Skip to content

Commit ad1493c

Browse files
bnasslahsenbnasslahsen
committed
fix update #2094 
1 parent 1f7dc0b commit ad1493c

File tree

4 files changed

+375
-88
lines changed

4 files changed

+375
-88
lines changed

springdoc-openapi-starter-common/src/main/java/org/springdoc/core/configuration/SpringDocSecurityOAuth2Customizer.java

+4-4
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,8 @@
2020
import org.apache.commons.lang3.reflect.FieldUtils;
2121
import org.slf4j.Logger;
2222
import org.slf4j.LoggerFactory;
23+
import org.springdoc.core.configuration.oauth2.SpringDocOAuth2AuthorizationServerMetadata;
24+
import org.springdoc.core.configuration.oauth2.SpringDocOAuth2TokenIntrospection;
2325
import org.springdoc.core.customizers.GlobalOpenApiCustomizer;
2426
import org.springdoc.core.utils.SpringDocAnnotationsUtils;
2527

@@ -31,8 +33,6 @@
3133
import org.springframework.security.oauth2.core.OAuth2Error;
3234
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
3335
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
34-
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadata;
35-
import org.springframework.security.oauth2.server.authorization.OAuth2TokenIntrospection;
3636
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationConsentAuthenticationToken;
3737
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenRevocationAuthenticationToken;
3838
import org.springframework.security.oauth2.server.authorization.web.NimbusJwkSetEndpointFilter;
@@ -119,7 +119,7 @@ private void getOAuth2TokenIntrospectionEndpointFilter(OpenAPI openAPI, Security
119119
Object oAuth2EndpointFilter =
120120
new SpringDocSecurityOAuth2EndpointUtils(OAuth2TokenIntrospectionEndpointFilter.class).findEndpoint(securityFilterChain);
121121
if (oAuth2EndpointFilter != null) {
122-
ApiResponses apiResponses = buildApiResponsesWithBadRequest(SpringDocAnnotationsUtils.resolveSchemaFromType(OAuth2TokenIntrospection.class, openAPI.getComponents(), null), openAPI);
122+
ApiResponses apiResponses = buildApiResponsesWithBadRequest(SpringDocAnnotationsUtils.resolveSchemaFromType(SpringDocOAuth2TokenIntrospection.class, openAPI.getComponents(), null), openAPI);
123123
Operation operation = buildOperation(apiResponses);
124124
Schema<?> schema = new ObjectSchema()
125125
.addProperty("token", new StringSchema())
@@ -143,7 +143,7 @@ private void getOAuth2AuthorizationServerMetadataEndpoint(OpenAPI openAPI, Secur
143143
Object oAuth2EndpointFilter =
144144
new SpringDocSecurityOAuth2EndpointUtils(OAuth2AuthorizationServerMetadataEndpointFilter.class).findEndpoint(securityFilterChain);
145145
if (oAuth2EndpointFilter != null) {
146-
ApiResponses apiResponses = buildApiResponses(SpringDocAnnotationsUtils.resolveSchemaFromType(OAuth2AuthorizationServerMetadata.class, openAPI.getComponents(), null));
146+
ApiResponses apiResponses = buildApiResponses(SpringDocAnnotationsUtils.resolveSchemaFromType(SpringDocOAuth2AuthorizationServerMetadata.class, openAPI.getComponents(), null));
147147
Operation operation = buildOperation(apiResponses);
148148
buildPath(oAuth2EndpointFilter, "requestMatcher", openAPI, operation, HttpMethod.GET);
149149
}

springdoc-openapi-starter-common/src/main/java/org/springdoc/core/configuration/oauth2/SpringDocOAuth2AuthorizationServerMetadata.java

+151
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,151 @@
1+
package org.springdoc.core.configuration.oauth2;
2+
3+
import java.net.URL;
4+
import java.time.Instant;
5+
import java.util.List;
6+
import java.util.Map;
7+
8+
import com.fasterxml.jackson.annotation.JsonProperty;
9+
import io.swagger.v3.oas.annotations.media.Schema;
10+
11+
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadataClaimAccessor;
12+
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationServerMetadataClaimNames;
13+
14+
/**
15+
* The type Spring doc o auth 2 authorization server metadata.
16+
*
17+
* @author bnasslahsen
18+
*/
19+
@Schema(name = "OAuth2AuthorizationServerMetadata")
20+
public class SpringDocOAuth2AuthorizationServerMetadata implements OAuth2AuthorizationServerMetadataClaimAccessor {
21+
22+
23+
@Override
24+
public Map<String, Object> getClaims() {
25+
return null;
26+
}
27+
28+
@Override
29+
public <T> T getClaim(String claim) {
30+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaim(claim);
31+
}
32+
33+
@Override
34+
public boolean hasClaim(String claim) {
35+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.hasClaim(claim);
36+
}
37+
38+
@Override
39+
public String getClaimAsString(String claim) {
40+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsString(claim);
41+
}
42+
43+
@Override
44+
public Boolean getClaimAsBoolean(String claim) {
45+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsBoolean(claim);
46+
}
47+
48+
@Override
49+
public Instant getClaimAsInstant(String claim) {
50+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsInstant(claim);
51+
}
52+
53+
@Override
54+
public URL getClaimAsURL(String claim) {
55+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsURL(claim);
56+
}
57+
58+
@Override
59+
public Map<String, Object> getClaimAsMap(String claim) {
60+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsMap(claim);
61+
}
62+
63+
@Override
64+
public List<String> getClaimAsStringList(String claim) {
65+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClaimAsStringList(claim);
66+
}
67+
68+
@Override
69+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.ISSUER)
70+
public URL getIssuer() {
71+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getIssuer();
72+
}
73+
74+
@Override
75+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.AUTHORIZATION_ENDPOINT)
76+
public URL getAuthorizationEndpoint() {
77+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getAuthorizationEndpoint();
78+
}
79+
80+
@Override
81+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT)
82+
public URL getTokenEndpoint() {
83+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenEndpoint();
84+
}
85+
86+
@Override
87+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED)
88+
public List<String> getTokenEndpointAuthenticationMethods() {
89+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenEndpointAuthenticationMethods();
90+
}
91+
92+
@Override
93+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.JWKS_URI)
94+
public URL getJwkSetUrl() {
95+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getJwkSetUrl();
96+
}
97+
98+
@Override
99+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.SCOPES_SUPPORTED)
100+
public List<String> getScopes() {
101+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getScopes();
102+
}
103+
104+
@Override
105+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.RESPONSE_TYPES_SUPPORTED)
106+
public List<String> getResponseTypes() {
107+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getResponseTypes();
108+
}
109+
110+
@Override
111+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.GRANT_TYPES_SUPPORTED)
112+
public List<String> getGrantTypes() {
113+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getGrantTypes();
114+
}
115+
116+
@Override
117+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.REVOCATION_ENDPOINT)
118+
public URL getTokenRevocationEndpoint() {
119+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenRevocationEndpoint();
120+
}
121+
122+
@Override
123+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.REVOCATION_ENDPOINT_AUTH_METHODS_SUPPORTED)
124+
public List<String> getTokenRevocationEndpointAuthenticationMethods() {
125+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenRevocationEndpointAuthenticationMethods();
126+
}
127+
128+
@Override
129+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.INTROSPECTION_ENDPOINT)
130+
public URL getTokenIntrospectionEndpoint() {
131+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenIntrospectionEndpoint();
132+
}
133+
134+
@Override
135+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.INTROSPECTION_ENDPOINT_AUTH_METHODS_SUPPORTED)
136+
public List<String> getTokenIntrospectionEndpointAuthenticationMethods() {
137+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getTokenIntrospectionEndpointAuthenticationMethods();
138+
}
139+
140+
@Override
141+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.REGISTRATION_ENDPOINT)
142+
public URL getClientRegistrationEndpoint() {
143+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getClientRegistrationEndpoint();
144+
}
145+
146+
@Override
147+
@JsonProperty(OAuth2AuthorizationServerMetadataClaimNames.CODE_CHALLENGE_METHODS_SUPPORTED)
148+
public List<String> getCodeChallengeMethods() {
149+
return OAuth2AuthorizationServerMetadataClaimAccessor.super.getCodeChallengeMethods();
150+
}
151+
}

springdoc-openapi-starter-common/src/main/java/org/springdoc/core/configuration/oauth2/SpringDocOAuth2TokenIntrospection.java

+136
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,136 @@
1+
package org.springdoc.core.configuration.oauth2;
2+
3+
import java.net.URL;
4+
import java.time.Instant;
5+
import java.util.List;
6+
import java.util.Map;
7+
8+
import com.fasterxml.jackson.annotation.JsonProperty;
9+
import io.swagger.v3.oas.annotations.media.Schema;
10+
11+
import org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor;
12+
import org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames;
13+
14+
/**
15+
* @author bnasslahsen
16+
*/
17+
@Schema(name = "OAuth2TokenIntrospection")
18+
public class SpringDocOAuth2TokenIntrospection implements OAuth2TokenIntrospectionClaimAccessor {
19+
20+
@Override
21+
public Map<String, Object> getClaims() {
22+
return null;
23+
}
24+
25+
@Override
26+
public <T> T getClaim(String claim) {
27+
return OAuth2TokenIntrospectionClaimAccessor.super.getClaim(claim);
28+
}
29+
30+
@Override
31+
public boolean hasClaim(String claim) {
32+
return OAuth2TokenIntrospectionClaimAccessor.super.hasClaim(claim);
33+
}
34+
35+
@Override
36+
public String getClaimAsString(String claim) {
37+
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsString(claim);
38+
}
39+
40+
@Override
41+
public Boolean getClaimAsBoolean(String claim) {
42+
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsBoolean(claim);
43+
}
44+
45+
@Override
46+
public Instant getClaimAsInstant(String claim) {
47+
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsInstant(claim);
48+
}
49+
50+
@Override
51+
public URL getClaimAsURL(String claim) {
52+
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsURL(claim);
53+
}
54+
55+
@Override
56+
public Map<String, Object> getClaimAsMap(String claim) {
57+
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsMap(claim);
58+
}
59+
60+
@Override
61+
public List<String> getClaimAsStringList(String claim) {
62+
return OAuth2TokenIntrospectionClaimAccessor.super.getClaimAsStringList(claim);
63+
}
64+
65+
@Override
66+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.ACTIVE)
67+
public boolean isActive() {
68+
return OAuth2TokenIntrospectionClaimAccessor.super.isActive();
69+
}
70+
71+
@Override
72+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.USERNAME)
73+
public String getUsername() {
74+
return OAuth2TokenIntrospectionClaimAccessor.super.getUsername();
75+
}
76+
77+
@Override
78+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.CLIENT_ID)
79+
public String getClientId() {
80+
return OAuth2TokenIntrospectionClaimAccessor.super.getClientId();
81+
}
82+
83+
@Override
84+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.SCOPE)
85+
public List<String> getScopes() {
86+
return OAuth2TokenIntrospectionClaimAccessor.super.getScopes();
87+
}
88+
89+
@Override
90+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.TOKEN_TYPE)
91+
public String getTokenType() {
92+
return OAuth2TokenIntrospectionClaimAccessor.super.getTokenType();
93+
}
94+
95+
@Override
96+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.EXP)
97+
public Instant getExpiresAt() {
98+
return OAuth2TokenIntrospectionClaimAccessor.super.getExpiresAt();
99+
}
100+
101+
@Override
102+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.IAT)
103+
public Instant getIssuedAt() {
104+
return OAuth2TokenIntrospectionClaimAccessor.super.getIssuedAt();
105+
}
106+
107+
@Override
108+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.NBF)
109+
public Instant getNotBefore() {
110+
return OAuth2TokenIntrospectionClaimAccessor.super.getNotBefore();
111+
}
112+
113+
@Override
114+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.SUB)
115+
public String getSubject() {
116+
return OAuth2TokenIntrospectionClaimAccessor.super.getSubject();
117+
}
118+
119+
@Override
120+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.AUD)
121+
public List<String> getAudience() {
122+
return OAuth2TokenIntrospectionClaimAccessor.super.getAudience();
123+
}
124+
125+
@Override
126+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.ISS)
127+
public URL getIssuer() {
128+
return OAuth2TokenIntrospectionClaimAccessor.super.getIssuer();
129+
}
130+
131+
@Override
132+
@JsonProperty(OAuth2TokenIntrospectionClaimNames.JTI)
133+
public String getId() {
134+
return OAuth2TokenIntrospectionClaimAccessor.super.getId();
135+
}
136+
}

0 commit comments

Comments
 (0)