camel-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From davscl...@apache.org
Subject [camel] 01/04: CAMEL-9751: Allow to configure swagger security requirements in generated swagger api docs in rest-dsl.
Date Mon, 18 Jun 2018 08:31:19 GMT
This is an automated email from the ASF dual-hosted git repository.

davsclaus pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git

commit 6c73c5d2bbd16ef8f05889d5faa4de34cd10feae
Author: Claus Ibsen <claus.ibsen@gmail.com>
AuthorDate: Sat Jun 16 12:31:32 2018 +0200

    CAMEL-9751: Allow to configure swagger security requirements in generated swagger api
docs in rest-dsl.
---
 .../apache/camel/model/rest/RestDefinition.java    |  20 ++++
 .../camel/model/rest/RestSecuritiesDefinition.java |  51 ++++++++++
 .../camel/model/rest/RestSecurityApiKey.java       |  75 +++++++++++++++
 .../camel/model/rest/RestSecurityBasicAuth.java    |  34 +++++++
 .../camel/model/rest/RestSecurityDefinition.java   |  70 ++++++++++++++
 .../camel/model/rest/RestSecurityOAuth2.java       |  95 +++++++++++++++++++
 .../org/apache/camel/model/rest/jaxb.index         |   4 +
 .../RestSwaggerReaderModelApiSecurityTest.java     | 104 +++++++++++++++++++++
 8 files changed, 453 insertions(+)

diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestDefinition.java b/camel-core/src/main/java/org/apache/camel/model/rest/RestDefinition.java
index 53aa964..36db164 100644
--- a/camel-core/src/main/java/org/apache/camel/model/rest/RestDefinition.java
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestDefinition.java
@@ -26,6 +26,7 @@ import java.util.Set;
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlElementRef;
 import javax.xml.bind.annotation.XmlRootElement;
 
@@ -78,6 +79,9 @@ public class RestDefinition extends OptionalIdentifiedDefinition<RestDefinition>
     @XmlAttribute
     private Boolean apiDocs;
 
+    @XmlElement(name = "securityDefinitions") // use the name swagger uses
+    private RestSecuritiesDefinition securityDefinitions;
+
     @XmlElementRef
     private List<VerbDefinition> verbs = new ArrayList<>();
 
@@ -150,6 +154,17 @@ public class RestDefinition extends OptionalIdentifiedDefinition<RestDefinition>
         return verbs;
     }
 
+    public RestSecuritiesDefinition getSecurityDefinitions() {
+        return securityDefinitions;
+    }
+
+    /**
+     * Sets the security definitions such as Basic, OAuth2 etc.
+     */
+    public void setSecurityDefinitions(RestSecuritiesDefinition securityDefinitions) {
+        this.securityDefinitions = securityDefinitions;
+    }
+
     /**
      * The HTTP verbs this REST service accepts and uses
      */
@@ -603,6 +618,11 @@ public class RestDefinition extends OptionalIdentifiedDefinition<RestDefinition>
         return route;
     }
 
+    public RestSecurityDefinition securityDefinition(String id) {
+        //return new RestSecurityDefinition(this, id);
+        return null;
+    }
+
     // Implementation
     //-------------------------------------------------------------------------
 
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecuritiesDefinition.java
b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecuritiesDefinition.java
new file mode 100644
index 0000000..bf87079
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecuritiesDefinition.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlElements;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * To configure security definition
+ */
+@Metadata(label = "rest,security", title = "Security Definitions")
+@XmlRootElement(name = "securityDefinitions")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RestSecuritiesDefinition {
+
+    @XmlElements({
+        @XmlElement(name = "apiKey", type = RestSecurityApiKey.class),
+        @XmlElement(name = "basicAuth", type = RestSecurityBasicAuth.class),
+        @XmlElement(name = "oauth2", type = RestSecurityOAuth2.class)
+    })
+    private List<RestSecurityDefinition> securityDefinitions = new ArrayList<>();
+
+    public List<RestSecurityDefinition> getSecurityDefinitions() {
+        return securityDefinitions;
+    }
+
+    public void setSecurityDefinitions(List<RestSecurityDefinition> securityDefinitions)
{
+        this.securityDefinitions = securityDefinitions;
+    }
+}
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityApiKey.java
b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityApiKey.java
new file mode 100644
index 0000000..c9a74f4
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityApiKey.java
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * Rest security basic auth definition
+ */
+@Metadata(label = "rest")
+@XmlRootElement(name = "apiKey")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RestSecurityApiKey extends RestSecurityDefinition {
+
+    @XmlAttribute(name = "name", required = true) @Metadata(required = "true")
+    private String name;
+
+    @XmlAttribute(name = "inHeader")
+    private Boolean inHeader;
+
+    @XmlAttribute(name = "inQuery")
+    private Boolean inQuery;
+
+    public String getName() {
+        return name;
+    }
+
+    /**
+     * The name of the header or query parameter to be used.
+     */
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public Boolean getInHeader() {
+        return inHeader;
+    }
+
+    /**
+     * To use header as the location of the API key.
+     */
+    public void setInHeader(Boolean inHeader) {
+        this.inHeader = inHeader;
+    }
+
+    public Boolean getInQuery() {
+        return inQuery;
+    }
+
+    /**
+     * To use query parameter as the location of the API key.
+     */
+    public void setInQuery(Boolean inQuery) {
+        this.inQuery = inQuery;
+    }
+}
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityBasicAuth.java
b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityBasicAuth.java
new file mode 100644
index 0000000..6e4e80c
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityBasicAuth.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * Rest security basic auth definition
+ */
+@Metadata(label = "rest,security")
+@XmlRootElement(name = "basicAuth")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RestSecurityBasicAuth extends RestSecurityDefinition {
+
+}
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityDefinition.java
b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityDefinition.java
new file mode 100644
index 0000000..fa132f8
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityDefinition.java
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlTransient;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * To specify the rest security definitions using Swagger.
+ */
+@XmlAccessorType(XmlAccessType.FIELD)
+public abstract class RestSecurityDefinition {
+
+    @XmlTransient
+    private RestDefinition rest;
+
+    @XmlAttribute(required = true) @Metadata(required = "true")
+    private String key;
+
+    @XmlAttribute
+    private String description;
+
+    /**
+     * Ends the configuration of this security
+     */
+    public RestDefinition endSecurityDefinition() {
+        rest.getSecurityDefinitions().getSecurityDefinitions().add(this);
+        return rest;
+    }
+
+    public String getKey() {
+        return key;
+    }
+
+    /**
+     * Key used to refer to this security definition
+     */
+    public void setKey(String key) {
+        this.key = key;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    /**
+     * A short description for security scheme.
+     */
+    public void setDescription(String description) {
+        this.description = description;
+    }
+}
diff --git a/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityOAuth2.java
b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityOAuth2.java
new file mode 100644
index 0000000..efafc2e
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/model/rest/RestSecurityOAuth2.java
@@ -0,0 +1,95 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.model.rest;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.camel.spi.Metadata;
+
+/**
+ * Rest security OAuth2 definition
+ */
+@Metadata(label = "rest,security")
+@XmlRootElement(name = "oauth2")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RestSecurityOAuth2 extends RestSecurityDefinition {
+
+    @XmlAttribute
+    private String authorizationUrl;
+
+    @XmlAttribute
+    private String tokenUrl;
+
+    @XmlAttribute @Metadata(enums = "implicit,password,application,accessCode")
+    private String flow;
+
+    @XmlElement(name = "scopes")
+    private List<RestPropertyDefinition> scopes = new ArrayList<>();
+
+    public String getAuthorizationUrl() {
+        return authorizationUrl;
+    }
+
+    /**
+     * The authorization URL to be used for this flow. This SHOULD be in the form of a URL.
+     * Required for implicit and access code flows
+     */
+    public void setAuthorizationUrl(String authorizationUrl) {
+        this.authorizationUrl = authorizationUrl;
+    }
+
+    public String getTokenUrl() {
+        return tokenUrl;
+    }
+
+    /**
+     * The token URL to be used for this flow. This SHOULD be in the form of a URL.
+     * Required for password, application, and access code flows.
+     */
+    public void setTokenUrl(String tokenUrl) {
+        this.tokenUrl = tokenUrl;
+    }
+
+    public String getFlow() {
+        return flow;
+    }
+
+    /**
+     * The flow used by the OAuth2 security scheme.
+     * Valid values are "implicit", "password", "application" or "accessCode".
+     */
+    public void setFlow(String flow) {
+        this.flow = flow;
+    }
+
+    public List<RestPropertyDefinition> getScopes() {
+        return scopes;
+    }
+
+    /**
+     * The available scopes for an OAuth2 security scheme
+     */
+    public void setScopes(List<RestPropertyDefinition> scopes) {
+        this.scopes = scopes;
+    }
+}
diff --git a/camel-core/src/main/resources/org/apache/camel/model/rest/jaxb.index b/camel-core/src/main/resources/org/apache/camel/model/rest/jaxb.index
index 3951a7e..e032df8 100644
--- a/camel-core/src/main/resources/org/apache/camel/model/rest/jaxb.index
+++ b/camel-core/src/main/resources/org/apache/camel/model/rest/jaxb.index
@@ -33,4 +33,8 @@ RestOperationResponseHeaderDefinition
 RestParamType
 RestPropertyDefinition
 RestsDefinition
+RestSecurityApiKey
+RestSecurityBasicAuth
+RestSecuritiesDefinition
+RestSecurityOAuth2
 VerbDefinition
diff --git a/components/camel-swagger-java/src/test/java/org/apache/camel/swagger/RestSwaggerReaderModelApiSecurityTest.java
b/components/camel-swagger-java/src/test/java/org/apache/camel/swagger/RestSwaggerReaderModelApiSecurityTest.java
new file mode 100644
index 0000000..680243f
--- /dev/null
+++ b/components/camel-swagger-java/src/test/java/org/apache/camel/swagger/RestSwaggerReaderModelApiSecurityTest.java
@@ -0,0 +1,104 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.swagger;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import io.swagger.jaxrs.config.BeanConfig;
+import io.swagger.models.Swagger;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.impl.DefaultClassResolver;
+import org.apache.camel.impl.JndiRegistry;
+import org.apache.camel.model.rest.RestParamType;
+import org.apache.camel.test.junit4.CamelTestSupport;
+import org.junit.Test;
+
+public class RestSwaggerReaderModelApiSecurityTest extends CamelTestSupport {
+
+    @Override
+    protected JndiRegistry createRegistry() throws Exception {
+        JndiRegistry jndi = super.createRegistry();
+        jndi.bind("dummy-rest", new DummyRestConsumerFactory());
+        return jndi;
+    }
+
+    @Override
+    protected RouteBuilder createRouteBuilder() throws Exception {
+        return new RouteBuilder() {
+            @Override
+            public void configure() throws Exception {
+//                restConfiguration()
+//                    .apiSecurityProperty("petstore_auth", "type", "oauth2")
+//                    .apiSecurityProperty("petstore_auth", "authorizationUrl", "http://petstore.swagger.io/oauth/dialog")
+//                    .apiSecurityProperty("petstore_auth", "flow", "implicit");
+
+                // this user REST service is json only
+                rest("/user").tag("dude").description("User rest service")
+                    .consumes("application/json").produces("application/json")
+
+                    .get("/{id}/{date}").description("Find user by id and date").outType(User.class)
+                        .responseMessage().message("The user returned").endResponseMessage()
+                        .param().name("id").type(RestParamType.path).description("The id
of the user to get").endParam()
+                        .param().name("date").type(RestParamType.path).description("The date").dataFormat("date").endParam()
+                        .to("bean:userService?method=getUser(${header.id})")
+
+                    .put().description("Updates or create a user").type(User.class)
+                        .param().name("body").type(RestParamType.body).description("The user
to update or create").endParam()
+                        .to("bean:userService?method=updateUser")
+
+                    .get("/findAll").description("Find all users").outTypeList(User.class)
+                        .responseMessage().message("All the found users").endResponseMessage()
+                        .to("bean:userService?method=listUsers");
+            }
+        };
+    }
+
+    @Test
+    public void testReaderRead() throws Exception {
+        BeanConfig config = new BeanConfig();
+        config.setHost("localhost:8080");
+        config.setSchemes(new String[]{"http"});
+        config.setBasePath("/api");
+        config.setTitle("Camel User store");
+        config.setLicense("Apache 2.0");
+        config.setLicenseUrl("http://www.apache.org/licenses/LICENSE-2.0.html");
+        RestSwaggerReader reader = new RestSwaggerReader();
+
+        Swagger swagger = reader.read(context.getRestDefinitions(), null, config, context.getName(),
new DefaultClassResolver());
+        assertNotNull(swagger);
+
+        ObjectMapper mapper = new ObjectMapper();
+        mapper.enable(SerializationFeature.INDENT_OUTPUT);
+        mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+        String json = mapper.writeValueAsString(swagger);
+
+        log.info(json);
+System.out.println(json);
+
+        assertTrue(json.contains("\"host\" : \"localhost:8080\""));
+        assertTrue(json.contains("\"description\" : \"The user returned\""));
+        assertTrue(json.contains("\"$ref\" : \"#/definitions/User\""));
+        assertTrue(json.contains("\"x-className\""));
+        assertTrue(json.contains("\"format\" : \"org.apache.camel.swagger.User\""));
+        assertTrue(json.contains("\"type\" : \"string\""));
+        assertTrue(json.contains("\"format\" : \"date\""));
+        assertFalse(json.contains("\"enum\""));
+        context.stop();
+    }
+
+}

-- 
To stop receiving notification emails like this one, please contact
davsclaus@apache.org.

Mime
View raw message