Develop#19
Merged
Merged
Conversation
…pplication.yaml for JWT configuration
…roved logging for token parsing errors
…vels for bundle and security components
…hods for consistency
…tion handling for items and comments
…mestamps; add JpaBundleItemRepository for enhanced BundleItem queries
… a duplicate URL in Bundle
…removing bundle items
…xt and refining JWT filter registration
There was a problem hiding this comment.
Pull request overview
This PR updates the Maven multi-module build to use a shared ${revision} property, introduces a new analysis service module, and expands the bundle service with “frequency” endpoints plus several JWT/security-related adjustments.
Changes:
- Switch parent/module POM versions to
${revision}and add the newanalysismodule to the root build. - Add “frequency” bundle APIs and wire item append/update/remove operations through mediator commands/handlers.
- Harden JWT token generation/parsing (UTF-8 bytes, minimum key length check in token generation) and update service configurations/logging.
Reviewed changes
Copilot reviewed 42 out of 42 changed files in this pull request and generated 21 comments.
Show a summary per file
| File | Description |
|---|---|
| shared/pom.xml | Use ${revision} for parent version. |
| pom.xml | Introduce <revision> property, use ${revision} as project version, add analysis module. |
| message/pom.xml | Use ${revision} for parent version. |
| identity/src/main/resources/application.yaml | Add JWT configuration guidance comments. |
| identity/src/main/java/io/theurl/identity/application/implement/AuthApplicationServiceImpl.java | Enforce signing key length and use UTF-8 when signing JWTs. |
| identity/pom.xml | Use ${revision} for parent version. |
| framework/src/main/java/io/theurl/framework/security/JwtAuthenticationFilter.java | Add extra JWT validation/logging and more specific exception handling. |
| framework/src/main/java/io/theurl/framework/configure/MediatorConfiguration.java | Remove unused imports (no functional change shown in diff). |
| framework/pom.xml | Use ${revision} for parent version. |
| config/pom.xml | Use ${revision} for parent version. |
| bundle/src/main/resources/application.yaml | Rename app to bundle, enable Spring Cloud Config, adjust logging and JWT comments. |
| bundle/src/main/java/io/theurl/bundle/persistence/repository/JpaBundleItemRepository.java | Add new JPA repository with JPQL + native queries. |
| bundle/src/main/java/io/theurl/bundle/persistence/repository/BundleRepositoryImpl.java | Adjust mapping target type and set audit timestamps/fields on save. |
| bundle/src/main/java/io/theurl/bundle/persistence/profile/BundleMapProfile.java | Rework ModelMapper configuration and add mapping for items/comments/labels. |
| bundle/src/main/java/io/theurl/bundle/persistence/handler/BundleListQueryHandler.java | Change criteria handling (default predicate logic removed/commented). |
| bundle/src/main/java/io/theurl/bundle/persistence/handler/BundleItemCountQueryHandler.java | Remove unused import. |
| bundle/src/main/java/io/theurl/bundle/persistence/handler/BundleCountQueryHandler.java | Change criteria handling (default case now empty). |
| bundle/src/main/java/io/theurl/bundle/persistence/entity/BundleLabel.java | Add new BundleLabel entity. |
| bundle/src/main/java/io/theurl/bundle/persistence/entity/BundleItem.java | Expand BundleItem schema (text columns, timestamps). |
| bundle/src/main/java/io/theurl/bundle/persistence/entity/Bundle.java | Add labels relationship and reorder updated_at field. |
| bundle/src/main/java/io/theurl/bundle/interfaces/controller/FrequencyController.java | Add /api/frequency endpoints for current-user frequency items. |
| bundle/src/main/java/io/theurl/bundle/domain/aggregate/BundleExtend.java | Rename item count field/accessors to itemsCount. |
| bundle/src/main/java/io/theurl/bundle/domain/aggregate/Bundle.java | Add labels and item update API; change duplicate URL behavior to throw. |
| bundle/src/main/java/io/theurl/bundle/configure/SecurityConfiguration.java | Add CORS, adjust auth rules, and register JWT filter changes. |
| bundle/src/main/java/io/theurl/bundle/application/implement/BundleApplicationServiceImpl.java | Implement item append/update/remove operations via mediator commands. |
| bundle/src/main/java/io/theurl/bundle/application/handler/BundleItemUpdateCommandHandler.java | Add command handler for updating bundle items. |
| bundle/src/main/java/io/theurl/bundle/application/handler/BundleItemRemoveCommandHandler.java | Add command handler for removing bundle items. |
| bundle/src/main/java/io/theurl/bundle/application/handler/BundleItemAppendCommandHandler.java | Add command handler for appending bundle items. |
| bundle/src/main/java/io/theurl/bundle/application/command/BundleItemUpdateCommand.java | Add command payload for item update. |
| bundle/src/main/java/io/theurl/bundle/application/command/BundleItemRemoveCommand.java | Add command record for item removal. |
| bundle/src/main/java/io/theurl/bundle/application/command/BundleItemAppendCommand.java | Add command payload for item append. |
| bundle/pom.xml | Use ${revision} for parent version. |
| analysis/pom.xml | Add new Spring Boot module analysis with dependencies and build plugins. |
| analysis/src/main/java/io/theurl/analysis/AnalysisApplication.java | Add analysis Spring Boot main entry point. |
| analysis/src/main/resources/application.yaml | Add service configuration for analysis. |
| analysis/src/main/resources/logback-spring.xml | Add Logback configuration for analysis. |
| analysis/src/test/java/io/theurl/analysis/AnalysisApplicationTests.java | Add context-load test for analysis. |
| analysis/mvnw | Add Maven wrapper script (module-local). |
| analysis/mvnw.cmd | Add Maven wrapper script (module-local). |
| analysis/.mvn/wrapper/maven-wrapper.properties | Add Maven wrapper properties (module-local). |
| analysis/.gitignore | Add module-local ignore rules. |
| analysis/.gitattributes | Add module-local gitattributes for wrapper scripts. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+49
to
56
| // Validate signing key is configured | ||
| if (signingKey == null || signingKey.isBlank()) { | ||
| LOGGER.warn("JWT signing key is not properly configured. Using default or empty key."); | ||
| } | ||
|
|
||
| var claims = Jwts.parser() | ||
| .verifyWith(Keys.hmacShaKeyFor(signingKey.getBytes(StandardCharsets.UTF_8))) | ||
| .build() |
Comment on lines
+88
to
+91
| // @Override | ||
| // protected boolean shouldNotFilterAsyncDispatch() { | ||
| // return false; | ||
| // } |
Comment on lines
+56
to
+60
| .exceptionHandling(ex -> { | ||
| ex.authenticationEntryPoint((request, response, authException) -> { | ||
| response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage()); | ||
| }); | ||
| }) |
Comment on lines
+64
to
67
| auth.requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() | ||
| .requestMatchers(HttpMethod.GET, "/api/bookmark/my").authenticated() | ||
| .requestMatchers(HttpMethod.GET, "/api/bundle/**", "/api/bookmark/**", "/api/frequency/**").permitAll() | ||
| .requestMatchers( |
Comment on lines
+85
to
+94
| @Bean | ||
| public FilterRegistrationBean<JwtAuthenticationFilter> jwtFilterRegistration(JwtAuthenticationFilter jwtFilter) { | ||
| FilterRegistrationBean<JwtAuthenticationFilter> registration = new FilterRegistrationBean<>(); | ||
| registration.setFilter(jwtFilter); | ||
| registration.addUrlPatterns("/*"); | ||
| registration.setDispatcherTypes(DispatcherType.REQUEST); | ||
| //registration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.ASYNC); | ||
| registration.setOrder(1); | ||
| return registration; | ||
| } |
Comment on lines
+15
to
+23
| /** | ||
| * Finds a BundleItem by its ID and the vanity of its associated Bundle, ensuring the Bundle is not marked as deleted. | ||
| * | ||
| * @param vanity The vanity string of the associated Bundle. | ||
| * @param itemId The ID of the BundleItem. | ||
| * @return The BundleItem matching the given ID and vanity, or null if not found. | ||
| */ | ||
| @Query("SELECT bi FROM BundleItem bi JOIN bi.bundle b WHERE b.vanity = :vanity AND b.deleted = false AND bi.id = :itemId") | ||
| Optional<BundleItem> findByVanity(String vanity, long itemId); |
Comment on lines
+25
to
+33
| /** | ||
| * Finds a BundleItem by its ID and the ID of its associated Bundle, ensuring the Bundle is not marked as deleted. | ||
| * | ||
| * @param bundleId The ID of the associated Bundle. | ||
| * @param itemId The ID of the BundleItem. | ||
| * @return The BundleItem matching the given IDs, or null if not found. | ||
| */ | ||
| @Query("SELECT bi FROM BundleItem bi JOIN bi.bundle b WHERE b.id = :bundleId AND b.deleted = false AND bi.id = :itemId") | ||
| Optional<BundleItem> findByBundleId(Long bundleId, long itemId); |
Comment on lines
+56
to
+58
| level: | ||
| io.theurl.identity: debug | ||
| org.springframework.cloud.config.client: debug |
Comment on lines
+62
to
+69
| setCollection(dest, "items", src.getItems(), item -> { | ||
| var destItem = new io.theurl.bundle.domain.aggregate.BundleItem(Objects.requireNonNull(item.getId())); | ||
| destItem.setUrl(item.getUrl()); | ||
| destItem.setTitle(item.getTitle()); | ||
| destItem.setDescription(item.getDescription()); | ||
| destItem.setImage(item.getImage()); | ||
| return destItem; | ||
| }); |
Comment on lines
+80
to
+83
| @PostConstruct | ||
| public void enableInheritableSecurityContext() { | ||
| SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL); | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.