enhancements/updates to auth service

[NourAlPha]

This pull request introduces several enhancements and updates to the authentication service, including dependency updates, caching support, improved exception handling, and code refactoring for better maintainability. The changes span across configuration files, new DTOs, exception handling, and service logic.

Configuration and Dependency Updates:

• Updated docker-compose.yml to include specific container names, added Redis and RedisInsight services, and pinned versions for postgres, grafana/loki, grafana/promtail, and grafana/grafana images. [1] [2] [3] [4]
• Added mockito-core and mockito-junit-jupiter dependencies to pom.xml for unit testing.

Caching Support:

• Enabled caching in AuthApplication with the @EnableCaching annotation.
• Introduced RedisCacheConfig for Redis-based caching, including a configurable cache manager and TTL settings.
• Updated JWTAuthenticationFilter to use a cached version of loadUserByUsername.

Security Enhancements:

• Added CustomGrantedAuthority and CustomUserDetails DTOs to support custom user details for authentication. [1] [2]
• Improved exception handling in GlobalExceptionHandler for AccessDeniedException and AuthenticationException.
• Refactored SecurityConfig to remove the RestAuthenticationEntryPoint and adjust requestMatchers for better granularity. [1] [2]

Service and Model Improvements:

• Enhanced AuthenticationService to validate input fields during registration and handle already-logged-in users during login. [1] [2]
• Refactored RefreshToken model to use Lombok annotations for builder pattern and constructors. [1] [2]

Logging and Miscellaneous:

• Added logging for successful user authentication in JWTAuthenticationFilter.
• Removed unused RestAuthenticationEntryPoint class.

[Copilot]

Pull Request Overview

This pull request adds integration tests for various authentication controllers while also updating some service logic and security configurations to use a custom granted authority.

• Updated test files to add end-to-end testing for user registration, login, token refresh, logout, and admin access.
• Modified service and security classes to use CustomGrantedAuthority and to improve error handling for refresh token operations.

Reviewed Changes

Copilot reviewed 9 out of 10 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
src/test/java/com/podzilla/auth/service/TokenServiceTest.java	Added an import which may be unused
src/test/java/com/podzilla/auth/service/AuthenticationServiceTest.java	Updated test behavior for token refresh error handling and authority usage
src/test/java/com/podzilla/auth/controller/AuthenticationControllerTest.java	Added integration tests for authentication endpoints
src/test/java/com/podzilla/auth/controller/AdminControllerTest.java	Added integration tests for admin endpoints and role assignments
src/main/java/com/podzilla/auth/service/CustomUserDetailsService.java	Updated to use CustomGrantedAuthority instead of SimpleGrantedAuthority
src/main/java/com/podzilla/auth/service/AuthenticationService.java	Improved refresh token null check and exception handling
src/main/java/com/podzilla/auth/security/SecurityConfig.java	Changed role restriction to use hasAuthority("ROLE_ADMIN")
src/main/java/com/podzilla/auth/dto/CustomUserDetails.java	Added a JsonDeserialize annotation for authorities
src/main/java/com/podzilla/auth/dto/CustomGrantedAuthority.java	New custom granted authority implementation

Files not reviewed (1)

• src/test/resources/application.properties: Language not supported