first modif commit

.gitignore

@@ -0,0 +1,33 @@
+HELP.md
+target/
+!.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**/target/
+!**/src/test/**/target/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+build/
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### VS Code ###
+.vscode/

.mvn/wrapper/maven-wrapper.properties

@@ -0,0 +1,2 @@
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.6/apache-maven-3.8.6-bin.zip
+wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar

mvnw

@@ -0,0 +1,316 @@
+#!/bin/sh
+# ----------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#    https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+# ----------------------------------------------------------------------------
+
+# ----------------------------------------------------------------------------
+# Maven Start Up Batch script
+#
+# Required ENV vars:
+# ------------------
+#   JAVA_HOME - location of a JDK home dir
+#
+# Optional ENV vars
+# -----------------
+#   M2_HOME - location of maven2's installed home dir
+#   MAVEN_OPTS - parameters passed to the Java VM when running Maven
+#     e.g. to debug Maven itself, use
+#       set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
+#   MAVEN_SKIP_RC - flag to disable loading of mavenrc files
+# ----------------------------------------------------------------------------
+
+if [ -z "$MAVEN_SKIP_RC" ] ; then
+
+  if [ -f /usr/local/etc/mavenrc ] ; then
+    . /usr/local/etc/mavenrc
+  fi
+
+  if [ -f /etc/mavenrc ] ; then
+    . /etc/mavenrc
+  fi
+
+  if [ -f "$HOME/.mavenrc" ] ; then
+    . "$HOME/.mavenrc"
+  fi
+
+fi
+
+# OS specific support.  $var _must_ be set to either true or false.
+cygwin=false;
+darwin=false;
+mingw=false
+case "`uname`" in
+  CYGWIN*) cygwin=true ;;
+  MINGW*) mingw=true;;
+  Darwin*) darwin=true
+    # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
+    # See https://developer.apple.com/library/mac/qa/qa1170/_index.html
+    if [ -z "$JAVA_HOME" ]; then
+      if [ -x "/usr/libexec/java_home" ]; then
+        export JAVA_HOME="`/usr/libexec/java_home`"
+      else
+        export JAVA_HOME="/Library/Java/Home"
+      fi
+    fi
+    ;;
+esac
+
+if [ -z "$JAVA_HOME" ] ; then
+  if [ -r /etc/gentoo-release ] ; then
+    JAVA_HOME=`java-config --jre-home`
+  fi
+fi
+
+if [ -z "$M2_HOME" ] ; then
+  ## resolve links - $0 may be a link to maven's home
+  PRG="$0"
+
+  # need this for relative symlinks
+  while [ -h "$PRG" ] ; do
+    ls=`ls -ld "$PRG"`
+    link=`expr "$ls" : '.*-> \(.*\)$'`
+    if expr "$link" : '/.*' > /dev/null; then
+      PRG="$link"
+    else
+      PRG="`dirname "$PRG"`/$link"
+    fi
+  done
+
+  saveddir=`pwd`
+
+  M2_HOME=`dirname "$PRG"`/..
+
+  # make it fully qualified
+  M2_HOME=`cd "$M2_HOME" && pwd`
+
+  cd "$saveddir"
+  # echo Using m2 at $M2_HOME
+fi
+
+# For Cygwin, ensure paths are in UNIX format before anything is touched
+if $cygwin ; then
+  [ -n "$M2_HOME" ] &&
+    M2_HOME=`cygpath --unix "$M2_HOME"`
+  [ -n "$JAVA_HOME" ] &&
+    JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
+  [ -n "$CLASSPATH" ] &&
+    CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
+fi
+
+# For Mingw, ensure paths are in UNIX format before anything is touched
+if $mingw ; then
+  [ -n "$M2_HOME" ] &&
+    M2_HOME="`(cd "$M2_HOME"; pwd)`"
+  [ -n "$JAVA_HOME" ] &&
+    JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
+fi
+
+if [ -z "$JAVA_HOME" ]; then
+  javaExecutable="`which javac`"
+  if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
+    # readlink(1) is not available as standard on Solaris 10.
+    readLink=`which readlink`
+    if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
+      if $darwin ; then
+        javaHome="`dirname \"$javaExecutable\"`"
+        javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
+      else
+        javaExecutable="`readlink -f \"$javaExecutable\"`"
+      fi
+      javaHome="`dirname \"$javaExecutable\"`"
+      javaHome=`expr "$javaHome" : '\(.*\)/bin'`
+      JAVA_HOME="$javaHome"
+      export JAVA_HOME
+    fi
+  fi
+fi
+
+if [ -z "$JAVACMD" ] ; then
+  if [ -n "$JAVA_HOME"  ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+      # IBM's JDK on AIX uses strange locations for the executables
+      JAVACMD="$JAVA_HOME/jre/sh/java"
+    else
+      JAVACMD="$JAVA_HOME/bin/java"
+    fi
+  else
+    JAVACMD="`\\unset -f command; \\command -v java`"
+  fi
+fi
+
+if [ ! -x "$JAVACMD" ] ; then
+  echo "Error: JAVA_HOME is not defined correctly." >&2
+  echo "  We cannot execute $JAVACMD" >&2
+  exit 1
+fi
+
+if [ -z "$JAVA_HOME" ] ; then
+  echo "Warning: JAVA_HOME environment variable is not set."
+fi
+
+CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
+
+# traverses directory structure from process work directory to filesystem root
+# first directory with .mvn subdirectory is considered project base directory
+find_maven_basedir() {
+
+  if [ -z "$1" ]
+  then
+    echo "Path not specified to find_maven_basedir"
+    return 1
+  fi
+
+  basedir="$1"
+  wdir="$1"
+  while [ "$wdir" != '/' ] ; do
+    if [ -d "$wdir"/.mvn ] ; then
+      basedir=$wdir
+      break
+    fi
+    # workaround for JBEAP-8937 (on Solaris 10/Sparc)
+    if [ -d "${wdir}" ]; then
+      wdir=`cd "$wdir/.."; pwd`
+    fi
+    # end of workaround
+  done
+  echo "${basedir}"
+}
+
+# concatenates all lines of a file
+concat_lines() {
+  if [ -f "$1" ]; then
+    echo "$(tr -s '\n' ' ' < "$1")"
+  fi
+}
+
+BASE_DIR=`find_maven_basedir "$(pwd)"`
+if [ -z "$BASE_DIR" ]; then
+  exit 1;
+fi
+
+##########################################################################################
+# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
+# This allows using the maven wrapper in projects that prohibit checking in binary data.
+##########################################################################################
+if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then
+    if [ "$MVNW_VERBOSE" = true ]; then
+      echo "Found .mvn/wrapper/maven-wrapper.jar"
+    fi
+else
+    if [ "$MVNW_VERBOSE" = true ]; then
+      echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..."
+    fi
+    if [ -n "$MVNW_REPOURL" ]; then
+      jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+    else
+      jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+    fi
+    while IFS="=" read key value; do
+      case "$key" in (wrapperUrl) jarUrl="$value"; break ;;
+      esac
+    done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties"
+    if [ "$MVNW_VERBOSE" = true ]; then
+      echo "Downloading from: $jarUrl"
+    fi
+    wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar"
+    if $cygwin; then
+      wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"`
+    fi
+
+    if command -v wget > /dev/null; then
+        if [ "$MVNW_VERBOSE" = true ]; then
+          echo "Found wget ... using wget"
+        fi
+        if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
+            wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
+        else
+            wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
+        fi
+    elif command -v curl > /dev/null; then
+        if [ "$MVNW_VERBOSE" = true ]; then
+          echo "Found curl ... using curl"
+        fi
+        if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
+            curl -o "$wrapperJarPath" "$jarUrl" -f
+        else
+            curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f
+        fi
+
+    else
+        if [ "$MVNW_VERBOSE" = true ]; then
+          echo "Falling back to using Java to download"
+        fi
+        javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java"
+        # For Cygwin, switch paths to Windows format before running javac
+        if $cygwin; then
+          javaClass=`cygpath --path --windows "$javaClass"`
+        fi
+        if [ -e "$javaClass" ]; then
+            if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
+                if [ "$MVNW_VERBOSE" = true ]; then
+                  echo " - Compiling MavenWrapperDownloader.java ..."
+                fi
+                # Compiling the Java class
+                ("$JAVA_HOME/bin/javac" "$javaClass")
+            fi
+            if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
+                # Running the downloader
+                if [ "$MVNW_VERBOSE" = true ]; then
+                  echo " - Running MavenWrapperDownloader.java ..."
+                fi
+                ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR")
+            fi
+        fi
+    fi
+fi
+##########################################################################################
+# End of extension
+##########################################################################################
+
+export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
+if [ "$MVNW_VERBOSE" = true ]; then
+  echo $MAVEN_PROJECTBASEDIR
+fi
+MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
+
+# For Cygwin, switch paths to Windows format before running java
+if $cygwin; then
+  [ -n "$M2_HOME" ] &&
+    M2_HOME=`cygpath --path --windows "$M2_HOME"`
+  [ -n "$JAVA_HOME" ] &&
+    JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
+  [ -n "$CLASSPATH" ] &&
+    CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
+  [ -n "$MAVEN_PROJECTBASEDIR" ] &&
+    MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
+fi
+
+# Provide a "standardized" way to retrieve the CLI args that will
+# work with both Windows and non-Windows executions.
+MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@"
+export MAVEN_CMD_LINE_ARGS
+
+WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
+
+exec "$JAVACMD" \
+  $MAVEN_OPTS \
+  $MAVEN_DEBUG_OPTS \
+  -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
+  "-Dmaven.home=${M2_HOME}" \
+  "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
+  ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"

mvnw.cmd

@@ -0,0 +1,188 @@
+@REM ----------------------------------------------------------------------------
+@REM Licensed to the Apache Software Foundation (ASF) under one
+@REM or more contributor license agreements.  See the NOTICE file
+@REM distributed with this work for additional information
+@REM regarding copyright ownership.  The ASF licenses this file
+@REM to you under the Apache License, Version 2.0 (the
+@REM "License"); you may not use this file except in compliance
+@REM with the License.  You may obtain a copy of the License at
+@REM
+@REM    https://www.apache.org/licenses/LICENSE-2.0
+@REM
+@REM Unless required by applicable law or agreed to in writing,
+@REM software distributed under the License is distributed on an
+@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+@REM KIND, either express or implied.  See the License for the
+@REM specific language governing permissions and limitations
+@REM under the License.
+@REM ----------------------------------------------------------------------------
+
+@REM ----------------------------------------------------------------------------
+@REM Maven Start Up Batch script
+@REM
+@REM Required ENV vars:
+@REM JAVA_HOME - location of a JDK home dir
+@REM
+@REM Optional ENV vars
+@REM M2_HOME - location of maven2's installed home dir
+@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
+@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
+@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
+@REM     e.g. to debug Maven itself, use
+@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
+@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
+@REM ----------------------------------------------------------------------------
+
+@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
+@echo off
+@REM set title of command window
+title %0
+@REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
+@if "%MAVEN_BATCH_ECHO%" == "on"  echo %MAVEN_BATCH_ECHO%
+
+@REM set %HOME% to equivalent of $HOME
+if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
+
+@REM Execute a user defined script before this one
+if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
+@REM check for pre script, once with legacy .bat ending and once with .cmd ending
+if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
+if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
+:skipRcPre
+
+@setlocal
+
+set ERROR_CODE=0
+
+@REM To isolate internal variables from possible post scripts, we use another setlocal
+@setlocal
+
+@REM ==== START VALIDATION ====
+if not "%JAVA_HOME%" == "" goto OkJHome
+
+echo.
+echo Error: JAVA_HOME not found in your environment. >&2
+echo Please set the JAVA_HOME variable in your environment to match the >&2
+echo location of your Java installation. >&2
+echo.
+goto error
+
+:OkJHome
+if exist "%JAVA_HOME%\bin\java.exe" goto init
+
+echo.
+echo Error: JAVA_HOME is set to an invalid directory. >&2
+echo JAVA_HOME = "%JAVA_HOME%" >&2
+echo Please set the JAVA_HOME variable in your environment to match the >&2
+echo location of your Java installation. >&2
+echo.
+goto error
+
+@REM ==== END VALIDATION ====
+
+:init
+
+@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
+@REM Fallback to current working directory if not found.
+
+set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
+IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
+
+set EXEC_DIR=%CD%
+set WDIR=%EXEC_DIR%
+:findBaseDir
+IF EXIST "%WDIR%"\.mvn goto baseDirFound
+cd ..
+IF "%WDIR%"=="%CD%" goto baseDirNotFound
+set WDIR=%CD%
+goto findBaseDir
+
+:baseDirFound
+set MAVEN_PROJECTBASEDIR=%WDIR%
+cd "%EXEC_DIR%"
+goto endDetectBaseDir
+
+:baseDirNotFound
+set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
+cd "%EXEC_DIR%"
+
+:endDetectBaseDir
+
+IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
+
+@setlocal EnableExtensions EnableDelayedExpansion
+for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
+@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
+
+:endReadAdditionalConfig
+
+SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
+set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
+set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
+
+set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+
+FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
+    IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
+)
+
+@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
+@REM This allows using the maven wrapper in projects that prohibit checking in binary data.
+if exist %WRAPPER_JAR% (
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Found %WRAPPER_JAR%
+    )
+) else (
+    if not "%MVNW_REPOURL%" == "" (
+        SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+    )
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Couldn't find %WRAPPER_JAR%, downloading it ...
+        echo Downloading from: %DOWNLOAD_URL%
+    )
+
+    powershell -Command "&{"^
+		"$webclient = new-object System.Net.WebClient;"^
+		"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
+		"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
+		"}"^
+		"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^
+		"}"
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Finished downloading %WRAPPER_JAR%
+    )
+)
+@REM End of extension
+
+@REM Provide a "standardized" way to retrieve the CLI args that will
+@REM work with both Windows and non-Windows executions.
+set MAVEN_CMD_LINE_ARGS=%*
+
+%MAVEN_JAVA_EXE% ^
+  %JVM_CONFIG_MAVEN_PROPS% ^
+  %MAVEN_OPTS% ^
+  %MAVEN_DEBUG_OPTS% ^
+  -classpath %WRAPPER_JAR% ^
+  "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
+  %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
+if ERRORLEVEL 1 goto error
+goto end
+
+:error
+set ERROR_CODE=1
+
+:end
+@endlocal & set ERROR_CODE=%ERROR_CODE%
+
+if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
+@REM check for post script, once with legacy .bat ending and once with .cmd ending
+if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
+if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
+:skipRcPost
+
+@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
+if "%MAVEN_BATCH_PAUSE%"=="on" pause
+
+if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
+
+cmd /C exit /B %ERROR_CODE%

pom.xml

@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-parent</artifactId>
+		<version>2.7.4</version>
+		<relativePath/> <!-- lookup parent from repository -->
+	</parent>
+	<groupId>fr.natan.microservices</groupId>
+	<artifactId>spring-security-server-jwt</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+	<name>spring-security-server-jwt</name>
+	<description>Spring Security Server with Json Web Token (JWT)</description>
+	<properties>
+		<java.version>11</java.version>
+	</properties>
+	<dependencies>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-jpa</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-devtools</artifactId>
+			<scope>runtime</scope>
+			<optional>true</optional>
+		</dependency>
+		<dependency>
+			<groupId>mysql</groupId>
+			<artifactId>mysql-connector-java</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>com.auth0</groupId>
+			<artifactId>java-jwt</artifactId>
+			<version>4.0.0</version>
+		</dependency>
+
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>

src/main/java/fr/natan/microservices/springsecurityserverjwt/SpringSecurityServerJwtApplication.java

@@ -0,0 +1,75 @@
+package fr.natan.microservices.springsecurityserverjwt;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@SpringBootApplication
+public class SpringSecurityServerJwtApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(SpringSecurityServerJwtApplication.class, args);
+    }
+
+    @Bean
+    PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+   /* @Bean
+    public CommandLineRunner start(AccountService accountService) {
+        return args -> {
+
+            AppRole[] appRoles = {
+                    new AppRole(null, "user"),
+                    new AppRole(null, "cto"),
+                    new AppRole(null, "ceo"),
+                    new AppRole(null, "hr"),
+                    new AppRole(null, "communication"),
+                    new AppRole(null, "other-roles")
+            };
+
+
+            for (short i = 0; i < appRoles.length; i++) {
+                accountService.addNewRole(appRoles[i]);
+            }
+
+            UserAccount[] users = {
+                    new UserAccount(null, "placide.nduwayo", "1234", new ArrayList<>()),
+                    new UserAccount(null, "smail.sellah", "1234", new ArrayList<>()),
+                    new UserAccount(null, "charles.benassaya", "1234", new ArrayList<>()),
+                    new UserAccount(null, "david.nivet", "1234", new ArrayList<>()),
+                    new UserAccount(null, "david.touitou", "1234", new ArrayList<>()),
+                    new UserAccount(null, "sarah.leray", "1234", new ArrayList<>()),
+                    new UserAccount(null, "naolie.boudouka", "1234", new ArrayList<>())
+            };
+
+            for (short i = 0; i < users.length; i++) {
+                accountService.addNewUserAccount(users[i]);
+            }
+
+            //Charles et david nivet à tous les roles
+            for (short i = 0; i < appRoles.length; i++) {
+                accountService.addRoleToUser(users[2].getUsername(), appRoles[i].getRoleName());
+            }
+            for (short i = 0; i < appRoles.length; i++) {
+                accountService.addRoleToUser(users[3].getUsername(), appRoles[i].getRoleName());
+            }
+
+            accountService.addRoleToUser(users[0].getUsername(), appRoles[0].getRoleName());
+            accountService.addRoleToUser(users[0].getUsername(), appRoles[5].getRoleName());
+            accountService.addRoleToUser(users[1].getUsername(), appRoles[0].getRoleName());
+            accountService.addRoleToUser(users[1].getUsername(), appRoles[5].getRoleName());
+            accountService.addRoleToUser(users[4].getUsername(), appRoles[0].getRoleName());
+            accountService.addRoleToUser(users[4].getUsername(), appRoles[5].getRoleName());
+            accountService.addRoleToUser(users[5].getUsername(), appRoles[0].getRoleName());
+            accountService.addRoleToUser(users[5].getUsername(), appRoles[3].getRoleName());
+            accountService.addRoleToUser(users[5].getUsername(), appRoles[5].getRoleName());
+            accountService.addRoleToUser(users[6].getUsername(), appRoles[0].getRoleName());
+            accountService.addRoleToUser(users[6].getUsername(), appRoles[4].getRoleName());
+            accountService.addRoleToUser(users[6].getUsername(), appRoles[5].getRoleName());
+        };
+    }*/
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/models/AppRole.java

@@ -0,0 +1,35 @@
+package fr.natan.microservices.springsecurityserverjwt.models;
+
+import javax.persistence.*;
+
+@Entity
+public class AppRole {
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+    private String roleName;
+
+    public AppRole() {
+    }
+
+    public AppRole(Long id, String roleName) {
+        this.id = id;
+        this.roleName = roleName;
+    }
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getRoleName() {
+        return roleName;
+    }
+
+    public void setRoleName(String roleName) {
+        this.roleName = roleName;
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/models/UserAccount.java

@@ -0,0 +1,61 @@
+package fr.natan.microservices.springsecurityserverjwt.models;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import javax.persistence.*;
+import java.util.ArrayList;
+import java.util.Collection;
+
+@Entity
+public class UserAccount {
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+    private String username;
+    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
+    private String pwd;
+    @ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL)
+    private Collection<AppRole> appRoles = new ArrayList<>();
+
+    public UserAccount() {
+    }
+
+    public UserAccount(Long id, String username, String pwd, Collection<AppRole> appRoles) {
+        this.id = id;
+        this.username = username;
+        this.pwd = pwd;
+        this.appRoles = appRoles;
+    }
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPwd() {
+        return pwd;
+    }
+
+    public void setPwd(String pwd) {
+        this.pwd = pwd;
+    }
+
+    public Collection<AppRole> getAppRoles() {
+        return appRoles;
+    }
+
+    public void setAppRoles(Collection<AppRole> appRoles) {
+        this.appRoles = appRoles;
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/models/UserAccountRoleForm.java

@@ -0,0 +1,28 @@
+package fr.natan.microservices.springsecurityserverjwt.models;
+
+public class UserAccountRoleForm {
+
+    private String username;
+    private String roleName;
+
+    public UserAccountRoleForm(String username, String roleName) {
+        this.username = username;
+        this.roleName = roleName;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getRoleName() {
+        return roleName;
+    }
+
+    public void setRoleName(String roleName) {
+        this.roleName = roleName;
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/moduleExceptions/businessExceptions/AppRoleNotFoundException.java

@@ -0,0 +1,4 @@
+package fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions;
+
+public class AppRoleNotFoundException extends Exception {
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/moduleExceptions/businessExceptions/RoleAlreadyExistsException.java

@@ -0,0 +1,4 @@
+package fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions;
+
+public class RoleAlreadyExistsException extends Exception {
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/moduleExceptions/businessExceptions/RoleFieldsInvalidException.java

@@ -0,0 +1,4 @@
+package fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions;
+
+public class RoleFieldsInvalidException extends Exception {
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/moduleExceptions/businessExceptions/UserAccountAlreadyAssignedThatRoleException.java

@@ -0,0 +1,4 @@
+package fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions;
+
+public class UserAccountAlreadyAssignedThatRoleException extends Exception {
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/moduleExceptions/businessExceptions/UserAccountAlreadyExistsException.java

@@ -0,0 +1,4 @@
+package fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions;
+
+public class UserAccountAlreadyExistsException extends Exception {
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/moduleExceptions/businessExceptions/UserAccountFieldsInvalidException.java

@@ -0,0 +1,4 @@
+package fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions;
+
+public class UserAccountFieldsInvalidException extends Exception {
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/moduleExceptions/businessExceptions/UserAccountNotFoundException.java

@@ -0,0 +1,4 @@
+package fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions;
+
+public class UserAccountNotFoundException extends Exception {
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/moduleExceptions/exceptionHandler/AccountExceptionHandler.java

@@ -0,0 +1,53 @@
+package fr.natan.microservices.springsecurityserverjwt.moduleExceptions.exceptionHandler;
+
+import fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions.*;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+
+@ControllerAdvice
+public class AccountExceptionHandler {
+
+    @ExceptionHandler(value = UserAccountAlreadyExistsException.class)
+    private ResponseEntity<String> handleUserAccountAlreadyExistsException() {
+        return new ResponseEntity<>("UserAccount Already Exists Exception",
+                HttpStatus.NOT_ACCEPTABLE);
+    }
+
+    @ExceptionHandler(value = RoleAlreadyExistsException.class)
+    private ResponseEntity<String> handleRoleAlreadyExistsException() {
+        return new ResponseEntity<>("Role Already Exists Exception",
+                HttpStatus.NOT_ACCEPTABLE);
+    }
+
+    @ExceptionHandler(value = UserAccountFieldsInvalidException.class)
+    private ResponseEntity<String> handleUserAccountFieldsInvalidException() {
+        return new ResponseEntity<>("UserAccount Fields' Values Invalid Exception",
+                HttpStatus.NOT_ACCEPTABLE);
+    }
+
+    @ExceptionHandler(value = RoleFieldsInvalidException.class)
+    private ResponseEntity<String> handleRoleFieldsInvalidException() {
+        return new ResponseEntity<>("Role Fields' Values Invalid Exception",
+                HttpStatus.NOT_ACCEPTABLE);
+    }
+
+    @ExceptionHandler(value = AppRoleNotFoundException.class)
+    private ResponseEntity<String> handleAppRoleNotFoundException() {
+        return new ResponseEntity<>("Role Not Found Exception",
+                HttpStatus.NOT_FOUND);
+    }
+
+    @ExceptionHandler(value = UserAccountNotFoundException.class)
+    private ResponseEntity<String> handleUserAccountNotFoundException() {
+        return new ResponseEntity<>("User Account Not Found Exception",
+                HttpStatus.NOT_FOUND);
+    }
+
+    @ExceptionHandler(value = UserAccountAlreadyAssignedThatRoleException.class)
+    private ResponseEntity<String> handleUserAccountAlreadyAssignedThatRoleException() {
+        return new ResponseEntity<>("UserAccount Already Assigned that Role Exception",
+                HttpStatus.NOT_ACCEPTABLE);
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/repositories/RoleRepo.java

@@ -0,0 +1,9 @@
+package fr.natan.microservices.springsecurityserverjwt.repositories;
+
+import fr.natan.microservices.springsecurityserverjwt.models.AppRole;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+
+public interface RoleRepo extends JpaRepository<AppRole, Long> {
+    AppRole findByRoleName(String roleName);
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/repositories/UserAccountRepo.java

@@ -0,0 +1,8 @@
+package fr.natan.microservices.springsecurityserverjwt.repositories;
+
+import fr.natan.microservices.springsecurityserverjwt.models.UserAccount;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface UserAccountRepo extends JpaRepository<UserAccount, Long> {
+    UserAccount findByUsername(String username);
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/service/services/AccountService.java

@@ -0,0 +1,20 @@
+package fr.natan.microservices.springsecurityserverjwt.service.services;
+
+import fr.natan.microservices.springsecurityserverjwt.models.AppRole;
+import fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions.*;
+import fr.natan.microservices.springsecurityserverjwt.models.UserAccount;
+
+import java.util.Collection;
+
+public interface AccountService {
+    UserAccount addNewUserAccount(UserAccount userAccount) throws UserAccountAlreadyExistsException,
+            UserAccountFieldsInvalidException;
+    UserAccount getUserByUsername(String username) throws UserAccountNotFoundException;
+    Collection<UserAccount> loadAllUsers();
+    Collection<AppRole> loadAllRoles();
+    AppRole addNewRole(AppRole appRole) throws RoleAlreadyExistsException, RoleFieldsInvalidException;
+    AppRole getRoleByRoleName(String  roleName) throws  AppRoleNotFoundException;
+    void addRoleToUser(String username, String roleName) throws AppRoleNotFoundException, UserAccountNotFoundException,
+            UserAccountAlreadyAssignedThatRoleException;
+}
+

src/main/java/fr/natan/microservices/springsecurityserverjwt/service/services/AccountServiceImpl.java

@@ -0,0 +1,105 @@
+package fr.natan.microservices.springsecurityserverjwt.service.services;
+
+import fr.natan.microservices.springsecurityserverjwt.models.AppRole;
+import fr.natan.microservices.springsecurityserverjwt.models.UserAccount;
+import fr.natan.microservices.springsecurityserverjwt.models.UserAccountRoleForm;
+import fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions.*;
+import fr.natan.microservices.springsecurityserverjwt.repositories.RoleRepo;
+import fr.natan.microservices.springsecurityserverjwt.repositories.UserAccountRepo;
+import fr.natan.microservices.springsecurityserverjwt.service.utilities.UserAccountAndRolesValidator;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+
+import javax.transaction.Transactional;
+import java.util.Collection;
+
+@Service
+@Transactional
+public class AccountServiceImpl implements AccountService {
+    private final UserAccountRepo userAccountRepo;
+    private final RoleRepo roleRepo;
+    private final PasswordEncoder passwordEncoder;
+
+    public AccountServiceImpl(UserAccountRepo userAccountRepo, RoleRepo roleRepo,
+                              PasswordEncoder passwordEncoder) {
+        this.userAccountRepo = userAccountRepo;
+        this.roleRepo = roleRepo;
+        this.passwordEncoder = passwordEncoder;
+    }
+
+    @Override
+    public UserAccount addNewUserAccount(UserAccount userAccount) throws UserAccountAlreadyExistsException,
+            UserAccountFieldsInvalidException {
+
+        if (!UserAccountAndRolesValidator.isValidUserAccount(userAccount)) {
+            throw new UserAccountFieldsInvalidException();
+        }
+        UserAccount formattedUserAccount = UserAccountAndRolesValidator.formatUserAccount(userAccount);
+
+        if (getUserByUsername(formattedUserAccount.getUsername())!=null) {
+            throw new UserAccountAlreadyExistsException();
+        }
+
+        String password = formattedUserAccount.getPwd();
+        formattedUserAccount.setPwd(passwordEncoder.encode(password));
+
+
+        return userAccountRepo.save(formattedUserAccount);
+    }
+
+    @Override
+    public UserAccount getUserByUsername(String username) {
+       UserAccount userAccount =  userAccountRepo.findByUsername(username);
+
+        return userAccount;
+    }
+
+    @Override
+    public Collection<UserAccount> loadAllUsers() {
+        return userAccountRepo.findAll();
+    }
+
+    @Override
+    public Collection<AppRole> loadAllRoles() {
+        return roleRepo.findAll();
+    }
+
+    @Override
+    public AppRole addNewRole(AppRole appRole) throws RoleAlreadyExistsException, RoleFieldsInvalidException {
+        if (!UserAccountAndRolesValidator.isValidRole(appRole)) {
+            throw new RoleFieldsInvalidException();
+        }
+        AppRole formattedAppRole = UserAccountAndRolesValidator.formatRoles(appRole);
+
+        if (getRoleByRoleName(formattedAppRole.getRoleName())!=null) {
+            throw new RoleAlreadyExistsException();
+        }
+        return roleRepo.save(formattedAppRole);
+    }
+
+    @Override
+    public AppRole getRoleByRoleName(String roleName) {
+        AppRole appRole = roleRepo.findByRoleName(roleName);
+        return appRole;
+    }
+
+    @Override
+    public void addRoleToUser(String username, String roleName) throws AppRoleNotFoundException,
+            UserAccountNotFoundException, UserAccountAlreadyAssignedThatRoleException {
+        AppRole appRole = getRoleByRoleName(roleName);
+        if(appRole==null){
+            throw new AppRoleNotFoundException();
+        }
+       UserAccount userAccount =  getUserByUsername(username);
+        if(userAccount==null){
+            throw new UserAccountNotFoundException();
+        }
+
+        if(userAccount.getAppRoles().contains(appRole)){
+            throw new UserAccountAlreadyAssignedThatRoleException();
+        }
+        userAccount.getAppRoles().add(appRole);
+
+        new UserAccountRoleForm(username, roleName);
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/service/utilities/UserAccountAndRolesValidator.java

@@ -0,0 +1,33 @@
+package fr.natan.microservices.springsecurityserverjwt.service.utilities;
+
+import fr.natan.microservices.springsecurityserverjwt.models.AppRole;
+import fr.natan.microservices.springsecurityserverjwt.models.UserAccount;
+
+public class UserAccountAndRolesValidator {
+
+    public static UserAccount formatUserAccount(UserAccount userAccount){
+        userAccount.setUsername(userAccount.getUsername().strip().toLowerCase());
+        return  userAccount;
+    }
+
+    public static boolean isValidUserAccount(UserAccount userAccount){
+        if(userAccount.getUsername().isEmpty() || userAccount.getPwd().isEmpty()){
+            return false;
+        }
+
+        return true;
+    }
+
+    public static AppRole formatRoles(AppRole appRole){
+
+        appRole.setRoleName(appRole.getRoleName().strip().toUpperCase());
+        return appRole;
+    }
+
+    public static boolean isValidRole(AppRole appRole){
+        if(appRole.getRoleName().isEmpty()){
+            return false;
+        }
+        return true;
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/t_authenticationFilter/a_userCreation/MyUserDetailsServiceImpl.java

@@ -0,0 +1,42 @@
+package fr.natan.microservices.springsecurityserverjwt.t_authenticationFilter.a_userCreation;
+
+import fr.natan.microservices.springsecurityserverjwt.models.AppRole;
+import fr.natan.microservices.springsecurityserverjwt.models.UserAccount;
+import fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions.UserAccountNotFoundException;
+import fr.natan.microservices.springsecurityserverjwt.service.services.AccountService;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+import java.util.ArrayList;
+import java.util.Collection;
+
+public class MyUserDetailsServiceImpl implements UserDetailsService {
+    private final AccountService accountService;
+
+    public MyUserDetailsServiceImpl(AccountService accountService) {
+        this.accountService = accountService;
+    }
+
+    //création d'utilisateur spring pour s'authentifier
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        UserAccount userAccount = null;
+        try {
+            userAccount = accountService.getUserByUsername(username);
+        } catch (UserAccountNotFoundException e) {
+            e.printStackTrace();
+        }
+        assert userAccount!=null;
+        Collection<AppRole> appRoles = userAccount.getAppRoles();
+        Collection<GrantedAuthority> grantedAuthorities = new ArrayList<>();
+        for(AppRole appRole : appRoles){
+            grantedAuthorities.add(new SimpleGrantedAuthority(appRole.getRoleName()));
+        }
+
+        return new User(userAccount.getUsername(), userAccount.getPwd(), grantedAuthorities);
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/t_authenticationFilter/b_authenticationFilter/FinalVariables.java

@@ -0,0 +1,18 @@
+package fr.natan.microservices.springsecurityserverjwt.t_authenticationFilter.b_authenticationFilter;
+
+import javax.swing.plaf.PanelUI;
+
+public class FinalVariables {
+    public static final String USERNAME ="username";
+    public static final String PWD="pwd";
+    public static final String SECRET="mon secret";
+    public static final String AUTHORIZATION ="Authorization";
+    public static final String ROLES="roles";
+    public static final String ACCESS_TOKEN = "jwt-access-token";
+    public static final String REFRESH_TOKEN = "jwt-refresh-token";
+    public static final long REFRESH_TOKEN_EXPIRED_AT = 3600000;//1h
+    public static final long ACCESS_TOKEN_EXPIRED_AT = 1800000;//30mi,
+    public static final String START_WITH = "Bearer ";
+    public static final String [] AUTHORITIES = {"USER","CTO", "CEO","HR","COMMUNICATION","OTHER-ROLES"};
+    public static final String [] ENDPOINTS = {"/users/**","/roles/**","/add-role-to-user/**"};
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/t_authenticationFilter/b_authenticationFilter/JWTAuthenticationFilter.java

@@ -0,0 +1,85 @@
+package fr.natan.microservices.springsecurityserverjwt.t_authenticationFilter.b_authenticationFilter;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.time.Instant;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+import static org.springframework.util.MimeTypeUtils.APPLICATION_JSON_VALUE;
+
+
+public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
+    private final AuthenticationManager authenticationManager;
+
+    public JWTAuthenticationFilter(AuthenticationManager authenticationManager) {
+        this.authenticationManager = authenticationManager;
+    }
+
+    //la methode attemptAuthentication crée un object de type Authentication contenant login et password
+    @Override
+    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
+            throws AuthenticationException {
+        String username = request.getParameter(FinalVariables.USERNAME);
+        String password = request.getParameter(FinalVariables.PWD);
+        UsernamePasswordAuthenticationToken authenticationToken = new
+                UsernamePasswordAuthenticationToken(username, password);
+
+        return authenticationManager.authenticate(authenticationToken);
+    }
+
+
+    //si l'authentification a réussi, Spring Chain Filter récupère le user authentifié
+    // et construit le JWT
+    @Override
+    protected void successfulAuthentication(
+            HttpServletRequest request, HttpServletResponse response,
+            FilterChain chain, Authentication authResult
+    ) throws IOException {
+
+        User user = (User) authResult.getPrincipal();//récupération du user authentifié
+        //on commence ici la création du JWT
+        Algorithm algorithm = Algorithm.HMAC256(FinalVariables.SECRET.getBytes());
+        Instant now = Instant.now();
+        String JWTAccessToken = JWT.create()
+                .withSubject(user.getUsername())
+                .withIssuedAt(Date.from(now))
+                .withExpiresAt(now.plusMillis(FinalVariables.ACCESS_TOKEN_EXPIRED_AT))
+                .withIssuer(request.getRequestURL().toString())
+                .withClaim(FinalVariables.ROLES, user.getAuthorities().stream()
+                        .map(grantedAuthority -> grantedAuthority.getAuthority())
+                        .collect(Collectors.toList()))
+                .sign(algorithm);
+
+
+        String JWTRefreshToken = JWT.create()
+                .withSubject(user.getUsername())
+                .withIssuedAt(Date.from(now))
+                .withExpiresAt(Date.from(now.plusMillis(FinalVariables.REFRESH_TOKEN_EXPIRED_AT)))
+                .withIssuer(request.getRequestURL().toString())
+                .sign(algorithm);
+        Map<String, String> tokens = new HashMap<>(){
+            {
+                put(FinalVariables.ACCESS_TOKEN, JWTAccessToken);
+                put(FinalVariables.REFRESH_TOKEN, JWTRefreshToken);
+            }
+        };
+        response.setContentType(APPLICATION_JSON_VALUE);
+        new ObjectMapper().writeValue(response.getOutputStream(),tokens);
+    }
+}
+

src/main/java/fr/natan/microservices/springsecurityserverjwt/t_authenticationFilter/c_filterConfig/SpringFilterChain.java

@@ -0,0 +1,69 @@
+package fr.natan.microservices.springsecurityserverjwt.t_authenticationFilter.c_filterConfig;
+
+import fr.natan.microservices.springsecurityserverjwt.service.services.AccountService;
+import fr.natan.microservices.springsecurityserverjwt.t_authenticationFilter.a_userCreation.MyUserDetailsServiceImpl;
+import fr.natan.microservices.springsecurityserverjwt.t_authenticationFilter.b_authenticationFilter.FinalVariables;
+import fr.natan.microservices.springsecurityserverjwt.t_authenticationFilter.b_authenticationFilter.JWTAuthenticationFilter;
+import fr.natan.microservices.springsecurityserverjwt.tt_authorizationFilter.JWTAuthorizationFilter;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+import static org.springframework.http.HttpMethod.GET;
+import static org.springframework.http.HttpMethod.POST;
+
+@Configuration
+@EnableWebSecurity
+public class SpringFilterChain {
+
+    //configuration des droits d'accès aux endpoints des request avec HttpSecurity
+    //Dans cette méthode securityFilterChain(), on y met toutes les filtres définis
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
+
+        SecurityFilterChain filteredSecurityChain =
+                httpSecurity
+                        .csrf(csrf -> csrf.disable())
+                        .headers(header -> header.frameOptions().disable())
+                        .sessionManagement(session -> session
+                                .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                        .authorizeHttpRequests(httpRequest ->
+                                httpRequest
+                                        .antMatchers(GET, FinalVariables.ENDPOINTS[0]).hasAnyAuthority(
+                                                FinalVariables.AUTHORITIES
+                                        )
+                                        .antMatchers(POST, FinalVariables.ENDPOINTS[0]).hasAnyAuthority(
+                                                FinalVariables.AUTHORITIES[1],
+                                                FinalVariables.AUTHORITIES[2],
+                                                FinalVariables.AUTHORITIES[3])
+                                        .anyRequest().authenticated()
+                        )
+                        //ajout du filtre d'authentification
+                        .addFilter(new JWTAuthenticationFilter(authenticationManager()))
+                        .addFilterBefore(new JWTAuthorizationFilter(), UsernamePasswordAuthenticationFilter.class)
+                        .build();
+        return filteredSecurityChain;
+    }
+
+    //appel du UserDetails service pour construire un user Spring
+    @Bean
+    public MyUserDetailsServiceImpl configureUser(AccountService accountService) {
+        return new MyUserDetailsServiceImpl(accountService);
+    }
+
+    private final AuthenticationConfiguration authenticationConfiguration;
+
+    public SpringFilterChain(AuthenticationConfiguration authenticationConfiguration) {
+        this.authenticationConfiguration = authenticationConfiguration;
+    }
+
+    public AuthenticationManager authenticationManager() throws Exception {
+        return authenticationConfiguration.getAuthenticationManager();
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/tt_authorizationFilter/JWTAuthorizationFilter.java

@@ -0,0 +1,60 @@
+package fr.natan.microservices.springsecurityserverjwt.tt_authorizationFilter;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.JWTVerifier;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import fr.natan.microservices.springsecurityserverjwt.t_authenticationFilter.b_authenticationFilter.FinalVariables;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+
+public class JWTAuthorizationFilter extends OncePerRequestFilter {
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+            throws ServletException, IOException {
+        //get JWT send by client
+        String jwtAccessToken = request.getHeader(FinalVariables.AUTHORIZATION);
+        if(jwtAccessToken!=null && jwtAccessToken.startsWith(FinalVariables.START_WITH)){
+           try {
+               String jwtToken = jwtAccessToken.substring(FinalVariables.START_WITH.length());
+               Algorithm algorithm = Algorithm.HMAC256(FinalVariables.SECRET.getBytes());
+               JWTVerifier jwtVerifier = JWT.require(algorithm).build();
+               DecodedJWT decodedJWT = jwtVerifier.verify(jwtToken);
+               //if decodedJWT is valid, that is, not expired, ...do else catch
+               String username = decodedJWT.getSubject();
+               String [] roles = decodedJWT.getClaim(FinalVariables.ROLES).asArray(String.class);
+               List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
+              for(String role: roles){
+                  grantedAuthorities.add(new SimpleGrantedAuthority(role));
+              }
+               //pour vérifier l'utilisateur, le pwd n'est pas nécessaire, ici null,
+               //on a juste besoin du username et ses roles
+               UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
+                       new UsernamePasswordAuthenticationToken(username, null, grantedAuthorities);
+               SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
+               filterChain.doFilter(request, response);
+
+
+           }catch (Exception exception){
+               response.setHeader("error-message", exception.getMessage());
+           }
+        }
+        else{
+            //go to the next request if exists
+            filterChain.doFilter(request,response);
+        }
+    }
+}

src/main/java/fr/natan/microservices/springsecurityserverjwt/web/AccountController.java

@@ -0,0 +1,56 @@
+package fr.natan.microservices.springsecurityserverjwt.web;
+
+import fr.natan.microservices.springsecurityserverjwt.models.AppRole;
+import fr.natan.microservices.springsecurityserverjwt.models.UserAccount;
+import fr.natan.microservices.springsecurityserverjwt.models.UserAccountRoleForm;
+import fr.natan.microservices.springsecurityserverjwt.moduleExceptions.businessExceptions.*;
+import fr.natan.microservices.springsecurityserverjwt.service.services.AccountService;
+import org.springframework.security.access.prepost.PostAuthorize;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.security.Principal;
+import java.util.Collection;
+
+@RestController
+public class AccountController {
+    private final AccountService accountService;
+
+    public AccountController(AccountService accountService) {
+        this.accountService = accountService;
+    }
+
+    @RequestMapping(value = "/users", method = RequestMethod.POST)
+    private UserAccount createUserAccount(@RequestBody UserAccount userAccount)
+            throws UserAccountAlreadyExistsException, UserAccountFieldsInvalidException {
+        return accountService.addNewUserAccount(userAccount);
+    }
+
+    @RequestMapping(value = "/roles", method = RequestMethod.POST)
+    private AppRole createRole(@RequestBody AppRole appRole) throws RoleAlreadyExistsException, RoleFieldsInvalidException {
+        return accountService.addNewRole(appRole);
+    }
+
+    @RequestMapping(value = "/add-role-to-user", method = RequestMethod.POST)
+    private void addRoleToUser(@RequestBody UserAccountRoleForm userAccountRoleForm) throws AppRoleNotFoundException,
+            UserAccountNotFoundException, UserAccountAlreadyAssignedThatRoleException {
+        accountService.addRoleToUser(userAccountRoleForm.getUsername(), userAccountRoleForm.getRoleName());
+    }
+
+    @RequestMapping(value = "/users", method = RequestMethod.GET)
+    private Collection<UserAccount> listUserAccounts(){
+        return accountService.loadAllUsers();
+    }
+
+    @RequestMapping(value = "/roles", method = RequestMethod.GET)
+    private Collection<AppRole> listRoles(){
+        return accountService.loadAllRoles();
+    }
+
+    @RequestMapping(value = "/profil", method = RequestMethod.GET)
+    private UserAccount getProfil(Principal principal) throws UserAccountNotFoundException {
+        return accountService.getUserByUsername(principal.getName());
+    }
+}

src/main/resources/application.yml

@@ -0,0 +1,19 @@
+server:
+  port: 8186
+  error:
+    include-message: always
+spring:
+  application:
+    name: spring-security-jwt
+  datasource:
+    url: jdbc:mysql://localhost:3306/user-account-db?createDatabaseIfNotExist=true
+    username: root
+    password: root
+  jpa:
+    show-sql: true
+    hibernate:
+      ddl-auto: update
+    properties:
+      hibernate:
+        dialect: org.hibernate.dialect.MySQL8Dialect
+

src/test/java/fr/natan/microservices/springsecurityserverjwt/SpringSecurityServerJwtApplicationTests.java

@@ -0,0 +1,13 @@
+package fr.natan.microservices.springsecurityserverjwt;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest
+class SpringSecurityServerJwtApplicationTests {
+
+	@Test
+	void contextLoads() {
+	}
+
+}