refactor : v4.0.0 (knife -> easyplus)

Author: patternhelloworld

README.md

@@ -1,6 +1,6 @@
-# Spring Security Oauth2 JPA Implementation
+# Spring Oauth2 EasyPlus 
 
-> App-Token based OAuth2 implementation built to grow with Spring Boot and JPA
+> App-Token based easy OAuth2 implementation built to grow with Spring Boot
 
 ## Table of Contents
 
@@ -22,9 +22,9 @@
 ## Quick Start
 ```xml
 <dependency>
-    <groupId>io.github.patternknife.securityhelper.oauth2.api</groupId>
-    <artifactId>spring-security-oauth2-password-jpa-implementation</artifactId>
-    <version>3.5.0</version>
+    <groupId>io.github.patternhelloworld.securityhelper.oauth2.api</groupId>
+    <artifactId>spring-oauth2-easyplus</artifactId>
+    <version>4.0.0</version>
 </dependency>
 ```
 
@@ -36,6 +36,7 @@
   * Client : DOC, Integration tester
 * Immediate Permission (Authority) Check: Not limited to verifying the token itself, but also ensuring real-time validation of any updates to permissions in the database.
 * Token Introspector: Enable the ``/oauth2/introspect`` endpoint to allow multiple resource servers to verify the token's validity and permissions with the authorization server.
+* Hybrid Token Verification Methods: Support for multiple verification approaches, including API calls to the authorization server, direct database validation, and local JWT decoding.
 * Set up the same access & refresh token APIs on both ``/oauth2/token`` and on our controller layer such as ``/api/v1/traditional-oauth/token``, both of which function same and have `the same request & response payloads for success and errors`. (However, ``/oauth2/token`` is the standard that "spring-authorization-server" provides.)
   * As you are aware, the API ``/oauth2/token`` is what "spring-authorization-server" provides.
     * ``/api/v1/traditional-oauth/token`` is what this library implemented directly.
@@ -72,7 +73,7 @@
 | different for the same user | Access-Token is NOT shared |
 
   * Set this in your ``application.properties``. 
-    * App-Token Behavior Based on `io.github.patternknife.securityhelper.oauth2.no-app-token-same-access-token`
+    * App-Token Behavior Based on `io.github.patternhelloworld.securityhelper.oauth2.no-app-token-same-access-token`
 
 | `no-app-token-same-access-token` Value | App-Token Status                          | Access Token Sharing Behavior                                                                                     |
 |------------------------------------------------------------|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------|
@@ -127,8 +128,8 @@ mvnw clean install # Integration tests are done here, which creates docs by Spri
 
 ```java
 
-// ADD 'io.github.patternknife.securityhelper.oauth2.api'
-@SpringBootApplication(scanBasePackages =  {"com.patternknife.securityhelper.oauth2.client", "io.github.patternknife.securityhelper.oauth2.api"})
+// ADD 'io.github.patternhelloworld.securityhelper.oauth2.api'
+@SpringBootApplication(scanBasePackages =  {"com.patternhelloworld.securityhelper.oauth2.client", "io.github.patternhelloworld.securityhelper.oauth2.api"})
 public class SpringSecurityOauth2PasswordJpaImplApplication {
 
     public static void main(String[] args) {
@@ -140,25 +141,25 @@ public class SpringSecurityOauth2PasswordJpaImplApplication {
 
 ```java
 @Configuration
-// ADD 'io.github.patternknife.securityhelper.oauth2.api.config.security'
+// ADD 'io.github.patternhelloworld.securityhelper.oauth2.api.config.security'
 @EnableJpaRepositories(
-        basePackages = {"com.patternknife.securityhelper.oauth2.client.domain",
-                "com.patternknife.securityhelper.oauth2.client.config.securityimpl",
-                "io.github.patternknife.securityhelper.oauth2.api.config.security"},
+        basePackages = {"com.patternhelloworld.securityhelper.oauth2.client.domain",
+                "com.patternhelloworld.securityhelper.oauth2.client.config.securityimpl",
+                "io.github.patternhelloworld.securityhelper.oauth2.api.config.security"},
         entityManagerFactoryRef = "commonEntityManagerFactory",
         transactionManagerRef= "commonTransactionManager"
 )
 public class CommonDataSourceConfiguration {
 
 
-   // ADD 'io.github.patternknife.securityhelper.oauth2.api.config.security'
+   // ADD 'io.github.patternhelloworld.securityhelper.oauth2.api.config.security'
     @Primary
     @Bean(name = "commonEntityManagerFactory")
     public LocalContainerEntityManagerFactoryBean commonEntityManagerFactory(EntityManagerFactoryBuilder builder) {
         return builder
                 .dataSource(commonDataSource())
-                .packages("com.patternknife.securityhelper.oauth2.client.domain",
-                        "io.github.patternknife.securityhelper.oauth2.api.config.security")
+                .packages("com.patternhelloworld.securityhelper.oauth2.client.domain",
+                        "io.github.patternhelloworld.securityhelper.oauth2.api.config.security")
                 .persistenceUnit("commonEntityManager")
                 .build();
     }
@@ -187,13 +188,12 @@ public class CommonDataSourceConfiguration {
 
   - **Customize the whole error payload as desired for all cases**
     - What is "all cases"?
-      - Authorization Server ("/oauth2/token", "/api/v1/traditional-oauth/token") and Resource Server (Bearer token inspection : 401, Permission : 403)
+      - Authorization Server ("/oauth2/token", "/api/v1/traditional-oauth/token") and Resource Server (Bearer token authentication : 401, authorization (permission) : 403)
     - Customize errors of the following cases
       - Login (/oauth2/token) : ``client.config.securityimpl.response.CustomAuthenticationFailureHandlerImpl``
       - Login (/api/v1/traditional-oauth/token) : ``client.config.response.error.GlobalExceptionHandler.authenticationException`` ("/api/v1/traditional-oauth/token", Resource Server (Bearer token inspection))
       - Resource Server (Bearer token expired or with a wrong value, 401) :``client.config.securityimpl.response.CustomAuthenticationEntryPointImpl`` 
       - Resource Server (Permission, 403, @PreAuthorized on your APIs) ``client.config.response.error.GlobalExceptionHandler.authorizationException``
-      
 
   - **Customize the whole success payload as desired for the only "/oauth2/token"**
       - ``client.config.securityimpl.response.CustomAuthenticationSuccessHandlerImpl``
@@ -202,9 +202,28 @@ public class CommonDataSourceConfiguration {
  - **Customize the verification logic for UsernamePassword and Client as desired**
     - ``IOauth2AuthenticationHashCheckService``
 
- - **Customize OpaqueTokenIntrospector as desired (!Set this to your Resource Servers)**
+ - **Customize OpaqueTokenIntrospector as desired (!This is for Resource Servers)**
     - ``client.config.securityimpl.introspector.CustomResourceServerTokenIntrospector``
-    - ![img3.png](reference/docs/img3.png)
+    - ```properties
+          # Introspection type configuration:
+          # - api: The Resource Server sends introspection requests to the Authorization Server.
+          #        Benefits: High scalability and real-time authorization checks.
+          #        Drawbacks: Increased traffic due to frequent API calls.
+          # 
+          # - database: The Resource Server and Authorization Server share the same database.
+          #             Benefits: Minimal traffic and real-time authorization checks.
+          #             Drawbacks: Limited scalability due to direct database dependency.
+          # 
+          # - decode: The Resource Server decodes the Access Token locally using the JWT algorithm.
+          #           Benefits: No traffic and high scalability.
+          #           Drawbacks: Lacks real-time authorization updates.
+          #
+          # [WARNING] api: Certain test cases are currently failing due to issues with the specified introspection URI calls.
+          patternhelloworld.securityhelper.oauth2.introspection.type=database
+          patternhelloworld.securityhelper.oauth2.introspection.uri=http://localhost:8370/oauth2/introspect
+          patternhelloworld.securityhelper.oauth2.introspection.client-id=client_customer
+          patternhelloworld.securityhelper.oauth2.introspection.client-secret=12345
+        ```
 ## OAuth2 - ROPC
 * Refer to ``client/src/docs/asciidoc/api-app.adoc``
 

client/deploy.bat

@@ -1,3 +1,3 @@
 @echo off
-set local_maven_repo="C:\Users\Andrew Kang\.m2\repository\com\patternknife\securityhelper\oauth2\spring-security-oauth2-password-jpa-implementation"
+set local_maven_repo="C:\Users\Andrew Kang\.m2\repository\com\patternhelloworld\securityhelper\oauth2\spring-oauth2-easyplus"
 mvnw.cmd -DaltDeploymentRepository=snapshot-repo::default::file://%local_maven_repo%/snapshots clean deploy

client/deploy.sh

@@ -1,4 +1,4 @@
 #!/bin/bash
-local_maven_repo='/mnt/c/Users/Andrew\sKang/.m2/repository/com/patternknife/securityhelper/oauth2/spring-security-oauth2-password-jpa-implementation'
+local_maven_repo='/mnt/c/Users/Andrew\sKang/.m2/repository/com/patternhelloworld/securityhelper/oauth2/spring-oauth2-easyplus'
 mvn  -DaltDeploymentRepository=snapshot-repo::default::file://${local_maven_repo}/snapshots clean deploy
 

client/pom.xml

@@ -5,9 +5,9 @@
 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 
     <modelVersion>4.0.0</modelVersion>
-    <groupId>com.patternknife.securityhelper.oauth2.client</groupId>
-    <artifactId>spring-security-oauth2-password-jpa-implementation-client</artifactId>
-    <version>3.5.0</version>
+    <groupId>com.patternhelloworld.securityhelper.oauth2.client</groupId>
+    <artifactId>spring-oauth2-easyplus-client</artifactId>
+    <version>4.0.0</version>
     <packaging>jar</packaging>
 
     <properties>
@@ -46,9 +46,9 @@ http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <dependencies>
 
         <dependency>
-            <groupId>io.github.patternknife.securityhelper.oauth2.api</groupId>
-            <artifactId>spring-security-oauth2-password-jpa-implementation</artifactId>
-            <version>3.5.0</version>
+            <groupId>io.github.patternhelloworld.securityhelper.oauth2.api</groupId>
+            <artifactId>spring-oauth2-easyplus</artifactId>
+            <version>4.0.0</version>
         </dependency>
 
         <!-- DB -->

client/src/main/java/com/patternknife/securityhelper/oauth2/client/SpringSecurityOauth2PasswordJpaImplApplication.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/SpringSecurityOauth2PasswordJpaImplApplication.java

@@ -1,22 +1,22 @@
-package com.patternknife.securityhelper.oauth2.client;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-import javax.annotation.PostConstruct;
-import java.util.TimeZone;
-
-
-@SpringBootApplication(scanBasePackages =  {"com.patternknife.securityhelper.oauth2.client", "io.github.patternknife.securityhelper.oauth2.api"})
-public class SpringSecurityOauth2PasswordJpaImplApplication {
-
-    @PostConstruct
-    void init() {
-        TimeZone.setDefault(TimeZone.getTimeZone("Asia/Seoul"));
-    }
-
-    public static void main(String[] args) {
-        SpringApplication.run(SpringSecurityOauth2PasswordJpaImplApplication.class, args);
-    }
-
-}
+package com.patternhelloworld.securityhelper.oauth2.client;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+import javax.annotation.PostConstruct;
+import java.util.TimeZone;
+
+
+@SpringBootApplication(scanBasePackages =  {"com.patternhelloworld.securityhelper.oauth2.client", "io.github.patternhelloworld.securityhelper.oauth2.api"})
+public class SpringSecurityOauth2PasswordJpaImplApplication {
+
+    @PostConstruct
+    void init() {
+        TimeZone.setDefault(TimeZone.getTimeZone("Asia/Seoul"));
+    }
+
+    public static void main(String[] args) {
+        SpringApplication.run(SpringSecurityOauth2PasswordJpaImplApplication.class, args);
+    }
+
+}

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/database/CommonDataSourceConfiguration.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/database/CommonDataSourceConfiguration.java

@@ -1,4 +1,4 @@
-package com.patternknife.securityhelper.oauth2.client.config.database;
+package com.patternhelloworld.securityhelper.oauth2.client.config.database;
 
 import com.zaxxer.hikari.HikariDataSource;
 import jakarta.persistence.EntityManagerFactory;
@@ -20,24 +20,24 @@
 
 @Configuration
 @EnableJpaRepositories(
-        basePackages = {"com.patternknife.securityhelper.oauth2.client.domain",
-                "com.patternknife.securityhelper.oauth2.client.config.securityimpl",
-                "io.github.patternknife.securityhelper.oauth2.api.config.security"},
+        basePackages = {"com.patternhelloworld.securityhelper.oauth2.client.domain",
+                "com.patternhelloworld.securityhelper.oauth2.client.config.securityimpl",
+                "io.github.patternhelloworld.securityhelper.oauth2.api.config.security"},
         entityManagerFactoryRef = "commonEntityManagerFactory",
         transactionManagerRef= "commonTransactionManager"
 )
 public class CommonDataSourceConfiguration {
 
     @Bean
     @Primary
-    @ConfigurationProperties("spring.datasource.hikari.patternknife")
+    @ConfigurationProperties("spring.datasource.hikari.patternhelloworld")
     public DataSourceProperties commonDataSourceProperties() {
         return new DataSourceProperties();
     }
 
     @Bean(name="commonDataSource")
     @Primary
-    @ConfigurationProperties("spring.datasource.hikari.patternknife.configuration")
+    @ConfigurationProperties("spring.datasource.hikari.patternhelloworld.configuration")
     public DataSource commonDataSource() {
         return new LazyConnectionDataSourceProxy(commonDataSourceProperties().initializeDataSourceBuilder()
                 .type(HikariDataSource.class).build());
@@ -48,8 +48,8 @@ public DataSource commonDataSource() {
     public LocalContainerEntityManagerFactoryBean commonEntityManagerFactory(EntityManagerFactoryBuilder builder) {
         return builder
                 .dataSource(commonDataSource())
-                .packages("com.patternknife.securityhelper.oauth2.client.domain",
-                        "io.github.patternknife.securityhelper.oauth2.api.config.security")
+                .packages("com.patternhelloworld.securityhelper.oauth2.client.domain",
+                        "io.github.patternhelloworld.securityhelper.oauth2.api.config.security")
                 .persistenceUnit("commonEntityManager")
                 .build();
     }

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/database/CommonQuerydslRepositorySupport.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/database/CommonQuerydslRepositorySupport.java

@@ -1,4 +1,4 @@
-package com.patternknife.securityhelper.oauth2.client.config.database;
+package com.patternhelloworld.securityhelper.oauth2.client.config.database;
 
 import jakarta.persistence.EntityManager;
 import jakarta.persistence.PersistenceContext;

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/database/QueryDslConfig.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/database/QueryDslConfig.java

@@ -1,4 +1,4 @@
-package com.patternknife.securityhelper.oauth2.client.config.database;
+package com.patternhelloworld.securityhelper.oauth2.client.config.database;
 
 
 import com.querydsl.jpa.impl.JPAQueryFactory;

client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/database/SelectablePersistenceConst.java

@@ -0,0 +1,17 @@
+package com.patternhelloworld.securityhelper.oauth2.client.config.database;
+
+public enum SelectablePersistenceConst {
+
+    MYSQL_8("dialect.database.config.com.patternhelloworld.securityhelper.oauth2.client.CustomMySQL8Dialect"),
+    MSSQL("dialect.database.config.com.patternhelloworld.securityhelper.oauth2.client.CustomSQLServerDialect");
+
+    private final String value;
+
+    SelectablePersistenceConst(String value) {
+        this.value = value;
+    }
+
+    public String getValue() {
+        return value;
+    }
+}

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/database/dialect/CustomMySQL8Dialect.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/database/dialect/CustomMySQL8Dialect.java

@@ -1,4 +1,4 @@
-package com.patternknife.securityhelper.oauth2.client.config.database.dialect;
+package com.patternhelloworld.securityhelper.oauth2.client.config.database.dialect;
 
 
 import org.hibernate.boot.model.FunctionContributions;

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/database/dialect/CustomSQLServerDialect.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/database/dialect/CustomSQLServerDialect.java

@@ -1,4 +1,4 @@
-package com.patternknife.securityhelper.oauth2.client.config.database.dialect;
+package com.patternhelloworld.securityhelper.oauth2.client.config.database.dialect;
 
 
 import org.hibernate.boot.model.FunctionContributions;

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/logger/common/CommonLoggingRequest.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/logger/common/CommonLoggingRequest.java

@@ -1,4 +1,4 @@
-package com.patternknife.securityhelper.oauth2.client.config.logger.common;
+package com.patternhelloworld.securityhelper.oauth2.client.config.logger.common;
 
 import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.security.core.Authentication;

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/logger/module/ExcelAsyncUploadErrorLogConfig.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/logger/module/ExcelAsyncUploadErrorLogConfig.java

@@ -1,4 +1,4 @@
-package com.patternknife.securityhelper.oauth2.client.config.logger.module;
+package com.patternhelloworld.securityhelper.oauth2.client.config.logger.module;
 
 import lombok.extern.slf4j.Slf4j;
 import org.slf4j.Logger;

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/logger/module/NonStopErrorLogConfig.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/logger/module/NonStopErrorLogConfig.java

@@ -1,4 +1,4 @@
-package com.patternknife.securityhelper.oauth2.client.config.logger.module;
+package com.patternhelloworld.securityhelper.oauth2.client.config.logger.module;
 
 import lombok.extern.slf4j.Slf4j;
 import org.slf4j.Logger;

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/logger/module/ResponseErrorLogConfig.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/logger/module/ResponseErrorLogConfig.java

@@ -1,10 +1,10 @@
-package com.patternknife.securityhelper.oauth2.client.config.logger.module;
+package com.patternhelloworld.securityhelper.oauth2.client.config.logger.module;
 
-import com.patternknife.securityhelper.oauth2.client.config.response.error.GlobalExceptionHandler;
-import com.patternknife.securityhelper.oauth2.client.config.logger.common.CommonLoggingRequest;
+import com.patternhelloworld.securityhelper.oauth2.client.config.response.error.GlobalExceptionHandler;
+import com.patternhelloworld.securityhelper.oauth2.client.config.logger.common.CommonLoggingRequest;
 
 
-import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.SecurityKnifeErrorResponsePayload;
+import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.response.error.dto.SecurityEasyPlusErrorResponsePayload;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.AfterReturning;
 import org.aspectj.lang.annotation.Aspect;
@@ -21,7 +21,7 @@ public class ResponseErrorLogConfig {
     private static final Logger logger = LoggerFactory.getLogger(ResponseErrorLogConfig.class);
 
 
-    @AfterReturning(pointcut = ("within(com.patternknife.securityhelper.oauth2.client.config.response.error..*) || within(io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.handler..*)"),
+    @AfterReturning(pointcut = ("within(com.patternhelloworld.securityhelper.oauth2.client.config.response.error..*) || within(io.github.patternhelloworld.securityhelper.oauth2.api.config.security.response.error.handler..*)"),
             returning = "returnValue")
     public void endpointAfterExceptionReturning(JoinPoint p, Object returnValue) {
 
@@ -31,7 +31,7 @@ public void endpointAfterExceptionReturning(JoinPoint p, Object returnValue) {
         try {
             if (p.getTarget().getClass().equals(GlobalExceptionHandler.class)) {
 
-                SecurityKnifeErrorResponsePayload errorResponsePayload = (SecurityKnifeErrorResponsePayload) ((ResponseEntity) returnValue).getBody();
+                SecurityEasyPlusErrorResponsePayload errorResponsePayload = (SecurityEasyPlusErrorResponsePayload) ((ResponseEntity) returnValue).getBody();
                 loggedText += String.format("[After - Error Response]\n message : %s || \n userMessage : %s || \n cause : %s || \n stackTrace : %s",
                         errorResponsePayload != null ? errorResponsePayload.getMessage() : "No error message",
                         errorResponsePayload != null ? errorResponsePayload.getUserMessage() : "No error userMessage",

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/logger/module/ResponseSuccessLogConfig.java renamed to client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/logger/module/ResponseSuccessLogConfig.java

@@ -1,6 +1,6 @@
-package com.patternknife.securityhelper.oauth2.client.config.logger.module;
+package com.patternhelloworld.securityhelper.oauth2.client.config.logger.module;
 
-import com.patternknife.securityhelper.oauth2.client.config.logger.common.CommonLoggingRequest;
+import com.patternhelloworld.securityhelper.oauth2.client.config.logger.common.CommonLoggingRequest;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.aspectj.lang.JoinPoint;
@@ -20,7 +20,7 @@ public class ResponseSuccessLogConfig {
     private static final Logger logger = LoggerFactory.getLogger(ResponseSuccessLogConfig.class);
 
 
-    @AfterReturning(pointcut = ("within(com.patternknife.securityhelper.oauth2.client.domain..api..*)"),
+    @AfterReturning(pointcut = ("within(com.patternhelloworld.securityhelper.oauth2.client.domain..api..*)"),
             returning = "returnValue")
     public void endpointAfterReturning(JoinPoint p, Object returnValue) {