Skip to content

18F/formsgov-oes

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

formsGov

This application was generated using JHipster 7.3.1, you can find documentation and help at https://www.jhipster.tech/documentation-archive/v7.3.1.

Development

Before you can build this project, you must install and configure the following dependencies on your machine:

  1. Node.js: We use Node to run a development web server and build the project. Depending on your system, you can install Node either from source or as a pre-packaged bundle.

After installing Node, you should be able to run the following command to install development tools. You will only need to run this command when dependencies change in package.json.

npm install

We use npm scripts and Webpack as our build system.

Run the following commands in two separate terminals to create a blissful development experience where your browser auto-refreshes when files change on your hard drive.

./gradlew -x webapp
npm start

Npm is also used to manage CSS and JavaScript dependencies used in this application. You can upgrade dependencies by specifying a newer version in package.json. You can also run npm update and npm install to manage dependencies. Add the help flag on any command to see how you can use it. For example, npm help update.

The npm run command will list all of the scripts available to run for this project.

PWA Support

JHipster ships with PWA (Progressive Web App) support, and it's turned off by default. One of the main components of a PWA is a service worker.

The service worker initialization code is commented out by default. To enable it, uncomment the following code in src/main/webapp/index.html:

<script>
  if ('serviceWorker' in navigator) {
    navigator.serviceWorker.register('./service-worker.js').then(function () {
      console.log('Service Worker Registered');
    });
  }
</script>

Note: Workbox powers JHipster's service worker. It dynamically generates the service-worker.js file.

Managing dependencies

For example, to add Leaflet library as a runtime dependency of your application, you would run following command:

npm install --save --save-exact leaflet

To benefit from TypeScript type definitions from DefinitelyTyped repository in development, you would run following command:

npm install --save-dev --save-exact @types/leaflet

Then you would import the JS and CSS files specified in library's installation instructions so that Webpack knows about them: Note: There are still a few other things remaining to do for Leaflet that we won't detail here.

For further instructions on how to develop with JHipster, have a look at Using JHipster in development.

JHipster Control Center

JHipster Control Center can help you manage and control your application(s). You can start a local control center server (accessible on http://localhost:7419) with:

docker-compose -f src/main/docker/jhipster-control-center.yml up

OAuth 2.0 / OpenID Connect

Congratulations! You've selected an excellent way to secure your JHipster application. If you're not sure what OAuth and OpenID Connect (OIDC) are, please see What the Heck is OAuth?

To log in to your app, you'll need to have Keycloak up and running. The JHipster Team has created a Docker container for you that has the default users and roles. Start Keycloak using the following command.

docker-compose -f src/main/docker/keycloak.yml up

The security settings in src/main/resources/config/application.yml are configured for this image.

spring:
  ...
  security:
    oauth2:
      client:
        provider:
          oidc:
            issuer-uri: http://localhost:9080/auth/realms/jhipster
        registration:
          oidc:
            client-id: web_app
            client-secret: web_app
            scope: openid,profile,email

Okta

If you'd like to use Okta instead of Keycloak, it's pretty quick using the Okta CLI. After you've installed it, run:

okta register

Then, in your JHipster app's directory, run okta apps create and select JHipster. This will set up an Okta app for you, create ROLE_ADMIN and ROLE_USER groups, create a .okta.env file with your Okta settings, and configure a groups claim in your ID token.

Run source .okta.env and start your app with Maven or Gradle. You should be able to sign in with the credentials you registered with.

If you're on Windows, you should install WSL so the source command will work.

If you'd like to configure things manually through the Okta developer console, see the instructions below.

First, you'll need to create a free developer account at https://developer.okta.com/signup/. After doing so, you'll get your own Okta domain, that has a name like https://dev-123456.okta.com.

Modify src/main/resources/config/application.yml to use your Okta settings.

spring:
  ...
  security:
    oauth2:
      client:
        provider:
          oidc:
            issuer-uri: https://{yourOktaDomain}/oauth2/default
        registration:
          oidc:
            client-id: {clientId}
            client-secret: {clientSecret}
security:

Create an OIDC App in Okta to get a {clientId} and {clientSecret}. To do this, log in to your Okta Developer account and navigate to Applications > Add Application. Click Web and click the Next button. Give the app a name you’ll remember, specify http://localhost:8080 as a Base URI, and http://localhost:8080/login/oauth2/code/oidc as a Login Redirect URI. Click Done, then Edit and add http://localhost:8080 as a Logout redirect URI. Copy and paste the client ID and secret into your application.yml file.

Create a ROLE_ADMIN and ROLE_USER group and add users into them. Modify e2e tests to use this account when running integration tests. You'll need to change credentials in src/test/javascript/e2e/account/account.spec.ts and src/test/javascript/e2e/admin/administration.spec.ts.

Navigate to API > Authorization Servers, click the Authorization Servers tab and edit the default one. Click the Claims tab and Add Claim. Name it "groups", and include it in the ID Token. Set the value type to "Groups" and set the filter to be a Regex of .*.

After making these changes, you should be good to go! If you have any issues, please post them to Stack Overflow. Make sure to tag your question with "jhipster" and "okta".

Auth0

If you'd like to use Auth0 instead of Keycloak, follow the configuration steps below:

  • Create a free developer account at https://auth0.com/signup. After successful sign-up, your account will be associated with a unique domain like dev-xxx.us.auth0.com
  • Create a new application of type Regular Web Applications. Switch to the Settings tab, and configure your application settings like:
    • Allowed Callback URLs: http://localhost:8080/login/oauth2/code/oidc
    • Allowed Logout URLs: http://localhost:8080/
  • Navigate to User Management > Roles and create new roles named ROLE_ADMIN, and ROLE_USER.
  • Navigate to User Management > Users and create a new user account. Click on the Role tab to assign roles to the newly created user account.
  • Navigate to Auth Pipeline > Rules and create a new Rule. Choose Empty rule template. Provide a meaningful name like JHipster claims and replace Script content with the following and Save.
function (user, context, callback) {
  user.preferred_username = user.email;
  const roles = (context.authorization || {}).roles;

  function prepareCustomClaimKey(claim) {
    return `https://www.jhipster.tech/${claim}`;
  }

  const rolesClaim = prepareCustomClaimKey('roles');

  if (context.idToken) {
    context.idToken[rolesClaim] = roles;
  }

  if (context.accessToken) {
    context.accessToken[rolesClaim] = roles;
  }

  callback(null, user, context);
}
  • In your JHipster application, modify src/main/resources/config/application.yml to use your Auth0 application settings:
spring:
  ...
  security:
    oauth2:
      client:
        provider:
          oidc:
            # make sure to include the ending slash!
            issuer-uri: https://{your-auth0-domain}/
        registration:
          oidc:
            client-id: {clientId}
            client-secret: {clientSecret}
            scope: openid,profile,email
jhipster:
  ...
  security:
    oauth2:
      audience:
        - https://{your-auth0-domain}/api/v2/

Before running Cypress tests, specify Auth0 user credentials by overriding the CYPRESS_E2E_USERNAME and CYPRESS_E2E_PASSWORD environment variables.

export CYPRESS_E2E_USERNAME="<your-username>"
export CYPRESS_E2E_PASSWORD="<your-password>"

See Cypress' documentation for setting OS environment variables to learn more.

Auth0 requires a user to provide authorization consent on the first login. Consent flow is currently not handled in the Cypress test suite. To mitigate the issue, you can use a user account that has already granted consent to authorize application access via interactive login.

Building for production

Packaging as jar

To build the final jar and optimize the formsGov application for production, run:

./gradlew -Pprod clean bootJar

This will concatenate and minify the client CSS and JavaScript files. It will also modify index.html so it references these new files. To ensure everything worked, run:

java -jar build/libs/*.jar

Then navigate to http://localhost:8080 in your browser.

Refer to Using JHipster in production for more details.

Packaging as war

To package your application as a war in order to deploy it to an application server, run:

./gradlew -Pprod -Pwar clean bootWar

Testing

To launch your application's tests, run:

./gradlew test integrationTest jacocoTestReport

Client tests

Unit tests are run by Jest. They're located in src/test/javascript/ and can be run with:

npm test

UI end-to-end tests are powered by Cypress. They're located in src/test/javascript/cypress and can be run by starting Spring Boot in one terminal (./gradlew bootRun) and running the tests (npm run e2e) in a second one.

Lighthouse audits

You can execute automated [lighthouse audits][https://developers.google.com/web/tools/lighthouse/] with [cypress audits][https://github.com/mfrachet/cypress-audit] by running npm run e2e:cypress:audits. You should only run the audits when your application is packaged with the production profile. The lighthouse report is created in build/cypress/lhreport.html

For more information, refer to the Running tests page.

Code quality

Sonar is used to analyse code quality. You can start a local Sonar server (accessible on http://localhost:9001) with:

docker-compose -f src/main/docker/sonar.yml up -d

Note: we have turned off authentication in src/main/docker/sonar.yml for out of the box experience while trying out SonarQube, for real use cases turn it back on.

You can run a Sonar analysis with using the sonar-scanner or by using the gradle plugin.

Then, run a Sonar analysis:

./gradlew -Pprod clean check jacocoTestReport sonarqube

For more information, refer to the Code quality page.

Using Docker to simplify development (optional)

You can use Docker to improve your JHipster development experience. A number of docker-compose configuration are available in the src/main/docker folder to launch required third party services.

You can also fully dockerize your application and all the services that it depends on. To achieve this, first build a docker image of your app by running:

./gradlew bootJar -Pprod jibDockerBuild

Then run:

docker-compose -f src/main/docker/app.yml up -d

For more information refer to Using Docker and Docker-Compose, this page also contains information on the docker-compose sub-generator (jhipster docker-compose), which is able to generate docker configurations for one or several JHipster applications.

Continuous Integration (optional)

To configure CI for your project, run the ci-cd sub-generator (jhipster ci-cd), this will let you generate configuration files for a number of Continuous Integration systems. Consult the Setting up Continuous Integration page for more information.