From ba0e0ca860878cdb92c1af84fd7d2dd6f9d2a4b3 Mon Sep 17 00:00:00 2001 From: Michael Anstis Date: Mon, 24 Jul 2023 14:44:15 +0100 Subject: [PATCH 1/3] KOGITO-9625: Upgrade quarkus-openapi-generator to 1.3.8 --- kogito-build/kogito-dependencies-bom/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kogito-build/kogito-dependencies-bom/pom.xml b/kogito-build/kogito-dependencies-bom/pom.xml index 4173d8cd807..7257ecc1b3c 100644 --- a/kogito-build/kogito-dependencies-bom/pom.xml +++ b/kogito-build/kogito-dependencies-bom/pom.xml @@ -29,7 +29,7 @@ 2.4.10 1.0.0-preview.20220705 1.1.0 - 1.2.1 + 1.3.8 0.0.3 1.1.5 0.0.8 From c2633a8e1ade34e355b4fbd787b48ed3ee984b5e Mon Sep 17 00:00:00 2001 From: Michael Anstis Date: Wed, 26 Jul 2023 21:42:22 +0100 Subject: [PATCH 2/3] Fix failing tests. --- .../quarkus/it/openapi/client/ApiWithSecurityContextIT.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java index 79683e48905..7d31fd8b334 100644 --- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java @@ -64,7 +64,7 @@ void verifyAuthHeadersOpenApi2_0() { // verify if the headers were correctly sent authWithApiKeyServer2 .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_20.getPath())) - .withHeader("X-Client-Id", matching("12345")) + .withHeader("X-Client-Id", matching("Basic amF2aWVyaXRvOmZ1bGFuaXRv")) .withHeader("Authorization", matching("Basic amF2aWVyaXRvOmZ1bGFuaXRv"))); } @@ -84,7 +84,7 @@ void verifyAuthHeadersOpenApi3_0() { authWithApiKeyServer3 .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_30.getPath())) - .withHeader("X-Client-Id", matching("12345")) + .withHeader("X-Client-Id", matching("Bearer mytoken,Bearer mytoken,Bearer")) .withHeader("Authorization", matching("Bearer mytoken"))); } From 7a9e0d0332f9bdb6098e8c965a7b7336d4d9b8b2 Mon Sep 17 00:00:00 2001 From: Michael Anstis Date: Fri, 28 Jul 2023 09:06:31 +0100 Subject: [PATCH 3/3] Add Integration Test without Authorization headers to confirm X-Client-Id header overrides. --- .../src/main/resources/application.properties | 3 ++ .../resources/openapi2-sec-no-auth.sw.json | 26 ++++++++++ .../resources/openapi3-sec-no-auth.sw.json | 26 ++++++++++ .../specs/openapi3.0-security-no-auth.yaml | 31 +++++++++++ .../specs/swagger2.0-security-no-auth.yaml | 51 +++++++++++++++++++ .../client/ApiWithSecurityContextIT.java | 41 +++++++++++++++ .../client/mocks/AuthSecurityMockService.java | 8 ++- .../client/mocks/MockServiceConfigurer.java | 3 ++ 8 files changed, 188 insertions(+), 1 deletion(-) create mode 100644 quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi2-sec-no-auth.sw.json create mode 100644 quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi3-sec-no-auth.sw.json create mode 100644 quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/openapi3.0-security-no-auth.yaml create mode 100644 quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/swagger2.0-security-no-auth.yaml diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties index 3a44e388c24..195a91c0bc9 100644 --- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/application.properties @@ -10,7 +10,10 @@ quarkus.openapi-generator.swagger2_0_security_yaml.auth.client_id.api-key=12345 quarkus.openapi-generator.swagger2_0_security_yaml.auth.basicAuth.username=javierito quarkus.openapi-generator.swagger2_0_security_yaml.auth.basicAuth.password=fulanito +quarkus.openapi-generator.swagger2_0_security_no_auth_yaml.auth.client_id.api-key=12345 + quarkus.openapi-generator.openapi3_0_security_yaml.auth.client_id.api-key=12345 +quarkus.openapi-generator.openapi3_0_security_no_auth_yaml.auth.client_id.api-key=12345 # Configured by the tests #quarkus.rest-client.openapi3_0_security_yaml.url=http://localhost:8382 #quarkus.oidc-client.oauth.auth-server-url=http://localhost:8382 diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi2-sec-no-auth.sw.json b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi2-sec-no-auth.sw.json new file mode 100644 index 00000000000..43e07be3d8c --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi2-sec-no-auth.sw.json @@ -0,0 +1,26 @@ +{ + "id": "sec20noAuth", + "version": "1.0", + "name": "Create a thing in the third-party API", + "start": "DoAppCreate", + "functions": [ + { + "name": "create", + "operation": "specs/swagger2.0-security-no-auth.yaml#myapp.create" + } + ], + "states": [ + { + "name": "DoAppCreate", + "type": "operation", + "actions": [ + { + "functionRef": { + "refName": "create" + } + } + ], + "end": true + } + ] +} diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi3-sec-no-auth.sw.json b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi3-sec-no-auth.sw.json new file mode 100644 index 00000000000..5346d56841a --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/openapi3-sec-no-auth.sw.json @@ -0,0 +1,26 @@ +{ + "id": "sec30noAuth", + "version": "1.0", + "name": "Create a thing in the third-party API", + "start": "DoAppCreate", + "functions": [ + { + "name": "create", + "operation": "specs/openapi3.0-security-no-auth.yaml#doOperation" + } + ], + "states": [ + { + "name": "DoAppCreate", + "type": "operation", + "actions": [ + { + "functionRef": { + "refName": "create" + } + } + ], + "end": true + } + ] +} diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/openapi3.0-security-no-auth.yaml b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/openapi3.0-security-no-auth.yaml new file mode 100644 index 00000000000..c7005366c12 --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/openapi3.0-security-no-auth.yaml @@ -0,0 +1,31 @@ +--- +openapi: 3.0.3 +info: + title: Generated API + version: "1.0" +paths: + /unprotected: + post: + operationId: doOperation + security: + - client_id: [ ] + - oauth: [ read, write ] + - bearerAuth: [ ] + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/MultiplicationOperation' + responses: + "200": + description: OK +components: + schemas: + MultiplicationOperation: + type: object + securitySchemes: + client_id: + type: apiKey + in: header + name: X-Client-Id + x-key-type: clientId diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/swagger2.0-security-no-auth.yaml b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/swagger2.0-security-no-auth.yaml new file mode 100644 index 00000000000..d4bcb31e98e --- /dev/null +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/main/resources/specs/swagger2.0-security-no-auth.yaml @@ -0,0 +1,51 @@ +swagger: '2.0' +info: + title: myapp + version: 2.0.0 +basePath: / +paths: + /unprotected: + post: + tags: + - myapp + summary: Create a new instance of the model and persist it into the data source. + operationId: myapp.create + parameters: + - name: data + in: body + #description: Model instance data + required: false + schema: + #description: Model instance data + $ref: '#/definitions/myapp' + responses: + '201': + description: Request was successful + schema: + $ref: '#/definitions/myapp' + deprecated: false +definitions: + myapp: + #description: '' + properties: + userid: + type: string + required: + - userid + additionalProperties: false +schemes: + - https +consumes: + - application/json +produces: + - application/json +securityDefinitions: + client_id: + type: apiKey + in: header + name: X-Client-Id + x-key-type: clientId +security: + - client_id: [ ] +tags: + - name: myapp diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java index 7d31fd8b334..07d9e85546e 100644 --- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/ApiWithSecurityContextIT.java @@ -41,6 +41,8 @@ class ApiWithSecurityContextIT { // injected by quarkus WireMockServer authWithApiKeyServer2; WireMockServer authWithApiKeyServer3; + WireMockServer authWithApiKeyServer2NoAuth; + WireMockServer authWithApiKeyServer3NoAuth; @BeforeAll static void init() { @@ -68,6 +70,26 @@ void verifyAuthHeadersOpenApi2_0() { .withHeader("Authorization", matching("Basic amF2aWVyaXRvOmZ1bGFuaXRv"))); } + @Test + void verifyAuthHeadersOpenApi2_0NoAuth() { + given() + .contentType(ContentType.JSON) + .when() + .body( + Collections + .singletonMap( + "workflowdata", + Collections.singletonMap("foo", "bar"))) + .post("/sec20noAuth") + .then() + .statusCode(201); + + // verify if the headers were correctly sent + authWithApiKeyServer2NoAuth + .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_20_NO_AUTH.getPath())) + .withHeader("X-Client-Id", matching("12345"))); + } + @Test void verifyAuthHeadersOpenApi3_0() { given() @@ -88,4 +110,23 @@ void verifyAuthHeadersOpenApi3_0() { .withHeader("Authorization", matching("Bearer mytoken"))); } + @Test + void verifyAuthHeadersOpenApi3_0NoAuth() { + given() + .contentType(ContentType.JSON) + .when() + .body( + Collections + .singletonMap( + "workflowdata", + Collections.singletonMap("foo", "bar"))) + .post("/sec30noAuth") + .then() + .statusCode(201); + + authWithApiKeyServer3NoAuth + .verify(postRequestedFor(urlEqualTo(AuthSecurityMockService.SEC_30_NO_AUTH.getPath())) + .withHeader("X-Client-Id", matching("12345"))); + } + } diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java index 6254478a7e2..cdce19434e8 100644 --- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/AuthSecurityMockService.java @@ -29,8 +29,14 @@ public class AuthSecurityMockService extends MockServiceConfigurer { public static final MockServerConfig SEC_30 = new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/", "authWithApiKeyServer3"); + public static final MockServerConfig SEC_20_NO_AUTH = + new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/unprotected", "authWithApiKeyServer2NoAuth"); + + public static final MockServerConfig SEC_30_NO_AUTH = + new MockServerConfig(SocketUtils.findAvailablePort(), "{}", "/unprotected", "authWithApiKeyServer3NoAuth"); + public AuthSecurityMockService() { - super(SEC_20, SEC_30); + super(SEC_20, SEC_30, SEC_20_NO_AUTH, SEC_30_NO_AUTH); } } diff --git a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java index 9ba6d30a1e3..fdbb29b3617 100644 --- a/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java +++ b/quarkus/integration-tests/integration-tests-quarkus-openapi-client/src/test/java/org/kie/kogito/quarkus/it/openapi/client/mocks/MockServiceConfigurer.java @@ -62,8 +62,11 @@ public final Map start() { }); final Map properties = new HashMap<>(); properties.put("quarkus.rest-client.swagger2_0_security_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_20.getPort() + "/iq9MzY"); + properties.put("quarkus.rest-client.swagger2_0_security_no_auth_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_20_NO_AUTH.getPort()); + properties.put("quarkus.rest-client.openapi3_0_security_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_30.getPort()); properties.put("quarkus.oidc-client.oauth.auth-server-url", "http://localhost:" + AuthSecurityMockService.SEC_30.getPort()); + properties.put("quarkus.rest-client.openapi3_0_security_no_auth_yaml.url", "http://localhost:" + AuthSecurityMockService.SEC_30_NO_AUTH.getPort()); return properties; }