fixing clients

new frontend
2025-09-25 21:12:15 +02:00 · 2025-09-25 21:12:15 +02:00 · 3aa4e3c412
commit 3aa4e3c412
parent 0cc25cb108
12 changed files with 1032 additions and 63 deletions
--- a/clients/app/build.gradle.kts
+++ b/clients/app/build.gradle.kts
@ -1,3 +1,11 @@
@file:OptIn(ExperimentalKotlinGradlePluginApi::class)
 import org.jetbrains.kotlin.gradle.ExperimentalKotlinGradlePluginApi
 /**
 * Dieses Modul ist der "Host". Es kennt alle Features und die Shared-Module und
 * setzt sie zu einer lauffähigen Anwendung zusammen.
 */
 plugins {
    alias(libs.plugins.kotlinMultiplatform)
    alias(libs.plugins.composeMultiplatform)
@ -8,9 +16,20 @@ group = "at.mocode.clients"
 version = "1.0.0"
 kotlin {
-    jvm()
+    jvm {
-    js {
+        binaries {
-        browser()
+            executable {
                mainClass.set("MainKt")
            }
        }
    }
    js(IR) {
        browser {
            testTask {
                enabled = false
            }
        }
        binaries.executable()
    }
    jvmToolchain(21)
@ -35,6 +54,12 @@ kotlin {
                implementation(libs.androidx.lifecycle.viewmodelCompose)
            }
        }
        val jvmMain by getting {
            dependencies {
                implementation(compose.desktop.currentOs)
                implementation(libs.kotlinx.coroutines.swing)
            }
        }
        val commonTest by getting {
            dependencies {
                implementation(libs.kotlin.test)
@ -42,3 +67,12 @@ kotlin {
        }
    }
 }
 // Configure duplicate handling strategy for distribution tasks
 tasks.withType<Tar> {
    duplicatesStrategy = DuplicatesStrategy.EXCLUDE
 }
 tasks.withType<Zip> {
    duplicatesStrategy = DuplicatesStrategy.EXCLUDE
 }
--- a/clients/app/src/jsMain/resources/index.html
+++ b/clients/app/src/jsMain/resources/index.html
@ -0,0 +1,18 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <title>Title</title>
    <style>
        html, body {
            height: 100%;
            margin: 0;
            padding: 0;
            overflow: hidden; /* Verhindert Scrollbalken durch die Canvas */
        }
    </style>
 </head>
 <body>
 <script src="Meldestelle-clients-app.js"></script>
 </body>
 </html>
--- a/clients/ping-feature/build.gradle.kts
+++ b/clients/ping-feature/build.gradle.kts
@ -1,3 +1,8 @@
 /**
 * Dieses Modul kapselt die gesamte UI und Logik für das Ping-Feature.
 * Es kennt seine eigenen technischen Abhängigkeiten (Ktor, Coroutines)
 * und den UI-Baukasten (common-ui), aber es kennt keine anderen Features.
 */
 plugins {
    alias(libs.plugins.kotlinMultiplatform)
    alias(libs.plugins.composeMultiplatform)
@ -11,7 +16,11 @@ version = "1.0.0"
 kotlin {
    jvm()
    js {
-        browser()
+        browser {
            testTask {
                enabled = false
            }
        }
    }
    jvmToolchain(21)
--- a/clients/shared/common-ui/build.gradle.kts
+++ b/clients/shared/common-ui/build.gradle.kts
@ -1,3 +1,7 @@
 /**
 * Dieses Modul stellt "dumme", wiederverwendbare UI-Komponenten und das Theme bereit.
 * Es darf keine Ahnung von irgendeiner Fachlichkeit haben.
 */
 plugins {
    alias(libs.plugins.kotlinMultiplatform)
    alias(libs.plugins.composeMultiplatform)
@ -10,7 +14,11 @@ version = "1.0.0"
 kotlin {
    jvm()
    js {
-        browser()
+        browser {
            testTask {
                enabled = false
            }
        }
    }
    jvmToolchain(21)
--- a/clients/shared/common-ui/src/commonMain/kotlin/at/mocode/clients/shared/commonui/components/AppScaffold.kt
+++ b/clients/shared/common-ui/src/commonMain/kotlin/at/mocode/clients/shared/commonui/components/AppScaffold.kt
@ -1,9 +1,9 @@
 package at.mocode.clients.shared.commonui.components
-import androidx.compose.foundation.layout.*
+import androidx.compose.foundation.layout.PaddingValues
-import androidx.compose.material3.*
+import androidx.compose.material3.ExperimentalMaterial3Api
 import androidx.compose.material3.Scaffold
 import androidx.compose.runtime.Composable
 import androidx.compose.ui.Modifier
@OptIn(ExperimentalMaterial3Api::class)
@Composable
--- a/clients/shared/navigation/build.gradle.kts
+++ b/clients/shared/navigation/build.gradle.kts
@ -1,3 +1,7 @@
 /**
 * Dieses Modul definiert nur die Navigationsrouten.
 * Es ist noch simpler.
 */
 plugins {
    alias(libs.plugins.kotlinMultiplatform)
 }
--- a/docker-compose.services.yml
+++ b/docker-compose.services.yml
@ -22,7 +22,13 @@ services:
        VERSION: ${DOCKER_APP_VERSION:-1.0.0}
        # Service-specific arguments (from docker/build-args/services.env)
        SPRING_PROFILES_ACTIVE: ${DOCKER_SPRING_PROFILES_DOCKER:-docker}
      # Enable BuildKit for better caching and performance
      platforms:
        - linux/amd64
    container_name: meldestelle-ping-service
    volumes:
      # Mount Gradle cache for better build performance
      - ping-service-gradle-cache:/home/gradle/.gradle
    environment:
      SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-docker}
      SERVER_PORT: ${PING_SERVICE_PORT:-8082}
@ -42,13 +48,13 @@ services:
      - "${PING_SERVICE_PORT:-8082}:8082"
    networks:
      - meldestelle-network
-    depends_on:
+#    depends_on:
-      postgres:
+#      postgres:
-        condition: service_healthy
+#        condition: service_healthy
-      redis:
+#      redis:
-        condition: service_healthy
+#        condition: service_healthy
-      consul:
+#      consul:
-        condition: service_healthy
+#        condition: service_healthy
    healthcheck:
      test: [ "CMD", "curl", "--fail", "http://localhost:8082/actuator/health/readiness" ]
      interval: 15s
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -217,7 +217,13 @@ services:
        VERSION: ${DOCKER_APP_VERSION:-1.0.0}
        # Infrastructure-specific arguments (from docker/build-args/infrastructure.env)
        SPRING_PROFILES_ACTIVE: ${DOCKER_SPRING_PROFILES_DEFAULT:-default}
      # Enable BuildKit for better caching and performance
      platforms:
        - linux/amd64
    container_name: meldestelle-api-gateway
    volumes:
      # Mount Gradle cache for better build performance
      - api-gateway-gradle-cache:/home/gradle/.gradle
    environment:
      SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-dev}
      CONSUL_HOST: consul
--- a/dockerfiles/infrastructure/gateway/Dockerfile
+++ b/dockerfiles/infrastructure/gateway/Dockerfile
@ -3,7 +3,7 @@
 # ===================================================================
 # Multi-stage Dockerfile for Meldestelle API Gateway
 # Features: Security hardening, monitoring support, optimal caching, BuildKit cache mounts
-# Version: 2.0.0 - Canonical location with full optimization
+# Version: 2.1.0 - Optimized and corrected version
 # ===================================================================
 # === CENTRALIZED BUILD ARGUMENTS ===
@ -35,11 +35,10 @@ LABEL build.date="${BUILD_DATE}"
 WORKDIR /workspace
-# Gradle optimizations for containerized builds
+# Gradle optimizations for containerized builds (removed deprecated configureondemand)
 ENV GRADLE_OPTS="-Dorg.gradle.caching=true \
                 -Dorg.gradle.daemon=false \
                 -Dorg.gradle.parallel=true \
                 -Dorg.gradle.configureondemand=true \
                 -Dorg.gradle.workers.max=2 \
                 -Dorg.gradle.jvmargs=-Xmx2g \
                 -XX:+UseParallelGC \
@ -59,27 +58,27 @@ COPY core/ core/
 # Copy infrastructure directories (required by settings.gradle.kts)
 COPY infrastructure/ infrastructure/
 # Copy services directories (required by settings.gradle.kts)
 COPY services/ services/
 # Copy client directories (required by settings.gradle.kts)
-COPY client/ client/
+COPY clients/ clients/
 # Copy docs directory (required by settings.gradle.kts)
 COPY docs/ docs/
 # Copy temporary directory (required by settings.gradle.kts)
 COPY temp/ temp/
 # Copy root build configuration
 COPY build.gradle.kts ./
-# Download and cache dependencies with BuildKit cache mount
+# Download and cache dependencies with BuildKit cache mount (removed deprecated flag)
 RUN --mount=type=cache,target=/home/gradle/.gradle/caches \
    --mount=type=cache,target=/home/gradle/.gradle/wrapper \
-    ./gradlew :infrastructure:gateway:dependencies --no-daemon --info
+    ./gradlew :infrastructure:gateway:dependencies --info
-# Build the application with optimizations and build cache
+# Build the application with optimizations and build cache (removed deprecated flag)
 RUN --mount=type=cache,target=/home/gradle/.gradle/caches \
    --mount=type=cache,target=/home/gradle/.gradle/wrapper \
-    ./gradlew :infrastructure:gateway:bootJar --no-daemon --info \
+    ./gradlew :infrastructure:gateway:bootJar --info \
    -Pspring.profiles.active=${SPRING_PROFILES_ACTIVE}
 # Extract JAR layers for better caching in runtime stage
@ -155,6 +154,7 @@ HEALTHCHECK --interval=15s --timeout=3s --start-period=40s --retries=3 \
    CMD curl -fsS --max-time 2 http://localhost:8081/actuator/health/readiness || exit 1
 # Optimized JVM settings for Spring Cloud Gateway with Java 21
 # Removed deprecated UseTransparentHugePages flag for better compatibility
 ENV JAVA_OPTS="-XX:MaxRAMPercentage=80.0 \
    -XX:+UseG1GC \
    -XX:+UseStringDeduplication \
@ -162,8 +162,6 @@ ENV JAVA_OPTS="-XX:MaxRAMPercentage=80.0 \
    -XX:G1HeapRegionSize=16m \
    -XX:G1ReservePercent=25 \
    -XX:InitiatingHeapOccupancyPercent=30 \
    -XX:+UnlockExperimentalVMOptions \
    -XX:+UseTransparentHugePages \
    -XX:+AlwaysPreTouch \
    -XX:+DisableExplicitGC \
    -Djava.security.egd=file:/dev/./urandom \
@ -175,7 +173,7 @@ ENV JAVA_OPTS="-XX:MaxRAMPercentage=80.0 \
    -Dmanagement.endpoint.health.show-details=always \
    -Dmanagement.prometheus.metrics.export.enabled=true"
-# Spring Boot configuration
+# Spring Boot configuration (consistent port variable usage)
 ENV SPRING_OUTPUT_ANSI_ENABLED=ALWAYS \
    SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE} \
    SERVER_PORT=8081 \
@ -183,11 +181,13 @@ ENV SPRING_OUTPUT_ANSI_ENABLED=ALWAYS \
    LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_CLOUD_GATEWAY=DEBUG
 # Enhanced entrypoint with tini init system and conditional debug support
 # Fixed memory cgroup path for better compatibility with different container runtimes
 ENTRYPOINT ["tini", "--", "sh", "-c", "\
    echo 'Starting API Gateway with Java ${JAVA_VERSION}...'; \
    echo 'Active Spring profiles: ${SPRING_PROFILES_ACTIVE}'; \
-    echo 'Gateway port: ${GATEWAY_PORT:-8081}'; \
+    echo 'Gateway port: ${SERVER_PORT}'; \
-    echo 'Container memory: '$(cat /sys/fs/cgroup/memory/memory.limit_in_bytes 2>/dev/null || echo 'unlimited'); \
+    MEMORY_LIMIT=$(cat /sys/fs/cgroup/memory.max 2>/dev/null || cat /sys/fs/cgroup/memory/memory.limit_in_bytes 2>/dev/null || echo 'unlimited'); \
    echo \"Container memory limit: $MEMORY_LIMIT\"; \
    if [ \"${DEBUG:-false}\" = \"true\" ]; then \
        echo 'DEBUG mode enabled - remote debugging available on port 5005'; \
        exec java ${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 org.springframework.boot.loader.launch.JarLauncher; \
--- a/dockerfiles/services/ping-service/Dockerfile
+++ b/dockerfiles/services/ping-service/Dockerfile
@ -1,9 +1,9 @@
-# syntax=docker/dockerfile:1.7
+# syntax=docker/dockerfile:1.8
 # ===================================================================
-# Optimized Dockerfile for Spring Boot Ping Service
+# Multi-stage Dockerfile for Meldestelle Ping Service
-# Features: Multi-stage build, security hardening, monitoring support, enhanced caching
+# Features: Security hardening, monitoring support, optimal caching, BuildKit cache mounts
-# Version: 2.0.0 - Enhanced optimization and security
+# Version: 2.1.0 - Optimized and corrected version
 # ===================================================================
 # === CENTRALIZED BUILD ARGUMENTS ===
@ -29,13 +29,12 @@ LABEL stage=builder \
 WORKDIR /workspace
-# Optimize Gradle build settings for containerized builds
+# Gradle optimizations for containerized builds (removed deprecated configureondemand)
 ENV GRADLE_OPTS="-Dorg.gradle.caching=true \
                 -Dorg.gradle.daemon=false \
                 -Dorg.gradle.parallel=true \
                 -Dorg.gradle.configureondemand=true \
                 -Dorg.gradle.workers.max=2 \
-                 -Dorg.gradle.jvmargs=-Xmx1536m \
+                 -Dorg.gradle.jvmargs=-Xmx2g \
                 -XX:+UseParallelGC \
                 -XX:MaxMetaspaceSize=512m"
@ -58,6 +57,9 @@ COPY core/ core/
 # Copy infrastructure directories (required by settings.gradle.kts)
 COPY infrastructure/ infrastructure/
 # Copy services directories (required by settings.gradle.kts)
 COPY services/ services/
 # Copy docs directory (required by settings.gradle.kts)
 COPY docs/ docs/
@ -145,7 +147,8 @@ EXPOSE 8082 5005
 HEALTHCHECK --interval=15s --timeout=3s --start-period=40s --retries=3 \
    CMD curl -fsS --max-time 2 http://localhost:8082/actuator/health/readiness || exit 1
-# Optimized JVM settings for Java 21 with enhanced container support
+# Optimized JVM settings for Spring Boot microservice with Java 21
 # Removed deprecated UseTransparentHugePages flag for better compatibility
 ENV JAVA_OPTS="-XX:MaxRAMPercentage=75.0 \
    -XX:+UseG1GC \
    -XX:+UseStringDeduplication \
@ -153,8 +156,6 @@ ENV JAVA_OPTS="-XX:MaxRAMPercentage=75.0 \
    -XX:G1HeapRegionSize=16m \
    -XX:G1ReservePercent=25 \
    -XX:InitiatingHeapOccupancyPercent=30 \
    -XX:+UnlockExperimentalVMOptions \
    -XX:+UseTransparentHugePages \
    -XX:+AlwaysPreTouch \
    -XX:+DisableExplicitGC \
    -Djava.security.egd=file:/dev/./urandom \
@ -173,14 +174,17 @@ ENV SPRING_OUTPUT_ANSI_ENABLED=ALWAYS \
    LOGGING_LEVEL_ROOT=INFO
 # Enhanced entrypoint with tini init system and conditional debug support
 # Fixed memory cgroup path for better compatibility with different container runtimes
 ENTRYPOINT ["tini", "--", "sh", "-c", "\
-    echo 'Starting ping-service with Java ${JAVA_VERSION}...'; \
+    echo 'Starting Ping Service with Java ${JAVA_VERSION}...'; \
    echo 'Active Spring profiles: ${SPRING_PROFILES_ACTIVE}'; \
-    echo 'Container memory: '$(cat /sys/fs/cgroup/memory/memory.limit_in_bytes 2>/dev/null || echo 'unlimited'); \
+    echo 'Service port: ${SERVER_PORT}'; \
    MEMORY_LIMIT=$(cat /sys/fs/cgroup/memory.max 2>/dev/null || cat /sys/fs/cgroup/memory/memory.limit_in_bytes 2>/dev/null || echo 'unlimited'); \
    echo \"Container memory limit: $MEMORY_LIMIT\"; \
    if [ \"${DEBUG:-false}\" = \"true\" ]; then \
        echo 'DEBUG mode enabled - remote debugging available on port 5005'; \
        exec java ${JAVA_OPTS} -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 -jar app.jar; \
    else \
-        echo 'Starting application in production mode'; \
+        echo 'Starting Ping Service in production mode'; \
        exec java ${JAVA_OPTS} -jar app.jar; \
    fi"]
--- a/infrastructure/auth/auth-client/src/main/kotlin/at/mocode/infrastructure/auth/client/JwtService.kt
+++ b/infrastructure/auth/auth-client/src/main/kotlin/at/mocode/infrastructure/auth/client/JwtService.kt
@ -58,7 +58,14 @@ class JwtService(
     */
    fun validateToken(token: String): Result<Boolean> {
        return try {
-            // The library verifier already performs signature validation, so no need for redundant pre-check
+            // Strict pre-check to ensure the exact Base64URL signature matches before decoding.
            // This defends against edge cases where Base64URL decoders may ignore insignificant bits
            // in the last character, which could allow certain tamperings to slip through.
            if (!hasValidSignature(token)) {
                throw JWTVerificationException("Invalid token signature")
            }
            // Library verifier performs cryptographic verification and claim checks (issuer, audience, exp, ...)
            verifier.verify(token)
            Result.success(true)
        } catch (e: JWTVerificationException) {
--- a/kotlin-js-store/yarn.lock
+++ b/kotlin-js-store/yarn.lock