I have a microservice-A which gets the token as a header from another microservice-B. Now I want to implement swagger2 in microservice-A. The problem is every request flows through microservice-B. So swagger-ui throws error in local as
it is not able to get those header parameter which microservice-B is
trying to fetch.
It is not able to get those header parameter which microservice-B is trying to fetch.
Swagger on its own can't call the authenticator service and add the obtained token to another request's header.
You can modify the Docket object to accept additional parameter in header as below:
docket.globalOperationParameters(
Collections.singletonList(new ParameterBuilder()
.name("Authorization")
.description("Bearer [token]")
.modelRef(new ModelRef("string"))
.parameterType("string")
.required(true)
.build()
)
);
This will allow Swagger UI to show additional field to accept token (see image below). You need to obtain the token by yourself and can put in this field.
Hope this helps.
Related
Each method of my REST api accepts an Authorization header. Now I need to fill out the header for each API method in Swagger UI.
How can I write Swagger annotation so I can fill the Authorization header once and then all my API methods can use it?
Thanks.
We are using spring boot 2.4.5 with webflux and calling a service with client credentials grant type. What we noticed is that webclient is not following redirects.
How can we enable webclient to follow redirects where it can continue passing access token until it get the http 200?
Adding following code snippet does not pass the access token to redirected url and it is returning 401.
WebClient.builder()
.clientConnector(new ReactorClientHttpConnector(
HttpClient.create().followRedirect(true)
))
The sensitive headers like the Authorization are removed from the initialized request when redirecting to a different domain.
You can use the following variant of followRedirect(boolean):
followRedirect(boolean followRedirect, Consumer<HttpClientRequest> redirectRequestConsumer)
In order to re-add the Authorization header using redirectRequestConsumer.
For more details see the Javadoc here and Reactor Netty documentation here.
Sorry folks, this may be a newb question. I'm a little lost.
My Spring-boot environment provides me with keycloak for client authorization, it gives me these.
spring.security.oauth2.resourceserver.jwt.issuer-uri
spring.security.oauth2.client.provider.keycloak.issuer-uri
spring.security.oauth2.client.registration.keycloak.* # client-id, secret, provider, grant-type
I noticed on the ClientRegistration that .issuerUri(String uri) is not avaialbe until Spring-Security v5.4.x. I am using 5.3.5, although I could bump up. I am confused what the difference is. As I would expect, I get an error when I do .tokenUri(issuerUri). I believe they are different modes/API, but I am at a loss as to what I should set in the 5.3.5 API.
Caused by: org.springframework.security.oauth2.client.ClientAuthorizationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: 405 Method Not Allowed: [{"error":"RESTEASY003650: No resource method found for POST, return 405 with Allow header"}]
So as a newb, I don't get why I have 4 choices of URI and what they do. Google and javadoc haven't been much help, so I figure I just don't know the right place to look to learn it. The only way I know how to fix this is to manual make my own HTTP call to the URI and get my Authentication token, but that would defeat the purpose of the Oauth2 library.
tokenUri represents the URI for the token endpoint. For example:
https://authz.example.org/auth/realms/myrealms/protocol/openid-connect/token
Whereas issuerUri is the URI that identifies the Authorization Server:
https://authz.example.org/auth
It's quite common for the issuer URI to be the root for more specific URIs like the token URI.
Regarding your specific error, I'd imagine that Keycloak is stating that you cannot POST to https://authz.example.org/auth, which is true. You should be POSTing to the token endpoint.
The issuer-uri Spring Boot property should cause Spring Security to look up the other endpoints and add them to a default ClientRegistration. Because of that, I'm not sure why you are also trying to programmatically configure ClientRegistration. That said, if you do need to programmatically create a ClientRegistration, you can use the issuer URI like so, and Spring Security will do the rest:
#Bean
ClientRegistrationRepository registrations() {
ClientRegistration registration = ClientRegistrations
.forIssuerLocation("https://authz.example.org/auth")
.build();
return new InMemoryClientRegistrationRepository(registration);
}
I am working on microservices using spring-boot-1.4.5. We are setting few headers in MDC while the interaction between microservices occurred. These headers are common across the microservices/application.There is an interceptor in each application which will check for this headers if it is not present the call will not reach controller. So for everything works fine. The problem is each application or services exposing a swagger-UI(swagger-ui:2.6.1).
I can able to see swagger-ui and all the endpoints in the application but i don't know how to show the global headers field under each endpoint.
How to customise swagger to show these global headers under each endpoint ?
Any help or hint would be appreciable also i browsed google and saw other posts which are not useful or i couldn't grasp the things properly.
To set global parameters, use ParameterBuilder to build springfox.documentation.service.Parameter and set it to globalOperationParameters.
#Bean
public Docket api() {
Parameter headerParam = new ParameterBuilder().name("TenantId").defaultValue("microservices").parameterType("header")
.modelRef(new ModelRef("string")).description("Tenant Identity").required(true).build();
return new Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo())
.globalOperationParameters(Arrays.asList(headerParam))
.select()
.apis(RequestHandlerSelectors.basePackage("com.app"))
.paths(PathSelectors.any())
.build();
}
In a springboot app context, i'm looking for the .json output of swagger.
Seems that in the docs, the /v2/api-docs is available, but there's nothing within this url in my project.
The UI swagger is available under /swagger-ui.html,
where can I find the json output ?
There is no physical json file/resource. It is generated at run-time and served up from memory.
Secondly the swagger-ui.html and all the javascript/css/images resources are served up from the springfox-swagger-ui library which is packaged up as a web-jars.
Try this one. You will have to provide the group name.
http://<host>:<port>/v2/api-docs?group=<group-name>
You don't have json endpoint out of the box. As I know, you have to build Docket for for every endpoint. Here is an example:
Docket endpointDocket = new Docket(DocumentationType.SWAGGER_2)
.groupName("yourGroupName")
.select()
.paths(regex("yourEndpointUrl"))
.build();
You have to register it in app context. Then you will have url (as mentioned by mephis-slayer):
http://<host>:<port>/v2/api-docs?group=yourGroupName