git clone https://github.com/openliberty/guide-bean-validation.git
cd guide-bean-validation
Validating constraints with microservices
Prerequisites:
Explore how to use bean validation to validate user input data for microservices.
What you’ll learn
You will learn the basics of writing and testing a microservice that uses bean validation and the new functionality of Bean Validation 2.0. The service uses bean validation to validate that the supplied JavaBeans meet the defined constraints.
Bean Validation is a Java specification that simplifies data validation and error checking. Bean validation uses a standard way to validate data stored in JavaBeans. Validation can be performed manually or with integration with other specifications and frameworks, such as Contexts and Dependency Injection (CDI), Java Persistence API (JPA), or JavaServer Faces (JSF). To set rules on data, apply constraints by using annotations or XML configuration files. Bean validation provides both built-in constraints and the ability to create custom constraints. Bean validation allows for validation of both JavaBean fields and methods. For method-level validation, both the input parameters and return value can be validated.
Several additional built-in constraints are included in Bean Validation 2.0, which reduces the need for custom validation in common validation scenarios. Some of the new built-in constraints include @Email
, @NotBlank
, @Positive
, and @Negative
. Also in Bean Validation 2.0, you can now specify constraints on type parameters.
The example microservice uses both field-level and method-level validation as well as several of the built-in constraints and a custom constraint.
Getting started
The fastest way to work through this guide is to clone the Git repository and use the projects that are provided inside:
The start
directory contains the starting project that you will build upon.
The finish
directory contains the finished project that you will build.
Before you begin, make sure you have all the necessary prerequisites.
Try what you’ll build
The finish
directory in the root of this guide contains the finished application. Give it a try before you proceed.
To try out the application, first go to the finish
directory and run the following Maven goal to build the application and deploy it to Open Liberty:
cd finish
mvn liberty:run
After you see the following message, your Liberty instance is ready:
The defaultServer server is ready to run a smarter planet.
Go to the http://localhost:9080/openapi/ui URL.
You see the OpenAPI user interface documenting the REST endpoints used in this guide. If you are interested in learning more about OpenAPI, read Documenting RESTful APIs. Expand the /beanvalidation/validatespacecraft POST request to validate your spacecraft bean
section and click Try it out
. Copy the following example input into the text box:
{
"astronaut": {
"name": "Libby",
"age": 25,
"emailAddress": "[email protected]"
},
"destinations": {
"Mars": 500
},
"serialNumber": "Liberty0001"
}
Click Execute
and you receive the response No Constraint Violations
because the values specified pass the constraints you will create in this guide. Now try copying the following value into the box:
{
"astronaut": {
"name": "Libby",
"age": 12,
"emailAddress": "[email protected]"
},
"destinations": {
"Mars": 500
},
"serialNumber": "Liberty0001"
}
This time you receive Constraint Violation Found: must be greater than or equal to 18
as a response because the age specified was under the minimum age of 18. Try other combinations of values to get a feel for the constraints that will be defined in this guide.
After you are finished checking out the application, stop the Liberty instance by pressing CTRL+C
in the command-line session where you ran Liberty. Alternatively, you can run the liberty:stop
goal from the finish
directory in another shell session:
mvn liberty:stop
Applying constraints on the JavaBeans
Navigate to the start
directory to begin.
When you run Open Liberty in dev mode, dev mode listens for file changes and automatically recompiles and deploys your updates whenever you save a new change. Run the following goal to start Open Liberty in dev mode:
mvn liberty:dev
After you see the following message, your Liberty instance is ready in dev mode:
************************************************************** * Liberty is running in dev mode.
Dev mode holds your command-line session to listen for file changes. Open another command-line session to continue, or open the project in your editor.
First, create the JavaBeans to be constrained.
Create theAstronaut
class.src/main/java/io/openliberty/guides/beanvalidation/Astronaut.java
Astronaut.java
The bean stores the attributes of an astronaut, name
, age
, and emailAddress
, and provides getters and setters to access and set the values.
The Astronaut
class has the following constraints applied:
-
The astronaut needs to have a name. Bean Validation 2.0 provides a built-in
@NotBlank
constraint, which ensures the value is not null and contains one character that isn’t a blank space. The annotation constrains thename
field. -
The email supplied needs to be a valid email address. Another built-in constraint in Bean Validation 2.0 is
@Email
, which can validate that theAstronaut
bean includes a correctly formatted email address. The annotation constrains theemailAddress
field. -
The astronaut needs to be between 18 and 100 years old. Bean validation allows you to specify multiple constraints on a single field. The
@Min
and@Max
built-in constraints applied to theage
field check that the astronaut is between the ages of 18 and 100.
In this example, the annotation is on the field value itself. You can also place the annotation on the getter method, which has the same effect.
Create theSpacecraft
class.src/main/java/io/openliberty/guides/beanvalidation/Spacecraft.java
Spacecraft.java
The Spacecraft
bean contains 3 fields, astronaut
, serialNumber
, and destinations
. The JavaBean needs to be a CDI managed bean to allow for method-level validation, which uses CDI interceptions. Because the Spacecraft
bean is a CDI managed bean, a scope is necessary. A request scope is used in this example. To learn more about CDI, see Injecting dependencies into microservices.
The Spacecraft
class has the following constraints applied:
-
Every destination that is specified needs a name and a positive distance. In Bean Validation 2.0, you can specify constraints on type parameters. The
@NotBlank
and@Positive
annotations constrain thedestinations
map so that the destination name is not blank, and the distance is positive. The@Positive
constraint ensures that numeric value fields are greater than 0. -
A correctly formatted serial number is required. In addition to specifying the built-in constraints, you can create custom constraints to allow user-defined validation rules. The
@SerialNumber
annotation that constrains theserialNumber
field is a custom constraint, which you will create later.
Because you already specified constraints on the Astronaut
bean, the constraints do not need to be respecified in the Spacecraft
bean. Instead, because of the @Valid
annotation on the field, all the nested constraints on the Astronaut
bean are validated.
You can also use bean validation with CDI to provide method-level validation. The launchSpacecraft()
method on the Spacecraft
bean accepts a launchCode
parameter, and if the launchCode
parameter is OpenLiberty
, the method returns true
that the spacecraft is launched. Otherwise, the method returns false
. The launchSpacecraft()
method uses both parameter and return value validation. The @NotNull
constraint eliminates the need to manually check within the method that the parameter is not null. Additionally, the method has the @AssertTrue
return-level constraint to enforce that the method must return the true
boolean.
Creating custom constraints
To create the custom constraint for @SerialNumber
, begin by creating an annotation.
Spacecraft.java
Replace the annotation.
src/main/java/io/openliberty/guides/beanvalidation/SerialNumber.java
SerialNumber.java
The @Target
annotation indicates the element types to which you can apply the custom constraint. Because the @SerialNumber
constraint is used only on a field, only the FIELD
target is specified.
When you define a constraint annotation, the specification requires the RUNTIME
retention policy.
The @Constraint
annotation specifies the class that contains the validation logic for the custom constraint.
In the SerialNumber
body, the method provides the message that is output when a validation constraint is violated. The groups()
and payload()
methods associate this constraint only with certain groups or payloads. The defaults are used in the example.
Now, create the class that provides the validation for the @SerialNumber
constraint.
Replace theSerialNumberValidator
class.src/main/java/io/openliberty/guides/beanvalidation/SerialNumberValidator.java
SerialNumberValidator.java
The SerialNumberValidator
class has one method, isValid()
, which contains the custom validation logic. In this case, the serial number must start with Liberty
followed by 4 numbers, such as Liberty0001
. If the supplied serial number matches the constraint, isValid()
returns true
. If the serial number does not match, it returns false
.
Programmatically validating constraints
Next, create a service to programmatically validate the constraints on the Spacecraft
and Astronaut
JavaBeans.
Spacecraft.java
Astronaut.java
Create theBeanValidationEndpoint
class.src/main/java/io/openliberty/guides/beanvalidation/BeanValidationEndpoint.java
BeanValidationEndpoint.java
Two resources, a validator and an instance of the Spacecraft
JavaBean, are injected into the class. The default validator is used and is obtained through CDI injection. However, you can also obtain the default validator with resource injection or a JNDI lookup. The Spacecraft
JavaBean is injected so that the method-level constraints can be validated.
The programmatic validation takes place in the validateSpacecraft()
method. To validate the data, the validate()
method is called on the Spacecraft
bean. Because the Spacecraft
bean contains the @Valid
constraint on the Astronaut
bean, both JavaBeans are validated. Any constraint violations found during the call to the validate()
method are returned as a set of ConstraintViolation
objects.
The method level validation occurs in the launchSpacecraft()
method. A call is then made to the launchSpacecraft()
method on the Spacecraft
bean, which throws a ConstraintViolationException
exception if either of the method-level constraints is violated.
Enabling the Bean Validation feature
Finally, add the Bean Validation feature in the application by updating the Liberty server.xml
configuration file.
Replace the Libertyserver.xml
configuration file.src/main/liberty/config/server.xml
server.xml
You can now use the beanValidation
feature to validate that the supplied JavaBeans meet the defined constraints.
Running the application
You started the Open Liberty in dev mode at the beginning of the guide, so all the changes were automatically picked up.
Go to the http://localhost:9080/openapi/ui URL.
Expand the /beanvalidation/validatespacecraft POST request to validate your spacecraft bean
section and click Try it out
. Copy the following example input into the text box:
{
"astronaut": {
"name": "Libby",
"age": 25,
"emailAddress": "[email protected]"
},
"destinations": {
"Mars": 500
},
"serialNumber": "Liberty0001"
}
Click Execute
and you receive the response No Constraint Violations
because the values specified pass previously defined constraints.
Next, modify the following values, all of which break the previously defined constraints:
Age = 10
Email = libbybot
SerialNumber = Liberty1
After you click Execute
, the response contains the following constraint violations:
Constraint Violation Found: serial number is not valid.
Constraint Violation Found: must be greater than or equal to 18
Constraint Violation Found: must be a well-formed email address
To try the method-level validation, expand the /beanvalidation/launchspacecraft POST request to specify a launch code
section. Enter OpenLiberty
in the text box. Note that launched
is returned because the launch code passes the defined constraints. Replace OpenLiberty
with anything else to note that a constraint violation is returned.
Testing the constraints
Now, write automated tests to drive the previously created service.
CreateBeanValidationIT
class.src/test/java/it/io/openliberty/guides/beanvalidation/BeanValidationIT.java
BeanValidationIT.java
The @BeforeEach
annotation causes the setup()
method to execute before the test cases. The setup()
method retrieves the port number for the Open Liberty and creates a Client
that is used throughout the tests, which are described as follows:
-
The
testNoFieldLevelConstraintViolations()
test case verifies that constraint violations do not occur when valid data is supplied to theAstronaut
andSpacecraft
bean attributes. -
The
testFieldLevelConstraintViolation()
test case verifies that the appropriate constraint violations occur when data that is supplied to theAstronaut
andSpacecraft
attributes violates the defined constraints. Because 3 constraint violations are defined, 3ConstraintViolation
objects are returned as a set from thevalidate
call. The 3 expected messages are"must be greater than 0"
for the negative distance specified in the destination map,"must be a well-formed email address"
for the incorrect email address, and the custom"serial number is not valid"
message for the serial number. -
The
testNoMethodLevelConstraintViolations()
test case verifies that the method-level constraints that are specified on thelaunchSpacecraft()
method of theSpacecraft
bean are validated when the method is called with no violations. In this test, the call to thelaunchSpacecraft()
method is made with theOpenLiberty
argument. A value oftrue
is returned, which passes the specified constraints. -
The
testMethodLevelConstraintViolation()
test case verifies that aConstraintViolationException
exception is thrown when one of the method-level constraints is violated. A call with an incorrect parameter,incorrectCode
, is made to thelaunchSpacecraft()
method of theSpacecraft
bean. The method returnsfalse
, which violates the defined constraint, and aConstraintViolationException
exception is thrown. The exception includes the constraint violation message, which in this example ismust be true
.
Spacecraft.java
Running the tests
Because you started Open Liberty in dev mode, you can run the tests by pressing the enter/return
key from the command-line session where you started dev mode.
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running it.io.openliberty.guides.beanvalidation.BeanValidationIT
Tests run: 4, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 1.493 sec - in
it.io.openliberty.guides.beanvalidation.BeanValidationIT
Results :
Tests run: 4, Failures: 0, Errors: 0, Skipped: 0
When you are done checking out the service, exit dev mode by pressing CTRL+C
in the command-line session where you ran Liberty.
Great work! You’re done!
You developed and tested a Java microservice by using bean validation and Open Liberty.
Guide Attribution
Validating constraints with microservices by Open Liberty is licensed under CC BY-ND 4.0
Prerequisites:
Nice work! Where to next?
What did you think of this guide?
Thank you for your feedback!
What could make this guide better?
Raise an issue to share feedback
Create a pull request to contribute to this guide
Need help?
Ask a question on Stack Overflow