Developing real-world microservices

In previous chapters, we illustrated the JSON Web Token (JWT) and used that for a resource API authentication. If you remember, we wrote all of the code for this in a single module (though we used a different package) and violated the single responsibility principle (SRP). Needless to say, it was a monolith service. We were then able to familiarize ourselves with the problems encountered with the monolith. Let's split this monolith into small microservices, as follows:

We will create two modules in a Maven project and these modules represent the microservices—one authentication service and one identity service. The authentication service will have the APIs for JWT, and identity service APIs are used to create identities, such as a person or an organization. All the APIs of the identity service require a valid JWT token obtained using the authentication service. 

So let's start by creating a Maven project. The Maven project that we created looks like the following screenshot:

As we can see, this project has a parent module called MicroServices and two child modules—an AuthenticationService and an IdentityService.

All authentication- and authorization-related APIs go into the authentication service, while the identity APIs go into the identity service. Consequently, the API that issues a JWT is part of an authentication service and we will add an API to validate the JWT in the same module. Note that earlier we used the code directly to validate the JWT from the filter of the service. Now we provide an API so that the other services can consume it as a REST API.

For demonstration purposes, we create two APIs in the Authentication Service—the /authorize/jwt/token API to issue a jwt token, and the /authorize/jwt/verify-token API to verify the validity of the issued token:

In the Identity Service, we will create the CRUD operations for organizations and person identities, and we will protect these APIs with jwt APIs. This means we will use the /authorize/jwt/verify-token API of the authentication service from the identity service. Identity Service is represented in the following diagram:

We will look into the details of these services in the next section and write the test cases for them.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset