KOGITO-9625: Upgrade quarkus-openapi-generator to 1.3.8 (#3130)

* KOGITO-9625: Upgrade quarkus-openapi-generator to 1.3.8

kogito-build/kogito-dependencies-bom/pom.xml

@@ -29,7 +29,7 @@
     <version.net.minidev.jsonsmart>2.4.10</version.net.minidev.jsonsmart>
     <version.net.thisptr.jackson-jq>1.0.0-preview.20220705</version.net.thisptr.jackson-jq>
     <version.io.quarkiverse.jackson-jq>1.1.0</version.io.quarkiverse.jackson-jq>
-    <version.io.quarkiverse.openapi.generator>1.2.1</version.io.quarkiverse.openapi.generator>
+    <version.io.quarkiverse.openapi.generator>1.3.8</version.io.quarkiverse.openapi.generator>
     <version.io.quarkiverse.asyncapi>0.0.3</version.io.quarkiverse.asyncapi>
     <version.io.quarkiverse.reactivemessaging.http>1.1.5</version.io.quarkiverse.reactivemessaging.http>
     <version.io.quarkiverse.embedded.postgresql>0.0.8</version.io.quarkiverse.embedded.postgresql>

quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties

@@ -10,7 +10,10 @@ quarkus.openapi-generator.swagger2_0_security_yaml.auth.client_id.api-key=12345
 quarkus.openapi-generator.swagger2_0_security_yaml.auth.basicAuth.username=javierito
 quarkus.openapi-generator.swagger2_0_security_yaml.auth.basicAuth.password=fulanito
 
+quarkus.openapi-generator.swagger2_0_security_no_auth_yaml.auth.client_id.api-key=12345
+
 quarkus.openapi-generator.openapi3_0_security_yaml.auth.client_id.api-key=12345
+quarkus.openapi-generator.openapi3_0_security_no_auth_yaml.auth.client_id.api-key=12345
 # Configured by the tests
 #quarkus.rest-client.openapi3_0_security_yaml.url=http://localhost:8382
 #quarkus.oidc-client.oauth.auth-server-url=http://localhost:8382

quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi2-sec-no-auth.sw.json

@@ -0,0 +1,26 @@
+{
+  "id": "sec20noAuth",
+  "version": "1.0",
+  "name": "Create a thing in the third-party API",
+  "start": "DoAppCreate",
+  "functions": [
+    {
+      "name": "create",
+      "operation": "specs/swagger2.0-security-no-auth.yaml#myapp.create"
+    }
+  ],
+  "states": [
+    {
+      "name": "DoAppCreate",
+      "type": "operation",
+      "actions": [
+        {
+          "functionRef": {
+            "refName": "create"
+          }
+        }
+      ],
+      "end": true
+    }
+  ]
+}

quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi3-sec-no-auth.sw.json

@@ -0,0 +1,26 @@
+{
+  "id": "sec30noAuth",
+  "version": "1.0",
+  "name": "Create a thing in the third-party API",
+  "start": "DoAppCreate",
+  "functions": [
+    {
+      "name": "create",
+      "operation": "specs/openapi3.0-security-no-auth.yaml#doOperation"
+    }
+  ],
+  "states": [
+    {
+      "name": "DoAppCreate",
+      "type": "operation",
+      "actions": [
+        {
+          "functionRef": {
+            "refName": "create"
+          }
+        }
+      ],
+      "end": true
+    }
+  ]
+}

quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/openapi3.0-security-no-auth.yaml

@@ -0,0 +1,31 @@
+---
+openapi: 3.0.3
+info:
+  title: Generated API
+  version: "1.0"
+paths:
+  /unprotected:
+    post:
+      operationId: doOperation
+      security:
+        - client_id: [ ]
+        - oauth: [ read, write ]
+        - bearerAuth: [ ]
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/MultiplicationOperation'
+      responses:
+        "200":
+          description: OK
+components:
+  schemas:
+    MultiplicationOperation:
+      type: object
+  securitySchemes:
+    client_id:
+      type: apiKey
+      in: header
+      name: X-Client-Id
+      x-key-type: clientId

quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/swagger2.0-security-no-auth.yaml

@@ -0,0 +1,51 @@
+swagger: '2.0'
+info:
+  title: myapp
+  version: 2.0.0
+basePath: /
+paths:
+  /unprotected:
+    post:
+      tags:
+        - myapp
+      summary: Create a new instance of the model and persist it into the data source.
+      operationId: myapp.create
+      parameters:
+        - name: data
+          in: body
+          #description: Model instance data
+          required: false
+          schema:
+            #description: Model instance data
+            $ref: '#/definitions/myapp'
+      responses:
+        '201':
+          description: Request was successful
+          schema:
+            $ref: '#/definitions/myapp'
+      deprecated: false
+definitions:
+  myapp:
+    #description: ''
+    properties:
+      userid:
+        type: string
+    required:
+      - userid
+    additionalProperties: false
+schemes:
+  - https
+consumes:
+  - application/json
+produces:
+  - application/json
+securityDefinitions:
+  client_id:
+    type: apiKey
+    in: header
+    name: X-Client-Id
+    x-key-type: clientId
+security:
+  - client_id: [ ]
+tags:
+  - name: myapp

quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java

@@ -41,6 +41,8 @@ class ApiWithSecurityContextIT {
     // injected by quarkus
     WireMockServer authWithApiKeyServer2;
     WireMockServer authWithApiKeyServer3;
+    WireMockServer authWithApiKeyServer2NoAuth;
+    WireMockServer authWithApiKeyServer3NoAuth;
 
     @BeforeAll
     static void init() {
@@ -64,10 +66,30 @@ void verifyAuthHeadersOpenApi2_0() {
         // verify if the headers were correctly sent
         authWithApiKeyServer2
                 .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_20.getPath()))
-                        .withHeader("X-Client-Id", matching("12345"))
+                        .withHeader("X-Client-Id", matching("Basic amF2aWVyaXRvOmZ1bGFuaXRv"))
                         .withHeader("Authorization", matching("Basic amF2aWVyaXRvOmZ1bGFuaXRv")));
     }
 
+    @Test
+    void verifyAuthHeadersOpenApi2_0NoAuth() {
+        given()
+                .contentType(ContentType.JSON)
+                .when()
+                .body(
+                        Collections
+                                .singletonMap(
+                                        "workflowdata",
+                                        Collections.singletonMap("foo", "bar")))
+                .post("/sec20noAuth")
+                .then()
+                .statusCode(201);
+
+        // verify if the headers were correctly sent
+        authWithApiKeyServer2NoAuth
+                .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_20_NO_AUTH.getPath()))
+                        .withHeader("X-Client-Id", matching("12345")));
+    }
+
     @Test
     void verifyAuthHeadersOpenApi3_0() {
         given()
@@ -84,8 +106,27 @@ void verifyAuthHeadersOpenApi3_0() {
 
         authWithApiKeyServer3
                 .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_30.getPath()))
-                        .withHeader("X-Client-Id", matching("12345"))
+                        .withHeader("X-Client-Id", matching("Bearer mytoken,Bearer mytoken,Bearer"))
                         .withHeader("Authorization", matching("Bearer mytoken")));
     }
 
+    @Test
+    void verifyAuthHeadersOpenApi3_0NoAuth() {
+        given()
+                .contentType(ContentType.JSON)
+                .when()
+                .body(
+                        Collections
+                                .singletonMap(
+                                        "workflowdata",
+                                        Collections.singletonMap("foo", "bar")))
+                .post("/sec30noAuth")
+                .then()
+                .statusCode(201);
+
+        authWithApiKeyServer3NoAuth
+                .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_30_NO_AUTH.getPath()))
+                        .withHeader("X-Client-Id", matching("12345")));
+    }
+
 }

quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java

@@ -29,8 +29,14 @@ public class AuthSecurityMockService extends MockServiceConfigurer {
     public static final MockServerConfig SEC_30 =
             new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/", "authWithApiKeyServer3");
 
+    public static final MockServerConfig SEC_20_NO_AUTH =
+            new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/unprotected", "authWithApiKeyServer2NoAuth");
+
+    public static final MockServerConfig SEC_30_NO_AUTH =
+            new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/unprotected", "authWithApiKeyServer3NoAuth");
+
     public AuthSecurityMockService() {
-        super(SEC_20, SEC_30);
+        super(SEC_20, SEC_30, SEC_20_NO_AUTH, SEC_30_NO_AUTH);
     }
 
 }

quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java

@@ -62,8 +62,11 @@ public final Map<String, String> start() {
         });
         final Map<String, String> properties = new HashMap<>();
         properties.put("quarkus.rest-client.swagger2_0_security_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_20.getPort() + "/iq9MzY");
+        properties.put("quarkus.rest-client.swagger2_0_security_no_auth_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_20_NO_AUTH.getPort());
+
         properties.put("quarkus.rest-client.openapi3_0_security_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_30.getPort());
         properties.put("quarkus.oidc-client.oauth.auth-server-url", "http://localhost:" + AuthSecurityMockService.SEC_30.getPort());
+        properties.put("quarkus.rest-client.openapi3_0_security_no_auth_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_30_NO_AUTH.getPort());
         return properties;
     }