jwt configurable

Author: mathew-jose

deploy/docker/docker-compose.yml

@@ -10,7 +10,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-
 services:
 
   crapi-identity:
@@ -39,6 +38,7 @@ services:
       - [email protected]
       - SMTP_AUTH=true
       - SMTP_STARTTLS=true
+      - JWT_EXPIRATION=604800000
       - ENABLE_LOG4J=${ENABLE_LOG4J:-false}
       - API_GATEWAY_URL=https://api.mypremiumdealership.com
       - TLS_ENABLED=${TLS_ENABLED:-false}
@@ -53,10 +53,10 @@ services:
       mongodb:
         condition: service_healthy
     healthcheck:
-        test: /app/health.sh
-        interval: 15s
-        timeout: 15s
-        retries: 15
+      test: /app/health.sh
+      interval: 15s
+      timeout: 15s
+      retries: 15
     deploy:
       resources:
         limits:
@@ -92,10 +92,10 @@ services:
       crapi-identity:
         condition: service_healthy
     healthcheck:
-        test: /app/health.sh
-        interval: 15s
-        timeout: 15s
-        retries: 15
+      test: /app/health.sh
+      interval: 15s
+      timeout: 15s
+      retries: 15
     deploy:
       resources:
         limits:
@@ -135,10 +135,10 @@ services:
       crapi-community:
         condition: service_healthy
     healthcheck:
-        test: /app/health.sh
-        interval: 15s
-        timeout: 15s
-        retries: 15
+      test: /app/health.sh
+      interval: 15s
+      timeout: 15s
+      retries: 15
     deploy:
       resources:
         limits:
@@ -164,10 +164,10 @@ services:
       crapi-workshop:
         condition: service_healthy
     healthcheck:
-        test: curl 0.0.0.0:80/web/health
-        interval: 15s
-        timeout: 15s
-        retries: 15
+      test: curl 0.0.0.0:80/web/health
+      interval: 15s
+      timeout: 15s
+      retries: 15
     deploy:
       resources:
         limits:
@@ -184,10 +184,10 @@ services:
     #ports:
     #  - "${LISTEN_IP:-127.0.0.1}:5432:5432"
     healthcheck:
-        test: ["CMD-SHELL", "pg_isready"]
-        interval: 15s
-        timeout: 15s
-        retries: 15
+      test: [ "CMD-SHELL", "pg_isready" ]
+      interval: 15s
+      timeout: 15s
+      retries: 15
     volumes:
       - postgresql-data:/var/lib/postgresql/data/
     deploy:
@@ -205,11 +205,11 @@ services:
     #ports:
     #  - "${LISTEN_IP:-127.0.0.1}:27017:27017"
     healthcheck:
-        test: echo 'db.runCommand("ping").ok' | mongo mongodb:27017/test --quiet
-        interval: 15s
-        timeout: 15s
-        retries: 15
-        start_period: 20s
+      test: echo 'db.runCommand("ping").ok' | mongo mongodb:27017/test --quiet
+      interval: 15s
+      timeout: 15s
+      retries: 15
+      start_period: 20s
     volumes:
       - mongodb-data:/data/db
     deploy:
@@ -226,13 +226,13 @@ services:
       MH_MONGO_URI: admin:crapisecretpassword@mongodb:27017
       MH_STORAGE: mongodb
     ports:
-    #  - "127.0.0.1:1025:1025" # smtp server
+      #  - "127.0.0.1:1025:1025" # smtp server
       - "${LISTEN_IP:-127.0.0.1}:8025:8025" # Mail ui
     healthcheck:
-        test: ["CMD", "nc", "-z", "localhost", "8025"]
-        interval: 15s
-        timeout: 15s
-        retries: 15
+      test: [ "CMD", "nc", "-z", "localhost", "8025" ]
+      interval: 15s
+      timeout: 15s
+      retries: 15
     deploy:
       resources:
         limits:
@@ -245,11 +245,11 @@ services:
     #ports:
     #  - "${LISTEN_IP:-127.0.0.1}:8443:443" # https
     healthcheck:
-        test: echo -n "GET / HTTP/1.1\n\n" > /dev/tcp/api.mypremiumdealership.com/443
-        interval: 15s
-        timeout: 15s
-        retries: 15
-        start_period: 15s
+      test: echo -n "GET / HTTP/1.1\n\n" > /dev/tcp/api.mypremiumdealership.com/443
+      interval: 15s
+      timeout: 15s
+      retries: 15
+      start_period: 15s
     deploy:
       resources:
         limits:

deploy/helm/templates/identity/config.yaml

@@ -26,7 +26,8 @@ data:
   SMTP_EMAIL: {{ .Values.identity.config.smtpEmail }}
   SMTP_PASS: {{ .Values.identity.config.smtpPass }}
   SMTP_FROM: {{ .Values.identity.config.smtpFrom }}
-  SMTP_AUTH: {{ .Values.identity.config.smtpAuth | quote }}
+  SMTP_AUTH: {{ .Values.identity.config.smtpAuth | 604800000 }}
+  JWT_EXPIRATION: {{ .Values.identity.config.jwtExpiration | quote }}
   SMTP_STARTTLS: {{ .Values.identity.config.smtpStartTLS | quote }}
   SERVER_PORT: {{ .Values.identity.port | quote }}
   API_GATEWAY_URL: {{ if .Values.apiGatewayServiceInstall }}"https://{{ .Values.apiGatewayService.service.name }}"{{ else }}{{ .Values.apiGatewayServiceUrl }}{{ end }}

deploy/helm/values.yaml

@@ -8,7 +8,7 @@ enableShellInjection: true
 imagePullPolicy: Always
 apiGatewayServiceUrl: https://api.mypremiumdealership.com
 apiGatewayServiceInstall: true
-apiGatewayPassword: 
+apiGatewayPassword:
 tlsEnabled: false
 
 waitForK8sResources:
@@ -73,6 +73,7 @@ identity:
     smtpFrom: "[email protected]"
     smtpAuth: true
     smtpStartTLS: true
+    jwtExpiration: 604800000
     keyStoreType: PKCS12
     keyStore: classpath:certs/server.p12
     keyStorePassword: passw0rd

deploy/k8s/base/identity/config.yaml

@@ -7,7 +7,7 @@ metadata:
 data:
   DB_HOST: postgresdb
   DB_DRIVER: postgresql
-  JWT_SECRET: crapi #Used for creating a JWT. Can be anything 
+  JWT_SECRET: crapi #Used for creating a JWT. Can be anything
   DB_USER: admin
   DB_PASSWORD: crapisecretpassword
   DB_NAME: crapi
@@ -24,5 +24,6 @@ data:
   SMTP_PASS: "xxxxxxxxxxxxxx"
   SMTP_FROM: "[email protected]"
   SMTP_AUTH: "true"
+  JWT_EXPIRATION: "604800000"
   SMTP_STARTTLS: "true"
   SERVER_PORT: "8080"

services/identity/.env

@@ -19,6 +19,7 @@ export [email protected]
 export ENABLE_SHELL_INJECTION=false
 export JWT_SECRET=crapi
 export SMTP_HOST=smtp.example.com
+export JWT_EXPIRATION=604800000
 export API_GATEWAY_URL=https://api.mypremiumdealership.com
 export TLS_ENABLED=false
 export TLS_KEYSTORE_TYPE=PKCS12

services/identity/src/main/resources/application.properties

@@ -15,7 +15,7 @@ spring.jpa.hibernate.ddl-auto=update
 
 
 app.jwksJson=${JWKS}
-app.jwtExpiration=604800000
+app.jwtExpiration=${JWT_EXPIRATION}
 
 #Mail Configuration
 mail.from=${SMTP_FROM}