[Java] Add a new language generator for undertow-server framework

[stevehu]

PR checklist

• [ x] Read the contribution guildelines.
• [ x] Ran the shell/batch script under ./bin/ to update Petstore sample so that CIs can verify the change. (For instance, only need to run./bin/{LANG}-petstore.sh if updating the {LANG} (e.g. php, ruby, python, etc) code generator or {LANG} client's mustache templates)
• [ x] Filed the PR against the correct branch: master for non-breaking changes and 2.3.0 branch for breaking (non-backward compatible) changes.

Description of the PR

(details of the change, additional tests that have been done, reference to the issue for tracking, etc)

Add a new language generator for https://github.com/networknt/undertow-server. The framework is built on top of undertow core http and supports most features needed for dockerized macro services. It can serve 1.2 million requests per second for "Hello World" on my i5 desktop. Thanks.

[wing328]

@stevehu thanks for the PR.

The CI (travis) reports the following error:

[INFO] Scanning for projects...
[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]   
[ERROR]   The project io.swagger:swagger-codegen-project:2.2.2-SNAPSHOT (/home/travis/build/swagger-api/swagger-codegen/pom.xml) has 1 error
[ERROR]     Child module /home/travis/build/swagger-api/swagger-codegen/samples/server/petstore/java-undertow of /home/travis/build/swagger-api/swagger-codegen/pom.xml does not exist
[ERROR] 

Let me know if you need help fixing it.

[wing328]

(btw, for your upcoming PRs, I would suggest using a new branch instead of using master as per git best practices)

[stevehu]

I am new to travis. Could you point me to the right location to the issue? Or help me to fix it if it takes longer to teach me:)

[stevehu]

@wing328 I have fixed the ci issue. Yes. I will create a new branch instead of using master. Thanks for the great work!

[wing328]

@stevehu thanks for the PR, which looks good to me.

[wing328]

I tweeted about the Undertow generator: https://twitter.com/wing328/status/777882746966253572

Please help retweet to promote the new generator. Thanks!

[ePaul]

What is this certificate for?

[stevehu]

This is a default public key certificate for distributed jwt token
verification. The OAuth2 is built in to the framework along with a
validator runtime against swagger.json.

Here are the links for more info about the framework.

https://github.com/networknt/undertow-server
https://github.com/networknt/undertow-server-oauth2

I have a long lived token in the readme.md of undertow-server-oauth2 for
testing and you can turn it off in security.json under resources/config
folder. Thanks.

On Mon, Sep 19, 2016 at 11:10 AM, Paŭlo Ebermann notifications@github.com
wrote:

@ePaul commented on this pull request.

In modules/swagger-codegen/src/main/resources/undertow/primary.crt
#3820 (review)
:

+Y2hub2xvZ2llcyBJbmMuMQwwCgYDVQQLEwNERVYxETAPBgNVBAMTCFN0ZXZlIEh1MB4XDTE2MDkw
+MTE2MTYxNVoXDTI2MDcxMTE2MTYxNVowfjELMAkGA1UEBhMCQ0ExEDAOBgNVBAgTB09udGFyaW8x
+FDASBgNVBAcTC01pc3Npc3NhdWdhMSYwJAYDVQQKEx1OZXR3b3JrIE5ldyBUZWNobm9sb2dpZXMg
+SW5jLjEMMAoGA1UECxMDREVWMREwDwYDVQQDEwhTdGV2ZSBIdTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALrlxMtDb60DogElf4TBz504tRheZimAE0dJL/Yby4nacJdqvc5l4z+WWpDf
+rI9krQ2Yi9yvhwAP+PrR6gWcIqWP4cpNE7XIAUDgr4CtyI7CptT/lpjtbkz4DGCMmaeDn0jqHqJt
+SeSZGfwVu5zAGm8n4sHatjnnxBI/iWzkTII3V4xv0WeK37szNTEd+ly2ag7n2IV5zNnYmqZTeMQm
+J2ENS+IwAG3ENtiVtrVTx/2bGtqutJjtdxsN58/cUG/guRyMT6OPI8Yi3ZzevdvRbxadyhEl/Kaw
+6vJcdxmJI3tp4lx+p6sAxOWa7aapJe4JxutAQqzv0GKdVjoHKQ1wB60CAwEAAaMhMB8wHQYDVR0O
+BBYEFIPF9SBd06RWU1eDL73CKfy01lavMA0GCSqGSIb3DQEBCwUAA4IBAQAoaKZGOak3Upz/ordF
+slZoJuZlCu7jnKQEjYwHf3DNxcd1WmgFPtMcna6pW0VUxPIfidEA6VCMsGoK1RvshB0SjrRdCht6
+5qPXs9kV3NW0WvMiwDSYZZ9HgaZ9efTe5E9Fzc7ltKrE43L6k8NJcaEEWEdpdjFbrAqH4I+j/Vro
+K3OhIo062fXjas5ipL4gF+3ECImjWzirQP8UiAfM0/36x7rtAu3btH/qI9hSyx39LBPPE5AsDJZ4
+dSMwNTW1gqmBAZIj+zQ/RD5dyWfPwON7Q+t96YbK6WBuYo0xy+I+PjcUgrWYWP3N24hlq8ZBIei+
+BudoEVJlIlmS0aRCuP8n
+-----END CERTIFICATE-----

What is this certificate for?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#3820 (review),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AB8p4ez-TBplT8X6gjrvDuDjRBMKxc7fks5qrqXugaJpZM4KADNe
.

[ePaul]

Hmm, I just fear that with this we get many production servers which all accept the same token, just because people don't recognize that there is one.

It is a similar case to routers with default passwords going live.

Maybe a better solution would be to generate a new key pair (and possibly a test token) each time?

[cbornet]

Also I'm not sure everybody wants OAuth2/JWT auth. This is normally something that is declared in securityDefinitions field of swagger spec.

[stevehu]

@p the demo certificate can only verify the tokens issued by my mock oauth2
server and for production, it should use another oauth2 provider and they
will issue a public key certificate to replace the one inside the generated
code.

@C we assume most people will use oauth2 in the first place but leave it
configurable and extensible. you can turn it off in security.json and
plugin another handler for other authenticate like SAML etc.

On Mon, Sep 19, 2016 at 11:41 AM, Christophe Bornet <
notifications@github.com> wrote:

Also I'm not sure everybody wants OAuth2/JWT auth. This is normally
something that is declared in securityDefinitions field of swagger spec.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#3820 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AB8p4USKyvTSNqv1RM74A0vyDWy5OuB1ks5qrq0rgaJpZM4KADNe
.