Minor improvements

docker-compose.yml

@@ -15,7 +15,6 @@ services:
       DB_NAME: stock
       DB_USERNAME: selforder
       DB_PASSWORD: self@Order123!
-      ADMIN_ACCESS_TOKEN: token
     ports:
       - "8081:8081"
     restart: always

src/main/kotlin/com/fiap/stock/application/config/JWTSecurityConfig.kt

@@ -2,9 +2,9 @@ package com.fiap.stock.application.config
 
 import io.swagger.v3.oas.annotations.enums.SecuritySchemeType
 import io.swagger.v3.oas.annotations.security.SecurityScheme
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
-import org.springframework.http.HttpMethod
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
 import org.springframework.security.core.authority.SimpleGrantedAuthority
@@ -19,6 +19,7 @@ import org.springframework.security.web.SecurityFilterChain
     bearerFormat = "JWT",
     scheme = "bearer"
 )
+@ConditionalOnProperty(name = ["security.enable"], havingValue = "true", matchIfMissing = true)
 class JWTSecurityConfig {
     @Bean
     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {

src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -1,10 +1,5 @@
 {
   "properties": [
-    {
-      "name": "admin.access-token",
-      "type": "java.lang.String",
-      "description": "Description for admin-access-token."
-    },
     {
       "name": "payment-provider.mock",
       "type": "java.lang.String",
@@ -34,6 +29,11 @@
       "name": "mercadopago.integration.webhookBaseUrl",
       "type": "java.lang.String",
       "description": "Description for mercadopago.integration.webhookBaseUrl."
+    },
+    {
+      "name": "security.enable",
+      "type": "java.lang.String",
+      "description": "Description for security.enable."
     }
   ]
 }

src/main/resources/application-live.yml

@@ -0,0 +1,10 @@
+security:
+  enable: true
+
+spring:
+  security:
+    oauth2:
+      resourceserver:
+        jwt:
+          issuer-uri: ${COGNITO_ISSUER_URI}
+          jwk-set-uri: ${COGNITO_JWK_SET_URI}

src/main/resources/application-local.yml

@@ -0,0 +1,2 @@
+payment-provider:
+  mock: true

src/main/resources/application-test.yml

@@ -1,5 +1,2 @@
-admin:
-  access-token: token
-
 payment-provider:
   mock: true

src/main/resources/application.yml

@@ -17,15 +17,9 @@ spring:
             non_contextual_creation: true
         ddl-auto: validate
         globally_quoted_identifiers: true
-  security:
-    oauth2:
-      resourceserver:
-        jwt:
-          issuer-uri: https://cognito-idp.us-east-1.amazonaws.com/us-east-1_ygM5FRn7D
-          jwk-set-uri: https://cognito-idp.us-east-1.amazonaws.com/us-east-1_ygM5FRn7D/.well-known/jwks.json
-
-admin:
-  access-token: ${ADMIN_ACCESS_TOKEN}
 
 server:
   port: 8081
+
+security:
+  enable: false

src/test/kotlin/com/fiap/stock/application/TestAnnotations.kt

@@ -2,8 +2,10 @@ package com.fiap.stock.application
 
 import com.fiap.stock.application.it.PostgreSQLContainerInitializer
 import org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase
+import org.springframework.boot.test.context.SpringBootTest
 import org.springframework.test.context.ContextConfiguration
 
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
 @ContextConfiguration(initializers = [PostgreSQLContainerInitializer::class])
 @AutoConfigureTestDatabase(replace = AutoConfigureTestDatabase.Replace.NONE)
 @Target(AnnotationTarget.CLASS, AnnotationTarget.FILE)

src/test/kotlin/com/fiap/stock/application/it/IntegrationTest.kt

@@ -6,7 +6,6 @@ import org.junit.jupiter.api.Tag
 import org.springframework.boot.test.context.SpringBootTest
 
 @CucumberContextConfiguration
-@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
 @WithPostgreSQL
 @Tag("IntegrationTest")
 class IntegrationTest

src/test/kotlin/com/fiap/stock/application/it/JWTSecurityTestConfig.kt

@@ -0,0 +1,27 @@
+package com.fiap.stock.application.it
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.web.SecurityFilterChain
+
+@Configuration
+@EnableWebSecurity
+@ConditionalOnProperty(name = ["security.enable"], havingValue = "false")
+class NoOpSecurityConfig {
+
+    @Bean
+    fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
+        http
+            .csrf { csrf ->
+                csrf.disable()
+            }
+            .authorizeHttpRequests { authorize ->
+                authorize.anyRequest().permitAll()
+            }
+
+        return http.build()
+    }
+}

src/test/kotlin/com/fiap/stock/application/it/PostgreSQLContainerInitializer.kt

@@ -12,9 +12,9 @@ class PostgreSQLContainerInitializer :
     companion object {
         private val instance: PostgreSQLContainerInitializer =
             PostgreSQLContainerInitializer()
-                .withDatabaseName("stockdb")
-                .withUsername("stock")
-                .withPassword("stock")
+                .withDatabaseName("database")
+                .withUsername("database")
+                .withPassword("database")
                 .waitingFor(forListeningPort())
     }