Rebuild the example as a Spring Boot app on castle-java 3.0.0#8
Draft
bartes wants to merge 4 commits into
Draft
Conversation
Add demo endpoints exercising the SDK directly: /lists-demo (Lists and list items lifecycle), /events-demo (event schema and query), /privacy-demo (privacy data request) and /webhooks (verifies the X-Castle-Signature header against the raw request body). Link them from the home page. Bump the castle-java dependency to 2.2.0 and the app version to 1.5.0.
Replace the JSP/servlet authenticate + track app with a Thymeleaf Spring Boot 3 app demonstrating the modern Castle surface: the filter/risk/log lifecycle (sign up, login, account, password reset), the typed Lists API, privacy request/delete, and webhook signature verification. Target the castle-java 3.0.0 SDK on jakarta.servlet and run CI on a JDK 17/21/25 matrix, building the SDK from source until 3.0.0 is published.
Add a SpringBootTest/MockMvc suite covering context startup, the home page, and webhook signature verification (accepts a valid X-Castle-Signature, rejects an invalid one). A test castle_api_secret is injected through the surefire environment so the Castle singleton initialises during tests.
Add an /events workflow that calls eventsSchema and queryEvents and renders both responses, registered in the demo catalog and reachable from the home page alongside the lists, privacy and webhooks demos.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rebuilds the demo as a Spring Boot 3 (Thymeleaf) application on castle-java 3.0.0.
What's demonstrated
Every action mints a fresh
Castle.createRequestToken()in the browser and forwards it to the backend, which calls Castle and acts on the verdict.filter,riskandlogendpointscreateList,listAllLists)eventsSchema,queryEvents)verifyWebhookSignatureagainst theX-Castle-Signatureheader, and recent payloads are listedChanges
authenticate+tracklogin flow) with server-rendered Thymeleaf pages and Spring MVC JSON endpointsjakarta.servlet(Spring Boot 3)castle-java3.0.0 and use the typed Lists models (ListRequest/ListResponse)SpringBootTest/MockMvcsuite (context startup, home page, webhook signature accept/reject)