From bbad969a9b1d2b9334fa1f5dfcc8219d733f1deb Mon Sep 17 00:00:00 2001
From: CRoberto1926 <3205022+CRoberto1926@users.noreply.github.com>
Date: Fri, 19 Jul 2024 16:56:14 +0200
Subject: [PATCH] Closes #2616 - Make OpenAPI/Swagger UI docs public
---
.../pro/taskana/example/boot/OpenApiConfiguration.java | 10 +++++++---
.../boot/security/BootWebSecurityConfigurer.java | 8 +++++++-
.../src/main/resources/application.properties | 2 +-
3 files changed, 15 insertions(+), 5 deletions(-)
diff --git a/rest/taskana-rest-spring-example-boot/src/main/java/pro/taskana/example/boot/OpenApiConfiguration.java b/rest/taskana-rest-spring-example-boot/src/main/java/pro/taskana/example/boot/OpenApiConfiguration.java
index c18dba37d5..40dda5e708 100644
--- a/rest/taskana-rest-spring-example-boot/src/main/java/pro/taskana/example/boot/OpenApiConfiguration.java
+++ b/rest/taskana-rest-spring-example-boot/src/main/java/pro/taskana/example/boot/OpenApiConfiguration.java
@@ -1,7 +1,10 @@
package pro.taskana.example.boot;
import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
import io.swagger.v3.oas.annotations.info.Info;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.security.SecurityScheme;
import io.swagger.v3.oas.models.media.ArraySchema;
import io.swagger.v3.oas.models.media.ObjectSchema;
import io.swagger.v3.oas.models.media.StringSchema;
@@ -18,8 +21,7 @@
title = "TASKANA RESTful API Documentation",
version = "8.2.0",
description =
- ""
- + "Overview
"
+ "Overview
"
+ ""
+ "This is the REST documentation for [TASKANA](http://taskana.pro) - the "
+ "world’s first open source solution for Enterprise Task Management."
@@ -340,7 +342,9 @@
+ "
String | "
+ ""
+ ""
- + ""))
+ + ""),
+ security = {@SecurityRequirement(name = "basicAuth")})
+@SecurityScheme(name = "basicAuth", type = SecuritySchemeType.HTTP, scheme = "basic")
public class OpenApiConfiguration {
@Bean
public OpenApiCustomizer openApiCustomizer() {
diff --git a/rest/taskana-rest-spring-example-boot/src/main/java/pro/taskana/example/boot/security/BootWebSecurityConfigurer.java b/rest/taskana-rest-spring-example-boot/src/main/java/pro/taskana/example/boot/security/BootWebSecurityConfigurer.java
index a7b0becd85..3a8befa71b 100644
--- a/rest/taskana-rest-spring-example-boot/src/main/java/pro/taskana/example/boot/security/BootWebSecurityConfigurer.java
+++ b/rest/taskana-rest-spring-example-boot/src/main/java/pro/taskana/example/boot/security/BootWebSecurityConfigurer.java
@@ -73,8 +73,14 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
authorizeHttpRequests
.requestMatchers("/css/**", "/img/**")
.permitAll()
+ .requestMatchers(HttpMethod.GET, "/docs/**")
+ .permitAll()
.requestMatchers(
- HttpMethod.GET, "/docs/**", "/api-docs*")
+ HttpMethod.GET,
+ "/api-docs",
+ "/api-docs/**",
+ "/swagger-ui",
+ "/swagger-ui/**")
.permitAll())
.cors(Customizer.withDefaults())
.addFilter(jaasApiIntegrationFilter())
diff --git a/rest/taskana-rest-spring-example-boot/src/main/resources/application.properties b/rest/taskana-rest-spring-example-boot/src/main/resources/application.properties
index a7aff6af69..0d5d6ff893 100644
--- a/rest/taskana-rest-spring-example-boot/src/main/resources/application.properties
+++ b/rest/taskana-rest-spring-example-boot/src/main/resources/application.properties
@@ -33,7 +33,7 @@ taskana.schemaName=TASKANA
####### property that control rest api security deploy use true for no security.
devMode=false
# This property enables the support of XSRF tokens. This will not work together with devMode.
-enableCsrf=true
+enableCsrf=false
####### property that control if the database is cleaned and sample data is generated
generateSampleData=true
####### cache static resources properties