fix(config): added better configuration

README.md

@@ -10,6 +10,14 @@ It's built with [Quarkus](https://quarkus.io) and provides authentication via OA
 > [!Warning]
 > Zenei is still in development and is not ready for production use. Currently there is no documentation available.
 
+## Features
+
+- [x] Basic user authentication
+- [ ] Admin user management
+- [ ] OAuth2 support (Github, Google, Facebook, etc.)
+- [ ] Organizations management
+- [ ] API/Access token generation
+
 ## License
 
 Zenei is licensed under the [Apache-2.0](LICENSE) license.

src/main/java/dev/cloudeko/zenei/application/web/resource/AuthenticationResource.java

@@ -4,8 +4,8 @@
 import dev.cloudeko.zenei.application.web.model.response.PrivateUserResponse;
 import dev.cloudeko.zenei.application.web.model.response.TokenResponse;
 import dev.cloudeko.zenei.domain.feature.*;
-import dev.cloudeko.zenei.domain.model.email.VerifyMagicLinkInput;
 import dev.cloudeko.zenei.domain.model.email.EmailAddressInput;
+import dev.cloudeko.zenei.domain.model.email.VerifyMagicLinkInput;
 import dev.cloudeko.zenei.domain.model.token.LoginPasswordInput;
 import dev.cloudeko.zenei.domain.model.token.RefreshTokenInput;
 import io.quarkus.security.Authenticated;
@@ -52,7 +52,7 @@ public Response signup(@BeanParam @Valid SignupRequest request) {
         final var user = createUser.handle(request.toCreateUserInput());
         final var emailAddress = user.getPrimaryEmailAddress();
 
-        if (!emailAddress.getEmailVerified() && emailAddress.getEmailVerificationToken() != null) {
+        if (!emailAddress.getEmailVerified() && emailAddress.getEmailVerificationToken() != null){
             sendMagicLinkVerifyEmail.handle(new EmailAddressInput(emailAddress));
         }
 

src/main/java/dev/cloudeko/zenei/domain/feature/impl/CreateUserImpl.java

@@ -7,9 +7,11 @@
 import dev.cloudeko.zenei.domain.model.user.*;
 import dev.cloudeko.zenei.domain.provider.HashProvider;
 import dev.cloudeko.zenei.domain.provider.StringTokenProvider;
+import dev.cloudeko.zenei.infrastructure.config.ApplicationConfig;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.transaction.Transactional;
 import lombok.AllArgsConstructor;
+import org.eclipse.microprofile.config.inject.ConfigProperty;
 
 import java.time.LocalDateTime;
 import java.util.ArrayList;
@@ -20,6 +22,8 @@
 @AllArgsConstructor
 public class CreateUserImpl implements CreateUser {
 
+    private final ApplicationConfig config;
+
     private final HashProvider hashProvider;
     private final StringTokenProvider stringTokenProvider;
 
@@ -29,8 +33,8 @@ public class CreateUserImpl implements CreateUser {
     @Override
     @Transactional
     public User handle(CreateUserInput createUserInput) {
-        final var emailAddress = EmailAddress.builder().email(createUserInput.getEmail()).build();
-        if (true) { //Will be based on configuration
+        final var emailAddress = EmailAddress.builder().email(createUserInput.getEmail()).emailVerified(true).build();
+        if (!config.getAutoConfirm()) {
             final var token = stringTokenProvider.generateToken("mail", emailAddress.getEmail() + UUID.randomUUID());
 
             emailAddress.setEmailVerificationToken(token);

src/main/java/dev/cloudeko/zenei/domain/feature/impl/LoginUserWithPasswordImpl.java

@@ -7,7 +7,6 @@
 import dev.cloudeko.zenei.domain.model.Token;
 import dev.cloudeko.zenei.domain.model.token.LoginPasswordInput;
 import dev.cloudeko.zenei.domain.model.token.RefreshTokenRepository;
-import dev.cloudeko.zenei.domain.model.user.UserPassword;
 import dev.cloudeko.zenei.domain.model.user.UserPasswordRepository;
 import dev.cloudeko.zenei.domain.model.user.UserRepository;
 import dev.cloudeko.zenei.domain.provider.HashProvider;

src/main/java/dev/cloudeko/zenei/domain/feature/impl/VerifyMagicLinkImpl.java

@@ -1,8 +1,8 @@
 package dev.cloudeko.zenei.domain.feature.impl;
 
 import dev.cloudeko.zenei.domain.feature.VerifyMagicLink;
-import dev.cloudeko.zenei.domain.model.email.VerifyMagicLinkInput;
 import dev.cloudeko.zenei.domain.model.email.EmailAddressRepository;
+import dev.cloudeko.zenei.domain.model.email.VerifyMagicLinkInput;
 import jakarta.enterprise.context.ApplicationScoped;
 import lombok.AllArgsConstructor;
 import lombok.extern.jbosslog.JBossLog;

src/main/java/dev/cloudeko/zenei/infrastructure/config/ApplicationConfig.java

@@ -0,0 +1,13 @@
+package dev.cloudeko.zenei.infrastructure.config;
+
+import jakarta.enterprise.context.ApplicationScoped;
+import lombok.Getter;
+import org.eclipse.microprofile.config.inject.ConfigProperty;
+
+@Getter
+@ApplicationScoped
+public class ApplicationConfig {
+
+    @ConfigProperty(name = "zenei.mailer.auto-confirm", defaultValue = "false")
+    Boolean autoConfirm;
+}

src/main/java/dev/cloudeko/zenei/infrastructure/config/ConfigFallbackInterceptor.java

@@ -0,0 +1,32 @@
+package dev.cloudeko.zenei.infrastructure.config;
+
+import io.quarkus.runtime.annotations.RegisterForReflection;
+import io.smallrye.config.FallbackConfigSourceInterceptor;
+import jakarta.annotation.Priority;
+
+import java.util.Map;
+
+@Priority(150)
+@RegisterForReflection
+public class ConfigFallbackInterceptor extends FallbackConfigSourceInterceptor {
+
+    public static final Map<String, String> MAPPING = Map.ofEntries(
+            Map.entry("quarkus.datasource.db-kind", "zenei.database.db-kind"),
+            Map.entry("quarkus.datasource.username", "zenei.database.username"),
+            Map.entry("quarkus.datasource.password", "zenei.database.password"),
+            Map.entry("quarkus.datasource.jdbc.url", "zenei.database.url"),
+            Map.entry("smallrye.jwt.sign.key.location", "zenei.jwt.private.key.location"),
+            Map.entry("smallrye.jwt.new-token.lifespan", "zenei.jwt.token.lifespan"),
+            Map.entry("mp.jwt.verify.publickey", "zenei.jwt.private.key"),
+            Map.entry("mp.jwt.verify.publickey.location", "zenei.jwt.public.key.location"),
+            Map.entry("mp.jwt.verify.publickey.algorithm", "zenei.jwt.public.key.algorithm"),
+            Map.entry("mp.jwt.verify.issuer", "zenei.jwt.issuer"),
+            Map.entry("mp.jwt.verify.audiences", "zenei.jwt.audiences"),
+            Map.entry("mp.jwt.verify.clock.skew", "zenei.jwt.clock.skew"),
+            Map.entry("mp.jwt.verify.token.age", "zenei.jwt.token.age")
+    );
+
+    public ConfigFallbackInterceptor() {
+        super(name -> MAPPING.getOrDefault(name, name));
+    }
+}

src/main/java/dev/cloudeko/zenei/infrastructure/provider/JwtTokenProvider.java

@@ -10,16 +10,10 @@
 @ApplicationScoped
 public class JwtTokenProvider implements TokenProvider {
 
-    private String issuer;
-    private Integer expirationTimeInMinutes;
-
-    public JwtTokenProvider(
-            @ConfigProperty(name = "mp.jwt.verify.issuer") String issuer/*,
-            @ConfigProperty(name = "jwt.secret") String secret,
-            @ConfigProperty(name = "jwt.expiration.time.minutes") Integer expirationTimeInMinutes*/) {
+    private final String issuer;
 
+    public JwtTokenProvider(@ConfigProperty(name = "zenei.jwt.issuer") String issuer) {
         this.issuer = issuer;
-        //this.expirationTimeInMinutes = expirationTimeInMinutes;
     }
 
     @Override

src/main/java/dev/cloudeko/zenei/infrastructure/repository/hibernate/panache/UserRepositoryPanache.java

@@ -5,7 +5,6 @@
 import dev.cloudeko.zenei.domain.model.user.UserRepository;
 import dev.cloudeko.zenei.infrastructure.repository.hibernate.entity.UserEntity;
 import jakarta.enterprise.context.ApplicationScoped;
-import jakarta.persistence.Cacheable;
 import lombok.AllArgsConstructor;
 
 import java.util.Optional;

src/main/java/dev/cloudeko/zenei/infrastructure/web/security/AccessTokenSecurityAuthMechanism.java

@@ -1,22 +1,5 @@
 package dev.cloudeko.zenei.infrastructure.web.security;
 
-import io.netty.handler.codec.http.HttpHeaderNames;
-import io.quarkus.security.credential.TokenCredential;
-import io.quarkus.security.identity.IdentityProviderManager;
-import io.quarkus.security.identity.SecurityIdentity;
-import io.quarkus.security.identity.request.AuthenticationRequest;
-import io.quarkus.security.identity.request.TokenAuthenticationRequest;
-import io.quarkus.vertx.http.runtime.security.ChallengeData;
-import io.quarkus.vertx.http.runtime.security.HttpAuthenticationMechanism;
-import io.smallrye.mutiny.Uni;
-import io.vertx.ext.web.RoutingContext;
-
-import java.util.List;
-import java.util.Locale;
-import java.util.Set;
-
-import static io.vertx.ext.web.handler.impl.HTTPAuthorizationHandler.Type.BEARER;
-
 public class AccessTokenSecurityAuthMechanism {}/*implements HttpAuthenticationMechanism {
 
     // The set of supported credential types

src/main/resources/META-INF/services/io.smallrye.config.ConfigSourceInterceptor

@@ -0,0 +1 @@
+dev.cloudeko.zenei.infrastructure.config.ConfigFallbackInterceptor

src/main/resources/application.properties

@@ -1,16 +1,32 @@
 # Application configuration
+# Name of the Quarkus application. This can be used in various places, e.g., metrics.
 quarkus.application.name=cloudeko-zenei-auth-service
+# Path to a custom banner text file to be displayed on application startup.
+quarkus.banner.path=zenei_banner.txt
+
 # Database configuration
-quarkus.datasource.db-kind=postgresql
+# JDBC driver class for the database connection.
 quarkus.datasource.jdbc.driver=org.postgresql.Driver
-
+# Hibernate ORM strategy for database schema generation.
+# 'update' will attempt to update the existing schema to match the entities.
 quarkus.hibernate-orm.database.generation=update
+# In 'dev' profile, drop and recreate the database schema on each startup.
 %dev.quarkus.hibernate-orm.database.generation=drop-and-create
+# In 'test' profile, drop and recreate the database schema on each startup.
 %test.quarkus.hibernate-orm.database.generation=drop-and-create
-# JWT configuration
-smallrye.jwt.sign.key.location=dev-private-key.pem
-mp.jwt.verify.publickey.location=dev-public-key.pem
-mp.jwt.verify.issuer=https://example.com/issuer
+
 # Mail configuration
+# Use a mock mailer for development, not sending actual emails.
 quarkus.mailer.mock=true
-%prod.quarkus.mailer.mock=false
+# In 'prod' profile, disable the mock mailer and send real emails.
+%prod.quarkus.mailer.mock=false
+
+# Zenei Configuration
+# Type of database used by the Zenei application.
+zenei.database.db-kind=postgresql
+# Location of the private key file for JWT signing.
+zenei.jwt.private.key.location=dev-private-key.pem
+# Location of the public key file for JWT verification.
+zenei.jwt.public.key.location=dev-public-key.pem
+# Issuer identifier to be included in generated JWTs.
+zenei.jwt.issuer=https://example.com/issuer

src/main/resources/zenei_banner.txt

@@ -0,0 +1,6 @@
+
+ ______     ______     __   __     ______     __
+/\___  \   /\  ___\   /\ "-.\ \   /\  ___\   /\ \
+\/_/  /__  \ \  __\   \ \ \-.  \  \ \  __\   \ \ \
+  /\_____\  \ \_____\  \ \_\\"\_\  \ \_____\  \ \_\
+  \/_____/   \/_____/   \/_/ \/_/   \/_____/   \/_/