Merge branch 'test' into feature/swagger-oauth-env-config

Add OAuth2 security configuration to Swagger UI and clean up unused redirects
- Configure OpenAPI with OAuth2 authorization code flow and required scopes - Add security scheme and requirements for API documentation - Remove unused swagger redirect methods from HomeController - Comment out swagger endpoint permissions in SecurityConfig
2026-01-22 21:36:32 +00:00 · 2026-01-23 02:16:45 +05:30 · 2026-01-23 02:11:32 +05:30 · 2026-01-14 18:19:39 +00:00 · 2026-01-14 17:37:15 +00:00
5 changed files with 37 additions and 18 deletions
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -14,6 +14,7 @@ services:
      - HOST_PORT=${HOST_PORT}
      - POSTGRES_USER=${POSTGRES_USERNAME}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+      - SWAGGER_OAUTH_CLIENT_ID=${SWAGGER_OAUTH_CLIENT_ID}
    env_file:
      - stack.env
    restart: unless-stopped
--- a/src/main/java/com/hithomelabs/CFTunnels/Config/OpenApiConfig.java
+++ b/src/main/java/com/hithomelabs/CFTunnels/Config/OpenApiConfig.java
@ -1,6 +1,8 @@
 package com.hithomelabs.CFTunnels.Config;

+import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.security.*;
 import io.swagger.v3.oas.models.servers.Server;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
@ -16,13 +18,37 @@ public class OpenApiConfig {
    @Value("${api.baseUrl}")
    private String baseUrl;

+    @Value("${springdoc.swagger-ui.oauth.authorization-url}")
+    private String authorizationUri;
+
+    @Value("${springdoc.swagger-ui.oauth.token-url}")
+    private String tokenUri;
+
    @Bean
-    public OpenAPI openAPI(){
+    public OpenAPI openAPI() {
        Server httpsServer = new Server().url(baseUrl);
        OpenAPI openApi = new OpenAPI();
        ArrayList<Server> servers = new ArrayList<>();
        servers.add(httpsServer);
        openApi.setServers(servers);
+        openApi.addSecurityItem(new SecurityRequirement().addList("oidcAuth"))
+                .components(new Components()
+                        .addSecuritySchemes("oidcAuth",
+                                new SecurityScheme()
+                                        .type(SecurityScheme.Type.OAUTH2)
+                                        .flows(new OAuthFlows()
+                                                .authorizationCode(new OAuthFlow()
+                                                        .authorizationUrl(authorizationUri)
+                                                        .tokenUrl(tokenUri)
+                                                        .scopes(new Scopes()
+                                                                .addString("openid", "OpenID scope")
+                                                                .addString("profile", "OpenID profile")
+                                                                .addString("email", "OpenID email"))
+                                                )
+                                        )
+                        )
+                )
+                .addSecurityItem(new SecurityRequirement().addList("oidcAuth"));
        return openApi;
    }
 }
--- a/src/main/java/com/hithomelabs/CFTunnels/Config/Security/SecuirtyConfig.java
+++ b/src/main/java/com/hithomelabs/CFTunnels/Config/Security/SecuirtyConfig.java
@ -28,6 +28,7 @@ public class SecuirtyConfig {
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
                .authorizeHttpRequests(auth -> auth
+                        //.requestMatchers( "/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html" ).permitAll()
                        .anyRequest().authenticated()
                ).csrf(csrf -> csrf.disable())
                .with(new OAuth2LoginConfigurer<>(),
--- a/src/main/java/com/hithomelabs/CFTunnels/Controllers/HomeController.java
+++ b/src/main/java/com/hithomelabs/CFTunnels/Controllers/HomeController.java
@ -11,22 +11,6 @@ public class HomeController implements ErrorController {

    private static final String ERROR_PATH = "/error";

-    /**
-     * Redirects the root (including any query params like ?continue=…)
-     * straight into Swagger UI.
-     */
-    @GetMapping("/")
-    public String rootRedirect() {
-        return "redirect:/swagger-ui/index.html";
-    }
    
-    /**
-     * Catches any errors (404s, unhandled paths) and punts them
-     * into the same Swagger UI page.
-     */
-    @RequestMapping(ERROR_PATH)
-    public String onError() {
-        return "redirect:/swagger-ui/index.html";
-    }

 }
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -18,6 +18,13 @@ spring.security.oauth2.client.provider.cftunnels.user-info-uri=https://auth.hith
 spring.security.oauth2.client.provider.cftunnels.jwk-set-uri=https://auth.hithomelabs.com/application/o/cftunnels/jwks/
 spring.security.oauth2.client.provider.cftunnels.issuer-uri=https://auth.hithomelabs.com/application/o/cftunnels/

+springdoc.swagger-ui.oauth.client-id=${SWAGGER_OAUTH_CLIENT_ID}
+springdoc.swagger-ui.oauth.client-secret= # leave empty for public client
+springdoc.swagger-ui.oauth.use-pkce=true
+springdoc.swagger-ui.oauth.scopes=openid,profile,email
+springdoc.swagger-ui.oauth.authorization-url=https://auth.hithomelabs.com/application/o/authorize/
+springdoc.swagger-ui.oauth.token-url=https://auth.hithomelabs.com/application/o/token/
+
 spring.datasource.url=jdbc:postgresql://192.168.0.100:5432/cftunnel
 spring.datasource.username=${POSTGRES_USERNAME}
 spring.datasource.password=${POSTGRES_PASSWORD}
Author	SHA1	Message	Date
hitanshu	acaef2e704	Merge branch 'test' into feature/swagger-oauth-env-config All checks were successful sample gradle build and test / build (pull_request) Successful in 2m12s Details sample gradle build and test / tag (push) Successful in 7s Details sample gradle build and test / build_tag_push (push) Successful in 4m24s Details sample gradle build and test / Sync All Forks (push) Successful in 11s Details Daily cloudflare API integration test / cloudflare-api-test (push) Successful in 2m2s Details Promote image with tag test to prod / tag (push) Successful in 9s Details Promote image with tag test to prod / build_tag_push (push) Successful in 25s Details	2026-01-22 21:36:32 +00:00
hitanshu310	d2d8e74ba9	Add OAuth2 security configuration to Swagger UI and clean up unused redirects All checks were successful sample gradle build and test / build (pull_request) Successful in 1m49s Details - Configure OpenAPI with OAuth2 authorization code flow and required scopes - Add security scheme and requirements for API documentation - Remove unused swagger redirect methods from HomeController - Comment out swagger endpoint permissions in SecurityConfig	2026-01-23 02:16:45 +05:30
hitanshu310	c8a25cf438	Configure springdoc swagger oauth client-id from environment variable - Update application.properties to use SWAGGER_OAUTH_CLIENT_ID env var - Add SWAGGER_OAUTH_CLIENT_ID to docker-compose.yaml environment - Add SWAGGER_OAUTH_CLIENT_ID to IntelliJ run configuration	2026-01-23 02:11:32 +05:30
hitanshu310	cfe40735e6	Hithomelabs/HomeLabDocker#33 making ci and integration tests initialize Embedded H2 database, fixing integration test All checks were successful Promote image with tag test to prod / tag (push) Successful in 6s Details Promote image with tag test to prod / build_tag_push (push) Successful in 12s Details Daily cloudflare API integration test / cloudflare-api-test (push) Successful in 1m49s Details	2026-01-14 18:19:39 +00:00
Kruti Shah	742bcef858	ISSUE-33 (#96 ) (#98 ) Some checks failed Promote image with tag test to prod / tag (push) Successful in 6s Details Promote image with tag test to prod / build_tag_push (push) Successful in 13s Details Daily cloudflare API integration test / cloudflare-api-test (push) Failing after 1m25s Details ## Description - db integration Co-authored-by: hitanshu310 <hitanshu98@gmail.com> Co-authored-by: = <=> Co-authored-by: Kruti Shah <kruti@logiqids.com> Reviewed-on: #96 Co-authored-by: Kruti Shah <krutis0201@gmail.com> Co-committed-by: Kruti Shah <krutis0201@gmail.com> Reviewed-on: #98 Reviewed-by: hitanshu <hitanshu98@gmail.com> Co-authored-by: Kruti Shah <krutis0201@gmail.com> Co-committed-by: Kruti Shah <krutis0201@gmail.com>	2026-01-14 17:37:15 +00:00