Merge branch 'dev'

Author: vitorhugo-java

AUTH_COOKIE_FIX.md

@@ -1,7 +1,7 @@
 plugins {
     id 'java'
     id 'war'
-    id 'org.springframework.boot' version '3.3.13'
+    id 'org.springframework.boot' version '3.4.11'
     id 'io.spring.dependency-management' version '1.1.6'
     id 'org.graalvm.buildtools.native' version '0.11.1'
     id 'com.github.ben-manes.versions' version '0.47.0'
@@ -87,6 +87,8 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-graphql'
     implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+
+    implementation platform('com.squareup.okhttp3:okhttp-bom:4.12.0')
     implementation 'com.squareup.okhttp3:okhttp'
     implementation 'org.springframework.boot:spring-boot-starter-validation'
     implementation 'org.springframework.boot:spring-boot-starter-logging'
@@ -95,7 +97,7 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-security'
     implementation 'io.jsonwebtoken:jjwt-api:0.13.0'
     runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.13.0'
-    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.13.0' // or 'io.jsonwebtoken:jjwt-gson:0.13.0' for gson
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.13.0'
 
 
     // ===== Escopos Especiais =====

build.gradle

@@ -26,6 +26,7 @@ public GraphQlCookieInterceptor(JwtConfig jwtConfig) {
         this.jwtConfig = jwtConfig;
     }
 
+    @SuppressWarnings("null")
     @Override
     public @NonNull Mono<WebGraphQlResponse> intercept(@NonNull WebGraphQlRequest request, @NonNull Chain chain) {
         return chain.next(request).map(response -> {

src/main/java/com/espacogeek/geek/config/GraphQlCookieInterceptor.java

@@ -5,3 +5,5 @@ SPRING_MVC_CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:5173
 SECURITY_JWT_ISSUER=espacogeek
 SECURITY_JWT_EXPIRATION_MS=604800000
 SECURITY_JWT_SECRET=your_jwt_secret_key_here
+SAMESITE_WHEN_SAME_SITE=Lax
+ALLOWED_ORIGINS=http://localhost:3000

src/main/resources/.env.example

@@ -8,34 +8,35 @@ spring.threads.virtual.enabled=true
 spring.main.allow-bean-definition-overriding=true
 # spring.devtools.add-properties=false
 
-# GraphQL configuration
-# GraphQL API endpoint: /api
 spring.graphql.path=/api
-# GraphiQL UI endpoint: /graphiql
+
 spring.graphql.graphiql.enabled=true
 spring.graphql.graphiql.path=/graphiql
 
-# In VSCode, I recommend: "terminal.integrated.scrollback": 100000000
-# logging.level.org.hibernate=DEBUG
-# logging.level.org.hibernate.type.descriptor.sql.BasicBinder=TRACE
-# logging.level.web=debug
-
-# spring.jpa.show-sql=true
-# spring.jpa.properties.hibernate.format_sql=true
-
 spring.flyway.enabled=true
 spring.flyway.locations=classpath:db/migration
 spring.flyway.baselineOnMigrate=true
 
 # ===== CORS & Cookie Security =====
 # Com credenciais, o origin deve ser exato (não "*"). Separe por vírgula para múltiplos.
 spring.mvc.cors.allowed-origins=${ALLOWED_ORIGINS:http://localhost:3000}
+
 # Nome e path do cookie de autenticação
 security.jwt.cookie-name=EG_AUTH
 security.jwt.cookie-path=/
+
 # Defina domain se precisar compartilhar subdomínios (ex: .seusite.com)
 # security.jwt.cookie-domain=
+
 # SameSite quando a requisição for same-site: Lax (padrão) ou Strict
 security.jwt.same-site-when-same-site=${SAMESITE_WHEN_SAME_SITE:Lax}
+
 # Validade do token/cookie (ms)
 security.jwt.expiration-ms=${JWT_EXPIRATION_MS:604800000}
+
+# ! In VSCode, I recommend: "terminal.integrated.scrollback": 100000000
+# logging.level.org.hibernate=DEBUG
+# logging.level.org.hibernate.type.descriptor.sql.BasicBinder=TRACE
+# logging.level.web=debug
+# spring.jpa.show-sql=true
+# spring.jpa.properties.hibernate.format_sql=true

src/main/resources/application.properties

@@ -41,8 +41,7 @@ type Query {
     login(email: String, password: String, deviceInfo: String): String
 
     """
-    Get a random daily quote with artwork.
-    Example: dailyQuoteArtwork
+    Logout current user.
     """
     logout: String
 
@@ -57,4 +56,10 @@ type Query {
     Example: dailyQuoteArtwork
     """
     dailyQuoteArtwork: QuoteArtwork
+
+    """
+    Get a random quote with artwork.
+    Example: quote
+    """
+    quote: QuoteArtwork
 }

src/main/resources/graphql/query.graphqls

@@ -8,7 +8,7 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.graphql.GraphQlTest;
-import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.test.context.bean.override.mockito.MockitoBean;
 import org.springframework.graphql.test.tester.GraphQlTester;
 import org.springframework.test.context.ActiveProfiles;
 
@@ -17,23 +17,30 @@
 import com.espacogeek.geek.models.UserModel;
 import com.espacogeek.geek.services.JwtTokenService;
 import com.espacogeek.geek.services.UserService;
+import com.espacogeek.geek.utils.TokenUtils;
 
 @GraphQlTest(UserController.class)
 @ActiveProfiles("test")
+@SuppressWarnings("null")
 class CreateUserMutationTest {
 
     @Autowired
     private GraphQlTester graphQlTester;
 
-    @MockBean
+    @MockitoBean
     private UserService userService;
 
-    @MockBean
+    @MockitoBean
     private JwtConfig jwtConfig;
 
-    @MockBean
+    @MockitoBean
     private JwtTokenService jwtTokenService;
 
+    // Mock necessário para satisfazer a dependência do UserController
+    @MockitoBean
+    private TokenUtils tokenUtils;
+
+
     @Test
     void createUser_ValidCredentials_ShouldReturnCreatedStatus() {
         // Given

src/test/java/com/espacogeek/geek/mutation/user/CreateUserMutationTest.java

@@ -10,7 +10,7 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.graphql.GraphQlTest;
-import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.test.context.bean.override.mockito.MockitoBean;
 import org.springframework.graphql.test.tester.GraphQlTester;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.ActiveProfiles;
@@ -20,25 +20,31 @@
 import com.espacogeek.geek.models.UserModel;
 import com.espacogeek.geek.services.JwtTokenService;
 import com.espacogeek.geek.services.UserService;
+import com.espacogeek.geek.utils.TokenUtils;
 
 import at.favre.lib.crypto.bcrypt.BCrypt;
 
 @GraphQlTest(UserController.class)
 @ActiveProfiles("test")
+@SuppressWarnings("null")
 class DeleteUserMutationTest {
 
     @Autowired
     private GraphQlTester graphQlTester;
 
-    @MockBean
+    @MockitoBean
     private UserService userService;
 
-    @MockBean
+    @MockitoBean
     private JwtConfig jwtConfig;
 
-    @MockBean
+    @MockitoBean
     private JwtTokenService jwtTokenService;
 
+    // Necessário para satisfazer a injeção do UserController
+    @MockitoBean
+    private TokenUtils tokenUtils;
+
     @Test
     @WithMockUser(authorities = {"ROLE_user", "ID_1"})
     void deleteUser_ValidPassword_ShouldReturnOkStatus() {

src/test/java/com/espacogeek/geek/mutation/user/DeleteUserMutationTest.java

@@ -11,7 +11,7 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.graphql.GraphQlTest;
-import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.test.context.bean.override.mockito.MockitoBean;
 import org.springframework.graphql.test.tester.GraphQlTester;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.ActiveProfiles;
@@ -21,25 +21,31 @@
 import com.espacogeek.geek.models.UserModel;
 import com.espacogeek.geek.services.JwtTokenService;
 import com.espacogeek.geek.services.UserService;
+import com.espacogeek.geek.utils.TokenUtils;
 
 import at.favre.lib.crypto.bcrypt.BCrypt;
 
 @GraphQlTest(UserController.class)
 @ActiveProfiles("test")
+@SuppressWarnings("null")
 class EditEmailMutationTest {
 
     @Autowired
     private GraphQlTester graphQlTester;
 
-    @MockBean
+    @MockitoBean
     private UserService userService;
 
-    @MockBean
+    @MockitoBean
     private JwtConfig jwtConfig;
 
-    @MockBean
+    @MockitoBean
     private JwtTokenService jwtTokenService;
 
+    // Necessário para satisfazer a dependência do UserController
+    @MockitoBean
+    private TokenUtils tokenUtils;
+
     @Test
     @WithMockUser(authorities = {"ROLE_user", "ID_1"})
     void editEmail_ValidPassword_ShouldReturnOkStatus() {

src/test/java/com/espacogeek/geek/mutation/user/EditEmailMutationTest.java

@@ -11,7 +11,7 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.graphql.GraphQlTest;
-import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.test.context.bean.override.mockito.MockitoBean;
 import org.springframework.graphql.test.tester.GraphQlTester;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.ActiveProfiles;
@@ -21,25 +21,31 @@
 import com.espacogeek.geek.models.UserModel;
 import com.espacogeek.geek.services.JwtTokenService;
 import com.espacogeek.geek.services.UserService;
+import com.espacogeek.geek.utils.TokenUtils;
 
 import at.favre.lib.crypto.bcrypt.BCrypt;
 
 @GraphQlTest(UserController.class)
 @ActiveProfiles("test")
+@SuppressWarnings("null")
 class EditPasswordMutationTest {
 
     @Autowired
     private GraphQlTester graphQlTester;
 
-    @MockBean
+    @MockitoBean
     private UserService userService;
 
-    @MockBean
+    @MockitoBean
     private JwtConfig jwtConfig;
 
-    @MockBean
+    @MockitoBean
     private JwtTokenService jwtTokenService;
 
+    // Necessário para satisfazer a dependência do UserController
+    @MockitoBean
+    private TokenUtils tokenUtils;
+
     @Test
     @WithMockUser(authorities = {"ROLE_user", "ID_1"})
     void editPassword_ValidPassword_ShouldReturnOkStatus() {