This is an automated email from the ASF dual-hosted git repository. robertlazarski pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-core.git
commit b4050db8e53d016bc900a12c474daadcd23c4507 Author: Robert Lazarski <[email protected]> AuthorDate: Sun Apr 5 18:13:21 2026 -1000 Replace default basicAuth scheme with bearerAuth in OpenAPI spec Basic auth is dated; the generated spec now defaults to HTTP Bearer token authentication to match modern Axis2 REST service patterns. Co-Authored-By: Claude Sonnet 4.6 <[email protected]> --- .../java/org/apache/axis2/openapi/OpenApiConfiguration.java | 12 ++++++------ .../main/java/org/apache/axis2/openapi/OpenApiModule.java | 2 +- .../apache/axis2/openapi/AdvancedGuideIntegrationTest.java | 3 +-- .../org/apache/axis2/openapi/OpenApiConfigurationTest.java | 12 ++++++------ 4 files changed, 14 insertions(+), 15 deletions(-) diff --git a/modules/openapi/src/main/java/org/apache/axis2/openapi/OpenApiConfiguration.java b/modules/openapi/src/main/java/org/apache/axis2/openapi/OpenApiConfiguration.java index be57f5661b..fac1d542bf 100644 --- a/modules/openapi/src/main/java/org/apache/axis2/openapi/OpenApiConfiguration.java +++ b/modules/openapi/src/main/java/org/apache/axis2/openapi/OpenApiConfiguration.java @@ -196,12 +196,12 @@ public class OpenApiConfiguration { * Load default configuration values. */ private void loadDefaultConfiguration() { - // Add default security scheme - SecurityScheme basicAuth = new SecurityScheme(); - basicAuth.setType(SecurityScheme.Type.HTTP); - basicAuth.setScheme("basic"); - basicAuth.setDescription("Basic Authentication"); - securityDefinitions.put("basicAuth", basicAuth); + // Add default security scheme — Bearer token auth + SecurityScheme bearerAuth = new SecurityScheme(); + bearerAuth.setType(SecurityScheme.Type.HTTP); + bearerAuth.setScheme("bearer"); + bearerAuth.setDescription("Bearer token authentication"); + securityDefinitions.put("bearerAuth", bearerAuth); } /** diff --git a/modules/openapi/src/main/java/org/apache/axis2/openapi/OpenApiModule.java b/modules/openapi/src/main/java/org/apache/axis2/openapi/OpenApiModule.java index c5db9f9ff7..36b469a209 100644 --- a/modules/openapi/src/main/java/org/apache/axis2/openapi/OpenApiModule.java +++ b/modules/openapi/src/main/java/org/apache/axis2/openapi/OpenApiModule.java @@ -45,7 +45,7 @@ import io.swagger.v3.oas.models.security.SecurityScheme; * Key features (Enhanced in v2.0.1): * - Automatic OpenAPI 3.0.1 specification generation from service metadata * - Comprehensive configuration system with properties file support - * - Security schemes integration (OAuth2, API Key, Basic Auth, etc.) + * - Security schemes integration (OAuth2, API Key, Bearer token, etc.) * - Advanced customization via OpenApiCustomizer interface * - Swagger UI integration for interactive API documentation * - Resource filtering and route management diff --git a/modules/openapi/src/test/java/org/apache/axis2/openapi/AdvancedGuideIntegrationTest.java b/modules/openapi/src/test/java/org/apache/axis2/openapi/AdvancedGuideIntegrationTest.java index 0e5f866718..15b324a922 100644 --- a/modules/openapi/src/test/java/org/apache/axis2/openapi/AdvancedGuideIntegrationTest.java +++ b/modules/openapi/src/test/java/org/apache/axis2/openapi/AdvancedGuideIntegrationTest.java @@ -268,12 +268,11 @@ public class AdvancedGuideIntegrationTest extends TestCase { assertTrue("Should have at least one security scheme", securitySchemes.size() >= 1); // Verify multiple authentication options are available - boolean hasBasicAuth = securitySchemes.containsKey("basicAuth"); boolean hasBearerAuth = securitySchemes.containsKey("bearerAuth"); boolean hasApiKey = securitySchemes.containsKey("apiKey"); boolean hasOAuth2 = securitySchemes.containsKey("oauth2"); - assertTrue("Should have basic authentication by default", hasBasicAuth); + assertTrue("Should have bearer token authentication by default", hasBearerAuth); // Test that operations can use different security schemes Map<String, PathItem> paths = openApi.getPaths(); diff --git a/modules/openapi/src/test/java/org/apache/axis2/openapi/OpenApiConfigurationTest.java b/modules/openapi/src/test/java/org/apache/axis2/openapi/OpenApiConfigurationTest.java index d53cddeb0d..a0e12e371b 100644 --- a/modules/openapi/src/test/java/org/apache/axis2/openapi/OpenApiConfigurationTest.java +++ b/modules/openapi/src/test/java/org/apache/axis2/openapi/OpenApiConfigurationTest.java @@ -81,11 +81,11 @@ public class OpenApiConfigurationTest { assertNotNull(config.getSecurityDefinitions()); assertNotNull(config.getSwaggerUiMediaTypes()); - // Should have default security scheme - assertTrue(config.getSecurityDefinitions().containsKey("basicAuth")); - SecurityScheme basicAuth = config.getSecurityDefinitions().get("basicAuth"); - assertEquals(SecurityScheme.Type.HTTP, basicAuth.getType()); - assertEquals("basic", basicAuth.getScheme()); + // Should have default security scheme (Bearer token) + assertTrue(config.getSecurityDefinitions().containsKey("bearerAuth")); + SecurityScheme bearerAuth = config.getSecurityDefinitions().get("bearerAuth"); + assertEquals(SecurityScheme.Type.HTTP, bearerAuth.getType()); + assertEquals("bearer", bearerAuth.getScheme()); } @Test @@ -456,7 +456,7 @@ public class OpenApiConfigurationTest { assertEquals(10000, config.getResourcePackages().size()); assertEquals(10000, config.getResourceClasses().size()); assertEquals(10000, config.getIgnoredRoutes().size()); - // +1 for default basicAuth scheme + // +1 for default bearerAuth scheme assertEquals(10001, config.getSecurityDefinitions().size()); }
