7
7
import io .swagger .v3 .oas .models .OpenAPI ;
8
8
import io .swagger .v3 .oas .models .Operation ;
9
9
import io .swagger .v3 .oas .models .PathItem ;
10
+ import io .swagger .v3 .oas .models .SpecVersion ;
10
11
import io .swagger .v3 .oas .models .headers .Header ;
11
12
import io .swagger .v3 .oas .models .media .ArraySchema ;
12
13
import io .swagger .v3 .oas .models .media .Content ;
@@ -83,33 +84,35 @@ public class SpringDocSecurityOAuth2Customizer implements GlobalOpenApiCustomize
83
84
@ Override
84
85
public void customise (OpenAPI openAPI ) {
85
86
FilterChainProxy filterChainProxy = applicationContext .getBean (AbstractSecurityWebApplicationInitializer .DEFAULT_FILTER_NAME , FilterChainProxy .class );
87
+ boolean openapi31 = SpecVersion .V31 == openAPI .getSpecVersion ();
86
88
for (SecurityFilterChain filterChain : filterChainProxy .getFilterChains ()) {
87
- getNimbusJwkSetEndpoint (openAPI , filterChain );
88
- getOAuth2AuthorizationServerMetadataEndpoint (openAPI , filterChain );
89
- getOAuth2TokenEndpoint (openAPI , filterChain );
90
- getOAuth2AuthorizationEndpoint (openAPI , filterChain );
91
- getOAuth2TokenIntrospectionEndpointFilter (openAPI , filterChain );
92
- getOAuth2TokenRevocationEndpointFilter (openAPI , filterChain );
93
- getOidcProviderConfigurationEndpoint (openAPI , filterChain );
89
+ getNimbusJwkSetEndpoint (openAPI , filterChain , openapi31 );
90
+ getOAuth2AuthorizationServerMetadataEndpoint (openAPI , filterChain , openapi31 );
91
+ getOAuth2TokenEndpoint (openAPI , filterChain , openapi31 );
92
+ getOAuth2AuthorizationEndpoint (openAPI , filterChain , openapi31 );
93
+ getOAuth2TokenIntrospectionEndpointFilter (openAPI , filterChain , openapi31 );
94
+ getOAuth2TokenRevocationEndpointFilter (openAPI , filterChain , openapi31 );
95
+ getOidcProviderConfigurationEndpoint (openAPI , filterChain , openapi31 );
94
96
getOidcUserInfoEndpoint (openAPI , filterChain );
95
- getOidcClientRegistrationEndpoint (openAPI , filterChain );
97
+ getOidcClientRegistrationEndpoint (openAPI , filterChain , openapi31 );
96
98
}
97
99
}
98
100
99
101
/**
100
102
* Gets o auth 2 token revocation endpoint filter.
101
103
*
102
- * @param openAPI the open api
104
+ * @param openAPI the open api
103
105
* @param securityFilterChain the security filter chain
106
+ * @param openapi31 the openapi 31
104
107
*/
105
- private void getOAuth2TokenRevocationEndpointFilter (OpenAPI openAPI , SecurityFilterChain securityFilterChain ) {
108
+ private void getOAuth2TokenRevocationEndpointFilter (OpenAPI openAPI , SecurityFilterChain securityFilterChain , boolean openapi31 ) {
106
109
Object oAuth2EndpointFilter =
107
110
new SpringDocSecurityOAuth2EndpointUtils (OAuth2TokenRevocationEndpointFilter .class ).findEndpoint (securityFilterChain );
108
111
if (oAuth2EndpointFilter != null ) {
109
112
ApiResponses apiResponses = new ApiResponses ();
110
113
apiResponses .addApiResponse (String .valueOf (HttpStatus .OK .value ()), new ApiResponse ().description (HttpStatus .OK .getReasonPhrase ()));
111
114
buildApiResponsesOnInternalServerError (apiResponses );
112
- buildApiResponsesOnBadRequest (apiResponses , openAPI );
115
+ buildApiResponsesOnBadRequest (apiResponses , openAPI , openapi31 );
113
116
114
117
Operation operation = buildOperation (apiResponses );
115
118
Schema <?> schema = new ObjectSchema ()
@@ -126,17 +129,18 @@ private void getOAuth2TokenRevocationEndpointFilter(OpenAPI openAPI, SecurityFil
126
129
/**
127
130
* Gets o auth 2 token introspection endpoint filter.
128
131
*
129
- * @param openAPI the open api
132
+ * @param openAPI the open api
130
133
* @param securityFilterChain the security filter chain
134
+ * @param openapi31 the openapi 31
131
135
*/
132
- private void getOAuth2TokenIntrospectionEndpointFilter (OpenAPI openAPI , SecurityFilterChain securityFilterChain ) {
136
+ private void getOAuth2TokenIntrospectionEndpointFilter (OpenAPI openAPI , SecurityFilterChain securityFilterChain , boolean openapi31 ) {
133
137
Object oAuth2EndpointFilter =
134
138
new SpringDocSecurityOAuth2EndpointUtils (OAuth2TokenIntrospectionEndpointFilter .class ).findEndpoint (securityFilterChain );
135
139
if (oAuth2EndpointFilter != null ) {
136
140
ApiResponses apiResponses = new ApiResponses ();
137
- buildApiResponsesOnSuccess (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOAuth2TokenIntrospection .class , openAPI .getComponents (), null ));
141
+ buildApiResponsesOnSuccess (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOAuth2TokenIntrospection .class , openAPI .getComponents (), null , openapi31 ));
138
142
buildApiResponsesOnInternalServerError (apiResponses );
139
- buildApiResponsesOnBadRequest (apiResponses , openAPI );
143
+ buildApiResponsesOnBadRequest (apiResponses , openAPI , openapi31 );
140
144
141
145
Operation operation = buildOperation (apiResponses );
142
146
Schema <?> requestSchema = new ObjectSchema ()
@@ -154,15 +158,16 @@ private void getOAuth2TokenIntrospectionEndpointFilter(OpenAPI openAPI, Security
154
158
/**
155
159
* Gets o auth 2 authorization server metadata endpoint.
156
160
*
157
- * @param openAPI the open api
161
+ * @param openAPI the open api
158
162
* @param securityFilterChain the security filter chain
163
+ * @param openapi31 the openapi 31
159
164
*/
160
- private void getOAuth2AuthorizationServerMetadataEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain ) {
165
+ private void getOAuth2AuthorizationServerMetadataEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain , boolean openapi31 ) {
161
166
Object oAuth2EndpointFilter =
162
167
new SpringDocSecurityOAuth2EndpointUtils (OAuth2AuthorizationServerMetadataEndpointFilter .class ).findEndpoint (securityFilterChain );
163
168
if (oAuth2EndpointFilter != null ) {
164
169
ApiResponses apiResponses = new ApiResponses ();
165
- buildApiResponsesOnSuccess (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOAuth2AuthorizationServerMetadata .class , openAPI .getComponents (), null ));
170
+ buildApiResponsesOnSuccess (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOAuth2AuthorizationServerMetadata .class , openAPI .getComponents (), null , openapi31 ));
166
171
buildApiResponsesOnInternalServerError (apiResponses );
167
172
Operation operation = buildOperation (apiResponses );
168
173
buildPath (oAuth2EndpointFilter , "requestMatcher" , openAPI , operation , HttpMethod .GET );
@@ -172,10 +177,11 @@ private void getOAuth2AuthorizationServerMetadataEndpoint(OpenAPI openAPI, Secur
172
177
/**
173
178
* Gets nimbus jwk set endpoint.
174
179
*
175
- * @param openAPI the open api
180
+ * @param openAPI the open api
176
181
* @param securityFilterChain the security filter chain
182
+ * @param openapi31 the openapi 31
177
183
*/
178
- private void getNimbusJwkSetEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain ) {
184
+ private void getNimbusJwkSetEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain , boolean openapi31 ) {
179
185
Object oAuth2EndpointFilter =
180
186
new SpringDocSecurityOAuth2EndpointUtils (NimbusJwkSetEndpointFilter .class ).findEndpoint (securityFilterChain );
181
187
if (oAuth2EndpointFilter != null ) {
@@ -188,7 +194,7 @@ private void getNimbusJwkSetEndpoint(OpenAPI openAPI, SecurityFilterChain securi
188
194
new MediaType ().schema (schema )));
189
195
apiResponses .addApiResponse (String .valueOf (HttpStatus .OK .value ()), response );
190
196
buildApiResponsesOnInternalServerError (apiResponses );
191
- buildApiResponsesOnBadRequest (apiResponses , openAPI );
197
+ buildApiResponsesOnBadRequest (apiResponses , openAPI , openapi31 );
192
198
193
199
Operation operation = buildOperation (apiResponses );
194
200
operation .responses (apiResponses );
@@ -199,19 +205,20 @@ private void getNimbusJwkSetEndpoint(OpenAPI openAPI, SecurityFilterChain securi
199
205
/**
200
206
* Gets o auth 2 token endpoint.
201
207
*
202
- * @param openAPI the open api
208
+ * @param openAPI the open api
203
209
* @param securityFilterChain the security filter chain
210
+ * @param openapi31 the openapi 31
204
211
*/
205
- private void getOAuth2TokenEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain ) {
212
+ private void getOAuth2TokenEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain , boolean openapi31 ) {
206
213
Object oAuth2EndpointFilter =
207
214
new SpringDocSecurityOAuth2EndpointUtils (OAuth2TokenEndpointFilter .class ).findEndpoint (securityFilterChain );
208
215
209
216
if (oAuth2EndpointFilter != null ) {
210
217
ApiResponses apiResponses = new ApiResponses ();
211
- buildApiResponsesOnSuccess (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOAuth2Token .class , openAPI .getComponents (), null ));
218
+ buildApiResponsesOnSuccess (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOAuth2Token .class , openAPI .getComponents (), null , openapi31 ));
212
219
buildApiResponsesOnInternalServerError (apiResponses );
213
- buildApiResponsesOnBadRequest (apiResponses , openAPI );
214
- buildOAuth2Error (openAPI , apiResponses , HttpStatus .UNAUTHORIZED );
220
+ buildApiResponsesOnBadRequest (apiResponses , openAPI , openapi31 );
221
+ buildOAuth2Error (openAPI , apiResponses , HttpStatus .UNAUTHORIZED , openapi31 );
215
222
Operation operation = buildOperation (apiResponses );
216
223
217
224
Schema <?> requestSchema = new ObjectSchema ()
@@ -242,10 +249,11 @@ private void getOAuth2TokenEndpoint(OpenAPI openAPI, SecurityFilterChain securit
242
249
/**
243
250
* Gets o auth 2 authorization endpoint.
244
251
*
245
- * @param openAPI the open api
252
+ * @param openAPI the open api
246
253
* @param securityFilterChain the security filter chain
254
+ * @param openapi31 the openapi 31
247
255
*/
248
- private void getOAuth2AuthorizationEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain ) {
256
+ private void getOAuth2AuthorizationEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain , boolean openapi31 ) {
249
257
Object oAuth2EndpointFilter =
250
258
new SpringDocSecurityOAuth2EndpointUtils (OAuth2AuthorizationEndpointFilter .class ).findEndpoint (securityFilterChain );
251
259
if (oAuth2EndpointFilter != null ) {
@@ -256,7 +264,7 @@ private void getOAuth2AuthorizationEndpoint(OpenAPI openAPI, SecurityFilterChain
256
264
new MediaType ()));
257
265
apiResponses .addApiResponse (String .valueOf (HttpStatus .OK .value ()), response );
258
266
buildApiResponsesOnInternalServerError (apiResponses );
259
- buildApiResponsesOnBadRequest (apiResponses , openAPI );
267
+ buildApiResponsesOnBadRequest (apiResponses , openAPI , openapi31 );
260
268
apiResponses .addApiResponse (String .valueOf (HttpStatus .MOVED_TEMPORARILY .value ()),
261
269
new ApiResponse ().description (HttpStatus .MOVED_TEMPORARILY .getReasonPhrase ())
262
270
.addHeaderObject ("Location" , new Header ().schema (new StringSchema ())));
@@ -270,16 +278,17 @@ private void getOAuth2AuthorizationEndpoint(OpenAPI openAPI, SecurityFilterChain
270
278
/**
271
279
* Gets OpenID Provider endpoint filter
272
280
*
273
- * @param openAPI the open api
281
+ * @param openAPI the open api
274
282
* @param securityFilterChain the security filter chain
283
+ * @param openapi31 the openapi 31
275
284
*/
276
- private void getOidcProviderConfigurationEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain ) {
285
+ private void getOidcProviderConfigurationEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain , boolean openapi31 ) {
277
286
Object oAuth2EndpointFilter =
278
287
new SpringDocSecurityOAuth2EndpointUtils (OidcProviderConfigurationEndpointFilter .class ).findEndpoint (securityFilterChain );
279
288
280
289
if (oAuth2EndpointFilter != null ) {
281
290
ApiResponses apiResponses = new ApiResponses ();
282
- buildApiResponsesOnSuccess (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOidcProviderConfiguration .class , openAPI .getComponents (), null ));
291
+ buildApiResponsesOnSuccess (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOidcProviderConfiguration .class , openAPI .getComponents (), null , openapi31 ));
283
292
buildApiResponsesOnInternalServerError (apiResponses );
284
293
Operation operation = buildOperation (apiResponses );
285
294
buildPath (oAuth2EndpointFilter , "requestMatcher" , openAPI , operation , HttpMethod .GET );
@@ -309,24 +318,25 @@ private void getOidcUserInfoEndpoint(OpenAPI openAPI, SecurityFilterChain securi
309
318
/**
310
319
* Gets OpenID Client Registration endpoint filter
311
320
*
312
- * @param openAPI the open api
321
+ * @param openAPI the open api
313
322
* @param securityFilterChain the security filter chain
323
+ * @param openapi31 the openapi 31
314
324
*/
315
- private void getOidcClientRegistrationEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain ) {
325
+ private void getOidcClientRegistrationEndpoint (OpenAPI openAPI , SecurityFilterChain securityFilterChain , boolean openapi31 ) {
316
326
Object oAuth2EndpointFilter =
317
327
new SpringDocSecurityOAuth2EndpointUtils (OidcClientRegistrationEndpointFilter .class ).findEndpoint (securityFilterChain );
318
328
319
329
if (oAuth2EndpointFilter != null ) {
320
330
ApiResponses apiResponses = new ApiResponses ();
321
- buildApiResponsesOnCreated (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOidcClientRegistrationResponse .class , openAPI .getComponents (), null ));
331
+ buildApiResponsesOnCreated (apiResponses , AnnotationsUtils .resolveSchemaFromType (SpringDocOidcClientRegistrationResponse .class , openAPI .getComponents (), null , openapi31 ));
322
332
buildApiResponsesOnInternalServerError (apiResponses );
323
- buildApiResponsesOnBadRequest (apiResponses , openAPI );
324
- buildOAuth2Error (openAPI , apiResponses , HttpStatus .UNAUTHORIZED );
325
- buildOAuth2Error (openAPI , apiResponses , HttpStatus .FORBIDDEN );
333
+ buildApiResponsesOnBadRequest (apiResponses , openAPI , openapi31 );
334
+ buildOAuth2Error (openAPI , apiResponses , HttpStatus .UNAUTHORIZED , openapi31 );
335
+ buildOAuth2Error (openAPI , apiResponses , HttpStatus .FORBIDDEN , openapi31 );
326
336
Operation operation = buildOperation (apiResponses );
327
337
328
338
// OidcClientRegistration
329
- Schema schema = AnnotationsUtils .resolveSchemaFromType (SpringDocOidcClientRegistrationRequest .class , openAPI .getComponents (), null );
339
+ Schema schema = AnnotationsUtils .resolveSchemaFromType (SpringDocOidcClientRegistrationRequest .class , openAPI .getComponents (), null , openapi31 );
330
340
331
341
String mediaType = APPLICATION_JSON_VALUE ;
332
342
RequestBody requestBody = new RequestBody ().content (new Content ().addMediaType (mediaType , new MediaType ().schema (schema )));
@@ -395,23 +405,25 @@ private ApiResponses buildApiResponsesOnInternalServerError(ApiResponses apiResp
395
405
* Build api responses on bad request.
396
406
*
397
407
* @param apiResponses the api responses
398
- * @param openAPI the open api
408
+ * @param openAPI the open api
409
+ * @param openapi31 the openapi 31
399
410
* @return the api responses
400
411
*/
401
- private ApiResponses buildApiResponsesOnBadRequest (ApiResponses apiResponses , OpenAPI openAPI ) {
402
- buildOAuth2Error (openAPI , apiResponses , HttpStatus .BAD_REQUEST );
412
+ private ApiResponses buildApiResponsesOnBadRequest (ApiResponses apiResponses , OpenAPI openAPI , boolean openapi31 ) {
413
+ buildOAuth2Error (openAPI , apiResponses , HttpStatus .BAD_REQUEST , openapi31 );
403
414
return apiResponses ;
404
415
}
405
416
406
417
/**
407
418
* Build o auth 2 error.
408
419
*
409
- * @param openAPI the open api
420
+ * @param openAPI the open api
410
421
* @param apiResponses the api responses
411
- * @param httpStatus the http status
422
+ * @param httpStatus the http status
423
+ * @param openapi31 the openapi 31
412
424
*/
413
- private static void buildOAuth2Error (OpenAPI openAPI , ApiResponses apiResponses , HttpStatus httpStatus ) {
414
- Schema oAuth2ErrorSchema = AnnotationsUtils .resolveSchemaFromType (OAuth2Error .class , openAPI .getComponents (), null );
425
+ private static void buildOAuth2Error (OpenAPI openAPI , ApiResponses apiResponses , HttpStatus httpStatus , boolean openapi31 ) {
426
+ Schema oAuth2ErrorSchema = AnnotationsUtils .resolveSchemaFromType (OAuth2Error .class , openAPI .getComponents (), null , openapi31 );
415
427
apiResponses .addApiResponse (String .valueOf (httpStatus .value ()), new ApiResponse ().description (httpStatus .getReasonPhrase ()).content (new Content ().addMediaType (
416
428
APPLICATION_JSON_VALUE ,
417
429
new MediaType ().schema (oAuth2ErrorSchema ))));
0 commit comments