I have been using swagger for a while with spring boot applications. It is very easy with spring since i only have to specify the package info.
But recently i was going through a few documents on how to integrate swagger with JAX-RS, i found it requires more involvement from developer by specifying api information's on a JSON.
Do we have any other solution?
Related
I have created a web rest API using Spring boot and I would like to generate a swagger page with the APIs documentation. How can I do that?
There is a Spring project dedicated to this: https://springdoc.org/.
You can annotate your classes and an OpenAPI document will be generated from them.
The OpenAPI document can be consumed in many ways (one of those is the Swagger UI, another is to generate clients from it).
I am developing a client application for client_credentials grant type flow in OAUTH2.
I am not able to decide on which dependency to use in my project for this purpose among the following.
spring-boot-starter-oauth2-client
spring-cloud-starter-oauth2
spring-security-oauth2
I referred this documentation from spring-projects in which under client-support section it had a table describing the available options. But I am not able to understand which column is referring to which of the above dependencies.
I want to configure a WebClient or RestTemplate which retrieves the OAUTH2 token from the auth-server automatically before accessing a resource-server.
Please guide me in choosing the right artifact for my project.
If you are using Spring Boot you should choose org.springframework.boot:spring-boot-starter-oauth2-client.
This includes Spring Security's OAuth 2.0 Client support and provides Spring Boot auto-configuration to set up OAuth2/Open ID Connect clients.
You can read about how to configure client in the Spring Boot reference documentation.
You can also find additional details in the Spring Security reference documentation.
If you are not using Spring Boot then you should choose org.springframework.security:spring-security-oauth2-client. This also provides Spring Security's latest OAuth 2.0 Client support, but does not include the Spring Boot auto-configuration.
The corresponding documentation is also the Spring Security reference documentation.
The third dependency you mentioned org.springframework.security.oauth:spring-security-oauth2 should not be used because it is part of the legacy Spring Security OAuth project, which is now deprecated.
The functionality that this library provided has now been moved into Spring Security.
That is what the Migration Guide describes, the migration from the legacy project to the latest Spring Security support.
You should not use the org.springframework.cloud:spring-cloud-starter-oauth2 at this time, because it relies on the legacy OAuth support.
This is likely to change in the future, as the Spring Cloud team updates to the latest Spring Security support.
I am using java spring boot framework to create REST api for my project and I am using "springfox-swagger2 and springfox-swagger-ui" for generating swagger documentation. I am able to see my documentation using the url http://localhost:8080/swagger-ui.html.
How can I generate swagger.json / spec.json to a file without launching web url? I am planning to create client classes also in same build using this json.
Is there a way that make Spring generate documents of all my rest APIs automatically and set it as the error page?
Spring REST Docs is the tool to help you to produce documentation for your RESTful services that is accurate and readable.
An alternative is swagger, with the swagger annotion, it is eaiser to integrate with existing RESTful services and generated the swagger UI page.
Then customize the spring boot error page
I just developed a simple restful web service by using Spring 4.0 and Hibernate 4.0, so it is without beans.xml file.
I would like to implement a Spring Security on the web service, since the roles will be performed on the HTTP functions GET, POST and DELETE, i.e. only admin who is allowed to DELETE, manager is allowed to do both POST and GET and the user can only GET data.
I'm looking for a detailed tutorial with example to implement Spring Security? or Do you think there is an easier security mechanism regardless it's strength?
I just found that they in Spring.io added a detailed tutorial with real example developed by Java 8 in their own website, so it is completely annotation-based, which helps for building a RESTful webservice with Spring, testing it and also securing it.
It is really awesome, located HERE