This project can be used as a starter for spring cloud microservices development. It is the microservices version of Spring Boot in Practice. It uses Spring Cloud Consul for service discovery and config management, Spring Cloud Gateway to implement api gateway, and ORY/Hydra for running an optional OAuth2 server. There is an article Spring Cloud 微服务开发指南 for learning this project.

1. Spring Boot Web framework and server
2. Spring Data JPA Access database
3. Querydsl JPA Type safe dynamic sql builder
4. Spring Security Authenticate and authrorize
5. Spring Cloud Gateway Api gateway
6. Spring Cloud Consul Service discovery
7. Spring Cloud Circuit Breaker Circuit breaker
8. ORY/Hydra OAuth2 server

The rest api service only return top objects, not return nested objects compared to the original monolith one.

This project need java 11+.

If you use macOS, you can use brew install mysql to install mysql, and use brew services start mysql to start service at port 3306. Then you should create databases and tables for each microservices using sql files under db/migration/mysql.

1. Use V1__Initial_create_dbs.sql to create databases and accounts to access these databases;
2. Use V2__Initial_create_tables.sql to create tables;
3. [Optional] Use V3__Initial_insert_data.sql to insert some data for testing;

If you use macOS, you can use brew install redis to install redis, and use brew services start redis to start service at port 6379.

If you use macOS, you can use brew install consul to install consul, and use brew services start consul to start service at port 8500.

./mvnw package

java -jar gateway/target/spring-cloud-in-practice-gateway-1.0.0-SNAPSHOT.jar
java -jar user/target/spring-cloud-in-practice-user-1.0.0-SNAPSHOT.jar
java -jar post/target/spring-cloud-in-practice-post-1.0.0-SNAPSHOT.jar
java -jar file/target/spring-cloud-in-practice-file-1.0.0-SNAPSHOT.jar
java -jar stat/target/spring-cloud-in-practice-stat-1.0.0-SNAPSHOT.jar

Then you can access all APIs at http://localhost:8080. For example, you can register a new user using curl in terminal as following:

curl --request POST 'http://localhost:8080/user/register' \
--header 'Content-Type: application/json' \
--data-raw '{
	"username": "jaggerwang",
	"password": "123456"
}'

./mvnw package

docker-compose up

If you repackaged any module, you should add --build option to enable the new jar package.

Then you can access all APIs at http://localhost:8080.

This application also support OAuth2 login, you need switch to oauth2 branch to enable this feature. We use ORY/Hydra to run an OAuth2 server, and any OAuth2 client can use this service to authenticate and authorize users.

You need install hydra command first. You can use the following commands to install Hydra on macOS:

brew tap ory/hydra
brew install ory/hydra/hydra

Connect to your local mysql server and create a database for Hydra.

CREATE DATABASE `scip_hydra`;

Then use the following commands to init database and run an OAuth2 server.

DSN=mysql://root:@tcp(localhost:3306)/scip_hydra hydra migrate sql -e --yes

STRATEGIES_ACCESS_TOKEN=jwt LOG_LEVEL=info SECRETS_SYSTEM=a2N4m0XL659TIrB2V3fJBxUED5Zv5zUQ DSN=mysql://scip_hydra:123456@tcp(localhost:3306)/scip_hydra URLS_SELF_ISSUER=http://localhost:4444/ URLS_LOGIN=http://localhost:8080/auth/hydra/login URLS_CONSENT=http://localhost:8080/auth/hydra/consent URLS_LOGOUT=http://localhost:8080/auth/hydra/logout TTL_ACCESS_TOKEN=12h TTL_REFRESH_TOKEN=720h hydra serve all --dangerous-force-http --dangerous-allow-insecure-redirect-urls 'http://localhost:8080/auth/hydra/login,http://localhost:8080/auth/hydra/consent,http://localhost:8080/auth/hydra/logout'

This step is not needed when run by docker compose.

We will create two clients, one is for Hydra's builtin client, and the other is for the gateway service which can be used as an OAuth2 client.

hydra --endpoint 'http://localhost:4445/' clients create --id test --name 'Test' --secret E0g8oR7m711bGcvy --grant-types authorization_code,refresh_token,client_credentials,implicit --response-types token,code,id_token --scope openid,offline,profile --callbacks 'http://localhost:4446/callback'

hydra --endpoint 'http://localhost:4445/' clients create --id scip --name 'Spring Cloud in Practice' --secret ilxzM0AdA7BVaL7c --grant-types authorization_code,refresh_token,client_credentials,implicit --response-types token,code,id_token --scope offline,user,post,file,stat --callbacks 'http://localhost:8080/login/oauth2/code/hydra'

hydra token user --auth-url 'http://localhost:4444/oauth2/auth' --token-url 'http://localhost:4444/oauth2/token' --client-id test --client-secret E0g8oR7m711bGcvy --scope openid,offline,profile --redirect 'http://localhost:4446/callback'

It will auto open http://localhost:4446 to commence OAuth2 authorize flow.

The gateway can also be used as an OAuth2 client, open login page at http://localhost:8080/login to commence an OAuth2 authorization flow.

Right now there is a bug which make OAuth2 login not working, you need remove config exceptionHandling in net.jaggerwang.scip.gateway.adapter.api.config.SecurityConfig.