add support for Spring Authorization Server. Fixes #2094

Author: bnasslahsen

pom.xml

@@ -81,6 +81,7 @@
 		<therapi-runtime-javadoc.version>0.15.0</therapi-runtime-javadoc.version>
 		<spring-cloud-function.version>3.2.4</spring-cloud-function.version>
 		<dependency-check.version>7.1.0</dependency-check.version>
+		<spring-security-oauth2-authorization-server.version>1.0.1</spring-security-oauth2-authorization-server.version>
 	</properties>
 
 	<dependencyManagement>
@@ -113,6 +114,11 @@
 				<artifactId>spring-security-oauth2</artifactId>
 				<version>${spring-security-oauth2.version}</version>
 			</dependency>
+			<dependency>
+				<groupId>org.springframework.security</groupId>
+				<artifactId>spring-security-oauth2-authorization-server</artifactId>
+				<version>${spring-security-oauth2-authorization-server.version}</version>
+			</dependency>
 			<dependency>
 				<groupId>io.github.classgraph</groupId>
 				<artifactId>classgraph</artifactId>

springdoc-openapi-common/src/main/java/org/springdoc/core/Constants.java

@@ -108,6 +108,11 @@ public final class Constants {
 	 */
 	public static final String SPRINGDOC_SHOW_LOGIN_ENDPOINT = "springdoc.show-login-endpoint";
 
+	/**
+	 * The constant SPRINGDOC_SHOW_OAUTH2_ENDPOINTS.
+	 */
+	public static final String SPRINGDOC_SHOW_OAUTH2_ENDPOINTS = "springdoc.show-oauth2-endpoints";
+
 	/**
 	 * The constant SPRINGDOC_CACHE_DISABLED.
 	 */

springdoc-openapi-common/src/main/java/org/springdoc/core/SpringDocConfigProperties.java

@@ -202,6 +202,11 @@ public class SpringDocConfigProperties {
 	 */
 	private boolean nullableRequestParameterEnabled;
 
+	/**
+	 * The Show oauth 2 endpoint.
+	 */
+	private boolean showOauth2Endpoint;
+
 	/**
 	 * Gets override with generic response.
 	 *
@@ -1500,4 +1505,12 @@ public void setDisplayName(String displayName) {
 			this.displayName = displayName;
 		}
 	}
+
+	public boolean isShowOauth2Endpoint() {
+		return showOauth2Endpoint;
+	}
+
+	public void setShowOauth2Endpoint(boolean showOauth2Endpoint) {
+		this.showOauth2Endpoint = showOauth2Endpoint;
+	}
 }

springdoc-openapi-security/pom.xml

@@ -26,6 +26,11 @@
 			<artifactId>spring-security-oauth2</artifactId>
 			<optional>true</optional>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-oauth2-authorization-server</artifactId>
+			<optional>true</optional>
+		</dependency>
 		<dependency>
 			<groupId>jakarta.servlet</groupId>
 			<artifactId>jakarta.servlet-api</artifactId>

springdoc-openapi-security/src/main/java/org/springdoc/security/SpringDocSecurityConfiguration.java

@@ -39,6 +39,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springdoc.core.SpringDocConfiguration;
+import org.springdoc.core.customizers.GlobalOpenApiCustomizer;
 import org.springdoc.core.customizers.OpenApiCustomiser;
 
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
@@ -53,6 +54,7 @@
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping;
+import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 import org.springframework.security.web.FilterChainProxy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
@@ -63,6 +65,7 @@
 
 import static org.springdoc.core.Constants.SPRINGDOC_ENABLED;
 import static org.springdoc.core.Constants.SPRINGDOC_SHOW_LOGIN_ENDPOINT;
+import static org.springdoc.core.Constants.SPRINGDOC_SHOW_OAUTH2_ENDPOINTS;
 import static org.springdoc.core.SpringDocUtils.getConfig;
 
 /**
@@ -103,8 +106,8 @@ class SpringSecurityOAuth2ProviderConfiguration {
 		@Bean
 		@ConditionalOnMissingBean
 		@Lazy(false)
-		SpringSecurityOAuth2Provider springSecurityOAuth2Provider(FrameworkEndpointHandlerMapping oauth2EndpointHandlerMapping) {
-			return new SpringSecurityOAuth2Provider(oauth2EndpointHandlerMapping);
+		SpringSecurityOAuth2LegacyProvider springSecurityOAuth2Provider(FrameworkEndpointHandlerMapping oauth2EndpointHandlerMapping) {
+			return new SpringSecurityOAuth2LegacyProvider(oauth2EndpointHandlerMapping);
 		}
 	}
 
@@ -184,4 +187,22 @@ OpenApiCustomiser springSecurityLoginEndpointCustomiser(ApplicationContext appli
 			};
 		}
 	}
+
+	@Lazy(false)
+	@Configuration(proxyBeanMethods = false)
+	@ConditionalOnClass(OAuth2AuthorizationService.class)
+	class SpringDocSecurityOAuth2Configuration {
+
+		/**
+		 * Spring security OAuth2 endpoint OpenAPI customizer.
+		 *
+		 * @return the open api customizer
+		 */
+		@Bean
+		@ConditionalOnProperty(SPRINGDOC_SHOW_OAUTH2_ENDPOINTS)
+		@Lazy(false)
+		GlobalOpenApiCustomizer springDocSecurityOAuth2Customizer() {
+			return new SpringDocSecurityOAuth2Customizer();
+		}
+	}
 }