Authentication Component

The Scava Authentication service:

Authentication API

The Authentication server is a component of The Scava platform which manages the authentication for all services accessible behind the API Gateway.

Authenticate UserPOST/api/authentication
Login as a registered user.
### JSON Web Tokens (JWT) JSON Web Token (JWT) is an open industry standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. It consists of three parts separated by dots (.), which are: * Header * Payload * Signature This solution uses a secure token that holds the information that we want to transmit and other information about our token, basically the user’s **login name** and **authorities**. (Find more about JWT: https://jwt.io/). ### JWT Authentication Implementation * Users have to login to the authentication service API using their credentials username and password.
curl -i -X POST -H "Content-Type:application/json" http://localhost:8086/api/authentication -d '{"username":"admin", "password": "admin"}'
* Once the user is authenticated, he will get a JWT token in the HTTP Response Authorization Header. Screenshot_from_2018_07_17_16_55_23 * The generated token will be used by injecting it inside the HTTP Request Authorization Header to get access to the different Scava's components behind the API Gateway.
curl -i -X GET -H "Content-Type:application/json" -H "Authorization:Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImF1dGhvcml0aWVzIjpbIlJPTEVfQURNSU4iLCJST0xFX1BST0pFQ1RfTUFOQUdFUiIsIlJPTEVfVVNFUiJdLCJpYXQiOjE1MzE4OTk3NDMsImV4cCI6MTUzMTk4NjE0M30.l-iCJcnae-1mlhMb3_y09HM4HZYFaHxe_JctWi2FRUY" http://localhost:8086/api/users
Screenshot_from_2018_07_17_17_43_49 ## User Management API The Authentication component provides web services for CRUD user account.
Register UserPOST/api/register
Register new user.
Activate UserGET/api/activate
Activate the registered user.
Update UserPUT/api/users
Update an existing user.
Retrieve UsersGET/api/users
Get all registered users.
Retrieve Login UserGET/api/users/{login}
Get the "login" user.
Delete UserDELETE/api/users/{login}
Delete the "login" user.

Authentication Server Configuration

The Authentication server parametrize inside an external property file (application.properties) placed in the same execution directory of the Authentication component.

Server Configuration

id : server.portdefault : 8085
Port of the Authentication API server. Each REST request sent to the gateway must be adressed to this port.

JWT Security Configuration

id : apigateway.security.jwt.secretdefault : NA
Private key pair which allow to sign jwt tokens using RSA.

Default ADMIN configuration

Property Description Default Value
scava.administration.username The administrator username admin
scava.administration.password The administrator password admin
scava.administration.admin-role The admin role ADMIN
scava.administration.project-manager-role The project manager role PROJECT_MANAGER
scava.administration.project-user-role The user role USER

Mongodb Database Configuration

Property Description Default Value
spring.data.mongodb.uri Url of the MongoDB database server mongodb://localhost:27017
spring.data.mongodb.database Name of the MongoDB database scava

Mail Server configuration

In order to register new users, you have to configure a mail server.

Property Description Default Value
spring.mail.host Url of the mail service smtp.gmail.com
spring.mail.port Port of the mail service 587
spring.mail.username Login of the mail account
spring.mail.password Password of the mail account
spring.mail.protocol mail protocole smtp
spring.mail.tls - true
spring.mail.properties.mail.smtp.auth - true
spring.mail.properties.mail.smtp.starttls.enable - true
spring.mail.properties.mail.smtp.ssl.trust= - smtp.gmail.com

Administration Dashboard Setting

id : scava.administration.base-urldefault : http://localhost:4200
The SCAVA administration base URL to generate the activation account URL.

Packaging From Sources

Maven Packaging

mvn -Pprod install

Authentication Server Execution

  1. complete an put the "application.properties" configuration file in the execution directory.
  2. Execute the scava-auth-service-1.0.0.jar Jar.
java -jar scava-auth-service-1.0.0.jar