Skip to content

Commit

Permalink
Add genarate security roles by security scopes
Browse files Browse the repository at this point in the history
  • Loading branch information
altro3 committed Aug 27, 2024
1 parent cb2072e commit 980d75b
Show file tree
Hide file tree
Showing 5 changed files with 114 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import org.openapitools.codegen.utils.StringUtils;

import java.io.File;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;

Expand Down Expand Up @@ -281,14 +282,29 @@ public OperationsMap postProcessOperationsWithModels(OperationsMap objs, List<Mo
String controllerClassname = StringUtils.camelize(CONTROLLER_PREFIX + "_" + operations.getPathPrefix() + "_" + CONTROLLER_SUFFIX);
objs.put("controllerClassname", controllerClassname);

List<CodegenOperation> allOperations = (List<CodegenOperation>) operations.get("operation");
var allOperations = (List<CodegenOperation>) operations.get("operation");
if (useAuth) {
for (CodegenOperation operation : allOperations) {
if (!operation.vendorExtensions.containsKey(EXTENSION_ROLES)) {
String role = operation.hasAuthMethods ? AUTHORIZED_ROLE : ANONYMOUS_ROLE;
operation.vendorExtensions.put(EXTENSION_ROLES, Collections.singletonList(role));

var roles = new ArrayList<String>();
var authMethods = operation.authMethods;
if (authMethods != null && !authMethods.isEmpty()) {
var scopes = authMethods.get(0).scopes;
if (scopes != null && !scopes.isEmpty()) {
for (var scope : scopes) {
roles.add("\"" + escapeText(scope.get("scope").toString()) + "\"");
}
} else {
roles.add(AUTHORIZED_ROLE);
}
} else {
roles.add(ANONYMOUS_ROLE);
}

operation.vendorExtensions.put(EXTENSION_ROLES, roles);
} else {
List<String> roles = (List<String>) operation.vendorExtensions.get(EXTENSION_ROLES);
var roles = (List<String>) operation.vendorExtensions.get(EXTENSION_ROLES);
roles = roles.stream().map(role -> switch (role) {
case ANONYMOUS_ROLE_KEY -> ANONYMOUS_ROLE;
case AUTHORIZED_ROLE_KEY -> AUTHORIZED_ROLE;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import org.openapitools.codegen.utils.StringUtils;

import java.io.File;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;

Expand Down Expand Up @@ -266,14 +267,29 @@ public OperationsMap postProcessOperationsWithModels(OperationsMap objs, List<Mo
String controllerClassname = StringUtils.camelize(CONTROLLER_PREFIX + "_" + operations.getPathPrefix() + "_" + CONTROLLER_SUFFIX);
objs.put("controllerClassname", controllerClassname);

List<CodegenOperation> allOperations = (List<CodegenOperation>) operations.get("operation");
var allOperations = (List<CodegenOperation>) operations.get("operation");
if (useAuth) {
for (CodegenOperation operation : allOperations) {
if (!operation.vendorExtensions.containsKey(EXTENSION_ROLES)) {
String role = operation.hasAuthMethods ? AUTHORIZED_ROLE : ANONYMOUS_ROLE;
operation.vendorExtensions.put(EXTENSION_ROLES, Collections.singletonList(role));

var roles = new ArrayList<String>();
var authMethods = operation.authMethods;
if (authMethods != null && !authMethods.isEmpty()) {
var scopes = authMethods.get(0).scopes;
if (scopes != null && !scopes.isEmpty()) {
for (var scope : scopes) {
roles.add("\"" + escapeText(scope.get("scope").toString()) + "\"");
}
} else {
roles.add(AUTHORIZED_ROLE);
}
} else {
roles.add(ANONYMOUS_ROLE);
}

operation.vendorExtensions.put(EXTENSION_ROLES, roles);
} else {
List<String> roles = (List<String>) operation.vendorExtensions.get(EXTENSION_ROLES);
var roles = (List<String>) operation.vendorExtensions.get(EXTENSION_ROLES);
roles = roles.stream().map(role -> switch (role) {
case ANONYMOUS_ROLE_KEY -> ANONYMOUS_ROLE;
case AUTHORIZED_ROLE_KEY -> AUTHORIZED_ROLE;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -491,4 +491,22 @@ void testOperationDescription() {

assertFileContains(path + "api/DatasetsApi.java", "description = \"Creates a brand new dataset.\"");
}

@Test
void testSecurity() {

var codegen = new JavaMicronautServerCodegen();
String outputPath = generateFiles(codegen, "src/test/resources/3_0/security.yml", CodegenConstants.APIS, CodegenConstants.MODELS);
String path = outputPath + "src/main/java/org/openapitools/";

assertFileContains(path + "api/DefaultApi.java",
"""
@Secured({"read", "admin"})
Mono<Void> get();
""",
"""
@Secured({"write", "admin"})
Mono<Void> save();
""");
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -576,4 +576,22 @@ void testOperationDescription() {

assertFileContains(path + "api/DatasetsApi.kt", "description = \"Creates a brand new dataset.\"");
}

@Test
void testSecurity() {

var codegen = new KotlinMicronautServerCodegen();
String outputPath = generateFiles(codegen, "src/test/resources/3_0/security.yml", CodegenConstants.APIS, CodegenConstants.MODELS);
String path = outputPath + "src/main/kotlin/org/openapitools/";

assertFileContains(path + "api/DefaultApi.kt",
"""
@Secured("read", "admin")
fun get(): Mono<Void>
""",
"""
@Secured("write", "admin")
fun save(): Mono<Void>
""");
}
}
38 changes: 38 additions & 0 deletions openapi-generator/src/test/resources/3_0/security.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
openapi: 3.0.3
info:
description: This is an example of the openapi documentation
title: OpenAPI
version: 0.0.0
paths:
/pet:
post:
operationId: save
security:
- OAuth2: [ write, admin ]
responses:
200:
description: Successfully saved
get:
operationId: get
security:
- OAuth2: [ read, admin ]
responses:
200:
description: Successfully retrieved information
components:
securitySchemes:
OAuth2:
type: oauth2
flows:
authorizationCode:
authorizationUrl: https://example.com/oauth/authorize
tokenUrl: https://example.com/oauth/token
scopes:
read: Grants read access
write: Grants write access
admin: Grants access to admin operations
security:
- OAuth2:
- read
- write
- admin

0 comments on commit 980d75b

Please sign in to comment.