- Swagger URL: http://localhost:9090/swagger-ui/index.html
- Java 17
- Spring Boot 3.1.5
- spring-boot-starter-web (to enable REST)
- spring-boot-starter-security (to enable Spring Security)
- spring-boot-starter-oauth2-resource-server (provides support for OAuth 2.0 Bearer Tokens) - https://docs.spring.io/spring-security/reference/servlet/oauth2/resource-server/index.html
- spring-security-oauth2-jose (provides support for decoding and verifying JWTs)
- spring-boot-starter-data-jpa (to manage DB objects)
- org.bouncycastle:bcprov-jdk18on (lightweight Java cryptography API) - https://www.bouncycastle.org/java.html
- springdoc-openapi-starter-webmvc-ui (Spring Boot support for OpenAPI 3 & Swagger UI) - https://springdoc.org/
- PostgreSQL - (latest)
- Lombok (to remove boilerplate code like accessors/ constructors/ etc) - https://projectlombok.org/
- Apache commons-lang3 (provides popular utility methods) - https://commons.apache.org/proper/commons-lang/
- Maven 3.8 (Build Tool)
You need the following pre-installed on your machine:
- Your favourite Java IDE
- Java 17
- Container Management Tool like Rancher Desktop (open-source tool that runs Kubernetes and container management on your desktop)
git clone https://github.dxc.com/skirkov/spring-boot-security-jwt-demo.git
Use this command only the first time to create & start the DB container.
docker-compose up -d
url=jdbc:postgresql://localhost:7432/demo_db
user=demo_user
pwd=DemoUser1Pass2Qa
Set in application-dev.properties:
spring.jpa.hibernate.ddl-auto=create
After the initial run switch to:
spring.jpa.hibernate.ddl-auto=validate
docker-compose stop
You can see different settings there, that can be modified. application.properties
You can see different settings there, that can be modified. application-dev.properties
1). You can use some free online tool like this one: https://app.id123.io/free-tools/key-generator/
2). Copy & Paste generated values to: /src/main/resources/keys
docker-compose start
Use your favorite IDE to run the app as Spring Application.
Swagger UI provides documentation out of the box and allows you to access and call all exposed REST endpoints.
Load the following collection in Postman:
postman-collection/spring-jwt-demo.postman_collection.json
Go to https://jwt.io/
> netstat -ano | findstr :1521
> taskkill /PID <PID> /F