This document discusses creating applications with Grails, Angular JS, and Spring Security. It introduces the REST, Angular JS, and Angular 2 profiles in Grails for building REST APIs and frontend applications. It demonstrates generating a basic TODO application with these technologies, including REST endpoints, AngularJS scaffolding, and adding authentication with Spring Security REST.

1. Creating applications
with Grails, Angular JS
and Spring Security
Álvaro Sánchez-Mariscal

2. Álvaro Sánchez-Mariscal
Software Engineer
Grails Development Team
sanchezmariscala@ociweb.com

4. OCI is the new home of Grails
More at ociweb.com/grails

5. The workshop
bit.ly/grails-angular-workshop

6. Creating REST
API’s with Grails

7. The REST Profile
• Targeted at building REST applications.
• REST Specific plugins and commands.
• No GSP, asset pipeline, UI plugins.
• JSON / Markup views instead.

8. The REST Profile
• Profile specific commands:
• create-domain-resource - creates an
@Resource domain
• create-restful-controller - creates a
RestfulController

9. The REST Profile
• Statically compiled, extensible JSON views:
json.person {
name "bob"
}
{"person":{"name":"bob"}}

10. Create the project
$ grails create-app -profile rest-api
-features hibernate5,json-views todo
| Application created at /tmp/todo

11. Create a domain resource
$ grails create-domain-resource todo
| Created grails-app/domain/todo/Todo.groovy
| Created src/test/groovy/todo/TodoSpec.groovy

12. REST Domain class
package com.example
import grails.rest.Resource
@Resource(uri = '/todos')
class Todo {
String description
boolean completed
}

13. Create a restful controller
$ grails create-restful-controller todo.Todo
| Created grails-app/controllers/todo/TodoController.groovy

14. RESTful Controller
package com.example
import grails.rest.RestfulController
class TodoController extends RestfulController {
static responseFormats = ['json']
TodoController() {
super(Todo)
}
def pending() {
respond Todo.findAllByCompleted(false), view: 'index'
}
}

15. JSON View
import com.example.Todo
model {
Todo todo
}
json {
hal.links(todo)
id todo.id
description todo.description
completed todo.completed
}

16. Demo - REST API

17. Working with the
Angular JS profile

18. The Angular JS Profile
• Extends the REST profile.
• Adds project setup for AngularJS.
• Code generation for AngularJS.
• Scaffolding available via plugin.

19. The Angular JS Profile
• Profile specific commands:
• create-ng-controller
• create-ng-service
• create-ng-domain
• create-ng-directive
• create-ng-component
• create-ng-module

20. Create the project
$ grails create-app -profile angular
-features hibernate5,json-views todo
| Application created at /tmp/todo

21. Scaffold all the things!
$ grails ng-generate-all todo.Todo

22. Demo - AngularJS
scaffolding

23. The Angular 2 Profile
• Available since Grails 3.2.1.
• Multi-project build:
• Client: a pure Angular 2 project, Angular CLI-
based.
• Server: a pure rest-api Grails project.

24. The Angular 2 Profile
$ ng serve $ ./gradlew client:bootRun

25. CORS
• Supported in Grails core since 3.2.2
• application.yml
grails:
cors:
enabled: true

26. Demo - Angular 2
profile

27. Adding Security with
Spring Security REST

28. Spring Security REST
• Compatibility layer over Spring Security Core.
• Login and logout REST endpoints.
• Token validation filter.
• Stateless by default, with JWT (signed and encrypted)
• Memcached, Redis, GORM and Grails Cache token storages.
• Implicit grant support through 3rd party providers.
• RFC 6750 Bearer Token support.

29. Create the project
$ grails create-app -profile angular
-features hibernate,json-views,security todo
| Application created at /tmp/todo

30. The interceptor
angular
.module("todo")
.factory('authInterceptor', function ($rootScope, $window) {
return {
request: function (config) {
config.headers = config.headers || {};
if ($window.sessionStorage.token) {
config.headers.Authorization = 'Bearer ' + $window.sessionStorage.token;
}
return config;
}
};
})
.config(function ($httpProvider) {
$httpProvider.interceptors.push('authInterceptor');
})
.controller("TodoController", TodoController);

31. Demo - All
together

32. Thank you!
Álvaro Sánchez-Mariscal