO +logging.level.sql=INFO +logging.level.tomcat=INFO +# Root level logging +logging.level.root=INFO +# Specify the logback configuration file +logging.config=classpath:logback-spring.xml +# Supported Log Format plain / json +logging.format=plain +# Log file paths and rolling policy +logging.path=/tmp/logs/${service.api.name} +# Log File Name. File Extension .log or .json is added dynamically based on logging format. +logging.file.name=${service.api.name}.v${server.version} +# Log File Pattern for Size and Time based File Roll Over Name +logging.pattern.rolling-file-name=${logging.path}/${logging.file.name}-%d{yyyy-MM-dd}-%i +# Max Single File Size = 30 MB +logging.file.max-size=10MB +# Retention and total size cap for logs +# Keep Log Files for 100 Days with Max Cap at 3 GB +logging.file.max-history=100 +logging.file.total-size-cap=3GB +# ------------------------------------------------------------------------ +# Metrics: Micrometer / Prometheus / Actuator / +# ------------------------------------------------------------------------ +# Enable exposure of specific actuator endpoints (health, metrics, prometheus) +management.endpoints.web.exposure.include=health,metrics,prometheus,info +# Enable Spring Boot Actuator Endpoints +management.endpoint.health.enabled=true +management.endpoint.metrics.enabled=true +management.endpoint.prometheus.enabled=true +# Enable Metrics +management.metrics.export.prometheus.enabled=true +management.metrics.enable.jvm=false +management.metrics.enable.jvm.gc=false +management.metrics.enable.datasource=false +# ------------------------------------------------------------------------ +# Tracing: Open Telemetry / Micrometer +# Micrometer only supports HTTP/Protobuf (http) for OTLP. grpc is not supported. +# ------------------------------------------------------------------------ +# Enable OpenTelemetry +management.tracing.enabled=false +# OpenTelemetry Tracing Configuration +management.otlp.metrics.export.enabled=false +management.otlp.metrics.export.url=http://localhost:4318/v1/metrics +# number of Meter to include in a single payload sent to the backend. The default is 10,000. +management.otlp.metrics.export.batchSize=15000 +management.otlp.metrics.export.timeout=5s +# Determines how the additive quantities are expressed, in relation to time. Values are cumulative or delta +management.otlp.metrics.export.aggregationTemporality=cumulative +# Additional headers to send with exported metrics +management.otlp.metrics.export.headers.Authorization=Bearer abc123 +# the interval at which metrics will be published. +management.otlp.metrics.export.step=10s +# Resource Attributes are used for all metrics published. +management.otlp.metrics.export.resourceAttributes.service.name=ms-vanilla-service +# ======================================================================= +# Text Encryption +# ======================================================================= +# Ensure this matches your environment variable +jasypt.encryptor.password=${JASYPT_ENCRYPTOR_PASSWORD} +# Match the algorithm +jasypt.encryptor.algorithm=PBEWithHmacSHA512AndAES_256 +jasypt.encryptor.iv-generator-classname=org.jasypt.iv.RandomIvGenerator +jasypt.encryptor.salt-generator-classname=org.jasypt.salt.RandomSaltGenerator +# ======================================================================= +# Database Properties +# ======================================================================= +db.server=mem +db.port=5432 +db.name=ms_cache +db.schema=ms_schema +db.vendor=H2 +# To Store the Data in File +#spring.datasource.url=jdbc:h2:file:/data/demo +spring.datasource.url=jdbc:h2:${db.server}:${db.name};DB_CLOSE_ON_EXIT=FALSE +spring.datasource.driverClassName=org.h2.Driver +spring.datasource.username=sa +spring.datasource.password=ENC(lA6JCEpK7+wuHDpB1A41DOUfn6L74DQxaazXLTjyQHY5/X6CONfUEyDt6erWifrN) +spring.jpa.database-platform=org.hibernate.dialect.H2Dialect +spring.datasource.hikari.connection-test-query=SELECT 1 +# ======================================================================= +# JPA / Hibernate Properties +# ------------------------------------------------------------------------ +spring.jpa.show-sql=true +spring.jpa.defer-datasource-initialization=true +#spring.sql.init.data-locations=data-trans.sql +# Hibernate ddl auto (create, create-drop, validate, update) +spring.jpa.hibernate.ddl-auto=create-drop +spring.jpa.properties.hibernate.format_sql=true +spring.jpa.properties.hibernate.validator.apply_to_ddl=false +#spring.jpa.properties.hibernate.check_nullability=true +# ======================================================================= +# External Remote Server Properties +# ======================================================================= +remote.host=127.0.0.1 +remote.port=8080 +remote.protocol=http +# ======================================================================= +# Open API Properties +# For More Info: https://springdoc.org/#Introduction +# springdoc.api-docs.path=/api-docs +# ======================================================================= +springdoc.api-docs.path=${service.api.path} +springdoc.swagger-ui.path=${service.api.path}/swagger-ui.html +springdoc.swagger-ui.tryItOutEnabled=true +springdoc.swagger-ui.filter=true +springdoc.swagger-ui.use-root-path=true +springdoc.swagger-ui.disable-swagger-default-url=true +server.forward-headers-strategy=framework +springdoc.cache.disabled=true +springdoc.writer-with-default-pretty-printer=true +#springdoc.swagger-ui.configUrl=${service.api.path}/swagger-config/swagger-config.json +# Disabling the api-docs endpoint +springdoc.api-docs.enabled=true +# Disabling the swagger-ui +#springdoc.swagger-ui.enabled=true +springdoc.swagger-ui.operationsSorter=method +#For sorting tags alphabetically +springdoc.swagger-ui.tagsSorter=alpha +springdoc.show-actuator=true +# Packages to include +# springdoc.packagesToScan=io.fusion.water, io.fusion.fire +# Paths to include +# springdoc.pathsToMatch=/v1, /api/health/** +# To expose the swagger-ui, on the management port +#springdoc.use-management-port=true +# This property enables the openapi and swaggerui endpoints to be exposed +# beneath the actuator base path. +# management.endpoints.web.exposure.include=openapi, swaggerui +# ======================================================================= \ No newline at end of file