Add security related changes to README.md.

Author: mohamed-taman

README.md

@@ -1,22 +1,20 @@
 # Springy Store μServices
 
-- This project is a development of a small set of **Spring Boot** and **Cloud** based Microservices projects, that implement cloud-native intuitive, Reactive Programming, Event-driven, Microservices design patterns and coding best practices.
-- The project follows [**CloudNative**](https://www.cncf.io/) recommendations and The [**twelve-factor app**](https://12factor.net/) methodology for building *software-as-a-service apps* to show how μServices should be built and deployed.
+- This project is a development of a small set of **Spring Boot** and **Cloud** based Microservices projects that implement cloud-native intuitive, Reactive Programming, Event-driven, Microservices design patterns, and coding best practices.
+- The project follows [**CloudNative**](https://www.cncf.io/) recommendations and The [**twelve-factor app**](https://12factor.net/) methodology for building *software-as-a-service apps* to show how μServices should be developed and deployed.
 - This project uses cutting edge technologies like Docker, Kubernetes, Elasticsearch Stack for
  logging and monitoring, Java SE 14, MySQL, and MongoDB databases, all components developed with TDD in mind, covering integration & performance testing, and many more.
 
 ------
-I am developing this project as stages, and all such stages are documented under project
- **Springy Store μServices** [wiki page](https://github.com/mohamed-taman/Springy-Store-Microservices/wiki). Each of such stage will be a release in its own, so you can go back and
- forward between releases to see the differences and how adding things solve specific problems we face.
+I am developing this project as stages, and all such steps are documented under the project **Springy Store μServices** [wiki page](https://github.com/mohamed-taman/Springy-Store-Microservices/wiki). Each such stage will be a release in its own, so you can go back and forward between versions to see the differences and how adding things solve specific problems we face.
 
-<u>For example;</u> in the first stage (1st release) I just created project structure, basic services' skeleton, integration between them, and finally write integration testing as well as semi-automated testing for the whole services' functionality.
+<u>For example, </u> in the first stage (1st release), I just created project structure, essential services' skeleton, integration between them, and finally write integration testing as well as semi-automated testing for the complete services' functionality.
 
-At the 1st stage the **Recommendation** and **Review** microservices generate local in-memory data and **Store Service** calls the other three services (*Product*, *Recommendation*, and *Review*) statically to generate client aggregate response for a specific product. Therefore, in: 
+At the 1st stage, the **Recommendation** and **Review** microservices generate local in-memory data, and **Store Service** calls the other three services (*Product*, *Recommendation*, and *Review*) statically to generate client aggregate response for a specific product. Therefore, in: 
 
 - The second stage I will introduce **database integration**, then in (***done***)
-- The third stage I will introduce **Dockerization** of our services and **docker-compose**, and in (***done***)
-- The fourth stage I will introduce **service discovery**, and so on.
+- The third stage I will add **Dockerization** of our services and **docker-compose**, and in (***done***)
+- In the fourth stage, I will introduce **service discovery**, and so on.
 
 ## System components Structure
 Let's explain first the system structure to understand its components:
@@ -48,17 +46,15 @@ Springy Store μService --> Parent folder.
 |- stop-em-all.sh --> Stop all services runs in standalone mode. 
 |- test-em-all.sh --> This will start all docker compose landscape and test them, then shutdown docker compose containers with test finishes (use switch start stop)
 ```
-Now as we have learned about different system components, then let's start.
+Now, as we have learned about different system components, then let's start.
 
 ## Getting started
 
-The first stage aka (**Release v1.0**) is about creating and implementing a set of project Microservices.
+The first stage, aka (**Release v1.0**), is about creating and implementing a set of project Microservices.
 
 ### Creating a Set of Cooperating Microservices (Release v1.0)
 
-The following topics are going to be covered in this 1st stage (other stages topics to be documented
- in a
- project wiki):
+The following topics are going to be covered in this 1st stage (other stages topics will be documented in the project wiki pages):
 
 - Introducing the microservice landscape.
 - Generating skeleton microservices.
@@ -85,33 +81,33 @@ The following are the initially required software pieces:
 
 4. **jq**: This command-line JSON processor can be downloaded and installed from https://stedolan.github.io/jq/download/.
 
-5. Spring Boot Initializer: This *Initializer* generates *spring* boot project with just what you need to start quickly! start from here https://start.spring.io/.
+5. Spring Boot Initializer: This *Initializer* generates *spring* boot project with just what you need to start quickly! Start from here https://start.spring.io/.
 
 6. **Docker Desktop**: The fastest way to containerize applications on your desktop, and you can download it from here [https://www.docker.com/products/docker-desktop](https://www.docker.com/products/docker-desktop)
 
    > For each future stage, I will list the newly required software. 
 
-Follow the installation guide for each software website and check your software versions from the command line to verify that they are installed correctly.
+Follow the installation guide for each software website link and check your software versions from the command line to verify that they are all installed correctly.
 
 ## Using an IDE
 
-I recommend that you work with your Java code using an IDE that supports the development of Spring Boot applications such as Spring Tool Suite or IntelliJ IDEA Ultimate Edition. So you can use the Spring Boot Dashboard to run the services, run each microservice test case and many more.
+I recommend that you work with your Java code using an IDE that supports the development of Spring Boot applications such as Spring Tool Suite or IntelliJ IDEA Ultimate Edition. So you can use the Spring Boot Dashboard to run the services, run each microservice test case, and many more.
 
-All that you want to do is just fire up your IDE **->** open or import the parent folder `springy-store-microservices` and everything will be ready for you.
+All that you want to do is just fire up your IDE **->** open or import the parent folder `springy-store-microservices,` and everything will be ready for you.
 
 ## Playing With Springy Store Project
 
 ### Cloning It
 
-First open **git bash** command line, then simply you can clone the project under any of your favorite places as the following:
+The first thing to do is to open **git bash** command line, and then simply you can clone the project under any of your favorite places as the following:
 
 ```bash
 > git clone https://github.com/mohamed-taman/Springy-Store-Microservices.git
 ```
 
 ### Build & Test Them In Isolation
 
-To build and run test cases for each service & shared modules in the project we need to do the following:
+To build and run the test cases for each service & shared modules in the project, we need to do the following:
 
 #### First: Build & Install Shared Dependencies
 
@@ -191,7 +187,7 @@ All build commands and test suite for each microservice should run successfully,
 
 ### Running Them All
 #### Using RabbitMQ without the use of partitions
-Now it's the time to run all of our reactive Microservices, and it's very simple just run the following `docker-compose` commands:
+Now it's the time to run all of our reactive Microservices, and it's straightforward just run the following `docker-compose` commands:
 
 ```bash
 mohamed.taman@DTLNV8 ~/springy-store-microservices 
@@ -213,14 +209,20 @@ Creating ssm_review_1         ... done
 Creating ssm_product_1        ... done
 Creating ssm_recommendation_1 ... done
 ```
-
 ### Access Store APIs
 You can manually test `Store Service` APIs throughout its **Swagger** interface at the following
- URL [http://localhost:8080/swagger-ui.html](http://localhost:8080/swagger-ui.html).
-#### Access RabbitMQ
+ URL [https://localhost:8443/swagger-ui.html](https://localhost:8443/swagger-ui.html).
+### Access Service Discovery Server (Eureka)
+If you would like to access the Eureka service discovery point to this URL [http://localhosts:8443/eureka/web](https://localhost:8443/eureka/web) to see all the services registered inside it. 
+
+Note that it is accessed through API Gateway and is secured. Therefore the browser will ask you for `username:mt` and `password:p,` write them to the dialog, and you will access it. This type of security is a **basic form security**.
+
+The **API Gateway** and **Store Service** both act as a *resource server*. To know more about calling Store API in a secure way you can check the `test-em-all.sh` script on how I have changed the calling of the services using **OAuth2** security.
+
+### Access RabbitMQ
 In browser point to this URL [http://localhost:5672/](http://localhost:5672/) `username: guest` and `password: guest`, and you can see all **topics**, **DLQs**, **partitions**, and payload.
 
-1. For running 2 instances of each service and using _RabbitMQ with two partitions per topic_, use the following `docker-compose` command:
+1. For running two instances of each service and using _RabbitMQ with two partitions per topic_, use the following `docker-compose` command:
      ```bash
      mohamed.taman@DTLNV8 ~/springy-store-microservices 
      λ docker-compose -p ssm -f docker-compose-partitions.yml up -d 
@@ -231,44 +233,33 @@ In browser point to this URL [http://localhost:5672/](http://localhost:5672/) `u
       λ docker-compose -p ssm -f docker-compose-kafka.yml up -d
      ```
 #### Check All Services Health
-From Store front Service we can check all the core services health, when you have all the
+From Storefront Service we can check all the core services health when you have all the
  microservices up and running using Docker Compose,
 ```bash
 mohamed.taman@DTLNV8 ~/springy-store-microservices 
-λ curl http://localhost:8080/actuator/health -s | jq .
+λ curl -k https://localhost:8443/actuator/health -s | jq .components."\"Core Microservices\""
 ```
 This will result in the following response:
 ```json
 {
-   "status":"UP",
-    "components":{
-      "System Microservices":{
-         "status":"UP",
-         "components":{
-            "Product Service":{
-               "status":"UP"
-            },
-            "Recommendation Service":{
-               "status":"UP"
-            },
-            "Review Service":{
-               "status":"UP"
-            }
-         }
-      },
-      "diskSpace":{
-         "status":"UP",
-         "details":{
-            "total":255382777856,
-            "free":86618931200,
-            "threshold":10485760,
-            "exists":true
-         }
-      },
-      "ping":{
-         "status":"UP"
-      }
-   }
+  "status": "UP",
+  "components": {
+    "Authorization Server": {
+      "status": "UP"
+    },
+    "Product Service": {
+      "status": "UP"
+    },
+    "Recommendation Service": {
+      "status": "UP"
+    },
+    "Review Service": {
+      "status": "UP"
+    },
+    "Store Service": {
+      "status": "UP"
+    }
+  }
 }
 ```
 ### Testing Them All
@@ -283,7 +274,7 @@ mohamed.taman@DTLNV8 ~/springy-store-microservices
 The result will look like this:
 
 ```bash
-Starting 'Springy Store μServices' for [Blackbox] testing....
+Starting 'Springy Store μServices' for [Blackbox] testing...
 
 Start Tests: Fri, May 8, 2020 12:26:28 PM
 HOST=localhost
@@ -317,17 +308,14 @@ Test OK (HTTP Code: 200)
 Test OK (HTTP Code: 403, )
 End, all tests OK: Fri, May 8, 2020 12:29:21 PM
 ```
-
 ### Closing The Story
 
-Finally, to close the story, we need to shut down Microservices manually service by service
-, hahaha just kidding, run the following command to shut them all:
+Finally, to close the story, we need to shut down Microservices manually service by service, hahaha just kidding, run the following command to shut them all:
 
 ```bash
 mohamed.taman@DTLNV8 ~/springy-store-microservices 
 λ docker-compose -p ssm down --remove-orphans
 ```
-
  And you should see output like the following:
 
 ```bash
@@ -357,4 +345,4 @@ Removing network ssm_default
 Happy coding :)
 
 # License
-Copyright (C) 2017-2020 Mohamed Taman, Licensed under the MIT License.
+Copyright (C) 2017-2020 Mohamed Taman, Licensed under the MIT License.

store-common/store-utils/src/main/java/com/siriusxi/ms/store/util/http/GlobalControllerExceptionHandler.java

@@ -17,8 +17,8 @@
  * The class Global controller exception handler is a generic and central point for all
  * microservices that handles all services exceptions.
  *
- * It act as filter so it is pluggable component just added to microservice context automatically,
- * when you add <code>ComponentScan</code> on your application.
+ * <p>It act as filter so it is pluggable component just added to microservice context
+ * automatically, when you add <code>ComponentScan</code> on your application.
  *
  * @see org.springframework.context.annotation.ComponentScan
  * @author mohamed.taman