How to develop a secure REST server with high performance using OAuth, HIBERNATE, and MYSQL in Spring framework ?

I found it difficult to develop a secure REST API Server from scratch with features like OAuth, MYSQL, HIBERNATE, MYSQL Token Store, JDBCTemplate, and HTTPS. It will take lots of time to put all the features together and make them work properly. 

In order to reduce redundant work, I therefore created the REST API server template in Spring framework. With this server template, you can focus on developing REST API to meet your needs without being distracted by other technologies.

Get Started

This project is a very simple REST and OAuth server template with high performance. Since the authenticated token is stored in MYSQL, its easy to scale up your server to meet high user traffic.

The source codes of REST API server can be seen at github.

Project

This project includes the following features.

MVN
Spring-Boot
REST
JPA
MYSQL + HIBERNATE 
MYSQL Token Store
JDBCTemplate
Https

Setup MYSQL Database

Import userdb.sql into your database.

import database/userdb.sql into MYSQL database

Enable SSL

// Create key store 
bash
keytool -genkey -alias tomcat -keyalg RSA

// Edit 
vim /src/main/resources/application.properties

// Uncomment the following lines and set up your key store path
## SSL
server.port=8443
server.ssl.key-store=./src/main/resources/your.jks
server.ssl.key-store-password=your store passowrd
server.ssl.key-password=your pass

Building

You need Java (1.7 or better) and Maven (3.0.5 or better):

$ mvn clean package
$ mvn package
$ java -jar target/*.jar
...

// Http
<app starts and listens on port 8080>

// Https
<app starts and listens on port 8443>

Here are some curl commands to use to get started:

// Get Token
curl -k -X POST -d 'grant_type=client_credentials' --user 'my-client-with-secret:secret' https://localhost:8443/oauth/token
{"access_token":"bf12a9c8-c341-44a6-9ce6-084a8ba86652","token_type":"bearer","expires_in":43199,"scope":"read"}

// hasUserId GET
curl -k -H "Authorization: 5470484a-148d-479f-988e-89dfce617bb1" https://localhost:8443/user/hasUserId?uid=336u594534
{"status":200, "userId": 336u594534}

// Twitter Login POST
curl -k -H "Authorization: Bearer b61db2dd-0af4-4e3c-b2b9-7c307a9d7c69" -X POST -H "Content-Type: application/json" -d "{\"twitterId\": \"0926841831\", \"deviceId\": \"2222\"}" https://localhost:8443/user/twitterLogin

How to optimize MYSQL connection pool ?

// Edit
vim /src/main/resources/application.properties

// Configure initial and maximal connections 
spring.datasource.initialSize= 15
spring.datasource.maxActive= 30 

How to cache UIWebView webpage for offline viewing ?

There is an issue when invoking UIWebView API on iOS that webpage won`t be displayed 

immediately.  It will take around 2 seconds to load the html page from the server and display
it properly. 

In order to optimize the UI, i suggest that  preloading the webpage in cache and it could be displayed for offline viewing at anytime.  

This solution has integrated UnityAds SDK for displaying video ad and the source codes can be seen at github.

Configuring Tomcat To Use SSL

Setting up SSL for Tomcat can be pided into two main tasks: creating a functional keystore, and configuring the Tomcat connectors and applications. Let's tackle them one at a time.  

Step 1 - Creating the Keystore

$JAVA_HOME/bin/keytool -genkey -alias 6waves -keyalg RSA -keystore /key/keystore

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /key/keystore

 

Step 2- Creating the Certificate Signing Request

$JAVA_HOME/bin/keytool -certreq -keyalg RSA -alias 6waves -file 6wavesCerificate.csr -keystore /key/keystore

$JAVA_HOME/bin/keytool -certreq -keyalg RSA -alias [youralias] -file [yourcertificatname].csr -keystore [path/to/your/keystore]

 

Step 3

Download CA

https://www.geotrust.com/resources/root-certificates/

 

Step 4

To import the Root Certificate -

keytool -import -alias root -keystore /key/keystore -trustcacerts -file GeoTr                                                      ust_Global_CA.cer

To import your new Certificate -

keytool -import -alias 6waves -keystore /key/keystore -file

keytool -import -alias [youralias] -keystore [path/to/your/keystore] -file [path/to/your_keystore]

Test URL

https://your server ip:8443/test.jsp

Enable root user password to login EC2 on Ubuntu

Edit your SSHd config to allow password based logins:

    sudo nano -w /etc/ssh/sshd_config

Add the following line to /etc/ssh/sshd_config:

    PasswordAuthentication yes

Copy your authorized SSH keys if you want to log in via keys as well:

    sudo mkdir /root/.ssh

    sudo cp /home/ubuntu/.ssh/authorized_keys /root/.ssh/

Reload your SSHd config:

    sudo reload ssh

Now you can login as root!

How to install Tomcat and Deploy war on Ubuntu ?

Install JDK

sudo apt-get install openjdk-7-*

Install tomcat

sudo apt-get install tomcat7*

Setup tomcat

vim /etc/tomcat7/tomcat-users.xml

sudo vim /etc/tomcat7/server.xml

Setup JAVA HOME

sudo vim /etc/profile JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64 export JAVA_HOME PATH=$PATH:$JAVA_HOME/bin export PATH

Install tomcat7

sudo apt-get install tomcat7

Start tomcat7

sudo service tomcat7 start

Stop tomcat7

sudo service tomcat7 stop

Restart tomcat7

sudo service tomcat7 restart

Deploy war

Upload war to folder /var/lib/tomcat7/webapp

How to install LAMP on Ubuntu ?

1. Install Apache

2. Install MySQL

3. Install PHP

Restart Server

Check PHP

You can check your PHP by executing any PHP file in folder /var/www/html

Send Email in PHP with Japanese subject and body

   Before, we get started, you must have an SMTP server that can receive the emails from your machines 

   and send them to the recipient

    (i.e. your corporate exchange or Gmail).

 

    How to Setup Email on Linux Using Gmail and SMTP

• Install ssmtp 
  
  

  sudo apt-get install ssmtp

  
  Edit ssmtp file
  
  sudo vim /etc/ssmtp/ssmtp.conf

• root=username@gmail.com

  mailhub=smtp.gmail.com:465

  rewriteDomain=gmail.com
  AuthUser=username@gmail.com
  AuthPass=password
  FromLineOverride=YES
  UseTLS=YES

In order to make the default (root) “from” field be the server name, edit the/etc/ssmtp/revaliases file:

sudo vim /etc/ssmtp/revaliases

And add into it the desired translation which in our Gmail examples case will be:

root:username@gmail.com:smtp.gmail.com:465

Incredibly this is all you have to do to enable the ability. From now on, the machine will Email you when something is up.

Test Email Command

Lets test that our ssmtp setup was correct by sending an Email:


echo "Test message from Linux server using ssmtp" | sudo ssmtp -vvv your-email@some-domain.com

 

 

Use the following codes to send email with PHP

 

 

    //  $to  : receiver email address
    //  $subject :  Japanese subject
    //  $message : Japanese body
    function sendEmail($to, $subject, $message)
    {
        if(!isset($to) || !isset($subject) || !isset($message)) {
            return;
        }
   
         // Set up environment
        mb_language('Japanese');
        mb_internal_encoding('UTF-8');
   
　　　     // Set up subject
        $headers ='From: '.mb_encode_mimeheader("ありがとうございます").' <test@123.jp>' . "\r\n";
                'Reply-To: test@123.jp' . "\r\n" .
                    'X-Mailer: PHP/' . phpversion();
   
          // Set up body
        $message = mb_convert_encoding($message, "JIS", "UTF-8");
       
         //  Send email  
        if(mb_send_mail($to, $subject, $message, $headers))
        {
                error_log("#### Send mail OK ####");
   
        }else {
                 error_log("#### Send mail Error ####");
      }
       
    } // End Send Email

 

Create a dropdown Date using JavaScript

1. Include jquery, moment.js and combodate.js on your page

<script src="js/jquery.js"></script> 
<script src="js/moment.min.js"></script> 
<script src="js/combodate.js"></script> 

2. Markup input elements to be used for date and time values

<input name="playerDate" value="15-05-1984" data-format="DD-MM-YYYY" data-template="D MMM YYYY">  

3.Markup Javascript 

 <script type="text/javascript">
  // Date 
  $(function(){
   $('#playerDate').combodate();  });
</script> 

Download source code: 

https://github.com/gcoolmaneric/jquery-php-html5/tree/master/dropdownDate

Upload images using JQuery and PHP for different device

Do you want to create a form that could allow you to upload images on different device ?
You can use jquery and php to make it done.

Add the following codes to html page. 

<body>
     <form id="upload" method="post" action="upload.php" enctype="multipart/form-data">
            <div id="drop">
                Drop Here

                <a>Browse</a>
                <input type="file" name="upl" multiple />
            </div>

            <ul>
                <!-- The file uploads will be shown here -->
            </ul>

        </form>

        <!-- JavaScript Includes -->
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
        <script src="assets/js/jquery.knob.js"></script>

        <!-- jQuery File Upload Dependencies -->
        <script src="assets/js/jquery.ui.widget.js"></script>
        <script src="assets/js/jquery.iframe-transport.js"></script>
        <script src="assets/js/jquery.fileupload.js"></script>
       
        <!-- Our main JS file -->
        <script src="assets/js/script.js"></script>
</body>

PHP Code

upload.php
<?php

// A list of permitted file extensions
$allowed = array('png', 'jpg', 'gif','zip');

if(isset($_FILES['upl']) && $_FILES['upl']['error'] == 0){

    $extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION);

    if(!in_array(strtolower($extension), $allowed)){
        echo '{"status":"error"}';
        exit;
    }

    if(move_uploaded_file($_FILES['upl']['tmp_name'], 'uploads/'.$_FILES['upl']['name'])){
        echo '{"status":"success"}';
        exit;
    }
}

echo '{"status":"error"}';
exit;

?>

Download source codes:
https://github.com/gcoolmaneric/jquery-php-html5/tree/master/uploadImage

Change the maximum upload file size

You need to set the value of upload_max_filesize and post_max_size in your php.ini :

 vim /etc/php5/apache2/php.ini 

; Maximum allowed size for uploaded files.
upload_max_filesize = 20M

; Must be greater than or equal to upload_max_filesize
post_max_size = 20M

How to clear browser cache with S3 on AWS ?

If you use S3 CDN on AWS to speed up website`s performance, your updated files will not take effect immediately.  The cause of this problem is the browser usually tries to save and read downloaded files like SWF at local cache.

How do you  tell the browser to clear its cache while updating files ?
You can add the following header to solve this problem.

Add Cache Clear header manually with S3 UI

1. Upload files to S3 

2.  Select your uploaded files and Add "Cache-Control" header to enforce the browser not to cache any files and to read the latest ones.

header : Cache-Control
value:     max-age=0, no-cache, no-store, must-revalidate
 
3. Push a button to make your uploaded files public 

Upload files to S3 and add Cache Clear header automatically

1. Install aws and s3cmd
// Install aws
apt-get install aws
// Download and install s3cmd
http://s3tools.org/repositories

// Install
tar xvfz s3cmd-1.0.0-rc1.tar.gz
cd s3cmd-1.0.0-rc1/
python setup.py install

// Set up s3cmd
./s3cmd --configure

 

2.Deployment 

Copy the following commands in your script file. Then you can execute this task automatically while updating files.

// Upload Files to s3
aws s3 sync /var/www/html/yourproject/client s3://yourbucket/client --cache-control max-age=0 --acl public-read

// Add Cache Clear header
s3cmd --recursive modify --add-header="Cache-Control:max-age=0, no-cache, no-store, must-revalidate" s3://yourbucket/client

// Make files Public
s3cmd setacl s3://yourbucket/client --acl-public --recursive

Development Tool for Quick-Cocos2dx-Community Lua

I have tried many IDE tools for programming Lua. Cocos IDE v1.2 only supports Quick-cocos2d v3.3 and Sublime is nothing but an editor. I want to find an IDE that could make break point for debugging and easy to use. ZeroBraneStudio is the most easiest IDE i recommend you use.

// Download ZeroBraneStudio - https://studio.zerobrane.com/

1.Extract zip ZeroBraneStudio-1.30-38

2.Execute zbstudio.exe

3.Import source codes into zbstudio

4. Add ZeroBrane Studio [ZeroBrane]/lualibs/mobdebug/mobdebug.lua）to src/

5. Add the following line of code to  coinflip/scripts/main.lua

require("mobdebug").start()

6. At ZeroBrane Studio, select Project->Start Debugger Server

7.Set up break point

8.Open main.lua by player3

9.Debug