diff --git a/src/main/java/com/hithomelabs/CFTunnels/Config/OpenApiConfig.java b/src/main/java/com/hithomelabs/CFTunnels/Config/OpenApiConfig.java index 1f2af4a..72639fe 100644 --- a/src/main/java/com/hithomelabs/CFTunnels/Config/OpenApiConfig.java +++ b/src/main/java/com/hithomelabs/CFTunnels/Config/OpenApiConfig.java @@ -1,6 +1,8 @@ package com.hithomelabs.CFTunnels.Config; +import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.OpenAPI; +import io.swagger.v3.oas.models.security.*; import io.swagger.v3.oas.models.servers.Server; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; @@ -16,13 +18,37 @@ public class OpenApiConfig { @Value("${api.baseUrl}") private String baseUrl; + @Value("${springdoc.swagger-ui.oauth.authorization-url}") + private String authorizationUri; + + @Value("${springdoc.swagger-ui.oauth.token-url}") + private String tokenUri; + @Bean - public OpenAPI openAPI(){ + public OpenAPI openAPI() { Server httpsServer = new Server().url(baseUrl); OpenAPI openApi = new OpenAPI(); ArrayList servers = new ArrayList<>(); servers.add(httpsServer); openApi.setServers(servers); + openApi.addSecurityItem(new SecurityRequirement().addList("oidcAuth")) + .components(new Components() + .addSecuritySchemes("oidcAuth", + new SecurityScheme() + .type(SecurityScheme.Type.OAUTH2) + .flows(new OAuthFlows() + .authorizationCode(new OAuthFlow() + .authorizationUrl(authorizationUri) + .tokenUrl(tokenUri) + .scopes(new Scopes() + .addString("openid", "OpenID scope") + .addString("profile", "OpenID profile") + .addString("email", "OpenID email")) + ) + ) + ) + ) + .addSecurityItem(new SecurityRequirement().addList("oidcAuth")); return openApi; } } diff --git a/src/main/java/com/hithomelabs/CFTunnels/Config/Security/SecuirtyConfig.java b/src/main/java/com/hithomelabs/CFTunnels/Config/Security/SecuirtyConfig.java index 81def11..5cd6646 100644 --- a/src/main/java/com/hithomelabs/CFTunnels/Config/Security/SecuirtyConfig.java +++ b/src/main/java/com/hithomelabs/CFTunnels/Config/Security/SecuirtyConfig.java @@ -28,6 +28,7 @@ public class SecuirtyConfig { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http .authorizeHttpRequests(auth -> auth + //.requestMatchers( "/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html" ).permitAll() .anyRequest().authenticated() ).csrf(csrf -> csrf.disable()) .with(new OAuth2LoginConfigurer<>(), diff --git a/src/main/java/com/hithomelabs/CFTunnels/Controllers/HomeController.java b/src/main/java/com/hithomelabs/CFTunnels/Controllers/HomeController.java index 43ea57a..87bffcf 100644 --- a/src/main/java/com/hithomelabs/CFTunnels/Controllers/HomeController.java +++ b/src/main/java/com/hithomelabs/CFTunnels/Controllers/HomeController.java @@ -11,22 +11,6 @@ public class HomeController implements ErrorController { private static final String ERROR_PATH = "/error"; - /** - * Redirects the root (including any query params like ?continue=…) - * straight into Swagger UI. - */ - @GetMapping("/") - public String rootRedirect() { - return "redirect:/swagger-ui/index.html"; - } - - /** - * Catches any errors (404s, unhandled paths) and punts them - * into the same Swagger UI page. - */ - @RequestMapping(ERROR_PATH) - public String onError() { - return "redirect:/swagger-ui/index.html"; - } + }