 Hello developers, my name is Matt Rabel and I am a Java hipster. Today I'd like to show you a demo of how to build a microservices architecture using jhipster. jhipster is based on Spring Boot and Spring Cloud for its microservices stuff. So everything that I'll be showing today isn't really specific to jhipster It's more of just how to build microservices with spring. jhipster just automates that and makes it much easier to get started. So this demo is based on a blog post I wrote called Java microservices with Spring Cloud config and jhipster and at the bottom of this post it has a link to a repository that has all the code and In the jhipster directory there is a demo.adoc file that I will be using as instructions So this is just a condensed version of the blog post and then I can follow the steps And I don't have to memorize them word for word. So JDL studio is a project on jhipster online And if you were to navigate to it You can see that I've already copied and pasted the JDL in there And so it remembers the last JDL that you put in there And if I were to expand things a bit what we're going to develop is first of all a gateway application Which is defined here and it has all the UI hence the entities here And we're going to have a blog application that has a blog a Post and a tag entities and you can see a diagram here a blog has many to one relationship with user a Post has many to one with blog and many to many with tag And then we'll also be developing a store microservice that uses MongoDB and Has a single entity called product and then the entities are defined here and the relationships here pagination here and Microservices and deployment so we're going to use Docker compose just to run everything I won't actually be deploying this to the cloud But if you were to upload these Docker images to Docker hub you would probably want to change this to your username For instance, and we're able is mine. I just use J micro as an example so you can take all this Copy it open up a terminal window and Create an apps directory CD into that and create apps dot JDL So we'll put that code in there Save it and then we can go J hipster import JDL apps that JDL and this will Simultaneously or in parallel create three different applications one in the gateway directory one in the blog directory and one in the store directory So you can see that took about two and a half minutes to run Now what I'd like to do is I'd like to create an aggregator Palm that allows me to run maven commands across all projects instead of seeding into each one and running them individually, so I'm going to create a palm dot XML You can see it just specifies the modules and then I can run and build Docker images with jib Using this command So you can see that almost took about four minutes to run Part of the reason for that is there is tests that ran not only Java tests But integration tests unit tests and tests for the JavaScript So a default J hipster app comes with 70% test coverage or better. So that's pretty nice Once we have that completed we can CD into Docker compose And then if you run if we look in that directory, you'll see there's a number of Various files, but if we do Docker compose up it'll run all the different containers that we specified So there's a postgres database for the blog. There's a MongoDB database for the store There's key cloak which is used for login I chose OAuth 2 for my authentication mechanism with J hipster So it uses key cloak by default and that supports OAuth 2 and open ID connect And it uses spring security to connect to that And you could also run this command with a dash D and it would run as a daemon And if you did that then you can use kinematic To actually view and see all the containers running So you can see they're all starting up and you can see all their logs here So it does take a few minutes for everything to start it So because we're using key cloak There is one thing you need to do and that is to add a host entry for key cloak So if I were to look at my host file You can see that I have one in there And that's because normally with Docker it talks to different servers just based on that host name But we will actually be using key cloak as a value in our browser when it redirects to it So that's why you need the value in here. And so if we look at the J hipster registry here You can see it's redirecting to key cloak up here and We can use admin admin to log in and you'll see our blog our gateway and our store all up and running So we can go to local host 8080 And this is our gateway. This is where our UI lives So if we logged in there since we already logged into the registry It already has a session in key cloak. So we don't have to log in again That's one of the beauties of open ID connect and single sign-on if we were to navigate to the blog You would see there aren't any yet, but we can say I want to create a new one Matt's blog and We can sign it to the admin user So that all works and if we were to go to products we can see that there's no products found But if we create a new one Call it beer and give it price of five dollars. No image You can see it creates it and it's using MongoDB. That's how you know from that. So now Let's configure it to use octa for identity So if you go to the developer dot octa dot com You can sign up for a brand new account by clicking sign up And just ask you a few questions and I'll sign you a verification email. I Already have an account. So I'll just sign in here and I will create a new web application So you click add application web click next and Then the redirect you are I you will want to use is this login slash a lot to slash code slash octa That is what spring security uses for octa. So we'll just say J hipster Microservices Put it right here And then hit done and Then since we also support logging out you need to edit it and add a logout URI of just localhost 8080 Now there's a few other things you need to do and that is to set up groups that match J hipster So I have a role admin and a role user. That's what J hipster defaults to so I've already created those and then under Authorization server you'll want to modify the default authorization server to include a groups claim So I already have one here and I'm including in the ID token, but I'll I'll delete it and show you how to add it again So you start by clicking claim name it groups include it in the ID token and then use groups for the value type and matches regex and Do all by dot star And that will create that and that will allow the groups to be in the ID token That spring security processes and I'll return those to the user So everything will work just like it does with key cloak with key cloak We set everything up beforehand for you so you don't have to do this step. So then we can use these values and Docker compose central server config application Yamal, so we'll stop all of our Docker containers central Server config and application that YML so you can see there's already some values in here So we can just go to the bottom here and our octa domain You can find this on your dashboard So see this org URL here. That's where I'm going to grab for that paste that in And then the client ID is in the application. We created Down at the bottom client ID Okay So we have all those values and now we can start Docker again So everything should be up and running If we look at our registry eight seven six one It'll redirect us to octa and I wanted to show you this issue because what's happening here is a common error where you forgot to add the redirect You are I for The actual J hips to registry so this is very Unintuitive for the most part and if you look in the URL you can see where it's trying to go So it'll have a redirect you are in here. It's trying to go local host eight seven six one So what you'll need to do is go in here modify your application And add a new you are I that uses eight seven six one So when we configured spring cloud config it actually Overrides the settings for all the apps So that's great because J hips to registry uses it now as well But it also means that you have to add Redirect your eyes if you want to log in to those apps and when you go to production You'll have to add production redirect your eyes as well And that's just part of OAuth where they like to have white listed redirect your eyes So now if we were to refresh Eight seven six one. Let's make sure I got that right. Oh See that it's got the incorrect your eyes So my instructions are wrong and this is because this is what spring Security uses by default, but in J hipster. We try to be agnostic because with key cloak. It's not going to be Octa per se. So you have to use OIDC at the end there. So now if we save that Then refresh Now it works and you can see everything's up and running. So if we were to go to local host 8080 click sign in Now automatically logged us in since we already logged into octa So then for you to look at the entities you can see that it passes that access token down And I do this see this error from time to time And it's just because it hasn't quite caught up yet. So if you refresh then you'll see it works So shouldn't happen in production might happen on the first start now if we go to product We'll see that those come up as well So That's pretty much it If you liked what you saw here today, I encourage you to subscribe to octa dev or follow octa dev on Twitter I am em rable on Twitter You can find out all about open ID connect and OAuth and why you should never build authentication again on developer dot octa dot com and we also have a YouTube channel which chances are you're watching this on so We have many more good videos that we hope you'll enjoy and I hope you have a great day