docs(api): add missing global security requirements

2025-12-06 08:32:25 +01:00 · 2025-02-20 10:38:40 +08:00 · 2025-02-20 10:38:40 +08:00 · 51c4617cc4
commit 51c4617cc4
parent 7f9dc5c97c
7 changed files with 47 additions and 10 deletions
--- a/komga/docs/openapi.json
+++ b/komga/docs/openapi.json
@ -14,22 +14,30 @@
    "url": "https://komga.org"
  },
  "servers": [
+    {
+      "url": "https://demo.komga.org",
+      "description": "Demo server"
+    },
    {
      "url": "http://localhost:{port}",
      "description": "Local development server",
      "variables": {
        "port": {
+          "default": "25600",
          "enum": [
            "8080",
            "25600"
+          ]
+        }
+      }
+    }
  ],
-          "default": "25600"
-        }
-      }
+  "security": [
+    {
+      "basicAuth": []
    },
    {
-      "url": "https://demo.komga.org",
-      "description": "Demo server"
+      "apiKey": []
    }
  ],
  "tags": [
@ -2100,6 +2108,7 @@
            "description": "Bad Request"
          }
        },
+        "security": [],
        "summary": "Get Epub resource",
        "tags": [
          "WebPub Manifest"
@ -2428,6 +2437,7 @@
            "description": "Bad Request"
          }
        },
+        "security": [],
        "summary": "Retrieve claim status",
        "tags": [
          "Claim server"
@ -2476,6 +2486,7 @@
            "description": "Bad Request"
          }
        },
+        "security": [],
        "summary": "Claim server",
        "tags": [
          "Claim server"
@ -2600,6 +2611,7 @@
            "description": "Bad Request"
          }
        },
+        "security": [],
        "summary": "Retrieve global client settings",
        "tags": [
          "Client settings"
@ -3574,6 +3586,7 @@
            "description": "Bad Request"
          }
        },
+        "security": [],
        "summary": "Download CSS file",
        "tags": [
          "Fonts"
@ -3624,6 +3637,7 @@
            "description": "Bad Request"
          }
        },
+        "security": [],
        "summary": "Download font file",
        "tags": [
          "Fonts"
@ -4238,6 +4252,7 @@
            "description": "Bad Request"
          }
        },
+        "security": [],
        "summary": "List registered OAuth2 providers",
        "tags": [
          "OAuth2"
--- a/komga/src/main/kotlin/org/gotson/komga/infrastructure/swagger/OpenApiConfiguration.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/infrastructure/swagger/OpenApiConfiguration.kt
@ -9,6 +9,7 @@ import io.swagger.v3.oas.models.info.Info
 import io.swagger.v3.oas.models.info.License
 import io.swagger.v3.oas.models.responses.ApiResponse
 import io.swagger.v3.oas.models.responses.ApiResponses
+import io.swagger.v3.oas.models.security.SecurityRequirement
 import io.swagger.v3.oas.models.security.SecurityScheme
 import io.swagger.v3.oas.models.servers.Server
 import io.swagger.v3.oas.models.servers.ServerVariable
@ -109,21 +110,29 @@ class OpenApiConfiguration(
      ).components(
        Components()
          .addSecuritySchemes(
-            "basicAuth",
+            SecuritySchemes.BASIC_AUTH,
            SecurityScheme()
              .type(SecurityScheme.Type.HTTP)
              .scheme("basic"),
          ).addSecuritySchemes(
-            "apiKey",
+            SecuritySchemes.API_KEY,
            SecurityScheme()
              .type(SecurityScheme.Type.APIKEY)
              .`in`(SecurityScheme.In.HEADER)
              .name("X-API-Key"),
          ),
+      ).security(
+        listOf(
+          SecurityRequirement().addList(SecuritySchemes.BASIC_AUTH),
+          SecurityRequirement().addList(SecuritySchemes.API_KEY),
+        ),
      ).tags(tags)
      .extensions(mapOf("x-tagGroups" to tagGroups))
      .servers(
        listOf(
+          Server()
+            .url("https://demo.komga.org")
+            .description("Demo server"),
          Server()
            .url("http://localhost:{port}")
            .description("Local development server")
@ -137,9 +146,6 @@ class OpenApiConfiguration(
                    ._default("25600"),
                ),
            ),
-          Server()
-            .url("https://demo.komga.org")
-            .description("Demo server"),
        ),
      ).path(
        "/api/logout",
@ -249,6 +255,11 @@ class OpenApiConfiguration(
      ),
    )

+  object SecuritySchemes {
+    const val BASIC_AUTH = "basicAuth"
+    const val API_KEY = "apiKey"
+  }
+
  object TagNames {
    const val DEPRECATED = "Deprecated"

--- a/komga/src/main/kotlin/org/gotson/komga/interfaces/api/CommonBookController.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/interfaces/api/CommonBookController.kt
@ -2,6 +2,7 @@ package org.gotson.komga.interfaces.api

 import io.github.oshai.kotlinlogging.KotlinLogging
 import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.security.SecurityRequirements
 import jakarta.servlet.http.HttpServletRequest
 import org.apache.commons.io.FilenameUtils
 import org.apache.commons.io.IOUtils
@ -255,6 +256,7 @@ class CommonBookController(
    }

  @Operation(summary = "Get Epub resource", description = "Return a resource from within an Epub book.", tags = [OpenApiConfiguration.TagNames.BOOK_WEBPUB])
+  @SecurityRequirements
  @GetMapping(
    value = [
      "api/v1/books/{bookId}/resource/{*resource}",
--- a/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/ClaimController.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/ClaimController.kt
@ -1,6 +1,7 @@
 package org.gotson.komga.interfaces.api.rest

 import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.security.SecurityRequirements
 import io.swagger.v3.oas.annotations.tags.Tag
 import jakarta.validation.constraints.Email
 import jakarta.validation.constraints.NotBlank
@ -24,6 +25,7 @@ import org.springframework.web.server.ResponseStatusException
@RequestMapping("api/v1/claim", produces = [MediaType.APPLICATION_JSON_VALUE])
@Tag(name = OpenApiConfiguration.TagNames.CLAIM)
@Validated
+@SecurityRequirements
 class ClaimController(
  private val userDetailsLifecycle: KomgaUserLifecycle,
 ) {
--- a/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/ClientSettingsController.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/ClientSettingsController.kt
@ -3,6 +3,7 @@ package org.gotson.komga.interfaces.api.rest
 import io.swagger.v3.oas.annotations.Operation
 import io.swagger.v3.oas.annotations.media.Content
 import io.swagger.v3.oas.annotations.media.ExampleObject
+import io.swagger.v3.oas.annotations.security.SecurityRequirements
 import io.swagger.v3.oas.annotations.tags.Tag
 import jakarta.validation.Valid
 import jakarta.validation.constraints.NotNull
@ -38,6 +39,7 @@ class ClientSettingsController(
 ) {
  @GetMapping("global/list")
  @Operation(summary = "Retrieve global client settings", description = "For unauthenticated users, only settings with 'allowUnauthorized=true' will be returned.")
+  @SecurityRequirements
  fun getGlobalSettings(
    @AuthenticationPrincipal principal: KomgaPrincipal?,
  ): Map<String, ClientSettingDto> = clientSettingsDtoDao.findAllGlobal(principal == null)
--- a/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/FontsController.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/FontsController.kt
@ -2,6 +2,7 @@ package org.gotson.komga.interfaces.api.rest

 import io.github.oshai.kotlinlogging.KotlinLogging
 import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.security.SecurityRequirements
 import io.swagger.v3.oas.annotations.tags.Tag
 import org.apache.commons.io.FilenameUtils
 import org.gotson.komga.infrastructure.configuration.KomgaProperties
@ -91,6 +92,7 @@ class FontsController(

  @GetMapping("resource/{fontFamily}/{fontFile}")
  @Operation(summary = "Download font file")
+  @SecurityRequirements
  fun getFontFile(
    @PathVariable fontFamily: String,
    @PathVariable fontFile: String,
@ -113,6 +115,7 @@ class FontsController(

  @GetMapping("resource/{fontFamily}/css", produces = ["text/css"])
  @Operation(summary = "Download CSS file", description = "Download a CSS file with the @font-face block for the font family. This is used by the Epub Reader to change fonts.")
+  @SecurityRequirements
  fun getFontFamilyAsCss(
    @PathVariable fontFamily: String,
  ): ResponseEntity<Resource> {
--- a/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/OAuth2Controller.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/OAuth2Controller.kt
@ -1,6 +1,7 @@
 package org.gotson.komga.interfaces.api.rest

 import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.security.SecurityRequirements
 import io.swagger.v3.oas.annotations.tags.Tag
 import org.gotson.komga.infrastructure.swagger.OpenApiConfiguration
 import org.springframework.http.MediaType
@ -12,6 +13,7 @@ import org.springframework.web.bind.annotation.RestController
@RestController
@RequestMapping("api/v1/oauth2", produces = [MediaType.APPLICATION_JSON_VALUE])
@Tag(name = OpenApiConfiguration.TagNames.OAUTH2)
+@SecurityRequirements
 class OAuth2Controller(
  clientRegistrationRepository: InMemoryClientRegistrationRepository?,
 ) {