From 421978d1be46cd928382ee225199b5db9719ff63 Mon Sep 17 00:00:00 2001 From: hizmailovich Date: Thu, 25 Jan 2024 12:23:24 +0300 Subject: [PATCH 1/3] Resolved #21 --- pom.xml | 6 ++ .../{SecurityConfig.java => WebConfig.java} | 75 +++++++++++++++++-- src/main/resources/application.yaml | 3 + 3 files changed, 78 insertions(+), 6 deletions(-) rename src/main/java/git/tracehub/pmo/security/{SecurityConfig.java => WebConfig.java} (52%) diff --git a/pom.xml b/pom.xml index 9280e96..866b1ae 100644 --- a/pom.xml +++ b/pom.xml @@ -47,6 +47,7 @@ SOFTWARE. 7.1.8 1.8.0 3.1.2 + 2.2.0 1.20.1 3.2.0 1.19.3 @@ -124,6 +125,11 @@ SOFTWARE. eokson ${eokson.version} + + org.springdoc + springdoc-openapi-starter-webmvc-ui + ${springdoc.version} + org.springframework.boot spring-boot-starter-test diff --git a/src/main/java/git/tracehub/pmo/security/SecurityConfig.java b/src/main/java/git/tracehub/pmo/security/WebConfig.java similarity index 52% rename from src/main/java/git/tracehub/pmo/security/SecurityConfig.java rename to src/main/java/git/tracehub/pmo/security/WebConfig.java index b2a17c3..355a69c 100644 --- a/src/main/java/git/tracehub/pmo/security/SecurityConfig.java +++ b/src/main/java/git/tracehub/pmo/security/WebConfig.java @@ -17,11 +17,18 @@ package git.tracehub.pmo.security; +import io.swagger.v3.oas.models.Components; +import io.swagger.v3.oas.models.OpenAPI; +import io.swagger.v3.oas.models.info.Info; +import io.swagger.v3.oas.models.security.OAuthFlow; +import io.swagger.v3.oas.models.security.OAuthFlows; +import io.swagger.v3.oas.models.security.Scopes; +import io.swagger.v3.oas.models.security.SecurityRequirement; +import io.swagger.v3.oas.models.security.SecurityScheme; import lombok.SneakyThrows; +import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.core.Ordered; -import org.springframework.core.annotation.Order; import org.springframework.http.HttpStatus; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; @@ -31,13 +38,25 @@ import org.springframework.security.web.SecurityFilterChain; /** - * Security configurations. + * Web configurations. * * @since 0.0.0 */ @Configuration @EnableMethodSecurity -public class SecurityConfig { +public class WebConfig { + + /** + * API Version. + */ + @Value("${application.version}") + private String version; + + /** + * Auth server url. + */ + @Value("${spring.security.oauth2.resourceserver.jwt.issuer-uri}") + private String url; /** * Filter. @@ -47,7 +66,6 @@ public class SecurityConfig { * @checkstyle NonStaticMethodCheck (30 lines) */ @Bean - @Order(Ordered.HIGHEST_PRECEDENCE) @SneakyThrows public SecurityFilterChain client(final HttpSecurity http) { return http.cors(Customizer.withDefaults()) @@ -60,7 +78,11 @@ public SecurityFilterChain client(final HttpSecurity http) { ) ).authorizeHttpRequests( auth -> auth - .requestMatchers("/login").permitAll() + .requestMatchers( + "/login", + "/v3/**", + "/swagger-ui/**" + ).permitAll() .anyRequest().authenticated() ).exceptionHandling( configurer -> configurer @@ -75,4 +97,45 @@ public SecurityFilterChain client(final HttpSecurity http) { ).build(); } + /** + * Open API config for Swagger. + * + * @return OpenAPI + */ + @Bean + public OpenAPI openApi() { + final String name = "auth"; + return new OpenAPI() + .addSecurityItem( + new SecurityRequirement() + .addList(name) + ).components( + new Components() + .addSecuritySchemes( + name, new SecurityScheme() + .name(name) + .type(SecurityScheme.Type.OAUTH2) + .flows( + new OAuthFlows().authorizationCode( + new OAuthFlow() + .authorizationUrl( + "%s/protocol/openid-connect/auth" + .formatted(this.url) + ).refreshUrl( + "%s/protocol/openid-connect/token" + .formatted(this.url) + ).tokenUrl( + "%s/protocol/openid-connect/token" + .formatted(this.url) + ).scopes(new Scopes()) + ) + ) + ) + ).info( + new Info() + .title("PMO API") + .version(this.version) + ); + } + } diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index d1b3abf..d3af633 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -1,3 +1,6 @@ +application: + title: ${APP_TITLE} + version: ${APP_VERSION} server: port: 8080 shutdown: graceful From 0be96965dd86cc0a7af4759d620f853d5f377f04 Mon Sep 17 00:00:00 2001 From: hizmailovich Date: Thu, 25 Jan 2024 12:23:34 +0300 Subject: [PATCH 2/3] Banner added --- src/main/resources/banner.txt | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 src/main/resources/banner.txt diff --git a/src/main/resources/banner.txt b/src/main/resources/banner.txt new file mode 100644 index 0000000..95e2735 --- /dev/null +++ b/src/main/resources/banner.txt @@ -0,0 +1,10 @@ + +,--------. ,--. ,--. +'--. .--',--.--.,--,--.,---. ,---. | ,---. ,--.,--.| |-. + | | | .--' ,-. | .--'| .-. :| .-. || || || .-. ' + | | | | \ '-' \ `--.\ --.| | | |' '' '| `-' | + `--' `--' `--`--'`---' `----'`--' `--' `----' `---' + +${application.title} +${application.version} +Powered by Spring Boot ${spring-boot.version} From 08f2a62e3fe15161a400a85b9f2e5e83b1423ad9 Mon Sep 17 00:00:00 2001 From: hizmailovich Date: Thu, 25 Jan 2024 12:23:48 +0300 Subject: [PATCH 3/3] Test fixed --- src/test/resources/application-pgit.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/test/resources/application-pgit.yaml b/src/test/resources/application-pgit.yaml index f567314..4c363d3 100644 --- a/src/test/resources/application-pgit.yaml +++ b/src/test/resources/application-pgit.yaml @@ -1,3 +1,6 @@ +application: + title: IT + version: 0.0.1 spring: datasource: username: test