Skip to content

Instantly share code, notes, and snippets.

@enr

enr/steps.md

Last active January 20, 2016 08:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save enr/5a0920c859dbd14892ad to your computer and use it in GitHub Desktop.
Save enr/5a0920c859dbd14892ad to your computer and use it in GitHub Desktop.
Download ZIP
Create REST service with Grails 3.1.0
Raw
steps.md

create app

grails create-app g001 --profile rest-api --features security,hibernate

check versions

in build.gradle spring-security-rest should be at least 2.0.0.M2:

compile "org.grails.plugins:spring-security-rest:2.0.0.M2"

create domain

package g001
import grails.rest.*
@Resource(uri='/books', formats=['json', 'xml'])
class Book {
    String title
    static constraints = {
        title blank:false
    }
}

create s2 domains

grails s2-quickstart g001.auth User Role

create auth token domain

package g001.auth
class AuthenticationToken {
    String token
    String username
    static constraints = {
    }
}

configure

the final application.groovy:

// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'g001.auth.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'g001.auth.UserRole'
grails.plugin.springsecurity.authority.className = 'g001.auth.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
	[pattern: '/',               access: ['permitAll']],
	[pattern: '/error',          access: ['permitAll']],
    [pattern: '/**', access: ['isFullyAuthenticated()']]
]
grails.plugin.springsecurity.filterChain.chainMap = [
        //Stateless chain
        [
                pattern: '/api/**',
                filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'
        ],
        //Traditional, stateful chain
        [
                pattern: '/stateful/**',
                filters: 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'
        ]
]
grails.plugin.springsecurity.rest.login.useJsonCredentials = true
grails.plugin.springsecurity.rest.login.failureStatusCode = 401
grails.plugin.springsecurity.rest.token.storage.useGorm = true
grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = 'g001.auth.AuthenticationToken'
grails.plugin.springsecurity.rest.token.storage.gorm.tokenValuePropertyName = 'token'
grails.plugin.springsecurity.rest.token.storage.gorm.usernamePropertyName = 'username'
grails.plugin.springsecurity.rest.token.validation.useBearerToken = true

create initial data

import g001.Book
import g001.auth.User
import g001.auth.Role
import g001.auth.UserRole

class BootStrap {

    def init = { servletContext ->
        new Book(title:"The Stand").save()
        new Book(title:"The Shining").save()

        def admin = new Role(authority: 'ROLE_ADMIN').save(flush: true)
        def user = new User(username: 'user', password: 'pass').save(flush: true)
        UserRole.create user, admin, true
    }
    def destroy = {
    }
}

get token

curl -i -X POST -H "Content-Type: application/json" -d '{"username":"user","password":"pass"}' localhost:8080/api/login

call api

RESULT=`curl -i -X POST -H "Content-Type: application/json" -d '{"username":"user","password":"pass"}' localhost:8080/api/login`
TOKEN=`echo $RESULT | sed 's/.*access_token":"//g' | sed 's/".*//g'`
curl -H "Authorization: bearer $TOKEN" -H 'Accept: application/json' http://localhost:8080/books
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment