First PEM version

Author: rickypat03

README.md

@@ -2,15 +2,14 @@
 
 [![Java](https://img.shields.io/badge/Java-21-red?logo=openjdk)](https://openjdk.org/)
 [![Spring Boot](https://img.shields.io/badge/Spring%20Boot-3.x-brightgreen?logo=springboot)](https://spring.io/projects/spring-boot)
-[![AWS Parameter Store](https://img.shields.io/badge/AWS-Parameter%20Store-orange?logo=amazonaws)](https://aws.amazon.com/systems-manager/)
 [![License](https://img.shields.io/github/license/rickypat03/SpringSecurityTemplate)](LICENSE)
 
 A **Spring Boot starter template** with **Spring Security** pre-configured.  
 This project gives you a clean foundation to quickly build **secure web applications**.
 
 👉 In this first version you’ll need:
-1. A **database** (PostgreSQL, MySQL, etc.)
-2. **AWS Parameter Store** (📌 coming soon: version without it)
+- A **database** (PostgreSQL, MySQL, etc.);
+- A **RSA key pair** to put into src/main/resources/keys as .pem files;
 
 ---
 
@@ -23,43 +22,51 @@ git clone https://github.com/rickypat03/SpringSecurityTemplate.git
 
 ---
 
-### 2. Open the project
+### 2. Checkout the branch that you want to use
+
+```bash
+git checkout template/pem-local
+```
+
+---
+
+### 3. Open the project
 ```bash
    cd SpringSecurityTemplate
 ```
 
-- Import it into your favorite IDE (IntelliJ IDEA, Eclipse, VS Code).
+- Import it into your favorite IDE (IntelliJ IDEA, Eclipse, VS Code);
 
-- Rename the project as you like.
+- Rename the project as you like;
 
 ---
 
-### 3. Configure
+### 4. Configure
 
-- 🔍 Look for TODO comments in the code – they guide you on how to adapt the template.
+1. 🔍 Look for TODO comments in the code – they guide you on how to adapt the template.
 
-- Edit application.properties to match your setup.
+2. Edit application.properties to match your setup.
 
-- Check and adjust pom.xml if needed.
+3. Check and adjust pom.xml if needed.
 
 ---
 
-### 4. Run & Build
+### 5. Run & Build
 
 You now have a working Spring Boot + Security application!
 Start adding your own:
 
-- Controllers
+- Controllers;
 
-- Services
+- Services;
 
-- Repositories
+- Repositories;
 
 ---
 
 ### 🤝 Contributing
 
-- Fork the repo, create a branch, and open a pull request.
+- Fork the repo, create a branch, and open a pull request;
 
 - Found a bug? Have an idea? → Open an issue!
 
@@ -69,10 +76,10 @@ Start adding your own:
 
 ### 📌 Next steps
 
-1. Add a version without AWS Parameter Store
+- Add example controllers and endpoints;
 
-2. Add example controllers and endpoints 
+- Provide Docker support;
 
-3. Provide Docker support
+- Add the Authorization Server version;
 
 ---

logs/app.log

@@ -1,8 +1,10 @@
 package com.template.security.key;
 
-import lombok.RequiredArgsConstructor;
+import org.springframework.core.io.ClassPathResource;
 import org.springframework.stereotype.Component;
 
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
 import java.security.KeyFactory;
 import java.security.PrivateKey;
 import java.security.PublicKey;
@@ -11,41 +13,58 @@
 import java.util.Base64;
 
 @Component
-@RequiredArgsConstructor
 public class PemUtils {
 
-    private final JwtKeyProperties jwtKeyProperties;
+    /**
+     * Read the key from the param path and cleans it.
+     * @param path The path of the key inside resource directory
+     * @return The key cleaned
+     * @throws Exception If there is some problem with the cleaning
+     */
+    private String readKey(String path) throws Exception {
+
+        ClassPathResource resource = new ClassPathResource(path);
+
+        try (InputStream is = resource.getInputStream()) {
+
+            String key = new String(is.readAllBytes(), StandardCharsets.UTF_8);
+
+            return key.replace("-----BEGIN PUBLIC KEY -----", "")
+                    .replace("-----END PUBLIC KEY-----", "")
+                    .replace("-----BEGIN PRIVATE KEY -----", "")
+                    .replace("-----END PRIVATE KEY -----", "")
+                    .replaceAll("\\s+", "");
+        }
+    }
 
     /**
-     * Loads an RSA PrivateKey from a PEM formatted string.
+     * Loads an RSA PrivateKey from the private.pem file inside resources/keys/
      *
      * @return the PrivateKey
      * @throws Exception if there is an error during key loading
      */
     public PrivateKey loadPrivateKey() throws Exception {
-        String cleaned = jwtKeyProperties.getPrivateKey()
-                .replace("-----BEGIN PRIVATE KEY-----", "")
-                .replace("-----END PRIVATE KEY-----", "")
-                .replaceAll("\\s+", "");
 
-        byte[] decoded = Base64.getDecoder().decode(cleaned);
+        String keyPath = "keys/private.pem";
+        String keyPEM = readKey(keyPath);
+
+        byte[] decoded = Base64.getDecoder().decode(keyPEM);
         PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(decoded);
         return KeyFactory.getInstance("RSA").generatePrivate(spec);
     }
 
     /**
-     * Loads an RSA PublicKey from a PEM formatted string.
+     * Loads an RSA PublicKey from the public.pem file inside resources/keys/
      *
      * @return the PublicKey
      * @throws Exception if there is an error during key loading
      */
     public PublicKey loadPublicKey() throws Exception {
-        String cleaned = jwtKeyProperties.getPublicKey()
-                .replace("-----BEGIN PUBLIC KEY-----", "")
-                .replace("-----END PUBLIC KEY-----", "")
-                .replaceAll("\\s+", "");
 
-        byte[] decoded = Base64.getDecoder().decode(cleaned);
+        String keyPath = "keys/public.pem";
+        String keyPEM = readKey(keyPath);
+
+        byte[] decoded = Base64.getDecoder().decode(keyPEM);
         X509EncodedKeySpec spec = new X509EncodedKeySpec(decoded);
         return KeyFactory.getInstance("RSA").generatePublic(spec);
     }

src/main/java/com/template/security/key/JwtKeyProperties.java

@@ -9,6 +9,7 @@
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.util.Date;
+import java.util.Map;
 
 @Slf4j
 @Service
@@ -18,23 +19,23 @@ public class JwtService {
     private final PrivateKey privateKey;
     private final PublicKey publicKey;
 
+    //TODO: When you'll call this function remember to create a Map<String, Object> variable where you'll insert your claims
+    //      ex: Map<String, Object> claims = new HashMap();
+    //          claims.put("username", "bobby");
     /**
      * Generates a JWT token for the given user details.
      *
      * @param userId   the ID of the user
-     * @param username the username of the user
-     * @param role     the role of the user
+     * @param claims   the claims of the token
      * @return a JWT token as a String
      */
     public String generateToken(Long userId,
-                                String username,
-                                String role) {
+                                Map<String, Object> claims) {
 
         String jwt = Jwts.builder()
                 .setSubject(String.valueOf(userId))
-                .claim("role", role) // ROLE_USER, ROLE_MANAGER, ...
-                .claim("username", username)
                 .setIssuedAt(new Date(System.currentTimeMillis()))
+                .addClaims(claims)
                 .setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60))
                 .signWith(privateKey, SignatureAlgorithm.RS256)
                 .compact();

src/main/java/com/template/security/key/PemUtils.java

@@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+your key data here
+-----END PRIVATE KEY-----

src/main/java/com/template/service/JwtService.java

@@ -0,0 +1,3 @@
+-----BEGIN PUBLIC KEY-----
+your key data here
+-----END PUBLIC KEY-----