Add OAuth2 security configuration to Swagger UI and clean up unused redirects
All checks were successful
sample gradle build and test / build (pull_request) Successful in 1m49s
All checks were successful
sample gradle build and test / build (pull_request) Successful in 1m49s
- Configure OpenAPI with OAuth2 authorization code flow and required scopes - Add security scheme and requirements for API documentation - Remove unused swagger redirect methods from HomeController - Comment out swagger endpoint permissions in SecurityConfig
This commit is contained in:
parent
c8a25cf438
commit
d2d8e74ba9
@ -1,6 +1,8 @@
|
||||
package com.hithomelabs.CFTunnels.Config;
|
||||
|
||||
import io.swagger.v3.oas.models.Components;
|
||||
import io.swagger.v3.oas.models.OpenAPI;
|
||||
import io.swagger.v3.oas.models.security.*;
|
||||
import io.swagger.v3.oas.models.servers.Server;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
@ -16,13 +18,37 @@ public class OpenApiConfig {
|
||||
@Value("${api.baseUrl}")
|
||||
private String baseUrl;
|
||||
|
||||
@Value("${springdoc.swagger-ui.oauth.authorization-url}")
|
||||
private String authorizationUri;
|
||||
|
||||
@Value("${springdoc.swagger-ui.oauth.token-url}")
|
||||
private String tokenUri;
|
||||
|
||||
@Bean
|
||||
public OpenAPI openAPI(){
|
||||
public OpenAPI openAPI() {
|
||||
Server httpsServer = new Server().url(baseUrl);
|
||||
OpenAPI openApi = new OpenAPI();
|
||||
ArrayList<Server> servers = new ArrayList<>();
|
||||
servers.add(httpsServer);
|
||||
openApi.setServers(servers);
|
||||
openApi.addSecurityItem(new SecurityRequirement().addList("oidcAuth"))
|
||||
.components(new Components()
|
||||
.addSecuritySchemes("oidcAuth",
|
||||
new SecurityScheme()
|
||||
.type(SecurityScheme.Type.OAUTH2)
|
||||
.flows(new OAuthFlows()
|
||||
.authorizationCode(new OAuthFlow()
|
||||
.authorizationUrl(authorizationUri)
|
||||
.tokenUrl(tokenUri)
|
||||
.scopes(new Scopes()
|
||||
.addString("openid", "OpenID scope")
|
||||
.addString("profile", "OpenID profile")
|
||||
.addString("email", "OpenID email"))
|
||||
)
|
||||
)
|
||||
)
|
||||
)
|
||||
.addSecurityItem(new SecurityRequirement().addList("oidcAuth"));
|
||||
return openApi;
|
||||
}
|
||||
}
|
||||
|
||||
@ -28,6 +28,7 @@ public class SecuirtyConfig {
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeHttpRequests(auth -> auth
|
||||
//.requestMatchers( "/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html" ).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
).csrf(csrf -> csrf.disable())
|
||||
.with(new OAuth2LoginConfigurer<>(),
|
||||
|
||||
@ -11,22 +11,6 @@ public class HomeController implements ErrorController {
|
||||
|
||||
private static final String ERROR_PATH = "/error";
|
||||
|
||||
/**
|
||||
* Redirects the root (including any query params like ?continue=…)
|
||||
* straight into Swagger UI.
|
||||
*/
|
||||
@GetMapping("/")
|
||||
public String rootRedirect() {
|
||||
return "redirect:/swagger-ui/index.html";
|
||||
}
|
||||
|
||||
/**
|
||||
* Catches any errors (404s, unhandled paths) and punts them
|
||||
* into the same Swagger UI page.
|
||||
*/
|
||||
@RequestMapping(ERROR_PATH)
|
||||
public String onError() {
|
||||
return "redirect:/swagger-ui/index.html";
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user