first commit

.github/workflows/deploy.yml

@@ -0,0 +1,22 @@
+name: Publish package to GitHub Packages
+on:
+  release:
+    types: [created]
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set release version
+        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+      - uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'corretto'
+      - name: Publish package
+        run: mvn --batch-mode deploy --file pom.xml -Drevision=${{ env.RELEASE_VERSION }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,28 @@
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+target/
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+replay_pid*
+
+# IDE
+.vscode/

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Pierantonio Fanigliulo
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,153 @@
+# Firebase App Check Spring Boot Starter
+
+[English version below](#english-version)
+
+## Versione Italiana
+
+Questa libreria fornisce un'integrazione semplice di [Firebase App Check](https://firebase.google.com/docs/app-check) per applicazioni Spring Boot. Permette di proteggere facilmente gli endpoint REST utilizzando un'annotazione personalizzata.
+
+### Caratteristiche
+
+- Annotazione `@FirebaseAppCheck` per proteggere gli endpoint
+- Verifica automatica del token Firebase App Check
+- Facile integrazione con progetti Spring Boot esistenti
+
+### Installazione
+
+Per utilizzare questa libreria nel tuo progetto, aggiungi le seguenti configurazioni al tuo `pom.xml`:
+
+1. Aggiungi il repository GitHub Packages:
+
+```xml
+<repositories>
+    <repository>
+        <id>github</id>
+        <url>https://maven.pkg.github.com/pierfani/firebase-appcheck-spring</url>
+    </repository>
+</repositories>
+```
+
+2. Aggiungi la dipendenza:
+
+```xml
+<dependency>
+    <groupId>it.pierfani</groupId>
+    <artifactId>firebase-appcheck-spring-boot-starter</artifactId>
+    <version>1.0.0</version>
+</dependency>
+```
+
+### Configurazione
+
+Aggiungi le seguenti proprietà al tuo `application.properties` o `application.yml`:
+
+```properties
+it.pierfani.firebaseappcheck.project-number=YOUR_FIREBASE_PROJECT_NUMBER
+it.pierfani.firebaseappcheck.jwks-url=https://firebaseappcheck.googleapis.com/v1/jwks
+```
+
+### Utilizzo
+
+Per proteggere un endpoint con Firebase App Check, aggiungi semplicemente l'annotazione `@FirebaseAppCheck` al metodo del controller:
+
+```java
+import it.pierfani.firebaseappcheck.FirebaseAppCheck;
+
+@RestController
+public class ExampleController {
+
+    @GetMapping("/protected-endpoint")
+    @FirebaseAppCheck
+    public String protectedEndpoint() {
+        return "Questo endpoint è protetto da Firebase App Check";
+    }
+}
+```
+
+### Gestione degli errori
+
+La libreria lancia `FirebaseAppCheckException` in caso di errori durante la verifica del token. Puoi gestire questa eccezione nel tuo controller o utilizzando un gestore globale delle eccezioni.
+
+### Contribuire
+
+I contributi sono benvenuti! Per favore, apri una issue o una pull request per suggerimenti, bug o miglioramenti.
+
+### Licenza
+
+Questo progetto è licenziato sotto la licenza MIT. Vedi il file `LICENSE` per i dettagli.
+
+---
+
+## English Version
+
+This library provides a simple integration of [Firebase App Check](https://firebase.google.com/docs/app-check) for Spring Boot applications. It allows you to easily protect REST endpoints using a custom annotation.
+
+### Features
+
+- `@FirebaseAppCheck` annotation to protect endpoints
+- Automatic verification of Firebase App Check token
+- Easy integration with existing Spring Boot projects
+
+### Installation
+
+To use this library in your project, add the following configurations to your `pom.xml`:
+
+1. Add the GitHub Packages repository:
+
+```xml
+<repositories>
+    <repository>
+        <id>github</id>
+        <url>https://maven.pkg.github.com/pierfani/firebase-appcheck-spring</url>
+    </repository>
+</repositories>
+```
+
+2. Add the dependency:
+
+```xml
+<dependency>
+    <groupId>it.pierfani</groupId>
+    <artifactId>firebase-appcheck-spring-boot-starter</artifactId>
+    <version>1.0.0</version>
+</dependency>
+```
+
+### Configuration
+
+Add the following properties to your `application.properties` or `application.yml`:
+
+```properties
+it.pierfani.firebaseappcheck.project-number=YOUR_FIREBASE_PROJECT_NUMBER
+it.pierfani.firebaseappcheck.jwks-url=https://firebaseappcheck.googleapis.com/v1/jwks
+```
+
+### Usage
+
+To protect an endpoint with Firebase App Check, simply add the `@FirebaseAppCheck` annotation to the controller method:
+
+```java
+import it.pierfani.firebaseappcheck.FirebaseAppCheck;
+
+@RestController
+public class ExampleController {
+
+    @GetMapping("/protected-endpoint")
+    @FirebaseAppCheck
+    public String protectedEndpoint() {
+        return "This endpoint is protected by Firebase App Check";
+    }
+}
+```
+
+### Error Handling
+
+The library throws `FirebaseAppCheckException` in case of errors during token verification. You can handle this exception in your controller or using a global exception handler.
+
+### Contributing
+
+Contributions are welcome! Please open an issue or submit a pull request for any suggestions, bugs, or improvements.
+
+### License
+
+This project is licensed under the MIT License. See the `LICENSE` file for details.

pom.xml

@@ -0,0 +1,65 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>it.pierfani</groupId>
+  <artifactId>firebase-appcheck-spring</artifactId>
+  <packaging>jar</packaging>
+  <version>${revision}</version>
+  <name>firebase-appcheck-spring</name>
+  <url>http://maven.apache.org</url>
+  <properties>
+    <maven.compiler.source>17</maven.compiler.source>
+    <maven.compiler.target>17</maven.compiler.target>
+    <spring.boot.version>3.0.0</spring.boot.version>
+  </properties>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-web</artifactId>
+      <version>${spring.boot.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-aop</artifactId>
+      <version>${spring.boot.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-security</artifactId>
+      <version>${spring.boot.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>com.auth0</groupId>
+      <artifactId>java-jwt</artifactId>
+      <version>4.4.0</version>
+    </dependency>
+    <dependency>
+      <groupId>com.auth0</groupId>
+      <artifactId>jwks-rsa</artifactId>
+      <version>0.22.1</version>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <version>3.13.0</version>
+        <configuration>
+          <source>17</source>
+          <target>17</target>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+  <distributionManagement>
+    <repository>
+      <id>github</id>
+      <name>GitHub Packages</name>
+      <url>https://maven.pkg.github.com/pierfani/firebase-appcheck-spring</url>
+    </repository>
+  </distributionManagement>
+</project>

src/main/java/it/pierfani/firebaseappcheck/FirebaseAppCheck.java

@@ -0,0 +1,11 @@
+package it.pierfani.firebaseappcheck;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface FirebaseAppCheck {
+}