From 2aab787e763f58a84ce7feef576d375476020ad6 Mon Sep 17 00:00:00 2001 From: Jonathan Cobb Date: Mon, 30 Nov 2020 15:12:55 -0500 Subject: [PATCH] bump swagger version, document apikey auth --- wizard-server/pom.xml | 4 ++-- .../wizard/filters/auth/AuthFilter.java | 2 +- .../wizard/server/RestServerBase.java | 9 ++++---- .../server/config/OpenApiConfiguration.java | 23 +++++++++++++++---- 4 files changed, 26 insertions(+), 12 deletions(-) diff --git a/wizard-server/pom.xml b/wizard-server/pom.xml index e18918e..9e37dae 100644 --- a/wizard-server/pom.xml +++ b/wizard-server/pom.xml @@ -281,12 +281,12 @@ This code is available under the Apache License, version 2: http://www.apache.or io.swagger.core.v3 swagger-jaxrs2 - 2.1.2 + 2.1.5 io.swagger.core.v3 swagger-integration - 2.1.2 + 2.1.5 diff --git a/wizard-server/src/main/java/org/cobbzilla/wizard/filters/auth/AuthFilter.java b/wizard-server/src/main/java/org/cobbzilla/wizard/filters/auth/AuthFilter.java index 78abac7..61b124c 100644 --- a/wizard-server/src/main/java/org/cobbzilla/wizard/filters/auth/AuthFilter.java +++ b/wizard-server/src/main/java/org/cobbzilla/wizard/filters/auth/AuthFilter.java @@ -9,7 +9,7 @@ import static org.cobbzilla.wizard.resources.ResourceUtil.unauthorized; public abstract class AuthFilter implements ContainerRequestFilter { - protected abstract String getAuthTokenHeader(); + public abstract String getAuthTokenHeader(); protected String getSubUserHeader() { return null; } protected abstract Set getSkipAuthPaths(); protected abstract Set getSkipAuthPrefixes(); diff --git a/wizard-server/src/main/java/org/cobbzilla/wizard/server/RestServerBase.java b/wizard-server/src/main/java/org/cobbzilla/wizard/server/RestServerBase.java index 6e8852c..a4e559e 100644 --- a/wizard-server/src/main/java/org/cobbzilla/wizard/server/RestServerBase.java +++ b/wizard-server/src/main/java/org/cobbzilla/wizard/server/RestServerBase.java @@ -182,6 +182,10 @@ public abstract class RestServerBase implemen applicationContext = buildSpringApplicationContext(); configuration.setApplicationContext(applicationContext); + if (configuration.hasOpenApi()) { + configuration.getOpenApi().register(configuration, rc); + } + // set the IoC factory rc.property("contextConfig", applicationContext); @@ -299,11 +303,6 @@ public abstract class RestServerBase implemen rc.register(new StreamingOutputProvider()); rc.register(MultiPartFeature.class); // rc.register(new StringProvider()); - - if (configuration.hasOpenApi()) { - configuration.getOpenApi().register(configuration, rc); - } - return rc; } diff --git a/wizard-server/src/main/java/org/cobbzilla/wizard/server/config/OpenApiConfiguration.java b/wizard-server/src/main/java/org/cobbzilla/wizard/server/config/OpenApiConfiguration.java index c12daa9..a5853ab 100644 --- a/wizard-server/src/main/java/org/cobbzilla/wizard/server/config/OpenApiConfiguration.java +++ b/wizard-server/src/main/java/org/cobbzilla/wizard/server/config/OpenApiConfiguration.java @@ -3,16 +3,20 @@ package org.cobbzilla.wizard.server.config; import com.github.jknack.handlebars.Handlebars; import io.swagger.v3.jaxrs2.integration.resources.OpenApiResource; import io.swagger.v3.oas.integration.SwaggerConfiguration; +import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.OpenAPI; import io.swagger.v3.oas.models.info.Contact; import io.swagger.v3.oas.models.info.Info; import io.swagger.v3.oas.models.info.License; +import io.swagger.v3.oas.models.security.SecurityScheme; import io.swagger.v3.oas.models.servers.Server; import lombok.Getter; import lombok.Setter; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.collections4.map.SingletonMap; import org.cobbzilla.util.handlebars.HandlebarsUtil; import org.cobbzilla.util.handlebars.HasHandlebars; +import org.cobbzilla.wizard.filters.auth.AuthFilter; import org.glassfish.jersey.server.ResourceConfig; import java.util.*; @@ -26,6 +30,7 @@ public class OpenApiConfiguration { // set contactEmail to this value to disable OpenAPI public static final String OPENAPI_DISABLED = "openapi_disabled"; + public static final String SEC_API_KEY = "apiKey"; @Getter @Setter private String title; @Getter @Setter private String description; @@ -58,7 +63,6 @@ public class OpenApiConfiguration { handlebars = null; } - final OpenAPI oas = new OpenAPI(); final Info info = new Info() .title(subst(title(configuration), handlebars, ctx, configuration)) .description(subst((empty(description) ? title(configuration) : description), handlebars, ctx, configuration)) @@ -70,10 +74,21 @@ public class OpenApiConfiguration { .url(subst(licenseUrl, handlebars, ctx, configuration))) .version((configuration.hasVersion() ? configuration.getVersion() : "(configuration.version was missing or empty)")); - oas.info(info); final List servers = new ArrayList<>(); - servers.add(new Server().url(configuration.getHttp().getBaseUri())); - oas.servers(servers); + servers.add(new Server() + .url(configuration.getHttp().getBaseUri())); + + final AuthFilter authFilter = configuration.getBean(AuthFilter.class); + final SecurityScheme securityScheme = new SecurityScheme() + .type(SecurityScheme.Type.APIKEY) + .name(authFilter.getAuthTokenHeader()) + .in(SecurityScheme.In.HEADER); + + final OpenAPI oas = new OpenAPI() + .components(new Components().securitySchemes(new SingletonMap<>(SEC_API_KEY, securityScheme))) + .info(info) + .servers(servers); + final SwaggerConfiguration oasConfig = new SwaggerConfiguration() .openAPI(oas) .prettyPrint(true)