Add Suppot for Hiding org.springframework.security.core.Authentication on ServerHttpResponse. Fixes #423.

Author: bnasslahsen

Diff for: springdoc-openapi-common/src/main/java/org/springdoc/core/GenericResponseBuilder.java

@@ -54,6 +54,7 @@
 import org.springframework.web.method.HandlerMethod;
 
 import static org.springdoc.core.Constants.DEFAULT_DESCRIPTION;
+import static org.springdoc.core.converters.ConverterUtils.isResponseTypeToIgnore;
 
 @SuppressWarnings("rawtypes")
 public class GenericResponseBuilder {
@@ -256,7 +257,7 @@ private Schema<?> calculateSchema(Components components, Type returnType, JsonVi
 			return null;
 		}
 		Schema<?> schemaN  = SpringDocAnnotationsUtils.extractSchema(components, returnType, jsonView);
-		if (schemaN == null && returnType instanceof Class) {
+		if (schemaN == null && returnType instanceof Class && !isResponseTypeToIgnore((Class) returnType)) {
 			schemaN = AnnotationsUtils.resolveSchemaFromType((Class) returnType, null, jsonView);
 		}
 		return schemaN;

Diff for: springdoc-openapi-common/src/main/java/org/springdoc/core/converters/ConverterUtils.java

@@ -31,6 +31,7 @@ public class ConverterUtils {
 	private ConverterUtils() { }
 
 	private static final List<Class<?>> RESULT_WRAPPERS_TO_IGNORE = new ArrayList<>();
+	private static final List<Class<?>> RESPONSE_TYPES_TO_IGNORE = new ArrayList<>();
 
 	static {
 		RESULT_WRAPPERS_TO_IGNORE.add(Callable.class);
@@ -42,8 +43,16 @@ private ConverterUtils() { }
 	public static void addResponseWrapperToIgnore(Class<?> cls){
 		RESULT_WRAPPERS_TO_IGNORE.add(cls);
 	}
-	
+
+	public static void addResponseTypeToIgnore(Class<?> cls){
+		RESPONSE_TYPES_TO_IGNORE.add(cls);
+	}
+
 	public static boolean isResponseTypeWrapper(Class<?> rawClass) {
 		return RESULT_WRAPPERS_TO_IGNORE.stream().anyMatch(clazz -> clazz.isAssignableFrom(rawClass));
 	}
+
+	public static boolean isResponseTypeToIgnore(Class<?> rawClass){
+		return RESPONSE_TYPES_TO_IGNORE.stream().anyMatch(clazz -> clazz.isAssignableFrom(rawClass));
+	}
 }

Diff for: springdoc-openapi-common/src/main/java/org/springdoc/core/converters/ResponseSupportConverter.java

@@ -29,6 +29,7 @@
 import io.swagger.v3.oas.models.media.Schema;
 import io.swagger.v3.oas.models.media.StringSchema;
 
+import static org.springdoc.core.converters.ConverterUtils.isResponseTypeToIgnore;
 import static org.springdoc.core.converters.ConverterUtils.isResponseTypeWrapper;
 
 public class ResponseSupportConverter implements ModelConverter {
@@ -51,6 +52,8 @@ else if (innerType.getBindings() != null && isResponseTypeWrapper(innerType.getR
 					type = new AnnotatedType(innerType).jsonViewAnnotation(type.getJsonViewAnnotation()).resolveAsRef(true);
 				}
 			}
+			else if (isResponseTypeToIgnore(cls))
+				return null;
 		}
 		if (chain.hasNext()) {
 			return chain.next().resolve(type, context, chain);

Diff for: springdoc-openapi-security/src/main/java/org/springdoc/core/IgnoredParameterAnnotationsWithSecurity.java renamed to springdoc-openapi-security/src/main/java/org/springdoc/core/IgnoredParameterWithSecurity.java

@@ -18,9 +18,18 @@
 
 package org.springdoc.core;
 
+import org.springframework.security.core.Authentication;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 
-public class IgnoredParameterAnnotationsWithSecurity implements IgnoredParameterAnnotations {
+import static org.springdoc.core.AbstractRequestBuilder.addRequestWrapperToIgnore;
+import static org.springdoc.core.converters.ConverterUtils.addResponseTypeToIgnore;
+
+public class IgnoredParameterWithSecurity implements IgnoredParameterAnnotations {
+
+	static {
+		addRequestWrapperToIgnore(Authentication .class);
+		addResponseTypeToIgnore(Authentication.class);
+	}
 
 	@Override
 	public boolean isAnnotationToIgnore(java.lang.reflect.Parameter parameter) {

Diff for: springdoc-openapi-security/src/main/java/org/springdoc/core/SpringDocSecurityConfiguration.java

@@ -33,13 +33,8 @@ public class SpringDocSecurityConfiguration {
 
 	@Bean
 	@Primary
-	IgnoredParameterAnnotationsWithSecurity ignoredParameterAnnotationsWithSecurity() {
-		return new IgnoredParameterAnnotationsWithSecurity();
-	}
-
-	@Bean
-	IgnoredParameterTypes ignoredParameterTypes() {
-		return new IgnoredParameterTypes();
+	IgnoredParameterWithSecurity ignoredParameterAnnotationsWithSecurity() {
+		return new IgnoredParameterWithSecurity();
 	}
 
 	@Configuration

Diff for: springdoc-openapi-security/src/main/java/org/springdoc/core/IgnoredParameterTypes.java renamed to springdoc-openapi-security/src/test/java/test/org/springdoc/api/app5/HelloController.java

@@ -16,14 +16,24 @@
  *
  */
 
-package org.springdoc.core;
+package test.org.springdoc.api.app5;
 
 import org.springframework.security.core.Authentication;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RestController;
 
-public class IgnoredParameterTypes {
+@RestController
+public class HelloController {
 
-	public IgnoredParameterTypes() {
-		AbstractRequestBuilder.addRequestWrapperToIgnore(Authentication.class);
+
+	@GetMapping
+	public Authentication doGet() {
+		return null;
 	}
 
-}
+	@PostMapping
+	public Sample doPost() {
+		return null;
+	}
+}

Diff for: springdoc-openapi-security/src/test/java/test/org/springdoc/api/app5/Sample.java

@@ -0,0 +1,42 @@
+/*
+ *
+ *  * Copyright 2019-2020 the original author or authors.
+ *  *
+ *  * Licensed under the Apache License, Version 2.0 (the "License");
+ *  * you may not use this file except in compliance with the License.
+ *  * You may obtain a copy of the License at
+ *  *
+ *  *      https://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing, software
+ *  * distributed under the License is distributed on an "AS IS" BASIS,
+ *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  * See the License for the specific language governing permissions and
+ *  * limitations under the License.
+ *
+ */
+
+package test.org.springdoc.api.app5;
+
+import org.springframework.security.core.Authentication;
+
+public class Sample {
+	private String toto;
+	private Authentication authentication;
+
+	public String getToto() {
+		return toto;
+	}
+
+	public void setToto(String toto) {
+		this.toto = toto;
+	}
+
+	public Authentication getAuthentication() {
+		return authentication;
+	}
+
+	public void setAuthentication(Authentication authentication) {
+		this.authentication = authentication;
+	}
+}

Diff for: springdoc-openapi-security/src/test/java/test/org/springdoc/api/app5/SpringDocApp5Test.java

@@ -0,0 +1,30 @@
+/*
+ *
+ *  * Copyright 2019-2020 the original author or authors.
+ *  *
+ *  * Licensed under the Apache License, Version 2.0 (the "License");
+ *  * you may not use this file except in compliance with the License.
+ *  * You may obtain a copy of the License at
+ *  *
+ *  *      https://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing, software
+ *  * distributed under the License is distributed on an "AS IS" BASIS,
+ *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  * See the License for the specific language governing permissions and
+ *  * limitations under the License.
+ *
+ */
+
+package test.org.springdoc.api.app5;
+
+import test.org.springdoc.api.AbstractSpringDocTest;
+
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+public class SpringDocApp5Test extends AbstractSpringDocTest {
+
+	@SpringBootApplication(scanBasePackages =  { "test.org.springdoc.api.configuration,test.org.springdoc.api.app5" })
+	static class SpringDocTestApp {}
+
+}

Diff for: springdoc-openapi-security/src/test/resources/results/app5.json

@@ -0,0 +1,59 @@
+{
+  "openapi": "3.0.1",
+  "info": {
+    "title": "OpenAPI definition",
+    "version": "v0"
+  },
+  "servers": [
+    {
+      "url": "http://localhost",
+      "description": "Generated server url"
+    }
+  ],
+  "paths": {
+    "/": {
+      "get": {
+        "tags": [
+          "hello-controller"
+        ],
+        "operationId": "doGet",
+        "responses": {
+          "200": {
+            "description": "default response",
+            "content": {}
+          }
+        }
+      },
+      "post": {
+        "tags": [
+          "hello-controller"
+        ],
+        "operationId": "doPost",
+        "responses": {
+          "200": {
+            "description": "default response",
+            "content": {
+              "*/*": {
+                "schema": {
+                  "$ref": "#/components/schemas/Sample"
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  },
+  "components": {
+    "schemas": {
+      "Sample": {
+        "type": "object",
+        "properties": {
+          "toto": {
+            "type": "string"
+          }
+        }
+      }
+    }
+  }
+}