Skip to content

Commit

Permalink
fix update #2094
Browse files Browse the repository at this point in the history
  • Loading branch information
@bnasslahsen
bnasslahsen committed Mar 9, 2023
1 parent f0be53e commit e2e639f
Show file tree
Hide file tree
Showing 4 changed files with 410 additions and 115 deletions.
8 changes: 4 additions & 4 deletions ...napi-security/src/main/java/org/springdoc/security/SpringDocSecurityOAuth2Customizer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@
import org.slf4j.LoggerFactory;
import org.springdoc.core.SpringDocAnnotationsUtils;
import org.springdoc.core.customizers.GlobalOpenApiCustomizer;
import org.springdoc.security.oauth2.SpringDocOAuth2AuthorizationServerMetadata;
import org.springdoc.security.oauth2.SpringDocOAuth2TokenIntrospection;

import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
Expand All @@ -31,8 +33,6 @@
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadata;
import org.springframework.security.oauth2.server.authorization.OAuth2TokenIntrospection;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationConsentAuthenticationToken;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenRevocationAuthenticationToken;
import org.springframework.security.oauth2.server.authorization.web.NimbusJwkSetEndpointFilter;
Expand Down Expand Up @@ -119,7 +119,7 @@ private void getOAuth2TokenIntrospectionEndpointFilter(OpenAPI openAPI, Security
Object oAuth2EndpointFilter =
new SpringDocSecurityOAuth2EndpointUtils(OAuth2TokenIntrospectionEndpointFilter.class).findEndpoint(securityFilterChain);
if (oAuth2EndpointFilter != null) {
ApiResponses apiResponses = buildApiResponsesWithBadRequest(SpringDocAnnotationsUtils.resolveSchemaFromType(OAuth2TokenIntrospection.class, openAPI.getComponents(), null), openAPI);
ApiResponses apiResponses = buildApiResponsesWithBadRequest(SpringDocAnnotationsUtils.resolveSchemaFromType(SpringDocOAuth2TokenIntrospection.class, openAPI.getComponents(), null), openAPI);
Operation operation = buildOperation(apiResponses);
Schema<?> schema = new ObjectSchema()
.addProperty("token", new StringSchema())
Expand All @@ -143,7 +143,7 @@ private void getOAuth2AuthorizationServerMetadataEndpoint(OpenAPI openAPI, Secur
Object oAuth2EndpointFilter =
new SpringDocSecurityOAuth2EndpointUtils(OAuth2AuthorizationServerMetadataEndpointFilter.class).findEndpoint(securityFilterChain);
if (oAuth2EndpointFilter != null) {
ApiResponses apiResponses = buildApiResponses(SpringDocAnnotationsUtils.resolveSchemaFromType(OAuth2AuthorizationServerMetadata.class, openAPI.getComponents(), null));
ApiResponses apiResponses = buildApiResponses(SpringDocAnnotationsUtils.resolveSchemaFromType(SpringDocOAuth2AuthorizationServerMetadata.class, openAPI.getComponents(), null));
Operation operation = buildOperation(apiResponses);
buildPath(oAuth2EndpointFilter, "requestMatcher", openAPI, operation, HttpMethod.GET);
}
Expand Down
154 changes: 154 additions & 0 deletions ...c/main/java/org/springdoc/security/oauth2/SpringDocOAuth2AuthorizationServerMetadata.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,154 @@
package org.springdoc.security.oauth2;

import java.net.URL;
import java.time.Instant;
import java.util.List;
import java.util.Map;

import com.fasterxml.jackson.annotation.JsonProperty;
import io.swagger.v3.oas.annotations.media.Schema;

import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadataClaimAccessor;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadataClaimNames;

/**
* @author bnasslahsen
*/
@Schema(name = "OAuth2AuthorizationServerMetadata")
public class SpringDocOAuth2AuthorizationServerMetadata implements OAuth2AuthorizationServerMetadataClaimAccessor {


@Override
public Map<String, Object> getClaims() {
return null;
}

@Override
public <T> T getClaim(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaim(claim);
}

@Override
public boolean hasClaim(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.hasClaim(claim);
}

@Override
public Boolean containsClaim(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.containsClaim(claim);
}

@Override
public String getClaimAsString(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsString(claim);
}

@Override
public Boolean getClaimAsBoolean(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsBoolean(claim);
}

@Override
public Instant getClaimAsInstant(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsInstant(claim);
}

@Override
public URL getClaimAsURL(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsURL(claim);
}

@Override
public Map<String, Object> getClaimAsMap(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsMap(claim);
}

@Override
public List<String> getClaimAsStringList(String claim) {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsStringList(claim);
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.ISSUER)
public URL getIssuer() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getIssuer();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.AUTHORIZATION_ENDPOINT)
public URL getAuthorizationEndpoint() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getAuthorizationEndpoint();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT)
public URL getTokenEndpoint() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenEndpoint();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED)
public List<String> getTokenEndpointAuthenticationMethods() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenEndpointAuthenticationMethods();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.JWKS_URI)
public URL getJwkSetUrl() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getJwkSetUrl();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.SCOPES_SUPPORTED)
public List<String> getScopes() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getScopes();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.RESPONSE_TYPES_SUPPORTED)
public List<String> getResponseTypes() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getResponseTypes();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.GRANT_TYPES_SUPPORTED)
public List<String> getGrantTypes() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getGrantTypes();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.REVOCATION_ENDPOINT)
public URL getTokenRevocationEndpoint() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenRevocationEndpoint();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.REVOCATION_ENDPOINT_AUTH_METHODS_SUPPORTED)
public List<String> getTokenRevocationEndpointAuthenticationMethods() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenRevocationEndpointAuthenticationMethods();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.INTROSPECTION_ENDPOINT)
public URL getTokenIntrospectionEndpoint() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenIntrospectionEndpoint();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.INTROSPECTION_ENDPOINT_AUTH_METHODS_SUPPORTED)
public List<String> getTokenIntrospectionEndpointAuthenticationMethods() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenIntrospectionEndpointAuthenticationMethods();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.REGISTRATION_ENDPOINT)
public URL getClientRegistrationEndpoint() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClientRegistrationEndpoint();
}

@Override
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.CODE_CHALLENGE_METHODS_SUPPORTED)
public List<String> getCodeChallengeMethods() {
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getCodeChallengeMethods();
}
}
141 changes: 141 additions & 0 deletions ...curity/src/main/java/org/springdoc/security/oauth2/SpringDocOAuth2TokenIntrospection.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@
package org.springdoc.security.oauth2;

import java.net.URL;
import java.time.Instant;
import java.util.List;
import java.util.Map;

import com.fasterxml.jackson.annotation.JsonProperty;
import io.swagger.v3.oas.annotations.media.Schema;

import org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor;
import org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames;

/**
* @author bnasslahsen
*/
@Schema(name = "OAuth2TokenIntrospection")
public class SpringDocOAuth2TokenIntrospection implements OAuth2TokenIntrospectionClaimAccessor {

@Override
public Map<String, Object> getClaims() {
return null;
}

@Override
public <T> T getClaim(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.getClaim(claim);
}

@Override
public boolean hasClaim(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.hasClaim(claim);
}

@Override
public Boolean containsClaim(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.containsClaim(claim);
}

@Override
public String getClaimAsString(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsString(claim);
}

@Override
public Boolean getClaimAsBoolean(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsBoolean(claim);
}

@Override
public Instant getClaimAsInstant(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsInstant(claim);
}

@Override
public URL getClaimAsURL(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsURL(claim);
}

@Override
public Map<String, Object> getClaimAsMap(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsMap(claim);
}

@Override
public List<String> getClaimAsStringList(String claim) {
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsStringList(claim);
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.ACTIVE)
public boolean isActive() {
return OAuth2TokenIntrospectionClaimAccessor.super.isActive();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.USERNAME)
public String getUsername() {
return OAuth2TokenIntrospectionClaimAccessor.super.getUsername();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.CLIENT_ID)
public String getClientId() {
return OAuth2TokenIntrospectionClaimAccessor.super.getClientId();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.SCOPE)
public List<String> getScopes() {
return OAuth2TokenIntrospectionClaimAccessor.super.getScopes();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.TOKEN_TYPE)
public String getTokenType() {
return OAuth2TokenIntrospectionClaimAccessor.super.getTokenType();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.EXP)
public Instant getExpiresAt() {
return OAuth2TokenIntrospectionClaimAccessor.super.getExpiresAt();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.IAT)
public Instant getIssuedAt() {
return OAuth2TokenIntrospectionClaimAccessor.super.getIssuedAt();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.NBF)
public Instant getNotBefore() {
return OAuth2TokenIntrospectionClaimAccessor.super.getNotBefore();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.SUB)
public String getSubject() {
return OAuth2TokenIntrospectionClaimAccessor.super.getSubject();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.AUD)
public List<String> getAudience() {
return OAuth2TokenIntrospectionClaimAccessor.super.getAudience();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.ISS)
public URL getIssuer() {
return OAuth2TokenIntrospectionClaimAccessor.super.getIssuer();
}

@Override
@JsonProperty(OAuth2TokenIntrospectionClaimNames.JTI)
public String getId() {
return OAuth2TokenIntrospectionClaimAccessor.super.getId();
}
}

0 comments on commit e2e639f

Please sign in to comment.