diff --git a/build.gradle b/build.gradle index 6a7e039..1d234e6 100644 --- a/build.gradle +++ b/build.gradle @@ -39,6 +39,9 @@ dependencies { implementation("org.springframework.boot:spring-boot-starter-log4j2") implementation("org.springframework.boot:spring-boot-starter-oauth2-client") + implementation("org.springdoc:springdoc-openapi-ui:1.6.8") + implementation("org.springdoc:springdoc-openapi-security:1.6.8") + implementation('org.liquibase:liquibase-core') implementation('io.jsonwebtoken:jjwt-api:0.11.5') diff --git a/src/main/java/net/Broken/Api/Controllers/HelloController.java b/src/main/java/net/Broken/Api/Controllers/HelloController.java index 0f6c689..a7688bf 100644 --- a/src/main/java/net/Broken/Api/Controllers/HelloController.java +++ b/src/main/java/net/Broken/Api/Controllers/HelloController.java @@ -1,5 +1,7 @@ package net.Broken.Api.Controllers; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.security.SecurityRequirement; import net.Broken.DB.Entity.UserEntity; import org.springframework.security.core.Authentication; import org.springframework.web.bind.annotation.CrossOrigin; @@ -10,10 +12,12 @@ import org.springframework.web.bind.annotation.RestController; @RestController @RequestMapping("/api/v2/hello") @CrossOrigin(origins = "*", maxAge = 3600) + public class HelloController { @GetMapping("world") + @Operation(security = { @SecurityRequirement(name = "jwt") }) public String helloWorld(Authentication authentication){ UserEntity principal = (UserEntity) authentication.getPrincipal(); return "Hello " + principal.getUsername(); diff --git a/src/main/java/net/Broken/Api/OpenApi/OpenApiConfig.java b/src/main/java/net/Broken/Api/OpenApi/OpenApiConfig.java new file mode 100644 index 0000000..0b80ed1 --- /dev/null +++ b/src/main/java/net/Broken/Api/OpenApi/OpenApiConfig.java @@ -0,0 +1,18 @@ +package net.Broken.Api.OpenApi; + +import io.swagger.v3.oas.models.Components; +import io.swagger.v3.oas.models.OpenAPI; +import io.swagger.v3.oas.models.security.SecurityRequirement; +import io.swagger.v3.oas.models.security.SecurityScheme; +import org.springframework.context.annotation.Bean; + +public class OpenApiConfig { + + @Bean + public OpenAPI customOpenAPI() { + return new OpenAPI().components(new Components() + .addSecuritySchemes("jwt", + new SecurityScheme().type(SecurityScheme.Type.HTTP).scheme("bearer").bearerFormat("JWT").name("JWT"))) + .addSecurityItem(new SecurityRequirement().addList("jwt")); + } +} diff --git a/src/main/java/net/Broken/Api/Security/SecurityConfig.java b/src/main/java/net/Broken/Api/Security/SecurityConfig.java index b5515c9..b967a04 100644 --- a/src/main/java/net/Broken/Api/Security/SecurityConfig.java +++ b/src/main/java/net/Broken/Api/Security/SecurityConfig.java @@ -26,7 +26,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() .authorizeRequests() .antMatchers("/api/v2/auth/**").permitAll() - .anyRequest().authenticated(); + .antMatchers("/swagger-ui/**").permitAll() + .antMatchers("/v3/api-docs/**").permitAll() + .anyRequest().denyAll(); http.addFilterBefore(jwtFilter(), UsernamePasswordAuthenticationFilter.class); diff --git a/src/main/java/net/Broken/Api/Security/Services/DiscordOauthService.java b/src/main/java/net/Broken/Api/Security/Services/DiscordOauthService.java index 8ab6d1a..6d77e84 100644 --- a/src/main/java/net/Broken/Api/Security/Services/DiscordOauthService.java +++ b/src/main/java/net/Broken/Api/Security/Services/DiscordOauthService.java @@ -123,15 +123,15 @@ public class DiscordOauthService { public UserEntity updateUserInfo(DiscordOauthUserInfo discordOauthUserInfo, UserEntity userEntity){ boolean updated = false; - if(!userEntity.getUsername().equals(discordOauthUserInfo.username())){ + if(userEntity.getUsername() == null || !userEntity.getUsername().equals(discordOauthUserInfo.username())){ userEntity.setUsername(discordOauthUserInfo.username()); updated = true; } - if(!userEntity.getDiscriminator().equals(discordOauthUserInfo.discriminator())){ + if(userEntity.getDiscriminator() == null || !userEntity.getDiscriminator().equals(discordOauthUserInfo.discriminator())){ userEntity.setDiscriminator(discordOauthUserInfo.discriminator()); updated = true; } - if(!userEntity.getAvatar().equals(discordOauthUserInfo.avatar())){ + if(userEntity.getAvatar() == null || !userEntity.getAvatar().equals(discordOauthUserInfo.avatar())){ userEntity.setAvatar(discordOauthUserInfo.avatar()); updated = true; } diff --git a/src/main/java/net/Broken/Api/Security/Services/JwtService.java b/src/main/java/net/Broken/Api/Security/Services/JwtService.java index d12bac3..5da570e 100644 --- a/src/main/java/net/Broken/Api/Security/Services/JwtService.java +++ b/src/main/java/net/Broken/Api/Security/Services/JwtService.java @@ -40,6 +40,8 @@ public class JwtService { return Jwts.builder() .setSubject(user.getUsername()) .claim("discord_id", user.getDiscordId()) + .claim("avatar", user.getAvatar()) + .claim("discriminator", user.getDiscriminator()) .setId(uuid.toString()) .setIssuedAt(iat) .setNotBefore(nbf) diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 4a4c232..71dc6a1 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -23,4 +23,7 @@ discord: client-secret: ${CLIENT_SECRET} token-endpoint: https://discord.com/api/oauth2/token tokenRevokeEndpoint: https://discord.com/api/oauth2/token/revoke - userInfoEnpoint: https://discord.com/api/users/@me \ No newline at end of file + userInfoEnpoint: https://discord.com/api/users/@me + +springdoc: + paths-to-match: /api/v2/** \ No newline at end of file