Merge pull request #22 from tracehubpm/21

Swagger configuration

pom.xml

@@ -47,6 +47,7 @@ SOFTWARE.
     <spring-addons.version>7.1.8</spring-addons.version>
     <jcabi-github.version>1.8.0</jcabi-github.version>
     <jersey-common.version>3.1.2</jersey-common.version>
+    <springdoc.version>2.2.0</springdoc.version>
     <jcabi-http.version>1.20.1</jcabi-http.version>
     <testcontainers-keycloak.version>3.2.0</testcontainers-keycloak.version>
     <testcontainers.version>1.19.3</testcontainers.version>
@@ -124,6 +125,11 @@ SOFTWARE.
       <artifactId>eokson</artifactId>
       <version>${eokson.version}</version>
     </dependency>
+    <dependency>
+      <groupId>org.springdoc</groupId>
+      <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+      <version>${springdoc.version}</version>
+    </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-test</artifactId>

src/main/java/git/tracehub/pmo/security/SecurityConfig.java → src/main/java/git/tracehub/pmo/security/WebConfig.java

@@ -17,11 +17,18 @@
 
 package git.tracehub.pmo.security;
 
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Info;
+import io.swagger.v3.oas.models.security.OAuthFlow;
+import io.swagger.v3.oas.models.security.OAuthFlows;
+import io.swagger.v3.oas.models.security.Scopes;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
 import lombok.SneakyThrows;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.Ordered;
-import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
@@ -31,13 +38,25 @@
 import org.springframework.security.web.SecurityFilterChain;
 
 /**
- * Security configurations.
+ * Web configurations.
  *
  * @since 0.0.0
  */
 @Configuration
 @EnableMethodSecurity
-public class SecurityConfig {
+public class WebConfig {
+
+    /**
+     * API Version.
+     */
+    @Value("${application.version}")
+    private String version;
+
+    /**
+     * Auth server url.
+     */
+    @Value("${spring.security.oauth2.resourceserver.jwt.issuer-uri}")
+    private String url;
 
     /**
      * Filter.
@@ -47,7 +66,6 @@ public class SecurityConfig {
      * @checkstyle NonStaticMethodCheck (30 lines)
      */
     @Bean
-    @Order(Ordered.HIGHEST_PRECEDENCE)
     @SneakyThrows
     public SecurityFilterChain client(final HttpSecurity http) {
         return http.cors(Customizer.withDefaults())
@@ -60,7 +78,11 @@ public SecurityFilterChain client(final HttpSecurity http) {
                     )
             ).authorizeHttpRequests(
                 auth -> auth
-                    .requestMatchers("/login").permitAll()
+                    .requestMatchers(
+                        "/login",
+                        "/v3/**",
+                        "/swagger-ui/**"
+                    ).permitAll()
                     .anyRequest().authenticated()
             ).exceptionHandling(
                 configurer -> configurer
@@ -75,4 +97,45 @@ public SecurityFilterChain client(final HttpSecurity http) {
             ).build();
     }
 
+    /**
+     * Open API config for Swagger.
+     *
+     * @return OpenAPI
+     */
+    @Bean
+    public OpenAPI openApi() {
+        final String name = "auth";
+        return new OpenAPI()
+            .addSecurityItem(
+                new SecurityRequirement()
+                    .addList(name)
+            ).components(
+                new Components()
+                    .addSecuritySchemes(
+                        name, new SecurityScheme()
+                            .name(name)
+                            .type(SecurityScheme.Type.OAUTH2)
+                            .flows(
+                                new OAuthFlows().authorizationCode(
+                                    new OAuthFlow()
+                                        .authorizationUrl(
+                                            "%s/protocol/openid-connect/auth"
+                                                .formatted(this.url)
+                                        ).refreshUrl(
+                                            "%s/protocol/openid-connect/token"
+                                                .formatted(this.url)
+                                        ).tokenUrl(
+                                            "%s/protocol/openid-connect/token"
+                                                .formatted(this.url)
+                                        ).scopes(new Scopes())
+                                )
+                            )
+                    )
+            ).info(
+                new Info()
+                    .title("PMO API")
+                    .version(this.version)
+            );
+    }
+
 }

src/main/resources/application.yaml

@@ -1,3 +1,6 @@
+application:
+  title: ${APP_TITLE}
+  version: ${APP_VERSION}
 server:
   port: 8080
   shutdown: graceful

src/main/resources/banner.txt

@@ -0,0 +1,10 @@
+
+,--------.                          ,--.             ,--.
+'--.  .--',--.--.,--,--.,---. ,---. |  ,---. ,--.,--.|  |-.
+   |  |   |  .--' ,-.  | .--'| .-. :|  .-.  ||  ||  || .-. '
+   |  |   |  |  \ '-'  \ `--.\   --.|  | |  |'  ''  '| `-' |
+   `--'   `--'   `--`--'`---' `----'`--' `--' `----'  `---'
+
+${application.title}
+${application.version}
+Powered by Spring Boot ${spring-boot.version}

src/test/resources/application-pgit.yaml

@@ -1,3 +1,6 @@
+application:
+  title: IT
+  version: 0.0.1
 spring:
   datasource:
     username: test