From cc7c4379acae2991e51b4726b753f9624fb651f8 Mon Sep 17 00:00:00 2001
From: Karsch Lukas <lk224@hdm-stuttgart.de>
Date: Thu, 14 Dec 2023 21:32:18 +0100
Subject: [PATCH] add Swagger / OpenAPI #30
---
pom.xml | 6 ++++
requests.http | 11 +++++++
.../hdm/mi/growbros/config/OpenApiConfig.java | 31 +++++++++++++++++++
.../security/SecurityConfiguration.java | 10 ++++++
4 files changed, 58 insertions(+)
create mode 100644 src/main/java/hdm/mi/growbros/config/OpenApiConfig.java
diff --git a/pom.xml b/pom.xml
index ab6e21b..80b0851 100644
--- a/pom.xml
+++ b/pom.xml
@@ -74,6 +74,12 @@
<version>3.16.1</version>
<scope>test</scope>
</dependency>
+ <!-- Aufrufbar unter http://localhost:8080/swagger-ui/index.html -->
+ <dependency>
+ <groupId>org.springdoc</groupId>
+ <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+ <version>2.2.0</version>
+ </dependency>
</dependencies>
<build>
diff --git a/requests.http b/requests.http
index d99dd79..e985f72 100644
--- a/requests.http
+++ b/requests.http
@@ -17,6 +17,17 @@ content-type: application/json
"password": "myPassword123"
}
+###
+POST http://localhost:8080/api/v1/auth/register
+content-type: application/json
+
+{
+ "email": "lb210@hdm-stuttgart.de",
+ "firstname": "Lara",
+ "lastname": "Blersch",
+ "password": "Lara123"
+}
+
### Authenticate
POST http://localhost:8080/api/v1/auth/authenticate
content-type: application/json
diff --git a/src/main/java/hdm/mi/growbros/config/OpenApiConfig.java b/src/main/java/hdm/mi/growbros/config/OpenApiConfig.java
new file mode 100644
index 0000000..162b32d
--- /dev/null
+++ b/src/main/java/hdm/mi/growbros/config/OpenApiConfig.java
@@ -0,0 +1,31 @@
+package hdm.mi.growbros.config;
+
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Info;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+
+@Configuration
+public class OpenApiConfig {
+ @Bean
+ public OpenAPI customizeOpenAPI() {
+ final String securitySchemeName = "bearerAuth";
+ return new OpenAPI()
+ .info(new Info()
+ .description("GrowBros API documentation.")
+ .title("GrowBros")
+ .version("1.0"))
+ .addSecurityItem(new SecurityRequirement()
+ .addList(securitySchemeName))
+ .components(new Components()
+ .addSecuritySchemes(securitySchemeName, new SecurityScheme()
+ .name(securitySchemeName)
+ .type(SecurityScheme.Type.HTTP)
+ .scheme("bearer")
+ .bearerFormat("JWT")));
+ }
+}
diff --git a/src/main/java/hdm/mi/growbros/security/SecurityConfiguration.java b/src/main/java/hdm/mi/growbros/security/SecurityConfiguration.java
index 3adcd66..cf9f52b 100644
--- a/src/main/java/hdm/mi/growbros/security/SecurityConfiguration.java
+++ b/src/main/java/hdm/mi/growbros/security/SecurityConfiguration.java
@@ -13,7 +13,9 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
+import static hdm.mi.growbros.models.user.Role.ADMIN;
import static org.springframework.boot.autoconfigure.security.servlet.PathRequest.toH2Console;
+import static org.springframework.security.authorization.AuthorityAuthorizationManager.hasRole;
/**
* Configuration of the filter chain.
@@ -36,6 +38,8 @@ public class SecurityConfiguration {
authorize
.requestMatchers(toH2Console()).permitAll()
.requestMatchers(mvc.pattern("/api/v1/auth/**")).permitAll()
+ .requestMatchers(mvc.pattern("/swagger-ui/**")).permitAll()
+ .requestMatchers(mvc.pattern("/v3/api-docs/**")).permitAll()
.anyRequest().authenticated()
)
.headers(headers -> headers.frameOptions(
@@ -56,4 +60,10 @@ public class SecurityConfiguration {
//see https://stackoverflow.com/questions/76809698/spring-security-method-cannot-decide-pattern-is-mvc-or-not-spring-boot-applicati
return new MvcRequestMatcher.Builder(introspector);
}
+
+ /*@Bean
+ protected void configure(HttpSecurity http) throws Exception {
+ http.authorizeRequests().requestMatchers("/swagger-ui.html")
+ .access("hasRole('ROLE_ADMIN')");
+ }*/
}
--
GitLab