patternhelloworld
diff --git a/‎README.md
Lines changed: 62 additions & 35 deletions b/‎README.md
Lines changed: 62 additions & 35 deletions
diff --git a/‎client/pom.xml
Lines changed: 3 additions & 3 deletions b/‎client/pom.xml
Lines changed: 3 additions & 3 deletions
diff --git a/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/SpringSecurityOauth2PasswordJpaImplApplication.java
Lines changed: 1 addition & 1 deletion b/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/SpringSecurityOauth2PasswordJpaImplApplication.java
Lines changed: 1 addition & 1 deletion
diff --git a/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/database/CommonDataSourceConfiguration.java
Lines changed: 2 additions & 2 deletions b/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/database/CommonDataSourceConfiguration.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/dto/CustomErrorResponsePayload.java
Lines changed: 2 additions & 2 deletions b/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/dto/CustomErrorResponsePayload.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/exception/ErrorMessagesContainedException.java
Lines changed: 1 addition & 1 deletion b/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/exception/ErrorMessagesContainedException.java
Lines changed: 1 addition & 1 deletion
diff --git a/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/exception/data/ResourceNotFoundException.java
Lines changed: 1 addition & 1 deletion b/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/exception/data/ResourceNotFoundException.java
Lines changed: 1 addition & 1 deletion
diff --git a/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/exception/util/EncodingProcessException.java
Lines changed: 1 addition & 1 deletion b/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/exception/util/EncodingProcessException.java
Lines changed: 1 addition & 1 deletion
diff --git a/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/message/GeneralErrorMessage.java
Lines changed: 1 addition & 1 deletion b/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/message/GeneralErrorMessage.java
Lines changed: 1 addition & 1 deletion
diff --git a/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/aop/SecurityPointCutImpl.java
Lines changed: 4 additions & 4 deletions b/‎client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/aop/SecurityPointCutImpl.java
Lines changed: 4 additions & 4 deletions
@@ -1,23 +1,46 @@
-# POC : Spring Security Oauth2 Password JPA Implementation
+# Spring Security Oauth2 Password JPA Implementation
 ## Overview
 
-* In the Spring Security 6 ecosystem, compared to 5, there is a preference for JWT or Keycloak over traditional OAuth2 using a Password Grant method with Spring Security Authorization and Resource Server. I needed to incorporate the current OAuth2 Password Grant with the Spring Security new version and am showing the customization.
-  * Set up access & refresh token APIs on both '/oauth2/token' and on our controller layer such as '/api/v1...', both of which function same and have `the same request & response payloads for success and errors`.
-    * In the following error payload, the 'message' shouldn't be exposed to clients; instead, the 'userMessage' should be.
-      ````
-      {
-        "timestamp": 1719470948370,
-        "message": "Couldn't find the client ID : client_admi",
-        "details": "uri=/oauth2/token",
-        "userMessage": "Authentication failed. Please check your credentials.",
-        "userValidationMessage": null
-      }
-      ````
-  * Authentication management based on a combination of username, client id, and an extra token (referred to in the source code as App-Token, which receives a unique value from the calling devices).
-  * Separated UserDetails implementation for Admin and Customer roles.
-  * Integration with spring-security-oauth2-authorization-server.
-   * Provide MySQL DDL, which consists of oauth\_access\_token, oauth\_refresh\_token and oauth\_client\_details, which is tables in Security 5. As I mean to migrate current security system to Security 6, I haven't changed them to the ``authorization`` table indicated in https://github.com/spring-projects/spring-authorization-server.
-  * Application of Spring Rest Docs. 
+* Complete separation of the library (API) and the client for testing it
+```xml
+<dependency>
+    <groupId>io.github.patternknife.securityhelper.oauth2.api</groupId>
+    <artifactId>spring-security-oauth2-password-jpa-implementation</artifactId>
+    <version>2.4.0</version>
+</dependency>
+```
+* Set up the same access & refresh token APIs on both ``/oauth2/token`` and on our controller layer such as ``/api/v1/traditional-oauth/token``, both of which function same and have `the same request & response payloads for success and errors`.
+  * As you are aware, the API ``/oauth2/token`` is what "spring-authorization-server" provides.
+    * ``/api/v1/traditional-oauth/token`` is what this library implemented manually.
+        * Success Payload
+         ```json
+          {
+              "access_token" : "Vd4x8D4lDg7VBFh...",
+              "token_type" : "Bearer",
+              "refresh_token" : "m3UgLrvPtXKdy7jiD...",
+              "expires_in" : 3469,
+              "scope" : "read write"
+           }
+        ```
+      
+        * Error Payload 
+        ```json
+          {
+              "timestamp": 1719470948370,
+              "message": "Couldn't find the client ID : client_admin", // Sensitive info such as being thrown from StackTraces
+              "details": "uri=/oauth2/token",
+              "userMessage": "Authentication failed. Please check your credentials.",
+              "userValidationMessage": null
+          }
+        ```
+
+        * In the following error payload, the 'message' shouldn't be exposed to clients; instead, the 'userMessage' should be.
+      
+* Authentication management based on a combination of username, client ID, and App-Token
+  * What is an App-Token? An App-Token is a new access token generated each time the same account logs in. If the token values are the same, the same access token is shared.
+* Separated UserDetails implementation for Admin and Customer roles as an example. (This can be extended as desired by implementing ``UserDetailsServiceFactory``)
+* Provide MySQL DDL, which consists of oauth\_access\_token, oauth\_refresh\_token and oauth\_client\_details, which is tables in Security 5. As I mean to migrate current security system to Security 6, I haven't changed them to the ``authorization`` table indicated in https://github.com/spring-projects/spring-authorization-server.
+* Application of Spring Rest Docs
 
 ## Dependencies
 
@@ -47,16 +70,16 @@ mvnw clean install # Integration tests are done here, which creates docs by Spri
 - In case you use IntelliJ, I recommend creating an empty project and importing the API (root) module and client module separately.
 - The client module definitely consumes the API module, but not vice versa.
 
-## Implementation of the Api
-### The implementation method is shown in the client source code.
+## API Guide
+#### The implementation method is shown in the client source code.
 
-- **Registration**
-  - As the Api consumes JPA, adding it to Beans is required.
+### **Registration**
+  - As the Api module consumes JPA, adding it to Beans is required.
 
 ```java
 
-// ADD 'com.patternknife.securityhelper.oauth2.api'
-@SpringBootApplication(scanBasePackages =  {"com.patternknife.securityhelper.oauth2.client", "com.patternknife.securityhelper.oauth2.api"})
+// ADD 'io.github.patternknife.securityhelper.oauth2.api'
+@SpringBootApplication(scanBasePackages =  {"com.patternknife.securityhelper.oauth2.client", "io.github.patternknife.securityhelper.oauth2.api"})
 public class SpringSecurityOauth2PasswordJpaImplApplication {
 
     public static void main(String[] args) {
@@ -68,39 +91,43 @@ public class SpringSecurityOauth2PasswordJpaImplApplication {
 
 ```java
 @Configuration
-// ADD 'com.patternknife.securityhelper.oauth2.api.config.security'
+// ADD 'io.github.patternknife.securityhelper.oauth2.api.config.security'
 @EnableJpaRepositories(
         basePackages = {"com.patternknife.securityhelper.oauth2.client.domain",
                 "com.patternknife.securityhelper.oauth2.client.config.securityimpl",
-                "com.patternknife.securityhelper.oauth2.api.config.security"},
+                "io.github.patternknife.securityhelper.oauth2.api.config.security"},
         entityManagerFactoryRef = "commonEntityManagerFactory",
         transactionManagerRef= "commonTransactionManager"
 )
 public class CommonDataSourceConfiguration {
 
 
-   // ADD 'com.patternknife.securityhelper.oauth2.api.config.security'
+   // ADD 'io.github.patternknife.securityhelper.oauth2.api.config.security'
     @Primary
     @Bean(name = "commonEntityManagerFactory")
     public LocalContainerEntityManagerFactoryBean commonEntityManagerFactory(EntityManagerFactoryBuilder builder) {
         return builder
                 .dataSource(commonDataSource())
                 .packages("com.patternknife.securityhelper.oauth2.client.domain",
-                        "com.patternknife.securityhelper.oauth2.api.config.security")
+                        "io.github.patternknife.securityhelper.oauth2.api.config.security")
                 .persistenceUnit("commonEntityManager")
                 .build();
     }
 
 }
 ```
 
-- **Implementation**
-  - In fact, the only mandatory settings are 'CustomUserDetailsServiceFactory'. The rest depend on your specific situation.
-
-![img.png](reference/docs/img.png)
-
-
-### Running this App with Docker
+### **Implementation**
+  - The only mandatory setting is ``client.config.securityimpl.service.userdetail.CustomUserDetailsServiceFactory``. The rest depend on your specific situation.
+  
+    - **Use PointCut when events happen such as tokens created**
+      - ``SecurityPointCut``
+      - See the source code in ``client.config.securityimpl.aop`` 
+    - **Register error user messages as desired**
+      - ``ISecurityUserExceptionMessageService``
+      - See the source code in ``client.config.securityimpl.message``
+    
+## Running this App with Docker
 * Use the following module for Blue-Green deployment:
   * https://github.com/patternknife/docker-blue-green-runner
 * The above module references this app's Dockerfile and the entrypoint script in the .docker folder.
@@ -7,7 +7,7 @@ http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.patternknife.securityhelper.oauth2.client</groupId>
     <artifactId>spring-security-oauth2-password-jpa-implementation-client</artifactId>
-    <version>2.3.0</version>
+    <version>2.4.0</version>
     <packaging>jar</packaging>
 
     <properties>
@@ -39,9 +39,9 @@ http://maven.apache.org/xsd/maven-4.0.0.xsd">
 
     <dependencies>
         <dependency>
-            <groupId>com.patternknife.securityhelper.oauth2.api</groupId>
+            <groupId>io.github.patternknife.securityhelper.oauth2.api</groupId>
             <artifactId>spring-security-oauth2-password-jpa-implementation</artifactId>
-            <version>2.3.0</version>
+            <version>2.4.0</version>
         </dependency>
 
         <!-- DB -->
 
@@ -7,7 +7,7 @@
 import java.util.TimeZone;
 
 
-@SpringBootApplication(scanBasePackages =  {"com.patternknife.securityhelper.oauth2.client", "com.patternknife.securityhelper.oauth2.api"})
+@SpringBootApplication(scanBasePackages =  {"com.patternknife.securityhelper.oauth2.client", "io.github.patternknife.securityhelper.oauth2.api"})
 public class SpringSecurityOauth2PasswordJpaImplApplication {
 
     @PostConstruct
 
@@ -22,7 +22,7 @@
 @EnableJpaRepositories(
         basePackages = {"com.patternknife.securityhelper.oauth2.client.domain",
                 "com.patternknife.securityhelper.oauth2.client.config.securityimpl",
-                "com.patternknife.securityhelper.oauth2.api.config.security"},
+                "io.github.patternknife.securityhelper.oauth2.api.config.security"},
         entityManagerFactoryRef = "commonEntityManagerFactory",
         transactionManagerRef= "commonTransactionManager"
 )
@@ -49,7 +49,7 @@ public LocalContainerEntityManagerFactoryBean commonEntityManagerFactory(EntityM
         return builder
                 .dataSource(commonDataSource())
                 .packages("com.patternknife.securityhelper.oauth2.client.domain",
-                        "com.patternknife.securityhelper.oauth2.api.config.security")
+                        "io.github.patternknife.securityhelper.oauth2.api.config.security")
                 .persistenceUnit("commonEntityManager")
                 .build();
     }
 
@@ -2,8 +2,8 @@
 
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
-import com.patternknife.securityhelper.oauth2.api.config.response.TimestampUtil;
-import com.patternknife.securityhelper.oauth2.api.config.response.error.dto.ErrorMessages;
+import io.github.patternknife.securityhelper.oauth2.api.config.response.TimestampUtil;
+import io.github.patternknife.securityhelper.oauth2.api.config.response.error.dto.ErrorMessages;
 
 import lombok.ToString;
 import org.apache.commons.lang3.StringUtils;
 
@@ -1,6 +1,6 @@
 package com.patternknife.securityhelper.oauth2.client.config.response.error.exception;
 
-import com.patternknife.securityhelper.oauth2.api.config.response.error.dto.ErrorMessages;
+import io.github.patternknife.securityhelper.oauth2.api.config.response.error.dto.ErrorMessages;
 
 public abstract class ErrorMessagesContainedException extends RuntimeException {
 
 
@@ -1,6 +1,6 @@
 package com.patternknife.securityhelper.oauth2.client.config.response.error.exception.data;
 
-import com.patternknife.securityhelper.oauth2.api.config.response.error.dto.ErrorMessages;
+import io.github.patternknife.securityhelper.oauth2.api.config.response.error.dto.ErrorMessages;
 import com.patternknife.securityhelper.oauth2.client.config.response.error.exception.ErrorMessagesContainedException;
 import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.ResponseStatus;
 
@@ -1,6 +1,6 @@
 package com.patternknife.securityhelper.oauth2.client.config.response.error.exception.util;
 
-import com.patternknife.securityhelper.oauth2.api.config.security.message.ExceptionMessageInterface;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ExceptionMessageInterface;
 import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.ResponseStatus;
 
 
@@ -1,6 +1,6 @@
 package com.patternknife.securityhelper.oauth2.client.config.response.error.message;
 
-import com.patternknife.securityhelper.oauth2.api.config.security.message.ExceptionMessageInterface;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ExceptionMessageInterface;
 import lombok.Getter;
 import org.springframework.http.HttpStatus;
 
 
@@ -1,10 +1,10 @@
 package com.patternknife.securityhelper.oauth2.client.config.securityimpl.aop;
 
 
-import com.patternknife.securityhelper.oauth2.api.config.security.aop.SecurityPointCut;
-import com.patternknife.securityhelper.oauth2.api.config.security.entity.CustomOauthAccessToken;
-import com.patternknife.securityhelper.oauth2.api.config.security.entity.CustomOauthRefreshToken;
-import com.patternknife.securityhelper.oauth2.api.config.security.entity.OauthClientDetail;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.aop.SecurityPointCut;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.entity.CustomOauthAccessToken;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.entity.CustomOauthRefreshToken;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.entity.OauthClientDetail;
 
 import jakarta.annotation.Nullable;
 import lombok.RequiredArgsConstructor;