Swagger authtentication is broken

[VergilSkye]

Overview of the issue

In the v7 version the swagger-ui doesn't have autentication and make unauthorized request. When open by the Adminstration tab and select API will open the API documentation (the user is already login in the app and have the ROLE_ADMIN)

when i try to use any endpoint i have the following response

"type": "https://www.jhipster.tech/problem/problem-with-message",
  "title": "Unauthorized",
  "status": 401,
  "detail": "Full authentication is required to access this resource",
  "path": "/api/account",
  "message": "error.http.401"

Motivation for or Use Case

swagger must work by default with the user autentication

Reproduce the error

Related issues

Suggest a Fix

JHipster Version(s)

JHipster configuration

<details>
<summary>.yo-rc.json file</summary>
<pre>
{
  "generator-jhipster": {
    "blueprints": [],
    "otherModules": [],
    "applicationType": "monolith",
    "baseName": "pessoa",
    "jhipsterVersion": "7.0.0",
    "skipClient": false,
    "skipServer": false,
    "skipUserManagement": false,
    "skipCheckLengthOfIdentifier": false,
    "skipFakeData": false,
    "jhiPrefix": "jhi",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "testFrameworks": [],
    "pages": [],
    "creationTimestamp": 1616757108518,
    "serviceDiscoveryType": false,
    "reactive": false,
    "authenticationType": "jwt",
    "packageName": "dev.vergil",
    "serverPort": "8080",
    "cacheProvider": "ehcache",
    "enableHibernateCache": true,
    "databaseType": "sql",
    "devDatabaseType": "h2Memory",
    "prodDatabaseType": "postgresql",
    "buildTool": "maven",
    "serverSideOptions": ["websocket:spring-websocket"],
    "websocket": "spring-websocket",
    "searchEngine": false,
    "messageBroker": false,
    "enableSwaggerCodegen": false,
    "clientFramework": "angularX",
    "withAdminUi": true,
    "clientTheme": "none",
    "enableTranslation": true,
    "nativeLanguage": "pt-br",
    "packageFolder": "dev/vergil",
    "jwtSecretKey": "YourJWTSecretKeyWasReplacedByThisMeaninglessTextByTheJHipsterInfoCommandForObviousSecurityReasons",
    "clientPackageManager": "npm",
    "clientThemeVariant": "",
    "languages": ["pt-br", "en"],
    "entities": ["Pessoa"],
    "lastLiquibaseTimestamp": 1616759375000
  }
}

</pre>
</details>

JDL for the Entity configuration(s) entityName.json files generated in the .jhipster directory

JDL entity definitions

/**
 * The Pessoa entity.\n@author Virgílio Stefanin
 */
entity Pessoa {
  /**
   * Nome obrigatorio
   */
  nome String required
  /**
   * Sexo enum com tres opcoes, Masculino, Feminino, Outros
   */
  sexo TipoSexo
  /**
   * Email nao obrigatorio
   */
  email String
  /**
   * Data de nascimento obrigatoria
   */
  dataNascimento LocalDate required
  /**
   * Naturalidade não obrigatória
   */
  naturalidade String
  /**
   * Nacionalidade não obrigatória
   */
  nacionalidade String
  cpf String required unique
}
enum TipoSexo {
  MASCULINO,
  FEMININO,
  OUTROS
}

dto Pessoa with mapstruct
paginate Pessoa with pagination
service Pessoa with serviceClass

Environment and Tools

java version "11.0.8" 2020-07-14 LTS Java(TM) SE Runtime Environment 18.9 (build 11.0.8+10-LTS) Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.8+10-LTS, mixed mode)

git version 2.25.1

node: v12.18.2

npm: 6.14.5

Docker version 20.10.5, build 55c4c88

Entity configuration(s) entityName.json files generated in the .jhipster directory

Browsers and Operating System

• [ ] Checking this box is mandatory (this is just to show you read everything)

[mshima]

Should be fixed by https://github.com/jhipster/generator-jhipster/pull/14443.

[VergilSkye]

thanks, with this change my swagger is functional. @mshima someone report when you run the npm start command it's opening port 9000 on browser and it should be port 4200?

[mshima]

@VergilSkye 9000 is browser sync while 4200 is ng serve. I know a problem that ng build wrongly runs browser sync.

[VergilSkye]

Thanks for the info, so my browser sync it's broken, only 4200 it's working on the moment,i will investigate tomorrow and make a separate issue, For this one it's already close :)

[pascalgrimaud]

@VergilSkye : we did this fix yesterday for Vue https://github.com/jhipster/generator-jhipster/pull/14478 Maybe there is the same issue for Angular?

[pascalgrimaud]

Reopening this ticket as the PR is not merged yet

[VergilSkye]

@VergilSkye : we did this fix yesterday for Vue #14478 Maybe there is the same issue for Angular?

no, it's not the same issue i think.

in my generated project, I changed the auth-jwt.service.ts file line 24 and 25

const tokenInLocalStorage: string | null = this.$localStorage.retrieve('authenticationToken');
const tokenInSessionStorage: string | null = this.$sessionStorage.retrieve('authenticationToken');

to

const tokenInLocalStorage: string | null = this.$localStorage.retrieve('jhi-authenticationToken');
const tokenInSessionStorage: string | null = this.$sessionStorage.retrieve('jhi-authenticationToken');

and in the file app.module.ts line 44 i changed

NgxWebstorageModule.forRoot({ prefix: 'jhi', separator: '-' }),

to

NgxWebstorageModule.forRoot({ prefix: 'jhi', separator: '-', caseSensitive: true }),

these changes were copied from commit #14443

so i think the #14443 should fix this problem,

[VergilSkye]

So i'm make a dummy project for a interview process with swagger and websocktes, I verified that the websockets are not working either because of the jwt token. I modified the file auth.interceptor.ts line 22 and several lines auth-jwt.service.ts adding the prefix jhi . So it' not only swagger broken, websockets too.

I wish to make a pr request or download #14443 to see if fixes my problem, but i have little time today :(

[pascalgrimaud]

@VergilSkye : my comment was for browser sync, not for broken swagger, which is in PR :-)