Implement java server

Dockerfile-java

@@ -0,0 +1,12 @@
+FROM openjdk:11-jdk as BUILD_IMAGE
+COPY ./packages/server-java ./packages/server-java
+COPY ./modules ./modules
+
+WORKDIR ./packages/server-java
+RUN ./gradlew clean bootJar
+
+FROM openjdk:11-jre-slim
+WORKDIR /server-java/
+COPY --from=BUILD_IMAGE /packages/server-java/app/build/libs/app-release.jar .
+EXPOSE 8080
+CMD ["java", "-jar", "app-release.jar"]

docker-compose.react-java.yml

@@ -0,0 +1,48 @@
+version: '3'
+services:
+  apollo_java_server:
+    build:
+      context: .
+      dockerfile: Dockerfile-java
+    environment:
+      - JAVA_ENV=development
+    container_name: apollo_java_server
+    volumes:
+      - ./:${APP_DIR}
+      - ./modules:${APP_DIR}/modules
+      - ./packages/server-java/gradle/wrapper:${APP_DIR}/packages/server-java/gradle/wrapper
+      - ./packages/server-java/gradlew:${APP_DIR}/packages/server-java/gradlew
+    ports:
+      - 8080:8080
+    stdin_open: true
+    tty: true
+    network_mode: host
+
+  apollo_client:
+    build:
+      context: .
+      dockerfile: Dockerfile
+      args:
+        APP_DIR: ${APP_DIR}
+    depends_on:
+      - apollo_java_server
+    environment:
+      - NODE_ENV=development
+      - SERVER_HOST=apollo_java_server:8080
+    container_name: apollo_client
+    tty: true
+    stdin_open: true
+    volumes:
+      - ./:${APP_DIR}
+      - ${APP_DIR}/build
+      - client_node_modules:${APP_DIR}/node_modules
+    working_dir: ${APP_DIR}
+    user: node
+    command: >
+      sh -c 'cmp -s yarn.lock node_modules/yarn.lock || yarn install --frozen-lockfile && cp -f yarn.lock node_modules/yarn.lock && yarn watch-client'
+    ports:
+      - 3000:3000
+    network_mode: host
+
+volumes:
+  client_node_modules:

modules/authentication/server-java/build.gradle

@@ -0,0 +1,7 @@
+dependencies {
+    implementation project(':core')
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.2'
+    implementation 'io.jsonwebtoken:jjwt-impl:0.11.2'
+    implementation 'io.jsonwebtoken:jjwt-jackson:0.11.2'
+    api 'org.springframework.boot:spring-boot-starter-security'
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/config/AuthConfig.java

@@ -0,0 +1,15 @@
+package com.sysgears.authentication.config;
+
+import io.jsonwebtoken.security.Keys;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.security.Key;
+
+@Configuration
+public class AuthConfig {
+    @Bean
+    public Key jwtSecretKey(JwtConfig config) {
+        return Keys.hmacShaKeyFor(config.getSecret().getBytes());
+    }
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/config/JwtConfig.java

@@ -0,0 +1,16 @@
+package com.sysgears.authentication.config;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+@Getter
+@Setter
+@Configuration
+@ConfigurationProperties("jwt")
+public class JwtConfig {
+    private String secret;
+    private long accessTokenExpirationInSec;
+    private long refreshTokenExpirationInSec;
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/exception/RefreshTokenInvalidException.java

@@ -0,0 +1,11 @@
+package com.sysgears.authentication.exception;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+public class RefreshTokenInvalidException extends RuntimeException {
+
+    public RefreshTokenInvalidException() {
+        super("Refresh token is invalid.");
+    }
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/model/jwt/JwtUserIdentity.java

@@ -0,0 +1,17 @@
+package com.sysgears.authentication.model.jwt;
+
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+@Builder
+public class JwtUserIdentity {
+    private final int id;
+    private final String username;
+    private final String passwordHash;
+    private final String role;
+    private final Boolean isActive;
+    private final String email;
+    private final String firstName;
+    private final String lastName;
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/model/jwt/Tokens.java

@@ -0,0 +1,13 @@
+package com.sysgears.authentication.model.jwt;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class Tokens {
+    private String accessToken;
+    private String refreshToken;
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/resolvers/jwt/JwtMutationResolver.java

@@ -0,0 +1,31 @@
+package com.sysgears.authentication.resolvers.jwt;
+
+import com.sysgears.authentication.exception.RefreshTokenInvalidException;
+import com.sysgears.authentication.model.jwt.JwtUserIdentity;
+import com.sysgears.authentication.model.jwt.Tokens;
+import com.sysgears.authentication.service.jwt.JwtGenerator;
+import com.sysgears.authentication.service.jwt.JwtParser;
+import graphql.kickstart.tools.GraphQLMutationResolver;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+
+import java.util.concurrent.CompletableFuture;
+
+@Component
+@RequiredArgsConstructor
+public class JwtMutationResolver implements GraphQLMutationResolver {
+    private final JwtParser jwtParser;
+    private final JwtGenerator jwtGenerator;
+    private final JwtUserIdentityService userIdentityService;
+
+    public CompletableFuture<Tokens> refreshTokens(String refreshToken) {
+        return CompletableFuture.supplyAsync(() -> {
+            if (refreshToken.isBlank()) {
+                throw new IllegalArgumentException();
+            }
+            Integer userId = jwtParser.getIdFromRefreshToken(refreshToken);
+            JwtUserIdentity userIdentity = userIdentityService.findById(userId).orElseThrow(RefreshTokenInvalidException::new);
+            return jwtGenerator.generateTokens(userIdentity);
+        });
+    }
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/resolvers/jwt/JwtUserIdentityService.java

@@ -0,0 +1,9 @@
+package com.sysgears.authentication.resolvers.jwt;
+
+import com.sysgears.authentication.model.jwt.JwtUserIdentity;
+
+import java.util.Optional;
+
+public interface JwtUserIdentityService {
+    Optional<JwtUserIdentity> findById(Integer id);
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/resolvers/session/SessionMutationResolver.java

@@ -0,0 +1,19 @@
+package com.sysgears.authentication.resolvers.session;
+
+import com.sysgears.authentication.utils.SessionUtils;
+import graphql.kickstart.tools.GraphQLMutationResolver;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+
+@Slf4j
+@Component
+public class SessionMutationResolver implements GraphQLMutationResolver {
+
+    public String logout() {
+       if (SessionUtils.SECURITY_CONTEXT.getAuthentication() != null) {
+           log.info("Logout user '{}'", SessionUtils.SECURITY_CONTEXT.getAuthentication().getName());
+           SessionUtils.SECURITY_CONTEXT.setAuthentication(null);
+       }
+        return null;
+    }
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/service/jwt/JwtGenerator.java

@@ -0,0 +1,10 @@
+package com.sysgears.authentication.service.jwt;
+
+import com.sysgears.authentication.model.jwt.JwtUserIdentity;
+import com.sysgears.authentication.model.jwt.Tokens;
+
+public interface JwtGenerator {
+    Tokens generateTokens(JwtUserIdentity identity);
+
+    String generateVerificationToken(JwtUserIdentity identity);
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/service/jwt/JwtParser.java

@@ -0,0 +1,9 @@
+package com.sysgears.authentication.service.jwt;
+
+public interface JwtParser {
+    Integer getIdFromAccessToken(String token);
+
+    Integer getIdFromRefreshToken(String token);
+
+    Integer getIdFromVerificationToken(String token);
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/service/jwt/JwtService.java

@@ -0,0 +1,96 @@
+package com.sysgears.authentication.service.jwt;
+
+import com.sysgears.authentication.config.JwtConfig;
+import com.sysgears.authentication.model.jwt.JwtUserIdentity;
+import com.sysgears.authentication.model.jwt.Tokens;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+import java.security.Key;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class JwtService implements JwtGenerator, JwtParser {
+    private final Key secretKey;
+    private final JwtConfig jwtConfig;
+
+    public Tokens generateTokens(JwtUserIdentity identity) {
+        return new Tokens(generateAccessToken(identity), generateRefreshToken(identity));
+    }
+
+    public String generateVerificationToken(JwtUserIdentity identity) {
+        return Jwts.builder()
+                .setSubject(String.valueOf(identity.getId()))
+                .setIssuedAt(Date.from(Instant.now()))
+                .setExpiration(Date.from(Instant.now().plus(jwtConfig.getAccessTokenExpirationInSec(), ChronoUnit.SECONDS)))
+                .setHeaderParam("typ", "JWT")
+                .signWith(secretKey, SignatureAlgorithm.HS256)
+                .compact();
+    }
+
+    public Integer getIdFromAccessToken(String token) {
+        return (Integer) Jwts.parserBuilder()
+                .setSigningKey(secretKey)
+                .build()
+                .parseClaimsJws(token)
+                .getBody()
+                .get("identity", Map.class)
+                .get("id");
+    }
+
+    public Integer getIdFromRefreshToken(String token) {
+        return Jwts.parserBuilder()
+                .setSigningKey(secretKey)
+                .build()
+                .parseClaimsJws(token)
+                .getBody()
+                .get("id", Integer.class);
+    }
+
+    public Integer getIdFromVerificationToken(String token) {
+        Claims claims = Jwts.parserBuilder()
+                .setSigningKey(secretKey)
+                .build()
+                .parseClaimsJws(token)
+                .getBody();
+        return Integer.parseInt(claims.getSubject());
+    }
+
+    private String generateAccessToken(JwtUserIdentity identity) {
+        Map<String, Object> claims = new HashMap<>();
+        claims.put("identity", identity);
+        log.debug("Generating new access JWT for user {}", identity.getId());
+
+        return Jwts.builder()
+                .setClaims(claims)
+                .setIssuedAt(Date.from(Instant.now()))
+                .setExpiration(Date.from(Instant.now().plus(jwtConfig.getAccessTokenExpirationInSec(), ChronoUnit.SECONDS)))
+                .setHeaderParam("typ", "JWT")
+                .signWith(secretKey, SignatureAlgorithm.HS256)
+                .compact();
+    }
+
+    private String generateRefreshToken(JwtUserIdentity identity) {
+        Map<String, Object> claims = new HashMap<>();
+        claims.put("id", identity.getId());
+        log.debug("Generating new refresh JWT for user {}", identity.getId());
+
+        return Jwts.builder()
+                .setClaims(claims)
+                .setIssuedAt(Date.from(Instant.now()))
+                .setExpiration(Date.from(Instant.now().plus(jwtConfig.getRefreshTokenExpirationInSec(), ChronoUnit.SECONDS)))
+                .setHeaderParam("typ", "JWT")
+                .signWith(secretKey, SignatureAlgorithm.HS256)
+                .compact();
+    }
+}

modules/authentication/server-java/src/main/java/com/sysgears/authentication/utils/SessionUtils.java

@@ -0,0 +1,12 @@
+package com.sysgears.authentication.utils;
+
+import lombok.AccessLevel;
+import lombok.NoArgsConstructor;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+@NoArgsConstructor(access = AccessLevel.PRIVATE)
+public final class SessionUtils {
+    public static final SecurityContext SECURITY_CONTEXT = SecurityContextHolder.createEmptyContext();
+
+}

modules/authentication/server-java/src/main/resources/jwt/schema.graphqls

@@ -0,0 +1,4 @@
+extend type Mutation {
+  # Refresh user tokens
+  refreshTokens(refreshToken: String!): Tokens!
+}

modules/authentication/server-java/src/main/resources/session/schema.graphqls

@@ -0,0 +1,4 @@
+extend type Mutation {
+  # Logout user
+  logout: String
+}