Spring security @RegisteredOAuth2AuthorizedClient is not handled in the right way. Fixes #2595

bnasslahsen · bnasslahsen · commit 07e2c926d174 · 2024-06-16T13:34:45.000+02:00
diff --git a/springdoc-openapi-starter-common/pom.xml b/springdoc-openapi-starter-common/pom.xml
@@ -51,6 +51,11 @@
 			<artifactId>spring-security-oauth2-authorization-server</artifactId>
 			<optional>true</optional>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-oauth2-client</artifactId>
+			<optional>true</optional>
+		</dependency>
 		<!-- Kotlin -->
 		<dependency>
 			<groupId>com.fasterxml.jackson.module</groupId>
diff --git a/springdoc-openapi-starter-common/src/main/java/org/springdoc/core/configuration/SpringDocSecurityConfiguration.java b/springdoc-openapi-starter-common/src/main/java/org/springdoc/core/configuration/SpringDocSecurityConfiguration.java
@@ -58,6 +58,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 import org.springframework.security.web.FilterChainProxy;
 import org.springframework.security.web.SecurityFilterChain;
@@ -169,6 +170,9 @@ OpenApiCustomizer springSecurityLoginEndpointCustomiser(ApplicationContext appli
 		}
 	}
 
+	/**
+	 * The type Spring doc security o auth 2 configuration.
+	 */
 	@Lazy(false)
 	@Configuration(proxyBeanMethods = false)
 	@ConditionalOnClass(OAuth2AuthorizationService.class)
@@ -186,4 +190,19 @@ GlobalOpenApiCustomizer springDocSecurityOAuth2Customizer() {
 			return new SpringDocSecurityOAuth2Customizer();
 		}
 	}
+
+	/**
+	 * The type Spring doc security o auth 2 client configuration.
+	 */
+	@Lazy(false)
+	@Configuration(proxyBeanMethods = false)
+	@ConditionalOnClass(RegisteredOAuth2AuthorizedClient.class)
+	class SpringDocSecurityOAuth2ClientConfiguration {
+
+		static {
+			getConfig()
+					.addAnnotationsToIgnore(RegisteredOAuth2AuthorizedClient.class);
+		}
+		
+	}
 }
diff --git a/springdoc-openapi-tests/springdoc-openapi-security-tests/pom.xml b/springdoc-openapi-tests/springdoc-openapi-security-tests/pom.xml
@@ -20,6 +20,11 @@
 			<artifactId>spring-security-config</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-oauth2-client</artifactId>
+			<scope>test</scope>
+		</dependency>
 		<dependency>
 			<groupId>jakarta.servlet</groupId>
 			<artifactId>jakarta.servlet-api</artifactId>
diff --git a/springdoc-openapi-tests/springdoc-openapi-security-tests/src/test/java/test/org/springdoc/api/app1/HelloController.java b/springdoc-openapi-tests/springdoc-openapi-security-tests/src/test/java/test/org/springdoc/api/app1/HelloController.java
@@ -20,6 +20,8 @@
 
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.security.core.userdetails.User;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
+import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
@@ -38,4 +40,11 @@ public String personsWithUser(@RequestBody() Person person,
 		return "OK";
 	}
 
+	@PostMapping(value = "/persons-with-oauth2-user")
+	public String personsWithUser(@RequestBody() Person person,
+			@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient,
+			@AuthenticationPrincipal User user) {
+		return "OK";
+	}
+	
 }
diff --git a/springdoc-openapi-tests/springdoc-openapi-security-tests/src/test/resources/results/app1.json b/springdoc-openapi-tests/springdoc-openapi-security-tests/src/test/resources/results/app1.json
@@ -74,6 +74,36 @@
           }
         }
       }
+    },
+    "/persons-with-oauth2-user": {
+      "post": {
+        "tags": [
+          "hello-controller"
+        ],
+        "operationId": "personsWithUser_1",
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/Person"
+              }
+            }
+          },
+          "required": true
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "*/*": {
+                "schema": {
+                  "type": "string"
+                }
+              }
+            }
+          }
+        }
+      }
     }
   },
   "components": {
