📒
openid-connect-workshop
  • Introduction
  • Introduction
    • Requirements and Setup
    • Sample Application Architecture
  • Intro Labs
    • Authorization Grant Flows in Action
    • Authorization Code Grant Demo
    • GitHub Client
  • Hands-On Labs
    • Resource Server
    • Client (Authorization Code Flow)
    • Client (Client Credentials Flow)
    • Testing JWT Auth&Authz
    • JWT Testing Server
    • SPA Client (Authz Code with PKCE)
  • Bonus Labs​
    • Multi-Tenant Resource Server
    • Micronaut
    • Quarkus
    • Keycloak Testcontainers
Powered by GitBook
On this page
  • Application Components
  • Tech Stack
  • Server Architecture
  • Server Layers
  • REST API
  • Server Users and roles
  • Provided Server application
  • Client Architecture
  • Client Layers
  • Client Users and Roles
  • Provided Client application

Was this helpful?

  1. Introduction

Sample Application Architecture

PreviousRequirements and SetupNextAuthorization Grant Flows in Action

Last updated 4 years ago

Was this helpful?

For the hands-on workshop labs you will be provided a complete spring mvc web server application together with a corresponding spring mvc thymeleaf web client app.

Table of Contents

Application Components

The server application provides a RESTful service for administering books and users (a very lightweight books library).

Use cases of this application are:

  • Administer books (Creating/editing/deleting books)

  • List available books

  • Borrow a book

  • Return a borrowed book

  • Administer library users

Tech Stack

The following figure shows a typical Microservice technology stack implemented by various Spring projects.

Server Architecture

The RESTful service for books and users is build using the Spring MVC annotation model and Spring HATEOAS.

The server application is already secured by basic authentication and also includes authorization using static roles.

Server Layers

The domain model of the server application is quite simple and just consists of Book and User models. The packages of the application are organized according to the different application layers:

  • api: Contains the complete RESTful service

  • business: The service classes (quite simple for workshop, usually these contain the business logic)

  • dataaccess: All domain models and repositories

In addition there more packages with supporting functions:

  • common: Classes that are reused in multiple other packages

  • config: All spring configuration classes

  • security: All security relevant classes, e.g. a UserDetailsService implementation

REST API

Server Users and roles

There are three target user roles for this application:

  • LIBRARY_USER: Standard library user who can list, borrow and return his currently borrowed books

  • LIBRARY_CURATOR: A curator user who can add, edit or delete books

  • LIBRARY_ADMIN: An administrator user who can list, add or remove users

Important: We will use the following users in all subsequent labs from now on:

Username

Email

Password

Role

bwayne

bruce.wayne@example.com

wayne

LIBRARY_USER

bbanner

bruce.banner@example.com

banner

LIBRARY_USER

pparker

peter.parker@example.com

parker

LIBRARY_CURATOR

ckent

clark.kent@example.com

kent

LIBRARY_ADMIN

These users are configured for basic authentication and also later for authenticating using keycloak.

Provided Server application

Client Architecture

The client is able to fulfill most of the provided uses cases by the server application like:

  • View all available books in a list

  • Borrow available books

  • Return my borrowed books

  • Create new books

All action buttons are visible depending on user authorizations, e.g. only users with LIBRARY_USER role can see the Borrow and Return buttons. The Return

Client Layers

The domain model of the client application is quite simple and just consists of Book and User models. The packages of the application are organized according to the different application layers:

  • web: Contains the complete spring web mvc layer with all required client side resources

In addition there is one more package with supporting functions:

  • config: All spring configuration classes

In resources/templates you find all thymeleaf html templates. These templates use the bootstrap framework that resides in resources/static folder.

Client Users and Roles

There are three target user roles for this client application:

  • LIBRARY_USER: Standard library user who can list, borrow and return his currently borrowed books

  • LIBRARY_CURATOR: A curator user who can add, edit or delete books

  • LIBRARY_ADMIN: An administrator user who can list, add or remove users

Username

Email

Password

Role

bwayne

bruce.wayne@example.com

wayne

LIBRARY_USER

bbanner

bruce.banner@example.com

banner

LIBRARY_USER

pparker

peter.parker@example.com

parker

LIBRARY_CURATOR

ckent

clark.kent@example.com

kent

LIBRARY_ADMIN

Provided Client application

The demo client and server application both are build using the programming language and utilizing the .

The application also contains a complete documentation for the RESTful API that is automatically generated with spring rest docs. You can find this in the directory 'build/asciidoc/html5' after performing a full gradle build or online here: .

To call the provided REST API you can use curl or httpie. For details on how to call the REST API please consult the which also provides sample requests for curl and httpie.

You can find the provided initial server application beneath the as .

You can find the provided initial client application beneath the as .

Java
Spring Framework
REST API documentation
REST API documentation
lab 1 folder
library-server-initial
lab 2 folder
library-client-initial
Application Component View
Technology Stack
Server Architecture
REST Api
Server Layers
Users and Roles
Provided application
Client Architecture
Client Layers
Users and Roles
Provided application
Workshop Architecture
Workshop Tech Stack
Library Client