1. **Security Configuration**: The SecurityConfiguration class has been updated to include additional security settings:

brocchirodrigo · brocchirodrigo · commit 0fcfe1337f4b · 2025-02-18T09:12:57.000-03:00
* `.pathMatchers("/users/v3/**").permitAll()` and `.pathMatchers("/swagger-ui/**").permitAll()` allow access to certain routes without authentication.
	* `.anyExchange().authenticated()` ensures that all other requests are authenticated.
2. **OpenAPI Configuration**: A new `OpenAPIConfig` class has been added to define the OpenAPI configuration for the project:
	* The `customOpenAPI()` method returns a custom `OpenAPI` instance with additional metadata, such as the title, description, and version.
	* The `components` section defines the security scheme for the API, which includes a "bearer-key" scheme with HTTP bearer format and header location.
3. **Security Scheme**: A new `SecurityScheme` instance has been added to define the security scheme:
	* `.type(SecurityScheme.Type.HTTP)` specifies that the security scheme uses HTTP headers.
	* `.scheme("bearer")` specifies that the security scheme uses the Bearer token.
	* `.bearerFormat("JWT")` specifies that the token format is JSON Web Tokens (JWT).
	* `.in(SecurityScheme.In.HEADER)` specifies that the token should be sent in the `Authorization` header.
diff --git a/pom.xml b/pom.xml
@@ -87,6 +87,11 @@
             <artifactId>spring-security-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webflux-ui</artifactId>
+            <version>2.8.5</version>
+        </dependency>
     </dependencies>
     <dependencyManagement>
         <dependencies>
diff --git a/src/main/java/br/com/imaginer/resqueueuser/adapter/controller/AuthController.java b/src/main/java/br/com/imaginer/resqueueuser/adapter/controller/AuthController.java
@@ -5,10 +5,12 @@
 import br.com.imaginer.resqueueuser.adapter.gateway.keycloak.login.LoginService;
 import br.com.imaginer.resqueueuser.adapter.gateway.keycloak.refresh.RefreshTokenRequest;
 import br.com.imaginer.resqueueuser.adapter.gateway.keycloak.refresh.RefreshTokenService;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import reactor.core.publisher.Mono;
 
+@Tag(name = "Auth")
 @RestController
 @RequestMapping("/auth")
 public class AuthController {
diff --git a/src/main/java/br/com/imaginer/resqueueuser/adapter/controller/AuthTokenController.java b/src/main/java/br/com/imaginer/resqueueuser/adapter/controller/AuthTokenController.java
@@ -1,11 +1,16 @@
 package br.com.imaginer.resqueueuser.adapter.controller;
 
 import br.com.imaginer.resqueueuser.adapter.gateway.keycloak.security.AuthTokenService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import reactor.core.publisher.Mono;
 
+@Slf4j
 @RestController
 @RequestMapping("/auth")
 public class AuthTokenController {
@@ -16,9 +21,10 @@ public AuthTokenController(AuthTokenService authTokenService) {
     this.authTokenService = authTokenService;
   }
 
+  @Operation(hidden = true)
   @GetMapping("/token")
   public Mono<String> getAuthToken() {
     return authTokenService.getAccessToken()
-        .doOnNext(token -> System.out.println("Token JWT: " + token));
+        .doOnNext(token -> log.info("Token JWT: " + token));
   }
 }
diff --git a/src/main/java/br/com/imaginer/resqueueuser/adapter/controller/KeycloakCreateUserController.java b/src/main/java/br/com/imaginer/resqueueuser/adapter/controller/KeycloakCreateUserController.java
@@ -2,10 +2,13 @@
 
 import br.com.imaginer.resqueueuser.adapter.gateway.keycloak.createuser.CreateUserRequestDTO;
 import br.com.imaginer.resqueueuser.adapter.gateway.keycloak.createuser.CreateUserService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.*;
 import reactor.core.publisher.Mono;
 
+@Tag(name = "Create User")
 @RestController
 @RequestMapping("/users")
 public class KeycloakCreateUserController {
@@ -16,6 +19,7 @@ public KeycloakCreateUserController(CreateUserService createUserService) {
     this.createUserService = createUserService;
   }
 
+  @Operation(description = "Create new user.")
   @PostMapping("/create")
   @ResponseStatus(HttpStatus.CREATED)
   public Mono<Void> createUser(@RequestBody CreateUserRequestDTO request) {
diff --git a/src/main/java/br/com/imaginer/resqueueuser/adapter/controller/KeycloakGetUserController.java b/src/main/java/br/com/imaginer/resqueueuser/adapter/controller/KeycloakGetUserController.java
@@ -2,10 +2,14 @@
 
 import br.com.imaginer.resqueueuser.adapter.gateway.keycloak.getuser.GetUserResponse;
 import br.com.imaginer.resqueueuser.adapter.gateway.keycloak.getuser.GetUserService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import reactor.core.publisher.Mono;
 
+@Tag(name = "Keycloak User Details")
 @RestController
 @RequestMapping("/users")
 public class KeycloakGetUserController {
@@ -16,6 +20,7 @@ public KeycloakGetUserController(GetUserService getUserService) {
     this.getUserService = getUserService;
   }
 
+  @Operation(description = "Get user details by email.", security = { @SecurityRequirement(name = "bearer-key") })
   @GetMapping
   public Mono<ResponseEntity<GetUserResponse>> getUser(@RequestParam String email) {
     return getUserService.getUser(email)
diff --git a/src/main/java/br/com/imaginer/resqueueuser/infrastructure/config/CorsConfig.java b/src/main/java/br/com/imaginer/resqueueuser/infrastructure/config/CorsConfig.java
@@ -0,0 +1,27 @@
+package br.com.imaginer.resqueueuser.infrastructure.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
+import org.springframework.web.cors.reactive.CorsWebFilter;
+
+import java.util.List;
+
+@Configuration
+public class CorsConfig {
+
+  @Bean
+  public CorsWebFilter corsWebFilter() {
+    CorsConfiguration corsConfig = new CorsConfiguration();
+    corsConfig.setAllowedOrigins(List.of("http://localhost:8080", "https://gateway.imaginer.com.br"));
+    corsConfig.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+    corsConfig.setAllowedHeaders(List.of("*"));
+    corsConfig.setAllowCredentials(true);
+
+    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+    source.registerCorsConfiguration("/**", corsConfig);
+
+    return new CorsWebFilter(source);
+  }
+}
diff --git a/src/main/java/br/com/imaginer/resqueueuser/infrastructure/config/OpenAPIConfig.java b/src/main/java/br/com/imaginer/resqueueuser/infrastructure/config/OpenAPIConfig.java
@@ -0,0 +1,41 @@
+package br.com.imaginer.resqueueuser.infrastructure.config;
+
+import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Info;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+import io.swagger.v3.oas.models.servers.Server;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.List;
+
+@OpenAPIDefinition
+@Configuration
+public class OpenAPIConfig {
+
+  @Bean
+  public OpenAPI customOpenAPI() {
+    return new OpenAPI().info(new Info()
+        .title("User API Service")
+        .description("User API Service")
+        .version("1.0.0"))
+        .components(
+            new Components()
+                .addSecuritySchemes(
+                    "bearer-key",
+                    new SecurityScheme()
+                        .type(SecurityScheme.Type.HTTP)
+                        .scheme("bearer")
+                        .bearerFormat("JWT")
+                        .in(SecurityScheme.In.HEADER)
+                        .name("Authorization")
+                ))
+                .servers(List.of(
+                    new Server().url("http://localhost:8080").description("Localhost (Desenvolvimento)"),
+                    new Server().url("https://gateway.imaginer.com.br").description("Servidor de Produção")
+                ));
+  }
+}
diff --git a/src/main/java/br/com/imaginer/resqueueuser/infrastructure/config/security/SecurityConfiguration.java b/src/main/java/br/com/imaginer/resqueueuser/infrastructure/config/security/SecurityConfiguration.java
@@ -33,6 +33,9 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
             .pathMatchers("/actuator/**").permitAll()
             .pathMatchers("/users/create").permitAll()
             .pathMatchers("/auth/login/**").permitAll()
+            .pathMatchers("/users/v3/**").permitAll()
+            .pathMatchers("/swagger-ui/**").permitAll()
+            .pathMatchers("/webjars/**").permitAll()
             .anyExchange().authenticated()
 
         ).oauth2ResourceServer(oauth2 -> oauth2
@@ -46,4 +49,5 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
   public ReactiveJwtDecoder jwtDecoder() {
     return ReactiveJwtDecoders.fromIssuerLocation(jwtProperties.getIssuerUri());
   }
+
 }
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -22,3 +22,15 @@ keycloak:
   base-url: ${AUTH_BASE_URL:http://localhost:9000}
   client-id: resqueue-client
   client-secret: ${AUTH_RESQUEUE_CLIENT_SECRET}
+
+springdoc:
+  api-docs:
+    enabled: true
+    path: /users/v3/api-docs
+  swagger-ui:
+    enabled: true
+    path: /docs
+    config-url: /users/v3/api-docs/swagger-config
+    urls:
+      - name: users-service
+        url: /users/v3/api-docs

Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,9 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {`
`33`	`33`	`.pathMatchers("/actuator/**").permitAll()`
`34`	`34`	`.pathMatchers("/users/create").permitAll()`
`35`	`35`	`.pathMatchers("/auth/login/**").permitAll()`
	`36`	`+ .pathMatchers("/users/v3/**").permitAll()`
	`37`	`+ .pathMatchers("/swagger-ui/**").permitAll()`
	`38`	`+ .pathMatchers("/webjars/**").permitAll()`
`36`	`39`	`.anyExchange().authenticated()`
`37`	`40`
`38`	`41`	`).oauth2ResourceServer(oauth2 -> oauth2`
`@@ -46,4 +49,5 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {`
`46`	`49`	`public ReactiveJwtDecoder jwtDecoder() {`
`47`	`50`	`return ReactiveJwtDecoders.fromIssuerLocation(jwtProperties.getIssuerUri());`
`48`	`51`	`}`
	`52`	`+`
`49`	`53`	`}`