Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add genarate security roles by security scopes #1733

Merged
merged 1 commit into from
Sep 3, 2024
Merged

Add genarate security roles by security scopes #1733

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 20 additions & 5 deletions ...pi-generator/src/main/java/io/micronaut/openapi/generator/JavaMicronautServerCodegen.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
import org.openapitools.codegen.utils.StringUtils;

import java.io.File;
import java.util.Collections;
import java.util.ArrayList;
import java.util.List;

import static org.openapitools.codegen.CodegenConstants.API_PACKAGE;
Expand Down Expand Up @@ -281,14 +281,29 @@ public OperationsMap postProcessOperationsWithModels(OperationsMap objs, List<Mo
String controllerClassname = StringUtils.camelize(CONTROLLER_PREFIX + "_" + operations.getPathPrefix() + "_" + CONTROLLER_SUFFIX);
objs.put("controllerClassname", controllerClassname);

List<CodegenOperation> allOperations = (List<CodegenOperation>) operations.get("operation");
var allOperations = (List<CodegenOperation>) operations.get("operation");
if (useAuth) {
for (CodegenOperation operation : allOperations) {
if (!operation.vendorExtensions.containsKey(EXTENSION_ROLES)) {
String role = operation.hasAuthMethods ? AUTHORIZED_ROLE : ANONYMOUS_ROLE;
operation.vendorExtensions.put(EXTENSION_ROLES, Collections.singletonList(role));

var roles = new ArrayList<String>();
var authMethods = operation.authMethods;
if (authMethods != null && !authMethods.isEmpty()) {
var scopes = authMethods.get(0).scopes;
if (scopes != null && !scopes.isEmpty()) {
for (var scope : scopes) {
roles.add("\"" + escapeText(scope.get("scope").toString()) + "\"");
}
} else {
roles.add(AUTHORIZED_ROLE);
}
} else {
roles.add(ANONYMOUS_ROLE);
}

operation.vendorExtensions.put(EXTENSION_ROLES, roles);
} else {
List<String> roles = (List<String>) operation.vendorExtensions.get(EXTENSION_ROLES);
var roles = (List<String>) operation.vendorExtensions.get(EXTENSION_ROLES);
roles = roles.stream().map(role -> switch (role) {
case ANONYMOUS_ROLE_KEY -> ANONYMOUS_ROLE;
case AUTHORIZED_ROLE_KEY -> AUTHORIZED_ROLE;
Expand Down
25 changes: 20 additions & 5 deletions ...-generator/src/main/java/io/micronaut/openapi/generator/KotlinMicronautServerCodegen.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
import org.openapitools.codegen.utils.StringUtils;

import java.io.File;
import java.util.Collections;
import java.util.ArrayList;
import java.util.List;

import static org.openapitools.codegen.CodegenConstants.API_PACKAGE;
Expand Down Expand Up @@ -266,14 +266,29 @@ public OperationsMap postProcessOperationsWithModels(OperationsMap objs, List<Mo
String controllerClassname = StringUtils.camelize(CONTROLLER_PREFIX + "_" + operations.getPathPrefix() + "_" + CONTROLLER_SUFFIX);
objs.put("controllerClassname", controllerClassname);

List<CodegenOperation> allOperations = (List<CodegenOperation>) operations.get("operation");
var allOperations = (List<CodegenOperation>) operations.get("operation");
if (useAuth) {
for (CodegenOperation operation : allOperations) {
if (!operation.vendorExtensions.containsKey(EXTENSION_ROLES)) {
String role = operation.hasAuthMethods ? AUTHORIZED_ROLE : ANONYMOUS_ROLE;
operation.vendorExtensions.put(EXTENSION_ROLES, Collections.singletonList(role));

var roles = new ArrayList<String>();
var authMethods = operation.authMethods;
if (authMethods != null && !authMethods.isEmpty()) {
var scopes = authMethods.get(0).scopes;
if (scopes != null && !scopes.isEmpty()) {
for (var scope : scopes) {
roles.add("\"" + escapeText(scope.get("scope").toString()) + "\"");
}
} else {
roles.add(AUTHORIZED_ROLE);
}
} else {
roles.add(ANONYMOUS_ROLE);
}

operation.vendorExtensions.put(EXTENSION_ROLES, roles);
} else {
List<String> roles = (List<String>) operation.vendorExtensions.get(EXTENSION_ROLES);
var roles = (List<String>) operation.vendorExtensions.get(EXTENSION_ROLES);
roles = roles.stream().map(role -> switch (role) {
case ANONYMOUS_ROLE_KEY -> ANONYMOUS_ROLE;
case AUTHORIZED_ROLE_KEY -> AUTHORIZED_ROLE;
Expand Down
18 changes: 18 additions & 0 deletions ...enerator/src/test/java/io/micronaut/openapi/generator/JavaMicronautServerCodegenTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -491,4 +491,22 @@ void testOperationDescription() {

assertFileContains(path + "api/DatasetsApi.java", "description = \"Creates a brand new dataset.\"");
}

@Test
void testSecurity() {

var codegen = new JavaMicronautServerCodegen();
String outputPath = generateFiles(codegen, "src/test/resources/3_0/security.yml", CodegenConstants.APIS, CodegenConstants.MODELS);
String path = outputPath + "src/main/java/org/openapitools/";

assertFileContains(path + "api/DefaultApi.java",
"""
@Secured({"read", "admin"})
Mono<Void> get();
""",
"""
@Secured({"write", "admin"})
Mono<Void> save();
""");
}
}
18 changes: 18 additions & 0 deletions ...erator/src/test/java/io/micronaut/openapi/generator/KotlinMicronautServerCodegenTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -576,4 +576,22 @@ void testOperationDescription() {

assertFileContains(path + "api/DatasetsApi.kt", "description = \"Creates a brand new dataset.\"");
}

@Test
void testSecurity() {

var codegen = new KotlinMicronautServerCodegen();
String outputPath = generateFiles(codegen, "src/test/resources/3_0/security.yml", CodegenConstants.APIS, CodegenConstants.MODELS);
String path = outputPath + "src/main/kotlin/org/openapitools/";

assertFileContains(path + "api/DefaultApi.kt",
"""
@Secured("read", "admin")
fun get(): Mono<Void>
""",
"""
@Secured("write", "admin")
fun save(): Mono<Void>
""");
}
}
38 changes: 38 additions & 0 deletions openapi-generator/src/test/resources/3_0/security.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
openapi: 3.0.3
info:
description: This is an example of the openapi documentation
title: OpenAPI
version: 0.0.0
paths:
/pet:
post:
operationId: save
security:
- OAuth2: [ write, admin ]
responses:
200:
description: Successfully saved
get:
operationId: get
security:
- OAuth2: [ read, admin ]
responses:
200:
description: Successfully retrieved information
components:
securitySchemes:
OAuth2:
type: oauth2
flows:
authorizationCode:
authorizationUrl: https://example.com/oauth/authorize
tokenUrl: https://example.com/oauth/token
scopes:
read: Grants read access
write: Grants write access
admin: Grants access to admin operations
security:
- OAuth2:
- read
- write
- admin
2 changes: 1 addition & 1 deletion openapi/src/main/java/io/micronaut/openapi/visitor/ConfigUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1022,7 +1022,7 @@ public void setPostfix(String postfix) {
}

/**
* Duplicate schema resolution mode
* Duplicate schema resolution mode.
*/
public enum DuplicateResolution {
AUTO,
Expand Down
Loading