Добавил авторизацию JWT для Swagger

2023-02-11 16:56:07 +03:00 · 2023-02-11 16:56:07 +03:00 · 406b1ebffd
commit 406b1ebffd
parent 2f4231b5c8
3 changed files with 39 additions and 5 deletions
--- a/pom.xml
+++ b/pom.xml
@ -33,6 +33,31 @@
            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
            <version>2.6.0</version>
        </dependency>
+
+        <!-- jwt dependencies -->
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-api</artifactId>
+            <version>0.11.5</version>
+        </dependency>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-impl</artifactId>
+            <version>0.11.5</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-jackson</artifactId>
+            <version>0.11.5</version>
+            <scope>runtime</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>javax.xml.bind</groupId>
+            <artifactId>jaxb-api</artifactId>
+            <version>2.3.1</version>
+        </dependency>
    </dependencies>

    <build>
--- a/src/main/java/org/sadtech/example/swagger/config/OpenApiConfig.java
+++ b/src/main/java/org/sadtech/example/swagger/config/OpenApiConfig.java
@ -1,8 +1,10 @@
 package org.sadtech.example.swagger.config;

 import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
 import io.swagger.v3.oas.annotations.info.Contact;
 import io.swagger.v3.oas.annotations.info.Info;
+import io.swagger.v3.oas.annotations.security.SecurityScheme;

 /**
 * @author upagge 30.12.2020
@ -18,6 +20,12 @@ import io.swagger.v3.oas.annotations.info.Info;
                )
        )
 )
+@SecurityScheme(
+        name = "JWT",
+        type = SecuritySchemeType.HTTP,
+        bearerFormat = "JWT",
+        scheme = "bearer"
+)
 public class OpenApiConfig {

 }
--- a/src/main/java/org/sadtech/example/swagger/controller/PointController.java
+++ b/src/main/java/org/sadtech/example/swagger/controller/PointController.java
@ -2,19 +2,18 @@ package org.sadtech.example.swagger.controller;

 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.enums.ParameterIn;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.validation.constraints.Min;
 import jakarta.validation.constraints.NotBlank;
 import org.sadtech.example.swagger.dto.TypeOperation;
 import org.sadtech.example.swagger.dto.UserDto;
-import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
@ -37,12 +36,14 @@ public class PointController {
    }

    @PostMapping("{key}")
+    @SecurityRequirement(name = "JWT")
    @ApiResponse(responseCode = "400", description = "Неверный запрос — количество баллов должно быть неотрицательным")
    @Operation(summary = "Управление баллами", description = "Позволяет удалить или добавить баллы пользователю")
    public HttpStatus changePoints(
-            @PathVariable @NotBlank @Parameter(description = "Идентификатор пользователя") String key,
+            @PathVariable @NotBlank @Parameter(description = "Идентификатор пользователя", example = "key1") String key,
            @RequestParam("point") @Min(0) @Parameter(description = "Количество баллов", required = true, example = "100") Long point,
-            @RequestParam("type") @Parameter(description = "Тип операции", required = true, example = "PLUS") TypeOperation type
+            @RequestParam("type") @Parameter(description = "Тип операции", required = true, example = "PLUS") TypeOperation type,
+            HttpServletRequest request
    ) {
        final UserDto userDto = repository.get(key);
        userDto.setPoints(