Code Challenge “Vrolijke Framboos” Postmortem

Tuesday we had our second ever “Vrolijke Framboos” (Dutch for Happy Raspberry)
Java code challenge at JDriven and it was a blast! This year’s
challenge was to create a REST service client that would play a number guessing
game with the server. After setting up a session you would guess a number and the
server would respond with either “lower”, “higher” or “bingo”. The goal was to guess
as many numbers in the two minutes you’d be given. Given the name of the challenge
you can probably guess that the target platform would be a
Raspberry Pi!

It was an incredible and fun experience and in this post I want to explain how I
approached the challenge and how my solution ended up in the second place, making
me just miss the opportunity to take home the trophy and a new Raspberry.

Continue reading

Alternating between Spray-servlet and Spray-can

On a server you may want to deploy your application as a war. How to build a war with spray-servlet
Locally it’s easiest to run without an application server.

We include both the spray-servlet and spray-can dependencies:

We make a trait with all the common functionality. We extend both SprayApiServlet and SprayApiCan from it.

You can see the whole example here.

Building a rest API with spray

Building a rest API with akka and spray is easy. This is how I did it:
SprayApiApp:

ApiActor:

The full example code: https://github.com/tammosminia/sprayApiExample/tree/sprayCanStart

When we run this, we can do a get on http://localhost:8080/robots and get the list of robots:

And we can do a post to http://localhost:8080/robots to add a robot:
with header Content-Type: application/json

When we take a look at the logging, we notice that the code in the route construction will only run once during startup.
Only the code within complete and handleWith will be run with every request.

with thanks to: http://blog.michaelhamrah.com/2013/06/scala-web-apis-up-and-running-with-spray-and-akka/

Integration testing on REST urls with Spring Boot

We are building a Spring Boot application with a REST interface and at some point we wanted to test our REST interface, and if possible, integrate this testing with our regular unit tests. One way of doing this, would be to @Autowire our REST controllers and call our endpoints using that. However, this won’t give full converage, since it will skip things like JSON deserialisation and global exception handling. So the ideal situation for us would be to start our application when the unit test start, and close it again, after the last unit test.
It just so happens that Spring Boot does this all for us with one annotation: @IntegrationTest.
Here is an example implementation of an abstract class you can use for your unit-tests which will automatically start the application prior to starting your unit tests, caching it, and close it again at the end.

Stateless Spring Security Part 3: JWT + Social Authentication

This third and final part in my Stateless Spring Security series is about mixing previous post about JWT token based authentication with spring-social-security. This post directly builds upon it and focusses mostly on the changed parts. The idea is to substitude the username/password based login with “Login with Facebook” functionality based on OAuth 2, but still use the same token based authentication after that.

Login flow

Client-side

The user clicks on the “Login with Facebook” button which is a simple link to “/auth/facebook”, the SocialAuthenticationFilter notices the lack of additional query parameters and triggers a redirect leading the user of your site to Facebook. They login with their username/password and are redirected back, again to “/auth/facebook” but this time with “?code=…&state=…” parameters specified. (If the user previously logged in at facebook and had a cookie set, facebook will even instantly redirect back and no facebook screen is shown at all to the user.) The fun part is that you can follow this in a browsers network log as it’s all done using plain HTTP 302 redirects. (The “Location” header in the HTTP response is used to tell the browser where to go next)

Continue reading

Grails REST: Generate RestfulController

Since version 2.3 Grails has excellent support for creating REST APIs. This new support comes with some new console commands. Besides the well known generate-controller command, Grails now comes with a new command which let you generate restful controllers for a given domain class.

In the following example, we will create a restful controller using the new generate-restful-controller command.

First we create a domain object

Second we will generate the REST controller using the new command:

This command will generate a restful controller with the name MovieController with a default REST implementation. Notable is that this generated controller does not extend RestfulController<T> but gives you a full implementation of the REST functionality inside the actions.

Below you can see for example the default implementation of the index method of the generated restful controller.

Furthermore this command will generate the REST responseType settings so both JSON and XML formats are supported.

Code written in Grails 2.4.1

 

Stateless Spring Security Part 2: Stateless Authentication

This second part of the Stateless Spring Security series is about exploring means of authentication in a stateless way. If you missed the first part about CSRF you can find it here.

So when talking about Authentication, its all about having the client identify itself to the server in a verifiable manner. Typically this start with the server providing the client with a challenge, like a request to fill in a username / password. Today I want to focus on what happens after passing such initial (manual) challenge and how to deal with automatic re-authentication of futher HTTP requests.

Common approaches

Session Cookie based

The most common approach we probably all know is to use a server generated secret token (Session key) in the form of a JSESSIONID cookie. Initial setup for this is near nothing these days perhaps making you forget you have a choice to make here in the first place. Even without further using this “Session key” to store any other state “in the session”, the key itself is in fact state as well.  I.e. without a shared and persistent storage of these keys, no successful authentication will survive a server reboot or requests being load balanced to another server.

Continue reading

Suggested Parleys Watchlist for Devoxx 2013

This year we attended Devoxx 2013 with a total of 9 JDriven colleagues. After more than a week we finally recovered from a vast amount of great sessions, personal encounters and  ‘some’ Belgian beer. Looking back at Devoxx we had a great conference and like to thank the Devoxx team for making this possible. It was also good to notice that the majority of the sessions are related to subjects that drive us at JDriven, during our daily job and while further developing our expertise and craftsmanship, to name a few: Continuous Delivery, AngularJS, RESTful API’s, Gradle, Groovy, Grails, Java 8, Java EE.

The Devoxx 2013 sessions will be available at Parleys soon, hopefully just before the holidays. To protect you from infobesity we’d like to share our list of must watch sessions with you:

Suugested Parleys Watchlist for Devoxx 2013

Sven Peters – How To Do Kick-Ass Software Development
Sven, a presenter who is just full of energy, tells how software is developed at Atlassian and how they can build great software with even greater pleasure.
He explains how a good team, becomes a kick-ass team. He also mentioned that we as developers are always working to help automate others, but often forget to automate our own work. The presentation contains lots of tips and tricks.

Guillaume Laforge – What Makes Groovy Groovy
A great overview of the various aspects and power of Groovy targeted at Groovy newbies. The presentation contains great code examples, starting with Java code and showing off the Groovy alternatives ending up with less code but exactly the same functionality. A great session and good overview of how Groovy enriches (and improves) Java. Probably not too much news for Groovy experts but for a newbie certainly valuable.

Ben Hale – Designing a REST-ful API using Spring 4
Very good presentation that covered lot’s the concepts of the REST standards (or lack of it) and how to implement this using Spring 4 features and Spring-HATEOAS.

Seth Ladd – Mobile, multi-device, multi-player with HTML5 and Dart
A pretty solid, almost marketing, talk about developing the word game Boggle entirely using Dart. Seth also demonstrates his own recently developed API for offline-enabled browser-based web apps: Lawndart. The application has been developed as set of custom reusable components using polymer.dart (instead of angular.dart).
This presentation gave a great overview of Dart and the initial impression of Dart is very impressive. It certainly creates interest in investigating and playing with Dart.

Paul Sandoz – in full flow: Java 8 lambdas in the stream
A clear overview of the use of the new stream API to declaratively perform actions on lists using lambdas. Also the benefits and pitfalls of using streams in combination with multithreading are explained.

Simon Ritter – Is It A Car? Is It A Computer? No, It’s a Raspberry Pi JavaFX
A very nice session that explained how a Carputer could be made from a RaspberryPI and the risks you introduce when connecting your car with a RaspberryPI.
Using a touch screen connected to the RaspberryPI and an application developed using JavaFX to operate and view the data from the on-board computer.

Tugdual Grall, David Pilato – Elastify your app: from SQL to NoSQL in less than one hour!
Within an hour, a simple application backed by a SQL database is converted to a CouchBase database and then coupled with a Elasticsearch. The steps to take to convert the existing application are clearly explained. After the conversion, the data in the system is visualized using Kibana.

Geert Bevin – Programmers are way cooler than musicians
Geert Bevin presents the Eigenharp, a musical instrument which has been built on a completely different approach from it’s predecessors. Throughout his presentation he shows not only the instrument but also hints at the possibilities one gets if he lets go of “how things are”. An interesting display of thinking outside the box leading to a new design.

Hans Dockter – Gradle for Android and the Rest of the World Conference
Hans illustrated the possibilities and power of Gradle by explaining how the Gradle based build system for Android works. This new build system has been developed as a Gradle plugin by the Google Android team. He also noted that some people see the flexibility of  Gradle as a downside but stated that the opposite is true because you can use the power of Gradle to limit this flexibility. For instance you could fail a build when dependencies from a non whitelisted  repository are used.

This is just our short list ;) but have fun and see you next year @Devoxx!

How to create (singleton) AngularJS services in 4 different ways

Next to creating controllers and directives, AngularJS also supports “singleton” services.
Services, like on the server-side, offer a great way for separating logic from your controllers.

In AngularJS anything that’s either a primitive type, function or object can be a service.

Although the concept of service is quite straight forward, the declaration of them in AngularJS isn’t:

  • There are 4 different ways to declare a service.
    • Registering a existing value as a service
    • Registering a factory function to create the singleton service instance
    • Registering a constructor function to create the singleton service instance
    • Registering a service factory which can be configured
  • Only 1 of them is extensively documented

The other 3 are only barely documentedThis post describes each option and when to use it in more detail.

Continue reading

SpringOne 2012 essence

So what to take away from the SpringOne 2012 conference?
The overall theme of this conference is the changing world we as developer find ourselves in. As we all know the world of software development is always evolving at a rapid pace. This evolution always leads to changes in requirements and new solutions to breach the gap. In some cases these evolutions require a new way of thinking. The essence of this SpringOne is about the latter. The current evolution is driven by:

  • increases in data quantity
  • the explosion of browser enabled devices
  • the request for higher quality of service (an application needs to be able to survive outage of a data center)
  • near real time delivery of contextual information and social integration in frontends.

The combination of these new demands and requirements leads us to a so-called paradigm shift. These problems cannot be solved with past (or current) architecture. So we need to look at our applications in a new way. Building and modularizing them to account for scalability because that seems to be the answer to the questions asked.

We need to start thinking in federations to persist information across cloud instances. Size and package application modules so they can be scaled separately.
At his SpringOne conference the tools and the methods needed to do this were show cased. Adrian Colyer’s keynote on day two gives us a good idea of what Spring offers to help us cope with these changes and as always make our life easier.

You can view the full keynote here:
http://www.springsource.org/SpringOne2GX2012
or download the sheets: http://springone2012.s3-us-west-1.amazonaws.com/SpringOne2GX_2012_Keynote-Day-2_Final.pdf

As for some examples of tools that help you deal with these impending changes check out the VMware en SpringSource projects below: