npm - generator-jhipster - Versions diffs - 7.8.1 → 7.9.2 - Mend

generator-jhipster 7.8.1 → 7.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (516) hide show

package/generators/server/templates/src/main/java/package/config/SecurityConfiguration_reactive.java.ejs CHANGED Viewed

@@ -47,6 +47,9 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Import;
 <%_ if (authenticationTypeOauth2) { _%>
 import org.springframework.core.convert.converter.Converter;
+  <%_ if (!applicationTypeMicroservice) { _%>
+import org.springframework.core.ParameterizedTypeReference;
+  <%_ } _%>
 <%_ } _%>
 import org.springframework.http.HttpMethod;
 <%_ if (authenticationTypeSession) { _%>
@@ -68,17 +71,18 @@ import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
-<%_ if (applicationTypeGateway) { _%>
+<%_ if (!applicationTypeMicroservice) { _%>
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
 <%_ } _%>
 import org.springframework.security.oauth2.client.userinfo.ReactiveOAuth2UserService;
-<%_ if (applicationTypeGateway) { _%>
+<%_ if (!applicationTypeMicroservice) { _%>
 import org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver;
 import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver;
 <%_ } _%>
 import org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator;
 import org.springframework.security.oauth2.core.OAuth2TokenValidator;
-<%_ if (applicationTypeGateway) { _%>
+<%_ if (!applicationTypeMicroservice) { _%>
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 <%_ } _%>
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
@@ -87,7 +91,6 @@ import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
 import org.springframework.security.oauth2.jwt.*;
 import org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter;
 import org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository;
-import org.springframework.security.web.server.header.ReferrerPolicyServerHttpHeadersWriter;
 <%_ } _%>
 <%_ if (!authenticationTypeOauth2) { _%>
   <%_ if (skipUserManagement) { _%>
@@ -122,17 +125,25 @@ import org.springframework.security.web.server.util.matcher.OrServerWebExchangeM
 <%_ if (skipUserManagement && !authenticationTypeOauth2) { _%>
 import org.springframework.util.StringUtils;
 <%_ } _%>
+import org.springframework.web.cors.reactive.CorsWebFilter;
 import org.zalando.problem.spring.webflux.advice.security.SecurityProblemSupport;
 <%_ if (authenticationTypeSession || authenticationTypeOauth2) { _%>
 import reactor.core.publisher.Mono;
 <%_ } _%>
 <%_ if (authenticationTypeOauth2) { _%>
+  <%_ if (!applicationTypeMicroservice) { _%>
+import org.springframework.web.reactive.function.client.WebClient;
+import java.util.Arrays;
+import java.util.Map;
+  <%_ } _%>
 import java.util.HashSet;
 import java.util.Set;
-<%_ if (applicationType === 'gateway') { _%>
+  <%_ if (!applicationTypeMicroservice) { _%>
+import java.util.concurrent.ConcurrentHashMap;
 import java.util.function.Consumer;
-<%_ } _%>
+  <%_ } _%>
 <%_ } _%>
 import static org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers.pathMatchers;
@@ -155,15 +166,20 @@ public class SecurityConfiguration {
 <%_ if (authenticationTypeOauth2) { _%>
     @Value("${spring.security.oauth2.client.provider.oidc.issuer-uri}")
     private String issuerUri;
-  <%_ if (applicationTypeGateway) { _%>
+  <%_ if (!applicationTypeMicroservice) { _%>
     private final ReactiveClientRegistrationRepository clientRegistrationRepository;
+    // todo: optimize for scale https://github.com/jhipster/generator-jhipster/issues/18868
+    private final Map<String, Mono<Jwt>> users = new ConcurrentHashMap<>();
   <%_ } _%>
 <%_ } _%>
     private final SecurityProblemSupport problemSupport;
+    private final CorsWebFilter corsWebFilter;
-    public SecurityConfiguration(<% if (!skipUserManagement && !authenticationTypeOauth2) { %>ReactiveUserDetailsService userDetailsService, <% } %><% if (authenticationTypeJwt) { %>TokenProvider tokenProvider, <% } %><% if (authenticationTypeOauth2 && applicationTypeGateway) { %> ReactiveClientRegistrationRepository clientRegistrationRepository, <% } %>JHipsterProperties jHipsterProperties, SecurityProblemSupport problemSupport) {
-<%_ if (authenticationTypeOauth2 && applicationTypeGateway) { _%>
+    public SecurityConfiguration(<% if (!skipUserManagement && !authenticationTypeOauth2) { %>ReactiveUserDetailsService userDetailsService, <% } %><% if (authenticationTypeJwt) { %>TokenProvider tokenProvider, <% } %><% if (authenticationTypeOauth2 && !applicationTypeMicroservice) { %> ReactiveClientRegistrationRepository clientRegistrationRepository, <% } %>JHipsterProperties jHipsterProperties, SecurityProblemSupport problemSupport, CorsWebFilter corsWebFilter) {
+<%_ if (authenticationTypeOauth2 && !applicationTypeMicroservice) { _%>
         this.clientRegistrationRepository = clientRegistrationRepository;
 <%_ } _%>
 <%_ if (!skipUserManagement && !authenticationTypeOauth2) { _%>
@@ -174,6 +190,7 @@ public class SecurityConfiguration {
 <%_ } _%>
         this.jHipsterProperties = jHipsterProperties;
         this.problemSupport = problemSupport;
+        this.corsWebFilter = corsWebFilter;
     }
 <%_ if (!skipUserManagement && !authenticationTypeOauth2) { _%>
@@ -212,7 +229,7 @@ public class SecurityConfiguration {
         // @formatter:off
         http
             .securityMatcher(new NegatedServerWebExchangeMatcher(new OrServerWebExchangeMatcher(
-                pathMatchers("/app/**", "/i18n/**", "/content/**", "/swagger-ui/**", "/v3/api-docs/**", "/test/**"),
+                pathMatchers("/app/**", "/_app/**", "/i18n/**", "/img/**", "/content/**", "/swagger-ui/**", "/v3/api-docs/**", "/test/**"),
                 pathMatchers(HttpMethod.OPTIONS, "/**")
             )))
             .csrf()
@@ -224,6 +241,7 @@ public class SecurityConfiguration {
 <%_ } else { _%>
                 .disable()
 <%_ } _%>
+            .addFilterBefore(corsWebFilter, SecurityWebFiltersOrder.REACTOR_CONTEXT)
 <%_ if (!skipClient) { _%>
             .addFilterAt(new SpaWebFilter(), SecurityWebFiltersOrder.AUTHENTICATION)
 <%_ } _%>
@@ -275,16 +293,20 @@ public class SecurityConfiguration {
             .pathMatchers("/api/account/reset-password/init").permitAll()
             .pathMatchers("/api/account/reset-password/finish").permitAll()
 <%_ } _%>
+<%_ if (authenticationTypeOauth2) { _%>
             .pathMatchers("/api/auth-info").permitAll()
+<%_ } _%>
             .pathMatchers("/api/admin/**").hasAuthority(AuthoritiesConstants.ADMIN)
             .pathMatchers("/api/**").authenticated()
 <%_ if (applicationTypeGateway) { _%>
+  <%_ if (microfrontend) { _%>
             // microfrontend resources are loaded by webpack without authentication, they need to be public
             .pathMatchers("/services/*/*.js").permitAll()
             .pathMatchers("/services/*/*.js.map").permitAll()
+  <%_ } _%>
             .pathMatchers("/services/*/v3/api-docs").hasAuthority(AuthoritiesConstants.ADMIN)
 <%_ } _%>
-<%_ if (applicationTypeMonolith || applicationTypeGateway) { _%>
+<%_ if (!applicationTypeMicroservice) { _%>
             .pathMatchers("/services/**").authenticated()
 <%_ } _%>
             .pathMatchers("/management/health").permitAll()
@@ -294,8 +316,7 @@ public class SecurityConfiguration {
             .pathMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN);
 <%_ if (authenticationTypeOauth2) { _%>
-        http<%_ if (applicationTypeGateway || applicationTypeMonolith) { _%><%_ if (applicationTypeGateway) { _%>.oauth2Login(oauth2 -> oauth2.authorizationRequestResolver(authorizationRequestResolver(this.clientRegistrationRepository)))<%_ } else { _%>.oauth2Login()
-            .and()<%_ } _%>
+        http<%_ if (!applicationTypeMicroservice) { _%>.oauth2Login(oauth2 -> oauth2.authorizationRequestResolver(authorizationRequestResolver(this.clientRegistrationRepository)))
             <% } %>
             .oauth2ResourceServer()
                 .jwt()
@@ -307,7 +328,7 @@ public class SecurityConfiguration {
     }
 <%_ if (authenticationTypeOauth2) { _%>
-  <%_ if (applicationTypeGateway) { _%>
+  <%_ if (!applicationTypeMicroservice) { _%>
     private ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver(
         ReactiveClientRegistrationRepository clientRegistrationRepository) {
         DefaultServerOAuth2AuthorizationRequestResolver authorizationRequestResolver =
@@ -359,7 +380,8 @@ public class SecurityConfiguration {
     }
     @Bean
-    ReactiveJwtDecoder jwtDecoder() {
+    ReactiveJwtDecoder jwtDecoder(<%_ if (!applicationTypeMicroservice) { _%>ReactiveClientRegistrationRepository registrations<%_ } _%>) {
+    <%_ if (applicationTypeMicroservice) { _%>
         NimbusReactiveJwtDecoder jwtDecoder = (NimbusReactiveJwtDecoder) ReactiveJwtDecoders.fromOidcIssuerLocation(issuerUri);
         OAuth2TokenValidator<Jwt> audienceValidator = new AudienceValidator(jHipsterProperties.getSecurity().getOauth2().getAudience());
@@ -370,7 +392,78 @@ public class SecurityConfiguration {
         return jwtDecoder;
     }
+    <%_ } else { _%>
+        Mono<ClientRegistration> clientRegistration = registrations.findByRegistrationId("oidc");
+        return clientRegistration.map(oidc -> createJwtDecoder(
+            oidc.getProviderDetails().getIssuerUri(),
+            oidc.getProviderDetails().getJwkSetUri(),
+            oidc.getProviderDetails().getUserInfoEndpoint().getUri()
+        )).block();
+    }
+    private ReactiveJwtDecoder createJwtDecoder(String issuerUri, String jwkSetUri, String userInfoUri) {
+        NimbusReactiveJwtDecoder jwtDecoder = new NimbusReactiveJwtDecoder(jwkSetUri);
+        OAuth2TokenValidator<Jwt> audienceValidator = new AudienceValidator(
+            jHipsterProperties.getSecurity().getOauth2().getAudience());
+        OAuth2TokenValidator<Jwt> withIssuer = JwtValidators.createDefaultWithIssuer(issuerUri);
+        OAuth2TokenValidator<Jwt> withAudience = new DelegatingOAuth2TokenValidator<>(withIssuer, audienceValidator);
+        jwtDecoder.setJwtValidator(withAudience);
+        return new ReactiveJwtDecoder() {
+            @Override
+            public Mono<Jwt> decode(String token) throws JwtException {
+                return jwtDecoder.decode(token)
+                    .flatMap(jwt -> enrich(token, jwt));
+            }
+            private Mono<Jwt> enrich(String token, Jwt jwt) {
+                // Only look up user information if identity claims are missing
+                if (jwt.hasClaim("given_name") && jwt.hasClaim("family_name")) {
+                    return Mono.just(jwt);
+                }
+                // Retrieve user info from OAuth provider if not already loaded
+                return users.computeIfAbsent(jwt.getSubject(), s -> {
+                    WebClient webClient = WebClient.create();
+                    return webClient
+                        .get()
+                        .uri(userInfoUri)
+                        .headers(headers -> headers.setBearerAuth(token))
+                        .retrieve()
+                        .bodyToMono(new ParameterizedTypeReference<Map<String, Object>>() {})
+                        .map(userInfo ->
+                            Jwt
+                                .withTokenValue(jwt.getTokenValue())
+                                .subject(jwt.getSubject())
+                                .audience(jwt.getAudience())
+                                .headers(headers -> headers.putAll(jwt.getHeaders()))
+                                .claims(claims -> {
+                                    String username = userInfo.get("preferred_username").toString();
+                                    // special handling for Auth0
+                                    if (userInfo.get("sub").toString().contains("|") && username.contains("@")) {
+                                        userInfo.put("email", username);
+                                    }
+                                    // Allow full name in a name claim - happens with Auth0
+                                    if (userInfo.get("name") != null) {
+                                        String[] name = userInfo.get("name").toString().split("\\s+");
+                                        if (name.length > 0) {
+                                            userInfo.put("given_name", name[0]);
+                                            userInfo.put("family_name", String.join(" ", Arrays.copyOfRange(name, 1, name.length)));
+                                        }
+                                    }
+                                    claims.putAll(userInfo);
+                                })
+                                .claims(claims -> claims.putAll(jwt.getClaims()))
+                                .build()
+                        );
+                });
+            }
+        };
+    }
+    <%_ } _%>
 <%_ } _%>
 <%_ if (authenticationTypeSession) { _%>

package/generators/server/templates/src/main/java/package/config/WebConfigurer.java.ejs CHANGED Viewed

@@ -41,6 +41,9 @@ import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerF
 <%_ if (reactive && !skipClient) { _%>
 import org.springframework.boot.autoconfigure.web.reactive.ResourceHandlerRegistrationCustomizer;
 <%_ } _%>
+<%_ if (messageBrokerKafka) { _%>
+import org.springframework.cloud.stream.annotation.EnableBinding;
+<%_ } _%>
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 <%_ if (reactive) { _%>
@@ -91,6 +94,9 @@ import java.util.concurrent.TimeUnit;
 /**
  * Configuration of web application with Servlet 3.0 APIs.
  */
+<%_ if (messageBrokerKafka) { _%>
+@EnableBinding({KafkaSseConsumer.class, KafkaSseProducer.class})
+<%_ } _%>
 @Configuration
 public class WebConfigurer implements <% if (!reactive) { %>ServletContextInitializer<% if (!skipClient) { %>, WebServerFactoryCustomizer<WebServerFactory><% } %><% } %><% if (reactive) { %>WebFluxConfigurer<% } %> {

package/generators/server/templates/src/main/java/package/security/DomainUserDetailsService.java.ejs CHANGED Viewed

@@ -19,6 +19,9 @@
 package <%= packageName %>.security;
 import <%= packageName %>.domain.<%= asEntity('User') %>;
+<%_ if (databaseTypeSql || databaseTypeMongodb || databaseTypeNeo4j) { _%>
+import <%= packageName %>.domain.Authority;
+<%_ } _%>
 import <%= packageName %>.repository.UserRepository;
 import org.hibernate.validator.internal.constraintvalidators.hv.EmailValidator;
 import org.slf4j.Logger;
@@ -60,7 +63,7 @@ public class DomainUserDetailsService implements <% if (reactive) { %>Reactive<%
     @Override
 <%_ if (databaseTypeSql) { _%>
-    @Transactional
+    @Transactional(readOnly = true)
 <%_ } _%>
     public <% if (reactive) { %>Mono<UserDetails> findByUsername<% } else { %>UserDetails loadUserByUsername<% } %>(final String login) {
         log.debug("Authenticating {}", login);
@@ -89,8 +92,8 @@ public class DomainUserDetailsService implements <% if (reactive) { %>Reactive<%
             throw new UserNotActivatedException("User " + lowercaseLogin + " was not activated");
         }
         List<GrantedAuthority> grantedAuthorities = user.getAuthorities().stream()<% if (databaseTypeSql || databaseTypeMongodb || databaseTypeNeo4j) { %>
-            .map(authority -> new SimpleGrantedAuthority(authority.getName()))<% } %><% if (databaseTypeCassandra || databaseTypeCouchbase) { %>
-            .map(SimpleGrantedAuthority::new)<% } %>
+            .map(Authority::getName)<% } %>
+            .map(SimpleGrantedAuthority::new)
             .collect(Collectors.toList());
         return new org.springframework.security.core.userdetails.User(user.getLogin(),
             user.getPassword(),

package/generators/server/templates/src/main/java/package/security/oauth2/CustomClaimConverter.java.ejs CHANGED Viewed

@@ -31,6 +31,7 @@ import org.springframework.security.oauth2.jwt.MappedJwtClaimSetConverter;
 import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver;
 import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver;
 import org.springframework.web.client.RestTemplate;
+import org.springframework.web.context.request.RequestAttributes;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
@@ -54,6 +55,7 @@ public class CustomClaimConverter implements Converter<Map<String, Object>, Map<
     private final ClientRegistration registration;
+    // todo: optimize for scale https://github.com/jhipster/generator-jhipster/issues/18868
     private final Map<String, ObjectNode> users = new ConcurrentHashMap<>();
     public CustomClaimConverter(ClientRegistration registration, RestTemplate restTemplate) {
@@ -62,14 +64,19 @@ public class CustomClaimConverter implements Converter<Map<String, Object>, Map<
     }
     public Map<String, Object> convert(Map<String, Object> claims) {
+        // Only look up user information if identity claims are missing
+        if (claims.containsKey("given_name") && claims.containsKey("family_name")) {
+            return claims;
+        }
         Map<String, Object> convertedClaims = this.delegate.convert(claims);
-        if (RequestContextHolder.getRequestAttributes() != null && ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) != null) {
+        RequestAttributes attributes = RequestContextHolder.getRequestAttributes();
+        if (attributes instanceof ServletRequestAttributes) {
             // Retrieve and set the token
-            String token = bearerTokenResolver.resolve(((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest());
+            String token = bearerTokenResolver.resolve(((ServletRequestAttributes) attributes).getRequest());
             HttpHeaders headers = new HttpHeaders();
             headers.set("Authorization", buildBearer(token));
-            // Retrieve user infos from OAuth provider if not already loaded
+            // Retrieve user info from OAuth provider if not already loaded
             ObjectNode user = users.computeIfAbsent(claims.get("sub").toString(), s -> {
                 ResponseEntity<ObjectNode> userInfo = restTemplate.exchange(registration.getProviderDetails().getUserInfoEndpoint().getUri(), HttpMethod.GET, new HttpEntity<String>(headers), ObjectNode.class);
                 return userInfo.getBody();

package/generators/server/templates/src/main/java/package/service/UserService.java.ejs CHANGED Viewed

@@ -911,7 +911,12 @@ public class UserService {
                 // if IdP sends last updated information, use it to determine if an update should happen
                 if (details.get("updated_at") != null) {
                     Instant dbModifiedDate = existingUser.getLastModifiedDate();
-                    Instant idpModifiedDate = (Instant) details.get("updated_at");
+                    Instant idpModifiedDate;
+                    if (details.get("updated_at") instanceof Instant) {
+                        idpModifiedDate = (Instant) details.get("updated_at");
+                    } else {
+                        idpModifiedDate = Instant.ofEpochSecond((Integer) details.get("updated_at"));
+                    }
                     if (idpModifiedDate.isAfter(dbModifiedDate)) {
                         log.debug("Updating user '{}' in local database", user.getLogin());
                         return updateUser(user.getFirstName(), user.getLastName(), user.getEmail(),
@@ -948,7 +953,12 @@ public class UserService {
             // if IdP sends last updated information, use it to determine if an update should happen
             if (details.get("updated_at") != null) {
                 Instant dbModifiedDate = existingUser.get().getLastModifiedDate();
-                Instant idpModifiedDate = (Instant) details.get("updated_at");
+                Instant idpModifiedDate;
+                if (details.get("updated_at") instanceof Instant) {
+                    idpModifiedDate = (Instant) details.get("updated_at");
+                } else {
+                    idpModifiedDate = Instant.ofEpochSecond((Integer) details.get("updated_at"));
+                }
                 if (idpModifiedDate.isAfter(dbModifiedDate)) {
                     log.debug("Updating user '{}' in local database", user.getLogin());
                     updateUser(user.getFirstName(), user.getLastName(), user.getEmail(),

package/generators/server/templates/src/main/java/package/web/rest/LogoutResource.java.ejs CHANGED Viewed

@@ -61,13 +61,9 @@ public class LogoutResource {
         String originUrl = request.getHeader(HttpHeaders.ORIGIN);
-        if (logoutUrl.indexOf("/protocol") > -1) {
-            logoutUrl.append("?redirect_uri=").append(originUrl);
-        } else if (logoutUrl.indexOf("auth0.com") > -1) {
-            // Auth0
+        if (issuerUri.contains("auth0.com")) {
             logoutUrl.append("?client_id=").append(this.registration.getClientId()).append("&returnTo=").append(originUrl);
         } else {
-            // Okta
             logoutUrl.append("?id_token_hint=").append(idToken.getTokenValue()).append("&post_logout_redirect_uri=").append(originUrl);
         }

package/generators/server/templates/src/main/java/package/web/rest/LogoutResource_reactive.java.ejs CHANGED Viewed

@@ -68,13 +68,9 @@ public class LogoutResource {
         }
         String originUrl = request.getHeaders().getOrigin();
-        if (logoutUrl.indexOf("/protocol") > -1) {
-            logoutUrl.append("?redirect_uri=").append(originUrl);
-        } else if (logoutUrl.indexOf("auth0.com") > -1) {
-            // Auth0
+        if (issuerUri.contains("auth0.com")) {
             logoutUrl.append("?client_id=").append(clientRegistration.getClientId()).append("&returnTo=").append(originUrl);
         } else {
-            // Okta
             logoutUrl.append("?id_token_hint=").append(idToken.getTokenValue()).append("&post_logout_redirect_uri=").append(originUrl);
         }
         return Map.of("logoutUrl", logoutUrl.toString());

package/generators/server/templates/src/main/java/package/web/rest/UserResource.java.ejs CHANGED Viewed

@@ -195,7 +195,7 @@ public class UserResource {
             .map(user -> {
                 try {
                     return ResponseEntity.created(new URI("/api/admin/users/" + user.getLogin()))
-                        .headers(HeaderUtil.createAlert(applicationName, "userManagement.created", user.getLogin()))
+                        .headers(HeaderUtil.createAlert(applicationName, <% if (enableTranslation) { %> "userManagement.created"<% } else { %> "A user is created with identifier " + user.getLogin()<% } %>, user.getLogin()))
                         .body(user);
                 } catch (URISyntaxException e) {
                     throw new RuntimeException(e);
@@ -248,7 +248,7 @@ public class UserResource {
             })
             .switchIfEmpty(Mono.error(new ResponseStatusException(HttpStatus.NOT_FOUND)))
             .map(user -> ResponseEntity.ok()
-                .headers(HeaderUtil.createAlert(applicationName, "userManagement.updated", userDTO.getLogin()))
+                .headers(HeaderUtil.createAlert(applicationName, <% if (enableTranslation) { %>"userManagement.updated"<% } else { %>"A user is updated with identifier " + userDTO.getLogin()<% } %>, userDTO.getLogin()))
                 .body(user)
             );
   <%_ } else { _%>
@@ -357,11 +357,10 @@ public class UserResource {
     @DeleteMapping("/users/{login}")
     @PreAuthorize("hasAuthority(\"" + AuthoritiesConstants.ADMIN + "\")")
   <%_ if (reactive) { _%>
-    @ResponseStatus(code = HttpStatus.NO_CONTENT)
     public Mono<ResponseEntity<Void>> deleteUser(@PathVariable @Pattern(regexp = Constants.LOGIN_REGEX) String login) {
         log.debug("REST request to delete User: {}", login);
         return userService.deleteUser(login)
-            .map(it -> ResponseEntity.noContent().headers(HeaderUtil.createAlert( applicationName, "userManagement.deleted", login)).build());
+        .then(Mono.just(ResponseEntity.noContent().headers(HeaderUtil.createAlert( applicationName, <% if (enableTranslation) { %> "userManagement.deleted"<% } else { %> "A user is deleted with identifier " + login<% } %>, login)).build()));
   <%_ } else { _%>
     public ResponseEntity<Void> deleteUser(@PathVariable @Pattern(regexp = Constants.LOGIN_REGEX) String login) {
         log.debug("REST request to delete User: {}", login);

package/generators/server/templates/src/main/resources/config/application-dev.yml.ejs CHANGED Viewed

@@ -167,8 +167,6 @@ spring:
   jpa:
   <%_ if (devDatabaseTypePostgres) { _%>
     database-platform: tech.jhipster.domain.util.FixedPostgreSQL10Dialect
-  <%_ } else if (devDatabaseTypeH2Any) { _%>
-    database-platform: tech.jhipster.domain.util.FixedH2Dialect
   <%_ } _%>
 <%_ } _%>
 <%_ if (databaseTypeMongodb || databaseTypeCassandra || (searchEngineElasticsearch && reactive)) { _%>
@@ -355,7 +353,10 @@ jhipster:
   # CORS is only enabled by default with the "dev" profile
   cors:
     # Allow Ionic for JHipster by default (* no longer allowed in Spring Boot 2.4+)
-    allowed-origins: "http://localhost:8100,https://localhost:8100,http://localhost:9000,https://localhost:9000<%_ if (!skipClient) { _%>,http://localhost:<%= devServerPort %>,https://localhost:<%= devServerPort %><%_ if (applicationTypeGateway && microfrontend) { for ({applicationIndex, devServerPort: microserviceDevServerPort = devServerPort + applicationIndex} of Object.values(jhipsterConfig.applications || {})) { _%>,http://localhost:<%= microserviceDevServerPort %>,https://localhost:<%= microserviceDevServerPort %><%_ } } _%><%_ } _%>"
+  <%_ if (microfrontend) { _%>
+    # Ports <%= devServerPort + 1 %>-<%= devServerPort + 9 %> are allowed for microfrontend development
+  <%_ } _%>
+    allowed-origins: "http://localhost:8100,https://localhost:8100,http://localhost:9000,https://localhost:9000<%_ if (!skipClient) { _%>,http://localhost:<%= devServerPort %>,https://localhost:<%= devServerPort %><%_ if (microfrontend) { for (let port = 1; port < 10; port++) { _%>,http://localhost:<%= devServerPort + port %>,https://localhost:<%= devServerPort + port %><%_ } _%><%_ } } _%>"
     # Enable CORS when running in GitHub Codespaces
     allowed-origin-patterns: 'https://*.githubpreview.dev'
     allowed-methods: "*"

package/generators/server/templates/src/main/resources/config/application-prod.yml.ejs CHANGED Viewed

@@ -229,7 +229,7 @@ spring:
 # keytool -genkey -alias <%= baseName.toLowerCase() %> -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650
 #
 # You can also use Let's Encrypt:
-# https://maximilian-boehm.com/hp2121/Create-a-Java-Keystore-JKS-from-Let-s-Encrypt-Certificates.htm
+# See details in topic "Create a Java Keystore (.JKS) from Let's Encrypt Certificates" on https://maximilian-boehm.com/en-gb/blog
 #
 # Then, modify the server.ssl properties so your "server" configuration looks like:
 #

package/generators/server/templates/src/main/resources/config/application.yml.ejs CHANGED Viewed

@@ -305,7 +305,7 @@ spring:
       client:
         provider:
           oidc:
-            issuer-uri: http://localhost:9080/auth/realms/jhipster
+            issuer-uri: http://localhost:9080/realms/jhipster
         registration:
           oidc:
   <%_ if (applicationTypeMicroservice) { _%>

package/generators/server/templates/src/main/resources/config/liquibase/changelog/initial_schema.xml.ejs CHANGED Viewed

@@ -21,7 +21,7 @@
     xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
     xmlns:ext="http://www.liquibase.org/xml/ns/dbchangelog-ext"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-<%= LIQUIBASE_DTD_VERSION %>.xsd
+    xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd
                         http://www.liquibase.org/xml/ns/dbchangelog-ext http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-ext.xsd">
 <%_ const isAutoIncrementDB = reactive || prodDatabaseTypeMysql; _%>

package/generators/server/templates/src/main/resources/config/liquibase/master.xml.ejs CHANGED Viewed

@@ -2,38 +2,68 @@
 <databaseChangeLog
     xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-<%= LIQUIBASE_DTD_VERSION %>.xsd">
+    xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd">
+<%_ if (devDatabaseTypeH2Any) { _%>
     <property name="now" value="now()" dbms="h2"/>
-<%_ if (prodDatabaseTypeMysql || prodDatabaseTypeMariadb) { _%>
-    <property name="now" value="now()" dbms="mysql, mariadb"/>
+    <property name="floatType" value="float4" dbms="h2"/>
+  <%_ if (prodDatabaseTypeMysql || prodDatabaseTypeMariadb) { _%>
+    <property name="uuidType" value="varchar(36)" dbms="h2"/>
+  <%_ } else { _%>
+    <property name="uuidType" value="uuid" dbms="h2"/>
+  <%_ } _%>
+    <property name="datetimeType" value="datetime" dbms="h2"/>
+  <%_ if (reactive) { _%>
+    <property name="clobType" value="varchar(1000000)" dbms="h2"/>
+    <property name="blobType" value="varchar(1000000)" dbms="h2"/>
+  <%_ } else { _%>
+    <%_ if (prodDatabaseTypePostgres) { _%>
+    <property name="clobType" value="longvarchar" dbms="h2"/>
+    <%_ } else { _%>
+    <property name="clobType" value="clob" dbms="h2"/>
+    <%_ } _%>
+    <property name="blobType" value="blob" dbms="h2"/>
+  <%_ } _%>
+<%_ } _%>
+<%_ if (devDatabaseTypeMysql || prodDatabaseTypeMysql) { _%>
+    <property name="now" value="now()" dbms="mysql"/>
+    <property name="floatType" value="float" dbms="mysql"/>
+    <property name="clobType" value="clob" dbms="mysql"/>
+    <property name="blobType" value="longblob" dbms="mysql"/>
+    <property name="uuidType" value="varchar(36)" dbms="mysql"/>
+    <property name="datetimeType" value="datetime(6)" dbms="mysql"/>
+<%_ } _%>
+<%_ if (devDatabaseTypeMariadb || prodDatabaseTypeMariadb) { _%>
+    <property name="now" value="now()" dbms="mariadb"/>
+    <property name="floatType" value="float" dbms="mariadb"/>
+    <property name="clobType" value="clob" dbms="mariadb"/>
+    <property name="blobType" value="longblob" dbms="mariadb"/>
+    <property name="uuidType" value="varchar(36)" dbms="mariadb"/>
+    <property name="datetimeType" value="datetime(6)" dbms="mariadb"/>
 <%_ } _%>
-<%_ if (prodDatabaseTypePostgres) { _%>
+<%_ if (devDatabaseTypePostgres || prodDatabaseTypePostgres) { _%>
     <property name="now" value="current_timestamp" dbms="postgresql"/>
+    <property name="floatType" value="float4" dbms="postgresql"/>
+    <property name="clobType" value="longvarchar" dbms="postgresql"/>
+    <property name="blobType" value="bytea" dbms="postgresql"/>
+    <property name="uuidType" value="uuid" dbms="postgresql"/>
+    <property name="datetimeType" value="datetime" dbms="postgresql"/>
 <%_ } _%>
-<%_ if (prodDatabaseTypeOracle) { _%>
+<%_ if (devDatabaseTypeOracle || prodDatabaseTypeOracle) { _%>
     <property name="now" value="sysdate" dbms="oracle"/>
+    <property name="floatType" value="float" dbms="oracle"/>
+    <property name="clobType" value="clob" dbms="oracle"/>
+    <property name="blobType" value="blob" dbms="oracle"/>
+    <property name="uuidType" value="uuid" dbms="oracle"/>
+    <property name="datetimeType" value="datetime" dbms="oracle"/>
 <%_ } _%>
-<%_ if (prodDatabaseTypeMssql) { _%>
+<%_ if (devDatabaseTypeMssql || prodDatabaseTypeMssql) { _%>
     <property name="now" value="GETDATE()" dbms="mssql"/>
+    <property name="floatType" value="float" dbms="mssql"/>
+    <property name="clobType" value="clob" dbms="mssql"/>
+    <property name="blobType" value="blob" dbms="mssql"/>
+    <property name="uuidType" value="uuid" dbms="mssql"/>
+    <property name="datetimeType" value="datetime" dbms="mssql"/>
 <%_ } _%>
-    <property name="floatType" value="float4" dbms="postgresql, h2"/>
-    <property name="floatType" value="float" dbms="mysql, oracle, mssql, mariadb"/>
-<%_ if (prodDatabaseTypePostgres) { _%>
-    <property name="clobType" value="longvarchar" dbms="h2"/>
-<%_ } else if (reactive) { _%>
-    <property name="clobType" value="varchar(1000000)" dbms="h2"/>
-<%_ } else { _%>
-    <property name="clobType" value="clob" dbms="h2"/>
-<%_ } _%>
-    <property name="clobType" value="clob" dbms="mysql, oracle, mssql, mariadb, postgresql"/>
-<%_ if (prodDatabaseTypeMysql || prodDatabaseTypeMariadb) { _%>
-    <property name="uuidType" value="varchar(36)" dbms="h2, mysql, mariadb"/>
-<%_ } else { _%>
-    <property name="uuidType" value="uuid" dbms="h2, <%= prodDatabaseType %>"/>
-<%_ } _%>
-    <property name="datetimeType" value="datetime(6)" dbms="mysql, mariadb"/>
-    <property name="datetimeType" value="datetime" dbms="oracle, mssql, postgresql, h2"/>
     <include file="config/liquibase/changelog/00000000000000_initial_schema.xml" relativeToChangelogFile="false"/>
     <!-- jhipster-needle-liquibase-add-changelog - JHipster will add liquibase changelogs here -->

package/generators/server/templates/src/main/resources/swagger/api.yml.ejs CHANGED Viewed

@@ -62,8 +62,8 @@ security:
       description: OAuth2 authentication with KeyCloak
       flows:
         authorizationCode:
-          authorizationUrl: http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/auth
-          tokenUrl: http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/token
+          authorizationUrl: http://localhost:9080/realms/jhipster/protocol/openid-connect/auth
+          tokenUrl: http://localhost:9080/realms/jhipster/protocol/openid-connect/token
           scopes:
             jhipster: Jhipster specific claims
             email: Email claims
@@ -71,7 +71,7 @@ security:
     openId:
       type: openIdConnect
       description: OpenID Connect authentication with KeyCloak
-      openIdConnectUrl: http://localhost:9080/auth/realms/jhipster/.well-known/openid-configuration
+      openIdConnectUrl: http://localhost:9080/realms/jhipster/.well-known/openid-configuration
 security:
   - oauth: [jhipster, email, profile]
   - openId: [jhipster, email, profile]