search

SMILEY4 / ktor-swagger-ui

Kotlin Ktor plugin to generate OpenAPI and provide Swagger UI
Apache License 2.0
150 stars 25 forks source link

getting superflous "...$checkAccess$route$1@..." when using " authenticate" #68

Closed dec1 closed 10 months ago

dec1 commented 10 months ago

Hello.

I can generate an openapispec fine with your library, when i dont use authentication.

for example a route such as 

 GET /api/v1/companies/{companyId}/profile

is published and can be verified by tests that backend implementation is fine

wheni add authentication (keycloak with jwt) by surrunding the routes in

 authenticate {withRoles

the routes gets published with superflous 

  ...... $checkAccess$route$......

the complete route is now 

      [/api/v1/companies/blah.balh2.blah3.common.security.RouteKt$checkAccess$route$1@6d60899e/{companyId}/profile

how can i get rid of this in openapi spec (json and swager-ui) ?

Note: Ive tried initializing swagger as: install(SwaggerUI) {

    swagger {
        swaggerUrl = "swagger-ui"
        forwardRoot = true
    }
    defaultSecuritySchemeName = "MyOAuth2"

    info {
        title = "Example API"
        version = "latest"
        description = "Example API for testing and demonstration purposes."
    }
    server {
        url = "http://localhost:8080"
        description = "Development Server"
    }

    securityScheme("MyOAuth2") {
        type = AuthType.OAUTH2
        flows {
            password {
                tokenUrl = "http://your-keycloak-domain/auth/realms/your-realm/protocol/openid-connect/token"
                scopes = mapOf(
                    "scope1" to "Description of scope1",
                    "scope2" to "Description of scope2"
                )
            }
        }
    }
}

and the route code like:

    route("/profile") {
                get( {
                description = "my profile endpoint ...."
                securitySchemeName = "MyOAuth2"

                request{
                    pathParameter<String>("companyId"){example = "23"}
                }
                response {
                    HttpStatusCode.OK to {
                        description = "my successful Request"
                        body<String> { description = "the response 2" }
                    }
                    HttpStatusCode.InternalServerError to {
                        description = "oh my - something unexpected happened"
                    }
                }
            })

                {
               // handle request here
SMILEY4 commented 10 months ago

Hi, you can ignore unwanted parts with the ignoredRouteSelectors in the plugin config. Check which RouteSelector the authentication-block adds and add that to the list.

dec1 commented 10 months ago

Thank you very much . I have since discovered the unwanted portions of the route were coming from "transparent" children injected in our security code. 

createChild(object : RouteSelector() {
      override fun evaluate(context: RoutingResolveContext, segmentIndex: Int): RouteSelectorEvaluation {
         return RouteSelectorEvaluation.Transparent
      }

just in case you might consider including them in generated api spec to be unwanted (since they dont affect the routing decisions)