diff --git a/pom.xml b/pom.xml
index 3c33388..a24fb5a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,6 +33,31 @@
springdoc-openapi-starter-webmvc-ui
2.6.0
+
+
+
+ io.jsonwebtoken
+ jjwt-api
+ 0.11.5
+
+
+ io.jsonwebtoken
+ jjwt-impl
+ 0.11.5
+ runtime
+
+
+ io.jsonwebtoken
+ jjwt-jackson
+ 0.11.5
+ runtime
+
+
+
+ javax.xml.bind
+ jaxb-api
+ 2.3.1
+
diff --git a/src/main/java/org/sadtech/example/swagger/config/OpenApiConfig.java b/src/main/java/org/sadtech/example/swagger/config/OpenApiConfig.java
index c092668..43ab813 100644
--- a/src/main/java/org/sadtech/example/swagger/config/OpenApiConfig.java
+++ b/src/main/java/org/sadtech/example/swagger/config/OpenApiConfig.java
@@ -1,8 +1,10 @@
package org.sadtech.example.swagger.config;
import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
import io.swagger.v3.oas.annotations.info.Contact;
import io.swagger.v3.oas.annotations.info.Info;
+import io.swagger.v3.oas.annotations.security.SecurityScheme;
/**
* @author upagge 30.12.2020
@@ -18,6 +20,12 @@ import io.swagger.v3.oas.annotations.info.Info;
)
)
)
+@SecurityScheme(
+ name = "JWT",
+ type = SecuritySchemeType.HTTP,
+ bearerFormat = "JWT",
+ scheme = "bearer"
+)
public class OpenApiConfig {
}
diff --git a/src/main/java/org/sadtech/example/swagger/controller/PointController.java b/src/main/java/org/sadtech/example/swagger/controller/PointController.java
index 836dedf..a99b4d6 100644
--- a/src/main/java/org/sadtech/example/swagger/controller/PointController.java
+++ b/src/main/java/org/sadtech/example/swagger/controller/PointController.java
@@ -2,19 +2,18 @@ package org.sadtech.example.swagger.controller;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.constraints.Min;
import jakarta.validation.constraints.NotBlank;
import org.sadtech.example.swagger.dto.TypeOperation;
import org.sadtech.example.swagger.dto.UserDto;
-import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@@ -37,12 +36,14 @@ public class PointController {
}
@PostMapping("{key}")
+ @SecurityRequirement(name = "JWT")
@ApiResponse(responseCode = "400", description = "Неверный запрос — количество баллов должно быть неотрицательным")
@Operation(summary = "Управление баллами", description = "Позволяет удалить или добавить баллы пользователю")
public HttpStatus changePoints(
- @PathVariable @NotBlank @Parameter(description = "Идентификатор пользователя") String key,
+ @PathVariable @NotBlank @Parameter(description = "Идентификатор пользователя", example = "key1") String key,
@RequestParam("point") @Min(0) @Parameter(description = "Количество баллов", required = true, example = "100") Long point,
- @RequestParam("type") @Parameter(description = "Тип операции", required = true, example = "PLUS") TypeOperation type
+ @RequestParam("type") @Parameter(description = "Тип операции", required = true, example = "PLUS") TypeOperation type,
+ HttpServletRequest request
) {
final UserDto userDto = repository.get(key);
userDto.setPoints(