FINERACT-1932: Fineract modularization - fineract-security

Author: Jose Alberto Hernandez

build.gradle

@@ -26,6 +26,7 @@ buildscript {
         fineractJavaProjects = subprojects.findAll{
             [
                 'fineract-core',
+                'fineract-security',
                 'fineract-cob',
                 'fineract-validation',
                 'fineract-command',
@@ -59,6 +60,7 @@ buildscript {
                 'fineract-client',
                 'fineract-client-feign',
                 'fineract-core',
+                'fineract-security',
                 'fineract-cob',
                 'fineract-validation',
                 'fineract-command',

…ilter/FineractInstanceModeApiFilter.java …ilter/FineractInstanceModeApiFilter.javafineract-provider/src/main/java/org/apache/fineract/infrastructure/instancemode/filter/FineractInstanceModeApiFilter.java renamed to fineract-core/src/main/java/org/apache/fineract/infrastructure/instancemode/filter/FineractInstanceModeApiFilter.java fineract-provider/src/main/java/org/apache/fineract/infrastructure/instancemode/filter/FineractInstanceModeApiFilter.java renamed to fineract-core/src/main/java/org/apache/fineract/infrastructure/instancemode/filter/FineractInstanceModeApiFilter.java

@@ -40,6 +40,7 @@ dependencies {
     implementation(project(path: ':fineract-report'))
     implementation(project(path: ':fineract-tax'))
     implementation(project(path: ':fineract-loan-origination'))
+    implementation(project(path: ':fineract-security'))
 
     providedRuntime("org.springframework.boot:spring-boot-starter-tomcat")
 

…/notification/data/NotificationData.java …/notification/data/NotificationData.javafineract-provider/src/main/java/org/apache/fineract/notification/data/NotificationData.java renamed to fineract-core/src/main/java/org/apache/fineract/notification/data/NotificationData.java fineract-provider/src/main/java/org/apache/fineract/notification/data/NotificationData.java renamed to fineract-core/src/main/java/org/apache/fineract/notification/data/NotificationData.java

@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+description = 'Fineract Security'
+
+apply plugin: 'java'
+apply plugin: 'eclipse'
+
+configurations {
+    providedRuntime // needed for Spring Boot executable WAR
+    providedCompile
+    compile() {
+        exclude module: 'hibernate-entitymanager'
+        exclude module: 'hibernate-validator'
+        exclude module: 'activation'
+        exclude module: 'bcmail-jdk14'
+        exclude module: 'bcprov-jdk14'
+        exclude module: 'bctsp-jdk14'
+        exclude module: 'c3p0'
+        exclude module: 'stax-api'
+        exclude module: 'jaxb-api'
+        exclude module: 'jaxb-impl'
+        exclude module: 'jboss-logging'
+        exclude module: 'itext-rtf'
+        exclude module: 'classworlds'
+    }
+    runtime
+}
+
+apply from: 'dependencies.gradle'
+
+// Configuration for the modernizer plugin
+// https://github.com/andygoossens/gradle-modernizer-plugin
+modernizer {
+    ignoreClassNamePatterns = [
+        '.*AbstractPersistableCustom',
+        '.*EntityTables',
+        '.*domain.*'
+    ]
+}
+
+// If we are running Gradle within Eclipse to enhance classes with OpenJPA,
+// set the classes directory to point to Eclipse's default build directory
+if (project.hasProperty('env') && project.getProperty('env') == 'eclipse') {
+    sourceSets.main.java.outputDir = new File(rootProject.projectDir, "fineract-security/bin/main")
+}
+
+eclipse {
+    project {
+        buildCommand([ LaunchConfigHandle: "<project>/.externalToolBuilders/OpenJPA Enhance Builder.launch" ],  'org.eclipse.ui.externaltools.ExternalToolBuilder')
+    }
+}
+
+if (!(project.hasProperty('env') && project.getProperty('env') == 'dev')) {
+    sourceSets {
+        test {
+            java {
+                exclude '**/core/boot/tests/**'
+            }
+        }
+    }
+}

…ion/service/UserNotificationService.java …ion/service/UserNotificationService.javafineract-provider/src/main/java/org/apache/fineract/notification/service/UserNotificationService.java renamed to fineract-core/src/main/java/org/apache/fineract/notification/service/UserNotificationService.java fineract-provider/src/main/java/org/apache/fineract/notification/service/UserNotificationService.java renamed to fineract-core/src/main/java/org/apache/fineract/notification/service/UserNotificationService.java

@@ -0,0 +1,98 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+dependencies {
+    // Never use "compile" scope, but make all dependencies either 'implementation', 'runtimeOnly' or 'testCompile'.
+    // Note that we never use 'api', because Fineract at least currently is a simple monolithic application ("WAR"), not a library.
+    // We also (normally should have) no need to ever use 'compileOnly'.
+
+    // Core module dependency
+    implementation(project(path: ':fineract-core'))
+
+    // PostgreSQL driver for SQL injection prevention utilities
+    implementation 'org.postgresql:postgresql'
+
+    // Spring Boot Security dependencies
+    implementation(
+            'org.springframework.boot:spring-boot-starter-web',
+            'org.springframework.boot:spring-boot-starter-security',
+            'org.springframework.boot:spring-boot-starter-oauth2-authorization-server',
+            'org.springframework.boot:spring-boot-starter-oauth2-resource-server',
+            'org.springframework.boot:spring-boot-starter-oauth2-client',
+            'org.springframework.boot:spring-boot-starter-cache',
+
+            'jakarta.ws.rs:jakarta.ws.rs-api',
+            'org.glassfish.jersey.media:jersey-media-multipart',
+
+            'com.google.guava:guava',
+            'com.google.code.gson:gson',
+
+            'org.apache.commons:commons-lang3',
+
+            'com.jayway.jsonpath:json-path',
+
+            'com.github.spotbugs:spotbugs-annotations',
+            'io.swagger.core.v3:swagger-annotations-jakarta',
+
+            'org.springdoc:springdoc-openapi-starter-webmvc-ui',
+            'org.mapstruct:mapstruct',
+            )
+
+    // JPA for security entities
+    implementation ('org.springframework.boot:spring-boot-starter-data-jpa') {
+        exclude group: 'org.hibernate'
+    }
+    implementation('org.eclipse.persistence:org.eclipse.persistence.jpa') {
+        exclude group: 'org.eclipse.persistence', module: 'jakarta.persistence'
+    }
+
+    // OWASP ESAPI for security utilities
+    implementation('org.owasp.esapi:esapi') {
+        exclude group: 'org.slf4j'
+        exclude group: 'log4j'
+        exclude group: 'commons-logging'
+        exclude group: 'commons-collections'
+        exclude group: 'commons-lang'
+        exclude group: 'spotbugs-annotations'
+        exclude group: 'xml-apis'
+    }
+
+    // Email support for OTP delivery
+    implementation ('org.apache.commons:commons-email') {
+        exclude group: 'com.sun.mail', module: 'javax.mail'
+        exclude group: 'javax.activation', module: 'activation'
+    }
+    implementation 'com.sun.mail:jakarta.mail'
+
+    compileOnly 'org.projectlombok:lombok'
+    annotationProcessor 'org.projectlombok:lombok'
+    annotationProcessor 'org.mapstruct:mapstruct-processor'
+
+    // Test dependencies
+    testImplementation( 'io.github.classgraph:classgraph' )
+    testImplementation ('org.springframework.boot:spring-boot-starter-test') {
+        exclude group: 'com.jayway.jsonpath', module: 'json-path'
+        exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
+        exclude group: 'jakarta.activation'
+        exclude group: 'javax.activation'
+        exclude group: 'org.skyscreamer'
+    }
+    testImplementation ('org.mockito:mockito-inline')
+    testImplementation 'org.springframework.security:spring-security-test'
+}