From 2f96885714ab50eb72ea9d253054843821dafc02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Cl=C3=A9ment?= Date: Wed, 25 May 2022 14:53:42 +0000 Subject: [PATCH] :hammer: Fix openApi --- .../Api/Controllers/AuthController.java | 3 ++ .../Controllers/CrossOptionController.java | 3 ++ .../Api/Controllers/HelloController.java | 3 +- .../net/Broken/Api/OpenApi/OpenApiConfig.java | 33 ++++++++++++++----- .../Broken/Api/Security/SecurityConfig.java | 1 + .../Api/Security/Services/JwtService.java | 3 -- 6 files changed, 32 insertions(+), 14 deletions(-) diff --git a/src/main/java/net/Broken/Api/Controllers/AuthController.java b/src/main/java/net/Broken/Api/Controllers/AuthController.java index 75d6c43..30d790e 100644 --- a/src/main/java/net/Broken/Api/Controllers/AuthController.java +++ b/src/main/java/net/Broken/Api/Controllers/AuthController.java @@ -11,6 +11,8 @@ import org.springframework.security.core.Authentication; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; +import io.swagger.v3.oas.annotations.security.SecurityRequirements; + @RestController @RequestMapping("/api/v2/auth") @CrossOrigin(origins = "*", maxAge = 3600) @@ -25,6 +27,7 @@ public class AuthController { } @PostMapping("/discord") + @SecurityRequirements(value = {}) public JwtResponse loginDiscord(@Validated @RequestBody Login login) { Authentication authentication = authenticationManager.authenticate( new UsernamePasswordAuthenticationToken(login.redirectUri(), login.code()) diff --git a/src/main/java/net/Broken/Api/Controllers/CrossOptionController.java b/src/main/java/net/Broken/Api/Controllers/CrossOptionController.java index 7dfdd4c..03c3470 100644 --- a/src/main/java/net/Broken/Api/Controllers/CrossOptionController.java +++ b/src/main/java/net/Broken/Api/Controllers/CrossOptionController.java @@ -7,10 +7,13 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; +import io.swagger.v3.oas.annotations.Hidden; + @RestController @RequestMapping("/api/v2") @CrossOrigin(origins = "*", maxAge = 3600) +@Hidden public class CrossOptionController { /** diff --git a/src/main/java/net/Broken/Api/Controllers/HelloController.java b/src/main/java/net/Broken/Api/Controllers/HelloController.java index a7688bf..221e11c 100644 --- a/src/main/java/net/Broken/Api/Controllers/HelloController.java +++ b/src/main/java/net/Broken/Api/Controllers/HelloController.java @@ -2,6 +2,7 @@ package net.Broken.Api.Controllers; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.security.SecurityRequirement; +import io.swagger.v3.oas.annotations.security.SecurityRequirements; import net.Broken.DB.Entity.UserEntity; import org.springframework.security.core.Authentication; import org.springframework.web.bind.annotation.CrossOrigin; @@ -12,12 +13,10 @@ import org.springframework.web.bind.annotation.RestController; @RestController @RequestMapping("/api/v2/hello") @CrossOrigin(origins = "*", maxAge = 3600) - public class HelloController { @GetMapping("world") - @Operation(security = { @SecurityRequirement(name = "jwt") }) public String helloWorld(Authentication authentication){ UserEntity principal = (UserEntity) authentication.getPrincipal(); return "Hello " + principal.getUsername(); diff --git a/src/main/java/net/Broken/Api/OpenApi/OpenApiConfig.java b/src/main/java/net/Broken/Api/OpenApi/OpenApiConfig.java index 0b80ed1..0117dca 100644 --- a/src/main/java/net/Broken/Api/OpenApi/OpenApiConfig.java +++ b/src/main/java/net/Broken/Api/OpenApi/OpenApiConfig.java @@ -1,18 +1,33 @@ package net.Broken.Api.OpenApi; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.OpenAPI; import io.swagger.v3.oas.models.security.SecurityRequirement; import io.swagger.v3.oas.models.security.SecurityScheme; -import org.springframework.context.annotation.Bean; +@Configuration public class OpenApiConfig { - @Bean - public OpenAPI customOpenAPI() { - return new OpenAPI().components(new Components() - .addSecuritySchemes("jwt", - new SecurityScheme().type(SecurityScheme.Type.HTTP).scheme("bearer").bearerFormat("JWT").name("JWT"))) - .addSecurityItem(new SecurityRequirement().addList("jwt")); - } -} + + + @Bean + public OpenAPI customOpenAPI() { + final String securitySchemeName = "JWT"; + // final String apiTitle = String.format("%s API", StringUtils.capitalize(moduleName)); + return new OpenAPI() + .addSecurityItem(new SecurityRequirement().addList(securitySchemeName)) + .components( + new Components() + .addSecuritySchemes(securitySchemeName, + new SecurityScheme() + .name(securitySchemeName) + .type(SecurityScheme.Type.HTTP) + .scheme("bearer") + .bearerFormat("JWT") + ) + ); + } +} \ No newline at end of file diff --git a/src/main/java/net/Broken/Api/Security/SecurityConfig.java b/src/main/java/net/Broken/Api/Security/SecurityConfig.java index b967a04..58a1d86 100644 --- a/src/main/java/net/Broken/Api/Security/SecurityConfig.java +++ b/src/main/java/net/Broken/Api/Security/SecurityConfig.java @@ -27,6 +27,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .authorizeRequests() .antMatchers("/api/v2/auth/**").permitAll() .antMatchers("/swagger-ui/**").permitAll() + .antMatchers("/swagger-ui.html").permitAll() .antMatchers("/v3/api-docs/**").permitAll() .anyRequest().denyAll(); diff --git a/src/main/java/net/Broken/Api/Security/Services/JwtService.java b/src/main/java/net/Broken/Api/Security/Services/JwtService.java index 5da570e..0672f6a 100644 --- a/src/main/java/net/Broken/Api/Security/Services/JwtService.java +++ b/src/main/java/net/Broken/Api/Security/Services/JwtService.java @@ -5,7 +5,6 @@ import io.jsonwebtoken.*; import io.jsonwebtoken.security.Keys; import net.Broken.DB.Entity.UserEntity; import net.Broken.DB.Repository.UserRepository; -import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; import java.security.Key; @@ -16,8 +15,6 @@ import java.util.UUID; @Service public class JwtService { - @Value("${security.jwt.secret}") - private String jwtSecret; private final Key jwtKey;