Added JWT security and Swagger for documentation

Author: BrunoMazzocchi

build.gradle

@@ -1,11 +1,11 @@
 plugins {
-	id 'org.springframework.boot' version '2.6.5'
+	id 'org.springframework.boot' version '2.5.5'
 	id 'io.spring.dependency-management' version '1.0.11.RELEASE'
 	id 'java'
 }
 
-group = 'com.example.library'
-version = '0.0.1-SNAPSHOT'
+group = 'com.example'
+version = '1.0'
 sourceCompatibility = '11'
 
 repositories {
@@ -15,8 +15,12 @@ repositories {
 dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
+	implementation 'io.springfox:springfox-swagger2:2.9.2'
+	implementation 'io.springfox:springfox-swagger-ui:2.9.2'
+	implementation 'org.springframework.boot:spring-boot-starter-security'
 	implementation 'org.mapstruct:mapstruct:1.4.2.Final'
 
+	implementation 'io.jsonwebtoken:jjwt:0.9.1'
 	annotationProcessor 'org.mapstruct:mapstruct-processor:1.4.2.Final'
 
 	runtimeOnly'com.microsoft.sqlserver:mssql-jdbc'

src/main/java/com/example/library/LibraryAPI/domain/dto/AuthenticationRequest.java

@@ -0,0 +1,22 @@
+package com.example.library.LibraryAPI.domain.dto;
+
+public class AuthenticationRequest {
+    private String username;
+    private String password;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+}

src/main/java/com/example/library/LibraryAPI/domain/dto/AuthenticationResponse.java

@@ -0,0 +1,18 @@
+package com.example.library.LibraryAPI.domain.dto;
+
+public class AuthenticationResponse {
+
+    private String jwt;
+
+    public AuthenticationResponse(String jwt){
+        this.jwt = jwt;
+    }
+
+    public String getJwt() {
+        return jwt;
+    }
+
+    public void setJwt(String jwt) {
+        this.jwt = jwt;
+    }
+}

src/main/java/com/example/library/LibraryAPI/domain/repository/BookRepository.java

@@ -10,5 +10,7 @@ public interface BookRepository {
     List<Book>getAll();
     Optional<Book> getBook(int bookId);
      Book save (Book book);
-     void delete(int bookId);
+   Optional<List<Book > >findBookByAuthorName(String name);
+   Optional<List<Book>> findBookByAuthorSurname(String surname);
+    void delete(int bookId);
 }

src/main/java/com/example/library/LibraryAPI/domain/service/BookService.java

@@ -31,5 +31,10 @@ public boolean delete(int bookId){
             return true;
         }).orElse(false);
         }
-
+    public Optional<List<Book>> findBookByAuthorName(String name){
+        return bookRepository.findBookByAuthorName(name);
+    }
+    public Optional<List<Book>> findBookByAuthorSurname(String surname){
+        return bookRepository.findBookByAuthorSurname(surname);
+    }
 }

src/main/java/com/example/library/LibraryAPI/domain/service/LibraryUserDetailService.java

@@ -0,0 +1,15 @@
+package com.example.library.LibraryAPI.domain.service;
+
+import org.springframework.security.core.userdetails.*;
+import org.springframework.stereotype.*;
+
+import java.util.*;
+@Service
+@Component
+public class LibraryUserDetailService implements UserDetailsService {
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        return new User("Test",  "{noop}Test", new ArrayList<>());
+    }
+}

src/main/java/com/example/library/LibraryAPI/persistence/BookRepository.java

@@ -31,6 +31,19 @@ public Book save(Book book) {
         return  bookCrudRepository.save(book);
     }
 
+    @Override
+    public Optional<List<Book>> findBookByAuthorName(String name) {
+        List<Book> books = bookCrudRepository.findBookByAuthorName(name);
+        return Optional.of(books);
+    }
+
+
+    @Override
+    public Optional<List<Book>> findBookByAuthorSurname(String surname) {
+        List<Book> books = bookCrudRepository.findBookByAuthorSurname(surname);
+        return Optional.of(books);
+    }
+
     @Override
     public void delete(int bookId) {
         bookCrudRepository.deleteById(bookId);

src/main/java/com/example/library/LibraryAPI/persistence/crud/AuthorCrudRepository.java

@@ -0,0 +1,8 @@
+package com.example.library.LibraryAPI.persistence.crud;
+
+import com.example.library.LibraryAPI.persistence.entity.*;
+import org.springframework.data.repository.*;
+
+public interface AuthorCrudRepository extends CrudRepository<Author, Integer> {
+
+}

src/main/java/com/example/library/LibraryAPI/persistence/crud/BookCrudRepository.java

@@ -1,8 +1,19 @@
 package com.example.library.LibraryAPI.persistence.crud;
 
 import com.example.library.LibraryAPI.persistence.entity.*;
+import org.springframework.data.jpa.repository.*;
 import org.springframework.data.repository.*;
 
+import java.util.*;
+
 
 public interface BookCrudRepository extends CrudRepository<Book, Integer> {
-}
+    @Query(value = "SELECT dbo.books.book_id, dbo.books.name" +
+            ", dbo.authors.name AS 'Author', dbo.authors.surname as 'Surname' FROM  dbo.books INNER JOIN   dbo.authors ON dbo.books.author_id = dbo.authors.author_id where authors.name = '?'", nativeQuery = true)
+    List<Book> findBookByAuthorName(String name);
+
+
+
+    @Query(value = "SELECT dbo.books.book_id, dbo.books.name, dbo.authors.name AS 'Author', dbo.authors.surname as 'Surname' FROM dbo.books INNER JOIN dbo.authors ON dbo.books.author_id = dbo.authors.author_id WHERE authors.surname = '?'", nativeQuery = true)
+    List<Book> findBookByAuthorSurname(String surname);
+    }

src/main/java/com/example/library/LibraryAPI/web/config/SwaggerConfig.java

@@ -0,0 +1,36 @@
+package com.example.library.LibraryAPI.web.config;
+
+import org.springframework.context.annotation.*;
+import springfox.documentation.builders.*;
+import springfox.documentation.service.*;
+import springfox.documentation.spi.*;
+import springfox.documentation.spring.web.plugins.*;
+import springfox.documentation.swagger2.annotations.*;
+
+import java.util.*;
+
+@Configuration //Para habilitar swagger
+@EnableSwagger2
+public class SwaggerConfig {
+    private ApiInfo apiInfo() {
+        return new ApiInfo(
+                "My REST API for a library",
+                "Rest API for a library using Spring Boot",
+                "API 1",
+                "Terms of service",
+                new Contact("BrunoMazzocchi", "www.github.com/BrunoMazzocchi", "none"),
+                "License of API",
+                "API license URL",
+                Collections.emptyList());
+    }
+
+    @Bean //
+    public Docket api(){
+        return new Docket(DocumentationType.SWAGGER_2)
+                .select()
+                .apis(RequestHandlerSelectors.basePackage("com.example.library.LibraryAPI.web.config.controller"))
+                .build();
+    }
+
+
+}

src/main/java/com/example/library/LibraryAPI/web/config/controller/AuthController.java

@@ -0,0 +1,41 @@
+package com.example.library.LibraryAPI.web.config.controller;
+
+
+import com.example.library.LibraryAPI.domain.dto.*;
+import com.example.library.LibraryAPI.domain.service.*;
+import com.example.library.LibraryAPI.web.security.*;
+import org.springframework.beans.factory.annotation.*;
+import org.springframework.http.*;
+import org.springframework.security.authentication.*;
+import org.springframework.security.core.userdetails.*;
+import org.springframework.web.bind.annotation.*;
+import springfox.documentation.annotations.*;
+
+@RestController
+@RequestMapping("/auth")
+@ApiIgnore
+public class AuthController {
+
+    @Autowired
+    private AuthenticationManager authenticationmanager;
+
+    @Autowired
+    LibraryUserDetailService libraryUserDetailService;
+
+    @Autowired
+    private JWTUtil jwtUtil;
+    @PostMapping("/authenticate")
+    public ResponseEntity<AuthenticationResponse> createToken(@RequestBody AuthenticationRequest request){
+        try {
+            authenticationmanager.authenticate(new UsernamePasswordAuthenticationToken(request.getPassword(), request.getUsername()));
+
+            //Envia los datos al JWT generator
+            UserDetails userDetails = libraryUserDetailService.loadUserByUsername(request.getUsername());
+            String jwt = jwtUtil.generateToken(userDetails);
+
+            return new ResponseEntity<>(new AuthenticationResponse(jwt), HttpStatus.OK);
+        } catch (BadCredentialsException e) {
+            return new ResponseEntity<>(HttpStatus.FORBIDDEN);
+        }
+    }
+}

src/main/java/com/example/library/LibraryAPI/web/config/controller/BookController.java

@@ -2,6 +2,7 @@
 
 import com.example.library.LibraryAPI.domain.service.*;
 import com.example.library.LibraryAPI.persistence.entity.*;
+import io.swagger.annotations.*;
 import org.springframework.beans.factory.annotation.*;
 import org.springframework.http.*;
 import org.springframework.web.bind.annotation.*;
@@ -16,24 +17,62 @@ public class BookController {
     private BookService bookService;
 
     @GetMapping("/all")
+    @ApiOperation("Gets all books")
     public ResponseEntity<List<Book>> getAll(){
         return new ResponseEntity<>(bookService.getAll(), HttpStatus.OK);
     }
 
+
+    @ApiOperation("Search a specific book with an ID")
     @GetMapping("/{id}")
-    public ResponseEntity<Book>getBook(@PathVariable("id") int bookId){
+    @ApiResponses({
+            @ApiResponse(code = 200, message = "OK"),
+            @ApiResponse(code = 404, message = "Not found")
+    })
+    public ResponseEntity<Book>getBook(@ApiParam(value = "Book's ID", required = true, example = "1")@PathVariable("id") int bookId){
         return bookService.getBook(bookId)
                 .map(book -> new ResponseEntity<>(book, HttpStatus.OK))
                 .orElse(new ResponseEntity<>(HttpStatus.NOT_FOUND));
     }
 
+    @ApiOperation("Search a book with the author's name or surname (not working right now)")
+    @GetMapping("/author/{nameOrSurname}")
+    @ApiResponses({
+            @ApiResponse(code = 200, message = "OK"),
+            @ApiResponse(code = 404, message = "Not found")
+    })
+    public  ResponseEntity<List<Book>> findBookByAuthorNameOrSurname(@ApiParam(value = "Author's name/surname (String)", required = true, example = "1")@PathVariable String nameOrSurname){
+        return bookService.findBookByAuthorName(nameOrSurname).map(
+                books -> new ResponseEntity<>(books, HttpStatus.OK)
+
+        ).orElse(new ResponseEntity<>(HttpStatus.NOT_FOUND));
+    }
+
+    @ApiOperation("Saves a book with the information required")
+    @ApiResponses({
+            @ApiResponse(code = 200, message = "OK"),
+            @ApiResponse(code = 404, message = "Not found")
+    })
     @PostMapping("/save")
-    public ResponseEntity<Book> save(@RequestBody Book book){
+    public ResponseEntity<Book> save(@ApiParam(value = "The book entity", required = true, example = "" +
+            "{\n" +
+            "  \"name\": 0,\n" +
+            "  \"pageCount\": {\n" +
+            "    \"point\": 0,\n" +
+            "    \"authorId\": \"string\",\n" +
+            "    \"typeId\": 0\n" +
+            "  }" +
+            "") @RequestBody Book book){
         return new ResponseEntity<>(bookService.save(book), HttpStatus.CREATED);
     }
 
+    @ApiOperation("Deletes a product with the information required")
+    @ApiResponses({
+            @ApiResponse(code = 200, message = "OK"),
+            @ApiResponse(code = 404, message = "Not found")
+    })
     @DeleteMapping("/delete/{id}")
-    public ResponseEntity delete(@PathVariable("id") int bookId){
+    public ResponseEntity delete(@ApiParam(value = "The book's ID")@PathVariable("id") int bookId){
         if(bookService.delete(bookId)) {
             return new ResponseEntity(HttpStatus.OK);
         } else  {

src/main/java/com/example/library/LibraryAPI/web/config/controller/BorrowController.java

@@ -2,6 +2,7 @@
 
 import com.example.library.LibraryAPI.domain.service.*;
 import com.example.library.LibraryAPI.persistence.entity.*;
+import io.swagger.annotations.*;
 import org.springframework.beans.factory.annotation.*;
 import org.springframework.http.*;
 import org.springframework.web.bind.annotation.*;
@@ -16,26 +17,53 @@ public class BorrowController {
     private BorrowService borrowService;
 
     @GetMapping("/all")
+    @ApiOperation("Gets all the borrows registered")
     public ResponseEntity<List<Borrow>> getAll(){
         return new ResponseEntity<>(borrowService.getAll(), HttpStatus.OK);
     }
 
+    @ApiOperation("Search a specifics borrow with a student ID")
     @GetMapping("/student/{studentId}")
-    public  ResponseEntity<List<Borrow>> getBorrowByStudentId(@PathVariable int studentId){
+    @ApiResponses({
+            @ApiResponse(code = 200, message = "OK"),
+            @ApiResponse(code = 404, message = "Not found")
+    })
+    public  ResponseEntity<List<Borrow>> getBorrowByStudentId(@ApiParam(value = "Student's ID", required = true, example = "1")@PathVariable int studentId){
         return borrowService.getBorrowByStudentId(studentId).map(
                 borrows -> new ResponseEntity<>(borrows, HttpStatus.OK)
 
         ).orElse(new ResponseEntity<>(HttpStatus.NOT_FOUND));
     }
+
+
+    @ApiOperation("Search a specifics borrow with a book ID")
     @GetMapping("/book/{bookId}")
-    public  ResponseEntity<List<Borrow>> getBorrowByBookId(@PathVariable int bookId){
+    @ApiResponses({
+            @ApiResponse(code = 200, message = "OK"),
+            @ApiResponse(code = 404, message = "Not found")
+    })
+    public  ResponseEntity<List<Borrow>> getBorrowByBookId(@ApiParam(value = "Book's ID", required = true, example = "1")@PathVariable int bookId){
         return borrowService.getBorrowByBookId(bookId).map(
                 borrows -> new ResponseEntity<>(borrows, HttpStatus.OK)
 
         ).orElse(new ResponseEntity<>(HttpStatus.NOT_FOUND));
     }
+
+    @ApiOperation("Saves a borrow with the information required")
+    @ApiResponses({
+            @ApiResponse(code = 200, message = "OK"),
+            @ApiResponse(code = 404, message = "Not found")
+    })
     @PostMapping("/save")
-    public ResponseEntity<Borrow> save(@RequestBody Borrow borrow){
+    public ResponseEntity<Borrow> save(@ApiParam(value = "The book entity", required = true, example = "" +
+            "{\n" +
+            "  \"borrowId\": 0,\n" +
+            "  \"studentId\": {\n" +
+            "    \"bookId\": 0,\n" +
+            "    \"takenDate\": \"string\",\n" +
+            "    \"broughtDate\": 0\n" +
+            "  }" +
+            "")@RequestBody Borrow borrow){
         return new ResponseEntity<>(borrowService.save(borrow), HttpStatus.CREATED);
     }
 }