Add support for custom OAuth 2.0 configuration, of the swagger-ui. Fixes #333

Author: bnasslahsen

Diff for: springdoc-openapi-common/src/main/java/org/springdoc/core/SpringDocPropertiesUtils.java

@@ -0,0 +1,37 @@
+package org.springdoc.core;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.util.CollectionUtils;
+
+import java.util.List;
+import java.util.Map;
+
+public abstract class SpringDocPropertiesUtils {
+
+    private SpringDocPropertiesUtils() { }
+
+    public static void put(String name, List<String> value, Map<String, Object> params) {
+        if (!CollectionUtils.isEmpty(value)) {
+            params.put(name, value);
+        }
+    }
+
+    public static void put(final String name, final Integer value, final Map<String, Object> params) {
+        if (value != null) {
+            params.put(name, value.toString());
+        }
+    }
+
+    public static void put(final String name, final Boolean value, final Map<String, Object> params) {
+        if (value != null) {
+            params.put(name, value.toString());
+        }
+    }
+
+    public static void put(final String name, final String value, final Map<String, Object> params) {
+        if (!StringUtils.isEmpty(value)) {
+            params.put(name, value);
+        }
+    }
+
+}

Diff for: springdoc-openapi-common/src/main/java/org/springdoc/core/SwaggerUiConfigProperties.java

@@ -1,6 +1,5 @@
 package org.springdoc.core;
 
-
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@@ -137,55 +136,30 @@ public static void addUrl(String url) {
 
     public Map<String, Object> getConfigParameters() {
         final Map<String, Object> params = new TreeMap<>();
-        put("layout", layout, params);
-        put(CONFIG_URL_PROPERTY, configUrl, params);
-        put("validatorUrl", validatorUrl, params);
-        put("filter", filter, params);
-        put("deepLinking", this.deepLinking, params);
-        put("displayOperationId", displayOperationId, params);
-        put("defaultModelsExpandDepth", defaultModelsExpandDepth, params);
-        put("defaultModelExpandDepth", defaultModelExpandDepth, params);
-        put("defaultModelRendering", defaultModelRendering, params);
-        put("displayRequestDuration", displayRequestDuration, params);
-        put("docExpansion", docExpansion, params);
-        put("maxDisplayedTags", maxDisplayedTags, params);
-        put("showExtensions", showExtensions, params);
-        put("showCommonExtensions", showCommonExtensions, params);
-        put("operationsSorter", operationsSorter, params);
-        put("tagsSorter", tagsSorter, params);
+        SpringDocPropertiesUtils.put("layout", layout, params);
+        SpringDocPropertiesUtils.put(CONFIG_URL_PROPERTY, configUrl, params);
+        SpringDocPropertiesUtils.put("validatorUrl", validatorUrl, params);
+        SpringDocPropertiesUtils.put("filter", filter, params);
+        SpringDocPropertiesUtils.put("deepLinking", this.deepLinking, params);
+        SpringDocPropertiesUtils.put("displayOperationId", displayOperationId, params);
+        SpringDocPropertiesUtils.put("defaultModelsExpandDepth", defaultModelsExpandDepth, params);
+        SpringDocPropertiesUtils.put("defaultModelExpandDepth", defaultModelExpandDepth, params);
+        SpringDocPropertiesUtils.put("defaultModelRendering", defaultModelRendering, params);
+        SpringDocPropertiesUtils.put("displayRequestDuration", displayRequestDuration, params);
+        SpringDocPropertiesUtils.put("docExpansion", docExpansion, params);
+        SpringDocPropertiesUtils.put("maxDisplayedTags", maxDisplayedTags, params);
+        SpringDocPropertiesUtils.put("showExtensions", showExtensions, params);
+        SpringDocPropertiesUtils.put("showCommonExtensions", showCommonExtensions, params);
+        SpringDocPropertiesUtils.put("operationsSorter", operationsSorter, params);
+        SpringDocPropertiesUtils.put("tagsSorter", tagsSorter, params);
         if (!CollectionUtils.isEmpty(supportedSubmitMethods))
-            put("supportedSubmitMethods", supportedSubmitMethods.toString(), params);
-        put("oauth2RedirectUrl", oauth2RedirectUrl, params);
-        put("url", url, params);
+            SpringDocPropertiesUtils.put("supportedSubmitMethods", supportedSubmitMethods.toString(), params);
+        SpringDocPropertiesUtils.put("oauth2RedirectUrl", oauth2RedirectUrl, params);
+        SpringDocPropertiesUtils.put("url", url, params);
         put("urls", swaggerUrls, params);
         return params;
     }
 
-    protected void put(String urls, List<SwaggerUrl> swaggerUrls, Map<String, Object> params) {
-        swaggerUrls = swaggerUrls.stream().filter(elt -> StringUtils.isNotEmpty(elt.getUrl())).collect(Collectors.toList());
-        if (!CollectionUtils.isEmpty(swaggerUrls)) {
-            params.put(urls, swaggerUrls);
-        }
-    }
-
-    protected void put(final String name, final Integer value, final Map<String, Object> params) {
-        if (value != null) {
-            params.put(name, value.toString());
-        }
-    }
-
-    protected void put(final String name, final Boolean value, final Map<String, Object> params) {
-        if (value != null) {
-            params.put(name, value.toString());
-        }
-    }
-
-    protected void put(final String name, final String value, final Map<String, Object> params) {
-        if (!StringUtils.isEmpty(value)) {
-            params.put(name, value);
-        }
-    }
-
     public String getValidatorUrl() {
         return validatorUrl;
     }
@@ -384,4 +358,11 @@ public void setName(String name) {
             this.name = name;
         }
     }
+
+    private void put(String urls, List<SwaggerUrl> swaggerUrls, Map<String, Object> params) {
+        swaggerUrls = swaggerUrls.stream().filter(elt -> StringUtils.isNotEmpty(elt.getUrl())).collect(Collectors.toList());
+        if (!CollectionUtils.isEmpty(swaggerUrls)) {
+            params.put(urls, swaggerUrls);
+        }
+    }
 }

Diff for: springdoc-openapi-common/src/main/java/org/springdoc/core/SwaggerUiOAuthProperties.java

@@ -0,0 +1,112 @@
+package org.springdoc.core;
+
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.List;
+import java.util.Map;
+import java.util.TreeMap;
+
+import static org.springdoc.core.Constants.SPRINGDOC_SWAGGER_UI_ENABLED;
+
+/**
+ * Please refer to the swagger
+ * <a href="https://github.com/swagger-api/swagger-ui/blob/master/docs/usage/oauth2.md">configuration.md</a>
+ * to get the idea what each parameter does.
+ */
+@Configuration
+@ConfigurationProperties(prefix = "springdoc.swagger-ui.oauth")
+@ConditionalOnProperty(name = SPRINGDOC_SWAGGER_UI_ENABLED, matchIfMissing = true)
+@ConditionalOnBean(SpringDocConfiguration.class)
+public class SwaggerUiOAuthProperties {
+
+    private String clientId;
+    private String clientSecret;
+    private String realm;
+    private String appName;
+    private String scopeSeparator;
+    private List<String> additionalQueryStringParams;
+    private String useBasicAuthenticationWithAccessCodeGrant;
+    private Boolean usePkceWithAuthorizationCodeGrant;
+
+
+    public Map<String, Object> getConfigParameters() {
+        final Map<String, Object> params = new TreeMap<>();
+        SpringDocPropertiesUtils.put("clientId", clientId, params);
+        SpringDocPropertiesUtils.put("clientSecret", clientSecret, params);
+        SpringDocPropertiesUtils.put("realm", realm, params);
+        SpringDocPropertiesUtils.put("scopeSeparator", scopeSeparator, params);
+        SpringDocPropertiesUtils.put("appName", appName, params);
+        SpringDocPropertiesUtils.put("useBasicAuthenticationWithAccessCodeGrant", useBasicAuthenticationWithAccessCodeGrant, params);
+        SpringDocPropertiesUtils.put("usePkceWithAuthorizationCodeGrant", usePkceWithAuthorizationCodeGrant, params);
+        SpringDocPropertiesUtils.put("additionalQueryStringParams", additionalQueryStringParams, params);
+        return params;
+    }
+
+    public String getClientId() {
+        return clientId;
+    }
+
+    public void setClientId(String clientId) {
+        this.clientId = clientId;
+    }
+
+    public String getClientSecret() {
+        return clientSecret;
+    }
+
+    public void setClientSecret(String clientSecret) {
+        this.clientSecret = clientSecret;
+    }
+
+    public String getRealm() {
+        return realm;
+    }
+
+    public void setRealm(String realm) {
+        this.realm = realm;
+    }
+
+    public String getAppName() {
+        return appName;
+    }
+
+    public void setAppName(String appName) {
+        this.appName = appName;
+    }
+
+    public String getScopeSeparator() {
+        return scopeSeparator;
+    }
+
+    public void setScopeSeparator(String scopeSeparator) {
+        this.scopeSeparator = scopeSeparator;
+    }
+
+    public List<String> getAdditionalQueryStringParams() {
+        return additionalQueryStringParams;
+    }
+
+    public void setAdditionalQueryStringParams(List<String> additionalQueryStringParams) {
+        this.additionalQueryStringParams = additionalQueryStringParams;
+    }
+
+    public String getUseBasicAuthenticationWithAccessCodeGrant() {
+        return useBasicAuthenticationWithAccessCodeGrant;
+    }
+
+    public void setUseBasicAuthenticationWithAccessCodeGrant(String useBasicAuthenticationWithAccessCodeGrant) {
+        this.useBasicAuthenticationWithAccessCodeGrant = useBasicAuthenticationWithAccessCodeGrant;
+    }
+
+    public Boolean getUsePkceWithAuthorizationCodeGrant() {
+        return usePkceWithAuthorizationCodeGrant;
+    }
+
+    public void setUsePkceWithAuthorizationCodeGrant(Boolean usePkceWithAuthorizationCodeGrant) {
+        this.usePkceWithAuthorizationCodeGrant = usePkceWithAuthorizationCodeGrant;
+    }
+}

Diff for: springdoc-openapi-ui/src/main/java/org/springdoc/ui/SwaggerConfig.java

@@ -1,6 +1,9 @@
 package org.springdoc.ui;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.springdoc.core.SpringDocConfiguration;
+import org.springdoc.core.SwaggerUiOAuthProperties;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@@ -25,23 +28,31 @@ public class SwaggerConfig extends WebMvcConfigurerAdapter { // NOSONAR
     @Value(WEB_JARS_PREFIX_URL)
     private String webJarsPrefixUrl;
 
+    @Autowired
+    private SwaggerIndexTransformer swaggerIndexTransformer;
+
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
-        String uiRootPath = "";
+        StringBuilder uiRootPath = new StringBuilder();
         if (swaggerPath.contains("/")) {
-            uiRootPath = swaggerPath.substring(0, swaggerPath.lastIndexOf('/'));
+            uiRootPath.append(swaggerPath.substring(0, swaggerPath.lastIndexOf('/')));
         }
-        uiRootPath += "/**";
-
+        uiRootPath.append("/**");
         String webJarsLocation = webJarsPrefixUrl + DEFAULT_PATH_SEPARATOR;
-
         registry.addResourceHandler(uiRootPath + "/swagger-ui/**").addResourceLocations(webJarsLocation)
-                .resourceChain(false);
+                .resourceChain(false)
+                .addTransformer(swaggerIndexTransformer);
     }
 
     @Bean
     @ConditionalOnProperty(name = SPRINGDOC_SWAGGER_UI_ENABLED, matchIfMissing = true)
     public SwaggerWelcome swaggerWelcome() {
         return new SwaggerWelcome();
     }
+
+    @Bean
+    @ConditionalOnProperty(name = SPRINGDOC_SWAGGER_UI_ENABLED, matchIfMissing = true)
+    public SwaggerIndexTransformer indexPageTransformer(SwaggerUiOAuthProperties swaggerUiOAuthProperties, ObjectMapper objectMapper) {
+        return new SwaggerIndexTransformer(swaggerUiOAuthProperties, objectMapper);
+    }
 }

Diff for: springdoc-openapi-ui/src/main/java/org/springdoc/ui/SwaggerIndexTransformer.java

@@ -0,0 +1,63 @@
+package org.springdoc.ui;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.springdoc.core.SwaggerUiOAuthProperties;
+import org.springframework.core.io.Resource;
+import org.springframework.util.AntPathMatcher;
+import org.springframework.util.CollectionUtils;
+import org.springframework.web.servlet.resource.ResourceTransformer;
+import org.springframework.web.servlet.resource.ResourceTransformerChain;
+import org.springframework.web.servlet.resource.TransformedResource;
+
+import javax.servlet.http.HttpServletRequest;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+
+public class SwaggerIndexTransformer implements ResourceTransformer {
+
+    private SwaggerUiOAuthProperties swaggerUiOAuthProperties;
+    private ObjectMapper objectMapper;
+
+    public SwaggerIndexTransformer(SwaggerUiOAuthProperties swaggerUiOAuthProperties, ObjectMapper objectMapper) {
+        this.swaggerUiOAuthProperties = swaggerUiOAuthProperties;
+        this.objectMapper = objectMapper;
+    }
+
+    @Override
+    public Resource transform(HttpServletRequest request, Resource resource,
+                              ResourceTransformerChain transformerChain) throws IOException {
+        final AntPathMatcher antPathMatcher = new AntPathMatcher();
+        boolean isIndexFound = antPathMatcher.match("**/swagger-ui/**/index.html", resource.getURL().toString());
+        if (isIndexFound && !CollectionUtils.isEmpty(swaggerUiOAuthProperties.getConfigParameters())) {
+            String html = readFullyAsString(resource.getInputStream());
+            html = addInitOauth(html);
+            return new TransformedResource(resource, html.getBytes());
+        } else {
+            return resource;
+        }
+    }
+
+    private String addInitOauth(String html) throws JsonProcessingException {
+        StringBuilder stringBuilder = new StringBuilder("window.ui = ui\n");
+        stringBuilder.append("ui.initOAuth(\n");
+        String json = objectMapper.writeValueAsString(swaggerUiOAuthProperties.getConfigParameters());
+        stringBuilder.append(json);
+        stringBuilder.append(")");
+        String result = html.replace("window.ui = ui", stringBuilder.toString());
+        return result;
+    }
+
+    private String readFullyAsString(InputStream inputStream)
+            throws IOException {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        byte[] buffer = new byte[1024];
+        int length = 0;
+        while ((length = inputStream.read(buffer)) != -1) {
+            baos.write(buffer, 0, length);
+        }
+        return baos.toString(StandardCharsets.UTF_8.name());
+    }
+}

Diff for: springdoc-openapi-ui/src/main/resources/META-INF/spring.factories

@@ -1,3 +1,4 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
 org.springdoc.ui.SwaggerConfig,\
-org.springdoc.core.SwaggerUiConfigProperties
+org.springdoc.core.SwaggerUiConfigProperties,\
+org.springdoc.core.SwaggerUiOAuthProperties