fix : additional updates for the introduction

Author: patternhelloworld

README.md

@@ -1,15 +1,20 @@
 # Spring Security Oauth2 Password JPA Implementation
-## Overview
 
-* Complete separation of the library (API) and the client for testing it
+> One OAuth2 ROPC POC built to grow with Spring Boot and ORM
 
+## Quick Start
 ```xml
 <dependency>
     <groupId>io.github.patternknife.securityhelper.oauth2.api</groupId>
     <artifactId>spring-security-oauth2-password-jpa-implementation</artifactId>
     <version>3.0.0</version>
 </dependency>
 ```
+
+## Overview
+
+* Complete separation of the library (API) and the client for testing it
+
 * Set up the same access & refresh token APIs on both ``/oauth2/token`` and on our controller layer such as ``/api/v1/traditional-oauth/token``, both of which function same and have `the same request & response payloads for success and errors`. (However, ``/oauth2/token`` is the standard that "spring-authorization-server" provides.)
   * As you are aware, the API ``/oauth2/token`` is what "spring-authorization-server" provides.
     * ``/api/v1/traditional-oauth/token`` is what this library implemented directly.
@@ -50,7 +55,7 @@
 | Category          | Dependencies                                                      |
 |-------------------|-------------------------------------------------------------------|
 | Backend-Language  | Java 17                                                           |
-| Backend-Framework | Spring Boot 3.3.2                                                 |
+| Backend-Framework | Spring Boot 3.3.2 (the latest version)                            |
 | Main Libraries    | Spring Security 6.3.1, Spring Security Authorization Server 1.3.1 |
 | Package-Manager   | Maven 3.6.3 (mvnw, Dockerfile)                                    |
 | RDBMS             | Mysql 8.0.17                                                      |
@@ -151,6 +156,9 @@ public class CommonDataSourceConfiguration {
       - ``client.config.securityimpl.response.CustomAuthenticationSuccessHandlerImpl``
       - The success response payload of "/api/v1/traditional-oauth/token" is in ``api.domain.traditionaloauth.dto`` and is not yet customizable.
 
+ - **Customize the verification logic for UsernamePassword and Client as desired**
+    - ``IOauth2AuthenticationHashCheckService``
+
 ## Running this App with Docker
 * Use the following module for Blue-Green deployment:
   * https://github.com/patternknife/docker-blue-green-runner

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/logger/module/ResponseErrorLogConfig.java

@@ -4,7 +4,7 @@
 import com.patternknife.securityhelper.oauth2.client.config.logger.common.CommonLoggingRequest;
 
 
-import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.ErrorResponsePayload;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.SecurityKnifeErrorResponsePayload;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.AfterReturning;
 import org.aspectj.lang.annotation.Aspect;
@@ -31,7 +31,7 @@ public void endpointAfterExceptionReturning(JoinPoint p, Object returnValue) {
         try {
             if (p.getTarget().getClass().equals(GlobalExceptionHandler.class)) {
 
-                ErrorResponsePayload errorResponsePayload = (ErrorResponsePayload) ((ResponseEntity) returnValue).getBody();
+                SecurityKnifeErrorResponsePayload errorResponsePayload = (SecurityKnifeErrorResponsePayload) ((ResponseEntity) returnValue).getBody();
                 loggedText += String.format("[After - Error Response]\n message : %s || \n userMessage : %s || \n cause : %s || \n stackTrace : %s",
                         errorResponsePayload != null ? errorResponsePayload.getMessage() : "No error message",
                         errorResponsePayload != null ? errorResponsePayload.getUserMessage() : "No error userMessage",

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/CustomExceptionUtils.java

@@ -4,7 +4,7 @@
 
 import com.patternknife.securityhelper.oauth2.client.config.logger.module.ResponseSuccessLogConfig;
 
-import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.ErrorResponsePayload;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.SecurityKnifeErrorResponsePayload;
 import org.apache.commons.lang3.exception.ExceptionUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -28,7 +28,7 @@ public static void createNonStoppableErrorMessage(String message) {
         } catch (Exception ex2) {
             logger.error(ex2.getMessage());
         } finally {
-            ErrorResponsePayload errorResponsePayload = new ErrorResponsePayload(message, "Without error param " + " / Thread ID = " + Thread.currentThread().getId() + " / StackTrace",
+            SecurityKnifeErrorResponsePayload errorResponsePayload = new SecurityKnifeErrorResponsePayload(message, "Without error param " + " / Thread ID = " + Thread.currentThread().getId() + " / StackTrace",
                     message, "", "");
 
             logger.error(" / " + errorResponsePayload.toString());
@@ -46,7 +46,7 @@ public static void createNonStoppableErrorMessage(String message, Throwable ex)
         } catch (Exception ex2) {
             logger.error(ex2.getMessage());
         } finally {
-            ErrorResponsePayload errorResponsePayload = new ErrorResponsePayload(message, "Without error param " + " / Thread ID = " + Thread.currentThread().getId() + " / StackTrace",
+            SecurityKnifeErrorResponsePayload errorResponsePayload = new SecurityKnifeErrorResponsePayload(message, "Without error param " + " / Thread ID = " + Thread.currentThread().getId() + " / StackTrace",
                     message, CustomExceptionUtils.getAllStackTraces(ex), CustomExceptionUtils.getAllCauses(ex));
 
             logger.error(" / " + errorResponsePayload.toString());

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/response/error/GlobalExceptionHandler.java

@@ -3,7 +3,7 @@
 
 import com.patternknife.securityhelper.oauth2.client.config.response.error.message.GeneralErrorMessage;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.util.ExceptionKnifeUtils;
-import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.ErrorResponsePayload;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.SecurityKnifeErrorResponsePayload;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthenticationException;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
@@ -38,13 +38,13 @@ public class GlobalExceptionHandler {
     // 401 : Authentication
     @ExceptionHandler({AuthenticationException.class})
     public ResponseEntity<?> authenticationException(Exception ex, WebRequest request) {
-        ErrorResponsePayload errorResponsePayload;
+        SecurityKnifeErrorResponsePayload errorResponsePayload;
         if(ex instanceof KnifeOauth2AuthenticationException && ((KnifeOauth2AuthenticationException) ex).getErrorMessages() != null) {
-            errorResponsePayload = new ErrorResponsePayload(((KnifeOauth2AuthenticationException) ex).getErrorMessages(),
+            errorResponsePayload = new SecurityKnifeErrorResponsePayload(((KnifeOauth2AuthenticationException) ex).getErrorMessages(),
                     ex, request.getDescription(false), ExceptionKnifeUtils.getAllStackTraces(ex),
                     ExceptionKnifeUtils.getAllCauses(ex), null);
         }else {
-            errorResponsePayload = new ErrorResponsePayload(ExceptionKnifeUtils.getAllCauses(ex), request.getDescription(false), iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_FAILURE),
+            errorResponsePayload = new SecurityKnifeErrorResponsePayload(ExceptionKnifeUtils.getAllCauses(ex), request.getDescription(false), iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_FAILURE),
                     ex.getMessage(), ex.getStackTrace()[0].toString());
         }
         return new ResponseEntity<>(errorResponsePayload, HttpStatus.UNAUTHORIZED);
@@ -53,15 +53,15 @@ public ResponseEntity<?> authenticationException(Exception ex, WebRequest reques
     // 403 : Authorization
     @ExceptionHandler({ AccessDeniedException.class })
     public ResponseEntity<?> authorizationException(Exception ex, WebRequest request) {
-        ErrorResponsePayload errorResponsePayload = new ErrorResponsePayload(ex.getMessage() != null ? ex.getMessage() : ExceptionKnifeUtils.getAllCauses(ex), request.getDescription(false),
+        SecurityKnifeErrorResponsePayload errorResponsePayload = new SecurityKnifeErrorResponsePayload(ex.getMessage() != null ? ex.getMessage() : ExceptionKnifeUtils.getAllCauses(ex), request.getDescription(false),
                 ex.getMessage() == null || ex.getMessage().equals("Access Denied") ? iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHORIZATION_FAILURE) : ex.getMessage(), ex.getStackTrace()[0].toString());
         return new ResponseEntity<>(errorResponsePayload, HttpStatus.FORBIDDEN);
     }
 
     // Unhandled
     @ExceptionHandler(Exception.class)
     public ResponseEntity<?> unhandledExceptionHandler(Exception ex, WebRequest request) {
-        ErrorResponsePayload errorResponsePayload = new ErrorResponsePayload(ex.getMessage(), request.getDescription(false), GeneralErrorMessage.UNHANDLED_ERROR.getUserMessage(),
+        SecurityKnifeErrorResponsePayload errorResponsePayload = new SecurityKnifeErrorResponsePayload(ex.getMessage(), request.getDescription(false), GeneralErrorMessage.UNHANDLED_ERROR.getUserMessage(),
                 CustomExceptionUtils.getAllStackTraces(ex), CustomExceptionUtils.getAllCauses(ex));
         return new ResponseEntity<>(errorResponsePayload, HttpStatus.INTERNAL_SERVER_ERROR);
     }

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/response/CustomAuthenticationFailureHandlerImpl.java

@@ -5,7 +5,7 @@
 import io.github.patternknife.securityhelper.oauth2.api.config.logger.KnifeSecurityLogConfig;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
-import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.ErrorResponsePayload;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.SecurityKnifeErrorResponsePayload;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthenticationException;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.util.ExceptionKnifeUtils;
 import jakarta.servlet.http.HttpServletRequest;
@@ -40,19 +40,19 @@ public class CustomAuthenticationFailureHandlerImpl implements AuthenticationFai
     public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
             throws IOException {
 
-        ErrorResponsePayload errorResponsePayload;
+        SecurityKnifeErrorResponsePayload errorResponsePayload;
         String stackTraces = ExceptionKnifeUtils.getAllStackTraces(exception);
         if(exception instanceof KnifeOauth2AuthenticationException){
-            errorResponsePayload = new ErrorResponsePayload(((KnifeOauth2AuthenticationException) exception).getErrorMessages().getMessage(),
+            errorResponsePayload = new SecurityKnifeErrorResponsePayload(((KnifeOauth2AuthenticationException) exception).getErrorMessages().getMessage(),
                     "uri=" + request.getRequestURI(), ((KnifeOauth2AuthenticationException) exception).getErrorMessages().getUserMessage(), stackTraces);
         }else if(exception instanceof OAuth2AuthenticationException) {
-            errorResponsePayload = new ErrorResponsePayload(
+            errorResponsePayload = new SecurityKnifeErrorResponsePayload(
                     ((OAuth2AuthenticationException) exception).getError().getErrorCode() + " / " + ((OAuth2AuthenticationException) exception).getError().getDescription(),
                     "uri=" + request.getRequestURI(),
                     iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_FAILURE),
                     stackTraces);
         }else{
-            errorResponsePayload = new ErrorResponsePayload(
+            errorResponsePayload = new SecurityKnifeErrorResponsePayload(
                     exception.getMessage(),
                     "uri=" + request.getRequestURI(),
                     iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_ERROR),

src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/response/auth/authentication/DefaultAuthenticationFailureHandlerImpl.java

@@ -2,7 +2,7 @@
 
 
 import io.github.patternknife.securityhelper.oauth2.api.config.logger.KnifeSecurityLogConfig;
-import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.ErrorResponsePayload;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.SecurityKnifeErrorResponsePayload;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthenticationException;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.util.ExceptionKnifeUtils;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
@@ -32,19 +32,19 @@ public class DefaultAuthenticationFailureHandlerImpl implements AuthenticationFa
     public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
             throws IOException {
 
-        ErrorResponsePayload errorResponsePayload;
+        SecurityKnifeErrorResponsePayload errorResponsePayload;
         String stackTraces = ExceptionKnifeUtils.getAllStackTraces(exception);
         if(exception instanceof KnifeOauth2AuthenticationException){
-            errorResponsePayload = new ErrorResponsePayload(((KnifeOauth2AuthenticationException) exception).getErrorMessages().getMessage(),
+            errorResponsePayload = new SecurityKnifeErrorResponsePayload(((KnifeOauth2AuthenticationException) exception).getErrorMessages().getMessage(),
                     "uri=" + request.getRequestURI(), ((KnifeOauth2AuthenticationException) exception).getErrorMessages().getUserMessage(), stackTraces);
         }else if(exception instanceof OAuth2AuthenticationException) {
-            errorResponsePayload = new ErrorResponsePayload(
+            errorResponsePayload = new SecurityKnifeErrorResponsePayload(
                     ((OAuth2AuthenticationException) exception).getError().getErrorCode() + " / " + ((OAuth2AuthenticationException) exception).getError().getDescription(),
                     "uri=" + request.getRequestURI(),
                     iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_FAILURE),
                     stackTraces);
         }else{
-            errorResponsePayload = new ErrorResponsePayload(
+            errorResponsePayload = new SecurityKnifeErrorResponsePayload(
                     exception.getMessage(),
                     "uri=" + request.getRequestURI(),
                     iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_ERROR),

src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/response/error/dto/ErrorResponsePayload.java renamed to src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/response/error/dto/SecurityKnifeErrorResponsePayload.java

@@ -10,7 +10,7 @@
 import java.util.Map;
 
 @ToString
-public class ErrorResponsePayload {
+public class SecurityKnifeErrorResponsePayload {
 	private Date timestamp;
 
 	// Never to be returned to clients, but must be logged.
@@ -26,7 +26,7 @@ public class ErrorResponsePayload {
 	private String cause;
 
 
-	public ErrorResponsePayload(ErrorMessages errorMessages, Exception e, String details, String stackTrace, String userMessage, Map<String, String> userValidationMessage) {
+	public SecurityKnifeErrorResponsePayload(ErrorMessages errorMessages, Exception e, String details, String stackTrace, String userMessage, Map<String, String> userValidationMessage) {
 		this.timestamp = TimestampUtil.getPayloadTimestamp();
 		this.message = !StringUtils.isEmpty(errorMessages.getMessage()) ? errorMessages.getMessage() : e.getMessage() ;
 		this.details = details;
@@ -35,15 +35,15 @@ public ErrorResponsePayload(ErrorMessages errorMessages, Exception e, String det
 		this.userValidationMessage = errorMessages.getUserValidationMessage() != null && !errorMessages.getUserValidationMessage().isEmpty() ? errorMessages.getUserValidationMessage() : userValidationMessage;
 	}
 
-	public ErrorResponsePayload(String message, String details, String userMessage, String stackTrace) {
+	public SecurityKnifeErrorResponsePayload(String message, String details, String userMessage, String stackTrace) {
 		this.timestamp = TimestampUtil.getPayloadTimestamp();
 		this.message = message;
 		this.details = details;
 		this.userMessage = userMessage;
 		this.stackTrace = stackTrace;
 	}
 
-	public ErrorResponsePayload(String message, String details, String userMessage, String stackTrace, String cause) {
+	public SecurityKnifeErrorResponsePayload(String message, String details, String userMessage, String stackTrace, String cause) {
 		this.timestamp = TimestampUtil.getPayloadTimestamp();
 		this.message = message;
 		this.details = details;
@@ -52,8 +52,8 @@ public ErrorResponsePayload(String message, String details, String userMessage,
 		this.cause = cause;
 	}
 
-	public ErrorResponsePayload(String message, String details, String userMessage, Map<String, String> userValidationMessage,
-								String stackTrace, String cause) {
+	public SecurityKnifeErrorResponsePayload(String message, String details, String userMessage, Map<String, String> userValidationMessage,
+											 String stackTrace, String cause) {
 
 		this.timestamp = TimestampUtil.getPayloadTimestamp();
 		this.message = message;