Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

swagger 초기 세팅 #10

Closed
3 tasks done
Gnu-Kenny opened this issue Mar 30, 2022 · 3 comments · Fixed by #11
Closed
3 tasks done

swagger 초기 세팅 #10

Gnu-Kenny opened this issue Mar 30, 2022 · 3 comments · Fixed by #11
Assignees
@Gnu-Kenny
Projects
h-jjang 1차 프로젝트
Milestone
sprint2

Comments

@Gnu-Kenny
Copy link
Contributor

Gnu-Kenny commented Mar 30, 2022
edited by kim1387

API 문서화와 API Test를 위해 Swagger 초기 세팅 진행

  • Graddle 추가하기
  • Spring Security Swagger Ignore 설정
  • MVC Path Match 전략 변경하기
@Gnu-Kenny Gnu-Kenny self-assigned this Mar 30, 2022
@Gnu-Kenny Gnu-Kenny added this to To do in h-jjang 1차 프로젝트 via automation Mar 30, 2022
@Gnu-Kenny Gnu-Kenny added this to the sprint2 milestone Mar 30, 2022
@Gnu-Kenny
Copy link
Contributor Author

Gnu-Kenny commented Mar 30, 2022
edited

Graddle에 springfox-spring-web 2.9.2 버전에 취약점이 있음을 확인했습니다. 그리고
3.0.0 버전이 하위 버전들을 호환하는 것을 확인하여 3.0.0 버전을 채택했습니다.

Reference
About Vulnerabilities
About Defendency

@kim1387
Copy link
Member

kim1387 commented Mar 30, 2022
edited

spring 2.6.부터는 기본 전략이 mvcMatchers 전략이 변경 되어 spring security에서 web.ignore로 swagger 설정하기 위해서는 spring.mvc.pathmatch.matching-strategy 전략을 ant-path-matcher로 바꿔줘야한다.

https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.6-Release-Notes

If you are using Spring Security, you should review your use of mvcMatchers to ensure that your matchers continue to meet your needs. With AntPathMatcher, authorizeRequests.mvcMatchers("hello").permitAll() would grant access to /hello. The more precise matching of PathPatternParser requires the use of authorizeRequests.mvcMatchers("/hello").permitAll() (note the leading /) instead.

If you need to switch the default back to AntPathMatcher, you can set spring.mvc.pathmatch.matching-strategy to ant-path-matcher.

spring:
  mvc:
    pathmatch:
      matching-strategy: ant_path_matcher

@Gnu-Kenny
Copy link
Contributor Author

의존성 주입에서 implementation 'org.springframework.boot:spring-boot-starter-actuator'과
springfox 와의 충돌을 확인
-> org.springdoc:springdoc-openapi-ui:1.6.6 사용해서 해결
springdoc.org

@Gnu-Kenny Gnu-Kenny linked a pull request Mar 30, 2022 that will close this issue
[#10] Swagger 초기화 #11
Merged
h-jjang 1차 프로젝트 automation moved this from To do to Done Mar 30, 2022
kim1387 added a commit that referenced this issue Mar 30, 2022
@kim1387
Merge pull request #11 from h-jjang/feature/#10_swagger_init
8085479 
[#10] Swagger 초기화
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Gnu-Kenny Gnu-Kenny

Labels
None yet
Projects
h-jjang 1차 프로젝트
Done
Milestone
sprint2
Development

Successfully merging a pull request may close this issue.

10-swagger-초기-세팅 h-jjang/bauction
[#10] Swagger 초기화 h-jjang/bauction
2 participants
@kim1387 @Gnu-Kenny