How to access externalized configuration values programmatically in spring boot

Spring Boot come up with a very comprehensive configuration mechanism. This allows developers to change application behavior externally via configuration files, environment variables, configuration servers (in this case spring-cloud-config), etc. To see all possible ways to configure a spring boot application please take a look at respective part of official reference documentation.

In this article, we will discuss how to access this configuration values from our code.

In most of the cases, you can use @Value annotation to inject a specific configuration value into your code.

@Value("${property.key.name.from.application.properties}")
private String someConfiguration;

This construct is very simple and effective. But in a very rare case, you may not know the key name of the configuration property (in above example property.key.name.from.application.properties) and the key name may be a variable defined at runtime or provided by another class. In this case, you can use Environment class of Spring.

What you have to do is simply auto wire the Environment instance into your class and call getProperty() method.

@Component
public class YourImplementation {

    @Autowired
    private Environment environment;

    ...
    
    private String resolveConfigurationValue(String key) {
         return environment.getProperty(key);
    }
}

 

Integrating JWT with Spring Security – Part 1

Introduction

I’m a big fan of Spring framework. It makes my life easier and makes coding fun. A very cool part of Spring framework is the Spring security. It’s an extensible and customizable access control and authentication framework for Spring based applications. Especially for web applications, it is essential to use a well maintained and mature security framework since it frequently audited by the community (or by its maintainers) against security flaws and designed to prevent well-known security attacks.

Spring security provides easy to use mechanisms to restrict access to specific resources, built-in authentication providers to check authentication data from different sources (like SQL database, LDAP, JAAS etc.), login-logout handlers and much more. If you are interested you can look at Spring Security reference documentation to get more detail.

JWT on the other side is a relatively new technology to establish JSON based single sign-on (SSO) mechanism.

“JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.” – https://jwt.io/

I first came across with JWT about 1 year ago and find it very cool, since it simple to use, simple to understand and quite effective. Click here to see what JWT capable of.

Motivation

In our new projects, we wanted to use microservice architecture at least apply some of the microservice patterns. My wish was to use both Spring framework and JWT to enable single sign-on across distributed microservices with a single authentication provider service. Spring ecosystem already provides wide variety tools and libraries for microservice implementation and orchestration. But unfortunately, I missed the JWT integration in Spring Security framework, which enables me to create JWT tokens after a successful login or provide mechanisms to verify JWT tokens attached to requests to authenticate users automatically.

But unfortunately, I missed the JWT integration in Spring Security framework, which enables me to create JWT tokens after a successful login or provide mechanisms to verify JWT tokens attached to requests to authenticate users automatically.

Thus I decided to implement my own JWT integration for Spring Security and make it free and open source.

You can fork the code on Github. I’m open to any suggestion and also for contributions. Please don’t hesitate to contact me via this form or open a ticket here.

In the second part of this article, I will tell you about the initial steps of the development, what I’ve learned from my research about JWT and Security, and some integral decisions I’ve made.

How to measure network speed between two machines

The network speed is really important performance parameter when it comes to microservice architecture, because most of the services running on separate machines even on separate networks. If you measure the performance, you have to be sure that the network link between services are fast enough.

I made a short research about the tools to measure network speed and found that there is a really cool and simple command line tool called iperf. It is cross platform and completely open source with BSD licence. So you can download it from its official website or install directly with your package manager (if you are using unix based or mac operating system). On MacOS i installed it with homebrew.

sudo brew install iperf

After installing iperf on both ends we can start to measuring.

On first machine you have to start iperf as server, so that it listens incoming transfer requests:

iperf -s

On the other machine we can start iperf as a client and put the ip address of server machine as argument

iperf -c 192.168.1.6

The measurement takes only few seconds and then you can see the results on both machine.

------------------------------------------------------------
Client connecting to 192.168.1.6, TCP port 5001
TCP window size: 129 KByte (default)
------------------------------------------------------------
[ 4] local 192.168.1.66 port 62284 connected with 192.168.1.6 port 5001
[ ID] Interval      Transfer     Bandwidth
[ 4]  0.0-10.0 sec  1.09 GBytes  938 Mbits/sec

 

How to disconnect your app from your users facebook account using spring social facebook

Spring social is an umbrella project (one of the Spring Framework projects), which contains a bunch of modules for connecting your spring application with different social media services like facebook, twitter, github, etc.

For a project we are currently developing I need to implement facebook integration for easy registration and login with facebook. There are plenty of documentations and tutorials out there, which describe how to connect users account with facebook using spring-social-facebook project, but practically no (at least I cannot find any) guidance how to disconnect. Disconnecting means removing (revoking) authorization of your app to access your users facebook account.

 

Here is my solution for that:

FacebookTemplate facebookTemplate = new FacebookTemplate(accessToken);
boolean authorized = facebookTemplate.isAuthorized();
if (authorized) {
    facebookTemplate.delete(userId, "permissions");
}

You have to fill accessToken and userId values according to current users context. When the delete method successfully executed (without throwing any exception), your applications authorization will be removed from facebook account of your user.

See official facebook API documentation for more information about de-authorization of your app.