search

springfox / springfox-grails-integration

SpringFox integration with Grails 3.x
Apache License 2.0
19 stars 12 forks source link

Bearer Authentication #26

Open javierggi opened 6 years ago

javierggi commented 6 years ago

Hi, I am trying to implement a Bearer token authentication. I am experiencing the exact same problems as explained in this issue: https://github.com/springfox/springfox/issues/2194.

I followed all recommendations but I am still unable to see the "lock" at the methods I am trying to secure.

My Docket method is as follows:

@Bean
    Docket api() {
        new Docket(DocumentationType.SWAGGER_2)
            .ignoredParameterTypes(MetaClass)
            .select()
                .apis(RequestHandlerSelectors.basePackage(myPackage))
                .paths(not(ant("/error")))
                .build()
            .host(myHost)
            .pathMapping(myPath)
            .securitySchemes(Arrays.asList(apiKey()))
            .securityContexts(Arrays.asList(securityContext()))
            .useDefaultResponseMessages(false)
    }

The other security related methods are:

@Bean
SecurityConfiguration security() {
    return SecurityConfigurationBuilder.builder()
            .clientId("test")
            .clientSecret("test-secret")
            .scopeSeparator("")
            .useBasicAuthenticationWithAccessCodeGrant(false)
            .build()
}

private ApiKey apiKey() {
    return new ApiKey("apiKey", "Authorization", "header")
}

private SecurityContext securityContext() {
    return SecurityContext.builder()
            .securityReferences(defaultAuth())
            .forPaths(PathSelectors.regex("/accounts/api/v2.*"))
            .build()
}

private List<SecurityReference> defaultAuth() {
    AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything")
    AuthorizationScope[] authorizationScopes = new AuthorizationScope[1]
    authorizationScopes[0] = authorizationScope
    return Arrays.asList(new SecurityReference("apiKey", authorizationScopes))
}

I even added the code at my API methods as follows:

@ApiOperation(value="Create new.", authorizations = @Authorization("apiKey"))

My end result is having a popup where I can successfully input a token but it is not being passed on to the requests. I am using the following: 

compile "io.springfox:springfox-swagger2:2.8.0"
compile "io.springfox:springfox-swagger-ui:2.8.0"
compile "io.springfox.grails:springfox-grails:1.0.0"

Any help would be greatly appreciated. Cheers.

dilipkrish commented 6 years ago

I'll take a look and let u know.