refactor: Externalize sensitive configurations to secrets.properties

Co-authored-by: aider (gemini/gemini-2.5-pro) <aider@aider.chat>

test16july-back-b/authsec_springboot/backend/src/main/java/com/realnet/Payment/Paytm/AppConfig.java

@@ -1,7 +1,21 @@
 package com.realnet.Payment.Paytm;
 
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+@Component("paytmAppConfig")
 public class AppConfig {
-    public static final String MID="RHLBnF070397707073";
+    public static String MID;
-    public static final String MKEY="BXWmXtYo858BTG";
+    public static String MKEY;
     public static final String WEBSITE="WEBSTAGING";
+
+    @Value("${paytm.mid}")
+    public void setMID(String mid) {
+        MID = mid;
+    }
+
+    @Value("${paytm.mkey}")
+    public void setMKEY(String mkey) {
+        MKEY = mkey;
+    }
 }

test16july-back-b/authsec_springboot/backend/src/main/java/com/realnet/config/JWTConstant.java

@@ -1,5 +1,9 @@
 package com.realnet.config;
 
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+@Component
 public class JWTConstant {
 
 	// private static final long VALIDITY_TIME_MS = 10 * 24 * 60 * 60 * 1000;// 10
@@ -7,7 +11,7 @@ public class JWTConstant {
 		public static final long VALIDITY_TIME_MS = 2 * 60 * 60 * 1000; // 2 hours validity
 
 		public static final long ACCESS_TOKEN_VALIDITY_SECONDS = 30 * 24 * 60 * 60;
-		public static final String SECRET_KEY = "realnet";
+		public static String SECRET_KEY;
 		public static final String TOKEN_PREFIX = "Bearer ";
 		public static final String HEADER_STRING = "Authorization";
 		public static final String AUTHORITIES_KEY = "scopes";
@@ -19,4 +23,9 @@ public class JWTConstant {
 		public static final String UNAUTHORIZED_MESSAGE = "You are not authorized to view the resource";
 		public static final String FORBIDDEN_MESSAGE = "You don't have the right to access to this resource";
 		public static final String INVALID_DATA_MESSAGE = "One or many parameters in the request's body are invalid";
+
+		@Value("${jwt.secret-key}")
+		public void setSecretKey(String secretKey) {
+			SECRET_KEY = secretKey;
+		}
 }

test16july-back-b/authsec_springboot/backend/src/main/java/com/realnet/utils/Port_Constant.java

@@ -1,15 +1,49 @@
 package com.realnet.utils;
 
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+@Component
 public class Port_Constant {
 
-	public final static String LOCAL_HOST = "43.205.154.152";
+	public static String LOCAL_HOST;
-	public final static String FRONTEND_PORT_9191 = "30165";
+	public static String FRONTEND_PORT_9191;
-	public static String SURE_SETU_DOMAIN = "http://34.198.218.30:30173";
+	public static String SURE_SETU_DOMAIN;
 
-	public final static String GITEA_IP_ADDRESS = "try.gitea";
+	public static String GITEA_IP_ADDRESS;
-	public final static String GITEA_PORT = "io";
+	public static String GITEA_PORT;
-	public final static String SURE_VAULT_DOMAIN = "http://54.92.243.148:30150";
+	public static String SURE_VAULT_DOMAIN;
 	public final static String SUREVAULT_DEPLOYMENT_TYPE = "32";
 	public static String FRONTEND_PORTAL_DOMAIN;
 
+	@Value("${host.local}")
+	public void setLocalHost(String localHost) {
+		LOCAL_HOST = localHost;
+	}
+
+	@Value("${port.frontend}")
+	public void setFrontendPort9191(String frontendPort9191) {
+		FRONTEND_PORT_9191 = frontendPort9191;
+	}
+    
+    @Value("${domain.sure-setu}")
+	public void setSureSetuDomain(String sureSetuDomain) {
+		SURE_SETU_DOMAIN = sureSetuDomain;
+	}
+
+	@Value("${gitea.ip}")
+	public void setGiteaIpAddress(String giteaIpAddress) {
+		GITEA_IP_ADDRESS = giteaIpAddress;
+	}
+
+	@Value("${gitea.port}")
+	public void setGiteaPort(String giteaPort) {
+		GITEA_PORT = giteaPort;
+	}
+
+	@Value("${domain.sure-vault}")
+	public void setSureVaultDomain(String sureVaultDomain) {
+		SURE_VAULT_DOMAIN = sureVaultDomain;
+	}
+
 }

test16july-back-b/authsec_springboot/backend/src/main/resources/application.properties

@@ -1,3 +1,5 @@
+spring.config.import=optional:classpath:secrets.properties
+
 # File is used by sprigboot
 server.contextPath=/*
 server.port=9292
@@ -12,9 +14,6 @@ springfox.documentation.swagger.v2.path=/api-docs
 spring.jackson.date-format=yyyy-MM-dd
 
 chatgpt.api.url=https://api.openai.com/v1/completions
-chatgpt.api.key=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
-
-
 
 System.Net.ServicePointManager.Expect100Continue = false;
 
@@ -24,10 +23,6 @@ System.Net.ServicePointManager.Expect100Continue = false;
 
 # **** MY SQL DATABASE CONNECTION ****
 
-spring.datasource.url=jdbc:mysql://157.66.191.31:3306/db?createDatabaseIfNotExist=true
-spring.datasource.username=cnsdev
-spring.datasource.password=cnsdev2407
-
 spring.datasource.driverClassName = com.mysql.cj.jdbc.Driver
 
 spring.jpa.hibernate.ddl-auto=update
@@ -39,13 +34,9 @@ spring.jpa.properties.hibernate.format_sql=true
 spring.jpa.properties.hibernate.proc.param_null_passing=true
 
 # **********paytm dependency ******
-razorpay.api.key=rzp_test_xVnrBUjJWTEH0r
-razorpay.api.secret=evTXkIFcgpVtiLa1P7M7CIox
 
 #***** MAIL SENDER
 spring.mail.host=smtp.gmail.com
-spring.mail.username=realitmailsender@gmail.com
-spring.mail.password=epnmhzsccotnyozf
 spring.mail.port=587
 #spring.mail.properties.mail.smtp.auth=true
 spring.mail.properties.mail.smtp.starttls.enable=true
@@ -67,8 +58,6 @@ spring.servlet.multipart.max-request-size=100MB
 
 #***************OAUTH2 SOCIAL LOGIN *********
 # Social login provider props
-spring.security.oauth2.client.registration.google.clientId=437023664181-0lm0ipgip3qbhga4nd7o4128jv4g2nv9.apps.googleusercontent.com
-spring.security.oauth2.client.registration.google.clientSecret=I1HPyUqdJ9UONu45W1_wwfww
 spring.security.oauth2.client.registration.google.scope=profile, email
 
 
@@ -85,7 +74,6 @@ spring.security.oauth2.client.provider.linkedin.token-uri=https://www.linkedin.c
 spring.security.oauth2.client.provider.linkedin.user-info-uri=https://api.linkedin.com/v2/me
 spring.security.oauth2.client.provider.linkedin.user-name-attribute=id
 linkedin.email-address-uri=https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))
-app.auth.tokenSecret=926D96C90030DD58429D2751AC1BDBBC
 app.auth.tokenExpirationMsec=864000000
     # After successfully authenticating with the OAuth2 Provider,
     # we'll be generating an auth token for the user and sending the token to the
@@ -95,4 +83,4 @@ app.oauth2.authorizedRedirectUris=http://localhost:8081/oauth2/redirect,myandroi
 
 
 projectPath=@project.basedir@
-angularProjectPath=@project.basedir@/webui
+angularProjectPath=@project.basedir@/webui

test16july-back-b/authsec_springboot/backend/src/main/resources/secrets.properties

@@ -0,0 +1,32 @@
+# Sensitive data. This file should not be committed to version control.
+chatgpt.api.key=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
+
+spring.datasource.url=jdbc:mysql://157.66.191.31:3306/db?createDatabaseIfNotExist=true
+spring.datasource.username=cnsdev
+spring.datasource.password=cnsdev2407
+
+razorpay.api.key=rzp_test_xVnrBUjJWTEH0r
+razorpay.api.secret=evTXkIFcgpVtiLa1P7M7CIox
+
+spring.mail.username=realitmailsender@gmail.com
+spring.mail.password=epnmhzsccotnyozf
+
+spring.security.oauth2.client.registration.google.clientId=437023664181-0lm0ipgip3qbhga4nd7o4128jv4g2nv9.apps.googleusercontent.com
+spring.security.oauth2.client.registration.google.clientSecret=I1HPyUqdJ9UONu45W1_wwfww
+
+app.auth.tokenSecret=926D96C90030DD58429D2751AC1BDBBC
+
+# Paytm
+paytm.mid=RHLBnF070397707073
+paytm.mkey=BXWmXtYo858BTG
+
+# JWT
+jwt.secret-key=realnet
+
+# Ports and hosts
+host.local=43.205.154.152
+port.frontend=30165
+domain.sure-setu=http://34.198.218.30:30173
+gitea.ip=try.gitea
+gitea.port=io
+domain.sure-vault=http://54.92.243.148:30150