This is an automated email from the ASF dual-hosted git repository. robertlazarski pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-core.git
commit 2b2246a8f5bd967e3f8e69279bfa7c4f04a571b7 Author: Robert Lazarski <[email protected]> AuthorDate: Sun Apr 5 16:29:14 2026 -1000 springbootdemo: Gemini review cleanup — extract OpenAPI path constants, parameterize axis2 version, remove dead code - Extract PATH_OPENAPI_JSON/YAML/SWAGGER_UI constants in HTTPPostOnlyRejectionFilter and JWTAuthenticationFilter (both springbootdemo and tomcat11) to eliminate magic strings - Replace hardcoded 2.0.1-SNAPSHOT in antrun copy tasks with ${axis2.version} property - Delete dead OpenApiController.java — DispatcherServlet is not wired in this WAR deployment so @GetMapping handlers were never invoked; OpenApiServlet registered directly in Axis2WebAppInitializer handles these paths instead Co-Authored-By: Claude Sonnet 4.6 <[email protected]> --- .../webservices/HTTPPostOnlyRejectionFilter.java | 14 +-- .../webservices/JWTAuthenticationFilter.java | 8 +- .../userguide/src/userguide/springbootdemo/pom.xml | 9 +- .../configuration/OpenApiController.java | 99 ---------------------- .../webservices/HTTPPostOnlyRejectionFilter.java | 14 +-- .../webservices/JWTAuthenticationFilter.java | 8 +- 6 files changed, 35 insertions(+), 117 deletions(-) diff --git a/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java b/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java index f2524f6d4a..2944161fe1 100644 --- a/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java +++ b/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java @@ -38,9 +38,13 @@ import java.io.UnsupportedEncodingException; import java.util.UUID; public class HTTPPostOnlyRejectionFilter extends OncePerRequestFilter { - + + private static final String PATH_OPENAPI_JSON = "/openapi.json"; + private static final String PATH_OPENAPI_YAML = "/openapi.yaml"; + private static final String PATH_SWAGGER_UI = "/swagger-ui"; + private static Log logger = LogFactory.getLog(HTTPPostOnlyRejectionFilter.class); - + private final RedirectStrategy redirectStrategy = new NoRedirectStrategy(); public HTTPPostOnlyRejectionFilter() { @@ -52,11 +56,11 @@ public class HTTPPostOnlyRejectionFilter extends OncePerRequestFilter { String uuid = UUID.randomUUID().toString(); String logPrefix = "HTTPPostOnlyRejectionFilter.doFilterInternal , uuid: " + uuid + " , "; - + logger.trace(logPrefix + "starting ... "); - + String uri = request.getRequestURI(); - boolean isOpenApiPath = uri.endsWith("/openapi.json") || uri.endsWith("/openapi.yaml") || uri.endsWith("/swagger-ui"); + boolean isOpenApiPath = uri.endsWith(PATH_OPENAPI_JSON) || uri.endsWith(PATH_OPENAPI_YAML) || uri.endsWith(PATH_SWAGGER_UI); if (isOpenApiPath) { filterChain.doFilter(request, response); return; diff --git a/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java b/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java index 59448a68a8..da7d5afad1 100644 --- a/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java +++ b/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java @@ -39,7 +39,11 @@ import org.owasp.esapi.ESAPI; import org.owasp.esapi.Validator; public class JWTAuthenticationFilter extends AbstractAuthenticationProcessingFilter { - + + private static final String PATH_OPENAPI_JSON = "/openapi.json"; + private static final String PATH_OPENAPI_YAML = "/openapi.yaml"; + private static final String PATH_SWAGGER_UI = "/swagger-ui"; + @Autowired private WSSecUtils wssecutils; @@ -56,7 +60,7 @@ public class JWTAuthenticationFilter extends AbstractAuthenticationProcessingFil @Override protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) { String uri = request.getRequestURI(); - if (uri.endsWith("/openapi.json") || uri.endsWith("/openapi.yaml") || uri.endsWith("/swagger-ui")) { + if (uri.endsWith(PATH_OPENAPI_JSON) || uri.endsWith(PATH_OPENAPI_YAML) || uri.endsWith(PATH_SWAGGER_UI)) { return false; // OpenAPI documentation endpoints are public } return true; diff --git a/modules/samples/userguide/src/userguide/springbootdemo/pom.xml b/modules/samples/userguide/src/userguide/springbootdemo/pom.xml index 4184fa663d..b48388db15 100644 --- a/modules/samples/userguide/src/userguide/springbootdemo/pom.xml +++ b/modules/samples/userguide/src/userguide/springbootdemo/pom.xml @@ -42,6 +42,7 @@ <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> <java.version>17</java.version> <spring-boot.version>3.4.3</spring-boot.version> + <axis2.version>2.0.1-SNAPSHOT</axis2.version> </properties> <dependencies> @@ -372,8 +373,8 @@ </copy> <!-- Create openapi module archive for WEB-INF/modules --> <mkdir dir="${project.build.directory}/deploy/axis2-json-api.war/WEB-INF/modules"/> - <copy file="${settings.localRepository}/org/apache/axis2/axis2-openapi/2.0.1-SNAPSHOT/axis2-openapi-2.0.1-SNAPSHOT.jar" - tofile="${project.build.directory}/deploy/axis2-json-api.war/WEB-INF/modules/openapi-2.0.1-SNAPSHOT.mar"/> + <copy file="${settings.localRepository}/org/apache/axis2/axis2-openapi/${axis2.version}/axis2-openapi-${axis2.version}.jar" + tofile="${project.build.directory}/deploy/axis2-json-api.war/WEB-INF/modules/openapi-${axis2.version}.mar"/> <unzip src="${project.build.directory}/axis2-json-api-0.0.1-SNAPSHOT.war" dest="${project.build.directory}/exploded"/> <jar jarfile="${project.build.directory}/exploded/WEB-INF/services/Login.aar"> <metainf file="resources-axis2/login_resources/services.xml"/> @@ -391,8 +392,8 @@ </copy> <!-- Create openapi module archive for exploded WEB-INF/modules --> <mkdir dir="${project.build.directory}/exploded/WEB-INF/modules"/> - <copy file="${settings.localRepository}/org/apache/axis2/axis2-openapi/2.0.1-SNAPSHOT/axis2-openapi-2.0.1-SNAPSHOT.jar" - tofile="${project.build.directory}/exploded/WEB-INF/modules/openapi-2.0.1-SNAPSHOT.mar"/> + <copy file="${settings.localRepository}/org/apache/axis2/axis2-openapi/${axis2.version}/axis2-openapi-${axis2.version}.jar" + tofile="${project.build.directory}/exploded/WEB-INF/modules/openapi-${axis2.version}.mar"/> </target> </configuration> <goals> diff --git a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/configuration/OpenApiController.java b/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/configuration/OpenApiController.java deleted file mode 100644 index 1518b36c5c..0000000000 --- a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/configuration/OpenApiController.java +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package userguide.springboot.configuration; - -import jakarta.servlet.ServletContext; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import org.apache.axis2.context.ConfigurationContext; -import org.apache.axis2.openapi.OpenApiModule; -import org.apache.axis2.openapi.SwaggerUIHandler; -import org.apache.axis2.transport.http.AxisServlet; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.GetMapping; - -/** - * Routes OpenAPI documentation requests to the Axis2 OpenAPI module handlers. - * - * The axis2-openapi module stores its handlers in ConfigurationContext during - * module init. AxisServlet stores ConfigurationContext in ServletContext under - * the key AxisServlet.CONFIGURATION_CONTEXT ("CONFIGURATION_CONTEXT"). This - * controller bridges Spring MVC routing to those handlers, enabling the standard - * OpenAPI endpoints alongside the Axis2 /services/* path. - * - * Endpoints served: - * GET /openapi.json - OpenAPI 3.0.1 specification (JSON) - * GET /openapi.yaml - OpenAPI 3.0.1 specification (YAML) - * GET /swagger-ui - Interactive Swagger UI documentation page - */ -@Controller -public class OpenApiController { - - private static final Log log = LogFactory.getLog(OpenApiController.class); - - @Autowired - private ServletContext servletContext; - - private SwaggerUIHandler getHandler() { - ConfigurationContext configContext = (ConfigurationContext) - servletContext.getAttribute(AxisServlet.CONFIGURATION_CONTEXT); - if (configContext == null) { - log.warn("AxisServlet ConfigurationContext not found in ServletContext — AxisServlet may not have started yet"); - return null; - } - SwaggerUIHandler handler = OpenApiModule.getSwaggerUIHandler(configContext); - if (handler == null) { - log.warn("OpenAPI module not initialized — ensure axis2-openapi is on the classpath and <module ref=\"openapi\"/> is in axis2.xml"); - } - return handler; - } - - @GetMapping("/openapi.json") - public void openApiJson(HttpServletRequest request, HttpServletResponse response) throws Exception { - SwaggerUIHandler handler = getHandler(); - if (handler == null) { - response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, "OpenAPI module not available"); - return; - } - handler.handleOpenApiJsonRequest(request, response); - } - - @GetMapping("/openapi.yaml") - public void openApiYaml(HttpServletRequest request, HttpServletResponse response) throws Exception { - SwaggerUIHandler handler = getHandler(); - if (handler == null) { - response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, "OpenAPI module not available"); - return; - } - handler.handleOpenApiYamlRequest(request, response); - } - - @GetMapping("/swagger-ui") - public void swaggerUi(HttpServletRequest request, HttpServletResponse response) throws Exception { - SwaggerUIHandler handler = getHandler(); - if (handler == null) { - response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, "OpenAPI module not available"); - return; - } - handler.handleSwaggerUIRequest(request, response); - } -} diff --git a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java b/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java index f2524f6d4a..2944161fe1 100644 --- a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java +++ b/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java @@ -38,9 +38,13 @@ import java.io.UnsupportedEncodingException; import java.util.UUID; public class HTTPPostOnlyRejectionFilter extends OncePerRequestFilter { - + + private static final String PATH_OPENAPI_JSON = "/openapi.json"; + private static final String PATH_OPENAPI_YAML = "/openapi.yaml"; + private static final String PATH_SWAGGER_UI = "/swagger-ui"; + private static Log logger = LogFactory.getLog(HTTPPostOnlyRejectionFilter.class); - + private final RedirectStrategy redirectStrategy = new NoRedirectStrategy(); public HTTPPostOnlyRejectionFilter() { @@ -52,11 +56,11 @@ public class HTTPPostOnlyRejectionFilter extends OncePerRequestFilter { String uuid = UUID.randomUUID().toString(); String logPrefix = "HTTPPostOnlyRejectionFilter.doFilterInternal , uuid: " + uuid + " , "; - + logger.trace(logPrefix + "starting ... "); - + String uri = request.getRequestURI(); - boolean isOpenApiPath = uri.endsWith("/openapi.json") || uri.endsWith("/openapi.yaml") || uri.endsWith("/swagger-ui"); + boolean isOpenApiPath = uri.endsWith(PATH_OPENAPI_JSON) || uri.endsWith(PATH_OPENAPI_YAML) || uri.endsWith(PATH_SWAGGER_UI); if (isOpenApiPath) { filterChain.doFilter(request, response); return; diff --git a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java b/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java index 59448a68a8..da7d5afad1 100644 --- a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java +++ b/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java @@ -39,7 +39,11 @@ import org.owasp.esapi.ESAPI; import org.owasp.esapi.Validator; public class JWTAuthenticationFilter extends AbstractAuthenticationProcessingFilter { - + + private static final String PATH_OPENAPI_JSON = "/openapi.json"; + private static final String PATH_OPENAPI_YAML = "/openapi.yaml"; + private static final String PATH_SWAGGER_UI = "/swagger-ui"; + @Autowired private WSSecUtils wssecutils; @@ -56,7 +60,7 @@ public class JWTAuthenticationFilter extends AbstractAuthenticationProcessingFil @Override protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) { String uri = request.getRequestURI(); - if (uri.endsWith("/openapi.json") || uri.endsWith("/openapi.yaml") || uri.endsWith("/swagger-ui")) { + if (uri.endsWith(PATH_OPENAPI_JSON) || uri.endsWith(PATH_OPENAPI_YAML) || uri.endsWith(PATH_SWAGGER_UI)) { return false; // OpenAPI documentation endpoints are public } return true;
