Automatically map DTOs to entities with Spring Boot API

This blog demonstrates how ModeMapper can help automate the DTO paping process to entities on the Spring Boot API, using sample sources. The second half explains how to use Auth0 to protect and authorize the resulting Spring Boot API.

スクリーンショット 2019-03-15 11.03.31.png

What is a DTO?

DTO represents a data transfer object, a design pattern that came up with the idea of reducing the number of calls when working on a remote interface. As Martin Fowler defines in Blog, the main reason to use data transfer objects is to combine multiple remote calls into one batch. is.

For example, let's say you're communicating with a RESTful API that exposes bank account data. In this case, instead of issuing multiple requests to check the current and up-to-date account transactions, the bank can publish an endpoint that returns a DTO to summarize everything. This coarse-grained interface can greatly help improve performance, as one of the most expensive operations for remote applications is the round-trip time between the client and server.

DTO and Spring Boot API

Another benefit of using DTOs with RESTful APIs written in Java (and Spring Boot) is useful when hiding implementation details for domain objects (also known as entities). Publishing entities through endpoints is a security issue if you are not careful about which properties you change through which operations.

As an example, imagine a Java API that exposes user details and accepts user updates through two endpoints. The first endpoint processes the GET request and returns user data. The second endpoint then accepts the PUT request to update these details. If this application does not utilize DTO, all properties of the user will be exposed on the first endpoint (eg password) and the second endpoint will carefully select which properties to accept when updating the user. Must (eg not everyone can update the user's role). To overcome this situation, the DTO helps to expose only what the first endpoint is interested in and limit what the second endpoint accepts. This property helps maintain data integrity within the application.

In this article, we will use DTO to handle this situation. As we'll see later, this design pattern introduces a few more classes into your application, but with improved security.

The continuation of this blog is explained at the following URL. Automatically map DTO to entities with Spring Boot API

Auth0 integrated authentication platform

Auth0 is a so-called IDaaS (Identity as a Service) vendor that provides authentication / authorization services for web applications, mobiles, APIs, etc. in the cloud. We provide a recommended solution for those who want to incorporate user authentication, authorization, and security in corporate web applications, APIs, Native Mobile App, etc., but it is difficult to implement.

Published sample sources for various platforms on Github

Auth0 publishes sample programs for various platform frameworks on Github, including the sample programs used in this tutorial. In addition to the Spring Boot API introduced this time, we have released sources for many frameworks, so why not give it a try? Github repository --Auth0

To actually use Auth0

The Auth0 service can be evaluated free of charge (free trial: 22 days) without a contract. For a free trial, access the Auth0 homepage and <A HREF="https://auth0.com" at the top right of the screen. /signup?utm_campaign=qiita_auth0_aspnet_core&utm_source=qiita"> Screenshot 2017-09-07 21.59.09.png . You can sign up for user registration using your Gitgub, Google, or Microsoft account, so why not give it a try?

Recommended Posts

Automatically map DTOs to entities with Spring Boot API
How to use MyBatis2 (iBatis) with Spring Boot 1.4 (Spring 4)
How to use built-in h2db with spring boot
Try to implement login function with Spring Boot
Try to automate migration with Spring Boot Flyway
[Java] Article to add validation with Spring Boot 2.3.1.
I wanted to gradle spring boot with multi-project
Create a web api server with spring boot
[Introduction to Spring Boot] Authentication function with Spring Security
Download with Spring Boot
Settings for connecting to MySQL with Spring Boot + Spring JDBC
Hello World (REST API) with Apache Camel + Spring Boot 2
[Spring Boot] Get user information with Rest API (beginner)
Implement a simple Rest API with Spring Security with Spring Boot 2.0
Customize REST API error response with Spring Boot (Part 2)
Introduce swagger-ui to REST API implemented in Spring Boot
How to boot by environment with Spring Boot of Maven
Customize REST API error response with Spring Boot (Part 1)
Attempt to SSR Vue.js with Spring Boot and GraalJS
Try Spring Boot from 0 to 100.
Generate barcode with Spring Boot
Hello World with Spring Boot
Implement GraphQL with Spring Boot
Get started with Spring boot
Hello World with Spring Boot!
Run LIFF with Spring Boot
SNS login with Spring Boot
Introduction to Spring Boot ① ~ DI ~
File upload with Spring Boot
Spring Boot starting with copy
Introduction to Spring Boot ② ~ AOP ~
Spring Boot starting with Docker
Hello World with Spring Boot
Set cookies with Spring Boot
Use Spring JDBC with Spring Boot
Add module with Spring Boot
Getting Started with Spring Boot
Link API with Spring + Vue.js
Introduction to Spring Boot Part 1
Create microservices with Spring Boot
Send email with spring boot
Output embedded Tomcat access log to standard output with Spring Boot
Handle Java 8 date and time API with Thymeleaf with Spring Boot
Implement REST API with Spring Boot and JPA (Application Layer)
Implement REST API with Spring Boot and JPA (Infrastructure layer)
Extract SQL to property file with jdbcTemplate of spring boot
Let's make a simple API with EC2 + RDS + Spring boot ①
Until INSERT and SELECT to Postgres with Spring boot and thymeleaf
How to call and use API in Java (Spring Boot)
Try hitting the zip code search API with Spring Boot
Connect to database with spring boot + spring jpa and CRUD operation
Flow until output table data to view with Spring Boot
Implement REST API with Spring Boot and JPA (domain layer)
I tried to get started with Swagger using Spring Boot
Implement a simple Rest API with Spring Security & JWT with Spring Boot 2.0
Let's find out how to receive in Request Body with REST API of Spring Boot
Use Basic Authentication with Spring Boot
Spring with Kotorin --4 REST API design
Introduction to Spring Boot x OpenAPI ~ OpenAPI made with Generation gap pattern ~
gRPC on Spring Boot with grpc-spring-boot-starter
Create an app with Spring Boot 2