You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2018/06/18 08:31:19 UTC
[camel] 01/04: CAMEL-9751: Allow to configure swagger security
requirements in generated swagger api docs in rest-dsl.
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git
commit 6c73c5d2bbd16ef8f05889d5faa4de34cd10feae
Author: Claus Ibsen <cl...@gmail.com>
AuthorDate: Sat Jun 16 12:31:32 2018 +0200
CAMEL-9751: Allow to configure swagger security requirements in generated swagger api docs in rest-dsl.
---
.../apache/camel/model/rest/RestDefinition.java | 20 ++++
.../camel/model/rest/RestSecuritiesDefinition.java | 51 ++++++++++
.../camel/model/rest/RestSecurityApiKey.java | 75 +++++++++++++++
.../camel/model/rest/RestSecurityBasicAuth.java | 34 +++++++
.../camel/model/rest/RestSecurityDefinition.java | 70 ++++++++++++++
.../camel/model/rest/RestSecurityOAuth2.java | 95 +++++++++++++++++++
.../org/apache/camel/model/rest/jaxb.index | 4 +
.../RestSwaggerReaderModelApiSecurityTest.java | 104 +++++++++++++++++++++
8 files changed, 453 insertions(+)
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestDefinition.java b/camel-core/src/main/java/org/apache/camel/model/rest/RestDefinition.java
index 53aa964..36db164 100644
--- a/camel-core/src/main/java/org/apache/camel/model/rest/RestDefinition.java
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestDefinition.java
@@ -26,6 +26,7 @@ import java.util.Set;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlElementRef;
import javax.xml.bind.annotation.XmlRootElement;
@@ -78,6 +79,9 @@ public class RestDefinition extends OptionalIdentifiedDefinition<RestDefinition>
@XmlAttribute
private Boolean apiDocs;
+ @XmlElement(name = "securityDefinitions") // use the name swagger uses
+ private RestSecuritiesDefinition securityDefinitions;
+
@XmlElementRef
private List<VerbDefinition> verbs = new ArrayList<>();
@@ -150,6 +154,17 @@ public class RestDefinition extends OptionalIdentifiedDefinition<RestDefinition>
return verbs;
}
+ public RestSecuritiesDefinition getSecurityDefinitions() {
+ return securityDefinitions;
+ }
+
+ /**
+ * Sets the security definitions such as Basic, OAuth2 etc.
+ */
+ public void setSecurityDefinitions(RestSecuritiesDefinition securityDefinitions) {
+ this.securityDefinitions = securityDefinitions;
+ }
+
/**
* The HTTP verbs this REST service accepts and uses
*/
@@ -603,6 +618,11 @@ public class RestDefinition extends OptionalIdentifiedDefinition<RestDefinition>
return route;
}
+ public RestSecurityDefinition securityDefinition(String id) {
+ //return new RestSecurityDefinition(this, id);
+ return null;
+ }
+
// Implementation
//-------------------------------------------------------------------------
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecuritiesDefinition.java b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecuritiesDefinition.java
new file mode 100644
index 0000000..bf87079
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecuritiesDefinition.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlElements;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * To configure security definition
+ */
+@Metadata(label = "rest,security", title = "Security Definitions")
+@XmlRootElement(name = "securityDefinitions")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RestSecuritiesDefinition {
+
+ @XmlElements({
+ @XmlElement(name = "apiKey", type = RestSecurityApiKey.class),
+ @XmlElement(name = "basicAuth", type = RestSecurityBasicAuth.class),
+ @XmlElement(name = "oauth2", type = RestSecurityOAuth2.class)
+ })
+ private List<RestSecurityDefinition> securityDefinitions = new ArrayList<>();
+
+ public List<RestSecurityDefinition> getSecurityDefinitions() {
+ return securityDefinitions;
+ }
+
+ public void setSecurityDefinitions(List<RestSecurityDefinition> securityDefinitions) {
+ this.securityDefinitions = securityDefinitions;
+ }
+}
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityApiKey.java b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityApiKey.java
new file mode 100644
index 0000000..c9a74f4
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityApiKey.java
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * Rest security basic auth definition
+ */
+@Metadata(label = "rest")
+@XmlRootElement(name = "apiKey")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RestSecurityApiKey extends RestSecurityDefinition {
+
+ @XmlAttribute(name = "name", required = true) @Metadata(required = "true")
+ private String name;
+
+ @XmlAttribute(name = "inHeader")
+ private Boolean inHeader;
+
+ @XmlAttribute(name = "inQuery")
+ private Boolean inQuery;
+
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * The name of the header or query parameter to be used.
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public Boolean getInHeader() {
+ return inHeader;
+ }
+
+ /**
+ * To use header as the location of the API key.
+ */
+ public void setInHeader(Boolean inHeader) {
+ this.inHeader = inHeader;
+ }
+
+ public Boolean getInQuery() {
+ return inQuery;
+ }
+
+ /**
+ * To use query parameter as the location of the API key.
+ */
+ public void setInQuery(Boolean inQuery) {
+ this.inQuery = inQuery;
+ }
+}
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityBasicAuth.java b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityBasicAuth.java
new file mode 100644
index 0000000..6e4e80c
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityBasicAuth.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * Rest security basic auth definition
+ */
+@Metadata(label = "rest,security")
+@XmlRootElement(name = "basicAuth")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RestSecurityBasicAuth extends RestSecurityDefinition {
+
+}
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityDefinition.java b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityDefinition.java
new file mode 100644
index 0000000..fa132f8
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityDefinition.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlTransient;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * To specify the rest security definitions using Swagger.
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+public abstract class RestSecurityDefinition {
+
+ @XmlTransient
+ private RestDefinition rest;
+
+ @XmlAttribute(required = true) @Metadata(required = "true")
+ private String key;
+
+ @XmlAttribute
+ private String description;
+
+ /**
+ * Ends the configuration of this security
+ */
+ public RestDefinition endSecurityDefinition() {
+ rest.getSecurityDefinitions().getSecurityDefinitions().add(this);
+ return rest;
+ }
+
+ public String getKey() {
+ return key;
+ }
+
+ /**
+ * Key used to refer to this security definition
+ */
+ public void setKey(String key) {
+ this.key = key;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * A short description for security scheme.
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+}
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityOAuth2.java b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityOAuth2.java
new file mode 100644
index 0000000..efafc2e
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityOAuth2.java
@@ -0,0 +1,95 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * Rest security OAuth2 definition
+ */
+@Metadata(label = "rest,security")
+@XmlRootElement(name = "oauth2")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RestSecurityOAuth2 extends RestSecurityDefinition {
+
+ @XmlAttribute
+ private String authorizationUrl;
+
+ @XmlAttribute
+ private String tokenUrl;
+
+ @XmlAttribute @Metadata(enums = "implicit,password,application,accessCode")
+ private String flow;
+
+ @XmlElement(name = "scopes")
+ private List<RestPropertyDefinition> scopes = new ArrayList<>();
+
+ public String getAuthorizationUrl() {
+ return authorizationUrl;
+ }
+
+ /**
+ * The authorization URL to be used for this flow. This SHOULD be in the form of a URL.
+ * Required for implicit and access code flows
+ */
+ public void setAuthorizationUrl(String authorizationUrl) {
+ this.authorizationUrl = authorizationUrl;
+ }
+
+ public String getTokenUrl() {
+ return tokenUrl;
+ }
+
+ /**
+ * The token URL to be used for this flow. This SHOULD be in the form of a URL.
+ * Required for password, application, and access code flows.
+ */
+ public void setTokenUrl(String tokenUrl) {
+ this.tokenUrl = tokenUrl;
+ }
+
+ public String getFlow() {
+ return flow;
+ }
+
+ /**
+ * The flow used by the OAuth2 security scheme.
+ * Valid values are "implicit", "password", "application" or "accessCode".
+ */
+ public void setFlow(String flow) {
+ this.flow = flow;
+ }
+
+ public List<RestPropertyDefinition> getScopes() {
+ return scopes;
+ }
+
+ /**
+ * The available scopes for an OAuth2 security scheme
+ */
+ public void setScopes(List<RestPropertyDefinition> scopes) {
+ this.scopes = scopes;
+ }
+}
diff --git a/camel-core/src/main/resources/org/apache/camel/model/rest/jaxb.index b/camel-core/src/main/resources/org/apache/camel/model/rest/jaxb.index
index 3951a7e..e032df8 100644
--- a/camel-core/src/main/resources/org/apache/camel/model/rest/jaxb.index
+++ b/camel-core/src/main/resources/org/apache/camel/model/rest/jaxb.index
@@ -33,4 +33,8 @@ RestOperationResponseHeaderDefinition
RestParamType
RestPropertyDefinition
RestsDefinition
+RestSecurityApiKey
+RestSecurityBasicAuth
+RestSecuritiesDefinition
+RestSecurityOAuth2
VerbDefinition
diff --git a/components/camel-swagger-java/src/test/java/org/apache/camel/swagger/RestSwaggerReaderModelApiSecurityTest.java b/components/camel-swagger-java/src/test/java/org/apache/camel/swagger/RestSwaggerReaderModelApiSecurityTest.java
new file mode 100644
index 0000000..680243f
--- /dev/null
+++ b/components/camel-swagger-java/src/test/java/org/apache/camel/swagger/RestSwaggerReaderModelApiSecurityTest.java
@@ -0,0 +1,104 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.swagger;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import io.swagger.jaxrs.config.BeanConfig;
+import io.swagger.models.Swagger;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.impl.DefaultClassResolver;
+import org.apache.camel.impl.JndiRegistry;
+import org.apache.camel.model.rest.RestParamType;
+import org.apache.camel.test.junit4.CamelTestSupport;
+import org.junit.Test;
+
+public class RestSwaggerReaderModelApiSecurityTest extends CamelTestSupport {
+
+ @Override
+ protected JndiRegistry createRegistry() throws Exception {
+ JndiRegistry jndi = super.createRegistry();
+ jndi.bind("dummy-rest", new DummyRestConsumerFactory());
+ return jndi;
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() throws Exception {
+ return new RouteBuilder() {
+ @Override
+ public void configure() throws Exception {
+// restConfiguration()
+// .apiSecurityProperty("petstore_auth", "type", "oauth2")
+// .apiSecurityProperty("petstore_auth", "authorizationUrl", "http://petstore.swagger.io/oauth/dialog")
+// .apiSecurityProperty("petstore_auth", "flow", "implicit");
+
+ // this user REST service is json only
+ rest("/user").tag("dude").description("User rest service")
+ .consumes("application/json").produces("application/json")
+
+ .get("/{id}/{date}").description("Find user by id and date").outType(User.class)
+ .responseMessage().message("The user returned").endResponseMessage()
+ .param().name("id").type(RestParamType.path).description("The id of the user to get").endParam()
+ .param().name("date").type(RestParamType.path).description("The date").dataFormat("date").endParam()
+ .to("bean:userService?method=getUser(${header.id})")
+
+ .put().description("Updates or create a user").type(User.class)
+ .param().name("body").type(RestParamType.body).description("The user to update or create").endParam()
+ .to("bean:userService?method=updateUser")
+
+ .get("/findAll").description("Find all users").outTypeList(User.class)
+ .responseMessage().message("All the found users").endResponseMessage()
+ .to("bean:userService?method=listUsers");
+ }
+ };
+ }
+
+ @Test
+ public void testReaderRead() throws Exception {
+ BeanConfig config = new BeanConfig();
+ config.setHost("localhost:8080");
+ config.setSchemes(new String[]{"http"});
+ config.setBasePath("/api");
+ config.setTitle("Camel User store");
+ config.setLicense("Apache 2.0");
+ config.setLicenseUrl("http://www.apache.org/licenses/LICENSE-2.0.html");
+ RestSwaggerReader reader = new RestSwaggerReader();
+
+ Swagger swagger = reader.read(context.getRestDefinitions(), null, config, context.getName(), new DefaultClassResolver());
+ assertNotNull(swagger);
+
+ ObjectMapper mapper = new ObjectMapper();
+ mapper.enable(SerializationFeature.INDENT_OUTPUT);
+ mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+ String json = mapper.writeValueAsString(swagger);
+
+ log.info(json);
+System.out.println(json);
+
+ assertTrue(json.contains("\"host\" : \"localhost:8080\""));
+ assertTrue(json.contains("\"description\" : \"The user returned\""));
+ assertTrue(json.contains("\"$ref\" : \"#/definitions/User\""));
+ assertTrue(json.contains("\"x-className\""));
+ assertTrue(json.contains("\"format\" : \"org.apache.camel.swagger.User\""));
+ assertTrue(json.contains("\"type\" : \"string\""));
+ assertTrue(json.contains("\"format\" : \"date\""));
+ assertFalse(json.contains("\"enum\""));
+ context.stop();
+ }
+
+}
--
To stop receiving notification emails like this one, please contact
davsclaus@apache.org.