Spring Boot has revolutionized the way developers build Java applications by providing a framework that simplifies the setup, configuration, and deployment of Spring applications. With its convention-over-configuration approach, Spring Boot allows developers to focus on writing code rather than dealing with complex configurations.

In this tutorial, we will explore key concepts and features of Spring Boot, including reactive programming with Project Reactor, building RESTful APIs using @RestController, managing responses with ResponseEntity, leveraging Spring Boot Actuator for application monitoring, and securing our application with Spring Security

5. Project Reactor (Combination with Flux and Reactive Programming)

What is Project Reactor?
Project Reactor is a reactive programming library for the JVM, based on the Reactive Streams standard. It allows for the asynchronous processing of data streams.

What is Flux?
Flux is one of the main classes in Project Reactor, representing a sequence of 0 to N elements. It is ideal for handling multiple values that are processed asynchronously.

How do they work together?
Project Reactor enables the creation of asynchronous, non-blocking applications using Flux and Mono (for 0 or 1 value). You can process, transform, and combine data streams efficiently.

Example

import reactor.core.publisher.Flux;

public class ReactorExample {
    public static void main(String[] args) {
        Flux<String> flux = Flux.just("A", "B", "C")
                .map(String::toLowerCase) // Transforms each element to lowercase
                .filter(s -> s.startsWith("a")); // Filters elements starting with 'a'

        flux.subscribe(System.out::println); // Outputs: a
    }
}

Explanation:

• Flux.just("A", "B", "C"): Creates a Flux from the given values.
• .map(String::toLowerCase): Converts each string to lowercase.
• .filter(s -> s.startsWith("a")): Filters the strings to only include those that start with ‘a’.
• flux.subscribe(System.out::println): Subscribes to the Flux and prints each emitted item.

6. @RestController

What is a RestController?
A @RestController is a specialized annotation in Spring that defines a controller whose methods return JSON or XML data directly.

Annotations

• @GetMapping: Handles HTTP GET requests.
• @PostMapping: Handles HTTP POST requests.
• @PathVariable: Extracts variables from the URL.
• @RequestParam: Extracts parameters from the URL.
• @RequestBody: Binds the body of a request to a Java object.

Example

import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/api")
public class MyController {

    @GetMapping("/hello")
    public String hello() {
        return "Hello, World!"; // Returns a simple greeting
    }

    @PostMapping("/users")
    public User createUser(@RequestBody User user) {
        return user; // Returns the created user object
    }

    @GetMapping("/users/{id}")
    public User getUser(@PathVariable String id) {
        return new User(id, "John Doe"); // Returns a user with the given ID
    }

    @GetMapping("/search")
    public User searchUser(@RequestParam String name) {
        return new User("1", name); // Returns a user based on the search parameter
    }
}

Explanation:

• @RestController: Indicates that this class is a RESTful controller.
• @GetMapping("/hello"): Maps the hello method to the /hello GET endpoint.
• @PostMapping("/users"): Maps the createUser method to the /users POST endpoint, receiving a JSON object in the request body.
• @PathVariable and @RequestParam: Used to extract values from the URL and parameters.

7. ResponseEntity

What is it?
ResponseEntity is a Spring class that encapsulates the complete HTTP response, including status code, headers, and body.

How does this concept help us in REST API?
With ResponseEntity, you can control the HTTP status code and other details of the response.

Example

import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/api")
public class UserController {

    @GetMapping("/users/{id}")
    public ResponseEntity<User> getUser(@PathVariable String id) {
        User user = findUserById(id); // Simulated method to find a user
        if (user == null) {
            return new ResponseEntity<>(HttpStatus.NOT_FOUND); // Returns 404 if user not found
        }
        return new ResponseEntity<>(user, HttpStatus.OK); // Returns 200 with user data
    }
}

Explanation:

• ResponseEntity<User>: Specifies that the response will contain a User object.
• new ResponseEntity<>(HttpStatus.NOT_FOUND): Returns a 404 status code if the user is not found.
• new ResponseEntity<>(user, HttpStatus.OK): Returns a 200 status code along with the user data.

8. Spring Boot Actuator

What is it?
Spring Boot Actuator provides features for monitoring and managing Spring Boot applications.

What does it do?
It exposes endpoints to retrieve application metrics, health checks, and configuration information.

Example

To use Actuator, add the dependency in pom.xml:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-actuator</artifactId>
</dependency>

You can then access the health endpoint:

GET /actuator/health

Explanation:

• The health endpoint returns the status of the application (e.g., UP or DOWN), giving insights into the application’s current state.

9. Spring Security

Basic Concepts:

• Authentication: Verifying the identity of a user.
• Authorization: Checking if an authenticated user is permitted to perform a certain action.
• Principal: The user accessing the application.
• Credential: Information used for authentication (e.g., password).
• Authorities (Roles and Permissions): Defines what actions a user can perform.

Example

To configure Spring Security, add the dependency:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

Create a security configuration:

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .antMatchers("/api/public").permitAll() // Allows public access to this endpoint
            .anyRequest().authenticated() // All other requests require authentication
            .and()
            .formLogin(); // Enables form-based login
    }
}

Explanation:

• @EnableWebSecurity: Enables Spring Security’s web security support.
• http.authorizeRequests(): Configures URL-based authorization.
• antMatchers("/api/public").permitAll(): Allows unauthenticated access to the specified endpoint.
• anyRequest().authenticated(): Requires authentication for all other requests.
• formLogin(): Enables a default login form for user authentication. (By convention, the default username is set to “user,” while the password is automatically generated during the project build process and displayed in the console.)

Conclusion

This tutorial provides an introduction to key concepts in Spring Boot, including reactive programming with Project Reactor, REST controllers, ResponseEntity, Spring Boot Actuator, and Spring Security.