npm - generator-jhipster - Versions diffs - 8.4.0 → 8.6.0 - Mend

generator-jhipster 8.4.0 → 8.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (430) hide show

package/dist/generators/server/templates/src/main/java/_package_/config/SecurityConfiguration_imperative.java.ejs CHANGED Viewed

@@ -27,9 +27,6 @@ import static org.springframework.security.web.util.matcher.AntPathRequestMatche
 <%_ } _%>
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-<%_ if (authenticationTypeOauth2) { _%>
-import org.springframework.core.convert.converter.Converter;
-<%_ } _%>
 <%_ if (devDatabaseTypeH2Any) { _%>
 import org.springframework.core.env.Environment;
 import org.springframework.core.env.Profiles;
@@ -70,7 +67,6 @@ import static org.springframework.security.oauth2.core.oidc.StandardClaimNames.P
 import <%= packageName %>.security.oauth2.AudienceValidator;
 import <%= packageName %>.security.SecurityUtils;
-import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
@@ -79,7 +75,6 @@ import org.springframework.security.oauth2.core.OAuth2TokenValidator;
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.oauth2.jwt.*;
-import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.GrantedAuthority;
   <%_ if (!applicationTypeMicroservice) { _%>
@@ -103,9 +98,6 @@ import org.springframework.security.web.authentication.RememberMeServices;
 <%_ if (authenticationUsesCsrf && !applicationTypeMicroservice) { _%>
 import org.springframework.security.web.csrf.*;
 <%_ } _%>
-<%_ if (authenticationTypeOauth2) { _%>
-import <%= packageName %>.security.oauth2.JwtGrantedAuthorityConverter;
-<%_ } _%>
 <%_ if (authenticationTypeJwt) { _%>
 import org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint;
 import org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler;
@@ -292,9 +284,7 @@ public class SecurityConfiguration {
   <%_ } else { _%>
             .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
   <%_ } _%>
-            .oauth2ResourceServer(oauth2 -> oauth2
-                .jwt(jwt -> jwt
-                    .jwtAuthenticationConverter(authenticationConverter())))
+            .oauth2ResourceServer(oauth2 -> oauth2.jwt(withDefaults()))
             .oauth2Client(withDefaults());
 <%_ } _%>
 <%_ if (devDatabaseTypeH2Any) { _%>
@@ -315,13 +305,6 @@ public class SecurityConfiguration {
     }
 <%_ if (authenticationTypeOauth2) { _%>
-    Converter<Jwt, AbstractAuthenticationToken> authenticationConverter() {
-        JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
-        jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(new JwtGrantedAuthorityConverter());
-        jwtAuthenticationConverter.setPrincipalClaimName(PREFERRED_USERNAME);
-        return jwtAuthenticationConverter;
-    }
     OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService() {
         final OidcUserService delegate = new OidcUserService();

package/dist/generators/server/templates/src/main/java/_package_/config/SecurityConfiguration_reactive.java.ejs CHANGED Viewed

@@ -24,9 +24,6 @@ import static org.springframework.security.oauth2.core.oidc.StandardClaimNames.P
 import <%= packageName %>.security.SecurityUtils;
 import <%= packageName %>.security.oauth2.AudienceValidator;
-import <%= packageName %>.security.oauth2.JwtGrantedAuthorityConverter;
-import org.springframework.security.authentication.AbstractAuthenticationToken;
-import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
 import org.springframework.beans.factory.annotation.Value;
 <%_ } _%>
 <%_ if (authenticationUsesCsrf) { _%>
@@ -42,7 +39,6 @@ import <%= packageName %>.web.filter.SpaWebFilter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 <%_ if (authenticationTypeOauth2) { _%>
-import org.springframework.core.convert.converter.Converter;
   <%_ if (!applicationTypeMicroservice) { _%>
 import org.springframework.core.ParameterizedTypeReference;
   <%_ } _%>
@@ -81,7 +77,6 @@ import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
 import org.springframework.security.oauth2.jwt.*;
-import org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter;
 <%_ } _%>
 <%_ if (!authenticationTypeOauth2) { _%>
 import org.springframework.security.authentication.ReactiveAuthenticationManager;
@@ -308,9 +303,7 @@ public class SecurityConfiguration {
             .oauth2Login(oauth2 -> oauth2.authorizationRequestResolver(authorizationRequestResolver(this.clientRegistrationRepository)))
   <%_ } _%>
             .oauth2Client(withDefaults())
-            .oauth2ResourceServer(oauth2 -> oauth2
-                .jwt(jwt -> jwt
-                    .jwtAuthenticationConverter(jwtAuthenticationConverter())));
+            .oauth2ResourceServer(oauth2 -> oauth2.jwt(withDefaults()));
 <%_ } else if (authenticationTypeJwt) { _%>
             .httpBasic(basic -> basic.disable())
             .oauth2ResourceServer(oauth2 -> oauth2.jwt(withDefaults()));
@@ -338,13 +331,6 @@ public class SecurityConfiguration {
     }
   <%_ } _%>
-    Converter<Jwt, Mono<AbstractAuthenticationToken>> jwtAuthenticationConverter() {
-        JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
-        jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(new JwtGrantedAuthorityConverter());
-        jwtAuthenticationConverter.setPrincipalClaimName(PREFERRED_USERNAME);
-        return new ReactiveJwtAuthenticationConverterAdapter(jwtAuthenticationConverter);
-    }
     /**
      * Map authorities from "groups" or "roles" claim in ID Token.
      *

package/dist/generators/server/templates/src/main/java/_package_/config/SecurityJwtConfiguration.java.ejs CHANGED Viewed

@@ -35,11 +35,6 @@ import org.springframework.security.oauth2.jwt.<%= reactive ? 'Reactive' : '' %>
 import org.springframework.security.oauth2.jwt.JwtEncoder;
 import org.springframework.security.oauth2.jwt.Nimbus<%= reactive ? 'Reactive' : '' %>JwtDecoder;
 import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
-import org.springframework.security.oauth2.server.resource.authentication.<%= reactive ? 'Reactive' : '' %>JwtAuthenticationConverter;
-import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
-<%_ if (reactive) { _%>
-import org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtGrantedAuthoritiesConverterAdapter;
-<%_ } _%>
 <%_ if (communicationSpringWebsocket) { %>
 import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver;
 import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver;
@@ -48,7 +43,7 @@ import org.springframework.security.oauth2.server.resource.web.DefaultBearerToke
 @Configuration
 public class SecurityJwtConfiguration {
-    private final Logger log = LoggerFactory.getLogger(SecurityJwtConfiguration.class);
+    private static final Logger log = LoggerFactory.getLogger(SecurityJwtConfiguration.class);
     @Value("${jhipster.security.authentication.jwt.base64-secret}")
     private String jwtKey;
@@ -113,21 +108,6 @@ public class SecurityJwtConfiguration {
         return new NimbusJwtEncoder(new ImmutableSecret<>(getSecretKey()));
     }
-    @Bean
-    public <%= reactive ? 'Reactive' : '' %>JwtAuthenticationConverter jwtAuthenticationConverter() {
-        JwtGrantedAuthoritiesConverter grantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
-        grantedAuthoritiesConverter.setAuthorityPrefix("");
-        grantedAuthoritiesConverter.setAuthoritiesClaimName(AUTHORITIES_KEY);
-        <%= reactive ? 'Reactive' : '' %>JwtAuthenticationConverter jwtAuthenticationConverter = new <%= reactive ? 'Reactive' : '' %>JwtAuthenticationConverter();
-<%_ if (reactive) { %>
-        jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(new ReactiveJwtGrantedAuthoritiesConverterAdapter(grantedAuthoritiesConverter));
-<%_ } else { _%>
-        jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(grantedAuthoritiesConverter);
-<%_ } _%>
-        return jwtAuthenticationConverter;
-    }
 <%_ if (communicationSpringWebsocket) { %>
     @Bean
     public BearerTokenResolver bearerTokenResolver() {

package/dist/generators/server/templates/src/main/java/_package_/config/WebConfigurer.java.ejs CHANGED Viewed

@@ -94,7 +94,7 @@ import java.util.concurrent.TimeUnit;
 @Configuration
 public class WebConfigurer implements <% if (!reactive) { %>ServletContextInitializer<% if (!skipClient) { %>, WebServerFactoryCustomizer<WebServerFactory><% } %><% } %><% if (reactive) { %>WebFluxConfigurer<% } %> {
-    private final Logger log = LoggerFactory.getLogger(WebConfigurer.class);
+    private static final Logger log = LoggerFactory.getLogger(WebConfigurer.class);
 <%_ if (!reactive) { _%>
     private final Environment env;

package/dist/generators/server/templates/src/main/java/_package_/security/DomainUserDetailsService.java.ejs CHANGED Viewed

@@ -51,7 +51,7 @@ import java.util.*;
 @Component("userDetailsService")
 public class DomainUserDetailsService implements <% if (reactive) { %>Reactive<% } %>UserDetailsService {
-    private final Logger log = LoggerFactory.getLogger(DomainUserDetailsService.class);
+    private static final Logger log = LoggerFactory.getLogger(DomainUserDetailsService.class);
     private final UserRepository userRepository;

package/dist/generators/server/templates/src/main/java/_package_/security/PersistentTokenRememberMeServices.java.ejs CHANGED Viewed

@@ -81,7 +81,7 @@ import java.util.*;
 public class PersistentTokenRememberMeServices extends
     AbstractRememberMeServices {
-    private final Logger log = LoggerFactory.getLogger(PersistentTokenRememberMeServices.class);
+    private static final Logger log = LoggerFactory.getLogger(PersistentTokenRememberMeServices.class);
     // Token is valid for one month
     private static final int TOKEN_VALIDITY_DAYS = 31;

package/dist/generators/server/templates/src/main/java/_package_/security/SecurityUtils.java.ejs CHANGED Viewed

@@ -17,6 +17,10 @@
  limitations under the License.
 -%>
 package <%= packageName %>.security;
+<%_ if (generateAuthenticationApi && (authenticationTypeOauth2 || authenticationTypeJwt)) { _%>
+import <%= packageName %>.config.Constants;
+<%_ } _%>
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
@@ -35,23 +39,32 @@ import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
-import java.util.*;
-import java.util.stream.Collectors;
+import java.util.Arrays;
+import java.util.ArrayList;
+import java.util.List;
   <%_ if (reactive) { _%>
 import reactor.core.publisher.Mono;
   <%_ } else { _%>
 import java.util.stream.Stream;
   <%_ } _%>
 <%_ } else { _%>
+import java.util.Arrays;
   <%_ if (reactive) { _%>
 import reactor.core.publisher.Mono;
-import java.util.Arrays;
   <%_ } else { _%>
-import java.util.Arrays;
-import java.util.Optional;
 import java.util.stream.Stream;
   <%_ } _%>
 <%_ } _%>
+<%_ if (authenticationTypeOauth2 || authenticationTypeJwt || !reactive) { _%>
+import java.util.Optional;
+<%_ } _%>
+<%_ if (authenticationTypeOauth2 || authenticationTypeJwt) { _%>
+import org.springframework.security.oauth2.core.oidc.StandardClaimNames;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.stream.Collectors;
+<%_ } _%>
 /**
  * Utility class for Spring Security.
@@ -230,4 +243,51 @@ public final class SecurityUtils {
             .collect(Collectors.toList());
     }
 <%_ } _%>
+<%_ if (generateAuthenticationApi && ((authenticationTypeOauth2 && !syncUserWithIdp) || (authenticationTypeJwt && skipUserManagement))) { _%>
+    public static Map<String, Object> extractDetailsFromTokenAttributes(Map<String, Object> attributes) {
+        Map<String, Object> details = new HashMap<>();
+        details.put("activated", Optional.ofNullable(attributes.get(StandardClaimNames.EMAIL_VERIFIED)).orElse(true));
+        Optional.ofNullable(attributes.get("uid")).ifPresent(id -> details.put("id", id));
+        Optional.ofNullable(attributes.get(StandardClaimNames.FAMILY_NAME)).ifPresent(lastName -> details.put("lastName", lastName));
+        Optional.ofNullable(attributes.get(StandardClaimNames.PICTURE)).ifPresent(imageUrl -> details.put("imageUrl", imageUrl));
+        Optional.ofNullable(attributes.get(StandardClaimNames.GIVEN_NAME)).ifPresentOrElse(
+            firstName -> details.put("firstName", firstName),
+            () -> Optional.ofNullable(attributes.get(StandardClaimNames.NAME)).ifPresent(firstName -> details.put("firstName", firstName))
+        );
+        if (attributes.get(StandardClaimNames.EMAIL) != null) {
+            details.put("email", attributes.get(StandardClaimNames.EMAIL));
+        } else {
+            String sub = String.valueOf(attributes.get(StandardClaimNames.SUB));
+            String preferredUsername = (String) attributes.get(StandardClaimNames.PREFERRED_USERNAME);
+            if (sub.contains("|") && (preferredUsername != null && preferredUsername.contains("@"))) {
+                // special handling for Auth0
+                details.put("email", preferredUsername);
+            } else {
+                details.put("email", sub);
+            }
+        }
+        if (attributes.get("langKey") != null) {
+            details.put("langKey", attributes.get("langKey"));
+        } else if (attributes.get(StandardClaimNames.LOCALE) != null) {
+            // trim off country code if it exists
+            String locale = (String) attributes.get(StandardClaimNames.LOCALE);
+            if (locale.contains("_")) {
+                locale = locale.substring(0, locale.indexOf('_'));
+            } else if (locale.contains("-")) {
+                locale = locale.substring(0, locale.indexOf('-'));
+            }
+            details.put("langKey", locale.toLowerCase());
+        } else {
+            // set langKey to default if not specified by IdP
+            details.put("langKey", Constants.DEFAULT_LANGUAGE);
+        }
+        return details;
+    }
+<%_ } _%>
 }

package/dist/generators/server/templates/src/main/java/_package_/security/oauth2/AudienceValidator.java.ejs CHANGED Viewed

@@ -29,7 +29,7 @@ import org.springframework.util.Assert;
 import java.util.List;
 public class AudienceValidator implements OAuth2TokenValidator<Jwt> {
-    private final Logger log = LoggerFactory.getLogger(AudienceValidator.class);
+    private static final Logger log = LoggerFactory.getLogger(AudienceValidator.class);
     private final OAuth2Error error = new OAuth2Error("invalid_token", "The required audience is missing", null);
     private final List<String> allowedAudience;

package/dist/generators/server/templates/src/main/java/_package_/service/MailService.java.ejs CHANGED Viewed

@@ -56,7 +56,7 @@ _%>
 @Service
 public class MailService {
-    private final Logger log = LoggerFactory.getLogger(MailService.class);
+    private static final Logger log = LoggerFactory.getLogger(MailService.class);
     private static final String USER = "user";

package/dist/generators/server/templates/src/main/java/_package_/service/dto/UserDTO.java.ejs CHANGED Viewed

@@ -23,6 +23,7 @@ import <%= user.entityAbsoluteClass %>;
 <%_ } _%>
 import java.io.Serializable;
+import java.util.Objects;
 <%_ if (user.primaryKey.hasUUID) { _%>
 import java.util.UUID;
 <%_ } _%>
@@ -76,10 +77,43 @@ public class <%= user.dtoClass %> implements Serializable {
     public String get<%= field.propertyJavaBeanName %>() {
         return <%= field.fieldName %>;
     }
     public void set<%= field.propertyJavaBeanName %>(String <%= field.fieldName %>) {
         this.<%= field.fieldName %> = <%= field.fieldName %>;
     }
+<%_ } _%>
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        <%= user.dtoClass %> userDTO = (<%= user.dtoClass %>) o;
+        if (userDTO.getId() == null || getId() == null) {
+            return false;
+        }
+        return Objects.equals(getId(), userDTO.getId()) &&
+<%_ for (field of user.fields.filter(field => !field.builtIn && field.relatedByOtherEntity)) { _%>
+            Objects.equals(get<%= field.propertyJavaBeanName %>(), userDTO.get<%= field.propertyJavaBeanName %>()) &&
+<%_ } _%>
+            Objects.equals(getLogin(), userDTO.getLogin());
+    }
+    @Override
+    public int hashCode() {
+        return Objects.hash(
+            getId(),
+<%_ for (const { propertyJavaBeanName } of user.fields.filter(field => !field.builtIn && field.relatedByOtherEntity)) { _%>
+          get<%= field.propertyJavaBeanName %>(),
 <%_ } _%>
+            getLogin()
+        );
+    }
     // prettier-ignore
     @Override

package/dist/generators/server/templates/src/main/java/_package_/service/mapper/UserMapper.java.ejs CHANGED Viewed

@@ -84,14 +84,19 @@ public class UserMapper {
             user.setEmail(userDTO.getEmail());
 <%_ if (!databaseTypeCassandra) { _%>
             user.setImageUrl(userDTO.getImageUrl());
+<%_ } _%>
+<%_ if (generateSpringAuditor) { _%>
+            user.setCreatedBy(userDTO.getCreatedBy());
+            user.setCreatedDate(userDTO.getCreatedDate());
+            user.setLastModifiedBy(userDTO.getLastModifiedBy());
+            user.setLastModifiedDate(userDTO.getLastModifiedDate());
 <%_ } _%>
             user.setActivated(userDTO.isActivated());
             user.setLangKey(userDTO.getLangKey());
 <%_ if (databaseTypeSql || databaseTypeMongodb || databaseTypeNeo4j) { _%>
             Set<Authority> authorities = this.authoritiesFromStrings(userDTO.getAuthorities());
             user.setAuthorities(authorities);
-<%_ } _%>
-<%_ if (databaseTypeCassandra || databaseTypeCouchbase) { _%>
+<%_ } else { _%>
             Set<String> authorities = this.cleanNullStringAuthorities(userDTO.getAuthorities());
             user.setAuthorities(authorities);
 <%_ } _%>
@@ -114,8 +119,7 @@ public class UserMapper {
         return authorities;
     }
-<%_ } _%>
-<%_ if (databaseTypeCassandra || databaseTypeCouchbase) { _%>
+<%_ } else { _%>
     private Set<String> cleanNullStringAuthorities(Set<String> authoritiesAsString) {
         Set<String> authorities = new HashSet<>();

package/dist/generators/server/templates/src/main/java/_package_/web/rest/AccountResource.java.ejs CHANGED Viewed

@@ -74,7 +74,7 @@ public class AccountResource {
         }
     }
-    private final Logger log = LoggerFactory.getLogger(AccountResource.class);
+    private static final Logger log = LoggerFactory.getLogger(AccountResource.class);
     private final UserRepository userRepository;

package/dist/generators/server/templates/src/main/java/_package_/web/rest/AccountResource_oauth2.java.ejs CHANGED Viewed

@@ -55,7 +55,7 @@ public class AccountResource {
         }
     }
-    private final Logger log = LoggerFactory.getLogger(AccountResource.class);
+    private static final Logger log = LoggerFactory.getLogger(AccountResource.class);
     private final UserService userService;

package/dist/generators/server/templates/src/main/java/_package_/web/rest/AccountResource_skipUserManagement.java.ejs CHANGED Viewed

@@ -18,6 +18,11 @@
 -%>
 package <%= packageName %>.web.rest;
+import <%= packageName %>.security.SecurityUtils;
+<%_ if (generateBuiltInAuthorityEntity) { _%>
+import <%= packageName %>.domain.Authority;
+<%_ } _%>
 <%_ if (reactive) { _%>
 import reactor.core.publisher.Mono;
 <%_ } else { _%>
@@ -47,7 +52,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
   <%_ } _%>
 <%_ } _%>
-import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonAnyGetter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.core.GrantedAuthority;
@@ -55,6 +60,7 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
@@ -62,7 +68,7 @@ import java.util.stream.Collectors;
 @RequestMapping("/api")
 public class AccountResource {
-    private final Logger log = LoggerFactory.getLogger(AccountResource.class);
+    private static final Logger log = LoggerFactory.getLogger(AccountResource.class);
     private static class AccountResourceException extends RuntimeException {
 <%_ if (authenticationTypeOauth2 || authenticationTypeJwt) { _%>
@@ -157,12 +163,21 @@ public class AccountResource {
     private static class UserVM {
         private String login;
+<%_ if (generateBuiltInAuthorityEntity) { _%>
+        private Set<Authority> authorities;
+<%_ } else { _%>
         private Set<String> authorities;
+<%_ } _%>
+<%_ if (authenticationTypeOauth2 || authenticationTypeJwt) { _%>
+        private Map<String, Object> details;
+<%_ } _%>
-        @JsonCreator
-        UserVM(String login, Set<String> authorities) {
+        UserVM(String login, Set<String> authorities<% if (authenticationTypeOauth2 || authenticationTypeJwt) { %>, Map<String, Object> details<% } %>) {
             this.login = login;
             this.authorities = authorities;
+<%_ if (authenticationTypeOauth2 || authenticationTypeJwt) { _%>
+            this.details = details;
+<%_ } _%>
         }
         public boolean isActivated() {
@@ -176,22 +191,41 @@ public class AccountResource {
         public String getLogin() {
             return login;
         }
+<%_ if (authenticationTypeOauth2 || authenticationTypeJwt) { _%>
+        @JsonAnyGetter
+        public Map<String, Object> getDetails() {
+            return details;
+        }
+<%_ } _%>
     }
 <%_ if (authenticationTypeOauth2 || authenticationTypeJwt) { _%>
-    private UserVM getUserFromAuthentication(AbstractAuthenticationToken authToken) {
-        if (
+    private static UserVM getUserFromAuthentication(AbstractAuthenticationToken authToken) {
+        Map<String, Object> attributes;
+        if (authToken instanceof JwtAuthenticationToken) {
+            attributes = ((JwtAuthenticationToken) authToken).getTokenAttributes();
   <%_ if (authenticationTypeOauth2) { _%>
-            !(authToken instanceof OAuth2AuthenticationToken) &&
+        } else if (authToken instanceof OAuth2AuthenticationToken) {
+            attributes = ((OAuth2AuthenticationToken) authToken).getPrincipal().getAttributes();
   <%_ } _%>
-            !(authToken instanceof JwtAuthenticationToken)
-        ) {
+        } else {
             throw new IllegalArgumentException("AuthenticationToken is not OAuth2 or JWT!");
         }
         return new UserVM(
             authToken.getName(),
-            authToken.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toSet())
+            authToken.getAuthorities().stream()
+                .map(GrantedAuthority::getAuthority)
+  <%_ if (generateBuiltInAuthorityEntity) { _%>
+                .map(authority -> {
+                    Authority auth = new Authority();
+                    auth.setName(authority);
+                    return auth;
+                })
+  <%_ } _%>
+                .collect(Collectors.toSet()),
+            SecurityUtils.extractDetailsFromTokenAttributes(attributes)
         );
     }
 <%_ } _%>

package/dist/generators/server/templates/src/main/java/_package_/web/rest/AuthenticateController.java.ejs CHANGED Viewed

@@ -61,7 +61,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
 @RequestMapping("/api")
 public class AuthenticateController {
-    private final Logger log = LoggerFactory.getLogger(AuthenticateController.class);
+    private static final Logger log = LoggerFactory.getLogger(AuthenticateController.class);
     private final JwtEncoder jwtEncoder;

package/dist/generators/server/templates/src/main/resources/config/application-dev.yml.ejs CHANGED Viewed

@@ -111,7 +111,7 @@ spring:
         prefer-ip-address: true
         tags:
           - profile=${spring.profiles.active}
-          - version=#project.version#
+          - version='@project.version@'
           - git-version=${git.commit.id.describe:}
           - git-commit=${git.commit.id.abbrev:}
           - git-branch=${git.branch:}

package/dist/generators/server/templates/src/main/resources/config/application.yml.ejs CHANGED Viewed

@@ -63,7 +63,7 @@ eureka:
     metadata-map:
       zone: primary # This is needed for the load balancer
       profile: ${spring.profiles.active}
-      version: #project.version#
+      version: '@project.version@'
       git-version: ${git.commit.id.describe:}
       git-commit: ${git.commit.id.abbrev:}
       git-branch: ${git.branch:}
@@ -188,6 +188,22 @@ spring:
           enabled: false
   <%_ } _%>
   <%_ if (applicationTypeGateway) { _%>
+    <%_ if (!serviceDiscoveryAny) { _%>
+    discovery:
+      client:
+        simple:
+          instances:
+            <%= lowercaseBaseName %>:
+              - instanceId: <%= lowercaseBaseName %>1
+                host: localhost
+                port: <%= serverPort %>
+      <%_ for (const ms of gatewayRoutes ?? []) { _%>
+            <%= ms.route %>:
+              - instanceId: <%= ms.route %>1
+                host: <%= ms.host %>
+                port: <%= ms.serverPort %>
+      <%_ } _%>
+    <%_ } _%>
     gateway:
     <%_ if (reactive) { _%>
       default-filters:
@@ -212,11 +228,22 @@ spring:
       mvc:
         routes:
           - id: <%= lowercaseBaseName %>_route
-            uri: lb://<%= lowercaseBaseName %>:<%= serverPort %>
+            uri: lb://<%= lowercaseBaseName %>
             predicates:
               - Path=/services/<%= lowercaseBaseName %>/**
             filters:
-              - RewritePath=/services/<%= lowercaseBaseName %>/?(?<segment>.*), /$\{segment}
+              - StripPrefix=2
+      <%_ for (const ms of gatewayRoutes ?? []) { _%>
+          - id: <%= ms.route %>_route
+            uri: lb://<%= ms.route %>
+            predicates:
+              - Path=/services/<%= ms.route %>/**
+            filters:
+              - StripPrefix=2
+        <%_ if (authenticationTypeOauth2) { _%>
+              - TokenRelay
+        <%_ } _%>
+      <%_ } _%>
     <%_ } _%>
   <%_ } _%>
   <%_ if (messageBrokerKafka) { _%>
@@ -308,14 +335,43 @@ spring:
   <% if (reactive) { %>webflux<% } else { %>mvc<% } %>:
     problemdetails:
       enabled: true
-<%_ if (generateInMemoryUserCredentials) { _%>
+<%_ if (generateInMemoryUserCredentials || authenticationTypeOauth2 || authenticationTypeJwt) { _%>
   security:
+  <%_ if (generateInMemoryUserCredentials) { _%>
     user:
       name: admin
       password: admin
       roles:
         - ADMIN
         - USER
+  <%_ } _%>
+  <%_ if (authenticationTypeOauth2) { _%>
+    oauth2:
+      client:
+        provider:
+          oidc:
+            issuer-uri: http://localhost:9080/realms/jhipster
+        registration:
+          oidc:
+    <%_ if (applicationTypeMicroservice) { _%>
+            client-id: internal
+            client-secret: internal
+    <%_ } else { _%>
+            client-id: web_app
+            client-secret: web_app
+    <%_ } _%>
+            scope: openid, profile, email, offline_access # last one for refresh tokens
+      resourceserver:
+        jwt:
+          principal-claim-name: preferred_username
+  <%_ } _%>
+  <%_ if (authenticationTypeJwt) { _%>
+    oauth2:
+      resourceserver:
+        jwt:
+          authority-prefix: ''
+          authorities-claim-name: auth
+  <%_ } _%>
 <%_ } _%>
   task:
     execution:
@@ -333,24 +389,6 @@ spring:
   output:
     ansi:
       console-available: true
-<%_ if (authenticationTypeOauth2) { _%>
-  security:
-    oauth2:
-      client:
-        provider:
-          oidc:
-            issuer-uri: http://localhost:9080/realms/jhipster
-        registration:
-          oidc:
-  <%_ if (applicationTypeMicroservice) { _%>
-            client-id: internal
-            client-secret: internal
-  <%_ } else { _%>
-            client-id: web_app
-            client-secret: web_app
-  <%_ } _%>
-            scope: openid, profile, email, offline_access # last one for refresh tokens
-<%_ } _%>
 server:
   servlet: