diff --git a/wizard-server/pom.xml b/wizard-server/pom.xml
index e18918e..9e37dae 100644
--- a/wizard-server/pom.xml
+++ b/wizard-server/pom.xml
@@ -281,12 +281,12 @@ This code is available under the Apache License, version 2: http://www.apache.or
io.swagger.core.v3
swagger-jaxrs2
- 2.1.2
+ 2.1.5
io.swagger.core.v3
swagger-integration
- 2.1.2
+ 2.1.5
diff --git a/wizard-server/src/main/java/org/cobbzilla/wizard/filters/auth/AuthFilter.java b/wizard-server/src/main/java/org/cobbzilla/wizard/filters/auth/AuthFilter.java
index 78abac7..61b124c 100644
--- a/wizard-server/src/main/java/org/cobbzilla/wizard/filters/auth/AuthFilter.java
+++ b/wizard-server/src/main/java/org/cobbzilla/wizard/filters/auth/AuthFilter.java
@@ -9,7 +9,7 @@ import static org.cobbzilla.wizard.resources.ResourceUtil.unauthorized;
public abstract class AuthFilter implements ContainerRequestFilter {
- protected abstract String getAuthTokenHeader();
+ public abstract String getAuthTokenHeader();
protected String getSubUserHeader() { return null; }
protected abstract Set getSkipAuthPaths();
protected abstract Set getSkipAuthPrefixes();
diff --git a/wizard-server/src/main/java/org/cobbzilla/wizard/server/RestServerBase.java b/wizard-server/src/main/java/org/cobbzilla/wizard/server/RestServerBase.java
index 6e8852c..a4e559e 100644
--- a/wizard-server/src/main/java/org/cobbzilla/wizard/server/RestServerBase.java
+++ b/wizard-server/src/main/java/org/cobbzilla/wizard/server/RestServerBase.java
@@ -182,6 +182,10 @@ public abstract class RestServerBase implemen
applicationContext = buildSpringApplicationContext();
configuration.setApplicationContext(applicationContext);
+ if (configuration.hasOpenApi()) {
+ configuration.getOpenApi().register(configuration, rc);
+ }
+
// set the IoC factory
rc.property("contextConfig", applicationContext);
@@ -299,11 +303,6 @@ public abstract class RestServerBase implemen
rc.register(new StreamingOutputProvider());
rc.register(MultiPartFeature.class);
// rc.register(new StringProvider());
-
- if (configuration.hasOpenApi()) {
- configuration.getOpenApi().register(configuration, rc);
- }
-
return rc;
}
diff --git a/wizard-server/src/main/java/org/cobbzilla/wizard/server/config/OpenApiConfiguration.java b/wizard-server/src/main/java/org/cobbzilla/wizard/server/config/OpenApiConfiguration.java
index c12daa9..a5853ab 100644
--- a/wizard-server/src/main/java/org/cobbzilla/wizard/server/config/OpenApiConfiguration.java
+++ b/wizard-server/src/main/java/org/cobbzilla/wizard/server/config/OpenApiConfiguration.java
@@ -3,16 +3,20 @@ package org.cobbzilla.wizard.server.config;
import com.github.jknack.handlebars.Handlebars;
import io.swagger.v3.jaxrs2.integration.resources.OpenApiResource;
import io.swagger.v3.oas.integration.SwaggerConfiguration;
+import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Contact;
import io.swagger.v3.oas.models.info.Info;
import io.swagger.v3.oas.models.info.License;
+import io.swagger.v3.oas.models.security.SecurityScheme;
import io.swagger.v3.oas.models.servers.Server;
import lombok.Getter;
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections4.map.SingletonMap;
import org.cobbzilla.util.handlebars.HandlebarsUtil;
import org.cobbzilla.util.handlebars.HasHandlebars;
+import org.cobbzilla.wizard.filters.auth.AuthFilter;
import org.glassfish.jersey.server.ResourceConfig;
import java.util.*;
@@ -26,6 +30,7 @@ public class OpenApiConfiguration {
// set contactEmail to this value to disable OpenAPI
public static final String OPENAPI_DISABLED = "openapi_disabled";
+ public static final String SEC_API_KEY = "apiKey";
@Getter @Setter private String title;
@Getter @Setter private String description;
@@ -58,7 +63,6 @@ public class OpenApiConfiguration {
handlebars = null;
}
- final OpenAPI oas = new OpenAPI();
final Info info = new Info()
.title(subst(title(configuration), handlebars, ctx, configuration))
.description(subst((empty(description) ? title(configuration) : description), handlebars, ctx, configuration))
@@ -70,10 +74,21 @@ public class OpenApiConfiguration {
.url(subst(licenseUrl, handlebars, ctx, configuration)))
.version((configuration.hasVersion() ? configuration.getVersion() : "(configuration.version was missing or empty)"));
- oas.info(info);
final List servers = new ArrayList<>();
- servers.add(new Server().url(configuration.getHttp().getBaseUri()));
- oas.servers(servers);
+ servers.add(new Server()
+ .url(configuration.getHttp().getBaseUri()));
+
+ final AuthFilter authFilter = configuration.getBean(AuthFilter.class);
+ final SecurityScheme securityScheme = new SecurityScheme()
+ .type(SecurityScheme.Type.APIKEY)
+ .name(authFilter.getAuthTokenHeader())
+ .in(SecurityScheme.In.HEADER);
+
+ final OpenAPI oas = new OpenAPI()
+ .components(new Components().securitySchemes(new SingletonMap<>(SEC_API_KEY, securityScheme)))
+ .info(info)
+ .servers(servers);
+
final SwaggerConfiguration oasConfig = new SwaggerConfiguration()
.openAPI(oas)
.prettyPrint(true)