Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[REQ] Spring Server generators should allow for adding OAuth2 Preauthorize annotations based on scope #1975

Open
mikezx6r opened this issue Jan 24, 2019 · 7 comments · May be fixed by #6358
Open

[REQ] Spring Server generators should allow for adding OAuth2 Preauthorize annotations based on scope #1975

mikezx6r opened this issue Jan 24, 2019 · 7 comments · May be fixed by #6358
Labels
Enhancement: Feature

Comments

@mikezx6r
Copy link
Contributor

Using OAuth JWT scopes and Spring Security's PreAuthorize annotation requires the PreAuthorize annotation to be on the same method as the Mapping related annotation.

With the current generators (Java/Kotlin), the Mapping annotation is in generated code, so manually adding the PreAuthorize annotation can't be done without modifying generated code.

It would be good if the generator had a flag for Spring Security, and would then leverage the OAuth2 security settings to add @PreAuthorize() annotations to the Controller class methods with the Mapping related annotations.

This is dependent on #392 being corrected first.
@mikezx6r
Copy link
Contributor Author

As this will target the Java and Kotlin Spring generators, I'd appreciate any thoughts or feedback you have on this. I think adding a new config property 'use.spring.security.oauth' which would add the appropriate @PreAuthorize("hasAuthority('SCOPE_read:pets')") annotation alongside the @Mapping annotation on the interface/controller method/function would be the way to go.

I will also look at the generated build.gradle/pom.xml file to ensure that if required, the appropriate spring security dependencies are brought in.

@jimschubert, @dr4ke616, @bbdouglas, @JFCote, @sreeshas, @jfiala, @lukoyanov, @cbornet, @jeff9finger

Let me know if I haven't explained things sufficiently.

@epochcoder
Copy link

epochcoder commented Feb 14, 2020
edited
Loading

@mikezx6r Did you find a way to do this yet? since adding @PreAuthorize on the implemented controller seems to make spring not pick up the controller at all.

@mikezx6r
Copy link
Contributor Author

It's been a long time since I've even thought about this. I believe the @PreAuthorize needs to be with the @mapping, and that's on the interface. So yes, it won't work if you put it on the Controller.

But at the moment, I'm not using this project (not writing REST Services, doing other work)

@ersinciftci ersinciftci mentioned this issue Feb 21, 2020
Closed
5 tasks
nhomble added a commit to nhomble/openapi-generator that referenced this issue Mar 19, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
f4b4e87 
…rator into OpenAPIToolsgh-1975

� Conflicts:
�	modules/openapi-generator/src/test/java/org/openapitools/codegen/java/spring/SpringCodegenTest.java
nhomble added a commit to nhomble/openapi-generator that referenced this issue Mar 30, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
d139d8a 
…rator into OpenAPIToolsgh-1975
nhomble added a commit to nhomble/openapi-generator that referenced this issue Apr 3, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
20b790d 
…rator into OpenAPIToolsgh-1975
nhomble added a commit to nhomble/openapi-generator that referenced this issue Apr 6, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
8836672 
…rator into OpenAPIToolsgh-1975
nhomble added a commit to nhomble/openapi-generator that referenced this issue Apr 14, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
5104dc3 
…rator into OpenAPIToolsgh-1975

# Conflicts:
#	modules/openapi-generator/src/test/java/org/openapitools/codegen/java/spring/SpringCodegenTest.java
#	samples/client/petstore/dart2/openapi/.openapi-generator/VERSION
nhomble added a commit to nhomble/openapi-generator that referenced this issue Apr 14, 2020
@nhomble
Merge branch 'master' into OpenAPIToolsgh-1975
6e55ca6
@nhomble nhomble mentioned this issue Apr 14, 2020
Closed
5 tasks
nhomble added a commit to nhomble/openapi-generator that referenced this issue Apr 30, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
cfe7718 
…rator into OpenAPIToolsgh-1975

� Conflicts:
�	samples/openapi3/client/petstore/python-experimental/docs/FakeApi.md
�	samples/openapi3/client/petstore/python/docs/FakeApi.md
�	samples/server/petstore/python-aiohttp-srclayout/Makefile
nhomble added a commit to nhomble/openapi-generator that referenced this issue May 3, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
466b557 
…rator into OpenAPIToolsgh-1975

# Conflicts:
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/ApiClient.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/ApiException.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/ApiResponse.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/Configuration.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/CustomInstantDeserializer.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/JSON.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/Pair.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/ServerConfiguration.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/ServerVariable.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/StringUtil.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/api/AnotherFakeApi.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/api/DefaultApi.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/api/FakeApi.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/api/FakeClassnameTags123Api.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/api/PetApi.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/api/StoreApi.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/api/UserApi.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/auth/ApiKeyAuth.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/auth/Authentication.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/auth/HttpBasicAuth.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/auth/HttpBearerAuth.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/auth/HttpSignatureAuth.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/auth/OAuth.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/auth/OAuthFlow.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/AbstractOpenApiSchema.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/AdditionalPropertiesClass.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/EnumTest.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/Foo.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/FormatTest.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/HasOnlyReadOnly.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/HealthCheckResult.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/InlineObject.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/InlineObject1.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/InlineObject2.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/InlineObject3.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/InlineObject4.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/InlineObject5.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/InlineResponseDefault.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/NullableClass.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/OuterEnumDefaultValue.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/OuterEnumInteger.java
#	samples/client/petstore/java/jersey2-experimental/src/main/java/org/openapitools/client/model/OuterEnumIntegerDefaultValue.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/RFC3339DateFormat.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Animal.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/ArrayOfArrayOfNumberOnly.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/ArrayOfNumberOnly.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/ArrayTest.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Capitalization.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Cat.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/CatAllOf.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Category.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/ClassModel.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Client.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Dog.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/DogAllOf.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/EnumArrays.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/EnumClass.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/FileSchemaTestClass.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/MapTest.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/MixedPropertiesAndAdditionalPropertiesClass.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Model200Response.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/ModelApiResponse.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/ModelReturn.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Name.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/NumberOnly.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Order.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/OuterComposite.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/OuterEnum.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Pet.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/ReadOnlyFirst.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/SpecialModelName.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/Tag.java
#	samples/server/petstore/spring-security/src/main/java/org/openapitools/model/User.java
nhomble added a commit to nhomble/openapi-generator that referenced this issue May 4, 2020
@nhomble
Merge branch 'master' into OpenAPIToolsgh-1975
5c8ee5f
nhomble added a commit to nhomble/openapi-generator that referenced this issue May 4, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
9246535 
…rator into OpenAPIToolsgh-1975
nhomble added a commit to nhomble/openapi-generator that referenced this issue May 12, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
8660e38 
…rator into OpenAPIToolsgh-1975-II
nhomble added a commit to nhomble/openapi-generator that referenced this issue May 12, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
aa91137 
…rator into OpenAPIToolsgh-1975-II
nhomble added a commit to nhomble/openapi-generator that referenced this issue May 18, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
dad7e99 
…rator into OpenAPIToolsgh-1975-V
@nhomble nhomble linked a pull request May 19, 2020 that will close this issue
Open
5 tasks
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jun 24, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
74cf997 
…rator into OpenAPIToolsgh-1975-VI

� Conflicts:
�	bin/spring-all-petstore.sh
�	modules/openapi-generator/src/test/java/org/openapitools/codegen/java/spring/SpringCodegenTest.java
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jun 24, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
ddb8d92 
…rator into OpenAPIToolsgh-1975-VI
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jun 29, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
a6cbc34 
…rator into OpenAPIToolsgh-1975-VI
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jun 29, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
b414d60 
…rator into OpenAPIToolsgh-1975-VI
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jul 1, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
2be06bf 
…rator into OpenAPIToolsgh-1975-VI
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jul 2, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
b3b494f 
…rator into OpenAPIToolsgh-1975-VI

� Conflicts:
�	bin/spring-all-petstore.sh
�	modules/openapi-generator/src/test/java/org/openapitools/codegen/java/spring/SpringCodegenTest.java
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jul 2, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
32aee59 
…rator into OpenAPIToolsgh-1975-VI
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jul 2, 2020
@nhomble
Merge remote-tracking branch 'origin/OpenAPIToolsgh-1975-VI' into Ope…
f71c011 
…nAPIToolsgh-1975-VI

# Conflicts:
#	bin/spring-all-petstore.sh
#	modules/openapi-generator/src/test/java/org/openapitools/codegen/java/spring/SpringCodegenTest.java
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jul 4, 2020
@nhomble
Merge branch 'master' of https://github.com/OpenAPITools/openapi-gene…
152f691 
…rator into OpenAPIToolsgh-1975-VI
nhomble added a commit to nhomble/openapi-generator that referenced this issue Jul 4, 2020
@nhomble
Merge branch 'OpenAPIToolsgh-1975-VI' of https://github.com/nhomble/o…
9d75b1a 
…penapi-generator into OpenAPIToolsgh-1975-VI
@huehnerlady
Copy link

Hi, in my opinion this pull request #6358 should NOT close the issue about the oauth2 as it is not fixing the kotlin-spring and this is referenced here as well.

Also happy to create a seperate issue for the kotlin-spring if that is requestes

@ghost
Copy link

ghost commented May 25, 2021

Hi there.

There is quite sometime since last comment on this issue? Any progress on this?

@netaravind
Copy link

@epochcoder I tried with having the @PreAuthorize on a controller implementation and all the Spring mvc mappings on an interface and this one has worked like a charm. BTW, I have used Spring mvc 5.3.6 and Spring boot started security 2.4.5.
Can you explain your scenario to understand better?

@JeanRouillier
Copy link

JeanRouillier commented Feb 4, 2022
edited
Loading

Hello team,

Just for clarification, does this mean that when you specify a endpoint with scope restrictions.
The generated interface has all @AuthorizationScope associated to scopes described on the openapi. BUT there is no links to some spring security @PreAuthorize("#xx.hasScope('MY_SCOPE')").

Or may be I missed something.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancement: Feature
Projects
None yet
Milestone
No milestone
5 participants
@epochcoder @mikezx6r @huehnerlady @netaravind @JeanRouillier