diff --git a/.editorconfig b/.editorconfig index 2e9c5f2..3939136 100644 --- a/.editorconfig +++ b/.editorconfig @@ -14,7 +14,7 @@ max_line_length = 1024 indent_size = 2 tab_width = 2 -[*.cer] +[*.{cer,pem}] max_line_length = 64 insert_final_newline = false diff --git a/README.md b/README.md index 487d068..47abfcd 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,7 @@ Classes and endpoints, to shape and to steer, Devices and sensors, their purpose | server.ssl.key-store | * | HTTP Keystore | | server.ssl.key-store-type | * | HTTP Cert Type | | server.ssl.key-store-password | ** | HTTP Cert Pass | +| jwt.public-key | * | JWT public key | Required: * can be stored as text, and ** need to be stored as secret. @@ -34,14 +35,18 @@ Run `release.sh` script from `master` branch. 3. Generate Keystores ```shell - keytool -genkeypair -alias device-api -keyalg RSA -keysize 2048 -validity 3650 -dname "CN=deviceapi" -keypass password -keystore ./certs/keystore.p12 -storetype PKCS12 -storepass password + keytool -genkeypair -alias device-api -keyalg RSA -keysize 2048 -validity 3650 -dname "CN=deviceapi" -keypass password -keystore ./cert/keystore.p12 -storetype PKCS12 -storepass password ``` 4. Export the public certificate ```shell - keytool -export -alias device-api -keystore ./certs/keystore.p12 -storepass password -file ./certs/device-api.cer -rfc + keytool -export -alias device-api -keystore ./cert/keystore.p12 -storepass password -file ./cert/device-api.cer -rfc ``` +### Public RSA Key + +To validate devices, copy file named `public_key.pem` from `./cert` generated for local development in **Hlæja Device Register** in to `./cert`. + ### Global gradle properties To authenticate with Gradle to access repositories that require authentication, you can set your user and token in the `gradle.properties` file. diff --git a/build.gradle.kts b/build.gradle.kts index 53dbc08..8faa5f8 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -7,11 +7,15 @@ plugins { } dependencies { + implementation(hlaeja.jjwt.api) implementation(hlaeja.kotlin.reflect) implementation(hlaeja.kotlinx.coroutines) implementation(hlaeja.org.springframework.springboot.actuator.starter) implementation(hlaeja.org.springframework.springboot.webflux.starter) + runtimeOnly(hlaeja.jjwt.impl) + runtimeOnly(hlaeja.jjwt.jackson) + testImplementation(hlaeja.io.mockk) testImplementation(hlaeja.io.projectreactor.reactor.test) testImplementation(hlaeja.kotlin.test.junit5) @@ -25,7 +29,7 @@ group = "ltd.hlaeja" tasks { named("processResources") { - dependsOn("copyKeystore") + dependsOn("copyKeystore", "copyPublicKey") } register("copyKeystore") { group = "hlaeja" @@ -33,4 +37,10 @@ tasks { into("${layout.buildDirectory.get()}/resources/main/cert") onlyIf { file("cert/keystore.p12").exists() } } + register("copyPublicKey") { + group = "hlaeja" + from("cert/public_key.pem") + into("${layout.buildDirectory.get()}/resources/main/cert") + onlyIf { file("cert/public_key.pem").exists() } + } } diff --git a/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/src/main/resources/META-INF/additional-spring-configuration-metadata.json index 26fe8e1..706d620 100644 --- a/src/main/resources/META-INF/additional-spring-configuration-metadata.json +++ b/src/main/resources/META-INF/additional-spring-configuration-metadata.json @@ -19,6 +19,11 @@ "name": "spring.application.build.os.version", "type": "java.lang.String", "description": "Application build os version." + }, + { + "name": "jwt.public-key", + "type": "java.lang.String", + "description": "Jwt public key file." } ] } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 7dad9d0..ec3fc2e 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -10,6 +10,9 @@ spring: name: "%APP_BUILD_OS_NAME%" version: "%APP_BUILD_OS_VERSION%" +jwt: + public-key: cert/public_key.pem + --- ############################### ### Development environment ###