Fix login dependency issue with spring boot thymeleaf playground example

[KomanRudden]

Playground example app login fix

Checklist

• I have read the “Pull requests” section in the contributing guidelines.
• I agree to the terms within the code of conduct.

🛟 If you need help, consider asking for advice over in the Kinde community.

Summary by CodeRabbit

• New Features

  • Added an /edit page guarded for users with the "edit" role.

• Chores

  • Removed a bundled authentication library from the Spring Boot + Thymeleaf example; example no longer includes that auth starter.
  • No new dependencies added; other dependencies unchanged.

• Refactor

  • Cleaned up unused imports to streamline code.

[coderabbitai]

Walkthrough

Removed the com.kinde.spring:kinde-springboot-starter dependency from the playground POM, removed unused imports in KindeConfig, and added a new GET /edit endpoint secured with hasRole('edit') returning the "edit" view.

Changes

Cohort / File(s)	Summary
Playground Spring Boot Thymeleaf example POM playground/kinde-springboot-thymeleaf-full-example/pom.xml	Removed dependency com.kinde.spring:kinde-springboot-starter:2.1.0. Other dependencies unchanged.
Kinde core config cleanup kinde-core/src/main/java/com/kinde/config/KindeConfig.java	Removed unused imports (com.kinde.KindeClientBuilder, java.util.ArrayList, java.util.Arrays); public API and method signatures unchanged.
Playground controller: new endpoint playground/kinde-springboot-thymeleaf-full-example/src/main/java/com/kinde/oauth/controller/KindeController.java	Added @GetMapping("/edit") endpoint method editEndpoint() annotated @PreAuthorize("hasRole('edit')") returning view "edit" with Javadoc.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Browser as Browser
  participant App as SpringApp
  participant Auth as Security

  Note over Browser,App #bde0f7: New flow for GET /edit
  Browser->>App: GET /edit
  App->>Auth: Check @PreAuthorize hasRole('edit')
  alt Authorized
    Auth-->>App: allowed
    App-->>Browser: 200 OK (view: "edit")
  else Forbidden
    Auth-->>App: denied
    App-->>Browser: 403 Forbidden
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• DaveOrDead
• rairaman

Poem

I hopped through the POM and nudged a line away,
Cleared some imports in the light of day.
A new door named "edit" invites a small crew—
With role-checks in place, the burrow's anew. 🥕

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

playground/kinde-springboot-thymeleaf-full-example/src/main/java/com/kinde/oauth/controller/KindeController.java (1)

85-89: Fix copy-paste in Javadoc: mentions 'read' instead of 'edit'.
Update role and view name in the comment to avoid confusion.

-    /**
-     * Handles requests to the read endpoint, restricted to users with the 'read' role.
-     *
-     * @return the name of the "read" view.
-     */
+    /**
+     * Handles requests to the edit endpoint, restricted to users with the 'edit' role.
+     *
+     * @return the name of the "edit" view.
+     */

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 8cec29d and 90bc97e.

⛔ Files ignored due to path filters (2)

• playground/kinde-springboot-thymeleaf-full-example/.env is excluded by none and included by none
• playground/kinde-springboot-thymeleaf-full-example/src/main/resources/templates/edit.html is excluded by none and included by none

📒 Files selected for processing (2)

• kinde-core/src/main/java/com/kinde/config/KindeConfig.java (0 hunks)
• playground/kinde-springboot-thymeleaf-full-example/src/main/java/com/kinde/oauth/controller/KindeController.java (1 hunks)

💤 Files with no reviewable changes (1)

• kinde-core/src/main/java/com/kinde/config/KindeConfig.java

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: Please focus on:

1. Code quality and best practices
2. Security considerations
3. Performance implications
4. Test coverage and quality
5. API design and consistency
6. Error handling and edge cases

For Java code specifically:

• Check for proper exception handling
• Verify async method implementations
• Review builder pattern usage
• Validate test coverage
• Check for memory leaks in async operations

Ignore:

• Generated code files
• Build artifacts
• Configuration files
• Documentation formatting

Files:

• playground/kinde-springboot-thymeleaf-full-example/src/main/java/com/kinde/oauth/controller/KindeController.java

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build

🔇 Additional comments (2)

playground/kinde-springboot-thymeleaf-full-example/src/main/java/com/kinde/oauth/controller/KindeController.java (2)

90-94: LGTM: New /edit endpoint matches existing pattern and view-return style.
Consistent with /admin and /read.

---

90-92: Method security and role prefix mapping are correctly configured
SecurityConfig includes @EnableMethodSecurity and CustomOidcUserService maps permissions to SimpleGrantedAuthority("ROLE_"+permission), so hasRole('edit') will match ROLE_edit.