Security is not added to Swagger from Open API generator
I am working on a new project in my team and we are implementing an API following the API first methodology. We are using openapi-generator-maven-plugin to generate our API from an yml file of format OpenAPI 3.0.3. To generate the swagger file we use springfox 2.9.2. The issue that I am facing is when I am trying to add security to the swagger for the requests.
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
security:
- bearerAuth: [ ]
The Authorize button doesn't appear in swagger page, only the lock near to the request appears but it doesn't do anything (see picture below).
What I observed is that if I open the /v2/api-docs the swagger json doesn't include the security definitions part.
The only way that I managed to add security is by adding by code in the Docket object the security part like so:
new Docket(DocumentationType.SWAGGER_2)
.securityContexts(Collections.singletonList(securityContext()))
.securitySchemes(Collections.singletonList(bearerJwtKey()))
.select()
.apis(RequestHandlerSelectors.basePackage("com.example"))
.paths(PathSelectors.any())
.build();
Is this the only way to add security to Swagger UI or am I missing something?
Reason: Bearer Auth isn't implemented in spring library yet :(
Workaround solution - extend generated Docket:
Import generated config class and then add a security schema (ApiKey) to the existing Docket bean. Example:
@Configuration
@Import(OpenAPIDocumentationConfig.class) // openapi generated config class
public class SwaggerConfiguration {
@Autowired
ApplicationContext context;
@PostConstruct
public void extendExistingDocketWithSecurity() {
Docket docket = context.getBean(Docket.class);
docker.securitySchemes(Collections.singletonList(bearer()));
}
private static ApiKey bearer() {
// where "bearerAuth" - name of your schema in YML spec. file
return new ApiKey ("bearerAuth", HttpHeaders.AUTHORIZATION, "header");
}
Done! You're awesome! Now you're using generated swagger config without overriding, but just extending
- How to override default Tomcat 404 not found html page in Spring Boot 3.2?
- How to log SQL parameters binding in JPA queries with Spring Boot 3?
- How to log SQL statements with query param values in Spring Boot 3/Hibernate 6
- Spring Boot - Logback Configuration - Annoying Boilerplate at beginning of log
- Java Spring Boot: How to map my app root (“/”) to index.html?
- Unable to Insert image from classpath into PDF using PDFBox
- Spring boot ddl auto generator
- SpringBoot 3, hibernate 6 tables not created
- UTF-8 encoding of application.properties attributes in Spring-Boot
- Implementing Custom Expression Handling with Spring Security 6
- my Spring CustomSecurityExpressionRoot not working
- MySQL Testcontainer Timezone Issue When Using Spring Data JDBC
- How to read data from java properties file using Spring Boot
- Does adding @Transactional annotation to method is a must when making database calls?
- @EnableGlobalMethodSecurity is deprecated in the new spring boot 3.0
- Scheduler not running in Spring Boot
- SpringBoot EventListener don't receive events
- http call with Multipart form data is failing after spring upgrade
- Karate framework fails to find tests in multi module Spring Framework
- Connecting to queue or creating on non-existence in spring-rabbitmq
- Spring Security blocks POST requests despite SecurityConfig
- Weird autoincrement issue on Spring Boot 3.3.0 with MySQL 8
- Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback with no error in console
- Disable exemplars support in Spring Boot 3.2 to avoid Prometheus problem with scrapping metrics
- What happened to SimpleRemoteStatelessSessionProxyFactoryBean?
- Spring Boot Restful Service and CORS problem
- What is the best way to test that a spring application context fails to start?
- Using org.commonsources.correlation.filter.CorrelationHeaderFilter throws Caused by: java.io.IOException: Failed to load class [javax.servlet.Filter]
- Cannot convert grib2 to geotiff in SpringBoot app
- Spring Boot JPA H2 Console not running, application.properties file ignored