In this demo, I’ll show how to create a secure REST API and native image with Micronaut. You’ll see how to run a secure, OAuth 2.0-protected, Java REST API that allows JWT authentication. Then, I’ll compare its performance with Quarkus, Spring Boot, and Helidon.
Check this video’s description below for links to its blog post, comments, demo script, and code example.
Prerequisites:
-
SDKMAN (for Java 17 with GraalVM)
-
HTTPie (a better version of cURL)
-
An Okta Developer Account (or the Okta CLI)
Tip
|
The brackets at the end of some steps indicate the IntelliJ Live Templates to use. You can find the template definitions at mraible/idea-live-templates. |
-
Install the Okta CLI and run
okta register
to sign up for a new account. If you already have an account, runokta login
. -
Run
okta apps create spa
. Setoidcdebugger
as an app name and press Enter. -
Use
https://oidcdebugger.com/debug
for the Redirect URI and set the Logout Redirect URI tohttps://oidcdebugger.com
. -
Navigate to the OpenID Connect Debugger website.
-
Fill in your client ID
-
Use
https://{yourOktaDomain}/oauth2/default/v1/authorize
for the Authorize URI -
Select code for the response type and Use PKCE
-
Click Send Request to continue
-
-
Set the access token as a
TOKEN
environment variable in a terminal window.TOKEN=eyJraWQiOiJYa2pXdjMzTDRBYU1ZSzNGM...
-
Use SDKMAN to install Micronaut’s CLI and create an app:
sdk install micronaut mn create-app com.okta.rest.app --build maven -f security-jwt -f micronaut-aot mv app micronaut
-
Create
controller/HelloController.java
: [mn-hello
]package com.okta.rest.controller; import io.micronaut.http.MediaType; import io.micronaut.http.annotation.Controller; import io.micronaut.http.annotation.Get; import io.micronaut.http.annotation.Produces; import io.micronaut.security.annotation.Secured; import io.micronaut.security.rules.SecurityRule; import java.security.Principal; @Controller("/hello") public class HelloController { @Get @Secured(SecurityRule.IS_AUTHENTICATED) @Produces(MediaType.TEXT_PLAIN) public String hello(Principal principal) { return "Hello, " + principal.getName() + "!"; } }
-
Enable and configure JWT security in
src/main/resources/application.yml
: [mn-security-config
]micronaut: ... security: enabled: true token: jwt: enabled: true claims-validators: issuer: https://{yourOktaDomain}/oauth2/default signatures: jwks: okta: url: https://{yourOktaDomain}/oauth2/default/v1/keys
-
Start your app:
./mvnw mn:run
-
Use HTTPie to pass the JWT in as a bearer token in the
Authorization
header:http :8080/hello Authorization:"Bearer $TOKEN"
You should get a 200 response with your email in it.
-
Compile your Micronaut app into a native binary:
./mvnw package -Dpackaging=native-image
-
Start your Micronaut app:
./target/app
-
Test it with HTTPie and an access token. You may have to generate a new JWT with oidcdebugger.com if yours has expired.
http :8080/hello Authorization:"Bearer $TOKEN"
-
Run each image three times before recording the numbers, then each command five times
-
Write each time down, add them up, and divide by five for the average. For example:
Micronaut: (17 + 19 + 19 + 20 + 15) / 5 = 18 Quarkus: (25 + 18 + 20 + 19 + 21) / 5 = 20.6 Spring Boot: (39 + 40 + 38 + 37 + 41) / 5 = 39 Helidon: (45 + 44 + 45 + 39 + 43) / 5 = 43.2
Framework | Command executed | Milliseconds to start |
---|---|---|
Micronaut |
|
18 |
Quarkus |
|
20.6 |
Spring Boot |
|
39 |
Helidon |
|
43.2 |
Test the memory usage in MB of each app using the command below. Make sure to send an HTTP request to each one before measuring.
ps -o pid,rss,command | grep --color <executable> | awk '{$2=int($2/1024)"M";}{ print;}'
Substitute <executable>
as follows:
Framework | Executable | Megabytes before request | Megabytes after request | Megabytes after 5 requests |
---|---|---|---|---|
Micronaut |
|
43 |
58 |
69 |
Quarkus |
|
37 |
48 |
50 |
Spring Boot |
|
74 |
98 |
99 |
Helidon |
|
79 |
97 |
131 |
Important
|
If you disagree with these numbers and think X framework should be faster, I encourage you to clone the repo and run these tests yourself. If you get faster startup times for Micronaut, do you get faster startup times for Helidon, Quarkus, and Spring Boot too? |
⚡️ Create a secure REST API with Micronaut: okta start micronaut
🚀 Find this example’s code on GitHub: @oktadev/native-java-examples/micronaut
👀 Read the blog post: Build Native Java Apps with Micronaut, Quarkus, and Spring Boot