Java / Spring Boot Client Library for SSO Gateway
Overview
- Java Docs for einnovator-sso-starter
Getting Started
External Configuration
Table below provides a quick summary for the configuration options:
| Property | Type | Default Value | Required | Description |
|---|---|---|---|---|
server | String | http://localhost:2000 | Yes | Server URL |
clientId | String | Yes | Client/Application ID | |
clientSecret | String | Yes | Client/Application Secret | |
scopes | List<String> | {"openid"} | Yes | Scopes to request for OAuth2 Token |
redirectUri | String | http://localhost/ | No | Optional Redirect URI for OAuth2 |
ignore | List<String> | {"/", "/index.html", "/login**","/register**", "/.well-known/**","/webjars/**", "/css/**","/js/**","/img/**","/images/**","/fonts/**","/favicon.ico", "/assets/**","/theme/**","/api**", "/api/**", "/ws/**" } | No | Unprotected URL paths |
ignoreInclude | String | {} | No | Add this paths to ignore list |
csrfIgnore | String | {"/oauth/**", "/login**", "/logout**","/api**", "/api/**" } | No | Path to ignore CSRF protection |
csrfEnabled | List<String> | FALSE (NULL) | No | CSRF Enablement |
sessionCreationPolicy | SessionCreationPolicy | IF_REQUIRED | No | Session Policy |
connection | ConnectionConfiguration | No | Connection Settings | |
access | AccessConfiguration | No | Hard-Hired Authorities | |
registration | SsoRegistration | No | Application Registration Descriptor |
Connecting to the Server
Example: Configuring Client ID/Secret in application.yaml
sso:
server : "https://sso.mydomain.com"
client-id: "myapp"
client-secret: "myapp$secret"
Application Registration
SsoRegistration:
Table below provides a quick summary for the configuration options:
| Property | Type | Default Value | Required | Description |
|---|---|---|---|---|
auto | boolean | false | No | True to auto register application on startup. |
application | Application | Yes | Application descriptor. | |
roles | List<Role> | No | Roles to Register | |
properties | Map<String, Object> | No | Server Properties to set. |
Example: Configuring a Custom Global Role
sso:
server : "https://sso.mydomain.com"
client-id: "myapp"
client-secret: "myapp$secret"
registration:
auto: true
roles:
- name: "CUSTOMER_MANAGER"
display-name: "Customer Manager"
type: GLOBAL
description: "User with this role can manage Customers"
Hard-Hired Access Rules
| Property | Type | Default Value | Required | Description |
|---|---|---|---|---|
admin | List<String> | No | Hard-Hared List of user with Admin authorority |
Programmatic Configuration
Token Management
Example: Obtaining Access Token
@Autowired
private SsoClient client;
public void getToken() {
OAuth2AccessToken token = client.getToken(TEST_USER2, TEST_PASSWORD);
assertNotNull(token);
System.out.println(token);
}
Users API
Example: Listing Users
public void listUsers() {
Page<User> users = client.listUsers(null, null, null);
System.out.println(PageUtil.toString(users));
}
Example: Listing Users with Filter
public void listUsersWithFilter() {
User user0 = getRandomUser();
String username = user0.getUsername();
assertNotNull(username);
assertFalse(username.isEmpty());
String q = getRandomSubstring(username);
Page<User> users = client.listUsers(new UserFilter().withQ(q), null, null);
assertNotNull(users);
assertNotNull(users.getContent());
assertFalse(users.getNumberOfElements()==0);
assertFalse(users.getContent().isEmpty());
for (User user : users) {
assertTrue(user.getUsername().contains(q) || user.getDisplayName().toLowerCase().contains(q));
}
System.out.println(PageUtil.toString(users));
}
Example: User Lookup
public void getExistingUser() {
User user0 = getRandomUser();
User user = client.getUser(user0.getUsername(), null, null);
assertNotNull(user);
assertEquals(user0.getUsername(), user.getUsername());
user = client.getUser(user0.getUuid(), null, null);
assertNotNull(user);
assertEquals(user0.getUuid(), user.getUuid());
user = client.getUser(user0.getEmail(), null, null);
assertNotNull(user);
assertEquals(user0.getEmail(), user.getEmail());
}
Example: Create User (Admin/Client Only)
public void createAndDeleteUser() {
String username = "tdd-" + UUID.randomUUID().toString();
User user = new User()
.withUsername(username)
.withEmail(username + "@test.org")
.withPassword(("Pass123!!-" + username).getBytes())
.withAddress(new Address().withCountry("USA").withCity("NY").withPostalCode("12345"));
;
URI uri = client.createUser(user, null, null);
assertNotNull(uri);
String id = UriUtils.extractId(uri);
assertNotNull(id);
assertFalse(id.isEmpty());
User user2 = client.getUser(id, null, null);
assertNotNull(user2);
assertEquals(id, user2.getId());
assertEquals(user.getUsername(), user2.getUsername());
System.out.println(user2);
client.deleteUser(id, null, null);
try {
client.getUser(id, null, null);
fail();
} catch (RuntimeException e) {
}
}
Example: Update User
public void updateExistingUser() {
String username = TEST_USER;
User user = client.getUser(username, null, null);
assertNotNull(user);
assertEquals(username, user.getUsername());
user.getAddress().setCity("City-" + UUID.randomUUID().toString());
user.setMobilePhone(new Phone("90000" + new Random().nextInt(9999)));
client.updateUser(user, null, null);
User user2 = client.getUser(username, null, null);
assertNotNull(user2);
assertEquals(username, user2.getUsername());
assertEquals(user.getAddress().getCity(), user2.getAddress().getCity());
assertEquals(user.getMobilePhone(), user2.getMobilePhone());
}
public void updateExistingUserPartial() {
String username = TEST_USER;
User user = client.getUser(username, null, null);
assertNotNull(user);
assertEquals(username, user.getUsername());
Address address = new Address();
user.setAddress(address);
address.setLine1("Street " + UUID.randomUUID().toString());
address.setCity("City-" + UUID.randomUUID().toString());
user.setWebsite("http://website.test.org");
user.setSocial("http://social.test.org");
client.updateUser(user, null, null);
User user2 = client.getUser(username, null, null);
assertNotNull(user2);
assertEquals(username, user2.getUsername());
assertEquals(user.getWebsite(), user2.getWebsite());
assertEquals(user.getProfile(), user2.getProfile());
assertEquals(user.getAddress().getCity(), user2.getAddress().getCity());
assertEquals(user.getAddress().getLine1(), user2.getAddress().getLine1());
user.setWebsite("http://website2.test.org");
user.setProfile(null);
user.getAddress().setLine1(null);
user.getAddress().setCity("City-" + UUID.randomUUID().toString());
client.updateUser(user, null, null);
User user3 = client.getUser(username, null, null);
assertNotNull(user3);
assertEquals(username, user2.getUsername());
assertEquals(user.getWebsite(), user3.getWebsite());
assertEquals(user2.getProfile(), user3.getProfile());
assertEquals(user.getAddress().getCity(), user3.getAddress().getCity());
assertEquals(user2.getAddress().getLine1(), user3.getAddress().getLine1());
}
Groups API
Example: Create Group
public void createGroup() {
String groupName = "group-" + UUID.randomUUID().toString();
Group group = new Group().withName(groupName).withDescription("Description of Group:" + groupName);
URI uri = client.createGroup(group, null, null);
assertNotNull(uri);
client.deleteGroup(groupName, null, null);
}
public void createGroupAndGet() {
String groupName = "group-" + UUID.randomUUID().toString();
Group group = new Group().withName(groupName).withDescription("Description of Group:" + groupName);
URI uri = client.createGroup(group, null, null);
assertNotNull(uri);
String groupName2 = UriUtils.extractId(uri);
assertNotNull(groupName2);
assertFalse(groupName2.isEmpty());
assertEquals(groupName, groupName2);
Group group2 = client.getGroup(groupName2, null, null);
assertNotNull(group2);
assertEquals(groupName2, group2.getName());
client.deleteGroup(groupName2, null, null);
try {
client.getGroup(groupName2, null, null);
fail();
} catch (RuntimeException e) {
}
}
Example: Update Group
public void updateGroup() {
String groupName = "group-" + UUID.randomUUID().toString();
Group group = new Group().withName(groupName).withDescription("Description of Group:" + groupName);
URI uri = client.createGroup(group, null, null);
assertNotNull(uri);
Group group2 = client.getGroup(groupName, null, null);
assertNotNull(group2);
assertEquals(groupName, group2.getName());
group2.setDescription("Other Description");
client.updateGroup(group2, null, null);
Group group3 = client.getGroup(groupName, null, null);
assertNotNull(group3);
assertEquals(group2.getDescription(), group3.getDescription());
client.deleteGroup(groupName, null, null);
try {
client.getGroup(groupName, null, null);
fail();
} catch (RuntimeException e) {
}
}
Example: List Group Member
public void groupMembership() {
String groupName = "group-" + UUID.randomUUID().toString();
Group group = new Group().withName(groupName).withDescription("Description of Group:" + groupName);
URI uri = client.createGroup(group, null, null);
assertNotNull(uri);
String uuid = UriUtils.extractId(uri);
Group group2 = client.getGroup(uuid, null, null);
assertNotNull(group2);
String userId = TEST_USER;
client.addMemberToGroup(userId, uuid, null, null);
Page<Member> members = client.listGroupMembers(uuid, null, null, null);
assertNotNull(members);
assertNotNull(members.getContent());
assertFalse(members.getContent().isEmpty());
assertEquals(1, members.getContent().size());
assertNotNull(members.getContent().get(0));
assertNotNull(members.getContent().get(0).getUser());
assertEquals(userId, members.getContent().get(0).getUser().getId());
client.removeMemberFromGroup(userId, uuid, null, null);
Page<Member> members2 = client.listGroupMembers(uuid, null, null, null);
assertNotNull(members2);
assertNotNull(members.getContent());
assertTrue(members2.getContent().isEmpty());
client.deleteGroup(uuid, null, null);
try {
client.getGroup(uuid, null, null);
fail();
} catch (RuntimeException e) {
}
}
public void groupMembershipWithPlus() {
String groupName = "group-" + UUID.randomUUID().toString();
Group group = new Group().withName(groupName).withDescription("Description of Group:" + groupName);
URI uri = client.createGroup(group, null, null);
assertNotNull(uri);
String uuid = UriUtils.extractId(uri);
Group group2 = client.getGroup(uuid, null, null);
assertNotNull(group2);
String userId = TEST_USERX1;
client.addMemberToGroup(userId, uuid, null, null);
Page<Member> members = client.listGroupMembers(uuid, null, null, null);
assertNotNull(members);
assertNotNull(members.getContent());
assertFalse(members.getContent().isEmpty());
assertEquals(1, members.getContent().size());
assertNotNull(members.getContent().get(0));
assertNotNull(members.getContent().get(0).getUser());
assertEquals(userId, members.getContent().get(0).getUser().getId());
client.removeMemberFromGroup(userId, uuid, null, null);
Page<Member> members2 = client.listGroupMembers(uuid, null, null, null);
assertNotNull(members2);
assertNotNull(members.getContent());
assertTrue(members2.getContent().isEmpty());
client.deleteGroup(uuid, null, null);
try {
client.getGroup(uuid, null, null);
fail();
} catch (RuntimeException e) {
}
}
Roles API
Role Bindings API
Invitations API
public void invitationTest(InvitationType type, Boolean sendMail, Boolean sendMail2) {
Invitation invitation = new Invitation();
invitation.setInvitee(TEST_USER);
invitation.setOwner(TEST_USER2);
invitation.setType(InvitationType.USER);
invitation.setDescription("Test invitation: " + UUID.randomUUID());
URI uri = client.invite(invitation, new InvitationOptions().withSendMail(sendMail), null);
assertNotNull(uri);
String id = UriUtils.extractId(uri);
assertNotNull(id);
Invitation invitation2 = client.getInvitation(id, null, null);
assertNotNull(invitation2);
assertEquals(id, invitation2.getUuid());
URI tokenUri = client.getInvitationToken(id, new InvitationOptions().withSendMail(sendMail), null);
assertNotNull(tokenUri);
assertTrue(tokenUri.toString().indexOf("?token=") > 0);
String token = tokenUri.toString().substring(tokenUri.toString().indexOf("=") + 1);
System.out.println(token + " " + tokenUri);
assertNotEquals("null", token);
}
public void listInvitations() {
//InvitationFilter filter = new InvitationFilter();
Page<Invitation> invitations = client.listInvitations(null, null, null);
assertNotNull(invitations);
assertNotNull(invitations.getContent());
assertFalse(invitations.getContent().isEmpty());
for (Invitation invitation: invitations) {
System.out.println(invitation);
}
}
Clients API
Testing Applications
Example: End2End Testing an App using OAuth2 Token
@RunWith(SpringRunner.class)
@SpringBootTest
@TestPropertySource(properties = { "sso.server=https://sso-dev.mydomain.com", "spring.cache.ehcache.config:ehcache-social-starter.xml" })
public class MyAppEnd2EndTests extends SsoTestHelper {
public static final String TEST_USER = "tdd@mydomain.com";
public static final String TEST_PASSWORD = "may$pass";
public static final String CLIENT_ID = "application";
public static final String CLIENT_SECRET = "application$123";
@Autowired
private SsoClient ssoClient;
@Configuration
public static class TestConfig extends SsoTestHelper.TestConfig {
public TestConfig(ApplicationContext context) {
super(TEST_USER, TEST_PASSWORD, CLIENT_ID, CLIENT_SECRET, context);
}
}
@Test
public void customerRetrievalTest() {
OAuth2AccessToken token = client.getToken();
assertNotNull(token);
OAuth2RestTemplate template = ssoClient.makeOAuth2RestTemplate();
MyAppClient client = new MyAppClient(template);
Page<Customer> customers = client.listCustomers();
assertNotNull(customers);
}
}
Rest Endpoints
This section describes the REST endpoints automatically setup the the einnovator-sso-starter.
Table below provides a quick summary:
SsoQueryRestController:
| Method | Path | Query Parameters | Request Body | Response Body | Status | Log | Security | Description |
|---|---|---|---|---|---|---|---|---|
| /logout /_logout | GET | SsoLogoutController.logout | ||||||
| /api/group | GET | PageOptions Group groups | GroupFilter PageOptions | |||||
| /api/group/ | GET | PageOptions Member members | MemberFilter PageOptions | |||||
| /api/user | GET | PageOptions User users | UserFilter PageOptions |
Related Publications
Follow Us
Stay updated with latest news!
Subscribe to our newsletter...
Comments and Discussion