src/main/resources/application.yml

spring:
  application:
    name: cameleer-saas
  jpa:
    open-in-view: false
    hibernate:
      ddl-auto: validate
  flyway:
    enabled: true
    locations: classpath:db/migration
  security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: ${LOGTO_ISSUER_URI:}
          jwk-set-uri: ${LOGTO_JWK_SET_URI:}

management:
  endpoints:
    web:
      exposure:
        include: health,info
  endpoint:
    health:
      show-details: when-authorized

cameleer:
  jwt:
    expiration: 86400 # 24 hours in seconds
    private-key-path: ${CAMELEER_JWT_PRIVATE_KEY_PATH:}
    public-key-path: ${CAMELEER_JWT_PUBLIC_KEY_PATH:}
  identity:
    logto-endpoint: ${LOGTO_ENDPOINT:}
    m2m-client-id: ${LOGTO_M2M_CLIENT_ID:}
    m2m-client-secret: ${LOGTO_M2M_CLIENT_SECRET:}
feat: initialize Maven project with Spring Boot 3.4.3 + Java 21 Set up the foundational Spring Boot project structure: - Root POM with web, security, JPA, Flyway, validation, AOP, actuator - PostgreSQL + Testcontainers for test infrastructure - Application YAML configs for default, dev, and test profiles - Maven wrapper (3.9.9) for reproducible builds - .gitignore for Maven/IDE/OS artifacts Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-30 10:08:14 +02:00			`spring:`
			`application:`
			`name: cameleer-saas`
			`jpa:`
			`open-in-view: false`
			`hibernate:`
			`ddl-auto: validate`
			`flyway:`
			`enabled: true`
			`locations: classpath:db/migration`
feat: add OAuth2 Resource Server for Logto OIDC authentication Dual auth: machine endpoints use Ed25519 JWT filter, all other API endpoints use Spring Security OAuth2 Resource Server with Logto OIDC. Mock JwtDecoder provided for test isolation. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-04 15:03:06 +02:00			`security:`
			`oauth2:`
			`resourceserver:`
			`jwt:`
			`issuer-uri: ${LOGTO_ISSUER_URI:}`
			`jwk-set-uri: ${LOGTO_JWK_SET_URI:}`
feat: initialize Maven project with Spring Boot 3.4.3 + Java 21 Set up the foundational Spring Boot project structure: - Root POM with web, security, JPA, Flyway, validation, AOP, actuator - PostgreSQL + Testcontainers for test infrastructure - Application YAML configs for default, dev, and test profiles - Maven wrapper (3.9.9) for reproducible builds - .gitignore for Maven/IDE/OS artifacts Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-30 10:08:14 +02:00
			`management:`
			`endpoints:`
			`web:`
			`exposure:`
			`include: health,info`
			`endpoint:`
			`health:`
			`show-details: when-authorized`

			`cameleer:`
			`jwt:`
			`expiration: 86400 # 24 hours in seconds`
feat: externalize Ed25519 keys with file-based loading Keys are loaded from PEM files when CAMELEER_JWT_PRIVATE_KEY_PATH and CAMELEER_JWT_PUBLIC_KEY_PATH are set. Falls back to ephemeral key generation for development. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-04 14:48:20 +02:00			`private-key-path: ${CAMELEER_JWT_PRIVATE_KEY_PATH:}`
			`public-key-path: ${CAMELEER_JWT_PUBLIC_KEY_PATH:}`
feat: add OAuth2 Resource Server for Logto OIDC authentication Dual auth: machine endpoints use Ed25519 JWT filter, all other API endpoints use Spring Security OAuth2 Resource Server with Logto OIDC. Mock JwtDecoder provided for test isolation. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-04-04 15:03:06 +02:00			`identity:`
			`logto-endpoint: ${LOGTO_ENDPOINT:}`
			`m2m-client-id: ${LOGTO_M2M_CLIENT_ID:}`
			`m2m-client-secret: ${LOGTO_M2M_CLIENT_SECRET:}`