Skip to content

Commit

Permalink
Merge branch 'main' into gk/quarkusPluginGradle9Fix
Browse files Browse the repository at this point in the history
  • Loading branch information
ribafish authored Jan 17, 2024
2 parents 4db15c3 + e5b9477 commit a696e0d
Show file tree
Hide file tree
Showing 44 changed files with 1,585 additions and 807 deletions.
4 changes: 2 additions & 2 deletions .github/native-tests.json
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,8 @@
},
{
"category": "Amazon",
"timeout": 50,
"test-modules": "amazon-lambda, amazon-lambda-http",
"timeout": 80,
"test-modules": "amazon-lambda, amazon-lambda-http, amazon-lambda-rest-funqy, amazon-lambda-rest-servlet, amazon-lambda-rest-reactive-routes, amazon-lambda-rest-resteasy-reactive",
"os-name": "ubuntu-latest"
},
{
Expand Down
66 changes: 19 additions & 47 deletions bom/application/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
<parsson.version>1.1.5</parsson.version>
<resteasy-microprofile.version>2.1.4.Final</resteasy-microprofile.version>
<resteasy-spring-web.version>3.1.0.Final</resteasy-spring-web.version>
<resteasy.version>6.2.6.Final</resteasy.version>
<resteasy.version>6.2.7.Final</resteasy.version>
<opentracing.version>0.33.0</opentracing.version>
<opentracing-jdbc.version>0.2.4</opentracing-jdbc.version>
<opentracing-kafka.version>0.1.15</opentracing-kafka.version>
Expand Down Expand Up @@ -119,7 +119,7 @@
<slf4j-jboss-logmanager.version>2.0.0.Final</slf4j-jboss-logmanager.version>
<wildfly-common.version>1.7.0.Final</wildfly-common.version>
<wildfly-client-config.version>1.0.1.Final</wildfly-client-config.version>
<wildfly-elytron.version>2.2.2.Final</wildfly-elytron.version>
<wildfly-elytron.version>2.2.3.Final</wildfly-elytron.version>
<jboss-threads.version>3.5.1.Final</jboss-threads.version>
<vertx.version>4.5.1</vertx.version>
<httpclient.version>4.5.14</httpclient.version>
Expand Down Expand Up @@ -472,6 +472,15 @@
<scope>import</scope>
</dependency>

<!-- SmallRye Reactive Messaging BOM -->
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-bom</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>

<!-- Quarkus core -->

<dependency>
Expand Down Expand Up @@ -5034,6 +5043,14 @@
<artifactId>hibernate-jpamodelgen</artifactId>
<version>${hibernate-orm.version}</version>
</dependency>
<!-- Workaround for Maven relocations not being supported for
annotation processor paths in Maven Compiler Plugin
See https://github.com/apache/maven-compiler-plugin/pull/180#issuecomment-1876921475 -->
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-jpamodelgen</artifactId>
<version>${hibernate-orm.version}</version>
</dependency>
<dependency>
<groupId>org.hibernate.common</groupId>
<artifactId>hibernate-commons-annotations</artifactId>
Expand Down Expand Up @@ -5263,31 +5280,6 @@
<version>${quartz.version}</version>
</dependency>

<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-provider</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-api</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-health</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-mqtt</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-in-memory</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-kafka</artifactId>
Expand Down Expand Up @@ -5319,11 +5311,6 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-pulsar</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>
<dependency>
<groupId>org.apache.pulsar</groupId>
<artifactId>pulsar-client-original</artifactId>
Expand Down Expand Up @@ -5363,11 +5350,6 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-kafka-api</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-kafka-test-companion</artifactId>
Expand All @@ -5394,16 +5376,6 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-reactive-messaging-rabbitmq</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>
<dependency>
<groupId>io.smallrye.reactive</groupId>
<artifactId>smallrye-connector-attribute-processor</artifactId>
<version>${smallrye-reactive-messaging.version}</version>
</dependency>

<dependency>
<groupId>org.infinispan</groupId>
Expand Down
2 changes: 2 additions & 0 deletions docs/src/main/asciidoc/aws-lambda-http.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ With Quarkus you can deploy your favorite Java HTTP frameworks as AWS Lambda's u
or https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-rest-api.html[AWS Gateway REST API]. This means that you can deploy your microservices written with RESTEasy Reactive (our Jakarta REST implementation),
Undertow (servlet), Reactive Routes, xref:funqy-http.adoc[Funqy HTTP] or any other Quarkus HTTP framework as an AWS Lambda.

IMPORTANT: You should only use single HTTP framework together with AWS Lambda extension to avoid unexpected conflicts and errors.

You can deploy your Lambda as a pure Java jar, or you can compile your project to a native image and deploy that for a smaller
memory footprint and startup time. Our integration also generates SAM deployment files that can be consumed by https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html[Amazon's SAM framework].

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ This example shows how you can build a simple microservice that offers two endpo

These endpoints are protected and can only be accessed if a client sends a bearer token along with the request, which must be valid (for example, signature, expiration, and audience) and trusted by the microservice.

The bearer token is issued by a Keycloak server and represents the subject for which the token was issued.
Because it is an OAuth 2.0 Authorization server, the token also references the client acting on the user's behalf.
A Keycloak server issues the bearer token and represents the subject for which the token was issued.
Because it is an OAuth 2.0 authorization server, the token also references the client acting on the user's behalf.

Any user with a valid token can access the `/api/users/me` endpoint.
As a response, it returns a JSON document with user details obtained from the information in the token.
Expand All @@ -52,6 +52,10 @@ You can clone the Git repository by running the command `git clone {quickstarts-

The solution is located in the `security-openid-connect-quickstart` link:{quickstarts-tree-url}/security-openid-connect-quickstart[directory].

//Removing sectnums. See PR#: 37616
//:sectnums:
//:sectnumlevels: 3

== Create the Maven project

You can either create a new Maven project with the `oidc` extension or you can add the extension to an existing Maven project.
Expand Down Expand Up @@ -131,7 +135,7 @@ public class UsersResource {
}
----
====
. Implement the `/api/admin` endpoint as shown in the following simple example:
. Implement the `/api/admin` endpoint as shown in the following example:
+
====
[source,java]
Expand Down Expand Up @@ -176,7 +180,7 @@ quarkus.oidc.client-id=backend-service
quarkus.oidc.credentials.secret=secret
# Tell Dev Services for Keycloak to import the realm file
# This property is not effective when running the application in JVM or Native modes
# This property is not effective when running the application in JVM or native modes
quarkus.keycloak.devservices.realm-path=quarkus-realm.json
----
Expand All @@ -188,7 +192,7 @@ Where:
The `%prod.` profile prefix ensures that `Dev Services for Keycloak` launches a container when you run the application in development (dev) mode.
For more information, see the <<keycloak-dev-mode>> section.

* `quarkus.oidc.client-id` sets a client-ID that identifies the application.
* `quarkus.oidc.client-id` sets a client id that identifies the application.
* `quarkus.oidc.credentials.secret` sets the client secret, which is used by the `client_secret_basic` authentication method.

For more information, see the Quarkus xref:security-oidc-configuration-properties-reference.adoc[OpenID Connect (OIDC) configuration properties] guide.
Expand All @@ -214,15 +218,15 @@ docker run --name keycloak -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=ad
----
====
* Where the `keycloak.version` is set to version `23.0.0` or later.
. You can access your Keycloak Server at http://localhost:8180[localhost:8180].
. To access the Keycloak Administration Console, log in as the `admin` user by using the following login credentials:
. You can access your Keycloak server at http://localhost:8180[localhost:8180].
. To access the Keycloak Administration console, log in as the `admin` user by using the following login credentials:

* Username: `admin`
* Password: `admin`

. Import the link:{quickstarts-tree-url}/security-openid-connect-quickstart/config/quarkus-realm.json[realm configuration file] from the upstream community repository to create a new realm.

For more information, see the Keycloak documentation about link:https://www.keycloak.org/docs/latest/server_admin/index.html#configuring-realms[create and configure a new realm].
For more information, see the Keycloak documentation about link:https://www.keycloak.org/docs/latest/server_admin/index.html#configuring-realms[creating and configuring a new realm].


[NOTE]
Expand All @@ -242,15 +246,16 @@ For more information, see the xref:security-keycloak-admin-client.adoc[Quarkus K
include::{includes}/devtools/dev.adoc[]
====
* xref:security-openid-connect-dev-services.adoc[Dev Services for Keycloak] will start a Keycloak container and import a `quarkus-realm.json`.
. Open a xref:dev-ui.adoc[Dev UI], which you can find at http://localhost:8080/q/dev-ui[/q/dev-ui], then click a `Provider: Keycloak` link in an `OpenID Connect` `Dev UI` card.
. Open a xref:dev-ui.adoc[Dev UI], which you can find at http://localhost:8080/q/dev-ui[/q/dev-ui].
Then, in an `OpenID Connect` card, click the `Keycloak provider` link .
. When prompted to log in to a `Single Page Application` provided by `OpenID Connect Dev UI`, do the following steps:

* Log in as `alice` (password: `alice`), who has a `user` role.
** Accessing `/api/admin` returns `403`.
** Accessing `/api/users/me` returns `200`.
* Log out and log in as `admin` (password: `admin`), who has both `admin` and `user` roles.
** Accessing `/api/admin` returns `200`.
** Accessing `/api/users/me` returns `200`.
** Accessing `/api/admin` returns a `403` status code.
** Accessing `/api/users/me` returns a `200` status code.
* Log out and log in again as `admin` (password: `admin`), who has both `admin` and `user` roles.
** Accessing `/api/admin` returns a `200` status code.
** Accessing `/api/users/me` returns a `200` status code.

== Run the Application in JVM mode

Expand All @@ -272,7 +277,7 @@ java -jar target/quarkus-app/quarkus-run.jar

== Run the application in native mode

You can compile this same demo as-is into native mode without needing any modifications.
You can compile this same demo as-is into native mode without any modifications.
This implies that you no longer need to install a JVM on your production environment.
The runtime technology is included in the produced binary and optimized to run with minimal resources required.

Expand All @@ -297,9 +302,9 @@ include::{includes}/devtools/build-native.adoc[]

For information about testing your application in dev mode, see the preceding <<keycloak-dev-mode>> section.

You can test the application launched in JVM or Native modes with `curl`.
You can test the application launched in JVM or native modes with `curl`.

* Because the application uses Bearer token authentication, you first need to obtain an access token from the Keycloak server to access the application resources:
* Because the application uses Bearer token authentication, you must first obtain an access token from the Keycloak server to access the application resources:
====
[source,bash]
Expand Down Expand Up @@ -348,7 +353,7 @@ export access_token=$(\

For information about writing integration tests that depend on `Dev Services for Keycloak`, see the xref:security-oidc-bearer-token-authentication.adoc#integration-testing-keycloak-devservices[Dev Services for Keycloak] section of the "OpenID Connect (OIDC) Bearer token authentication" guide.

:sectnums!:
//:sectnums!:

== References

Expand Down
Loading

0 comments on commit a696e0d

Please sign in to comment.