admin/honey-be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

swagger availability fix
All checks were successful
Deploy to VPS / deploy (push) Successful in 1m22s
Details

Browse Source
This commit is contained in:
Tihon
2026-03-07 23:33:53 +02:00
parent 15498c8337
commit c7cf0ea9f8
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/main/java/com/honey/honey/config/AdminSecurityConfig.java
View File

@@ -64,7 +64,8 @@ public class AdminSecurityConfig {
/** /**
* Swagger/OpenAPI docs: permitAll with highest precedence so the default Spring Boot chain * Swagger/OpenAPI docs: permitAll with highest precedence so the default Spring Boot chain
* (which requires auth for /**) never handles these paths. Includes webjars and resources * (which requires auth for /**) never handles these paths. Includes webjars and resources
* so the UI can load CSS/JS. * so the UI can load CSS/JS. Also matches /api/swagger-ui/** and /api/v3/api-docs/** so
* Swagger behind nginx at a secret path (e.g. /secret/swagger-ui/ -> /api/swagger-ui/) is public.
*/ */
@Bean @Bean
@Order(Ordered.HIGHEST_PRECEDENCE) @Order(Ordered.HIGHEST_PRECEDENCE)
@@ -76,7 +77,14 @@ public class AdminSecurityConfig {
new AntPathRequestMatcher("/v3/api-docs/**"), new AntPathRequestMatcher("/v3/api-docs/**"),
new AntPathRequestMatcher("/webjars/**"), new AntPathRequestMatcher("/webjars/**"),
new AntPathRequestMatcher("/swagger-resources/**"), new AntPathRequestMatcher("/swagger-resources/**"),
new AntPathRequestMatcher("/configuration/**") new AntPathRequestMatcher("/configuration/**"),
new AntPathRequestMatcher("/api/swagger-ui/**"),
new AntPathRequestMatcher("/api/swagger-ui.html"),
new AntPathRequestMatcher("/api/v3/api-docs"),
new AntPathRequestMatcher("/api/v3/api-docs/**"),
new AntPathRequestMatcher("/api/webjars/**"),
new AntPathRequestMatcher("/api/swagger-resources/**"),
new AntPathRequestMatcher("/api/configuration/**")
); );
http http
.securityMatcher(swaggerMatcher) .securityMatcher(swaggerMatcher)

10
src/main/java/com/honey/honey/config/WebConfig.java
View File

@@ -40,7 +40,15 @@ public class WebConfig implements WebMvcConfigurer {
"/v3/api-docs/**", "/v3/api-docs/**",
"/webjars/**", "/webjars/**",
"/swagger-resources/**", "/swagger-resources/**",
"/configuration/**" "/configuration/**",
// Same under /api/ when Swagger is proxied at a secret path (e.g. nginx rewrite to /api/swagger-ui/)
"/api/swagger-ui/**",
"/api/swagger-ui.html",
"/api/v3/api-docs",
"/api/v3/api-docs/**",
"/api/webjars/**",
"/api/swagger-resources/**",
"/api/configuration/**"
); );
// User-based rate limiting for payment creation and payout creation (applied after auth interceptor) // User-based rate limiting for payment creation and payout creation (applied after auth interceptor)