From 5dde208e726930529cbb6f1bb321f87470932cb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20Le=C3=9Fmann=20=28=40Mark=2ETwoFive=29?= Date: Thu, 19 Jun 2025 20:22:41 +0200 Subject: [PATCH] feat: Enable access to OpenAPI spec and Swagger UI --- .gitignore | 5 +++- .../config/SecurityConfiguration.java | 23 +++++++++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 src/main/java/de/mlessmann/certassist/config/SecurityConfiguration.java diff --git a/.gitignore b/.gitignore index ca68435..b9175c6 100644 --- a/.gitignore +++ b/.gitignore @@ -39,4 +39,7 @@ out/ ### Test files ### sqLiteDb.db -dev/ \ No newline at end of file +dev/ + +### Development settings ### +application.properties \ No newline at end of file diff --git a/src/main/java/de/mlessmann/certassist/config/SecurityConfiguration.java b/src/main/java/de/mlessmann/certassist/config/SecurityConfiguration.java new file mode 100644 index 0000000..c30d79f --- /dev/null +++ b/src/main/java/de/mlessmann/certassist/config/SecurityConfiguration.java @@ -0,0 +1,23 @@ +package de.mlessmann.certassist.config; + +import lombok.RequiredArgsConstructor; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.web.SecurityFilterChain; + +@Configuration +@RequiredArgsConstructor(onConstructor_ = @Autowired) +public class SecurityConfiguration { + + @Bean + public SecurityFilterChain securityFilters(HttpSecurity http) throws Exception { + // Allow unauthenticated access to OpenAPI and swagger documentation. + // This should be removed or at least configurable at some point, but for now, this is fine (tm) + http.authorizeHttpRequests(auth -> auth + .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html") + .permitAll()); + return http.build(); + } +}