Enable Docker and Local Development Environment

.gitignore

@@ -1,5 +1,9 @@
 *~
 /.gradle/
 /.idea/
+/*/.idea/
 /.micronaut/
 /build/
+AuthGenHash/bin
+setenv.sh
+/UnityAuth/bin/

AuthGenHash/.sdkmanrc

@@ -0,0 +1,3 @@
+# Enable auto-env through the sdkman_auto_env config
+# Add key=value pairs of SDKs to use below
+java=21.0.4-tem

AuthGenHash/build.gradle

@@ -1,6 +1,8 @@
 plugins {
-    id("com.github.johnrengelman.shadow") version "8.1.1"
-    id("io.micronaut.application") version "4.2.1"
+  id("com.gradleup.shadow") version "${shadowVersion}"
+  id("io.micronaut.application") version "${micronautPluginVersion}"
+  id("io.micronaut.test-resources") version "${micronautPluginVersion}"
+  id("io.micronaut.aot") version "${micronautPluginVersion}"
 }
 
 version = "0.1"
@@ -27,8 +29,8 @@ application {
     mainClass.set("io.unityfoundation.auth.AuthGenHashCommand")
 }
 java {
-    sourceCompatibility = JavaVersion.toVersion("17")
-    targetCompatibility = JavaVersion.toVersion("17")
+    sourceCompatibility = JavaVersion.toVersion("21")
+    targetCompatibility = JavaVersion.toVersion("21")
 }
 
 

AuthGenHash/gradle.properties

@@ -1 +1,6 @@
-micronautVersion=4.2.4
+# Java
+javaVersion=21
+# Micronaut
+micronautVersion=4.8.2
+micronautPluginVersion=4.5.3
+shadowVersion=8.3.6

AuthGenHash/gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

AuthGenHash/settings.gradle

@@ -1 +1 @@
-rootProject.name="AuthGenHash"
+rootProject.name="AuthGenHash"

DockerfileFrontend-dev

@@ -0,0 +1,10 @@
+FROM node:24
+
+COPY frontend frontend
+WORKDIR frontend
+RUN npm install
+
+EXPOSE 3000
+
+# Start the app in development mode
+ENTRYPOINT ["npm", "run", "dev"]

FrontendDockerfile → DockerfileFrontend-prod

@@ -1,11 +1,11 @@
 # Build the frontend and serve with nginx
-FROM node:18
+FROM node:24 AS builder
 
 COPY frontend frontend
 WORKDIR frontend
 RUN npm install && npm run build
 
 FROM nginx:1.24.0-alpine
 
-COPY --from=0 /frontend/build /usr/share/nginx/html
+COPY --from=builder /frontend/build /usr/share/nginx/html
 COPY nginx-default.conf /etc/nginx/conf.d/default.conf

Makefile

@@ -0,0 +1,11 @@
+compose_api:
+	docker network create unity-network > /dev/null 2>&1 || true
+	docker compose -f ./docker-compose.local.yml up unity-auth-db unity-auth-api
+
+compose_ui:
+	docker network create unity-network > /dev/null 2>&1 || true
+	docker compose -f ./docker-compose.local.yml up unity-auth-db unity-auth-ui
+
+compose_all:
+	docker network create unity-network > /dev/null 2>&1 || true
+	docker compose -f ./docker-compose.local.yml up

README.md

@@ -0,0 +1,202 @@
+# UnityAuth
+
+UnityAuth is a comprehensive authentication and authorization service built with modern
+microservices architecture. It provides JWT-based authentication, user management, and
+a web-based administration interface.
+
+## QuickStart
+
+### Local Environment
+From the project root, copy `setenv.sh.example` into `setenv.sh` and update the correct
+environment variable values.
+* If used together with Libre311 project
+(https://github.com/UnityFoundation-io/Libre311.git), `LIBRE311_UI_BASE_URL` must be updated
+to base URL of Libre311 UI.
+* If use a local database, also update the `DATASOURCES_DEFAULT_*` environment variables
+  for the corresponding database.
+
+Run the UnityAuth API with:
+```shell
+source setenv.sh
+cd UnityAuth
+./gradlew run
+```
+
+Run the UnityAuth UI in another terminal windows:
+```shell
+source setenv.sh
+cd frontend
+npm install
+npm run dev
+```
+
+### Docker Environment
+To launch the auth service, you can use the docker compose from the project root:
+
+```sh
+docker compose -f docker-compose.local.yml up
+```
+
+This will start containers for the UnityAuth API, UI and database server with service
+names `unity-auth-api`, `unity-auth-ui`, and `unity-auth-db`, respectively.
+
+- **UnityAuth API** on http://localhost:9090 (inside Docker http://unity-auth-api:9090)
+- **UnityAuth UI** on http://localhost:3001 (inside Docker http://unity-auth-ui:3000)
+- **MySQL Database** is open on port `13306` in `localhost` (within Docker is port `3306`
+  with host name `unity-auth-db`)
+
+#### Hosts File Updates
+
+When using Docker environment, add these to your `/etc/hosts` file
+for consistent internal-external service name resolution:
+
+```txt
+127.0.0.1 unity-auth-api
+127.0.0.1 unity-auth-ui
+```
+
+You can log in with these accounts.
+**Password for all the following accounts is `test`**
+
+- **Unity Administrator** `[email protected]`
+- **Tenant Administrator** `[email protected]`
+- **Libre311 Administrator** `[email protected]`
+- **Libre311 Request Manager** `[email protected]`
+- **Libre311 Jurisdiction Administrator** `[email protected]`
+- **Libre311 Jurisdiction Request Manager** `[email protected]`
+- **STL Sub-tenant Administrator** `[email protected]`
+
+## Project Structure
+
+This repository contains three main subprojects:
+
+### 1. UnityAuth (Main Service)
+
+**Location:** `/UnityAuth/`
+**Technology:** Java 21 + Micronaut Framework
+
+The core authentication service that provides:
+
+- JWT token generation and validation
+- User authentication and authorization
+- RESTful API endpoints for authentication operations
+- Database integration with MySQL
+- JWK (JSON Web Key) management for token signing
+- Flyway database migrations
+
+**Key Features:**
+
+- Micronaut-based microservice architecture
+- JWT security with configurable key rotation
+- BCrypt password hashing
+- Database connection pooling with HikariCP
+- Reactive programming support with Reactor
+
+### 2. AuthGenHash (Utility Tool)
+
+**Location:** `/AuthGenHash/`
+**Technology:** Java 17 + Micronaut + PicoCLI
+
+A command-line utility for generating secure password hashes compatible with the UnityAuth service.
+
+**Purpose:**
+
+- Generate BCrypt password hashes for administrative users
+- Secure password handling (interactive mode prevents history logging)
+- Standalone tool for initial system setup and user management
+
+### 3. Frontend (Web Administration Interface)
+
+**Location:** `/frontend/`
+**Technology:** SvelteKit + TypeScript + Tailwind CSS
+
+A modern web application providing administrative interface for the UnityAuth service.
+
+**Features:**
+
+- User authentication and session management
+- User administration and management
+- Tenant management capabilities
+- Settings configuration
+- Responsive design with Tailwind CSS
+- TypeScript for type safety
+- Comprehensive testing with Playwright and Vitest
+
+**Key Technologies:**
+
+- SvelteKit for the web framework
+- TypeScript for type safety
+- Tailwind CSS for styling
+- Playwright for end-to-end testing
+- Vitest for unit testing
+- ESLint and Prettier for code quality
+
+## Architecture Overview
+
+The system follows a microservices architecture:
+
+1. **Database Layer:** MySQL database for persistent storage
+2. **API Layer:** UnityAuth service provides REST APIs
+3. **Frontend Layer:** SvelteKit web application
+4. **Utility Layer:** AuthGenHash for administrative tasks
+
+## Client Integration
+
+To integrate with the UnityAuth service, add this configuration to your client application's `application.yaml`:
+
+```yaml
+security:
+  enabled: true
+  token:
+    enabled: true
+    jwt:
+      enabled: true
+      signatures:
+        jwks:
+          unity:
+            url: ${AUTH_JWKS:`http://localhost:8081/keys`}
+```
+
+## Security Configuration
+
+The service uses JSON Web Keys (JWK) for token signing. To generate primary and secondary keys:
+
+1. Visit <https://mkjwk.org/>
+2. Generate JSON Web Keys
+3. Set environment variables:
+   - `JWK_PRIMARY`: Primary signing key
+   - `JWK_SECONDARY`: Secondary signing key for rotation
+
+## Development Environment
+
+### Prerequisites
+
+- Java 17 or higher
+- Node.js 18 or higher
+- Docker and Docker Compose
+- MySQL 8.0 (if running locally)
+
+### Individual Service Development
+
+#### UnityAuth Service
+
+```bash
+cd UnityAuth
+./gradlew run
+```
+
+#### Frontend Development
+
+```bash
+cd frontend
+npm install
+npm run dev
+```
+
+#### AuthGenHash Utility
+
+```bash
+cd AuthGenHash
+./gradlew shadowJar
+java -jar build/libs/AuthGenHash-0.1-all.jar -p
+```

UnityAuth/.dockerignore

@@ -0,0 +1,10 @@
+gradle/caches
+
+# Exclude gradle build caches but not wrapper
+.gradle/
+.DS_Store
+
+build/
+
+docker-compose.*
+DockerfileAPI

UnityAuth/.sdkmanrc

@@ -0,0 +1,3 @@
+# Enable auto-env through the sdkman_auto_env config
+# Add key=value pairs of SDKs to use below
+java=21.0.4-tem