#77 made the oas dependency optional and conditional

fabioformosa · Oct 21, 2022 · 7f00f5d · 7f00f5d
1 parent b2906d0
commit 7f00f5d
Show file tree

Hide file tree

Showing 15 changed files with 179 additions and 94 deletions.
diff --git a/...on/src/main/java/it/fabioformosa/quartzmanager/api/common/config/OpenAPIConfigConsts.java b/...on/src/main/java/it/fabioformosa/quartzmanager/api/common/config/OpenAPIConfigConsts.java
@@ -2,6 +2,6 @@
 
 public class OpenAPIConfigConsts {
 
-  final static public String BASIC_AUTH_SEC_OAS_SCHEME = "basic-auth";
+  final static public String QUARTZ_MANAGER_SEC_OAS_SCHEMA = "quartz-manager-auth";
 
 }
diff --git a/quartz-manager-parent/quartz-manager-starter-api/pom.xml b/quartz-manager-parent/quartz-manager-starter-api/pom.xml
@@ -40,19 +40,21 @@
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-devtools</artifactId>
+      <scope>runtime</scope>
+      <optional>true</optional>
     </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-websocket</artifactId>
     </dependency>
-    <!--        <dependency>-->
-    <!--          <groupId>org.springframework.security</groupId>-->
-    <!--          <artifactId>spring-security-core</artifactId>-->
-    <!--        </dependency>-->
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-validation</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-context-support</artifactId>
+    </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-test</artifactId>
@@ -116,28 +118,28 @@
     </dependency>
 
     <!-- Reactor -->
-    <dependency>
-      <groupId>io.projectreactor</groupId>
-      <artifactId>reactor-core</artifactId>
-    </dependency>
-    <dependency>
-      <groupId>io.projectreactor</groupId>
-      <artifactId>reactor-net</artifactId>
-      <version>2.0.8.RELEASE</version>
-    </dependency>
-    <dependency>
-      <groupId>io.projectreactor.spring</groupId>
-      <artifactId>reactor-spring-context</artifactId>
-      <version>2.0.7.RELEASE</version>
-    </dependency>
-    <dependency>
-      <groupId>io.netty</groupId>
-      <artifactId>netty-all</artifactId>
-    </dependency>
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
-      <artifactId>spring-boot-starter-aop</artifactId>
-    </dependency>
+<!--    <dependency>-->
+<!--      <groupId>io.projectreactor</groupId>-->
+<!--      <artifactId>reactor-core</artifactId>-->
+<!--    </dependency>-->
+<!--    <dependency>-->
+<!--      <groupId>io.projectreactor</groupId>-->
+<!--      <artifactId>reactor-net</artifactId>-->
+<!--      <version>2.0.8.RELEASE</version>-->
+<!--    </dependency>-->
+<!--    <dependency>-->
+<!--      <groupId>io.projectreactor.spring</groupId>-->
+<!--      <artifactId>reactor-spring-context</artifactId>-->
+<!--      <version>2.0.7.RELEASE</version>-->
+<!--    </dependency>-->
+<!--    <dependency>-->
+<!--      <groupId>io.netty</groupId>-->
+<!--      <artifactId>netty-all</artifactId>-->
+<!--    </dependency>-->
+<!--    <dependency>-->
+<!--      <groupId>org.springframework.boot</groupId>-->
+<!--      <artifactId>spring-boot-starter-aop</artifactId>-->
+<!--    </dependency>-->
     <dependency>
       <groupId>org.yaml</groupId>
       <artifactId>snakeyaml</artifactId>
@@ -148,16 +150,13 @@
       <groupId>org.springdoc</groupId>
       <artifactId>springdoc-openapi-ui</artifactId>
       <version>${springdoc-openapi.version}</version>
+      <optional>true</optional>
     </dependency>
-    <!--          <dependency>-->
-    <!--            <groupId>org.springdoc</groupId>-->
-    <!--            <artifactId>springdoc-openapi-security</artifactId>-->
-    <!--            <version>${openapi.version}</version>-->
-    <!--          </dependency>-->
     <dependency>
       <groupId>io.swagger.core.v3</groupId>
       <artifactId>swagger-annotations</artifactId>
       <version>2.1.11</version>
+      <optional>true</optional>
     </dependency>
 
     <!-- TEST -->

diff --git a/...rter-api/src/main/java/it/fabioformosa/quartzmanager/api/configuration/OpenApiConfig.java b/...rter-api/src/main/java/it/fabioformosa/quartzmanager/api/configuration/OpenApiConfig.java
@@ -1,68 +1,49 @@
 package it.fabioformosa.quartzmanager.api.configuration;
 
-import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
-import io.swagger.v3.oas.models.Operation;
-import io.swagger.v3.oas.models.PathItem;
 import io.swagger.v3.oas.models.info.Info;
 import io.swagger.v3.oas.models.info.License;
-import io.swagger.v3.oas.models.media.*;
-import io.swagger.v3.oas.models.parameters.RequestBody;
-import io.swagger.v3.oas.models.responses.ApiResponse;
-import io.swagger.v3.oas.models.responses.ApiResponses;
-import io.swagger.v3.oas.models.security.SecurityScheme;
-import it.fabioformosa.quartzmanager.api.common.config.OpenAPIConfigConsts;
 import it.fabioformosa.quartzmanager.api.common.config.QuartzManagerPaths;
+import lombok.extern.slf4j.Slf4j;
+import org.springdoc.core.GroupedOpenApi;
+import org.springdoc.core.customizers.OpenApiCustomiser;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
-import java.util.Arrays;
+import java.util.Optional;
 
+
+@Slf4j
 @Configuration
 public class OpenApiConfig {
 
+  @ConditionalOnProperty(name = "quartz-manager.oas.enabled")
+  @ConditionalOnMissingBean
   @Bean
-  public OpenAPI customOpenAPI(@Autowired(required = false) SecurityDiscover securityDiscover) {
-    OpenAPI openAPI = new OpenAPI()
-      .info(apiInfo());
-
-    if(securityDiscover != null)
-      openAPI
-        .components(new Components().addSecuritySchemes(OpenAPIConfigConsts.BASIC_AUTH_SEC_OAS_SCHEME, buildBasicAuthScheme()))
-        .path(QuartzManagerPaths.QUARTZ_MANAGER_LOGIN_PATH,
-                  new PathItem().post(new Operation()
-                    .operationId("login")
-                    .tags(Arrays.asList("auth"))
-                    .requestBody(new RequestBody().content(
-                      new Content().addMediaType("application/x-www-form-urlencoded", new MediaType().schema(new Schema().type("object")
-                        .addProperties("username", new StringSchema())
-                        .addProperties("password", new PasswordSchema())
-                        .required(Arrays.asList("username", "password"))
-                      ))))
-                      .responses(new ApiResponses().addApiResponse("200", new ApiResponse().description("JWT Token to authenticate the next requests")))
-                      .responses(new ApiResponses().addApiResponse("401", new ApiResponse().description("Unauthorized - Username or password are incorrect!")))
-                  ));
-
-    return openAPI;
-  }
-
-  private SecurityScheme buildBasicAuthScheme() {
-    return new SecurityScheme()
-      .type(SecurityScheme.Type.HTTP)
-      .scheme("bearer")
-      .bearerFormat("JWT");
-  }
-
-
-  private Info apiInfo() {
-    return new Info()
+  public OpenAPI quartzManagerOpenAPI() {
+    log.info("No OpenAPI found! Quart Manager is creating it...");
+    return new OpenAPI().info(new Info()
       .title("QUARTZ MANAGER API")
       .description("Quartz Manager - REST API")
       .version("1.0.0")
       .license(new License()
         .name("Apache License 2.0")
-        .url("https://github.com/fabioformosa/quartz-manager/blob/master/LICENSE"));
-	}
+        .url("https://github.com/fabioformosa/quartz-manager/blob/master/LICENSE")));
+  }
+
+  @ConditionalOnProperty(name = "quartz-manager.oas.enabled")
+  @Bean
+  public GroupedOpenApi quartzManagerStoreOpenApi(@Autowired(required = false) @Qualifier("quartzManagerOpenApiCustomiser") Optional<OpenApiCustomiser> openApiCustomiser) {
+    String paths[] = {QuartzManagerPaths.QUARTZ_MANAGER_BASE_CONTEXT_PATH + "/**"};
+    GroupedOpenApi.Builder groupedOpenApiBuilder = GroupedOpenApi.builder().group("quartz-manager").pathsToMatch(paths);
+    openApiCustomiser.ifPresent(oaCustomizer -> groupedOpenApiBuilder.addOpenApiCustomiser(oaCustomizer));
+    return groupedOpenApiBuilder.build();
+  }
+
+
 
 }
diff --git a/...tarter-api/src/main/java/it/fabioformosa/quartzmanager/api/controllers/JobController.java b/...tarter-api/src/main/java/it/fabioformosa/quartzmanager/api/controllers/JobController.java
@@ -17,7 +17,7 @@
 import java.util.stream.Collectors;
 
 @RequestMapping(QuartzManagerPaths.QUARTZ_MANAGER_BASE_CONTEXT_PATH + "/jobs")
-@SecurityRequirement(name = OpenAPIConfigConsts.BASIC_AUTH_SEC_OAS_SCHEME)
+@SecurityRequirement(name = OpenAPIConfigConsts.QUARTZ_MANAGER_SEC_OAS_SCHEMA)
 @RestController
 public class JobController {
   final private JobService jobService;

diff --git a/...-api/src/main/java/it/fabioformosa/quartzmanager/api/controllers/SchedulerController.java b/...-api/src/main/java/it/fabioformosa/quartzmanager/api/controllers/SchedulerController.java
@@ -16,7 +16,7 @@
 import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestController;
 
-import static it.fabioformosa.quartzmanager.api.common.config.OpenAPIConfigConsts.BASIC_AUTH_SEC_OAS_SCHEME;
+import static it.fabioformosa.quartzmanager.api.common.config.OpenAPIConfigConsts.QUARTZ_MANAGER_SEC_OAS_SCHEMA;
 import static it.fabioformosa.quartzmanager.api.common.config.QuartzManagerPaths.QUARTZ_MANAGER_BASE_CONTEXT_PATH;
 
 /**
@@ -27,7 +27,7 @@
  */
 @Slf4j
 @RestController
-@SecurityRequirement(name = BASIC_AUTH_SEC_OAS_SCHEME)
+@SecurityRequirement(name = QUARTZ_MANAGER_SEC_OAS_SCHEMA)
 @RequestMapping(SchedulerController.SCHEDULER_CONTROLLER_BASE_URL)
 public class SchedulerController {
 

diff --git a/.../src/main/java/it/fabioformosa/quartzmanager/api/controllers/SimpleTriggerController.java b/.../src/main/java/it/fabioformosa/quartzmanager/api/controllers/SimpleTriggerController.java
@@ -23,7 +23,7 @@
 
 @Slf4j
 @RequestMapping(SimpleTriggerController.SIMPLE_TRIGGER_CONTROLLER_BASE_URL)
-@SecurityRequirement(name = OpenAPIConfigConsts.BASIC_AUTH_SEC_OAS_SCHEME)
+@SecurityRequirement(name = OpenAPIConfigConsts.QUARTZ_MANAGER_SEC_OAS_SCHEMA)
 @RestController
 public class SimpleTriggerController {
 

diff --git a/...er-api/src/main/java/it/fabioformosa/quartzmanager/api/controllers/TriggerController.java b/...er-api/src/main/java/it/fabioformosa/quartzmanager/api/controllers/TriggerController.java
@@ -16,12 +16,12 @@
 
 import java.util.List;
 
-import static it.fabioformosa.quartzmanager.api.common.config.OpenAPIConfigConsts.BASIC_AUTH_SEC_OAS_SCHEME;
+import static it.fabioformosa.quartzmanager.api.common.config.OpenAPIConfigConsts.QUARTZ_MANAGER_SEC_OAS_SCHEMA;
 import static it.fabioformosa.quartzmanager.api.common.config.QuartzManagerPaths.QUARTZ_MANAGER_BASE_CONTEXT_PATH;
 
 @Slf4j
 @RequestMapping(TriggerController.TRIGGER_CONTROLLER_BASE_URL)
-@SecurityRequirement(name = BASIC_AUTH_SEC_OAS_SCHEME)
+@SecurityRequirement(name = QUARTZ_MANAGER_SEC_OAS_SCHEMA)
 @RestController
 public class TriggerController {
 

diff --git a/quartz-manager-parent/quartz-manager-starter-security/pom.xml b/quartz-manager-parent/quartz-manager-starter-security/pom.xml
@@ -70,6 +70,7 @@
       <groupId>org.springdoc</groupId>
       <artifactId>springdoc-openapi-ui</artifactId>
       <version>${springdoc-openapi.version}</version>
+      <optional>true</optional>
     </dependency>
 
     <!-- TEST -->

diff --git a/...src/main/java/it/fabioformosa/quartzmanager/api/security/QuartzManagerSecurityConfig.java b/...src/main/java/it/fabioformosa/quartzmanager/api/security/QuartzManagerSecurityConfig.java
@@ -54,7 +54,7 @@
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class QuartzManagerSecurityConfig {
 
-  private static final String[] PATTERNS_SWAGGER_UI = {"/swagger-ui.html", "/v3/api-docs/**", "/swagger-resources/**", "/webjars/**"};
+  private static final String[] PATTERNS_SWAGGER_UI = {"/swagger-ui/**", "/swagger-ui.html", "/v3/api-docs/**", "/swagger-resources/**", "/webjars/**"};
   public static final String QUARTZ_MANAGER_API_ANT_MATCHER = QUARTZ_MANAGER_BASE_CONTEXT_PATH + "/**";
   public static final String QUARTZ_MANAGER_UI_ANT_MATCHER = QuartzManagerPaths.WEBJAR_PATH + "/**";
 
@@ -121,11 +121,14 @@ public SecurityFilterChain filterChain(HttpSecurity http, @Qualifier("quartzMana
   }
 
   @Bean(name = "quartzManagerWebSecurityCustomizer")
-  public WebSecurityCustomizer webSecurityCustomizer() {
-    return (web) ->
+  public WebSecurityCustomizer webSecurityCustomizer(@Value("${quartz-manager.oas.enabled:false}") Boolean oasEnabled) {
+    return (web) -> {
       web.ignoring()//
-        .antMatchers(HttpMethod.GET, PATTERNS_SWAGGER_UI) //
         .antMatchers(HttpMethod.GET, QUARTZ_MANAGER_UI_ANT_MATCHER);
+      if(BooleanUtils.isNotFalse(oasEnabled))
+        web.ignoring()
+          .antMatchers(HttpMethod.GET, PATTERNS_SWAGGER_UI);
+    };
   }
 
   @Bean(name = "quartzManagerCorsConfigurationSource")
@@ -151,8 +154,7 @@ public JwtAuthenticationSuccessHandler jwtAuthenticationSuccessHandler() {
     return jwtAuthenticationSuccessHandler;
   }
 
-  //  @Bean
-  public JwtTokenAuthenticationFilter jwtAuthenticationTokenFilter(UserDetailsService userDetailsService) throws Exception {
+  public JwtTokenAuthenticationFilter jwtAuthenticationTokenFilter(UserDetailsService userDetailsService) {
     return new JwtTokenAuthenticationFilter(jwtTokenHelper(), userDetailsService);
   }
 

diff --git a/...rc/main/java/it/fabioformosa/quartzmanager/api/security/config/SecurityOpenApiConfig.java b/...rc/main/java/it/fabioformosa/quartzmanager/api/security/config/SecurityOpenApiConfig.java
@@ -0,0 +1,61 @@
+package it.fabioformosa.quartzmanager.api.security.config;
+
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.Operation;
+import io.swagger.v3.oas.models.PathItem;
+import io.swagger.v3.oas.models.media.*;
+import io.swagger.v3.oas.models.parameters.RequestBody;
+import io.swagger.v3.oas.models.responses.ApiResponse;
+import io.swagger.v3.oas.models.responses.ApiResponses;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+import it.fabioformosa.quartzmanager.api.common.config.OpenAPIConfigConsts;
+import it.fabioformosa.quartzmanager.api.common.config.QuartzManagerPaths;
+import it.fabioformosa.quartzmanager.api.security.properties.JwtSecurityProperties;
+import lombok.extern.slf4j.Slf4j;
+import org.springdoc.core.customizers.OpenApiCustomiser;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+
+import java.util.Arrays;
+
+@Slf4j
+@ConditionalOnProperty(name = "quartz-manager.oas.enabled")
+@Configuration
+public class SecurityOpenApiConfig {
+
+  @Order(Ordered.HIGHEST_PRECEDENCE)
+  @Bean("quartzManagerOpenApiCustomiser")
+  public OpenApiCustomiser configureQuartzManagerOpenAPI(JwtSecurityProperties jwtSecurityProps) {
+    return openAPI -> {
+      if (jwtSecurityProps.getCookieStrategy().isEnabled() == false)
+        openAPI
+          .components(new Components().addSecuritySchemes(OpenAPIConfigConsts.QUARTZ_MANAGER_SEC_OAS_SCHEMA, buildBasicAuthScheme()));
+
+      openAPI.path(QuartzManagerPaths.QUARTZ_MANAGER_LOGIN_PATH,
+        new PathItem().post(new Operation()
+          .operationId("login")
+          .tags(Arrays.asList("auth"))
+          .requestBody(new RequestBody().content(
+            new Content().addMediaType("application/x-www-form-urlencoded", new MediaType().schema(new Schema().type("object")
+              .addProperties("username", new StringSchema())
+              .addProperties("password", new PasswordSchema())
+              .required(Arrays.asList("username", "password"))
+            ))))
+          .responses(new ApiResponses().addApiResponse("200", new ApiResponse().description("JWT Token to authenticate the next requests")))
+          .responses(new ApiResponses().addApiResponse("401", new ApiResponse().description("Unauthorized - Username or password are incorrect!")))
+        ));
+    };
+  }
+
+  private SecurityScheme buildBasicAuthScheme() {
+    return new SecurityScheme()
+      .type(SecurityScheme.Type.HTTP)
+      .scheme("bearer")
+      .bearerFormat("JWT")
+      .description("A JWT Token in required to access this API. You can obtain a JWT Token by providing the username and password in the login API");
+  }
+
+}
diff --git a/.../src/main/java/it/fabioformosa/quartzmanager/api/security/controllers/UserController.java b/.../src/main/java/it/fabioformosa/quartzmanager/api/security/controllers/UserController.java
@@ -16,7 +16,7 @@
 
 @RestController
 @Hidden
-@SecurityRequirement(name = OpenAPIConfigConsts.BASIC_AUTH_SEC_OAS_SCHEME)
+@SecurityRequirement(name = OpenAPIConfigConsts.QUARTZ_MANAGER_SEC_OAS_SCHEMA)
 @RequestMapping(value = QUARTZ_MANAGER_AUTH_PATH, produces = MediaType.APPLICATION_JSON_VALUE)
 public class UserController {
 

diff --git a/quartz-manager-parent/quartz-manager-web-showcase/pom.xml b/quartz-manager-parent/quartz-manager-web-showcase/pom.xml
@@ -18,7 +18,7 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-	    <springfox.version>2.9.2</springfox.version>
+    <springdoc-openapi.version>1.5.12</springdoc-openapi.version>
 		<java.version>9</java.version>
 	</properties>
 
@@ -66,6 +66,12 @@
         </dependency>
 
         <!-- MISC -->
+        <dependency>
+          <groupId>org.springdoc</groupId>
+          <artifactId>springdoc-openapi-ui</artifactId>
+          <version>${springdoc-openapi.version}</version>
+          <optional>true</optional>
+        </dependency>
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt</artifactId>