Java Code Examples for io.swagger.models.Swagger#getSecurityDefinitions()

The following examples show how to use io.swagger.models.Swagger#getSecurityDefinitions() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AuthBuilder.java    From api-compiler with Apache License 2.0 6 votes vote down vote up
@Override
public void addFromSwagger(Service.Builder serviceBuilder, Swagger swagger) {
  if (swagger.getSecurityDefinitions() == null) {
    return;
  }
  TreeSet<String> swaggerSecurityDefNames =
      Sets.newTreeSet(swagger.getSecurityDefinitions().keySet());
  for (String swaggerSecurityDefName : swaggerSecurityDefNames) {

    addAuthProvider(
        serviceBuilder,
        swaggerSecurityDefName,
        swagger.getSecurityDefinitions().get(swaggerSecurityDefName));
  }
  addSecurityRequirementForEntireService(serviceBuilder, swagger.getSecurity());
  addSecurityRequirementExtensionForEntireService(serviceBuilder, swagger);
}
 
Example 2
Source File: OAS2Parser.java    From carbon-apimgt with Apache License 2.0 6 votes vote down vote up
/**
 * Retrieves the "Auth2" security scheme key
 *
 * @param swagger Swgger object
 * @return "Auth2" security scheme key
 */
private String getOAuth2SecuritySchemeKey(Swagger swagger) {
    final String oauth2Type = new OAuth2Definition().getType();
    Map<String, SecuritySchemeDefinition> securityDefinitions = swagger.getSecurityDefinitions();
    boolean hasDefaultKey = false;
    boolean hasRESTAPIScopeKey = false;
    if (securityDefinitions != null) {
        for (Map.Entry<String, SecuritySchemeDefinition> definitionEntry : securityDefinitions.entrySet()) {
            if (oauth2Type.equals(definitionEntry.getValue().getType())) {
                //sets hasDefaultKey to true if at least once SWAGGER_APIM_DEFAULT_SECURITY becomes the key
                hasDefaultKey = hasDefaultKey || SWAGGER_APIM_DEFAULT_SECURITY.equals(definitionEntry.getKey());
                //sets hasRESTAPIScopeKey to true if at least once SWAGGER_APIM_RESTAPI_SECURITY becomes the key
                hasRESTAPIScopeKey = hasRESTAPIScopeKey
                        || SWAGGER_APIM_RESTAPI_SECURITY.equals(definitionEntry.getKey());
            }
        }
    }
    if (hasDefaultKey) {
        return SWAGGER_APIM_DEFAULT_SECURITY;
    } else if (hasRESTAPIScopeKey) {
        return SWAGGER_APIM_RESTAPI_SECURITY;
    } else {
        return null;
    }
}
 
Example 3
Source File: SwaggerRouter.java    From vertx-swagger with Apache License 2.0 5 votes vote down vote up
private static SwaggerAuthHandlerFactory getSwaggerAuthHandlerFactory(Swagger swagger) {
    SwaggerAuthHandlerFactory authHandlerFactory = null;
    if(swagger.getSecurityDefinitions() != null && !swagger.getSecurityDefinitions().isEmpty()) {
        boolean hasAuthProvidersForOperation = swagger.getSecurityDefinitions().entrySet().stream()
                .map(Map.Entry::getKey)
                .map(name -> getAuthProviderFactory().getAuthProviderByName(name))
                .anyMatch(Objects::nonNull);
        if (hasAuthProvidersForOperation) {
            authHandlerFactory = SwaggerAuthHandlerFactory.create(swagger.getSecurityDefinitions());
        }
    }
    return authHandlerFactory;
}
 
Example 4
Source File: SwaggerGenerator.java    From endpoints-java with Apache License 2.0 5 votes vote down vote up
private static Map<String, SecuritySchemeDefinition> getOrCreateSecurityDefinitionMap(
    Swagger swagger) {
  Map<String, SecuritySchemeDefinition> securityDefinitions = swagger.getSecurityDefinitions();
  if (securityDefinitions == null) {
    securityDefinitions = new LinkedHashMap<>();
    swagger.setSecurityDefinitions(securityDefinitions);
  }
  return securityDefinitions;
}
 
Example 5
Source File: SwaggerGeneratorTest.java    From endpoints-java with Apache License 2.0 5 votes vote down vote up
private void checkOrdering(Swagger expected, Swagger actual) {
  if (expected.getSecurityDefinitions() != null && actual.getSecurityDefinitions() != null) {
    assertThat(ImmutableList.of(expected.getSecurityDefinitions().keySet()))
        .isEqualTo(ImmutableList.of(actual.getSecurityDefinitions().keySet()));
  }
  if (expected.getDefinitions() != null && actual.getDefinitions() != null) {
    assertThat(ImmutableList.of(expected.getDefinitions().keySet()))
        .isEqualTo(ImmutableList.of(actual.getDefinitions().keySet()));
  }
}
 
Example 6
Source File: OAS2Parser.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * This method returns the oauth scopes according to the given swagger
 *
 * @param resourceConfigsJSON resource json
 * @return scope set
 * @throws APIManagementException
 */
@Override
public Set<Scope> getScopes(String resourceConfigsJSON) throws APIManagementException {
    Swagger swagger = getSwagger(resourceConfigsJSON);
    String oauth2SchemeKey = getOAuth2SecuritySchemeKey(swagger);

    Map<String, SecuritySchemeDefinition> securityDefinitions = swagger.getSecurityDefinitions();
    OAuth2Definition oAuth2Definition;
    if (securityDefinitions != null
            && (oAuth2Definition = (OAuth2Definition) securityDefinitions.get(oauth2SchemeKey)) != null
            && oAuth2Definition.getScopes() != null) {
        Set<Scope> scopeSet = new LinkedHashSet<>();
        for (Map.Entry<String, String> entry : oAuth2Definition.getScopes().entrySet()) {
            Scope scope = new Scope();
            scope.setKey(entry.getKey());
            scope.setName(entry.getKey());
            scope.setDescription(entry.getValue());
            Map<String, String> scopeBindings;
            if (oAuth2Definition.getVendorExtensions() != null && (scopeBindings =
                    (Map<String, String>) oAuth2Definition.getVendorExtensions()
                            .get(APIConstants.SWAGGER_X_SCOPES_BINDINGS)) != null) {
                if (scopeBindings.get(scope.getKey()) != null) {
                    scope.setRoles(scopeBindings.get(scope.getKey()));
                }
            }
            scopeSet.add(scope);
        }
        return OASParserUtil.sortScopes(scopeSet);
    } else {
        return OASParserUtil.sortScopes(getScopesFromExtensions(swagger));
    }
}
 
Example 7
Source File: OAS2Parser.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * This method returns the boolean value which checks whether the swagger is included default security scheme or not
 *
 * @param swaggerContent resource json
 * @return boolean
 * @throws APIManagementException
 */
private boolean isDefaultGiven(String swaggerContent) throws APIManagementException {
    Swagger swagger = getSwagger(swaggerContent);

    Map<String, SecuritySchemeDefinition> securityDefinitions = swagger.getSecurityDefinitions();
    if (securityDefinitions == null) {
        return false;
    }
    OAuth2Definition checkDefault = (OAuth2Definition) securityDefinitions.get(SWAGGER_SECURITY_SCHEMA_KEY);
    if (checkDefault == null) {
        return false;
    }
    return true;
}
 
Example 8
Source File: OAS2Parser.java    From carbon-apimgt with Apache License 2.0 4 votes vote down vote up
/**
 * This method returns the oauth scopes according to the given swagger(version 2)
 *
 * @param swagger resource json
 * @return Swagger
 * @throws APIManagementException
 */
private Swagger injectOtherScopesToDefaultScheme(Swagger swagger) throws APIManagementException {
    //Get security definitions from swagger
    Map<String, SecuritySchemeDefinition> securityDefinitions = swagger.getSecurityDefinitions();
    List<String> otherSetOfSchemes = new ArrayList<>();
    Map<String, String> defaultScopeBindings = null;
    if (securityDefinitions != null) {
        //If there is no default type schemes set a one
        OAuth2Definition newDefault = new OAuth2Definition();
        securityDefinitions.put(SWAGGER_SECURITY_SCHEMA_KEY, newDefault);
        //Check all the security definitions
        for (Map.Entry<String, SecuritySchemeDefinition> definition : securityDefinitions.entrySet()) {
            String checkType = definition.getValue().getType();
            //Inject other scheme scopes into default scope
            if (!SWAGGER_SECURITY_SCHEMA_KEY.equals(definition.getKey()) && "oauth2".equals(checkType)) {
                //Add non default scopes to other scopes list
                otherSetOfSchemes.add(definition.getKey());
                //Check for default one
                OAuth2Definition noneDefaultFlowType = (OAuth2Definition) definition.getValue();
                OAuth2Definition defaultTypeFlow = (OAuth2Definition) securityDefinitions.get(SWAGGER_SECURITY_SCHEMA_KEY);
                Map<String, String> noneDefaultFlowScopes = noneDefaultFlowType.getScopes();
                Map<String, String> defaultTypeScopes = defaultTypeFlow.getScopes();
                if (defaultTypeScopes == null) {
                    defaultTypeScopes = new HashMap<>();
                }
                for (Map.Entry<String, String> input : noneDefaultFlowScopes.entrySet()) {
                    defaultTypeScopes.put(input.getKey(), input.getValue());
                }
                defaultTypeFlow.setScopes(defaultTypeScopes);
                //Check X-Scope Bindings
                Map<String, String> noneDefaultScopeBindings = null;
                Map<String, Object> defaultTypeExtension = defaultTypeFlow.getVendorExtensions();
                if (noneDefaultFlowType.getVendorExtensions() != null && (noneDefaultScopeBindings =
                        (Map<String, String>) noneDefaultFlowType.getVendorExtensions().get(APIConstants.SWAGGER_X_SCOPES_BINDINGS))
                        != null) {
                    if (defaultScopeBindings == null) {
                        defaultScopeBindings = new HashMap<>();
                    }
                    //Inject non default scope bindings into default scheme
                    for (Map.Entry<String, String> roleInUse : noneDefaultScopeBindings.entrySet()) {
                        defaultScopeBindings.put(roleInUse.getKey(), roleInUse.getValue());
                    }
                }
                defaultTypeExtension.put(APIConstants.SWAGGER_X_SCOPES_BINDINGS, defaultScopeBindings);
                defaultTypeFlow.setVendorExtensions(defaultTypeExtension);
                securityDefinitions.put(SWAGGER_SECURITY_SCHEMA_KEY, defaultTypeFlow);
            }
        }
        //update list of security schemes in the swagger object
        swagger.setSecurityDefinitions(securityDefinitions);
    }
    setOtherSchemes(otherSetOfSchemes);
    return swagger;
}