Skip to content

Instantly share code, notes, and snippets.

@AdamBien
Created November 4, 2020 06:40
Show Gist options
  • Save AdamBien/4b9214b29ed1810390bbe7ed303db6c4 to your computer and use it in GitHub Desktop.
Save AdamBien/4b9214b29ed1810390bbe7ed303db6c4 to your computer and use it in GitHub Desktop.
81stAirhacksQ&A.md

Ask questions and see you at December, 7th, 8.PM. CET: https://vimeo.com/event/154379

Also checkout recent episode:

80th airhacks.tv

Please keep the questions Jakarta EE-stic. Means: as short and as concise as only possible. Feel free to ask several, shorter questions. Upcoming airhacks.tv events are also going to be announced at meetup.com/airhacks

@wanderer2097
Copy link

How would you go about fulfilling dynamic entity projection requests from a REST client? Imagine a purchase order entity which has a lot of fields. Sometimes the client needs to read all and sometimes only a few but exactly which isn't known until runtime and is provided as query params. Also - there are associated entities (like order items). Sometimes the client wants to see them, sometimes not. Creating specific projection DTO's is therefore not an option. Need something similar to OData expand.

Using JSON-B adapters and serializers feels like a glorified DTO approach and the main pain point is there would need to be one for every class. JSON-P is good but it introduces coupling to a specific format (can't support XML then). At one point I implemented a simple object cloner running as the last step in the REST resource "GET" calls copying an entity instance to another instance of the same class but only picking and choosing the fields requested by the client and the rest was set to null (default JSONB skips nulls so this was kind of a hack). That seemed a little heavy handed though so I ended up writing a custom Message Body Writer and injecting @context UriInfo into it so that I can extract the list of fields & expand options requested by the client from the query params and perform the projection dynamically using reflection and some JPA metadata. That's probably not the best way to go about it - do you have any suggestions?

@dhufnagel
Copy link

I was willing to upgrade my javax.javaee-api-8.0 maven project to jakartaee-api 8.0.0 but I came across the issue, that it broke my application. The application uses the java mail api with IMAP and POP3 but the dependency is not automatically resolved with the jakartaee-api. I have to manually add the dependency to jakarta-mail as provided to make it work. But this breaks the "one-dependency" thing I loved with javaee. Am I doing it wrong or is this the "new" way to go?

@AdamBien
Copy link
Author

AdamBien commented Dec 3, 2020

Interesting paper:

"Hey
@AdamBien
I found this paper https://tinyurl.com/y5ny9rf8, researching how to do fast unit testing with MicroProfile Config API. What bothers me: how does this project compare to weld-junit and cdi-unit ? Maybe Gunnar is an interesting guest for an http://airhacks.fm episode?" by @poi_ki_lo_therm
=> https://twitter.com/poi_ki_lo_therm/status/1334422453108563970?s=20

@hrstoyanov
Copy link

hrstoyanov commented Dec 3, 2020

@AdamBien
As creator of Jwtenizer do you recommend to you clients to implement in-house authentication and authorization workflows? Quarkus JPA Security and JWT Security makes it look like an easy job initially, but I fear things get tough when you realize you need:

  • self-registration
  • login
  • passwordless login
  • profile update
  • forgotten password workflow
  • multi-factor authentication
  • email verification
  • user management UI console

... Or do you recommend external providers such as Okta, Auth0, AWS Cogito?

There is also this up-and-coming German middleware ORY/Kratos, but they are very opinionated, do not recommend JWT tokens and do a lot fo server-side rendering to implement workflows.

What do your clients usually end up doing?

@hrstoyanov
Copy link

hrstoyanov commented Dec 3, 2020

@AdamBien
In you classes you recommend to manage locally your ES6 assets (with snowpack). However is it not more economical to use free CDNs and lower you AWS network bill instead?

What is your opinion on new web developments like:

@MikeEdgar
Copy link

Adam, I've heard you recently mention both OData and GraphQL on your podcast along with some pros/cons for each. Have you heard of or used the JSON:API specification? It has a clean representation for both URLs and requests/responses and is intuitive to use. Certainly not as popular as either OData/GraphQL, but I find it to be more in alignment with RESTful and HTTP conventions.

I have a work-in-progress library (jsonapi-rvp) that drops in to Jakarta EE-stic runtime environments to expose JPA entities via JSON:API. The only dependencies are runtime Jakarta EE specs and it requires Java 11. Just posting in case you or any listeners would like to play with it and suggest improvements if it's found to be useful.

@dabkhazi
Copy link

dabkhazi commented Dec 7, 2020

Hi Adam!
I watched your latest videos and I'm interested in a question about a rest client fault. For example, the task is to periodically send data through the scheduler using rest client, how to properly handle the case of a client crash (fault) so that the scheduler can stop before the client is restored to work? I am thinking of a global flag that stores client state information, maybe failover has a more elegant solution?

@thehpi
Copy link

thehpi commented Dec 7, 2020

I building code where there are data models in different layers of the application which are very much alike. This causes a lot of boilerplate code and unittests which is hard to maintain.

I would like to use some mechanism from which I could generate the model classes and use mapping software to get data from model1 to model2.

What would be a good library which can be configured to

  • generate the different model classes (also the jpa entity classes)
  • do the data mapping for these models

I know about odata but this has its own data model which is another extra model from which I need to map to my internal model(s).
I also know about graphql but I want to use plain REST resources from my client software for now.

@thehpi
Copy link

thehpi commented Dec 7, 2020

I want to be able to configure for a user how many request per second he can fire onto my server.
And my server then should return the nr of possible requests in a response header.
And of course my server should return http response code 429 (too many request) when the max nr requests/sec is depleted.

How would you do this?

@ashburnere
Copy link

@thephi did you have a look at Mapstruct (https://mapstruct.org/)?

@thehpi
Copy link

thehpi commented Dec 9, 2020

@ashburnere yes I am investigating it, it is a very elaborate tool but I'm not sure yet if I can use it but it looks promising.

@vaibhavkulkarni
Copy link

@AdamBien
As creator of Jwtenizer do you recommend to you clients to implement in-house authentication and authorization workflows? Quarkus JPA Security and JWT Security makes it look like an easy job initially, but I fear things get tough when you realize you need:

  • self-registration
  • login
  • passwordless login
  • profile update
  • forgotten password workflow
  • multi-factor authentication
  • email verification
  • user management UI console

... Or do you recommend external providers such as Okta, Auth0, AWS Cogito?

There is also this up-and-coming German middleware ORY/Kratos, but they are very opinionated, do not recommend JWT tokens and do a lot fo server-side rendering to implement workflows.

What do your clients usually end up doing?

Have you had a look at https://gluu.org/? It probably suites you better?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment