feat:add swagger exposure filters. (#1144)

CHANGELOG.md

@@ -7,3 +7,4 @@
 - [refactor:optimize the order and condition matching of service registration automatic configuration.](https://github.com/Tencent/spring-cloud-tencent/pull/1133)
 - [feat:support service contract reporting.](https://github.com/Tencent/spring-cloud-tencent/pull/1135)
 - [feat: support log path configuration parameters.](https://github.com/Tencent/spring-cloud-tencent/pull/1143)
+- [feat:add swagger exposure filters.](https://github.com/Tencent/spring-cloud-tencent/pull/1144)

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/PolarisContractReporter.java

@@ -36,32 +36,33 @@
 import org.slf4j.LoggerFactory;
 import springfox.documentation.service.Documentation;
 import springfox.documentation.spring.web.DocumentationCache;
-import springfox.documentation.spring.web.json.JsonSerializer;
 import springfox.documentation.swagger2.mappers.ServiceModelToSwagger2Mapper;
 
 import org.springframework.boot.context.event.ApplicationReadyEvent;
 import org.springframework.context.ApplicationListener;
 import org.springframework.lang.NonNull;
 import org.springframework.util.CollectionUtils;
 
+/**
+ * Polaris contract reporter.
+ *
+ * @author Haotian Zhang
+ */
 public class PolarisContractReporter implements ApplicationListener<ApplicationReadyEvent> {
 
 	private final Logger LOG = LoggerFactory.getLogger(PolarisContractReporter.class);
 	private final ServiceModelToSwagger2Mapper swagger2Mapper;
 	private final DocumentationCache documentationCache;
-	private final JsonSerializer jsonSerializer;
 	private final String groupName;
 
 	private final ProviderAPI providerAPI;
 
 	private final PolarisDiscoveryProperties polarisDiscoveryProperties;
 
 	public PolarisContractReporter(DocumentationCache documentationCache, ServiceModelToSwagger2Mapper swagger2Mapper,
-			JsonSerializer jsonSerializer, String groupName, ProviderAPI providerAPI,
-			PolarisDiscoveryProperties polarisDiscoveryProperties) {
+			String groupName, ProviderAPI providerAPI, PolarisDiscoveryProperties polarisDiscoveryProperties) {
 		this.swagger2Mapper = swagger2Mapper;
 		this.documentationCache = documentationCache;
-		this.jsonSerializer = jsonSerializer;
 		this.groupName = groupName;
 		this.providerAPI = providerAPI;
 		this.polarisDiscoveryProperties = polarisDiscoveryProperties;

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/config/ContractProperties.java

@@ -43,4 +43,8 @@ public interface ContractProperties {
 	String getBasePath();
 
 	void setBasePath(String basePath);
+
+	boolean isExposure();
+
+	void setExposure(boolean exposure);
 }

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/config/PolarisContractProperties.java

@@ -51,6 +51,8 @@ public class PolarisContractProperties implements ContractProperties {
 	 */
 	private String basePath = "/**";
 
+	private boolean exposure = true;
+
 	public PolarisContractProperties(@Nullable ExtendedContractProperties extendContractProperties) {
 		this.extendContractProperties = extendContractProperties;
 	}
@@ -119,4 +121,17 @@ public String getBasePath() {
 	public void setBasePath(String basePath) {
 		this.basePath = basePath;
 	}
+
+	@Override
+	public boolean isExposure() {
+		if (Objects.nonNull(extendContractProperties)) {
+			return extendContractProperties.isExposure();
+		}
+		return exposure;
+	}
+
+	@Override
+	public void setExposure(boolean exposure) {
+		this.exposure = exposure;
+	}
 }

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/config/PolarisSwaggerAutoConfiguration.java

@@ -27,13 +27,14 @@
 import com.tencent.cloud.polaris.context.PolarisSDKContextManager;
 import com.tencent.cloud.polaris.contract.PolarisContractReporter;
 import com.tencent.cloud.polaris.contract.PolarisSwaggerApplicationListener;
+import com.tencent.cloud.polaris.contract.filter.ApiDocServletFilter;
+import com.tencent.cloud.polaris.contract.filter.ApiDocWebFluxFilter;
 import com.tencent.cloud.polaris.contract.utils.PackageUtil;
 import springfox.boot.starter.autoconfigure.OpenApiAutoConfiguration;
 import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.service.Contact;
 import springfox.documentation.spi.DocumentationType;
 import springfox.documentation.spring.web.DocumentationCache;
-import springfox.documentation.spring.web.json.JsonSerializer;
 import springfox.documentation.spring.web.plugins.Docket;
 import springfox.documentation.swagger2.mappers.ServiceModelToSwagger2Mapper;
 
@@ -45,6 +46,11 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 
+/**
+ * Auto configuration for Polaris swagger.
+ *
+ * @author Haotian Zhang
+ */
 @Configuration(proxyBeanMethods = false)
 @ConditionalOnPolarisEnabled
 @ConditionalOnProperty(name = "spring.cloud.polaris.contract.enabled", havingValue = "true", matchIfMissing = true)
@@ -112,12 +118,11 @@ public Docket polarisDocket(PolarisContractProperties polarisContractProperties)
 	@Bean
 	@ConditionalOnBean(Docket.class)
 	@ConditionalOnMissingBean
-	public PolarisContractReporter polarisApiMetadataGrapher(DocumentationCache documentationCache,
-			ServiceModelToSwagger2Mapper swagger2Mapper, JsonSerializer jsonSerializer,
-			PolarisContractProperties polarisContractProperties, PolarisSDKContextManager polarisSDKContextManager,
-			PolarisDiscoveryProperties polarisDiscoveryProperties) {
-		return new PolarisContractReporter(documentationCache, swagger2Mapper, jsonSerializer,
-				polarisContractProperties.getGroup(), polarisSDKContextManager.getProviderAPI(), polarisDiscoveryProperties);
+	public PolarisContractReporter polarisContractReporter(DocumentationCache documentationCache,
+			ServiceModelToSwagger2Mapper swagger2Mapper, PolarisContractProperties polarisContractProperties,
+			PolarisSDKContextManager polarisSDKContextManager, PolarisDiscoveryProperties polarisDiscoveryProperties) {
+		return new PolarisContractReporter(documentationCache, swagger2Mapper, polarisContractProperties.getGroup(),
+				polarisSDKContextManager.getProviderAPI(), polarisDiscoveryProperties);
 	}
 
 	@Bean
@@ -132,7 +137,10 @@ public PolarisSwaggerApplicationListener polarisSwaggerApplicationListener() {
 	@Configuration(proxyBeanMethods = false)
 	@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
 	protected static class SwaggerServletConfig {
-
+		@Bean
+		public ApiDocServletFilter apiDocServletFilter(PolarisContractProperties polarisContractProperties) {
+			return new ApiDocServletFilter(polarisContractProperties);
+		}
 	}
 
 	/**
@@ -142,6 +150,9 @@ protected static class SwaggerServletConfig {
 	@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
 	protected static class SwaggerReactiveConfig {
 
-
+		@Bean
+		public ApiDocWebFluxFilter apiDocWebFluxFilter(PolarisContractProperties polarisContractProperties) {
+			return new ApiDocWebFluxFilter(polarisContractProperties);
+		}
 	}
 }

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/filter/ApiDocServletFilter.java

@@ -0,0 +1,73 @@
+/*
+ * Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ * Licensed under the BSD 3-Clause License (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.cloud.polaris.contract.filter;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import com.tencent.cloud.polaris.contract.config.PolarisContractProperties;
+
+import org.springframework.lang.NonNull;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_RESOURCE_PREFIX;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_UI_V2_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_UI_V3_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_V2_API_DOC_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_V3_API_DOC_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_WEBJARS_V2_PREFIX;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_WEBJARS_V3_PREFIX;
+
+/**
+ * Filter to disable api doc controller.
+ *
+ * @author Haotian Zhang
+ */
+public class ApiDocServletFilter extends OncePerRequestFilter {
+
+	private final PolarisContractProperties polarisContractProperties;
+
+	public ApiDocServletFilter(PolarisContractProperties polarisContractProperties) {
+		this.polarisContractProperties = polarisContractProperties;
+	}
+
+	@Override
+	public void doFilterInternal(@NonNull HttpServletRequest httpServletRequest,
+			@NonNull HttpServletResponse httpServletResponse, @NonNull FilterChain filterChain)
+			throws ServletException, IOException {
+		if (!polarisContractProperties.isExposure()) {
+			String path = httpServletRequest.getServletPath();
+			if (path.startsWith(SWAGGER_V2_API_DOC_URL) ||
+					path.startsWith(SWAGGER_V3_API_DOC_URL) ||
+					path.startsWith(SWAGGER_UI_V2_URL) ||
+					path.startsWith(SWAGGER_UI_V3_URL) ||
+					path.startsWith(SWAGGER_RESOURCE_PREFIX) ||
+					path.startsWith(SWAGGER_WEBJARS_V2_PREFIX) ||
+					path.startsWith(SWAGGER_WEBJARS_V3_PREFIX)) {
+				httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
+				return;
+			}
+		}
+		filterChain.doFilter(httpServletRequest, httpServletResponse);
+	}
+}
+

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/filter/ApiDocWebFluxFilter.java

@@ -0,0 +1,71 @@
+/*
+ * Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ * Licensed under the BSD 3-Clause License (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.cloud.polaris.contract.filter;
+
+
+import com.tencent.cloud.polaris.contract.config.PolarisContractProperties;
+import reactor.core.publisher.Mono;
+
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_RESOURCE_PREFIX;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_UI_V2_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_UI_V3_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_V2_API_DOC_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_V3_API_DOC_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_WEBJARS_V2_PREFIX;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_WEBJARS_V3_PREFIX;
+
+/**
+ * Filter to disable api doc controller.
+ *
+ * @author Haotian Zhang
+ */
+public class ApiDocWebFluxFilter implements WebFilter {
+	private final PolarisContractProperties polarisContractProperties;
+
+	public ApiDocWebFluxFilter(PolarisContractProperties polarisContractProperties) {
+		this.polarisContractProperties = polarisContractProperties;
+	}
+
+	@Override
+	public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
+		if (!polarisContractProperties.isExposure()) {
+			String path = serverWebExchange.getRequest().getURI().getPath();
+			if (path.startsWith(SWAGGER_V2_API_DOC_URL) ||
+					path.startsWith(SWAGGER_V3_API_DOC_URL) ||
+					path.startsWith(SWAGGER_UI_V2_URL) ||
+					path.startsWith(SWAGGER_UI_V3_URL) ||
+					path.startsWith(SWAGGER_RESOURCE_PREFIX) ||
+					path.startsWith(SWAGGER_WEBJARS_V2_PREFIX) ||
+					path.startsWith(SWAGGER_WEBJARS_V3_PREFIX)) {
+				ServerHttpResponse response = serverWebExchange.getResponse();
+				response.setRawStatusCode(HttpStatus.FORBIDDEN.value());
+				DataBuffer dataBuffer = response.bufferFactory().allocateBuffer();
+				return response.writeWith(Mono.just(dataBuffer));
+			}
+		}
+		return webFilterChain.filter(serverWebExchange);
+	}
+}
+

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/filter/FilterConstant.java

@@ -0,0 +1,64 @@
+/*
+ * Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ * Licensed under the BSD 3-Clause License (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.cloud.polaris.contract.filter;
+
+/**
+ * Constant for filter.
+ *
+ * @author Haotian Zhang
+ */
+public final class FilterConstant {
+
+	/**
+	 * Swagger api doc V2 url.
+	 */
+	public static final String SWAGGER_V2_API_DOC_URL = "/v2/api-docs";
+
+	/**
+	 * Swagger api doc V3 url.
+	 */
+	public static final String SWAGGER_V3_API_DOC_URL = "/v3/api-docs";
+
+	/**
+	 * Swagger UI V2 url.
+	 */
+	public static final String SWAGGER_UI_V2_URL = "/swagger-ui.html";
+
+	/**
+	 * Swagger UI V3 url.
+	 */
+	public static final String SWAGGER_UI_V3_URL = "/swagger-ui/index.html";
+
+	/**
+	 * Swagger resource url prefix.
+	 */
+	public static final String SWAGGER_RESOURCE_PREFIX = "/swagger-resource/";
+
+	/**
+	 * Swagger webjars V2 url prefix.
+	 */
+	public static final String SWAGGER_WEBJARS_V2_PREFIX = "/webjars/springfox-swagger-ui/";
+
+	/**
+	 * Swagger webjars V3 url prefix.
+	 */
+	public static final String SWAGGER_WEBJARS_V3_PREFIX = "/webjars/swagger-ui/";
+
+	private FilterConstant() {
+	}
+}

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/utils/PackageUtil.java

@@ -48,7 +48,6 @@ public final class PackageUtil {
 
 	private static final String SPLITTER = ",";
 
-
 	private PackageUtil() {
 	}