Refactor/cleanup gateway (#76)

* 🔊 gateway logback fix wrong package name

* 🔥 gateway rm application-no-security.yml

* ♻️ gateway use same properties as for integrations

* ✨ gateway add local config

* Revert "♻️ gateway use same properties as for integrations"

This reverts commit f8cd280.

* ♻️ gateway local conf use env vars

* ♻️ integrations replace custom properties aliases with env vars

.run/ApiGatewayApplication.run.xml

@@ -1,7 +1,7 @@
 <component name="ProjectRunConfigurationManager">
     <configuration default="false" name="ApiGatewayApplication" type="SpringBootApplicationConfigurationType"
                    factoryName="Spring Boot" nameIsGenerated="true">
-        <option name="ACTIVE_PROFILES" value="local,local-conf,hazelcast-local"/>
+        <option name="ACTIVE_PROFILES" value="local,hazelcast-local"/>
         <module name="refarch-gateway"/>
         <option name="SPRING_BOOT_MAIN_CLASS" value="de.muenchen.refarch.gateway.ApiGatewayApplication"/>
         <extension name="net.ashald.envfile">

refarch-gateway/src/main/resources/application-local.yml

@@ -0,0 +1,20 @@
+SSO_ISSUER_URL: http://localhost:8100/auth/realms/local_realm
+SSO_CLIENT_ID: local
+SSO_CLIENT_SECRET: client_secret
+server:
+  port: 8083
+spring:
+  cloud:
+    gateway:
+      routes:
+        - id: backend
+          uri: http://localhost:39146/
+          predicates:
+            - "Path=/api/backend-service/rest/**"
+          filters:
+            - RewritePath=/api/digitalwf-backend-service/(?<urlsegments>.*), /$\{urlsegments}
+            - "RemoveResponseHeader=WWW-Authenticate"
+        - id: frontend
+          uri: http://localhost:4173/
+          predicates:
+            - "Path=/**"

refarch-gateway/src/main/resources/logback-spring.xml

@@ -22,7 +22,7 @@
         </appender>
 
         <!-- Logger -->
-        <logger name="de.muenchen.oss.refarch.gateway"
+        <logger name="de.muenchen.refarch.gateway"
                 level="debug"
                 additivity="false">
             <appender-ref ref="STDOUT"/>

refarch-integrations/refarch-s3-integration/README.md

@@ -41,13 +41,13 @@ Whether a property is an alias can be checked in the corresponding `application.
 
 ### s3-integration-rest-service
 
-| Property                          | Description                                                    | Example                                       |
-|-----------------------------------|----------------------------------------------------------------|-----------------------------------------------|
-| `refarch.s3.url`                  | Url of s3 endpoint to connect to.                              | `s3.example.com`                              |
-| `refarch.s3.bucket-name`          | Name of the bucket to connect to.                              | `refarch-bucket`                              |
-| `refarch.s3.access-key`           | Access key to use for connection.                              |                                               |
-| `refarch.s3.secret-key`           | Secret key to use for connection.                              |                                               |
-| `refarch.security.sso-issuer-url` | Issuer url of oAuth2 service used for securing rest endpoints. | `https://sso.example.com/auth/realms/refarch` |
+| Property                 | Description                                                    | Example                                       |
+|--------------------------|----------------------------------------------------------------|-----------------------------------------------|
+| `refarch.s3.url`         | Url of s3 endpoint to connect to.                              | `s3.example.com`                              |
+| `refarch.s3.bucket-name` | Name of the bucket to connect to.                              | `refarch-bucket`                              |
+| `refarch.s3.access-key`  | Access key to use for connection.                              |                                               |
+| `refarch.s3.secret-key`  | Secret key to use for connection.                              |                                               |
+| `SSO_ISSUER_URL`         | Issuer url of oAuth2 service used for securing rest endpoints. | `https://sso.example.com/auth/realms/refarch` |
 
 ### s3-integration-java-client-starter
 
@@ -65,6 +65,6 @@ All properties of [s3-integration-java-client-starter](#s3-integration-rest-clie
 |------------------------------------------|----------------------------------------------------------------------------|-----------------------------------------------|
 | `refarch.s3.client.document-storage-url` | Url to the RefArch S3 integration service.                                 | `http://s3-integration-service:8080`          |
 | `refarch.s3.client.enable-security`      | Switch to enable or disable oAuth2 authentication against s3 service.      | `true`                                        |
-| `refarch.security.sso-issuer-url`        | Issuer url of oAuth2 service to use for authentication against s3 service. | `https://sso.example.com/auth/realms/refarch` |
-| `refarch.s3.client.client-id`            | Client id to be used for authentication.                                   | `refarch_client`                              |
-| `refarch.s3.client.client-secret`        | Client secret to be used for gathering client service account token.       |                                               |
+| `SSO_ISSUER_URL`                         | Issuer url of oAuth2 service to use for authentication against s3 service. | `https://sso.example.com/auth/realms/refarch` |
+| `SSO_S3_CLIENT_ID`                       | Client id to be used for authentication.                                   | `refarch_client`                              |
+| `SSO_S3_CLIENT_SECRET`                   | Client secret to be used for gathering client service account token.       |                                               |

refarch-integrations/refarch-s3-integration/refarch-s3-integration-rest/refarch-s3-integration-rest-client-starter/src/main/resources/application-s3-client.yml

@@ -4,14 +4,14 @@ spring:
       client:
         provider:
           keycloak:
-            issuer-uri: ${refarch.security.sso-issuer-url}
-            user-info-uri: ${refarch.security.sso-issuer-url}/protocol/openid-connect/userinfo
-            jwk-set-uri: ${refarch.security.sso-issuer-url}/protocol/openid-connect/certs
+            issuer-uri: ${SSO_ISSUER_URL}
+            user-info-uri: ${SSO_ISSUER_URL}/protocol/openid-connect/userinfo
+            jwk-set-uri: ${SSO_ISSUER_URL}/protocol/openid-connect/certs
             user-name-attribute: user_name
         registration:
           s3:
             provider: keycloak
             authorization-grant-type: client_credentials
-            client-id: ${refarch.s3.client.client-id}
-            client-secret: ${refarch.s3.client.client-secret}
+            client-id: ${SSO_S3_CLIENT_ID}
+            client-secret: ${SSO_S3_CLIENT_SECRET}
             scope: email, profile, openid  # needed for userInfo endpoint

refarch-integrations/refarch-s3-integration/refarch-s3-integration-rest/refarch-s3-integration-rest-service/src/main/resources/application-local.yml

@@ -1,6 +1,5 @@
+SSO_ISSUER_URL: http://keycloak:8100/auth/realms/local_realm
 refarch:
-  security:
-    sso-issuer-url: http://keycloak:8100/auth/realms/local_realm
   s3:
     bucket-name: test-bucket
     access-key: minio

refarch-integrations/refarch-s3-integration/refarch-s3-integration-rest/refarch-s3-integration-rest-service/src/main/resources/application.yml

@@ -10,7 +10,7 @@ spring:
     oauth2:
       resourceserver:
         jwt:
-          issuer-uri: ${refarch.security.sso-issuer-url}
+          issuer-uri: ${SSO_ISSUER_URL}
 
 server:
   error:
@@ -36,7 +36,7 @@ management:
 
 security:
   oauth2:
-    resource.user-info-uri: ${refarch.security.sso-issuer-url}/protocol/openid-connect/userinfo
+    resource.user-info-uri: ${SSO_ISSUER_URL}/protocol/openid-connect/userinfo
 
 refarch:
   s3: