Appearance
S3 Integration
Integration for CRUD operations on a S3 storage.
Modules
The S3 integration follows the default naming conventions.
Beside the default integration it contains different client libraries for accessing the integration.
- REST: The REST client uses the REST endpoints of the
s3-rest-servicemodule to manage data in S3. - Java: The Java client directly uses the in ports of the
s3-coremodule.
Dependency graph
The following graph shows the relationships between the various modules and how they interact and rely on each other.
Usage
xml
<dependencies>
<!-- REST -->
<!-- requires running instance of s3-rest-service -->
<dependency>
<groupId>de.muenchen.refarch</groupId>
<artifactId>refarch-s3-integration-rest-starter</artifactId>
<version>...</version>
</dependency>
<!-- or Java -->
<dependency>
<groupId>de.muenchen.refarch</groupId>
<artifactId>refarch-s3-integration-java-starter</artifactId>
<version>...</version>
</dependency>
</dependencies>Configuration
Following are the properties to configure the different modules. Some of them are custom defined and others are synonyms for spring package properties. Whether a property is an alias can be checked in the corresponding application.yml of each module.
s3-integration-rest-service
| Property | Description | Example |
|---|---|---|
refarch.s3.url | URL of S3 endpoint to connect to. | s3.example.com |
refarch.s3.bucket-name | Name of the bucket to connect to. | refarch-bucket |
refarch.s3.access-key | Access key to use for connection. | |
refarch.s3.secret-key | Secret key to use for connection. | |
refarch.s3.initial-connection-test (optional) | Test connection to S3 at startup. | true (default) |
For authenticating the different endpoints OAuth 2.0 authentication needs to be configured. See below example or the according Spring documentation.
yml
spring:
security:
oauth2:
resourceserver:
jwt:
issuer-uri: https://sso.example.com/auth/realms/refarch
security:
oauth2:
resource:
user-info-uri: ${spring.security.oauth2.resourceserver.jwt.issuer-uri}/protocol/openid-connect/userinfos3-integration-java-client-starter
| Property | Description | Example |
|---|---|---|
refarch.s3.client.max-file-size (optional) | Single file limit for up- or downloading in byte. | 10MB |
refarch.s3.client.max-batch-size (optional) | Limit for up- or downloading a list of files in byte. | 100MB |
refarch.s3.client.supported-file-extensions.* (optional) | Map of allowed file extensions for up- and download. | pdf: "application/pdf" |
s3-integration-rest-client-starter
All properties of s3-integration-java-client-starter and following:
| Property | Description | Example |
|---|---|---|
refarch.s3.client.document-storage-url | URL to the RefArch S3 integration service. | http://s3-integration-service:8080 |
refarch.s3.client.enable-security | Switch to enable or disable OAuth 2.0 authentication against S3 service. | true |
For authentication against the s3-service a OAuth 2.0 registration with the name s3 needs to be provided. See following example or the according Spring documentation.
yml
spring:
security:
oauth2:
client:
provider:
sso:
issuer-uri: https://sso.example.com/auth/realms/refarch
user-info-uri: ${spring.security.oauth2.client.provider.sso.issuer-uri}/protocol/openid-connect/userinfo
jwk-set-uri: ${spring.security.oauth2.client.provider.sso.issuer-uri}/protocol/openid-connect/certs
# used for RequestResponseLoggingFilter in s3-rest-service
# only required if filter is explicitly enabled
user-name-attribute: user_name
registration:
s3:
provider: sso
authorization-grant-type: client_credentials
client-id: refarch_client
client-secret: client_secret_123
# profile required for username used in s3-rest-service RequestResponseLoggingFilter
# openid required for user info endpoint used in s3-rest-service JwtUserInfoAuthenticationConverter
# both scopes are only required if the according functions are explicitly used
scope: profile, openid