feat:add swagger exposure filters. (#1146)

CHANGELOG.md

@@ -9,3 +9,4 @@
 - [refactor:optimize the order and condition matching of service registration automatic configuration.](https://github.com/Tencent/spring-cloud-tencent/pull/1129)
 - [feat: add circuit breaker actuator.](https://github.com/Tencent/spring-cloud-tencent/pull/1136)
 - [feat:support service contract reporting.](https://github.com/Tencent/spring-cloud-tencent/pull/1139)
+- [feat:add swagger exposure filters.](https://github.com/Tencent/spring-cloud-tencent/pull/1146)

README-zh.md

@@ -78,7 +78,7 @@ Spring Cloud Tencent 所有组件都已上传到 Maven 中央仓库，只需要
             <groupId>com.tencent.cloud</groupId>
             <artifactId>spring-cloud-tencent-dependencies</artifactId>
             <!--version number-->
-            <version>1.12.0-2021.0.8</version>
+            <version>1.12.1-2021.0.8</version>
             <type>pom</type>
             <scope>import</scope>
         </dependency>

README.md

@@ -80,7 +80,7 @@ For example:
             <groupId>com.tencent.cloud</groupId>
             <artifactId>spring-cloud-tencent-dependencies</artifactId>
             <!--version number-->
-            <version>1.12.0-2021.0.8</version>
+            <version>1.12.1-2021.0.8</version>
             <type>pom</type>
             <scope>import</scope>
         </dependency>

pom.xml

@@ -92,7 +92,7 @@
 		<revision>1.13.0-2021.0.8-SNAPSHOT</revision>
 
 		<!-- Spring Framework -->
-		<spring.framework.version>5.3.29</spring.framework.version>
+		<spring.framework.version>5.3.25</spring.framework.version>
 
 		<!-- Spring Boot -->
 		<spring.boot.version>2.6.15</spring.boot.version>

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/PolarisContractReporter.java

@@ -36,7 +36,6 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import springfox.documentation.service.Documentation;
 import springfox.documentation.spring.web.DocumentationCache;
-import springfox.documentation.spring.web.json.JsonSerializer;
 import springfox.documentation.swagger2.mappers.ServiceModelToSwagger2Mapper;
 
 import org.springframework.boot.context.event.ApplicationReadyEvent;
@@ -44,12 +43,16 @@ import org.springframework.context.ApplicationListener;
 import org.springframework.lang.NonNull;
 import org.springframework.util.CollectionUtils;
 
+/**
+ * Polaris contract reporter.
+ *
+ * @author Haotian Zhang
+ */
 public class PolarisContractReporter implements ApplicationListener<ApplicationReadyEvent> {
 
 	private final Logger LOG = LoggerFactory.getLogger(PolarisContractReporter.class);
 	private final ServiceModelToSwagger2Mapper swagger2Mapper;
 	private final DocumentationCache documentationCache;
-	private final JsonSerializer jsonSerializer;
 	private final String groupName;
 
 	private final ProviderAPI providerAPI;
@@ -57,11 +60,9 @@ public class PolarisContractReporter implements ApplicationListener<ApplicationR
 	private final PolarisDiscoveryProperties polarisDiscoveryProperties;
 
 	public PolarisContractReporter(DocumentationCache documentationCache, ServiceModelToSwagger2Mapper swagger2Mapper,
-			JsonSerializer jsonSerializer, String groupName, ProviderAPI providerAPI,
-			PolarisDiscoveryProperties polarisDiscoveryProperties) {
+			String groupName, ProviderAPI providerAPI, PolarisDiscoveryProperties polarisDiscoveryProperties) {
 		this.swagger2Mapper = swagger2Mapper;
 		this.documentationCache = documentationCache;
-		this.jsonSerializer = jsonSerializer;
 		this.groupName = groupName;
 		this.providerAPI = providerAPI;
 		this.polarisDiscoveryProperties = polarisDiscoveryProperties;

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/config/ContractProperties.java

@@ -43,4 +43,8 @@ public interface ContractProperties {
 	String getBasePath();
 
 	void setBasePath(String basePath);
+
+	boolean isExposure();
+
+	void setExposure(boolean exposure);
 }

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/config/PolarisContractProperties.java

@@ -51,6 +51,8 @@ public class PolarisContractProperties implements ContractProperties {
 	 */
 	private String basePath = "/**";
 
+	private boolean exposure = true;
+
 	public PolarisContractProperties(@Nullable ExtendedContractProperties extendContractProperties) {
 		this.extendContractProperties = extendContractProperties;
 	}
@@ -119,4 +121,17 @@ public class PolarisContractProperties implements ContractProperties {
 	public void setBasePath(String basePath) {
 		this.basePath = basePath;
 	}
+
+	@Override
+	public boolean isExposure() {
+		if (Objects.nonNull(extendContractProperties)) {
+			return extendContractProperties.isExposure();
+		}
+		return exposure;
+	}
+
+	@Override
+	public void setExposure(boolean exposure) {
+		this.exposure = exposure;
+	}
 }

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/config/PolarisSwaggerAutoConfiguration.java

@@ -17,26 +17,33 @@
 
 package com.tencent.cloud.polaris.contract.config;
 
+import java.lang.reflect.Field;
 import java.time.LocalDate;
 import java.util.Date;
 import java.util.List;
 import java.util.function.Predicate;
+import java.util.stream.Collectors;
 
+import com.tencent.cloud.common.util.ReflectionUtils;
 import com.tencent.cloud.polaris.PolarisDiscoveryProperties;
 import com.tencent.cloud.polaris.context.ConditionalOnPolarisEnabled;
 import com.tencent.cloud.polaris.context.PolarisSDKContextManager;
 import com.tencent.cloud.polaris.contract.PolarisContractReporter;
 import com.tencent.cloud.polaris.contract.PolarisSwaggerApplicationListener;
+import com.tencent.cloud.polaris.contract.filter.ApiDocServletFilter;
+import com.tencent.cloud.polaris.contract.filter.ApiDocWebFluxFilter;
 import com.tencent.cloud.polaris.contract.utils.PackageUtil;
 import springfox.boot.starter.autoconfigure.OpenApiAutoConfiguration;
 import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.service.Contact;
 import springfox.documentation.spi.DocumentationType;
 import springfox.documentation.spring.web.DocumentationCache;
-import springfox.documentation.spring.web.json.JsonSerializer;
 import springfox.documentation.spring.web.plugins.Docket;
+import springfox.documentation.spring.web.plugins.WebMvcRequestHandlerProvider;
 import springfox.documentation.swagger2.mappers.ServiceModelToSwagger2Mapper;
 
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.config.BeanPostProcessor;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@@ -44,7 +51,13 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplicat
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
+import org.springframework.web.servlet.mvc.method.RequestMappingInfoHandlerMapping;
 
+/**
+ * Auto configuration for Polaris swagger.
+ *
+ * @author Haotian Zhang
+ */
 @Configuration(proxyBeanMethods = false)
 @ConditionalOnPolarisEnabled
 @ConditionalOnProperty(name = "spring.cloud.polaris.contract.enabled", havingValue = "true", matchIfMissing = true)
@@ -112,12 +125,11 @@ public class PolarisSwaggerAutoConfiguration {
 	@Bean
 	@ConditionalOnBean(Docket.class)
 	@ConditionalOnMissingBean
-	public PolarisContractReporter polarisApiMetadataGrapher(DocumentationCache documentationCache,
-			ServiceModelToSwagger2Mapper swagger2Mapper, JsonSerializer jsonSerializer,
-			PolarisContractProperties polarisContractProperties, PolarisSDKContextManager polarisSDKContextManager,
-			PolarisDiscoveryProperties polarisDiscoveryProperties) {
-		return new PolarisContractReporter(documentationCache, swagger2Mapper, jsonSerializer,
-				polarisContractProperties.getGroup(), polarisSDKContextManager.getProviderAPI(), polarisDiscoveryProperties);
+	public PolarisContractReporter polarisContractReporter(DocumentationCache documentationCache,
+			ServiceModelToSwagger2Mapper swagger2Mapper, PolarisContractProperties polarisContractProperties,
+			PolarisSDKContextManager polarisSDKContextManager, PolarisDiscoveryProperties polarisDiscoveryProperties) {
+		return new PolarisContractReporter(documentationCache, swagger2Mapper, polarisContractProperties.getGroup(),
+				polarisSDKContextManager.getProviderAPI(), polarisDiscoveryProperties);
 	}
 
 	@Bean
@@ -132,7 +144,44 @@ public class PolarisSwaggerAutoConfiguration {
 	@Configuration(proxyBeanMethods = false)
 	@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
 	protected static class SwaggerServletConfig {
+		@Bean
+		public static BeanPostProcessor springfoxHandlerProviderBeanPostProcessor() {
+			return new BeanPostProcessor() {
+
+				@Override
+				public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
+					if (bean instanceof WebMvcRequestHandlerProvider) {
+						customizeSpringfoxHandlerMappings(getHandlerMappings(bean));
+					}
+					return bean;
+				}
+
+				private <T extends RequestMappingInfoHandlerMapping> void customizeSpringfoxHandlerMappings(List<T> mappings) {
+					List<T> copy = mappings.stream()
+							.filter(mapping -> mapping.getPatternParser() == null)
+							.collect(Collectors.toList());
+					mappings.clear();
+					mappings.addAll(copy);
+				}
+
+				@SuppressWarnings("unchecked")
+				private List<RequestMappingInfoHandlerMapping> getHandlerMappings(Object bean) {
+					try {
+						Field field = ReflectionUtils.findField(bean.getClass(), "handlerMappings");
+						field.setAccessible(true);
+						return (List<RequestMappingInfoHandlerMapping>) field.get(bean);
+					}
+					catch (IllegalArgumentException | IllegalAccessException e) {
+						throw new IllegalStateException(e);
+					}
+				}
+			};
+		}
 
+		@Bean
+		public ApiDocServletFilter apiDocServletFilter(PolarisContractProperties polarisContractProperties) {
+			return new ApiDocServletFilter(polarisContractProperties);
+		}
 	}
 
 	/**
@@ -142,6 +191,9 @@ public class PolarisSwaggerAutoConfiguration {
 	@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
 	protected static class SwaggerReactiveConfig {
 
-
+		@Bean
+		public ApiDocWebFluxFilter apiDocWebFluxFilter(PolarisContractProperties polarisContractProperties) {
+			return new ApiDocWebFluxFilter(polarisContractProperties);
+		}
 	}
 }

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/filter/ApiDocServletFilter.java

@@ -0,0 +1,73 @@
+/*
+ * Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ * Licensed under the BSD 3-Clause License (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.cloud.polaris.contract.filter;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import com.tencent.cloud.polaris.contract.config.PolarisContractProperties;
+
+import org.springframework.lang.NonNull;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_RESOURCE_PREFIX;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_UI_V2_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_UI_V3_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_V2_API_DOC_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_V3_API_DOC_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_WEBJARS_V2_PREFIX;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_WEBJARS_V3_PREFIX;
+
+/**
+ * Filter to disable api doc controller.
+ *
+ * @author Haotian Zhang
+ */
+public class ApiDocServletFilter extends OncePerRequestFilter {
+
+	private final PolarisContractProperties polarisContractProperties;
+
+	public ApiDocServletFilter(PolarisContractProperties polarisContractProperties) {
+		this.polarisContractProperties = polarisContractProperties;
+	}
+
+	@Override
+	public void doFilterInternal(@NonNull HttpServletRequest httpServletRequest,
+			@NonNull HttpServletResponse httpServletResponse, @NonNull FilterChain filterChain)
+			throws ServletException, IOException {
+		if (!polarisContractProperties.isExposure()) {
+			String path = httpServletRequest.getServletPath();
+			if (path.startsWith(SWAGGER_V2_API_DOC_URL) ||
+					path.startsWith(SWAGGER_V3_API_DOC_URL) ||
+					path.startsWith(SWAGGER_UI_V2_URL) ||
+					path.startsWith(SWAGGER_UI_V3_URL) ||
+					path.startsWith(SWAGGER_RESOURCE_PREFIX) ||
+					path.startsWith(SWAGGER_WEBJARS_V2_PREFIX) ||
+					path.startsWith(SWAGGER_WEBJARS_V3_PREFIX)) {
+				httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
+				return;
+			}
+		}
+		filterChain.doFilter(httpServletRequest, httpServletResponse);
+	}
+}
+

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/filter/ApiDocWebFluxFilter.java

@@ -0,0 +1,71 @@
+/*
+ * Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ * Licensed under the BSD 3-Clause License (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.cloud.polaris.contract.filter;
+
+
+import com.tencent.cloud.polaris.contract.config.PolarisContractProperties;
+import reactor.core.publisher.Mono;
+
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_RESOURCE_PREFIX;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_UI_V2_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_UI_V3_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_V2_API_DOC_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_V3_API_DOC_URL;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_WEBJARS_V2_PREFIX;
+import static com.tencent.cloud.polaris.contract.filter.FilterConstant.SWAGGER_WEBJARS_V3_PREFIX;
+
+/**
+ * Filter to disable api doc controller.
+ *
+ * @author Haotian Zhang
+ */
+public class ApiDocWebFluxFilter implements WebFilter {
+	private final PolarisContractProperties polarisContractProperties;
+
+	public ApiDocWebFluxFilter(PolarisContractProperties polarisContractProperties) {
+		this.polarisContractProperties = polarisContractProperties;
+	}
+
+	@Override
+	public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
+		if (!polarisContractProperties.isExposure()) {
+			String path = serverWebExchange.getRequest().getURI().getPath();
+			if (path.startsWith(SWAGGER_V2_API_DOC_URL) ||
+					path.startsWith(SWAGGER_V3_API_DOC_URL) ||
+					path.startsWith(SWAGGER_UI_V2_URL) ||
+					path.startsWith(SWAGGER_UI_V3_URL) ||
+					path.startsWith(SWAGGER_RESOURCE_PREFIX) ||
+					path.startsWith(SWAGGER_WEBJARS_V2_PREFIX) ||
+					path.startsWith(SWAGGER_WEBJARS_V3_PREFIX)) {
+				ServerHttpResponse response = serverWebExchange.getResponse();
+				response.setRawStatusCode(HttpStatus.FORBIDDEN.value());
+				DataBuffer dataBuffer = response.bufferFactory().allocateBuffer();
+				return response.writeWith(Mono.just(dataBuffer));
+			}
+		}
+		return webFilterChain.filter(serverWebExchange);
+	}
+}
+

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/filter/FilterConstant.java

@@ -0,0 +1,64 @@
+/*
+ * Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ * Licensed under the BSD 3-Clause License (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.cloud.polaris.contract.filter;
+
+/**
+ * Constant for filter.
+ *
+ * @author Haotian Zhang
+ */
+public final class FilterConstant {
+
+	/**
+	 * Swagger api doc V2 url.
+	 */
+	public static final String SWAGGER_V2_API_DOC_URL = "/v2/api-docs";
+
+	/**
+	 * Swagger api doc V3 url.
+	 */
+	public static final String SWAGGER_V3_API_DOC_URL = "/v3/api-docs";
+
+	/**
+	 * Swagger UI V2 url.
+	 */
+	public static final String SWAGGER_UI_V2_URL = "/swagger-ui.html";
+
+	/**
+	 * Swagger UI V3 url.
+	 */
+	public static final String SWAGGER_UI_V3_URL = "/swagger-ui/index.html";
+
+	/**
+	 * Swagger resource url prefix.
+	 */
+	public static final String SWAGGER_RESOURCE_PREFIX = "/swagger-resource/";
+
+	/**
+	 * Swagger webjars V2 url prefix.
+	 */
+	public static final String SWAGGER_WEBJARS_V2_PREFIX = "/webjars/springfox-swagger-ui/";
+
+	/**
+	 * Swagger webjars V3 url prefix.
+	 */
+	public static final String SWAGGER_WEBJARS_V3_PREFIX = "/webjars/swagger-ui/";
+
+	private FilterConstant() {
+	}
+}

spring-cloud-starter-tencent-polaris-contract/src/main/java/com/tencent/cloud/polaris/contract/utils/PackageUtil.java

@@ -48,7 +48,6 @@ public final class PackageUtil {
 
 	private static final String SPLITTER = ",";
 
-
 	private PackageUtil() {
 	}
 

spring-cloud-starter-tencent-polaris-contract/src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -0,0 +1,40 @@
+{
+  "properties": [
+    {
+      "name": "spring.cloud.polaris.contract.enabled",
+      "type": "java.lang.Boolean",
+      "defaultValue": true,
+      "description": "Enable polaris record contract or not."
+    },
+    {
+      "name": "spring.cloud.polaris.contract.basePackage",
+      "type": "java.lang.String",
+      "defaultValue": "",
+      "description": "Packages to be scanned. Split by \",\"."
+    },
+    {
+      "name": "spring.cloud.polaris.contract.excludePath",
+      "type": "java.lang.String",
+      "defaultValue": "",
+      "description": "Paths to be excluded. Split by \",\"."
+    },
+    {
+      "name": "spring.cloud.polaris.contract.group",
+      "type": "java.lang.String",
+      "defaultValue": "default",
+      "description": "Group to create swagger docket."
+    },
+    {
+      "name": "spring.cloud.polaris.contract.basePath",
+      "type": "java.lang.String",
+      "defaultValue": "/**",
+      "description": "Base paths to be scanned. Split by \",\"."
+    },
+    {
+      "name": "spring.cloud.polaris.contract.exposure",
+      "type": "java.lang.Boolean",
+      "defaultValue": "true",
+      "description": "Enable polaris contract exposure or not."
+    }
+  ]
+}

spring-cloud-tencent-examples/polaris-discovery-example/discovery-callee-service/pom.xml

@@ -19,10 +19,10 @@
 			<artifactId>spring-boot-starter-webflux</artifactId>
 		</dependency>
 
-		<!--		<dependency>-->
-		<!--			<groupId>org.springframework.boot</groupId>-->
-		<!--			<artifactId>spring-boot-starter-web</artifactId>-->
-		<!--		</dependency>-->
+		<dependency>
+			<groupId>com.tencent.cloud</groupId>
+			<artifactId>spring-cloud-starter-tencent-polaris-contract</artifactId>
+		</dependency>
 
 		<dependency>
 			<groupId>com.tencent.cloud</groupId>

spring-cloud-tencent-examples/polaris-discovery-example/discovery-callee-service/src/main/resources/bootstrap.yml

@@ -11,6 +11,8 @@ spring:
       discovery:
         enabled: true
         register: true
+      contract:
+        exposure: true
       stat:
         enabled: true
         port: 28082

spring-cloud-tencent-examples/polaris-discovery-example/discovery-caller-service/src/main/resources/bootstrap.yml

@@ -22,6 +22,8 @@ spring:
         heartbeat:
           enabled: true
         health-check-url: /discovery/service/caller/healthCheck
+      contract:
+        exposure: true
       stat:
         enabled: true
         port: 28081