How to configure OAuth authorization URL

I have a JAX-RS app using MP-OpenApi to provide an OpenAPI UI using OpenLiberty. My API is authenticated using OAuth2 implicit flow. This is currently configured using annotations, like this:

@SecurityScheme(
    securitySchemeName = JaxRsApplication.OAUTH2_SECURITY_SCHEME_NAME,
    type = SecuritySchemeType.OAUTH2,
    flows = @OAuthFlows(
            implicit = @OAuthFlow(
                    authorizationUrl = "https://auth-server/connect/authorize",
                    scopes = @OAuthScope(name = "some-api-scope", description = "Some API Scope"))))

My goal is to configure the authorizationUrl value in a config file instead of hardcoding it within an annotation, so that I can configure this for different server environments as a CI/CD step. Can this be done?

Also, is there a way to select some scopes and automatically populate the client id in the OpenAPI UI?

Cheers.

Solution

To override the URL

Regarding to the Microprofile OpenAPI Spec: OASFilter, we are able to override the authorizationUrl as the following example: -

package my.filter;

import org.eclipse.microprofile.config.Config;
import org.eclipse.microprofile.config.ConfigProvider;

import org.eclipse.microprofile.openapi.OASFilter;
import org.eclipse.microprofile.openapi.models.security.SecurityScheme;

public class DemoOASFilter implements OASFilter {
    @Override
    public SecurityScheme filterSecurityScheme(final SecurityScheme securityScheme) {
        Config config = ConfigProvider.getConfig();
        String myUrl  = config.getValue("my.url", 
                                        String.class);
        securityScheme.getFlows().
                       getImplicit().
                       setAuthorizationUrl(myUrl);

        return securityScheme;
    }
}

Then put our fully qualified class name as a value of the mp.openapi.filter at the META-INF/microprofile-config.properties as the following example

mp.openapi.filter=my.filter.DemoOASFilter
my.url=http://some/url

Not only to override the authorizationUrl, the OAuthFlow also provide us to override the tokenUrl, refreshUrl and so on. Apart from the implicit, the OAuthFlows also provides the authorizationCode, clientCredentails and others as well. Furthermore the OASFilter interface give us to override more, e.g. APIResponse, tag, server, etc., too.

Integrate with `Microprofile: Config`

Config config = ConfigProvider.getConfig();
String myUrl  = config.getValue("my.url", 
                                String.class);

I've tried to put the URL configuration to the META-INF/microprofile-config.properties as the above example, but not achieved as it give me a java.util.NoSuchElementException.

Anyhow the environment variable and system properties are achieved.

docker run -it \
    --env my.url=http://some/url \
    ....

java -Dmy.url=http://some/url -jar  ....

How to configure OAuth authorization URL

To override the URL

Integrate with Microprofile: Config

Integrate with `Microprofile: Config`