Swagger - add bearer auth for MGMT API (#1468)

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2023-11-02 16:53:39 +02:00
committed by GitHub
parent defa6c3b69
commit 68e7daa1d8
2 changed files with 15 additions and 3 deletions

View File

@@ -279,6 +279,9 @@ class JwtAuthoritiesExtractor {
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
Set<GrantedAuthority> extract(final String clientId, final Map<String, Object> claims) { Set<GrantedAuthority> extract(final String clientId, final Map<String, Object> claims) {
final Map<String, Object> resourceMap = (Map<String, Object>) claims.get("resource_access"); final Map<String, Object> resourceMap = (Map<String, Object>) claims.get("resource_access");
if (CollectionUtils.isEmpty(resourceMap)) {
return Collections.emptySet();
}
final Map<String, Map<String, Object>> clientResource = (Map<String, Map<String, Object>>) resourceMap final Map<String, Map<String, Object>> clientResource = (Map<String, Map<String, Object>>) resourceMap
.get(clientId); .get(clientId);

View File

@@ -33,6 +33,7 @@ public class OpenApiConfiguration {
"""; """;
private static final String BASIC_AUTH_SEC_SCHEME_NAME = "Basic Authentication"; private static final String BASIC_AUTH_SEC_SCHEME_NAME = "Basic Authentication";
private static final String BEARER_AUTH_SEC_SCHEME_NAME = "Bearer Authentication";
private static final String DDI_TOKEN_SEC_SCHEME_NAME = "DDI Target/GatewayToken Authentication"; private static final String DDI_TOKEN_SEC_SCHEME_NAME = "DDI Target/GatewayToken Authentication";
@Bean @Bean
@@ -52,7 +53,9 @@ public class OpenApiConfiguration {
.pathsToMatch("/rest/v1/**") .pathsToMatch("/rest/v1/**")
.addOpenApiCustomiser(openApi -> { .addOpenApiCustomiser(openApi -> {
openApi openApi
.addSecurityItem(new SecurityRequirement().addList(BASIC_AUTH_SEC_SCHEME_NAME)) .addSecurityItem(new SecurityRequirement()
.addList(BASIC_AUTH_SEC_SCHEME_NAME)
.addList(BEARER_AUTH_SEC_SCHEME_NAME))
.components( .components(
openApi openApi
.getComponents() .getComponents()
@@ -61,11 +64,17 @@ public class OpenApiConfiguration {
.name(BASIC_AUTH_SEC_SCHEME_NAME) .name(BASIC_AUTH_SEC_SCHEME_NAME)
.type(SecurityScheme.Type.HTTP) .type(SecurityScheme.Type.HTTP)
.in(SecurityScheme.In.HEADER) .in(SecurityScheme.In.HEADER)
.scheme("basic"))); .scheme("basic"))
.addSecuritySchemes(BEARER_AUTH_SEC_SCHEME_NAME,
new SecurityScheme()
.name(BEARER_AUTH_SEC_SCHEME_NAME)
.type(SecurityScheme.Type.HTTP)
.in(SecurityScheme.In.HEADER)
.bearerFormat("JWT")
.scheme("bearer")));
}) })
.build(); .build();
} }
@Bean @Bean
@ConditionalOnProperty( @ConditionalOnProperty(
value="hawkbit.server.swagger.ddi.api.group.enabled", value="hawkbit.server.swagger.ddi.api.group.enabled",