public ProjectPermissionIRequestParameter(ApiKeyService apiKeyService, Method method) { final ApiOperation annotation = method.getAnnotation(ApiOperation.class); Authorization[] authorizations = annotation == null ? new Authorization[0] : Arrays.stream(annotation.authorizations()).filter(auth -> !auth.value().equals("")).toArray(value -> new Authorization[value]); if (authorizations.length == 0) { throw new IllegalStateException(method.toGenericString() + ": The permission check component requires endpoints to have authorizations definition in @ApiOperation. " + "Use @IgnorePermissionCheck to bypass security check in method " + method.toString()); } if (annotation != null && !annotation.consumes().isEmpty() && !annotation.consumes().equals("application/json")) { throw new IllegalStateException("The permission check component requires endpoint to consume application/json. " + "Use @IgnorePermissionCheck to bypass security check in method " + method.toString()); } Api clazzOperation = method.getDeclaringClass().getAnnotation(Api.class); if (authorizations.length == 0 && (clazzOperation == null || clazzOperation.authorizations().length == 0)) { throw new IllegalArgumentException(String.format("Authorization for method %s is not defined. " + "You must use @IgnorePermissionCheck if the endpoint doesn't need permission check", method.toString())); } if (authorizations.length != 1) { throw new IllegalArgumentException(); } type = ApiKeyService.AccessKeyType.fromKey(authorizations[0].value()); this.apiKeyService = apiKeyService; }
.setSwaggerOperationProcessor((method, operation) -> { ApiOperation annotation = method.getAnnotation(ApiOperation.class); if (annotation != null && annotation.authorizations() != null && annotation.authorizations().length > 0) { String value = annotation.authorizations()[0].value(); if (value != null && !value.isEmpty()) { operation.response(FORBIDDEN.code(), new Response()
responseContainer = apiOperation.responseContainer(); if (apiOperation.authorizations() != null) { List<SecurityRequirement> securities = new ArrayList<>(); for (Authorization auth : apiOperation.authorizations()) { if (auth.value() != null && !"".equals(auth.value())) { SecurityRequirement security = new SecurityRequirement();