Skip to content
Snippets Groups Projects
Commit e33fdd21 authored by Karsch Lukas's avatar Karsch Lukas
Browse files

Merge branch 'swagger' into 'main'

add Swagger / OpenAPI #30

See merge request !24
parents 75494077 cc7c4379
No related branches found
No related tags found
1 merge request!24add Swagger / OpenAPI #30
......@@ -74,6 +74,12 @@
<version>3.16.1</version>
<scope>test</scope>
</dependency>
<!-- Aufrufbar unter http://localhost:8080/swagger-ui/index.html -->
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
<version>2.2.0</version>
</dependency>
</dependencies>
<build>
......
......@@ -17,6 +17,17 @@ content-type: application/json
"password": "myPassword123"
}
###
POST http://localhost:8080/api/v1/auth/register
content-type: application/json
{
"email": "lb210@hdm-stuttgart.de",
"firstname": "Lara",
"lastname": "Blersch",
"password": "Lara123"
}
### Authenticate
POST http://localhost:8080/api/v1/auth/authenticate
content-type: application/json
......
package hdm.mi.growbros.config;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Info;
import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class OpenApiConfig {
@Bean
public OpenAPI customizeOpenAPI() {
final String securitySchemeName = "bearerAuth";
return new OpenAPI()
.info(new Info()
.description("GrowBros API documentation.")
.title("GrowBros")
.version("1.0"))
.addSecurityItem(new SecurityRequirement()
.addList(securitySchemeName))
.components(new Components()
.addSecuritySchemes(securitySchemeName, new SecurityScheme()
.name(securitySchemeName)
.type(SecurityScheme.Type.HTTP)
.scheme("bearer")
.bearerFormat("JWT")));
}
}
......@@ -13,7 +13,9 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
import static hdm.mi.growbros.models.user.Role.ADMIN;
import static org.springframework.boot.autoconfigure.security.servlet.PathRequest.toH2Console;
import static org.springframework.security.authorization.AuthorityAuthorizationManager.hasRole;
/**
* Configuration of the filter chain.
......@@ -36,6 +38,8 @@ public class SecurityConfiguration {
authorize
.requestMatchers(toH2Console()).permitAll()
.requestMatchers(mvc.pattern("/api/v1/auth/**")).permitAll()
.requestMatchers(mvc.pattern("/swagger-ui/**")).permitAll()
.requestMatchers(mvc.pattern("/v3/api-docs/**")).permitAll()
.anyRequest().authenticated()
)
.headers(headers -> headers.frameOptions(
......@@ -56,4 +60,10 @@ public class SecurityConfiguration {
//see https://stackoverflow.com/questions/76809698/spring-security-method-cannot-decide-pattern-is-mvc-or-not-spring-boot-applicati
return new MvcRequestMatcher.Builder(introspector);
}
/*@Bean
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().requestMatchers("/swagger-ui.html")
.access("hasRole('ROLE_ADMIN')");
}*/
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment