micronaut-projects / micronaut-core Goto Github PK

see: lowLevelHttpClient.adoc

3.1 The Environment

In addition to specified environments, the environment is also deduced via https://github.com/micronaut-projects/micronaut-core/blob/master/inject/src/main/java/io/micronaut/context/env/DefaultEnvironment.java#L379. That process needs documented

Currently if you want to return a custom error status you are forced to return HttpResponse object.

We should instead add a new HttpStatusException that can be thrown.

For example:

Book save(String title) {
        if(title == null) throw new HttpStatusException(HttpStatus.UNPROCESSABLE_ENTITY, "invalid title")
}

see: clientFallback.adoc

Currently the default HTTP status is 200

We should have a @Status annotation such that the default can be customised:

@Status(CREATED)
Book save(String title) {
  ...
}

Currently HttpClientConfiguration.readTimeout can be set but not the connect timeout. See https://netty.io/4.0/api/io/netty/channel/ChannelConfig.html#setConnectTimeoutMillis-int-

7.2 Service Discovery

The current documentation is malformed

4.2 Introduction Advice

If a request is made for / then index.html should be resolved. Currently it requires a redirect in a controller to work.

see clientParameters.adoc

See: serviceDiscoveryKubernetes.adoc

see: netflixRibbon.adoc

We should support micronaut.config.files such that you add additional property sources via environment variables or system properties:

java -jar -Dmicronaut.config.files=file:~/myconfig.properties myjar.jar

It should be possible to do the following on a client:

@Header(name="Authorization", value="${some.configuration.value}"
@Client(id="blah")
interface Blah {

}

And it will add the configured header to all outgoing requests

We don't have a built in way to specify the environments for an application via system properties or environment variables

We should be able to specify java -jar -Dmicronaut.environments=foo,bar mylar.jar and the foo and bar environments become active

have an interface RejectionHandler

I have one singleton

@Primary
@Singleton
public class HttpStatusCodeRejectionHandler implements RejectionHandler

then I have this other bean

@Requires(property = SecuritySessionConfigurationProperties.PREFIX + ".enabled")
@Singleton
@Replaces(HttpStatusCodeRejectionHandler.class)
public class SessionSecurityfilterRejectionHandler implements RejectionHandler {

if session security is turned on. I want the next previous to be used instead.

the issue is when session security is not enabled ( the default ). No bean implemented RejectionHandler is injected in the context.

if I remove the @Replaces annotation and don't enable session security the HttpStatusCodeRejectionHandler is used as expected.

How to reproduce?

Uncomment

https://github.com/jeffbrown/micronaut-core/blob/security-jwt/security/src/main/java/io/micronaut/security/session/SessionSecurityfilterRejectionHandler.java#L40

and run tests in security module:

./graldew security:check
You will see them failing because no bean for RejectionHandler is found.

5.15.3 Securing the Server with HTTPS

2.9 Bean Configurations

Ensure all @requires options are documented. Things like notEqual are missing currently.

see: clientAnnotation.adoc

The Jenkins instance should be configured to send email notifications for failed builds and when a broken build returns to health. The build should send email notifications to a fixed list of addresses and if do-able, notify individuals who are associated with commits related to the relevant builds.

see: zipkin.adoc

Example:

$ mn -h

Usage (optionals marked with *):'
grails [environment]* [target] [arguments]*'

| Examples:
$ mn dev run-app
$ mn create-app books

see: clientRetry.adoc

I have a branch for allowing configurable Security Endpoints. So that you can say /logout endpoint can be set to salir instead.

Steps to reproduce

Clone:
https://github.com/micronaut-projects/micronaut-core/tree/security-endpoints-configurable-paths

Unignore:
https://github.com/micronaut-projects/micronaut-core/blob/security-endpoints-configurable-paths/security/src/test/groovy/io/micronaut/security/endpoints/LogoutControllerPathConfigurableSpec.groovy

If you run that test in isolation you will see it passes.

If you run the whole suite the test the logout test fails in :

https://github.com/micronaut-projects/micronaut-core/blob/security-endpoints-configurable-paths/security/src/test/groovy/io/micronaut/security/events/EventListenerSpec.groovy

If you run the previous spec in isolation you will see EventListenerSpec passes.

In Suite, EventListenerSpec gets executed after LogoutControllerPathConfigurableSpec.

If you place a debug endpoint in :

https://github.com/micronaut-projects/micronaut-core/blob/security-endpoints-configurable-paths/http-server-netty/src/main/java/io/micronaut/http/server/netty/RoutingInBoundHandler.java#L222

You will see the router still contains the route /salir instead of /logout

The BOM we generate should include third party dependencies

• 9.1 Creating Endpoints
  • General description
• 9.1.1 The Endpoint Annotation
  • Document the available arguments
• 9.1.2 Endpoint Methods
  • Document @Read, @Write, and @Delete annotations on endpoint methods
• 9.1.3 Endpoint Configuration
  • Document how the prefix can change, as well as default sensitive enabled and how that plays out. Add a note about how the security project will secure sensitive endpoints.

See threadPools.adoc

see: jaeger.adoc

java.lang.ClassCastException: io.micronaut.http.client.FullNettyClientHttpResponse cannot be cast to io.micronaut.http.server.netty.NettyHttpResponse

How to reproduce.

Clone:

https://github.com/jeffbrown/micronaut-core/tree/jwt

Run security sample app in examples/security.

You will need to start both gateway and security.

examples/security/gateway/src/main/java/example/gateway/Application.java

examples/security/security/src/main/groovy/example/security/SecurityApplication.java

do the next command:

curl -X "POST" "http://localhost:8080/oauth/access_token" \
     -H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' \
     --data-urlencode "grant_type=refresh_token" \
     --data-urlencode "refresh_token=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJldWxlciIsInJvbGVzIjpbIlJPTEVfR1JBSUxTIl0sImlhdCI6MTUyMzk1Nzk0Mn0.ChcgcPsm5Fo0DpjvnAaGrRVoM1ebZl5t8kfUXGraLHI"

see: serviceDiscoveryConsul.adoc

9.2 Built-In Endpoints

Ensure all existing endpoints are documented thoroughly including their defaults for enabled/sensitive.

see serviceDiscoveryEureka.adoc

See : transfers.adoc

see: contentNegotiation.adoc

see: sessions.adoc

see: clientConfiguration.adoc

The @Error annotation has a global=true flag which works for @Error(SomeException) but not for @Error(status=HttpStatus.NOT_FOUND)

Currently when defining a HTTP status error handler they are always mapped globally. The RouteBuilder interface is missing the ability to define controller specific HTTP status errors

• 8 Language Support
  • Missing a general description
• 8.1 Micronaut for Groovy
  • Document the specific features available for Groovy users
• 8.2 Micronaut for Kotlin
  • Add a link and a note to how to do the same thing with Maven

Successful Jenkins builds should result in snapshot artifacts being published to our private Jenkins instance.

How to reproduce:

Clone branch:

https://github.com/micronaut-projects/micronaut-core/tree/security-endpoints-configurable-path

Test fails:

https://github.com/micronaut-projects/micronaut-core/blob/security-endpoints-configurable-path/security-jwt/src/test/groovy/io/micronaut/security/token/jwt/endpoints/OauthControllerPathConfigurableSpec.groovy

It fails because when you invoke the /newtoken endpoint and you place a breakpoint in

https://github.com/micronaut-projects/micronaut-core/blob/security-endpoints-configurable-path/http-server-netty/src/main/java/io/micronaut/http/server/netty/RoutingInBoundHandler.java#L221

The router does not entry for /token and thus the ROUTE_MATCH is not set.

Clone branch `jwt´

https://github.com/jeffbrown/micronaut-core/tree/jwt

Import sample project located under examples/security.

Test pass if you execute tests in security module in IntelliJ with Junit:

However, tests which verify a successful authentication, fail when they are run with Gradle.

example/security$ ./gradlew security:check

It seems AuthenticationProviders are not being loaded correctly in Authenticator.

See:

https://github.com/jeffbrown/micronaut-core/blob/jwt/security/src/main/java/io/micronaut/security/authentication/Authenticator.java#L44

We should create a micronaut-examples repo and move all the examples in there