Sample apps synchronization between each other

.env.example

@@ -2,9 +2,26 @@
 ## signNow API SDK configuration
 ##
 
-## Replace these dummy values with your actual credentials except SIGNNOW_API_HOST
+# Required — replace placeholders with real credentials before running.
 SIGNNOW_API_HOST=https://api.signnow.com
-SIGNNOW_API_BASIC_TOKEN=test
-SIGNNOW_API_USERNAME=test
-SIGNNOW_API_PASSWORD=test
-SIGNNOW_DOWNLOADS_DIR=~/Downloads
+SIGNNOW_API_BASIC_TOKEN=<replace-me>
+SIGNNOW_API_USERNAME=<replace-me>
+SIGNNOW_API_PASSWORD=<replace-me>
+
+# Path inside the running environment where downloaded files are written.
+# Inside Docker, leave as /tmp (or another writable path). The ~ does not expand in containers.
+SIGNNOW_DOWNLOADS_DIR=/tmp
+
+##
+## Sample-app runtime configuration
+##
+
+# Public base URL used to build redirect URIs sent to the SignNow embed widget.
+# Must match the host the browser reaches this app on.
+APP_BASE_URL=http://localhost:8080
+
+# Demo-only signer credentials used by samples that generate limited signer tokens.
+# For production deployments replace with per-tenant values or remove the affected samples.
+SIGNNOW_DEMO_USER_EMAIL=example@example.com
+SIGNNOW_DEMO_USER_PASSWORD=example
+SIGNNOW_SIGNER_EMAIL=test@example.com

Dockerfile

@@ -1,10 +1,21 @@
-FROM maven:3.9.9-eclipse-temurin-23 AS build
+FROM maven:3.9.9-eclipse-temurin-17 AS build
 WORKDIR /app
 COPY pom.xml ./
+RUN mvn -B dependency:go-offline
 COPY src ./src
-RUN mvn clean install package -DskipTests
+RUN mvn -B clean package -DskipTests
 
-FROM openjdk:23-jdk-slim
-VOLUME /tmp
-COPY --from=build /app/target/java-sample-app-0.0.1-SNAPSHOT.jar app.jar
-ENTRYPOINT ["java", "-jar", "/app.jar"]
+FROM eclipse-temurin:17-jre
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends curl \
+    && rm -rf /var/lib/apt/lists/* \
+    && groupadd -r app && useradd -r -g app -d /home/app -m app
+WORKDIR /home/app
+COPY --from=build /app/target/java-sample-app-0.0.1-SNAPSHOT.jar /home/app/app.jar
+RUN chown -R app:app /home/app
+USER app
+ENV JAVA_OPTS="-XX:MaxRAMPercentage=75 -XX:+UseG1GC"
+EXPOSE 8080
+HEALTHCHECK --interval=30s --timeout=3s --start-period=20s --retries=3 \
+    CMD curl -fsS http://127.0.0.1:8080/actuator/health || exit 1
+ENTRYPOINT ["sh", "-c", "exec java $JAVA_OPTS -jar /home/app/app.jar"]

LICENSE.md

@@ -0,0 +1,21 @@
+# The MIT License
+
+Copyright (c) 2003-present SignNow
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

pom.xml

@@ -34,6 +34,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
@@ -42,7 +46,7 @@
         <dependency>
             <groupId>com.signnow</groupId>
             <artifactId>signnow-java-sdk</artifactId>
-            <version>3.5.0</version>
+            <version>3.5.1</version>
         </dependency>
     </dependencies>
 

src/main/java/com/signnow/javasampleapp/config/AppConfig.java

@@ -0,0 +1,57 @@
+package com.signnow.javasampleapp.config;
+
+import jakarta.annotation.PostConstruct;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+/**
+ * Runtime config holder for sample controllers that are instantiated via reflection
+ * and cannot receive Spring-injected dependencies. Spring populates the static fields
+ * at startup through {@link Holder}; controllers read them via the static accessors.
+ */
+public final class AppConfig {
+
+    private AppConfig() {}
+
+    private static volatile String baseUrl = "http://localhost:8080";
+    private static volatile String demoUserEmail = "example@example.com";
+    private static volatile String demoUserPassword = "example";
+
+    public static String baseUrl() {
+        return baseUrl;
+    }
+
+    public static String sampleUrl(String exampleName) {
+        return baseUrl + "/samples/" + exampleName;
+    }
+
+    public static String demoUserEmail() {
+        return demoUserEmail;
+    }
+
+    public static String demoUserPassword() {
+        return demoUserPassword;
+    }
+
+    @Component
+    static class Holder {
+
+        Holder(@Value("${app.base-url:http://localhost:8080}") String baseUrl,
+               @Value("${signnow.api.demo_user_email:example@example.com}") String demoUserEmail,
+               @Value("${signnow.api.demo_user_password:example}") String demoUserPassword) {
+            AppConfig.baseUrl = trimTrailingSlash(baseUrl);
+            AppConfig.demoUserEmail = demoUserEmail;
+            AppConfig.demoUserPassword = demoUserPassword;
+        }
+
+        @PostConstruct
+        void ready() {
+            // Touch volatile fields to publish writes; initialization happens in the constructor.
+        }
+
+        private static String trimTrailingSlash(String url) {
+            if (url == null || url.isEmpty()) return url;
+            return url.endsWith("/") ? url.substring(0, url.length() - 1) : url;
+        }
+    }
+}

src/main/java/com/signnow/javasampleapp/config/SecurityHeadersFilter.java

@@ -0,0 +1,31 @@
+package com.signnow.javasampleapp.config;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+@Component
+@Order(Ordered.HIGHEST_PRECEDENCE)
+public class SecurityHeadersFilter extends OncePerRequestFilter {
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request,
+                                    HttpServletResponse response,
+                                    FilterChain filterChain) throws ServletException, IOException {
+        response.setHeader("X-Content-Type-Options", "nosniff");
+        response.setHeader("X-Frame-Options", "SAMEORIGIN");
+        response.setHeader("Referrer-Policy", "strict-origin-when-cross-origin");
+        response.setHeader("Permissions-Policy", "geolocation=(), microphone=(), camera=()");
+        if (request.isSecure()) {
+            response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
+        }
+        filterChain.doFilter(request, response);
+    }
+}

src/main/java/com/signnow/javasampleapp/controllers/GlobalExceptionHandler.java

@@ -0,0 +1,55 @@
+package com.signnow.javasampleapp.controllers;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.signnow.core.exception.SignNowApiException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.http.converter.HttpMessageNotReadableException;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+@ControllerAdvice
+public class GlobalExceptionHandler {
+
+    private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
+
+    @ExceptionHandler(HttpMessageNotReadableException.class)
+    public ResponseEntity<Map<String, Object>> handleMalformedBody(HttpMessageNotReadableException e) {
+        log.warn("Malformed request body: {}", e.getMostSpecificCause().getMessage());
+        return problem(HttpStatus.BAD_REQUEST, "Malformed request body");
+    }
+
+    @ExceptionHandler({JsonProcessingException.class, IllegalArgumentException.class, ClassCastException.class})
+    public ResponseEntity<Map<String, Object>> handleBadInput(Exception e) {
+        log.warn("Rejected request due to invalid input: {}", e.getMessage());
+        return problem(HttpStatus.BAD_REQUEST, "Invalid request payload");
+    }
+
+    @ExceptionHandler(SignNowApiException.class)
+    public ResponseEntity<Map<String, Object>> handleSignNowApi(SignNowApiException e) {
+        log.error("SignNow API call failed", e);
+        return problem(HttpStatus.BAD_GATEWAY, "Upstream SignNow API error");
+    }
+
+    @ExceptionHandler(Exception.class)
+    public ResponseEntity<Map<String, Object>> handleUnexpected(Exception e) {
+        log.error("Unhandled exception", e);
+        return problem(HttpStatus.INTERNAL_SERVER_ERROR, "Internal server error");
+    }
+
+    private ResponseEntity<Map<String, Object>> problem(HttpStatus status, String message) {
+        Map<String, Object> body = new LinkedHashMap<>();
+        body.put("success", false);
+        body.put("status", status.value());
+        body.put("message", message);
+        return ResponseEntity.status(status)
+                .contentType(MediaType.APPLICATION_JSON)
+                .body(body);
+    }
+}