2025-06-04 07:55:52 +02:00
3 changed files with 23 additions and 0 deletions
--- a/bff/pom.xml
+++ b/bff/pom.xml
@ -18,6 +18,7 @@
    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <java.version>24</java.version>
+        <springdoc.version>2.8.6</springdoc.version>
    </properties>

    <dependencies>
@ -29,6 +30,13 @@
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-client</artifactId>
        </dependency>
+
+        <!-- OpenAPI specification -->
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+            <version>${springdoc.version}</version>
+        </dependency>
    </dependencies>

    <build>
--- a/bff/src/main/java/se/su/dsv/studentportalen/bff/Studentportalen.java
+++ b/bff/src/main/java/se/su/dsv/studentportalen/bff/Studentportalen.java
@ -8,15 +8,25 @@ import org.springframework.boot.web.servlet.support.SpringBootServletInitializer
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.util.matcher.RequestMatcher;
+import org.springframework.security.web.util.matcher.RequestMatchers;
 import org.springframework.web.cors.CorsConfiguration;
 import se.su.dsv.studentportalen.bff.login.BFFAuthenticationEntryPoint;

 import java.util.List;

+import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.antMatcher;
+
@SpringBootApplication
@EnableConfigurationProperties
@ConfigurationPropertiesScan
 public class Studentportalen extends SpringBootServletInitializer {
+
+    private static final RequestMatcher DOCUMENTATION_MATCHER = RequestMatchers.anyOf(
+            antMatcher("/swagger"),
+            antMatcher("/swagger-ui/**"),
+            antMatcher("/v3/api-docs/**"));
+
    public static void main(String[] args) {
        SpringApplication.run(Studentportalen.class, args);
    }
@ -32,6 +42,7 @@ public class Studentportalen extends SpringBootServletInitializer {
        http.oauth2Login(login -> login
                .defaultSuccessUrl(frontendConfiguration.url(), true));
        http.authorizeHttpRequests(authorize -> authorize
+                .requestMatchers(DOCUMENTATION_MATCHER).permitAll()
                .anyRequest().authenticated());
        http.cors(cors -> cors
                .configurationSource(_ -> frontendOnlyCors(frontendConfiguration)));
--- a/bff/src/main/resources/application.yaml
+++ b/bff/src/main/resources/application.yaml
@ -27,3 +27,7 @@ server.servlet.session:
    same-site: strict
    path: /
    name: __Host-JSESSIONID
+
+springdoc:
+  swagger-ui:
+    path: /swagger