投稿時間:2023-08-30 12:27:11 RSSフィード2023-08-30 12:00 分まとめ(32件)

カテゴリー等 サイト名等 記事タイトル・トレンドワード等 リンクURL 頻出ワード・要約等/検索ボリューム 登録日
IT 気になる、記になる… KDDIとスペースX、衛星とスマホの直接通信サービスを2024年内に提供へ https://taisy0.com/2023/08/30/176025.html ceexplorationtechnologies 2023-08-30 02:52:50
IT 気になる、記になる… Anker、防災セット「Anker PowerBag 2023」の予約販売を開始 https://taisy0.com/2023/08/30/176022.html anker 2023-08-30 02:41:49
ROBOT ロボスタ 【世界初】富士通が5G無線子局用ミリ波チップで最大4ビームの多重技術を開発 高速かつ大容量通信と消費電力30%削減 https://robotstart.info/2023/08/30/5g-ru-multibeam-fujitsu.html 2023-08-30 02:20:23
IT ITmedia 総合記事一覧 [ITmedia PC USER] マウス、「半期決算セール 第1弾」を開始 最大6万円引き https://www.itmedia.co.jp/pcuser/articles/2308/30/news109.html itmediapcuser 2023-08-30 11:28:00
IT ITmedia 総合記事一覧 [ITmedia News] 無印の“人をダメにするソファ”に長方形 登場から21年 https://www.itmedia.co.jp/news/articles/2308/30/news108.html itmedia 2023-08-30 11:13:00
AWS AWS Japan Blog ノーコード機械学習のAmazon SageMaker Canvas を使用して、画像から製造品質欠陥の検出を誰でも簡単に行う方法 https://aws.amazon.com/jp/blogs/news/democratize-computer-vision-defect-detection-for-manufacturing-quality-using-no-code-machine-learning-with-amazon-sagemaker-canvas/ amazonsagemakercanvas 2023-08-30 02:55:36
python Pythonタグが付けられた新着投稿 - Qiita コマンドプロンプトテスト(エクセルファイルの当日データ行を新規ファイルへコピー保存) https://qiita.com/ItachInotanukI/items/e3b21ca20bdcd4a09134 control 2023-08-30 11:45:24
python Pythonタグが付けられた新着投稿 - Qiita 楽しい量子力学 -1時間目- https://qiita.com/tamazoo/items/be624fde0bb8b19e67f5 量子コンピュータ 2023-08-30 11:30:33
python Pythonタグが付けられた新着投稿 - Qiita 「AI×日記」3泊4日のオフラインハッカソンでモバイルアプリを作った話 https://qiita.com/Akira_0809/items/2a1513be50483f68b11c akira 2023-08-30 11:25:40
Program CodeZine OpenAI、エンタープライズ品質の機能を備えた「ChatGPT Enterprise」の提供を開始 http://codezine.jp/article/detail/18251 chatgptenterprise 2023-08-30 11:15:00
Program CodeZine Wordpress、Webホスティング・サービスの「100年プラン」を発表 http://codezine.jp/article/detail/18258 wordpress 2023-08-30 11:10:00
Program CodeZine Kubernetes用のイベント駆動自動スケーラ「KEDA」、CNCFの「卒業」プロジェクトに http://codezine.jp/article/detail/18257 Kubernetes用のイベント駆動自動スケーラ「KEDA」、CNCFの「卒業」プロジェクトに米CloudNativeComputingFoundationCNCFは、Kubernetes用のイベント駆動自動スケーラ「KEDAKubernetesEventDrivenAutoscaling」を、CNCFの「卒業Graduated」プロジェクトに移行すると、月日現地時間に発表した。 2023-08-30 11:05:00
Git Gitタグが付けられた新着投稿 - Qiita 【Git】チーム開発でのgit操作 https://qiita.com/Oriko/items/aa619889f7e591377ecb github 2023-08-30 11:31:34
技術ブログ Developers.IO S3のコストについて改めて確認してみた https://dev.classmethod.jp/articles/202308-s3cost-01/ 確認 2023-08-30 02:42:21
技術ブログ Developers.IO 【レポート】ゲームの売上を伸ばすためのデータ分析・機械学習・データ分析基盤構築の重要ポイントとは #CEDEC2023 #classmethod_game https://dev.classmethod.jp/articles/cedec2023_case_studies_data_analysis_machine_learning/ cedec 2023-08-30 02:34:47
技術ブログ Developers.IO データベースの列固定表示が可能になり、横長データベースが扱い易くなりました #Notion https://dev.classmethod.jp/articles/notion-database-column-fixing-is-now-possible/ freezenowavailableintab 2023-08-30 02:13:17
技術ブログ Developers.IO Next.jsのチュートリアルでブログアプリを作ってみた https://dev.classmethod.jp/articles/next-js-tutorial-looking-back/ nextjs 2023-08-30 02:04:56
海外TECH DEV Community 🛡️The Ultimate Defense: Introduction to Spring Security 🔐 https://dev.to/safvan_8/the-ultimate-defense-introduction-to-spring-security-9de ️The Ultimate Defense Introduction to Spring Security Last time we expolored Servlet security and higlighted limitations Now let s take a step further and discover how Spring Security emerges as the ultimate solution to overcome these challenges In our modern digital age the safety of our web applications stands front and center Just as we lock our homes to protect our valuables we need a robust mechanism to ensure our online treasures are safe Spring Security acts as this protective mechanism for our apps just as a robust lock does for our homes Spring Security What s the Big Deal If you are aleardy familoar with web development especially with the Spring framework you d know that securing your applications is crucial And Spring Security is the tool for this job It s like having a digital watchman always alert ensuring everything s in order ️‍ ️Now let s understand the important features of Spring Security Authentication Are You Who You Say You Are When someone tries to access your application the first thing you d want to know is if they re really who they claim to be This process of confirming someone s identity is called authentication It s like the guard at the entrance of a gated community asking for an ID card If you show it you get in otherwise you stay out Spring Security offers tools to do just this Whether you re developing using Servlet or WebFlux Spring Security has your back ️ Defense Against Dark Arts Stopping the Bad GuysIt s not just about who s coming in it s also about stopping bad things from happening Just as a good guard checks for any mischief Spring Security checks for any sneaky attacks on your application Spring Security offers multiple layers of protection CSRF Cross Site Request Forgery Stops attackers from tricking your users into performing actions without their knowledge HTTP Headers Ensures that the communication between your user s browser and your server is secure HTTP Requests Checks that incoming requests are genuine and not from someone trying to harm your app ️ Making Friends Integration with Other ToolsSpring Security isn t a lone ranger It works great with other tools and technologies enhancing its capabilities Think of it as a member of a cricket team where every player has their own specialty but they play best when together Here s a glimpse of its partnerships Cryptography Secures data by transforming it into a code to prevent unauthorized access Spring Data Works hand in hand with databases ensuring only the right data is accessed Java s Concurrency APIs Manages multiple tasks at once efficiently Jackson Helps in data binding and converting Java objects to JSON and vice versa Localization Adapts the application for different regions or languages A Peek into the Digital WorldNow that we ve understood the nuts and bolts of Spring Security it s evident how invaluable it is in the digital realm With hackers and cyber threats looming around tools like Spring Security act as our knights in shining armor They might seem complex on the outside but at their heart they re simple tools designed to keep the bad guys out and let the good guys in Keep exploring keep learning and always ensure that your digital treasures are well guarded After all as they say it s better to be safe than sorry 2023-08-30 02:56:53
海外TECH DEV Community Build a Beautiful CRUD App with Spring Boot and Angular https://dev.to/oktadev/build-a-beautiful-crud-app-with-spring-boot-and-angular-3ig6 Build a Beautiful CRUD App with Spring Boot and AngularAngular is one of my favorite frameworks for building single page applications SPAs As a Java developer its separation of components services and pipes made a lot of sense to me It s a web framework that allows you to declaratively describe your UI by creating small reusable components I believe it was a huge influencer in TypeScript s popularity It s also backed by Google which means it will likely be around for a long time I like to build CRUD create read update and delete apps to understand frameworks I think they show a lot of the base functionality you need when creating an app Once you complete the basics of CRUD most of the integration work is finished and you can move on to implementing the necessary business logic In this tutorial you ll learn how to build a secure CRUD app with Spring Boot and Angular The final will result will use OAuth authorization code flow and package the Angular app in the Spring Boot app for distribution as a single artifact At the same time I ll show you how to keep Angular s productive workflow when developing locally You ll need to install several tools to follow along with this tutorial You can also watch it as a screencast Prerequisites Java Node HTTPieAuth CLIAn Auth account Configure and Run a Spring Boot and Angular AppI m a frequent speaker at conferences and Java User Groups JUGs around the world I ve been a Java developer for years and ️the Java community I ve found that speaking at JUGs is a great way to interact with the community and get raw feedback on presentations Detect dark theme var iframe document getElementById tweet if document body className includes dark theme iframe src theme dark Why am I telling you this Because I thought it d be fun to create a JUG Tours app that allows you to create edit delete JUGs and view upcoming events I realize that taking minutes to build this app can be cumbersome so I ve already built it in oktadev auth spring boot angular crud example The project uses Spring Boot and Angular I hope this helps you clone configure and run Seeing something running is such a joyful experience git clone jugtourscd jugtoursOpen a terminal window and run auth login to configure the Auth CLI to get an API key for your tenant Then run auth apps create to register this app with the appropriate URLs auth apps create name Bootiful Angular description Spring Boot Angular ️ type regular callbacks http localhost login oauth code okta http localhost login oauth code okta logout urls http localhost http localhost reveal secretsCopy the outputted values from this command into a new okta env file export OKTA OAUTH ISSUER https lt your auth domain gt export OKTA OAUTH CLIENT ID lt your client id gt export OKTA OAUTH CLIENT SECRET lt your client secret gt If you re on Windows use set instead of export to set these environment variables and name the file okta env bat set OKTA OAUTH ISSUER https lt your auth domain gt set OKTA OAUTH CLIENT ID lt your client id gt set OKTA OAUTH CLIENT SECRET lt your client secret gt Then run source okta env or okta env bat on Windows to set these environment variables in your current shell Finally run mvnw or mvnw on Windows to start the app source okta env run okta env bat on Windows mvnw Pprod use mvnw Pprod on WindowsTo view the app you can then open http localhost in your favorite browser Click Login and you ll be prompted to log in with Auth You ll also be asked for consent This is because the app is requesting access to your profile and email address Click Accept to continue Once you re authenticated you ll see a link to manage your JUG Tours You should be able to add new groups and events as well as edit and delete them Verify Cypress end to end tests passYou can verify everything works by executing the Cypress tests that are included in the project First add environment variables for your credentials to the okta env or okta env bat file you created earlier export CYPRESS EE DOMAIN lt your auth domain gt use the raw value no https prefixexport CYPRESS EE USERNAME lt your email gt export CYPRESS EE PASSWORD lt your password gt Then run source okta env or okta env bat on Windows to set these environment variables Finally run npm run ee to start the app and run the Cypress tests cd appnpm run eePretty slick don t you think Read on if you d like to see how I created this app Create a Java REST API with Spring BootThe easiest way to create a new Spring Boot app is to navigate to start spring io and make the following selections Project Maven ProjectGroup com okta developerArtifact jugtoursDependencies JPA H Web ValidationClick Generate Project expand jugtours zip after downloading and open the project in your favorite IDE You can also use this link or HTTPie to create the project from the command line https start spring io starter zip type maven project bootVersion dependencies data jpa h web validation language java platformVersion name jugtours artifactId jugtours groupId com okta developer packageName com okta developer jugtours baseDir jugtours tar xzvf Add a JPA domain modelOpen the jugtours project in your favorite IDE Create a src main java com okta developer jugtours model directory and a Group java class in it package com okta developer jugtours model import jakarta persistence import jakarta validation constraints NotNull import java util Set Entity Table name user group public class Group Id GeneratedValue private Long id NotNull private String name private String address private String city private String stateOrProvince private String country private String postalCode ManyToOne cascade CascadeType PERSIST private User user OneToMany fetch FetchType EAGER cascade CascadeType ALL private Set lt Event gt events JPA requires a default constructor public Group public Group String name this name name getters and setters equals hashcode and toString omitted for brevity Why not Lombok See Want Lombok anyway See and revert Create an Event java class in the same package package com okta developer jugtours model import jakarta persistence Entity import jakarta persistence GeneratedValue import jakarta persistence Id import jakarta persistence ManyToMany import java time Instant import java util Set Entitypublic class Event Id GeneratedValue private Long id private Instant date private String title private String description ManyToMany private Set lt User gt attendees public Event public Event Instant date String title String description this date date this title title this description description you can generate the getters and setters using your IDE And a User java class package com okta developer jugtours model import jakarta persistence Entity import jakarta persistence Id import jakarta persistence Table import java util Objects Entity Table name users public class User Id private String id private String name private String email public User public User String id String name String email this id id this name name this email email getters and setters omitted for brevity Create a GroupRepository java to manage the group entity package com okta developer jugtours model import org springframework data jpa repository JpaRepository import java util List public interface GroupRepository extends JpaRepository lt Group Long gt Group findByName String name To load some default data create an Initializer java class in the com okta developer jugtours package package com okta developer jugtours import com okta developer jugtours model Event import com okta developer jugtours model Group import com okta developer jugtours model GroupRepository import org springframework boot CommandLineRunner import org springframework stereotype Component import java time Instant import java util Collections import java util stream Stream Componentclass Initializer implements CommandLineRunner private final GroupRepository repository public Initializer GroupRepository repository this repository repository Override public void run String strings Stream of Omaha JUG Kansas City JUG Chicago JUG Dallas JUG Philly JUG Garden State JUG NY Java SIG forEach name gt repository save new Group name Group jug repository findByName Garden State JUG Event e new Event Instant parse T Z OAuth for Java Developers Learn all about OAuth and OIDC Java jug setEvents Collections singleton e repository save jug repository findAll forEach System out println Start your app with mvn spring boot run and you should see groups and events being created Add a GroupController java class in src main java jugtours web that allows you to CRUD groups package com okta developer jugtours web import com okta developer jugtours model Group import com okta developer jugtours model GroupRepository import jakarta validation Valid import org slfj Logger import org slfj LoggerFactory import org springframework http HttpStatus import org springframework http ResponseEntity import org springframework web bind annotation import java net URI import java net URISyntaxException import java util Collection import java util Optional RestController RequestMapping api class GroupController private final Logger log LoggerFactory getLogger GroupController class private final GroupRepository groupRepository public GroupController GroupRepository groupRepository this groupRepository groupRepository GetMapping groups Collection lt Group gt groups return groupRepository findAll GetMapping group id ResponseEntity lt gt getGroup PathVariable Long id Optional lt Group gt group groupRepository findById id return group map response gt ResponseEntity ok body response orElse new ResponseEntity lt gt HttpStatus NOT FOUND PostMapping group ResponseEntity lt Group gt createGroup Valid RequestBody Group group throws URISyntaxException log info Request to create group group Group result groupRepository save group return ResponseEntity created new URI api group result getId body result PutMapping group id ResponseEntity lt Group gt updateGroup Valid RequestBody Group group log info Request to update group group Group result groupRepository save group return ResponseEntity ok body result DeleteMapping group id public ResponseEntity lt gt deleteGroup PathVariable Long id log info Request to delete group id groupRepository deleteById id return ResponseEntity ok build Restart the app hit http localhost api groups with HTTPie and you should see the list of groups http api groupsYou can create read update and delete groups with the following commands http POST api group name SF JUG city San Francisco country USAhttp api group http PUT api group id name SF JUG address By the Bay http DELETE api group Create an Angular App with the Angular CLIThe Angular CLI was a revolutionary tool when it was released in It s now the standard way to create new Angular projects and the easiest way to get started with Angular Many web frameworks have adopted similar tools to improve their developer experience You don t have to install Angular CLI globally The npx command can install and run it for you npx angular cli new app routing style cssOf course you can use the tried and true npm i g angular cli and ng new app routing style css if you prefer You can even remove the version number if you want to live on the edge After the app creation process completes navigate into the app directory and install Angular Material to make the UI look beautiful particularly on mobile devices cd appng add angular materialYou ll be prompted to choose a theme set up typography styles and include animations Select the defaults Modify app src app app component html and move the CSS at the top to app component css lt div class toolbar role banner gt lt div gt lt div class content role main gt lt router outlet gt lt router outlet gt lt div gt Call your Spring Boot API and display the resultsUpdate app component ts to fetch the list of groups when it loads import Component OnInit from angular core import HttpClient from angular common http import Group from model group Component selector app root templateUrl app component html styleUrls app component css export class AppComponent implements OnInit title JUG Tours loading true groups Group constructor private http HttpClient ngOnInit this loading true this http get lt Group gt api groups subscribe data Group gt this groups data this loading false Before this compiles you ll need to create a app src app model group ts file with the following contents export class Group id number null name string constructor group Partial lt Group gt this id group id null this name group name And add HttpClientModule to app module ts import HttpClientModule from angular common http NgModule imports HttpClientModule export class AppModule Then modify the app component html file to display the list of groups lt div class content role main gt lt h gt title lt h gt lt div ngIf loading gt lt p gt Loading lt p gt lt div gt lt div ngFor let group of groups gt lt div gt group name lt div gt lt div gt lt router outlet gt lt router outlet gt lt div gt Create a file called proxy conf js in the src folder of your Angular project and use it to define your proxies const PROXY CONFIG context api target http localhost secure true logLevel debug module exports PROXY CONFIG Update angular json and its serve command to use the proxy serve builder angular devkit build angular dev server configurations production browserTarget app build production development browserTarget app build development proxyConfig src proxy conf js defaultConfiguration development Stop your app with Ctrl C and restart it with npm start Now you should see a list of groups in your Angular app Build an Angular GroupList componentAngular is a component framework that allows you to separate concerns easily You don t want to render everything in your main AppComponent so create a new component to display the list of groups ng g c group list standaloneThis command will create a new component in src app group list with a TypeScript file HTML template CSS file and a test file The standalone flag is new in Angular and allows you to isolate components to be self contained and therefore easier to distribute You don t need to use it if you re following along but the final code uses it Replace the code in group list component ts with the following import Component from angular core import CommonModule from angular common import Group from model group import HttpClient from angular common http import RouterLink from angular router import MatButtonModule from angular material button import MatTableModule from angular material table import MatIconModule from angular material icon Component selector app group list standalone true imports CommonModule RouterLink MatButtonModule MatTableModule MatIconModule templateUrl group list component html styleUrls group list component css export class GroupListComponent title Group List loading true groups Group displayedColumns id name events actions feedback any constructor private http HttpClient ngOnInit this loading true this http get lt Group gt api groups subscribe data Group gt this groups data this loading false this feedback delete group Group void if confirm Are you sure you want to delete group name this http delete api group group id subscribe next gt this feedback type success message Delete was successful setTimeout gt this ngOnInit error gt this feedback type warning message Error deleting protected readonly event event Update its HTML template to use Angular Material s table component lt nav aria label breadcrumb gt lt ol class breadcrumb gt lt li class breadcrumb item gt lt a routerLink gt Home lt a gt lt li gt lt li class breadcrumb item active gt Groups lt li gt lt ol gt lt nav gt lt a routerLink group new mat raised button color primary style float right id add gt Add Group lt a gt lt h gt title lt h gt lt div ngIf loading else list gt lt p gt Loading lt p gt lt div gt lt ng template list gt lt div ngIf feedback message class alert alert feedback type gt feedback message lt div gt lt table mat table dataSource groups gt lt ng container matColumnDef id gt lt mat header cell matHeaderCellDef gt ID lt mat header cell gt lt mat cell matCellDef let item gt item id lt mat cell gt lt ng container gt lt ng container matColumnDef name gt lt mat header cell matHeaderCellDef gt Name lt mat header cell gt lt mat cell matCellDef let item gt item name lt mat cell gt lt ng container gt lt ng container matColumnDef events gt lt mat header cell matHeaderCellDef gt Events lt mat header cell gt lt mat cell matCellDef let item gt lt ng container ngFor let event of item events gt event date date event title lt br gt lt ng container gt lt mat cell gt lt ng container gt lt ng container matColumnDef actions gt lt mat header cell matHeaderCellDef gt Actions lt mat header cell gt lt mat cell matCellDef let item gt lt a routerLink group item id mat raised button color accent gt Edit lt a gt amp nbsp lt button click delete item mat button color warn gt lt mat icon gt delete lt mat icon gt lt button gt lt mat cell gt lt ng container gt lt mat header row matHeaderRowDef displayedColumns gt lt mat header row gt lt mat row matRowDef let row columns displayedColumns gt lt mat row gt lt table gt lt ng template gt Create a HomeComponent to display a welcome message and a link to the groups page This component will be the default route for the app ng g c home standaloneUpdate home component html with the following lt a mat button color primary href groups gt Manage JUG Tour lt a gt Change app component html to remove the list of groups above lt router outlet gt lt div class content role main gt lt router outlet gt lt router outlet gt lt div gt And remove the groups fetching logic from app component ts import Component from angular core Component selector app root templateUrl app component html styleUrls app component css export class AppComponent title JUG Tours Add a route for the HomeComponent and GroupListComponent to app routing module ts import HomeComponent from home home component import GroupListComponent from group list group list component export const routes Routes path redirectTo home pathMatch full path home component HomeComponent path groups component GroupListComponent Update the CSS in styles css to have rules for the breadcrumb and alert classes ol breadcrumb padding list style type none breadcrumb item active color inherit font weight breadcrumb item color FB font size rem text decoration underline cursor pointer breadcrumb item breadcrumb item padding left rem breadcrumb item breadcrumb item before display inline block padding right rem color rgb content ol breadcrumb li list style type none ol breadcrumb li list style type none display inline alert padding rem rem margin bottom rem border px solid transparent alert success color background color dedda border color cecb alert error color c background color fdda border color fccb Run npm start in your app directory to see how everything looks Click on Manage JUG Tour and you should see a list of the default groups To squish the Actions column to the right add the following to group list component css mat column actions flex px Your Angular app should update itself as you make changes It s great to see your Spring Boot API s data in your Angular app but it s no fun if you can t modify it Build an Angular GroupEdit componentCreate a group edit component and use Angular s HttpClient to fetch the group resource with the ID from the URL ng g c group edit standaloneAdd a route for this component to app routing module ts import GroupEditComponent from group edit group edit component export const routes Routes path group id component GroupEditComponent Replace the code in group edit component ts with the following import Component OnInit from angular core import CommonModule from angular common import ActivatedRoute Router RouterLink from angular router import map of switchMap from rxjs import Group from model group import Event from model event import HttpClient from angular common http import MatInputModule from angular material input import FormsModule from angular forms import MatButtonModule from angular material button import MatDatepickerModule from angular material datepicker import MatIconModule from angular material icon import MatNativeDateModule from angular material core import MatTooltipModule from angular material tooltip Component selector app group edit standalone true imports CommonModule MatInputModule FormsModule MatButtonModule RouterLink MatDatepickerModule MatIconModule MatNativeDateModule MatTooltipModule templateUrl group edit component html styleUrls group edit component css export class GroupEditComponent implements OnInit group Group feedback any constructor private route ActivatedRoute private router Router private http HttpClient ngOnInit this route params pipe map p gt p id switchMap id gt if id new return of new Group return this http get lt Group gt api group id subscribe next group gt this group group this feedback error gt this feedback type warning message Error loading save const id this group id const method id put post this http method lt Group gt api group id id this group subscribe next gt this feedback type success message Save was successful setTimeout async gt await this router navigate groups error gt this feedback type error message Error saving async cancel await this router navigate groups addEvent this group events push new Event removeEvent index number this group events splice index Create a model event ts file so this component will compile export class Event id number null date Date null title string constructor event Partial lt Event gt this id event id null this date event date null this title event title Update model group ts to include the Event class import Event from event export class Group id number null name string events Event constructor group Partial lt Group gt this id group id null this name group name this events group events The GroupEditComponent needs to render a form so update group edit component html with the following lt nav aria label breadcrumb gt lt ol class breadcrumb gt lt li class breadcrumb item gt lt a routerLink gt Home lt a gt lt li gt lt li class breadcrumb item gt lt a routerLink groups gt Groups lt a gt lt li gt lt li class breadcrumb item active gt Edit Group lt li gt lt ol gt lt nav gt lt h gt Group Information lt h gt lt div ngIf feedback message class alert alert feedback type gt feedback message lt div gt lt form ngIf group editForm ngForm ngSubmit save gt lt mat form field class full width ngIf group id gt lt mat label gt ID lt mat label gt lt input matInput ngModel group id id id name id placeholder ID readonly gt lt mat form field gt lt mat form field class full width gt lt mat label gt Name lt mat label gt lt input matInput ngModel group name id name name name placeholder Name required gt lt mat form field gt lt h ngIf group events length gt Events lt h gt lt div ngFor let event of group events index as i class full width gt lt mat form field style width gt lt mat label gt Date lt mat label gt lt input matInput matDatepicker picker ngModel group events i date name group events i date placeholder Date gt lt mat datepicker toggle matSuffix for picker gt lt mat datepicker toggle gt lt mat datepicker picker gt lt mat datepicker gt lt mat form field gt lt mat form field style width gt lt mat label gt Title lt mat label gt lt input matInput ngModel group events i title name group events i title placeholder Title gt lt mat form field gt lt button mat icon button click removeEvent i aria label Remove Event style float right margin px px gt lt mat icon gt delete lt mat icon gt lt button gt lt div gt lt div class button row role group gt lt button type button mat mini fab color accent click addEvent aria label Add Event ngIf group id matTooltip Add Event style float right margin top px gt lt mat icon gt add lt mat icon gt lt button gt lt button type submit mat raised button color primary disabled editForm form valid id save gt Save lt button gt lt button type button mat button color accent click cancel id cancel gt Cancel lt button gt lt div gt lt form gt If you look closely you ll notice this component allows you to edit events for a group This component is an excellent example of how to handle nested objects in Angular Update group edit component css to make things look better on all devices form h min width px max width px width margin px auto alert max width px margin auto full width width Now with your Angular app running you should be able to add and edit groups Yaasss To make the navbar at the top use Angular Material colors update app component html with the following lt mat toolbar role banner color primary class toolbar gt lt img width alt Angular Logo src ​data​ image svg xml base PHNZyBbWxucziaHRcDovLddyMyvcmcvMjAwMCzdmciIHZpZXdCbgIjAgMCAyNTAgMjUwIjKICAgIDxwYXRoIGZpbGwIiNERDAwMzEiIGQIkxMjUgMzBMMzEuOSAMyybDELjIgMTIzLjFMMTIIDIzMGwOCLTQzLjcgMTQuMixMjMuMXoiIC CiAgICAcGFaCBmaWxsPSIjQzMwMDJGIiBkPSJNMTIIDMwdjIyLjItLjFWMjMwbDcLjktNDMuNyAxNCyLTEyMyxTDEyNSAzMHoiIC CiAgICAcGFaCAgZmlsbDiIZGRkZGRiIgZDiTTEyNSAMixTDYLjggMTgyLjZoMjEuNwxMSLTILjJoNDkuNGwxMSIDILjJIMTgzTDEyNSAMixemxNyAMyzaCzNGwxNyMCIDEIDQwLjlIiAvPgogIDwvcZnPg gt lt span gt title lt span gt lt div class spacer gt lt div gt lt a aria label OktaDev on Twitter target blank rel noopener href title Twitter gt lt svg id twitter logo height data name Logo xmlns viewBox gt lt rect width height fill none gt lt path d M c A a A a A c a A a fill fff gt lt svg gt lt a gt lt a aria label OktaDev on YouTube target blank rel noopener href title YouTube gt lt svg id youtube logo height width data name Logo xmlns viewBox fill fff gt lt path d M hvHVz fill none gt lt path d M c C s c C s c C s c C s zM Vl z gt lt svg gt lt a gt lt mat toolbar gt Since this is not a standalone component you must import MatToolbarModule in app module ts import MatToolbarModule from angular material toolbar NgModule imports MatToolbarModule export class AppModule Make some adjustments in app component css to make the toolbar look nicer In the toolbar rule remove the background color and color properties Change the margin for twitter logo and youtube logo to px px Change the content rule to have a margin of px auto px and align items stretch Now the app fills the screen more and the toolbar has matching colors Secure Spring Boot with OpenID Connect and OAuthI love building simple CRUD apps to learn a new tech stack but I think it s even cooler to build a secure one So let s do that Spring Security added support for OpenID Connect OIDC in version circa This is awesome because it means you can use Spring Security to secure your app with a third party identity provider IdP like Auth This is a much better option than trying to build your own authentication system and store user credentials Add the Okta Spring Boot starter to do OIDC authentication in your pom xml This will also add Spring Security to your app lt dependency gt lt groupId gt com okta spring lt groupId gt lt artifactId gt okta spring boot starter lt artifactId gt lt version gt lt version gt lt dependency gt Install the Auth CLI if you haven t already and run auth login in a shell Next run auth apps create to register a new OIDC app with appropriate callbacks auth apps create name Bootiful Angular description Spring Boot Angular ️ type regular callbacks http localhost login oauth code okta http localhost login oauth code okta logout urls http localhost http localhost reveal secretsCopy the returned values from this command into an okta env file export OKTA OAUTH ISSUER https lt your auth domain gt export OKTA OAUTH CLIENT ID lt your client id gt export OKTA OAUTH CLIENT SECRET lt your client secret gt If you re on Windows use set instead of export to set these environment variables and name the file okta env bat set OKTA OAUTH ISSUER https lt your auth domain gt set OKTA OAUTH CLIENT ID lt your client id gt set OKTA OAUTH CLIENT SECRET lt your client secret gt Add env to your gitignore file so you don t accidentally expose your client secret Then run source okta env or okta env bat on Windows to set these environment variables in your current shell Finally run mvnw or mvnw on Windows to start the app source okta env mvnw spring boot runTIP You might have to run chmod x mvnw to execute the Maven wrapper script You can then open http localhost in your favorite browser You ll be redirected to authenticate and returned afterward You ll see a error from Spring Boot since you have nothing mapped to the default route Configure Spring Security for maximum protectionTo make Spring Security Angular friendly create a SecurityConfiguration java file in src main java jugtours config Create the config directory and put this class in it package com okta developer jugtours config import com okta developer jugtours web CookieCsrfFilter import org springframework context annotation Bean import org springframework context annotation Configuration import org springframework security config annotation web builders HttpSecurity import org springframework security web SecurityFilterChain import org springframework security web authentication www BasicAuthenticationFilter import org springframework security web csrf CookieCsrfTokenRepository import org springframework security web csrf CsrfTokenRequestAttributeHandler import static org springframework security config Customizer withDefaults Configurationpublic class SecurityConfiguration Bean public SecurityFilterChain filterChain HttpSecurity http throws Exception http authorizeHttpRequests authz gt authz requestMatchers index html ico css js api user permitAll anyRequest authenticated oauthLogin withDefaults oauthResourceServer oauth gt oauth jwt withDefaults csrf csrf gt csrf csrfTokenRepository CookieCsrfTokenRepository withHttpOnlyFalse csrfTokenRequestHandler new CsrfTokenRequestAttributeHandler addFilterAfter new CookieCsrfFilter BasicAuthenticationFilter class return http build This class has a lot going on so let me explain a few things In previous versions of Spring Security there was an authorizeRequests lambda you could use to secure paths Since Spring Security it s deprecated and you should use authorizeHttpRequests The authorizeRequests lambda is permissive by default which means any paths you don t specify will be allowed The recommended way shown here with authorizeHttpRequests denies by default This means you have to specify the resources you want to allow Spring Security to serve up as well as the ones that the Angular app has The requestMatchers line defines the URLs allowed for anonymous users You will soon configure things so your Spring Boot app serves up your Angular app hence the reason for allowing index html and web files You might also notice an exposed api user path Configuring CSRF cross site request forgery protection with CookieCsrfTokenRepository withHttpOnlyFalse means that the XSRF TOKEN cookie won t be marked HTTP only so Angular can read it and send it back when it tries to manipulate data The CsrfTokenRequestAttributeHandler is no longer the default so you have to configure it as the request handler To learn more you can read this Stack Overflow answer Basically since we re not sending the CSRF token to an HTML page we don t have to worry about BREACH attacks This means we can revert to the previous default from Spring Security You ll need to create the CookieCsrfFilter class that s added because Spring Security no longer sets the cookie for you Create it in the web package package com okta developer jugtours web import jakarta servlet FilterChain import jakarta servlet ServletException import jakarta servlet http HttpServletRequest import jakarta servlet http HttpServletResponse import org springframework security web csrf CsrfToken import org springframework web filter OncePerRequestFilter import java io IOException Spring Security doesn t set an XSRF TOKEN cookie by default This solution is lt a href issuecomment gt recommended by Spring Security lt a gt public class CookieCsrfFilter extends OncePerRequestFilter inheritDoc Override protected void doFilterInternal HttpServletRequest request HttpServletResponse response FilterChain filterChain throws ServletException IOException CsrfToken csrfToken CsrfToken request getAttribute CsrfToken class getName response setHeader csrfToken getHeaderName csrfToken getToken filterChain doFilter request response Create src main java jugtours web UserController java and populate it with the following code Angular will use this API to find out if a user is authenticated and perform global logout package com okta developer jugtours web import jakarta servlet http HttpServletRequest import org springframework http HttpHeaders import org springframework http HttpStatus import org springframework http ResponseEntity import org springframework security core annotation AuthenticationPrincipal import org springframework security oauth client registration ClientRegistration import org springframework security oauth client registration ClientRegistrationRepository import org springframework security oauth core user OAuthUser import org springframework web bind annotation GetMapping import org springframework web bind annotation PostMapping import org springframework web bind annotation RestController import java text MessageFormat import static java util Map of RestControllerpublic class UserController private final ClientRegistration registration public UserController ClientRegistrationRepository registrations this registration registrations findByRegistrationId okta GetMapping api user public ResponseEntity lt gt getUser AuthenticationPrincipal OAuthUser user if user null return new ResponseEntity lt gt HttpStatus OK else return ResponseEntity ok body user getAttributes PostMapping api logout public ResponseEntity lt gt logout HttpServletRequest request send logout URL to client so they can initiate logout var issuerUri registration getProviderDetails getIssuerUri var originUrl request getHeader HttpHeaders ORIGIN Object params issuerUri registration getClientId originUrl Yes We Auth should have an end session endpoint in our OIDC metadata It s not included at the time of this writing but will be coming soon var logoutUrl MessageFormat format v logout client id amp returnTo params request getSession invalidate return ResponseEntity ok body of logoutUrl logoutUrl You ll also want to add user information when creating groups so that you can filter by your JUG tour Add a UserRepository java in the same directory as GroupRepository java package com okta developer jugtours model import org springframework data jpa repository JpaRepository public interface UserRepository extends JpaRepository lt User String gt Add a new findAllByUserId String id method to GroupRepository java List lt Group gt findAllByUserId String id Then inject UserRepository into GroupController java and use it to create or grab an existing user when adding a new group While you re there modify the groups method to filter by user package com okta developer jugtours web import com okta developer jugtours model Group import com okta developer jugtours model GroupRepository import com okta developer jugtours model User import com okta developer jugtours model UserRepository import org slfj Logger import org slfj LoggerFactory import org springframework http HttpStatus import org springframework http ResponseEntity import org springframework security core annotation AuthenticationPrincipal import org springframework security oauth core user OAuthUser import org springframework web bind annotation import jakarta validation Valid import java net URI import java net URISyntaxException import java security Principal import java util Collection import java util Map import java util Optional RestController RequestMapping api class GroupController private final Logger log LoggerFactory getLogger GroupController class private final GroupRepository groupRepository private final UserRepository userRepository public GroupController GroupRepository groupRepository UserRepository userRepository this groupRepository groupRepository this userRepository userRepository GetMapping groups Collection lt Group gt groups Principal principal return groupRepository findAllByUserId principal getName GetMapping group id ResponseEntity lt gt getGroup PathVariable Long id Optional lt Group gt group groupRepository findById id return group map response gt ResponseEntity ok body response orElse new ResponseEntity lt gt HttpStatus NOT FOUND PostMapping group ResponseEntity lt Group gt createGroup Valid RequestBody Group group AuthenticationPrincipal OAuthUser principal throws URISyntaxException log info Request to create group group Map lt String Object gt details principal getAttributes String userId details get sub toString check to see if user already exists Optional lt User gt user userRepository findById userId group setUser user orElse new User userId details get name toString details get email toString Group result groupRepository save group return ResponseEntity created new URI api group result getId body result PutMapping group id ResponseEntity lt Group gt updateGroup Valid RequestBody Group group log info Request to update group group Group result groupRepository save group return ResponseEntity ok body result DeleteMapping group id public ResponseEntity lt gt deleteGroup PathVariable Long id log info Request to delete group id groupRepository deleteById id return ResponseEntity ok build To highlight the changes please review the groups and createGroup methods above I think it s pretty slick that Spring JPA will create the findAllByUserId method query for you Update Angular to handle CSRF and be identity awareI like Angular because it s a secure first framework It has built in support for CSRF and it s easy to make it identity aware Let s do both Angular s HttpClient supports the client side half of the CSRF protection It ll read the cookie sent by Spring Boot and return it in an X XSRF TOKEN header You can read more about this at Angular s Security docs Update your Angular app s authentication mechanismCreate a new AuthService class to communicate with your Spring Boot API for authentication information Add the following code to a new file at app src app auth service ts import Injectable from angular core import Location from angular common import BehaviorSubject lastValueFrom Observable from rxjs import HttpClient HttpHeaders from angular common http import map from rxjs operators import User from model user const headers new HttpHeaders set Accept application json Injectable providedIn root export class AuthService authenticationState new BehaviorSubject lt boolean gt false constructor private http HttpClient private location Location getUser Observable lt User gt return this http get lt User gt api user headers pipe map response User gt if response null this authenticationState next true return response async isAuthenticated Promise lt boolean gt const user await lastValueFrom this getUser return user null login void location href location origin this location prepareExternalUrl oauth authorization okta logout void this http post api logout withCredentials true subscribe response any gt location href response logoutUrl Add the referenced User class to app src app model user ts export class User email number name string Modify home component ts to use AuthService to see if the user is logged in import Component OnInit from angular core import CommonModule from angular common import MatButtonModule from angular material button import AuthService from auth service import User from model user import RouterLink from angular router Component selector app home standalone true imports CommonModule MatButtonModule RouterLink templateUrl home component html styleUrls home component css export class HomeComponent implements OnInit isAuthenticated boolean user User constructor public auth AuthService async ngOnInit this isAuthenticated await this auth isAuthenticated await this auth getUser subscribe data gt this user data Modify home component html to show the Login button if the user is not logged in Otherwise show a Logout button lt div ngIf user else login gt lt h gt Welcome user name lt h gt lt a mat button color primary routerLink groups gt Manage JUG Tour lt a gt lt br gt lt br gt lt button mat raised button color primary click auth logout id logout gt Logout lt button gt lt div gt lt ng template login gt lt p gt Please log in to manage your JUG Tour lt p gt lt button mat raised button color primary click auth login id login gt Login lt button gt lt ng template gt Update app src proxy conf js to have additional proxy paths for oauth and login const PROXY CONFIG context api oauth login After all these changes you should be able to restart both Spring Boot and Angular and witness the glory of securely planning your very own JUG Tour Configure Maven to Package Angular with Spring BootTo build and package your React app with Maven you can use the frontend maven plugin and Maven s profiles to activate it Add properties for versions and a lt profiles gt section to your pom xml lt properties gt lt frontend maven plugin version gt lt frontend maven plugin version gt lt node version gt v lt node version gt lt npm version gt lt npm version gt lt properties gt lt profiles gt lt profile gt lt id gt dev lt id gt lt activation gt lt activeByDefault gt true lt activeByDefault gt lt activation gt lt properties gt lt spring profiles active gt dev lt spring profiles active gt lt properties gt lt profile gt lt profile gt lt id gt prod lt id gt lt build gt lt plugins gt lt plugin gt lt artifactId gt maven resources plugin lt artifactId gt lt executions gt lt execution gt lt id gt copy resources lt id gt lt phase gt process classes lt phase gt lt goals gt lt goal gt copy resources lt goal gt lt goals gt lt configuration gt lt outputDirectory gt basedir target classes static lt outputDirectory gt lt resources gt lt resource gt lt directory gt app dist app lt directory gt lt resource gt lt resources gt lt configuration gt lt execution gt lt executions gt lt plugin gt lt plugin gt lt groupId gt com github eirslett lt groupId gt lt artifactId gt frontend maven plugin lt artifactId gt lt version gt frontend maven plugin version lt version gt lt configuration gt lt workingDirectory gt app lt workingDirectory gt lt configuration gt lt executions gt lt execution gt lt id gt install node lt id gt lt goals gt lt goal gt install node and npm lt goal gt lt goals gt lt configuration gt lt nodeVersion gt node version lt nodeVersion gt lt npmVersion gt npm version lt npmVersion gt lt configuration gt lt execution gt lt execution gt lt id gt npm install lt id gt lt goals gt lt goal gt npm lt goal gt lt goals gt lt phase gt generate resources lt phase gt lt execution gt lt execution gt lt id gt npm test lt id gt lt goals gt lt goal gt npm lt goal gt lt goals gt lt phase gt test lt phase gt lt configuration gt lt arguments gt test watch false lt arguments gt lt configuration gt lt execution gt lt execution gt lt id gt npm build lt id gt lt goals gt lt goal gt npm lt goal gt lt goals gt lt phase gt compile lt phase gt lt configuration gt lt arguments gt run build lt arguments gt lt configuration gt lt execution gt lt executions gt lt plugin gt lt plugins gt lt build gt lt properties gt lt spring profiles active gt prod lt spring profiles active gt lt properties gt lt profile gt lt profiles gt While you re at it add the active profile setting to src main resources application properties spring profiles active spring profiles active After adding this you should be able to run mvn spring boot run Pprod and see your app running at http localhost If you start at the root everything will work fine since Angular will handle routing However if you refresh the page when you re at http localhost groups you ll get a error since Spring Boot doesn t have a route for groups To fix this add a SpaWebFilter that conditionally forwards to the Angular app package com okta developer jugtours web import jakarta servlet FilterChain import jakarta servlet ServletException import jakarta servlet http HttpServletRequest import jakarta servlet http HttpServletResponse import org springframework web filter OncePerRequestFilter import java io IOException public class SpaWebFilter extends OncePerRequestFilter Forwards any unmapped paths except those containing a period to the client code index html Override protected void doFilterInternal HttpServletRequest request HttpServletResponse response FilterChain filterChain throws ServletException IOException String path request getRequestURI if path startsWith api amp amp path startsWith login amp amp path startsWith oauth amp amp path contains amp amp path matches request getRequestDispatcher index html forward request response return filterChain doFilter request response And add to your SecurityConfiguration java class addFilterAfter new SpaWebFilter BasicAuthenticationFilter class Now if you restart and reload the page everything will work as expected Verify Everything Works with CypressIn this section you ll learn how to integrate Cypress into this project to support end to end tests Add the Cypress Angular Schematic ng add cypress schematicSelect the default updates when prompted Then update app cypress support commands ts to add a login username password method eslint disable typescript eslint no namespace eslint disable typescript eslint no use before define eslint disable next line spaced comment lt reference types cypress gt Cypress Commands add login username string password string gt Cypress log message Authenticating username autoEnd false cy origin Cypress env EE DOMAIN args username password username password gt cy get input name username type username cy get input name password type password enter log false declare global namespace Cypress interface Chainable login username string password string Cypress Chainable Convert this to a module instead of script allows import export export Update app cypress support ee ts to log in before each test and log out after import commands beforeEach gt if Cypress env EE USERNAME undefined console error EE USERNAME is not defined alert EE USERNAME is not defined return cy visit cy get login click cy login Cypress env EE USERNAME Cypress env EE PASSWORD afterEach gt cy visit cy get logout click Add a app cypress ee home cy ts test to verify that the home page loads describe Home gt beforeEach gt cy visit it Visits the initial app page gt cy contains JUG Tours cy contains Logout Create a groups cy ts in the same directory to test CRUD on groups describe Groups gt beforeEach gt cy visit groups it add button should exist gt cy get add should exist it should add a new group gt cy get add click cy get name type Test Group cy get save click cy get alert success should exist it should edit a group gt cy get a last click cy get name should have value Test Group cy get cancel click it should delete a group gt cy get button last click cy on window confirm gt true cy get alert success should exist Add environment variables with your credentials to the okta env or okta env bat file you created earlier export CYPRESS EE DOMAIN lt your auth domain gt use the raw value no https prefixexport CYPRESS EE USERNAME lt your email gt export CYPRESS EE PASSWORD lt your password gt Then run source okta env or okta env bat on Windows to set these environment variables and start the app mvn spring boot run PprodIn another terminal window run the Cypress tests with Electron source okta envcd appnpx cypress run browser electron config baseUrl http localhost Fix Unit TestsIf you run npm test you ll see several failures That s because the components have dependencies that aren t imported in the tests Update home component spec ts to import HttpClientTestingModule import ComponentFixture TestBed from angular core testing import HomeComponent from home component import HttpClientTestingModule from angular common http testing describe HomeComponent gt let component HomeComponent let fixture ComponentFixture lt HomeComponent gt beforeEach gt TestBed configureTestingModule imports HomeComponent HttpClientTestingModule fixture TestBed createComponent HomeComponent component fixture componentInstance fixture detectChanges it should create gt expect component toBeTruthy In app component spec ts import MatToolBarModule and look for JUG Tours in the page import TestBed from angular core testing import RouterTestingModule from angular router testing import AppComponent from app component import MatToolbarModule from angular material toolbar describe AppComponent gt beforeEach gt TestBed configureTestingModule imports RouterTestingModule MatToolbarModule declarations AppComponent it should create the app gt const fixture TestBed createComponent AppComponent const app fixture componentInstance expect app toBeTruthy it should have as title app gt const fixture TestBed createComponent AppComponent const app fixture componentInstance expect app title toEqual JUG Tours it should render title gt const fixture TestBed createComponent AppComponent fixture detectChanges const compiled fixture nativeElement as HTMLElement expect compiled querySelector mat toolbar gt span textContent toContain JUG Tours Then update both group component tests to import HttpClientTestingModule and RouterTestingModule import HttpClientTestingModule from angular common http testing import RouterTestingModule from angular router testing describe gt beforeEach gt TestBed configureTestingModule imports HttpClientTestingModule RouterTestingModule Now npm test should pass If you run mvn test without setting environment variables your Java tests will fail too To fix this add a src test java com okta developer jugtours TestSecurityConfiguration java class to mock the OAuth provider package com okta developer jugtours import org springframework boot test context TestConfiguration import org springframework context annotation Bean import org springframework security oauth client InMemoryOAuthAuthorizedClientService import org springframework security oauth client OAuthAuthorizedClientService import org springframework security oauth client registration ClientRegistration import org springframework security oauth client registration ClientRegistrationRepository import org springframework security oauth client registration InMemoryClientRegistrationRepository import org springframework security oauth core AuthorizationGrantType import org springframework security oauth core ClientAuthenticationMethod import org springframework security oauth jwt JwtDecoder import java util HashMap import java util Map import static org mockito Mockito mock This class allows you to run unit and integration tests without an IdP TestConfigurationpublic class TestSecurityConfiguration Bean ClientRegistration clientRegistration return clientRegistrationBuilder build Bean ClientRegistrationRepository clientRegistrationRepository ClientRegistration clientRegistration return new InMemoryClientRegistrationRepository clientRegistration private ClientRegistration Builder clientRegistrationBuilder Map lt String Object gt metadata new HashMap lt gt metadata put end session endpoint return ClientRegistration withRegistrationId oidc issuerUri baseUrl redirectUri baseUrl action oauth code registrationId clientAuthenticationMethod ClientAuthenticationMethod CLIENT SECRET BASIC authorizationGrantType AuthorizationGrantType AUTHORIZATION CODE scope read user authorizationUri tokenUri jwkSetUri userInfoUri providerConfigurationMetadata metadata userNameAttributeName id clientName Client Name clientId client id clientSecret client secret Bean JwtDecoder jwtDecoder return mock JwtDecoder class Bean OAuthAuthorizedClientService authorizedClientService ClientRegistrationRepository clientRegistrationRepository return new InMemoryOAuthAuthorizedClientService clientRegistrationRepository Then update JugToursApplicationTests java in the same directory to use the new configuration SpringBootTest classes JugtoursApplication class TestSecurityConfiguration class Run mvn test again and your tests will pass Use GitHub Actions to Build and Test Your AppAdd a GitHub workflow at github workflows main yml to prove that your tests run in CI name JUG Tours CIon push pull request jobs build name Build and Test runs on ubuntu latest steps name Checkout uses actions checkout v name Set up Java uses actions setup java v with distribution temurin java version cache maven name Run tests run xvfb run mvn verify ntp Pprod name Run ee tests uses cypress io github action v with browser chrome start mvn spring boot run Pprod ntp f pom xml install false wait on http wait on timeout config baseUrl http localhost working directory app env OKTA OAUTH ISSUER secrets OKTA OAUTH ISSUER OKTA OAUTH CLIENT ID secrets OKTA OAUTH CLIENT ID OKTA OAUTH CLIENT SECRET secrets OKTA OAUTH CLIENT SECRET CYPRESS EE DOMAIN secrets CYPRESS EE DOMAIN CYPRESS EE USERNAME secrets CYPRESS EE USERNAME CYPRESS EE PASSWORD secrets CYPRESS EE PASSWORD name Upload screenshots uses actions upload artifact v if failure with name cypress screenshots path app cypress screenshotsYou can see this workflow in action on GitHub or you can try it yourself by creating a new GitHub repo and pushing your code to it Add environment variables for the above secrets to your GitHub repository at Settings gt Secrets and variables gt Actions gt New Repository Secret Push your changes to GitHub and watch the CI workflow run Build Something Fabulous with Spring Boot and Angular I hope this post has helped you learn how to build secure Angular and Spring Boot apps Using OpenID Connect is a recommended practice for authenticating full stack apps like this one and Auth makes it easy to do Adding CSRF protection and packaging your Spring Boot Angular app as a single artifact is super cool too We ve written some other fun Spring Boot Angular and JHipster tutorials Check them out Build a Simple CRUD App with Spring Boot and Vue jsUse React and Spring Boot to Build a Simple CRUD AppAdd OpenID Connect to Angular Apps QuicklyFull Stack Java with React Spring Boot and JHipsterI ve also written a couple of InfoQ mini books that you might find useful The JHipster Mini Book Shows how I built Points Health with JHipster Angular Spring Boot Bootstrap and more It includes a chapter on microservices with Spring Boot React and Auth The Angular Mini Book A practical guide to Angular Bootstrap and Spring Boot It uses Kotlin and Gradle recommended security practices and contains several cloud deployment guides If you have any questions please leave a comment below If you want to see the completed code for this tutorial check out its GitHub repo Follow us on Twitter and YouTube for more content like this 2023-08-30 02:12:46
海外TECH DEV Community How to implement SSL/TLS pinning in Node.js https://dev.to/snyk/how-to-implement-ssltls-pinning-in-nodejs-4f1a How to implement SSL TLS pinning in Node jsWith threat actors performing man in the middle MITM attacks having an SSL TLS certificate is no longer a valid reason to trust an incoming connection Consequently developers are increasingly adopting SSL TLS pinning also known as certificate or public key pinning as an additional measure to prove the authenticity and integrity of a connection In a Node js application SSL TLS pinning adds an extra layer of security by preventing attackers from intercepting and tampering with the communication between the client and the server  This article explains certificate pinning highlighting its benefits and use cases in Node js applications   When and why you should use SSL TLS pinningSSL TLS pinning is a security mechanism that helps protect against MITM and other certificate related attacks It does so by ensuring that a client such as a Node js application only connects to a server with a pre verified digital certificate This technique stores and uses specific certificates or public keys in host applications to compare to the server s public key or certificate We can hardcode the certificates or public keys into our applications through environment variables or store them externally in a key vault service for more flexibility  Certificate pinning reduces the risks of MITM attacks by considering all requests that don t have a matching pinned certificate as rogue and terminating them even if the request uses HTTPS It also helps to prevent other certificate related vulnerabilities such as certificate spoofing or tampering and compromised certificate authorities CAs  According to the Stack Overflow Developer Survey of developers use Node js making it a standard web technology for server side applications Modules built into Node js such as HTTPS add an extra layer of protection to an application by validating pinned certificates A Node js application using certificate pinning compares the certificate presented during the TLS handshake with the predefined certificate or public keys It terminates the request at the transport layer if there s a mismatch One use case for certificate pinning is with financial applications on mobile devices An MITM attack on such a device can be catastrophic to the owner as the device might transmit sensitive personal information such as credit card or contact information While newer mobile OS versions like Android Pie have security features that only allow applications to establish secure connections threat actors could launch phishing attacks by generating self signed certificates to access the device Certificate pinning ensures the application doesn t grant a rouge connection even if the device trusts the self signed certificate   Preparing for SSL TLS pinning implementationsWhen a client sends a network request to a server the transport layer initiates a secure handshake using the SSL TLS protocol The server presents its digital certificate which contains the public key used for encryption and authentication During the handshake the application retrieves the server s public key from the presented certificate The application compares the retrieved public key with a preconfigured or hardcoded copy of the public key If the public key matches the locally stored copy the connection is considered secure and the communication can proceed However if the keys don t match the application can terminate the link or take appropriate action based on its security policy such as raising an alert or refusing to send sensitive data CAs play a vital role in the certificate pinning process by providing the SSL TLS certificates to establish a secure connection The CA signs the certificate that the browser validates for web based applications or an OS chain of trust Certificate pinning is a further step to confirm the certificate is trusted TLS is a built in module in Node js that can extract a certificate object containing a public key field from a host The code below demonstrates how to use the TLS module to make a request to a host and retrieve the certificate in an object const tls require tls const host example com const port const socket tls connect port host gt const certificate socket getPeerCertificate const publicKey certificate publicKey console log Public Key publicKey console log Certificate certificate socket on error error gt console error Connection error error In this code the getPeerCertificate method is responsible for extracting the certificate We can also use the getPeerXCertificate method to retrieve the peer certificate in an xCertificate object format Implementing SSL TLS pinning in Node jsTo use SSL TLS pinning in a Node js application we must specify the key or certificate in the request configurations In HTTPS the ca cert and key properties in the https request options aid in SSL TLS pinning When pinning a certificate the ca property should specify an array containing the trusted privacy enhanced mail PEM encoded certificates or CA certificates The key property should specify an array containing private keys associated with a trusted server certificate  Snyk Code is a developer first static application security testing SAST tool that identifies security vulnerabilities in a codebase in real time during development It s available through command line interface CLI commands software development kits SDKs for continuous integration and continuous deployment CI CD pipelines web interfaces extensions for integrated development environments IDEs and code editors In a Node js project Snyk Code can detect and alert us when the support for SSL TLS certificates is missing To identify missing SSL TLS support use the code test command below to scan the project s codebase from your terminal The snyk ignore file path command allows us to ignore files or directories we don t want to include in the Snyk scan such as the node modules directory containing our Node js packages snyk code testAlthough SSL TLS pinning offers security benefits it could also be disastrous when poorly implemented without error handling Our pinning implementations should have a fail safe plan to handle edge cases such as when the pinned certificate is revoked or expired Error handling prevents the entire application from crashing when unable to confirm a certificate or public key Running audits can help us log such cases To start create a directory named snyk tls and use npm init y Use the following command to install the request package npm i requestThe code below demonstrates a pinned public key in a Node js application that matches the certificate public key for a GET request created with the HTTPS and request modules If the public key doesn t match the code aborts the request Create an index js file and add the following code to it const Agent require https Agent const request require request const PINNED KEY sha AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA var options url HOST URL headers User Agent Node js https agent new Agent maxCachedSessions strictSSL true var req request options err response body gt if err console log err else console log body req on socket socket gt socket on secureConnect gt var key socket getPeerCertificate publicKey if PINNED KEY includes key req emit error new Error Key does not match return req abort In the code above strictSSL configures the application to only use HTTPS to retrieve the publicKey for the certificate when a client makes the request It also checks the PINNED KEY array to determine if the public key is one of the allowed keys If the key isn t included the abort method terminates the request The maxCacheSessions property within the Agent constructor also configures the request module to prevent session caching so the code checks the pinned certificates upon every request For production we should store the public key or certificate using environment variables or a separate key vault service to prevent the public key from being exposed when we push the code to a code repository   Testing and maintaining SSL TLS pinningA great way to test the effectiveness of a pinning implementation is by simulating an MITM attack Tools like Mitmproxy or Wireshack allow us to create a test environment to monitor intercept and proxy network requests for a test host  To test the effectiveness of our SSL TLS pinning we must disable the pinned certificates and launch an MITM attack through a proxy to record the baseline behavior of the application s performance without pinning We then repeat the test with pinning enabled to see if the application can detect the proxy and terminate the connection  Comparing the certificate key hash is another way to test SSL TLS pinning A certificate hash is unique to the certificate as a cryptographic hash function maps data of arbitrary size to fixed size values representing the certificate This makes it a suitable option for validating a certificate Using the Node js crypto module we can generate a hash from the host s certificate and compare it to our expected public key hash A third way to test our SSL TLS pinning is using network scanning tools such as Nmap to perform an SSL port scan Nmap provides the ssl enum chipers command to scan an SSL port on a specified target Maintaining and updating pinned certificates or public keys is essential for maintaining the trust security and integrity of communication channels By staying up to date we can mitigate the risks associated with certificate compromise expiration and revocation while ensuring secure and authenticated connections Open the snyk tls folder in the terminal and run the command below echo n openssl s client connect google com servername google com sed ne BEGIN CERTIFICATE END CERTIFICATE p gt cert pemThis command generates a cert pem file containing the public certificate for google com Next create a main js file in the project folder Paste the code below import the required modulesconst tls require node tls const https require node https const exec require child process setting up the variablesconst certPath cert pem const command openssl x noout in certPath fingerprint sha generate SHA fingerprint of the certificateconst generate SHA fingerprint gt return new Promise resolve reject gt exec command error stdout stderr gt if error reject new Error Error executing OpenSSL command error return if stderr reject new Error OpenSSL command returned an error stderr return resolve stdout split trim verify the certificateconst verifyCertificate async gt try const cert await generate SHA fingerprint console log Pinned Certificate Fingerprint cert const options hostname google com port path method GET checkServerIdentity function host cert Make sure the certificate is issued to the host we are connected to const err tls checkServerIdentity host cert if err return err Pin the exact certificate if cert fingerprint cert const msg Certificate verification error The certificate of cert subject CN does not match our pinned fingerprint return new Error msg options agent new https Agent options const req https request options res gt console log All OK Server matched our pinned cert req on error e gt console error e message req end catch error console error Error generating SHA fingerprint error verifyCertificate The code above imports the required modules and defines two variables ーcertPath and command certPath defines the path to the certificate file command holds the value for the shell command to generate the certificate s SHA fingerprint The generate SHA fingerprint function uses the exec function to execute the openssl command that generates the certificate s SHA fingerprint This function returns a promise that resolves with the fingerprint The verifyCertificate function defines an options object to configure the HTTPS request This object specifies the hostname port path and method It also defines a checkServerIdentity function to verify the server certificate That function ensures the certificate belongs to the host we re connecting to and checks if the fingerprint matches the pinned fingerprint To test this script execute the command node main js in your terminal You should receive the following output All OK Server matched our pinned certTo update a pinned certificate or key we open the API file and run the openssl command that generates the cert pem file When using an external vault service to store the pinned certificates or public keys we can edit the values in the vault service without modifying our application code Scenarios that require updating our pinned certificates include Certificates or public keys expiringData leaksRevocation from the issuerCompliance policies from users to rotate the certificate after a specified duration ConclusionThis article taught us how to implement SSL TLS pinning in Node js applications SSL TLS pinning adds an extra layer of security by verifying the server s public key or certificate with a locally stored copy It helps protect our applications against MITM attacks and other certificate related vulnerabilities  Node js has built in modules like HTTPS that support certificate pinning We can apply SSL TLS pinning by comparing the public key during the TLS handshake and terminating the connection if there s a mismatch Proper error handling is also essential to avoid getting locked out in edge cases where a certificate or public key expires or an issuer revokes it Testing SSL TLS pinning in our applications by simulating attacks comparing key hashes and updating certificates or keys is a best practice to ensure its effectiveness Another best practice is to store public keys securely By leveraging SSL TLS pinning we can enhance the overall security of our Node js applications ensuring a reliable and safe user experience 2023-08-30 02:00:39
金融 ニッセイ基礎研究所 数字の「18」に関わる各種の話題-「18」という数字で皆さんは何を思い浮かべるのだろうか- https://www.nli-research.co.jp/topics_detail1/id=75933?site=nli これについても諸説あって、どれが正しいかは明らかではないようだが、つの説としては、後術する仏教の言葉「十八界」から、という数字の持つ「必要なものすべて」という意味に由来しているといわれているようだ。 2023-08-30 11:15:17
ニュース BBC News - Home Lucy Letby: NHS England 'persuaded' trust boss to take new job https://www.bbc.co.uk/news/uk-66651325?at_medium=RSS&at_campaign=KARANGA murder 2023-08-30 02:10:15
ビジネス 東洋経済オンライン 台湾で「日本酒の市場が拡大」背景にある事情 コロナ禍で輸出が拡大、提供する店も増える | 中国・台湾 | 東洋経済オンライン https://toyokeizai.net/articles/-/696406?utm_source=rss&utm_medium=http&utm_campaign=link_back 東洋経済オンライン 2023-08-30 11:30:00
ニュース Newsweek 日本の労働者の収入格差は、今やアメリカよりも大きい https://www.newsweekjapan.jp/stories/world/2023/08/post-102520.php 2023-08-30 11:30:00
ニュース Newsweek 「アフリカの危機は人類の課題」連携強化に向けた日本の役割とは【TICAD30年】 https://www.newsweekjapan.jp/stories/world/2023/08/ticad30.php アフリカで活動していた海外協力隊員が、日本に帰国後、スタートアップを立ち上げ、アフリカと日本との関係を丁寧に築いている例も多数あり、実は日本にとってアフリカは、かなり身近になってきていると私は感じています。 2023-08-30 11:30:00
マーケティング MarkeZine 【参加無料】アクション起点で顧客エンゲージメントを深めるための、基本的な考え方とは? http://markezine.jp/article/detail/43296 参加無料 2023-08-30 11:30:00
IT 週刊アスキー 【吉野家】牛丼並2つで864円!買えば買うほどオトク https://weekly.ascii.jp/elem/000/004/152/4152684/ 通常 2023-08-30 11:30:00
IT 週刊アスキー KDDI、Starlinkの通信衛星とスマホを直接通信! 既存のauスマホで可で2024年開始 https://weekly.ascii.jp/elem/000/004/152/4152926/ spacex 2023-08-30 11:20:00
IT 週刊アスキー ”アイススラリー”による深部体温の冷却に注目! https://weekly.ascii.jp/elem/000/004/147/4147875/ 大塚製薬 2023-08-30 11:30:00
マーケティング AdverTimes 情報を「人間」に向けて届けるには?「カロリーメイト リキッド」新プロモーション https://www.advertimes.com/20230830/article431990/ 情報を「人間」に向けて届けるには「カロリーメイトリキッド」新プロモーション大塚製薬は月日、「カロリーメイトリキッド」の新プロモーション「私はロボットではありません」を開始した。 2023-08-30 02:44:29
マーケティング AdverTimes 消費者庁に聞く、消費者保護とデジタル広告の監視強化方針 https://www.advertimes.com/20230830/article431885/ 品質向上 2023-08-30 02:00:44
マーケティング AdverTimes 第61回「宣伝会議賞」課題発表号/宣伝会議10月号 https://www.advertimes.com/20230830/article431871/ 企業倫理 2023-08-30 02:00:38

コメント

このブログの人気の投稿

投稿時間:2021-06-17 22:08:45 RSSフィード2021-06-17 22:00 分まとめ(2089件)

投稿時間:2021-06-20 02:06:12 RSSフィード2021-06-20 02:00 分まとめ(3871件)

投稿時間:2021-06-17 05:05:34 RSSフィード2021-06-17 05:00 分まとめ(1274件)