Machaq sarnaqäwi

Kunatsa JWT ukax App Empresarial ukar seguridad uñt’ayañatakix wali askiwa – Ukat kunats KumuluzEE ukax Machaq Suma Amigoma ukhamäspa

ukata João Esperancinha40m2025/01/17

Sinti jaya pachanakawa; Uñxatt’añataki

‘JWT’ jan ukax JavaScript Object Notation Web Token ukax mä estándar uñt’ayatawa [ RFC7519] Ukax walja thakhinak uñt’ayatawa ukatx pä jaqinak taypin yatiyawinak apañatakiw apnaqasispa. Aka qillqatanx kunjams `JWT` ukax mä común Java empresan aplicación ukar mayacht’asispa uk uñakipt’añäni.

featured image - Kunatsa JWT ukax App Empresarial ukar seguridad uñt’ayañatakix wali askiwa – Ukat kunats KumuluzEE ukax Machaq Suma Amigoma ukhamäspa

Jichhürunakanxa, juk’ampi llakisiñanakaxa lurawi tuqita utjistu, uka pachparakiwa, kunjamasa sistemas ukanakaxa jank’aki ukhamaraki atinisiñampi aruskipt’apxaspa uk yatiñ munapxta. Walja kutiw yatiyawinak apayañ munapxta ukat jan yatiyañ munapxta ukat jan kuna jan walt’äwinakax utjañapataki. Datos sensibles ukax yaqhip pachax web tuqiw jaqinak nayraqatan sarnaqañapa ukat alambre ukan mayni tukuñanx lurawinakaruw sartañapa. Jilapachax lurawinakaw uñstayañ munapxta, ukax mutaciones de datos ukanakaruw puriyani. Uka tuqinakanxa, janiw jiwasan datos ukanakas jark’aqañakix uñch’ukipkti. Jiwasax kuna lurawinakas jiwasan yatiyawinakas apayanisax ch’amanchatäki ukax atinisiñ munapxta. Jiwasax walja tuqinakatw datos ukanakas jark’aqaraksna. Jilapachax, mä TLS (Seguridad de capas de Transporte) uka seguridad conexión tuqiw yatiyawinak apayapxtanxa. Ukax jiwasan datos ukanakax Encriptado alambre tuqiw jikxatasi. Jiwasax Certificados ukanak apnaqapxta, pä jaqinak taypin atinisiñ uñstayañataki ukat ukax phuqhañataki.Aka qillqatanx JWT ukan normapatw aruskipt’añ munta ukat juk’amp uñjañ munta kunjams JWT ukax mä aplicación común Enterprise ukar mayacht’asispa. Ukhamächi ukhaxa, KumuluzEE uñakipt’añäni .Mä qawqha amuyt’awinak uñakipt’añäni. JWT jan ukax JSON Web Token, jan ukax juk’amp sumaxa, JavaScript Object Notation Web Token, ukax mä estándar ukaw RFC7519 ukan qhanañchata. Aka kamachix, taqi RFC (Request For Comments) kamachinakjama, IETF (Fuerza de Tareas de Ingeniería de Internet) ukan qhanañchata, qillqt’ata, ukat uñt’ayata. Walja tuqinakatwa qhanañchasispa. Jilapachax JWT ukax mä compacto, seguro ukhamawa, pä partidos ukanakan reclamaciones ukanakar transmitir sañjamawa. Mä thakhix kunatix mä reclamación ukax simplificar, chiqpachanx mä suti/valor par ukham uñt’ayañawa, ukax yatiyawinak uñt’ayi. Jiwasax aka yatiyawinak munapxta, mä qawqha wakiskir askinak jiwasan internet tuqin yatiyaw garantizañataki. Jiwasax yatiyawinak katuqktan ukax nayrïr kutix chiqapar uñjatäñapataki ukat atinisiñapatakiw ch’amachasiñasa. Ukatxa, ukax chiqapar uñjañasawa. Akax chiqpachanx ukhamawa.Aka norma phuqhañatakix walja marcos ukanakaw apnaqasispa, ukax Java empresan aplicación ukar phuqhañ yanapt’istaspa. Spring Boot ukax wali apnaqatawa. Walja kutiw yaqha sutimp software de propiedad ukan yaqhip organizacionanakat bancos ukhamarak yaqha qullqituqit organizacionanakat uñt’ayataraki. Jiwasan uñacht’äwisatakix yaqha lurañ amtawayta. Spring Boot ukat sipansa, KumuluzEE ukamp mä uñacht’äw uñakipt’añäni. Punto ukax JWT ukax kunjamas ukat kunjams uñtasi uk sum uñt’añawa. Java Enterprise Aplicaciones ukax chiqpachanx mä servidor de aplicaciones ukan uñstayatäspawa jan ukax mä servidor incrustado apnaqañ tuqikiw jupanakpachax apnaqasispa. Mä uñacht’awi, Spring Boot ukax mä servidor Tomcat ukan uñt’ayatawa. Aka qillqatanx KumuluzEE ukar uñt’ayañäni. Kunjamatix Spring Boot ukax mä servidor embebido ukampiw utjaraki. Jan ukasti aka tuqinx Jetty satawa. Ukax Soldadura ukamp chikt’ataw apnaqasi, ukhamat CDI(Inyección de Dependencia del Contexto) ukar puriñapataki. Taqi Java EE ukat Jakarta EE tecnología ukan kamachinakapax aka framework ukamp chikancht'atawa .

2. Caso Uñacht’äwi

Kunjams JWT ukax forma básica ukan irnaqt’i uk uñacht’ayañatakix mä thakhi uñacht’ayañaw wakisi. Uñacht’awinakax clásicos ukanakax kawkhantix seguridad ukax mä llakiw bancos ukanakawa. Ukampirus mä banco taqpach solicitud lurañax kunjams JWT ukax irnaqaski uk uñacht’ayañatakix mä pacha ina ch’usar apt’asispa ukat inas walja amuyunakax ukanx utjchispa. Ukhamakipansti, kuntix lurawaykta ukax mä sistema bancario wali sapurukiwa. Jiwasan jach’a llakisax uñacht’ayañawa kunjams datos ukax alambre tuqix saraski ukat kunjams apnaqirinakax yaqhip chiqanakar jiwasan aplicación ukar mantapxi. Ukhamarakiw janiw TLS ukat kunjams encriptado yatiyawinak alambre tuqi apayanisna ukxat aruskipt’añ munkti. Jiwasax JWT ukarux q’uma uñtawimpiw uñch’ukiñäni.Jiwasan casosax sistema bancario ukawa, ukax mä tamaw naturaleza ukat medio ambiente ukar arxati. Akax mä kusiskañ thakhikiwa, kunjams JWT irnaqaski uk uñacht’ayañataki. Aka Liga de Naturaleza ukan nayrïr jaqix Lucy satawa, jupax taqi qillqatanakajanx mä común jaqiruw tukuski.

3. Arquitectura luraña

Janïr qalltkasaxa, jiwasan t’ijtir aplicación ukar bosquejarkañäni. Mä aplicación wali sapuru, ukampis wali askiw dibujar:

Kunatsa akax wali ch’amawa, kunatix JWT ukax sapa mayiwiruw uñakipata ukatx sapa mayiwix clave pública ukampiw chiqanchataraki, ukhamax yattanwa kunapachatix sapa mayiwix chiqap token apayaniñäni ukhax pasañjamawa. JWT ukax OAuth2, Okta SSO, jan ukax yaqha mecanismo de autorización ukampiw mayacht’asispa. Ukhamächi ukhaxa, kuntix lurasktan ukax autenticación ukat autorizacionanak utt’ayañawa. Jiwasan aplicación ukanx JWT apnaqañaw wakisi ukatx ukampiw, mä firma apnaqañ yatiyaw chiqapar uñt’ayañasa. Ukampirus janiw uka aplikacionarux mantkañäniti. Ukhamakipansti, jiwasax apnaqirinakaruw jiwasan aplicación ukar apnaqañapatak jaysañäni, ukatx suma chiqanchañ tukuyatat. Aka chiqanx, JWT ukax chuymapanx chiqpachanx mä phuqhat aplicación ukan wali jisk’a chiqapawa, uk uñjañax jasakiwa. Ukhampachasa, mä qawqha funcionalidades ukanakax yapxatañaw wakisi. Akax Recursos ukanakaw wakisi:

Sistema de equilibrio ukaxa
Sistema de crédito ukaxa

Jiwasan sistema básico ukax qullqi ukat crédito mayiwinakakiw qillqantatäni sañani. Esencial ukax mäkiw valores ukanakax apthapita. Ukat yaqhip jaqinakax jachʼañchatäpxani ukat yaqhipanakax janiw jachʼañchapkaniti sasaw amuytʼarakiñäni. Yaqhip jaqinakax qullqi imañ yatipxani ukat yaqhip jaqinakax crédito katuqapxani.

4. Tecnologías ukanaka ajlliña

Kunjamatix qalltawinx arsuwayktanxa, KumuluzEE ukax jiwasan empresan aplicacin ukan marco ukham apnaqañäni, ukatx mä aplicación ultrabsica ukaruw phuqhañäni, ukhamat JWT terminología básica ukat conceptos ukanakar uñakipt’añataki.Java chiqap versión ukaniñapatakiw ch’amachasiñani. Aka pachanxa, Java 17 SDK ukax mä jisk’a uñstayatawa. Jiwasax maven, git, mä Java-compatible IDE IntelliJ ukham munasini, ukat mä shell mä kasta.

5. Uñstayaña

Jiwasan aplicación qalltañatakix mä qawqha KumuluzEE dependencias ukanakaw utjistu. Ukax jilpachax kunatix KumuluzEE , kunjamakitix Spring Boot ukax mä qawqha dependencias ukanakaw munasispa. POM qillqat mä juk’a uñakipt’añäni:

 <dependencies> <dependency> <groupId>com.kumuluz.ee.openapi</groupId> <artifactId>kumuluzee-openapi-mp</artifactId> </dependency> <dependency> <groupId>com.kumuluz.ee.openapi</groupId> <artifactId>kumuluzee-openapi-mp-ui</artifactId> </dependency> <dependency> <groupId>com.kumuluz.ee</groupId> <artifactId>kumuluzee-microProfile-3.3</artifactId> </dependency> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-core</artifactId> </dependency> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> </dependency> <dependency> <groupId>org.jetbrains.kotlin</groupId> <artifactId>kotlin-stdlib</artifactId> </dependency> <dependency> <groupId>org.assertj</groupId> <artifactId>assertj-core</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>org.junit.jupiter</groupId> <artifactId>junit-jupiter</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>io.mockk</groupId> <artifactId>mockk-jvm</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>com.ninja-squad</groupId> <artifactId>springmockk</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>io.kotest</groupId> <artifactId>kotest-assertions-core-jvm</artifactId> <scope>test</scope> </dependency> </dependencies>

Mä qawqha dependencias ukanakat mä juk’a aruskipt’añäni. Kunjamtix aka ullart’ktanxa, jiwasan pom.xml qillqatarux patat aynacharu arktañamawa. Aka qhananchawi amuyañatakixa wali askiwa.Jiwasaxa mä paquete de dependencias ukawa munasiraki, ukhamata jiwasana aplicacin ukaxa irnaqañapataki. , Wali askiwa, KumuluzEE , Microperfil bibliotecas ukanakaw utjistu ukax paquetes estándar básicos ukanakaw utji aka aplicación qalltañataki. Ukax taqpach KumuluzEE -Microprofile biblioteca ukan uñt’ayatawa. Jiwasan app ukax taqi parámetros JWT ukanak wakicht’añatakix mä biblioteca MicroProfile ukaruw yapxatañasa. Uka pachparakiw mä biblioteca de procesamiento JSON ukax wakisi. Ukhamaw Johnson Core jupax lurani. Jiwasax chiqans KumuluzEE ukan núcleo ukan irnaqañatakix munapxta. Jetty ukax servidor subyacente ukawa, ukax KumuluzEE marco ukaruw apnaqi. Ukatpï jiwasan dependencianakasanx ukax wakisi. CDI ukax munasktan uk amuyt’asax mä biblioteca ukaruw yanapt’arakistu. Jiwasan REST tukuyañ chiqanakas ch’amanchañatakix KumuluzEE ukan samarañ biblioteca ukax wakisiwa. Jiwasan API ukar puriñatakikix, ukatx mä biblioteca Geronimo ukaruw munapxta. Ukhamatwa mä phuqhawi JSR-374 ukax utjañapataki. Ukhamaraki, JWT ukat JSON-formatted ukan utjki ukanak qhanañchañaw wakisi.Lombok ukax janiw chiqpachans per se wakiskiti. ¡Taqi kuns suma ukat lliphipiyañakiw tukuyi! Ukhamaraki, logback ukaxa wali askiwa, ukhamata registros ukanaka juk’ampi ch’amanchañataki ukhamaraki jiwasana lurawinakasa amuyañataki.Jichhaxa jiwasana resources carpeta uñakipt’añäni.Qalltañatakixa nayraqata amuyt’añäni kunsa aka carpeta ukan jikxatañ suyktanxa. Jiwasana aplicacionasaxa JWT , Logback ukampi chikt’ata ukampi wakicht’añasawa ukatxa tukuyañatakixa, kuna habas lurañasatakixa mä juk’a sañasawa.Ukanxa juk’ampi sapuru archivo uñakipt’añäni. Uka beans.xml ukax META-INF ukan jikxatasi:

 <beans xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/beans_1_1.xsd" xmlns:weld="http://jboss.org/schema/weld/beans" bean-discovery-mode="all"> <weld:scan> <weld:exclude name="org.jesperancinha.fintech.model.Accounts"/> </weld:scan> </beans>

Akax mä típico ukhamakiwa ukat kunjamtix jichhax amuyapkta ukhama, mä juk’a nayra archivo. Aka pachanx amuyt’awix KumuluzEE ukar t’ijtayañakiw. Jiwasax mä acción exclusión ukaniwa. Ukax Weld ukarux Cuentas de clase ukar jan amuyt’añapatakiw säna, acción de habas ukar escaneo ukanxa. Ukax wali askiw kunatix implementación ukampiw apnaqasktan ukampixa, Weld ukax básicamente sapa clase ukarux mä ch’usat constructor ukamp mä haba ukham uñjani. Qhipharux uñjañäni kunats Cuentas ukanakax mä habas ukham uñjatäñap jan munktanti. Jichha pachatakix amtañaniw mayiwinak lurasktanxa Alcance de Request ukanxa. Ukax logico ukhamawa kunatix sapa mayiwix yaqha apnaqiriw utjaspa.Jichhax kunjams " logback " ukax phuqhasi uk uñjañäni. Ukhamaraki META-INF ukan jikxatasi :

 <configuration> <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> <encoder> <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern> </encoder> </appender> <root level="INFO"> <appender-ref ref="STDOUT"/> </root> </configuration>

Akax jiwasan logs ukanakatakix mä configuración wali chiqapawa .Qhiparusti, inas jiwasan aplicación ukan juk’amp wakiskir archivox utjchispa. Akax config-plantilla ukawa. Aka chiqanx wali askiw yatiñax yaqhip archivonakax aka proyecton lurat ukanakax mä plantilla estructura ukan chikanchatawa. Uka toqetjja, qhepatwa jukʼamp qhanañchtʼä. Aka plantilla qillqatax mä config.yml qillqatar tukuyañapawa ukax MicroProfile ukan uñakipatawa. Aka qillqatax yänakan saphipankiwa:

 kumuluzee: name: your-financeje-banking version: 1.0.0 jwt-auth: public-key: {{ publicKey }} issuer: {{ issuer }} healthy: true

Taqi uka propiedades ukanakax chiqpachapunix kamsañs muni ukxa qhipat uñjañäni. Taqe ukanakajj jupanak pachpaw qhanañchapjje. publicKey ukat emisor ukax taqpach parámetros ukawa ukax mayjt’ayatarakiniwa. Uka toqet qhepat yatjjatañäni. Jiwasan bash scripts ukanakax mayjt’ayatäñapatakiw yanapt’ani.Niya codificación ukar sarañatakix wakicht’atäxtanwa, ukampis nayraqatax JWT token ukan estructurap uñakipt’añäni.

6. Amparampi lurata codigo

Jiwasan wali jisk’a aplicación lurañäni. Aka t’aqax kunjams JWT ukamp irnaqañapatak solicitud ukar puriysna uk qhanañcht’añäni. Kuntix uñjañ munktan ukax mä qawqha REST lurawinakasar mantañatakix apnaqirinakaruw uñt’ayañasa, janiw yaqhanakar mantañatakikiti.Mä thakhix aka código uñakipañ qalltañatakix nayraqatax jiwasan sanu JWT token ukar uñakipañawa. Akax jiwasan admin uñacht’äwisawa:

 { "iss": "joaofilipesabinoesperancinha", "jti": "01MASTERFINANCE", "sub": "admin", "aud": "nature", "upn": "admin", "groups": [ "user", "admin", "client", "credit" ], "user_id": 1, "access": "TOP", "name": "Admin" }

Jiwasan JSON ukanx sapa mayniw uka sutinakax reclamaciones ukham uñt’ata. Jiwasan uñacht’äwisanx mä qawqha Reservado ukan arsutanakap uñjtanxa:

" iss " — Akax token ukan apsutapawa. Ukatakix mä valoraniw arbitrariamente ajlliraksna. Aka parámetro ukan chimpunakapax variable emisor ukampiw chikancht’asiñapa, ukax config.yml ukan mayjt’ayañatakiw nayraqat uñjata.
" jti " — Akax mä sapa uñt’ayawiwa. Jiwasax sañani aka arsuwimp apnaqaraksnawa mä token jan pä kuti jan ukax juk’amp kuti apnaqañapataki.
" sub " — Akax token ukan temapawa. Ukax apnaqiris jan ukax kunayman munañanakas utjaspawa. Wali askiw amtañaxa, akax mä identificador, llave, sutinchaña, jan ukax kunayman munañanakas ukhamarakiw apnaqasispa.
" upn " — Usuario principal suti. Ukax apnaqirix apnaqir principal ukar uñt’ayañatakiw apnaqasi.
" groups " — Akax mä matriz ukawa, kuna tamas jichha apnaqirix utji. Esencial ukax kuntix mä mayiwix aka token ukampix luraspa ukx amtañapawa. Jiwasan token ukanx, ukatx mä qawqha Custom reclamaciones ukanakaw uñjasi. Ukax kunjamatix Reservado ukan arsutanakapax ukhamarakiw apnaqaraksna
" user_id " — Jiwasax aka apnaqañ id ukar uñt’ayañatakiw apnaqañäni.
" access " — Jiwasax apnaqirin nivel de acceso ukar uñt’ayañäni.
" name " — Uka apnaqirin sutipa.

7. Amparampi lurata codigo

Kuntï jichhakam yatktan ukanak mä recapitular lurañäni. Jiwasax yattanwa mä estructura amtawayktan ukampiw tokens ukanakamp aruskipt’añäni. Ukhamaraki, jiwasana apnaqawisan configuración, logback configuración ukat tukuyañatakix, empresan habas uñakipañatakix mä configuración personalizada ukaw utt’ayata.Modelo de paquete ukar uñakipt’añäni. Aka chiqanx 3 clase ukanakaw jikxatasi. Aka clasenakax básicamente mä agregación de cuentas ukat representación client ukat account ukanakan uñacht'ayañakiw . Ukhamat qalltañasawa kotlin archivo Model.kt uñakipt’asa kawkhantix Client ukax utjki:

 data class Client constructor( @JsonProperty var name: String ?= null )

Aka nayrïr clase modelo ukax jiwasan cliente ukan representación ukawa. Jiwasan client jiwasatakix mä sutikiw utji. Akax " jwt " atributo sutimp uñacht'ayatawa.Ukhamaraki, Account :

 data class Account( @JsonProperty val accountNumber: String?, @JsonProperty val client: Client? = null, @JsonProperty var currentValue: BigDecimal = BigDecimal.ZERO, @JsonProperty var creditValue: BigDecimal = BigDecimal.ZERO ) { fun addCurrentValue(value: Long) = Account( accountNumber, client, currentValue .add(BigDecimal.valueOf(value)), creditValue ) fun addCreditValue(value: Long): Account = Account( accountNumber, client, currentValue, currentValue .add(BigDecimal.valueOf(value)) ) }

Aka clasenxa, jiwasax chiqpachanx mä accountNumber, mä cliente, mä currentValue ukat qhipharux mä creditValue ukham utt’ayapxtanxa. Uñakipt’añatakix taqi valores ukanakax 0. Jiwasax BigDecimal uka apnaqaraktanwa, q’uma kunatix qullqimp apasiñax utjistu. Qullqix chiqapawa ukatx janiw sistema round-ups jan ukax round-downs ukanakax t’aqhisiykaspati. Ukaxa sañ muniwa mä arunxa ukhamaraki mä uñacht’awi ukhama mä jakhüwi ukhama 0. 0000000000000000000000000000000000000000000000000001 Euros ukaxa uka jakhüwixa taqi pachana qhiparañapawa. Ukhamaraki, jiwasan cuentasarux valores ukanakamp yapxatañ munapxta. Akax kawkhantix addCurrentValue uka thakhix utjki ukawa. Uka pachpa amuyunak laykux, jiwasan crédito addCreditValue ukampiw phuqt’ayatarakini .Qhiparusti, qhipa chiqanw jiwasan datos ukan utt’ayat ukanx Accounts de clase ukar puripxta :

 open class Accounts constructor( open val accountMap: MutableMap<String, Account> = mutableMapOf() )

Akax chiqpachanx taqi cuentanakasan mä agregador ukhamakiwa. Mapa ukan utjki ukanak apnaqañäni, mä base de datos ukan sarnaqawip uñtasit lurañataki.Jichhax paquete de controlador ukar uñakipt’añäni. Akax kawkhantix jiwasan aplicación ukax modelo de datos ukampiw apnaqasi. Nayraqatxa, BankApplication uka clase uñakipt’añäni :

 @LoginConfig(authMethod = "MP-JWT") @ApplicationPath("/") @DeclareRoles("admin", "creditor", "client", "user") class BankApplication : Application()

Ukampixa, 3 wakiskir arunakwa parlasktanxa. LoginConfig anotación ukampixa, MicroProfile ukarjamaxa JWT tokens ukanaka apnaqañataki ukhamaraki amuyañatakixa qhananchatawa. ApplicationPath ukax aplikasiyun saphip uñt’ayi. Akax kawkhantix URL ukax aplicación ukan qalltasini. Jiwasan uñacht’awisanx HTTP://localhost:8080 ukaw utjani. Tukuyañatakix DeclareRoles ukax kuna lurawinakas apnaqasini ukat jiwasan mayiwisan katuqatäni ukanak qhanañchi. Roles ukatxa Grupos ukaxa términos intercambiables ukawa aka situación ukanxa.Inyección ukaxa suma irnaqañapatakixa, mä anotación específica lurapxta, ukaxa mapa de cuenta uñt’ayañataki:

 annotation class AccountsProduct

Pantalla phuqhata modalidad ukar mantaña Pantalla phuqhata modalidad ukar mantaña

Ukxarusti, mä caché objeto fabrica AccountsFactory luraña:

 class AccountsFactory : Serializable { @Produces @AccountsProduct @ApplicationScoped fun accounts(): Accounts = Accounts(mutableMapOf()) companion object { @Throws(JsonProcessingException::class) fun createResponse( currentAccount: Account, name: JsonString, accounts: Accounts, log: Logger, objectMapper: ObjectMapper, principal: Principal?, jsonWebToken: JsonWebToken? ): Response { val jsonObject = Json.createObjectBuilder() .add("balance", currentAccount.currentValue) .add("client", name) .build() accounts.accountMap[name.string] = currentAccount log.info("Principal: {}", objectMapper.writeValueAsString(principal)) log.info("JSonWebToken: {}", objectMapper.writeValueAsString(jsonWebToken)) return Response.ok(jsonObject) .build() } } }

Aka fabricax kunatsa Accounts ukanakatakix específicamente uñakipañax jan ch’amanchatäki ukawa. Uñakipt’aña lurawixa mä haba lurañataki jaytañat sipansa, jiwasa pachpawa instancia agregador ukaxa lurapxta. Anotación Produce uka apnaqañaxa, jawasa lurañatakixa yanapt’istu. Jiwasan anotación costumbre, AccountsProduct uka apnaqasa, aka habas apnaqañax juk’amp específicas ukham lurapxta. Tukuyañatakix ApplicationScoped apnaqasa, ukax Application alcancepjamaw uñt’ayasi. Mä arunxa, cuenta agregación bean ukax mä singleton objeto ukhamaw aplikacionanx sarnaqani." createResponse " ukax mä genérico thakhikiwa JSON jaysawinak lurañataki.Kunatix jichhax munaski ukax pä "Recursos" ukawa. Ukax chiqpachanx " Controllers " Primavera ukan pachpakiwa. Yaqha sutiwa, ukampis chiqpachapuniw pachpa AccountsResource clase uñakipt’añäni:

 @Path("accounts") @RequestScoped @Produces(MediaType.APPLICATION_JSON) open class AccountResource { @Inject @AccountsProduct open var accounts: Accounts? = null @Inject open var principal: Principal? = null @Inject open var jsonWebToken: JsonWebToken? = null @Inject @Claim("access") open var access: JsonString? = null @Claim("iat") @Inject open var iat: JsonNumber? = null @Inject @Claim("name") open var name: JsonString? = null @Inject @Claim("user_id") open var userId: JsonNumber? = null @POST @RolesAllowed("admin", "client", "credit") @Throws(JsonProcessingException::class) open fun createAccount(): Response = createResponse( requireNotNull(accounts).accountMap[requireNotNull(name).string] ?: Account( client = Client(name = requireNotNull(name).string), accountNumber = UUID.randomUUID().toString() ) ) @POST @RolesAllowed("admin", "user") @Path("user") @Throws(JsonProcessingException::class) open fun createUser(): Response { return createResponse( requireNotNull(accounts).accountMap[requireNotNull(name).string] ?: Account( client = Client(name = requireNotNull(name).string), accountNumber = UUID.randomUUID().toString() ) ) } @GET @RolesAllowed("admin", "client") @Throws(JsonProcessingException::class) open fun getAccount(): Response? { return createResponse( requireNotNull(accounts).accountMap[requireNotNull(name).string] ?: return Response.serverError() .build() ) } @PUT @RolesAllowed("admin", "client") @Consumes(MediaType.APPLICATION_JSON) @Throws( JsonProcessingException::class ) open fun cashIn(transactionBody: TransactionBody): Response? { val userAccount = requireNotNull(accounts).accountMap[requireNotNull(name).string] ?: return Response.serverError() .build() val currentAccount = userAccount.addCurrentValue(transactionBody.saldo?: 0) requireNotNull(accounts).accountMap[requireNotNull(name).string] = currentAccount return createResponse(currentAccount) } @GET @Path("all") @Produces(MediaType.APPLICATION_JSON) @Throws( JsonProcessingException::class ) open fun getAll(): Response? { val allAccounts = ArrayList( requireNotNull(accounts).accountMap .values ) logger.info("Principal: {}", objectMapper.writeValueAsString(principal)) logger.info("JSonWebToken: {}", objectMapper.writeValueAsString(jsonWebToken)) return Response.ok(allAccounts) .build() } @GET @Path("summary") @Throws(JsonProcessingException::class) open fun getSummary(): Response? { val totalCredit = requireNotNull(accounts).accountMap .values .map(Account::currentValue) .stream() .reduce { result, u -> result.add(u) } .orElse(BigDecimal.ZERO) val jsonObject = Json.createObjectBuilder() .add("totalCurrent", totalCredit) .add("client", "Mother Nature Dream Team") .build() logger.info("Summary") logger.info("Principal: {}", objectMapper.writeValueAsString(principal)) logger.info("JSonWebToken: {}", objectMapper.writeValueAsString(jsonWebToken)) return Response.ok(jsonObject) .build() } @GET @RolesAllowed("admin", "client") @Path("jwt") open fun getJWT(): Response? { val jsonObject = Json.createObjectBuilder() .add("jwt", requireNotNull(jsonWebToken).rawToken) .add("userId", requireNotNull(userId).doubleValue()) .add("access", requireNotNull(access).string) .add("iat", requireNotNull(iat).doubleValue()) .build() return Response.ok(jsonObject) .build() } @Throws(JsonProcessingException::class) private fun createResponse(currentAccount: Account): Response = AccountsFactory.createResponse( currentAccount, requireNotNull(name), requireNotNull(accounts), logger, objectMapper, principal, jsonWebToken ) companion object { val objectMapper: ObjectMapper = ObjectMapper() val logger: Logger = LoggerFactory.getLogger(AccountResource::class.java) } }

Mä juk’a pachax aka clase ukar juk’amp uñakipt’añamawa. Path anotación ukax kunjams aka yänak saphitpach puriñax uk qhanañchi. Amtañani, jiwasax "/" saphirjam apnaqasktanwa. Ukhamächi ukhaxa, "cuentas" ukax jiwasan saphin mantañ chiqawa aka yänakataki. Taqi jiwasan recursos ukanakax, jiwasanakanx päkiw alcance RequestResource ukamp apnaqapxi. Anotación ukampixa Produces ukaxa amtiwa taqi jaysawinakaxa taqi mayiwinakaruxa kunaymana kasta jani ukaxa JSON formato ukana yatiyawinakaparu uñtasitawa.Jiwasana aggregator ukarux inyectañatakix ukakipkarakiw anotación Inject ukampi AccountsProduct anotación ukampi chikt ata apnaqapxta:

 @Inject @AccountsProduct open var accounts: Accounts? = null

Ukax kuntix fabrican qhanañchapkta ukampiw chikanchasi.Ukhamaraki, pä wakiskir elementos de seguridad ukanakaruw inyectapxarakta. Mä principal ukat jsonWebToken :

 @Inject open var principal: Principal? = null @Inject open var jsonWebToken: JsonWebToken? = null

JsonWebToken ukat Principal ukax pachpakïniwa, ukat ukax jiwasan registronakasan uñjañäni.Jiwasan yänakasanx, sapa kutiw mä mayiwit mä token ukamp reclamaciones inyectassna:

 @Inject @Claim("name") open var name: JsonString? = null @Inject @Claim("user_id") open var userId: JsonNumber? = null

Ukax Inject ukat Claim uka anotaciones ukanakamp chikt’ataw phuqhasi. Anotación Claim ukar uñt’ayat sutix kawkir reclamación ukar inyectañ munktan uk qhanañchi. Jiwasax kuna kastampiw parámetros ukanakas uñt’ayañasa, ukax wali amuyumpiw uñjañasa. Jiwasan uñacht’awisanxa,r JsonString ukat JsonNumber uka kastanakakiw munasispa.Nayraqatax kunjams cuentas ukat usuarios ukanakax lurasiski uk uñakipt’añäni:

 @POST @RolesAllowed("admin", "client", "credit") @Throws(JsonProcessingException::class) open fun createAccount(): Response = createResponse( requireNotNull(accounts).accountMap[requireNotNull(name).string] ?: Account( client = Client(name = requireNotNull(name).string), accountNumber = UUID.randomUUID().toString() ) ) @POST @RolesAllowed("admin", "user") @Path("user") @Throws(JsonProcessingException::class) open fun createUser(): Response { return createResponse( requireNotNull(accounts).accountMap[requireNotNull(name).string] ?: Account( client = Client(name = requireNotNull(name).string), accountNumber = UUID.randomUUID().toString() ) ) }

Cuentas ukatxa apnaqirinaka luraña

Aka chiqanx amtawix thakhinak jaljañ yatiñawa, ukat kunayman permisonak churañawa. Jiwasan uñacht’awisanx panpachaniw mä cuenta lurapxi, ukampis wali askiw amuyañaxa, rols usuario ukan apnaqirinakakiw createUser uka thakhi apnaqapxaspa. Ukhamaraki, cliente ukatxa crédito uka lurawinakampi apnaqirinakakiw createAccount uka thakhirux mantapxaspa.Jichhax aka yän PUT mayiwi thakhiparjam sum uñakipt’añäni:

 @PUT @RolesAllowed("admin", "client") @Consumes(MediaType.APPLICATION_JSON) @Throws( JsonProcessingException::class ) open fun cashIn(transactionBody: TransactionBody): Response? { val userAccount = requireNotNull(accounts).accountMap[requireNotNull(name).string] ?: return Response.serverError() .build() val currentAccount = userAccount.addCurrentValue(transactionBody.saldo?: 0) requireNotNull(accounts).accountMap[requireNotNull(name).string] = currentAccount return createResponse(currentAccount) }

Cashing In ukax mä juk’a pachanakanwa

Jiwasax yattanwa anotación PUT ukax uñacht’ayiwa aka lurawix PUT tipo mayiwinakampikiw puriñjama. Ukatx Anotación Thakhix Jetty-rux uka thakhix mä valoraniw sasaw yatiyaraki. Ukax PathParam ukham uñt'atarakiwa. Tukuyañatakix, jiwasax qhanañcht’araksnawa aka lurawix apnaqañapatakix jaysatawa rols admin jan ukax cliente ukampi. Ukatxa, mantawi chimpuxa PathParam uka apnaqawimpiwa jiwasana Larga valor variable ukarux pasawayxi.Jiwasaxa jani kuna lurawinaksa qhananchkstanxa, ukatxa kawkiri apnaqirixa chiqapa token ukampixa uka lurawinakaruxa mantañapawa.CreditResource CreditResource pachpa lurawimpiwa phuqhatarakini phurma:

 @Path("credit") @RequestScoped @Produces(MediaType.APPLICATION_JSON) open class CreditResource { @Inject @AccountsProduct open var accounts: Accounts? = null @Inject open var principal: Principal? = null @Inject open var jsonWebToken: JsonWebToken? = null @Inject @Claim("access") open var access: JsonString? = null @Inject @Claim("iat") open var iat: JsonNumber? = null @Inject @Claim("name") open var name: JsonString? = null @Inject @Claim("user_id") open var userId: JsonNumber? = null @GET @RolesAllowed("admin", "credit") @Throws(JsonProcessingException::class) open fun getAccount(): Response = requireNotNull(accounts).let { accounts -> createResponse( accounts.accountMap[requireNotNull(name).string] ?: return Response.serverError().build() ) } @PUT @RolesAllowed("admin", "credit") @Consumes(MediaType.APPLICATION_JSON) @Throws( JsonProcessingException::class ) open fun cashIn(transactionBody: TransactionBody) = requireNotNull(accounts).let { accounts -> requireNotNull(name).let { name -> accounts.accountMap[name.string] = (accounts.accountMap[name.string] ?: return Response.serverError() .build()).addCreditValue(transactionBody.saldo?: 0L) createResponse( (accounts.accountMap[name.string] ?: return Response.serverError() .build()).addCreditValue(transactionBody.saldo?: 0L) ) } } @GET @Path("all") @Produces(MediaType.APPLICATION_JSON) @Throws( JsonProcessingException::class ) open fun getAll(): Response? { val allAccounts = ArrayList( requireNotNull(accounts).accountMap .values ) logger.info("Principal: {}", objectMapper.writeValueAsString(principal)) logger.info("JSonWebToken: {}", objectMapper.writeValueAsString(jsonWebToken)) return Response.ok(allAccounts) .build() } @GET @Path("summary") @Produces(MediaType.APPLICATION_JSON) @Throws( JsonProcessingException::class ) open fun getSummary(): Response? { val totalCredit = requireNotNull(accounts).accountMap .values .map(Account::creditValue) .stream() .reduce { total, v -> total.add(v) } .orElse(BigDecimal.ZERO) val jsonObject = Json.createObjectBuilder() .add("totalCredit", totalCredit) .add("client", "Mother Nature Dream Team") .build() logger.info("Summary") logger.info("Principal: {}", objectMapper.writeValueAsString(principal)) logger.info("JSonWebToken: {}", objectMapper.writeValueAsString(jsonWebToken)) return Response.ok(jsonObject) .build() } @GET @RolesAllowed("admin", "client") @Path("jwt") open fun getJWT(): Response? { val jsonObject = Json.createObjectBuilder() .add("jwt", requireNotNull(jsonWebToken).rawToken) .add("userId", requireNotNull(userId).doubleValue()) .add("access", requireNotNull(access).string) .add("iat", requireNotNull(iat).doubleValue()) .build() return Response.ok(jsonObject) .build() } @Throws(JsonProcessingException::class) private fun createResponse(currentAccount: Account): Response { return AccountsFactory.createResponse( currentAccount, requireNotNull(name), requireNotNull(accounts), logger, objectMapper, principal, jsonWebToken ) } companion object { val objectMapper: ObjectMapper = ObjectMapper() val logger: Logger = LoggerFactory.getLogger(CreditResource::class.java) } }

Ukax mayj mayjawa, rols admin ukat client ukanak apnaqañat sipansa jichhax admin ukat credit rols ukanak apnaqapxta. Ukhamaraki, uñjañamawa, apnaqirinakan cuentanakapax janipuniw aka resource ukan luratäkaniti . Ukax cuentan resource uka tuqikiw lurasispa .Jichhax kunjams código ukax phuqhasi uk yattanxa nayraqatax kawkir thakhinaks REST servicio ukan lurapxta uk wasitat uñakipt’añäni.

8. Aplicación apnaqaña

Uka lista uñakipt’añäni, kuna servicios ukanakas apnaqasiski:

9. Yant’awi pacha luraña

Nayax mä bash archiw saphi carpeta ukan lurawayta. Aka qillqataxa "setupCertificates.sh" satawa. Kuns luraski uk amuyt’añatakix uñakipt’añäni:

 #!/bin/bash mkdir -p your-finance-files cd your-finance-files || exit openssl genrsa -out baseKey.pem openssl pkcs8 -topk8 -inform PEM -in baseKey.pem -out privateKey.pem -nocrypt openssl rsa -in baseKey.pem -pubout -outform PEM -out publicKey.pem echo -e '\033[1;32mFirst test\033[0m' java -jar ../your-finance-jwt-generator/target/your-finance-jwt-generator.jar \ -p ../jwt-plain-tokens/jwt-token-admin.json \ -key ../your-finance-files/privateKey.pem >> token.jwt CERT_PUBLIC_KEY=$(cat ../your-finance-files/publicKey.pem) CERT_ISSUER="joaofilipesabinoesperancinha" echo -e "\e[96mGenerated public key: \e[0m $CERT_PUBLIC_KEY" echo -e "\e[96mIssued by: \e[0m $CERT_ISSUER" echo -e "\e[96mYour token is: \e[0m $(cat token.jwt)" cp ../your-financeje-banking/src/main/resources/config-template ../your-financeje-banking/src/main/resources/config_copy.yml CERT_CLEAN0=${CERT_PUBLIC_KEY//"/"/"\/"} CERT_CLEAN1=${CERT_CLEAN0//$'\r\n'/} CERT_CLEAN2=${CERT_CLEAN1//$'\n'/} CERT_CLEAN3=$(echo "$CERT_CLEAN2" | awk '{gsub("-----BEGIN PUBLIC KEY-----",""); print}') CERT_CLEAN4=$(echo "$CERT_CLEAN3" | awk '{gsub("-----END PUBLIC KEY-----",""); print}') CERT_CLEAN=${CERT_CLEAN4//$' '/} echo -e "\e[96mCertificate cleanup: \e[0m ${CERT_CLEAN/$'\n'/}" sed "s/{{ publicKey }}/$CERT_CLEAN/g" ../your-financeje-banking/src/main/resources/config_copy.yml > ../your-financeje-banking/src/main/resources/config_cert.yml sed "s/{{ issuer }}/$CERT_ISSUER/g" ../your-financeje-banking/src/main/resources/config_cert.yml > ../your-financeje-banking/src/main/resources/config.yml rm ../your-financeje-banking/src/main/resources/config_cert.yml rm ../your-financeje-banking/src/main/resources/config_copy.yml echo -e "\e[93mSecurity elements completely generated!\e[0m" echo -e "\e[93mGenerating tokens...\e[0m" TOKEN_FOLDER=jwt-tokens mkdir -p ${TOKEN_FOLDER} # CREATE_ACCOUNT_FILE=createAccount.sh CREATE_USER_FILE=createUser.sh SEND_MONEY_FILE=sendMoney.sh ASK_CREDIT_FILE=askCredit.sh TOKEN_NAME_VALUE=tokenNameValue.csv echo "#!/usr/bin/env bash" > ${CREATE_ACCOUNT_FILE} chmod +x ${CREATE_ACCOUNT_FILE} echo "#!/usr/bin/env bash" > ${CREATE_USER_FILE} chmod +x ${CREATE_USER_FILE} echo "#!/usr/bin/env bash" > ${SEND_MONEY_FILE} chmod +x ${SEND_MONEY_FILE} echo "#!/usr/bin/env bash" > ${ASK_CREDIT_FILE} chmod +x ${ASK_CREDIT_FILE} for item in ../jwt-plain-tokens/jwt-token*.json; do if [[ -f "$item" ]]; then filename=${item##*/} per_token=${filename/jwt-token-/} token_name=${per_token/.json/} cp "${item}" jwt-token.json java -jar ../your-finance-jwt-generator/target/your-finance-jwt-generator.jar \ -p jwt-token.json \ -key ../your-finance-files/privateKey.pem > token.jwt cp token.jwt ${TOKEN_FOLDER}/token-"${token_name}".jwt token=$(cat token.jwt) echo "# Create account: ""${token_name}" >> ${CREATE_ACCOUNT_FILE} echo "echo -e \"\e[93mCreating account \e[96m${token_name}\e[0m\"" >> ${CREATE_ACCOUNT_FILE} echo curl -i -H"'Authorization: Bearer ""${token}""'" http://localhost:8080/accounts -X POST >> ${CREATE_ACCOUNT_FILE} echo "echo -e \"\e[93m\n---\e[0m\"" >> ${CREATE_ACCOUNT_FILE} echo "# Create user: ""${token_name}" >> ${CREATE_USER_FILE} echo "echo -e \"\e[93mCreating user \e[96m${token_name}\e[0m\"" >> ${CREATE_USER_FILE} echo curl -i -H"'Authorization: Bearer ""${token}""'" http://localhost:8080/accounts/user -X POST >> ${CREATE_USER_FILE} echo "echo -e \"\e[93m\n---\e[0m\"" >> ${CREATE_USER_FILE} echo "# Send money to: "${token_name} >> ${SEND_MONEY_FILE} echo "echo -e \"\e[93mSending money to \e[96m${token_name}\e[0m\"" >> ${SEND_MONEY_FILE} echo curl -i -H"'Content-Type: application/json'" -H"'Authorization: Bearer ""${token}""'" http://localhost:8080/accounts -X PUT -d "'{ \"saldo\": "$((1 + RANDOM % 500))"}'" >> ${SEND_MONEY_FILE} echo "echo -e \"\e[93m\n---\e[0m\"" >> ${SEND_MONEY_FILE} echo "# Asking money credit to: "${token_name} >> ${ASK_CREDIT_FILE} echo "echo -e \"\e[93mAsking credit from \e[96m${token_name}\e[0m\"" >> ${ASK_CREDIT_FILE} echo curl -i -H"'Content-Type: application/json'" -H"'Authorization: Bearer ""${token}""'" http://localhost:8080/credit -X PUT -d "'{ \"saldo\": "$((1 + RANDOM % 500))"}'">> ${ASK_CREDIT_FILE} echo "echo -e \"\e[93m\n---\e[0m\"" >> ${ASK_CREDIT_FILE} echo "${token_name},${token}" >> ${TOKEN_NAME_VALUE} fi done

Pachamaman utjirinaka generación

Mä juk’a arktañamawa, kunjamatix nayax qhanañcht’kta kuntix luraski ukhama. Ukajj wali wakiskiriwa, ukhamat kuntï luraski uk sum amuyañataki. Nayraqatax llaves privadas ukat públicas ukanakaw formato PEM ukan lurasi. Ukatx clave privada ukax jiwasan apnaqañjam "your-finance-jwt-generator.jar" ukampiw apnaqapxta. Akax jiwasan runnable jar ukawa ukax tokens ukanakan jank’ak lurañ yanapt’i. Uka emisorax janiw qhipat mayjt’ayatäkaspati. Tukuyañatakix mä token uñstayi. Kunjamsa aka token liytʼsna uk qhepat uñjañäni. Aka token ukax 3 extra Header reclamaciones ukaniwa. Ukanakax "kid", "typ", ukat "alg" ukanakawa. Ukax aka formato ukarjamawa:

 { "kid": "jwt.key", "typ": "JWT", "alg": "RS256" }

JWT ukan p’iqinchawipa

Uka arsutanakat jukʼamp sum uñakiptʼañäni:

"kid" — Mä pista reclamación ukhamaw irnaqäna. Ukax kawkir kasta algoritmo apnaqasktan uk uñacht’ayi.
"typ" — Ukax IANA medios de comunicación ukan kastanak uñt'ayañatakiw apnaqasi. Kimsa amtawinakaw utji JWT (JSON Web token), JWE (JSON Web Encryption), ukat JWA (JSON Web Algorithms). Aka kastax janiw jiwasan yant’awisatakix wakiskirïkiti. Jiwasan token ukax janiw chiqpachans sum encriptado ukhamäkiti ukat chiqpachans descifrar ukax jasakiwa. Ukhamaraki uñjañäni, fichas descifrar yasksnasa, janiw ukhama jasaki tamper the to perform other actions.
"alg" — Akax kunjams firma kasta apnaqañ munktan uk qhanañcht’apxtanxa. Firma ukax mä operación criptográfica ukhamaw uñjasispa, ukax token original ukax janiw mayjt’ayatakiti ukat atinisiñapawa. Jiwasanakanxa, RS256 ukax yaqha uñt’atawa RSA Signature ukampi SHA-256 ukampi.

Jiwasan clave pública ukampixa, qhipharux plantilla ukar mayjt’ayañatakiw apnaqaraksna. Machaq config.yml qillqatax akham uñtañapawa:

 kumuluzee: name: your-financeje-banking version: 1.0.0 jwt-auth: public-key: FAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKE.FAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETO.FAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKEN issuer: joaofilipesabinoesperancinha healthy: true

config.yml ukax mä juk’a pachanakanwa

Payïri lurawixa pusi qillqatanaka lurañawa. Sapa mayni plain token ukatakix directorio " jwt-plain-tokens " ukatakix pusi kamachinak lurañäni. Nayrïr kamachix apnaqirinaka lurañawa, jupanakax cuentanakapamp sum lurapxaspa. Akax perfiles " admin ", " client ", ukat " credit " ukan apnaqirinakawa. " createAccount.sh " qillqat apnaqañäni, jupanakar lurañataki. Payïr kamachix mayni apnaqirinakaruw uñstayani, jupanakax janiw kuna derechonïpkiti. Akax "createUser.sh" qillqatawa. Uk tʼijtjjañäni. Jichhax uñjañäni, taqi apnaqirinakax qhipharux luratäxiwa. Jichhaxa lurawinakatxa juk’ampi uñakipt’añäni ukatxa qhipa pä kamachi uñakipt’añäni. Maynix "cashin" ukat maynix juk'amp crédito mayiñatakiwa. Nayrïr lurat qillqatax "sendMoney.sh" bash script ukawa. Aka chiqanx taqi mayiwinak " cashin " ukar jikxatsna. Aka qillqatanx mä curl mayiwiw jikxatasi, qullqix aleatorio qullqinak apnaqirinakar apayaniñataki, sapa apnaqiritaki. Uka admin tuqit uñakipt’añäni:

 #!/usr/bin/env bash # Send money to: admin echo -e "\e[93mSending money to \e[96madmin\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer= FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 125}' echo -e "\e[93m\n---\e[0m" # Send money to: cindy echo -e "\e[93mSending money to \e[96mcindy\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 360}' echo -e "\e[93m\n---\e[0m" # Send money to: faustina echo -e "\e[93mSending money to \e[96mfaustina\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 50}' echo -e "\e[93m\n---\e[0m" # Send money to: jack echo -e "\e[93mSending money to \e[96mjack\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 205}' echo -e "\e[93m\n---\e[0m" # Send money to: jitska echo -e "\e[93mSending money to \e[96mjitska\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 332}' echo -e "\e[93m\n---\e[0m" # Send money to: judy echo -e "\e[93mSending money to \e[96mjudy\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 295}' echo -e "\e[93m\n---\e[0m" # Send money to: lucy echo -e "\e[93mSending money to \e[96mlucy\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 160}' echo -e "\e[93m\n---\e[0m" # Send money to: malory echo -e "\e[93mSending money to \e[96mmalory\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 413}' echo -e "\e[93m\n---\e[0m" # Send money to: mara echo -e "\e[93mSending money to \e[96mmara\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 464}' echo -e "\e[93m\n---\e[0m" # Send money to: namita echo -e "\e[93mSending money to \e[96mnamita\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 51}' echo -e "\e[93m\n---\e[0m" # Send money to: pietro echo -e "\e[93mSending money to \e[96mpietro\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 491}' echo -e "\e[93m\n---\e[0m" # Send money to: rachelle echo -e "\e[93mSending money to \e[96mrachelle\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 474}' echo -e "\e[93m\n---\e[0m" # Send money to: sandra echo -e "\e[93mSending money to \e[96msandra\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 417}' echo -e "\e[93m\n---\e[0m" # Send money to: shikka echo -e "\e[93mSending money to \e[96mshikka\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/accounts -X PUT -d '{ "saldo": 64}' echo -e "\e[93m\n---\e[0m"

sendMoney.sh ukax mä juk’a pachanakanwa

Pachpa apnaqirinakax crédito mayiwinakapax jupanakarux churatarakiwa:

 #!/usr/bin/env bash # Asking money credit to: admin echo -e "\e[93mAsking credit from \e[96madmin\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 137}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: cindy echo -e "\e[93mAsking credit from \e[96mcindy\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 117}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: faustina echo -e "\e[93mAsking credit from \e[96mfaustina\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 217}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: jack echo -e "\e[93mAsking credit from \e[96mjack\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 291}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: jitska echo -e "\e[93mAsking credit from \e[96mjitska\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 184}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: judy echo -e "\e[93mAsking credit from \e[96mjudy\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 388}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: lucy echo -e "\e[93mAsking credit from \e[96mlucy\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 219}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: malory echo -e "\e[93mAsking credit from \e[96mmalory\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 66}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: mara echo -e "\e[93mAsking credit from \e[96mmara\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 441}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: namita echo -e "\e[93mAsking credit from \e[96mnamita\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 358}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: pietro echo -e "\e[93mAsking credit from \e[96mpietro\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 432}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: rachelle echo -e "\e[93mAsking credit from \e[96mrachelle\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 485}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: sandra echo -e "\e[93mAsking credit from \e[96msandra\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 500}' echo -e "\e[93m\n---\e[0m" # Asking money credit to: shikka echo -e "\e[93mAsking credit from \e[96mshikka\e[0m" curl -i -H'Content-Type: application/json' -H'Authorization: Bearer FAKE.FAKE.FAKE' http://localhost:8080/credit -X PUT -d '{ "saldo": 89}' echo -e "\e[93m\n---\e[0m"

askCredit.sh ukax mä juk’a pachanakanwa

Taqi jiwasan characters Liga de Nature ukankapxiwa . Esencial ukhama mä qawqha jaqinakawa aka sistema bancario ukankapxañapataki. Uka tuqinx jupanakax pachamamaruw arxatapxi. Janiw chiqpachans qillqatatakix wakiskiti kuntix aka tama jaqinakax lurapki jan ukax kawkhans sarnaqäwinx uñt’ayasipxi, jan ukasti contexto ukatakix, jupanakax lurawinakanw chikanchasipxi pachamamaru arxatañataki ukhamarak pacha mayjt’awinakan jan walt’awinakapar juk’amp juk’ampi . Yaqhip characters taqi kuns lurapxaspawa, yaqhipanakax janiw kuns lurapkaspati ukat yaqhipanakax "cashin" jan ukax "crédito mayiñaki" ukhamakiw lurapxaspa. Ukat amuytʼasiraki, sensitivo yatiyäwinak chʼamaktʼayaskta. Aka tokens normalmente janiw uñt’ayatäñapäkiti jan ukax URL particular ukan uñjatäñapäkiti. Jupanakax jïsa sapa kutiw consola desarrolladora de navegador tuqix utji ukampis kunjamakitix yaqhip mayiwinak lurat protect . Aka amuyunakax "seguridad-por-obscurity" ukham uñt'atawa and técnicamente ukax janiw jark'kiti apnaqirirux token apnaqatapat yatiñapataki, ukampirus jark'aqirjamaw irnaqaski.Pani thakhinx, kunapachatix depósito lurasktan jan ukax kunapachatix jiwasax crédito mayiña, amuyañani sapa mayiwitakixa, mä aleatorio jakhüwi 1 ukatxa 500 ukjakama apayanipxta.Jichhaxa niyaw wakicht’atäxtanxa, jiwasana mayiwi qalltañataki, ukampisa nayraqata, mä buceo ukar sarañäni mä juk’a juk’ampi teoría.

10. Kunjamsa mä `JWT` token lurasi

Jichhax jiwasan tokens ukanakax generación lurawaytanxa, ukat mayniruw uñakipt’añäni. Nayax mä ch’amakt’at chimpu uñacht’ayañ munapxsma, ukat uka chimpumpiw uk amuyañatakix apnaqapxä.Akanx jiwasan chimpunakasan utji: FAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKE . FAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETO . FAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKENFAKETOKEN Kunatix akanx wali wakiskir uñjañax jiwasan token ukax kimsa chiqar jaljatawa:

P’iqinchawi — Akax Base64 codificado JSON configuración p’iqinchawiwa, kunjamatix nayraqat arsuwayktan ukhama.
Carga útil — Akax Base64 codificado JSON payload ukawa. Akax kawkhantix jiwasan Reservado ukat Costumbre ukanakan reclamaciones ukanakax qhanañcht’atäki ukawa. Ukhamaraki aka chiqanx reclamaciones Privadas ukat Públicas ukanakat qhanañcharaksnawa. Panpachaniw Aduana ukan reclamaciones ukar jaqukipapxi. Mä jank’a yatiyäwi, uka pä arsuwinakampix kuntix munktan uk luraraksnawa. Ukampirus reclamaciones públicas ukax uñt’atawa kunjamatix IANA JSON Web Token Registry ukan qhanañchatäki ukhama. Wali askiw jiwasan tokens ukanakar mä sutimp uñt’ayañasa, ukhamat registro ukamp jan ch’axwañataki. Reclamaciones públicas ukaxa opcionales estándar sata uñt’atarakiwa. Reclamaciones privadas ukanakax janiw kuna normas ukarjam phuqhapkiti ukat jiwasanakan uñt’ayañax wakisiwa.
Firma — Akax kawkhantix mä juk’a lurañ yatktan ukawa. Firma ukax mä cifrado combinación ukawa Header Payload ukampi . Jiwasax algoritmo apnaqañ munktan ukx amtapxtanwa ukatx aka bit de token ukax chiqpachanx yatiyaw apayanktan ukax atinisiñjamati janicha ukx amtañani. Uka mayacht'asiwix sapakïxiwa ukatx jiwasan servidor ukax "public-key" ukampiw apnaqani, ukax mä uñt'ayawiw utjiti janicha uk yatiñataki. Uka patat amtassta ukhax RS256 apnaqapxta jiwasan uñacht’äwisanxa.

Janïr sarantkasaxa, amuyañamawa, Header ukat Payload ukanakax jiwasan uñacht’äwisanx decyphered ukhamawa. Jiwasax "janiw" carga útil jan ukax p'iqinchäwimp mayjt'ayañjamäkiti ukat wali atinisiñjam luraraksnawa. Mä jan wali token ukan jan walt’awinakapat jark’aqasiñax algoritmo ukarjam ajllitäki ukampikiw jark’aqasispa. Ukhamajj wali amuyumpi ajlliñamawa.Jumatï mä organizacionan irnaqasksta, ukanjja, jamasat yatiyasaw llakisi, sañäni, bancon irnaqtʼasksta ukhajja, JANIW kuntï lurañ amtapkta uk luramti. Akax mä thakhikiwa jiwasatakix internet tuqin uñakipañataki kunatix tokens ukanakax local ukan luratäki ukanak uñakipañataki.Nayraqatax https://jwt.io/ ukar mantañäni ukat JWT token ukar phuqhantañäni. Jichhak lurat token apnaqañamawa:

https://jwt.io/ apnaqasa jiwasan tokenan utjkistu uk uñakipañatakiKuns aka chiqan utjkistu uk uñakipt’añäni. Akax jiwasan administrador ukan chimpupawa. Uka jaqix jiwasan uñacht'äwisanx "Admin" satawa. Jiwasax uñjaraksnawa, jiwasan parámetros ukanakax taqpachaw utji. Jiwasan listasanx "sub", "aud", "upn", "access", "user_id", "iss", "suti", "grupos" ukat qhiparusti "jti" ukanakaw uñjasi. Ukhamarakiw mä qawqha extra reclamaciones ukanakax utjarakistu. Jupanakat yatjjatañäni:

" auth_time " — Akax kunapachatix chiqanchawix utjki ukhawa. Jiwasan token kunjamtix chiqanchatäki ukhamarjamax domingo, 17 uru lapaka phaxsit 2022 maran 16:15:47 GMT+02:00 DST" iat " — Akax kunapachatix token luratäki ukhawa. Jiwasanakanxa, akax auth_time." exp " — Akax token ukan tukusiñapawa. Ukax domingo 17 uru lapaka phaxsit 2022 maran 16:32:27 GMT+02:00 DST pacharuw tukusi. Jiwasax janiw kuna fechas de vencimiento ukas token ukanx qhanañchapkti. Ukax sañ muniw JWT ukax ~15 minutos ukjaw apnaqi.

Jichhax mä qawqha yant’äwinak lurañäni.

11. Aplicación apnaqaña

Uka chimpux GitHub ukan apnaqañatakix wakicht'atawa. Jiwasatix código uñakipt’añäni ukat Intellij ukamp jist’arañäni ukhax yatiñasawa janiw aka aplicación ukarux Spring Boot ukar uñtasit apnaqksnati. Ukax mä "psvm" ukawa, ukax mä juk'a pachanakanwa. Ukhamakipansti, ukakipkarakiw generado jar ukax chiqak apnaqañasa ukatx mä "mvn build" ukax mä juk'a nayraqat lurañax wakisispa. Akax kunjams jichhax apnaqaskta ukawa:

[1] . ] https://github.com/jesperancinha/your-finance-je "Aplicación apnaqañatakix pachamamax wakicht'atawa")

Jichhax " setupCertificates.sh " qillqat mayamp apnaqañäni. Janiw yatiskti qawqha pachas aka chiqar puriñax apst’asiwayta ukampis wali amuyatawa 15 minutos ukax niyaw aka pachanx tukusxi. Janis ukhamäkchi ukhaxa, mayamp apnaqañamawa.Jiwasan app qalltañäni!Akham qalltsna:

 mvn clean install java -jar your-financeje-banking/target/your-financeje-banking.jar

Jan ukax jiwasan wakicht’at t’ijtir configuración tuqikiw apnaqaraksna. Repo ukat Makefile ukanak nayraqat uñakipt’añamawa, taqi kunatix luraski uk amuyañ munsta ukhaxa:

 make dcup-full-action

Aka script ukax 2 servicios ukanakaw apnaqasini. Maynix 8080 puertonkiwa ukatx maynix 8081 puertonkiwa. Puerto 8080 uksanx mä versión uka software ukax jiwasan código apnaqañapawa JWT tokens uñstayañataki. Puerto 8081 ukanx mä versión jwtknizr generador ukamp apnaqañäni, Adam Bien ukan luratawa. Aka qillqatanx uñakipt’añäni, ukampis servicio ukax puerto 8080 ukan irnaqaski uka tuqitwa. Munasma ukhaxa, cypress ukampi t’ijt’asmawa:

 make cypress-open

Ukhamatwa consola cypress ukax open , ukatx yant’awinakax navegador ukampiw lurasini. Ukampirus, navegador ukan amtawinakax aka pachanx wali jisk’akiwa. Jilpacha mayiwinakax chiqpachanx cypress ukan churat línea de comando mayiwinakaw utjani .Jichhakamax janiw " cypress " ukar mantañäniti. Navegador ukar mantam ukat aka chiqar p’iqincham:

http://localhost:8080/cuentas/taqi ukanak uñt’ayañataki

Jiwasax akham mä resultado jikxatañasawa:

Kunjamtï uñjktanxa, " Malory ", " Jack Fallout ", ukat " Jitska " ukanakax janiw kuna crédito ukat qullqis utjkiti. Ukax kunatix jupanakarux apnaqir tamanakarukiw churapxi. Ukhamarakiw uñjañax Shikka juparux janiw kuna créditos ukanakas churatäkiti. " Shikka ", ukax jiwasan sapa cliente ukawa, jupax janiw crédito de grupo ukax utjkiti.Jiwasax registros ukar uñakipt'añäni ukhax uñjaraksnawa, operaciones exitosas ukax aka formato ukaruw puri:

 Sending money to admin HTTP/1.1 200 OK Date: Sun, 17 Jul 2022 15:01:13 GMT X-Powered-By: KumuluzEE/4.1.0 Content-Type: application/json Content-Length: 32 Server: Jetty(10.0.9) {"balance":212,"client":"Admin"}

Mä 200 ukax operación ukax sum sarantatap yatiyarakistu."Malory", "Jack Fallout", ukat "Jitska" ukanakanx panpacha operacionanakax jan walt'ayataw uñjasi ukat ukjatx aka kasta yatiyaw katuqañäni:

 Sending money to jitska HTTP/1.1 403 Forbidden X-Powered-By: KumuluzEE/4.1.0 Content-Length: 0 Server: Jetty(10.0.9)

Mä 403 ukax yatiyarakistuw jiwasan JWT token ukax chiqapar uñjata ukat ukax atinisitawa. Ukampirus uka apnaqirix uka luraw lurañ jark’atawa. Mä arunxa, jupanakax janiw uka amtat thakhirux mantañ yatipkiti.

Jiwasan tokens ukanakamp mä juk’a mayjt’ayañäni. Jiwasatix mä qawqha tokens sendMoney.sh qillqatan mayjt’ayañäni. Jiwasax akanak katuqañasawa:

 Sending money to admin HTTP/1.1 401 Unauthorized X-Powered-By: KumuluzEE/4.1.0 WWW-Authenticate: Bearer realm="MP-JWT" Content-Length: 0 Server: Jetty(10.0.9)

Pantalla phuqhata modalidad ukar mantaña Pantalla phuqhata modalidad ukar mantaña

Aka 401 ukax sañ muniw jiwasan token ukax janiw validadakiti. Ukax sañ muniw clave pública ukax servidor ukax apnaqi jiwasan token ukax atinisiñapati janicha uk uñakipañataki, janiw mä uñtasit jikxatkiti. Llave pública ukax janiw JWT token ukan firmap uñakipañjamäkiti ukat chiqapar uñjañjamäkani ukhaxa, ukatx janiw sañapawa.

Mä recapitular ukhama, Header ukat "Payload" ukax janiw encriptado ukhamäkiti. Jupanakax mä base 64 "codificado" ukhamawa. Ukax sañ muniw "Decodificación" ukax sapa kutiw mä uñakipäw manqhan utjañapatak jaytistu, kunatix chiqpachanx carga útil ukax ukhamawa. Jiwasatix carga útil ukar jan ist'añat jark'aqañ thaqhaskstanxa, janiw token ukan "Carga de pago" ukax yaqhatak apnaqañasäkiti jan ukasti parámetros de identificación ukanakaw ajlliñasa. Jan walt’awix chiqpachans kunapachatix maynix amparanakap JWT token ukar puri, sañäni, kunapachatix túnel TLS ukax jan walt’ayat uñjasi ukat maynix mayjt’ayat yatiyawinakan contenido uñakipañ yati. Ukhamächi ukhajja, yaqha jarkʼaqasiñaw utjaraki. Ukat akax firmawa. Mä yatiyaw mantañapatakix mä sapakiw ch’amanchasi, ukax servidor ukawa, ukax clave pública ukaruw uñt’ayasi. Aka llave pública, pública ukhamäkchisa, ukax firma ukat "P'iqinchiri + Carga útil" ukar jan walt’ayasaw mantanir yatiyaw chiqanchañatakix jayti.

12. Tukuyañataki

Jiwasax sesión tukuyañkamaw puriwaytanxa. Uk arktapxatamat yuspajarapxsmawa.Kunjamsa JWT tokens ukax compactos ukat wali juk’amp jan verboso ukanak SAML tokens ukanakat sipanx uñjaraksnawa. Jiwasax uñjtanwa kunjams jasakiw tokens lurañax ukat apnaqañax yaqhip autorizaciones ukanak jikxatañatakix yaqhip thakhinakatakix wakisi ukat kunjams mä token firmado tuqix ukaruw puripxta.Ukampirus wali wakiskiriwa kunjams JWT irnaqaski uk mä amuyt’äw jikxatañataki. Jiwasax suyt’tanwa, akampixa, kunjams JWT tokens ukanakax irnaqapxi uka tuqit mä suma uñt’ayawi churapxsma.Kunjamsa taqi ukanakax irnaqapxi uk juk’amp sum amuyt’añatakix, cypress yant’äwinak phuqhachatäki ukanakamp anatt’apxañamatakiw iwxt’apxsma. Akax mä jach’a thakhiwa kunjams mayiwinakax lurasiski ukat kunanaks yant’asktan ukat kunas suyt’ata uk uñjañataki. Ukatx juk’amp suma amuyt’awiw utjaraki kunats yaqhip apnaqirinakax yaqhip lurawinakarux puripxi ukatx yaqhipanakax janiw lurapkiti.Nayaw taqi código fuente uka aplicación uka GitHub ukar uñt’ayawayta Nayax suyt’twa jumanakax aka qillqatanx kusisipxañamataki kunjamatix nayax qillqañax wali askïki ukhama it.Ullart'apxatamat yuspajarapxsmawa!