Skip to content

Improvements for authorization classes generation. #2132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: 6.16.x
Choose a base branch
from
Open

Improvements for authorization classes generation. #2132

wants to merge 1 commit into from

Conversation

altro3
Copy link
Collaborator

@altro3 altro3 commented May 17, 2025

Fixed #2115

@altro3
Copy link
Collaborator Author

altro3 commented May 17, 2025
edited
Loading

So, what has changed:

  1. Now, in order for you to have no problems with filters and request attributes, just set the clientId in the generator settings. After that, the filter will be applied ONLY for requests of this client. Just in case, the attribute also now includes the clientId . In addition, the HttpBasicAuthConfig and ApiKeyAuthConfig classes are now also tied to the clientId and look like this: @EachProperty("security.<clientId>.api-key-auth") and @EachProperty("security.<clientId>.basic-auth")

The final configuration will look something like this:

    openapi {
        version = ver.openapi
        client("client1", file("swagger.yml")) {
            clientId = "client1"
            apiPackageName = "com.generated.client1.api"
            modelPackageName = "com.generated.client1.model"
            invokerPackageName = "com.generated.client1.auth"
            useAuth = true
        }
        client("client2", file("swagger2.yml")) {
            clientId = "client2"
            authorizationFilterPattern = "/test;/different/simple/path/**;/something/else"
            apiPackageName = "com.generated.client2.api"
            modelPackageName = "com.generated.client2.model"
            invokerPackageName = "com.generated.client2.auth"
            useAuth = true
        }
    }
  1. The second method, more complicated: use a single configuration and a single filter for all clients:

To do this, generate the configuration and filter only in one of the clients, in all the others, disable the generation of Authorization classes. Next, set a single invockerPackage package in all clients.

This way, the configuration and filter will be in a single instance, and in the other clients, only the @authorization annotation will be set above the methods in the client.

The final configuration will look something like this:

    openapi {
        version = ver.openapi
        client("client", file("swagger.yml")) {
            apiPackageName = "com.generated.client1.api"
            modelPackageName = "com.generated.client1.model"
            invokerPackageName = "com.generated.auth"
            useAuth = true
        }
        client("client2", file("swagger2.yml")) {
            authorizationFilterPattern = "/test;/different/simple/path/**;/something/else"
            apiPackageName = "com.generated.client2.api"
            modelPackageName = "com.generated.client2.model"
            invokerPackageName = "com.generated.auth"
            useAuth = true
            additionalProperties = [
                    generateAuthClasses: false
            ]
        }
    }

As you see invokerPackageName the same for both clients

  1. The third method: use a configuration for set of clients and a single filter for selected clients:

To do this, generate the configuration and filter only in one of the clients, in all the others, disable the generation of Authorization classes. Next, set a single invockerPackage package in all clients.

This way, the configuration and filter will be in a single instance, and in the other clients, only the @authorization annotation will be set above the methods in the client.

The final configuration will look something like this:

    openapi {
        version = ver.openapi
        client("client", file("swagger.yml")) {
            clientId = "client1"
            apiPackageName = "com.generated.client1.api"
            modelPackageName = "com.generated.client1.model"
            invokerPackageName = "com.generated.auth"
            useAuth = true
            additionalProperties = [
                    authFilterClientIds : ["client1", "client2"]
            ]
        }
        client("client2", file("swagger2.yml")) {
            clientId = "client2"
            authorizationFilterPattern = "/test;/different/simple/path/**;/something/else"
            apiPackageName = "com.generated.client2.api"
            modelPackageName = "com.generated.client2.model"
            invokerPackageName = "com.generated.auth"
            useAuth = true
            additionalProperties = [
                    generateAuthClasses: false
            ]
        }
    }

Also I've added some helpfull properties:

    useOauth = true // Generate AuthorizationFilter with support OAuth2.0 or not.
    useBasicAuth = true // Generate HttpBasicAuthConfig class or not
    useApiKeyAuth = true // Generate ApiKeyAuthConfigclass or not
    authFilter = true // Generate AuthorizationFilter or not
    generateAuthClasses = true // Generate authorization classes or not. If "false" annotaion will be added only in Client class, but you need to create annotation class yourself

    authConfigName = test // This value will be used in generated configuration path and `AUTHORIZATION_NAMES`  request attribute. This is useful, if you use this AuthFilter for several clients

    authFilterClientIds = client1;client2 // List of client IDs for which this filter will be applied. This is useful if you use multiple clients to different internal microservices that share common authentication, such as an API KEY.
    authFilterExcludedClientIds = "client3", "client4" // List client IDs for which this filter will NOT be applied
    authorizationFilterPatternStyle = regex // Pattern style for Authorization filter. Available options: ANT (default), REGEX

@altro3 altro3 requested review from graemerocher and sdelamo May 17, 2025 08:09
@altro3 altro3 added the type: improvement A minor improvement to an existing feature label May 17, 2025
@altro3 altro3 mentioned this pull request May 18, 2025
Closed
@altro3 altro3 force-pushed the improvements-in-generated-authorization branch 5 times, most recently from c2fd906 to 5b3cc27 Compare May 20, 2025 11:17
@altro3 altro3 force-pushed the improvements-in-generated-authorization branch from 5b3cc27 to 118d94d Compare May 23, 2025 13:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@graemerocher graemerocher Awaiting requested review from graemerocher

@sdelamo sdelamo Awaiting requested review from sdelamo

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
type: improvement A minor improvement to an existing feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Gradle generation of two clients with enabled auth cause errors in runtime
1 participant
@altro3