In this workshop, we will push bootifulApplication to Pivotal Web Services . We will also add OAuth2 to bootifulApplication.

• Java 1.8 SDK

• Spring Tool Suite or IntelliJ or Eclipse

• CF CLI

• Git CLI for Windows or Git from github.com (Optional)

Spring Boot takes an opinionated view of building production-ready Spring applications. Favoring convention over configuration, it is designed to get you up and running as quickly as possible.

Spring Boot features include:

• Creates a stand alone runnable jar file which includes everything required to run it

• Ability to embed Tomcat, Jetty or Undertow making deployment much easier

• Provide an oopinionated starter dependencies to simplify your configuration

• Automatically configures Spring whenever possible

• Provides production ready features such as metrics, health checks and externalized configuration

• No code generation or XML configuration required

Before we deploy to cloud foundry there are a few things that need to occur.

1. If you haven’t already, download the latest release of the Cloud Foundry CLI from CF CLI for your operating system and install it.

2. Sign up on Pivotal Web Services. No credit card needed.

3. In your cli, set the API target for the CLI: (this information will be provided to you in the workshop)

   $ cf login -a api.run.pivotal.io
   

4. Follow the prompts, using the username & password you used to sign up PWS.

5. git clone the bootifulApplication

   $ git clone https://github.com/jennymclaughlin/bootifulApplications	
   

6. Build the application jar file

   $ cd reservation-service
   $ mvn clean package
   

   This creates a self-contained Jar file that includes a tomcat servlet engine and all the necessary resources needed for this application.

7. Push the application using the following command line

   $ cf push reservation --random-route -p target/reservation-service-0.0.1-SNAPSHOT.jar
   

8. Scale the application by changing the number of instances (scale out/in) or memory/disk space (scale up/down).

Spring Boot includes a number of built-in actuator endpoints that enable you to montior and interact with your application. Most endpoints are exposed via HTTP although other methods are available.

The most common endpoints are shown below:

• health - Lists application health information

• beans - Displays a list of all Spring Beans

• info - Displays arbitrary application information

For a list of all of the available endpoints see this link

1. What happens when you go to your application’s /health endpoint in a browser? (e.g. http://<your application URL goes here>/health)

2. What happens when you go to your application’s /docs endpoint?

3. What happens when you go to your application’s /info endpoint?

4. What happens when you go to your application’s /autoconfig endpoint?

5. What happens when you go to your application’s /beans endpoint?

In this section we put Facebook for authentication on bootifulApplication. This will be quite easy if we take advantage of the autoconfiguration features in Spring Boot.

Securing the Application

To make the application secure we need to add Spring Security as a dependency. If we do that the default will be to secure it with HTTP Basic, so since we want to do a "social" login (delegate to Facebook), we add the Spring Security OAuth2 dependency as well:

Add the following dependencies in pom.xml:

<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
	<groupId>org.springframework.security.oauth</groupId>
	<artifactId>spring-security-oauth2</artifactId>
</dependency>

To make the link to Facebook we need an @EnableOAuth2Sso annotation on our main class:

@SpringBootApplication
@EnableOAuth2Sso
public class ReservationServiceApplication {

and some configuration (using application.yml for better readability):

application.yml

security:
  oauth2:
    client:
      clientId: 233668646673605
      clientSecret: 33b17e044ee6a4fa383f46ec6e28ea1d
      accessTokenUri: https://graph.facebook.com/oauth/access_token
      userAuthorizationUri: https://www.facebook.com/dialog/oauth
      tokenName: oauth_token
      authenticationScheme: query
      clientAuthenticationScheme: form
    resource:
      userInfoUri: https://graph.facebook.com/me

The configuration refers to a client app registered with Facebook in their developers site, in which you have to supply a registered redirect (home page) for the app. This one is registered to "localhost:8080" so it only works in an app running on that address.

With that change you can run the app again and visit the page at http://localhost:8080/. you should be redirected to login with Facebook. If you do that, and accept any authorizations you are asked to make, you will be redirected back to the local app and the page will be visible. If you stay logged into Facebook, you won’t have to re-authenticate with this local app, even if you open it in a fresh browser with no cookies and no cached data. (That’s what Single Sign On means.) Be sure to clear your browser cache of cookies and HTTP Basic credentials.