Add new OAuth2RequestInterceptor to remove deprecated open feign classes (#16011)

* Add new OAuth2RequestInterceptor to remove deprecated open feign classes

* Add override

* Add version

* Add older version

* Update docs

* Fix issue with multiple security schemes

* Move cli option to spring code gen

* Fix documentation options

* Remove resource folder

* Fix duplicate annotation

* Add an enable flag

* Remove generator setting

* Revert codgen changes

* Revert config generator changes

Author: MelleD

docs/generators/java-camel.md

@@ -77,6 +77,7 @@ These options may be applied as additional-properties (cli) or configOptions (pl
 |prependFormOrBodyParameters|Add form or body parameters to the beginning of the parameter list.| |false|
 |reactive|wrap responses in Mono/Flux Reactor types (spring-boot only)| |false|
 |requestMappingMode|Where to generate the class level @RequestMapping annotation.|<dl><dt>**api_interface**</dt><dd>Generate the @RequestMapping annotation on the generated Api Interface.</dd><dt>**controller**</dt><dd>Generate the @RequestMapping annotation on the generated Api Controller Implementation.</dd><dt>**none**</dt><dd>Do not add a class level @RequestMapping annotation.</dd></dl>|controller|
+|resourceFolder|resource folder for generated resources| |src/main/resources|
 |responseWrapper|wrap the responses in given type (Future, Callable, CompletableFuture,ListenableFuture, DeferredResult, RxObservable, RxSingle or fully qualified type)| |null|
 |returnSuccessCode|Generated server returns 2xx code| |false|
 |scmConnection|SCM connection in generated pom.xml| |scm:git:git@github.com:openapitools/openapi-generator.git|

docs/generators/spring.md

@@ -70,6 +70,7 @@ These options may be applied as additional-properties (cli) or configOptions (pl
 |prependFormOrBodyParameters|Add form or body parameters to the beginning of the parameter list.| |false|
 |reactive|wrap responses in Mono/Flux Reactor types (spring-boot only)| |false|
 |requestMappingMode|Where to generate the class level @RequestMapping annotation.|<dl><dt>**api_interface**</dt><dd>Generate the @RequestMapping annotation on the generated Api Interface.</dd><dt>**controller**</dt><dd>Generate the @RequestMapping annotation on the generated Api Controller Implementation.</dd><dt>**none**</dt><dd>Do not add a class level @RequestMapping annotation.</dd></dl>|controller|
+|resourceFolder|resource folder for generated resources| |src/main/resources|
 |responseWrapper|wrap the responses in given type (Future, Callable, CompletableFuture,ListenableFuture, DeferredResult, RxObservable, RxSingle or fully qualified type)| |null|
 |returnSuccessCode|Generated server returns 2xx code| |false|
 |scmConnection|SCM connection in generated pom.xml| |scm:git:git@github.com:openapitools/openapi-generator.git|

modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/SpringCodegen.java

@@ -77,6 +77,7 @@ public class SpringCodegen extends AbstractJavaCodegen
         implements BeanValidationFeatures, PerformBeanValidationFeatures, OptionalFeatures, SwaggerUIFeatures {
     private final Logger LOGGER = LoggerFactory.getLogger(SpringCodegen.class);
 
+
     public static final String TITLE = "title";
     public static final String SERVER_PORT = "serverPort";
     public static final String CONFIG_PACKAGE = "configPackage";
@@ -90,6 +91,9 @@ public class SpringCodegen extends AbstractJavaCodegen
     public static final String SKIP_DEFAULT_INTERFACE = "skipDefaultInterface";
     public static final String GENERATE_CONSTRUCTOR_WITH_REQUIRED_ARGS = "generatedConstructorWithRequiredArgs";
 
+    public static final String RESOURCE_FOLDER = "resourceFolder";
+    public static final String RESOURCE_FOLDER_DESC = "resource folder for generated resources";
+
     public static final String ASYNC = "async";
     public static final String REACTIVE = "reactive";
     public static final String RESPONSE_WRAPPER = "responseWrapper";
@@ -131,6 +135,8 @@ public String getDescription() {
     protected String title = "OpenAPI Spring";
     protected String configPackage = "org.openapitools.configuration";
     protected String basePackage = "org.openapitools";
+    protected String resourceFolder = projectFolder + "/resources";
+
     protected boolean interfaceOnly = false;
     protected boolean useFeignClientUrl = true;
     protected boolean delegatePattern = false;
@@ -256,6 +262,7 @@ public SpringCodegen() {
         cliOptions.add(CliOption.newBoolean(GENERATE_CONSTRUCTOR_WITH_REQUIRED_ARGS,
             "Whether to generate constructors with required args for models",
             generatedConstructorWithRequiredArgs));
+        cliOptions.add(new CliOption(RESOURCE_FOLDER, RESOURCE_FOLDER_DESC).defaultValue(this.getResourceFolder()));
 
         supportedLibraries.put(SPRING_BOOT, "Spring-boot Server application.");
         supportedLibraries.put(SPRING_CLOUD_LIBRARY,
@@ -531,6 +538,11 @@ public void processOpts() {
         }
         writePropertyBack(USE_SPRING_BOOT3, isUseSpringBoot3());
 
+        if (additionalProperties.containsKey(RESOURCE_FOLDER)) {
+            this.setResourceFolder((String) additionalProperties.get(RESOURCE_FOLDER));
+        }
+        additionalProperties.put(RESOURCE_FOLDER, resourceFolder);
+
 
         typeMapping.put("file", "org.springframework.core.io.Resource");
         importMapping.put("org.springframework.core.io.Resource", "org.springframework.core.io.Resource");
@@ -575,9 +587,18 @@ public void processOpts() {
                         "RFC3339DateFormat.java"));
             }
             if (SPRING_CLOUD_LIBRARY.equals(library)) {
+
                 supportingFiles.add(new SupportingFile("apiKeyRequestInterceptor.mustache",
-                        (sourceFolder + File.separator + configPackage).replace(".", java.io.File.separator),
-                        "ApiKeyRequestInterceptor.java"));
+                      (sourceFolder + File.separator + configPackage).replace(".", java.io.File.separator),
+                      "ApiKeyRequestInterceptor.java"));
+
+                supportingFiles.add(new SupportingFile("oauth2ClientProperties.mustache",
+                      resourceFolder, "oauth2-client.properties"));
+
+                supportingFiles.add(new SupportingFile("clientPropertiesConfiguration.mustache",
+                      (sourceFolder + File.separator + configPackage).replace(".", java.io.File.separator),
+                      "ClientPropertiesConfiguration.java"));
+
                 supportingFiles.add(new SupportingFile("clientConfiguration.mustache",
                         (sourceFolder + File.separator + configPackage).replace(".", java.io.File.separator),
                         "ClientConfiguration.java"));
@@ -1349,6 +1370,14 @@ private String replaceBeanValidationCollectionType(CodegenProperty codegenProper
         return dataType.replace( "<", "<@Valid " );
     }
 
+    public void setResourceFolder( String resourceFolder ) {
+        this.resourceFolder = resourceFolder;
+    }
+
+    public String getResourceFolder() {
+        return resourceFolder;
+    }
+
 
     // This should prevent, that the response data types not contains a @Valid annotation.
     // However, the side effect is that attributes with response as name are also affected.

modules/openapi-generator/src/main/resources/JavaSpring/libraries/spring-cloud/clientConfiguration.mustache

@@ -3,49 +3,39 @@ package {{configPackage}};
 {{#authMethods}}
 {{#isBasicBasic}}
 import feign.auth.BasicAuthRequestInterceptor;
-{{/isBasicBasic}}
-{{#-first}}
+{{^hasApiKeyMethods}}
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-{{/-first}}
-{{#isOAuth}}
-import org.springframework.boot.context.properties.ConfigurationProperties;
-{{/isOAuth}}
+{{/hasApiKeyMethods}}
+{{/isBasicBasic}}
 {{/authMethods}}
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
-{{#authMethods}}
-{{#-first}}
+{{#hasAuthMethods}}
 import org.springframework.context.annotation.Bean;
-{{/-first}}
-{{/authMethods}}
+{{#hasApiKeyMethods}}
+import org.springframework.beans.factory.annotation.Value;
+{{/hasApiKeyMethods}}
+{{#hasOAuthMethods}}
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager;
+import org.springframework.security.oauth2.client.OAuth2AuthorizeRequest;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
+import org.springframework.security.core.authority.AuthorityUtils;
+import org.springframework.http.HttpHeaders;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+
+import feign.RequestInterceptor;
+import feign.RequestTemplate;
+
+{{/hasOAuthMethods}}
+{{/hasAuthMethods}}
 import org.springframework.context.annotation.Configuration;
-{{#authMethods}}
-{{#isOAuth}}
-{{#useSpringBoot3}}
-import org.springframework.cloud.security.oauth2.client.feign.OAuth2FeignRequestInterceptor;
-{{/useSpringBoot3}}
-{{^useSpringBoot3}}
-import org.springframework.cloud.openfeign.security.OAuth2FeignRequestInterceptor;
-{{/useSpringBoot3}}
-import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
-import org.springframework.security.oauth2.client.OAuth2ClientContext;
-{{#isApplication}}
-import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
-{{/isApplication}}
-{{#isCode}}
-import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
-{{/isCode}}
-{{#isImplicit}}
-import org.springframework.security.oauth2.client.token.grant.implicit.ImplicitResourceDetails;
-{{/isImplicit}}
-{{#isPassword}}
-import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails;
-{{/isPassword}}
-{{/isOAuth}}
-{{/authMethods}}
+
 
 @Configuration
-@EnableConfigurationProperties
 public class ClientConfiguration {
 
 {{#authMethods}}
@@ -75,63 +65,53 @@ public class ClientConfiguration {
 
     {{/isApiKey}}
     {{#isOAuth}}
-  @Bean
-  @ConditionalOnProperty("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}.client-id")
-  public OAuth2FeignRequestInterceptor {{{name}}}RequestInterceptor(OAuth2ClientContext oAuth2ClientContext) {
-    return new OAuth2FeignRequestInterceptor(oAuth2ClientContext, {{{name}}}ResourceDetails());
-  }
+  private static final String CLIENT_PRINCIPAL_{{#lambda.uppercase}}{{{flow}}}{{/lambda.uppercase}} = "oauth2FeignClient";
 
   @Bean
-  @ConditionalOnProperty("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}.client-id")
-  public OAuth2ClientContext oAuth2ClientContext() {
-    return new DefaultOAuth2ClientContext();
+  @ConditionalOnProperty( prefix = "spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}", name = "enabled", havingValue = "true" )
+  public OAuth2RequestInterceptor {{{flow}}}OAuth2RequestInterceptor(final OAuth2AuthorizedClientManager {{{flow}}}AuthorizedClientManager ) {
+     return new OAuth2RequestInterceptor(OAuth2AuthorizeRequest.withClientRegistrationId("{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}")
+            .principal( new AnonymousAuthenticationToken( CLIENT_PRINCIPAL_{{#lambda.uppercase}}{{{flow}}}{{/lambda.uppercase}}, CLIENT_PRINCIPAL_{{#lambda.uppercase}}{{{flow}}}{{/lambda.uppercase}}, AuthorityUtils.createAuthorityList( "ROLE_ANONYMOUS" ) ) )
+            .build(), {{{flow}}}AuthorizedClientManager );
   }
 
-        {{#isCode}}
   @Bean
-  @ConditionalOnProperty("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}.client-id")
-  @ConfigurationProperties("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}")
-  public AuthorizationCodeResourceDetails {{{name}}}ResourceDetails() {
-    AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
-    details.setAccessTokenUri("{{{tokenUrl}}}");
-    details.setUserAuthorizationUri("{{{authorizationUrl}}}");
-    return details;
+  @ConditionalOnProperty( prefix = "spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}", name = "enabled", havingValue = "true" )
+  public OAuth2AuthorizedClientManager {{{flow}}}AuthorizedClientManager(ClientRegistrationRepository clientRegistrationRepository,
+        OAuth2AuthorizedClientService authorizedClientService ) {
+    return new AuthorizedClientServiceOAuth2AuthorizedClientManager( clientRegistrationRepository, authorizedClientService );
   }
+    {{/isOAuth}}
+{{/authMethods}}
+{{#hasOAuthMethods}}
+  public static class OAuth2RequestInterceptor implements RequestInterceptor {
 
-        {{/isCode}}
-        {{#isPassword}}
-  @Bean
-  @ConditionalOnProperty("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}.client-id")
-  @ConfigurationProperties("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}")
-  public ResourceOwnerPasswordResourceDetails {{{name}}}ResourceDetails() {
-    ResourceOwnerPasswordResourceDetails details = new ResourceOwnerPasswordResourceDetails();
-    details.setAccessTokenUri("{{{tokenUrl}}}");
-    return details;
-  }
+    private final OAuth2AuthorizedClientManager oAuth2AuthorizedClientManager;
+    private final OAuth2AuthorizeRequest oAuth2AuthorizeRequest;
 
-        {{/isPassword}}
-        {{#isApplication}}
-  @Bean
-  @ConditionalOnProperty("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}.client-id")
-  @ConfigurationProperties("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}")
-  public ClientCredentialsResourceDetails {{{name}}}ResourceDetails() {
-    ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails();
-    details.setAccessTokenUri("{{{tokenUrl}}}");
-    return details;
-  }
+    public OAuth2RequestInterceptor(OAuth2AuthorizeRequest oAuth2AuthorizeRequest,OAuth2AuthorizedClientManager oAuth2AuthorizedClientManager){
+      this.oAuth2AuthorizeRequest = oAuth2AuthorizeRequest;
+      this.oAuth2AuthorizedClientManager = oAuth2AuthorizedClientManager;
+    }
 
-        {{/isApplication}}
-        {{#isImplicit}}
-  @Bean
-  @ConditionalOnProperty("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}.client-id")
-  @ConfigurationProperties("{{#lambda.lowercase}}{{{title}}}{{/lambda.lowercase}}.security.{{{name}}}")
-  public ImplicitResourceDetails {{{name}}}ResourceDetails() {
-    ImplicitResourceDetails details = new ImplicitResourceDetails();
-    details.setUserAuthorizationUri("{{{authorizationUrl}}}");
-    return details;
+    @Override
+    public void apply( final RequestTemplate template ) {
+      template.header( HttpHeaders.AUTHORIZATION, getBearerToken() );
+    }
+
+    public OAuth2AccessToken getAccessToken() {
+      final OAuth2AuthorizedClient authorizedClient = oAuth2AuthorizedClientManager.authorize(oAuth2AuthorizeRequest);
+      if (authorizedClient == null) {
+        throw new OAuth2AuthenticationException( "Client failed to authenticate");
+      }
+     return authorizedClient.getAccessToken();
+    }
+
+    public String getBearerToken() {
+      final OAuth2AccessToken accessToken = getAccessToken();
+      return String.format( "%s %s", accessToken.getTokenType().getValue(), accessToken.getTokenValue() );
+    }
   }
+{{/hasOAuthMethods}}
 
-        {{/isImplicit}}
-    {{/isOAuth}}
-{{/authMethods}}
 }

modules/openapi-generator/src/main/resources/JavaSpring/libraries/spring-cloud/clientPropertiesConfiguration.mustache

@@ -0,0 +1,18 @@
+package {{configPackage}};
+
+{{#authMethods}}
+    {{#isOAuth}}
+import org.springframework.context.annotation.PropertySource;
+    {{/isOAuth}}
+{{/authMethods}}
+import org.springframework.context.annotation.Configuration;
+
+{{#hasAuthMethods}}
+    {{#hasOAuthMethods}}
+@PropertySource( "classpath:/oauth2-client.properties" )
+    {{/hasOAuthMethods}}
+{{/hasAuthMethods}}
+@Configuration
+public class ClientPropertiesConfiguration {
+
+}

modules/openapi-generator/src/main/resources/JavaSpring/libraries/spring-cloud/oauth2ClientProperties.mustache

@@ -0,0 +1,25 @@
+{{#authMethods}}
+{{#isOAuth}}
+spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.enabled=false
+spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.client-id=set-{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}-client-id
+{{#scopes}}{{#-first}}spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.scopes={{/-first}}{{scope}}{{^-last}},{{/-last}}{{/scopes}}
+    {{#isCode}}
+spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.authorization-grant-type=authorization_code
+spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.redirect-uri=set-{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}-redirect-uri
+spring.security.oauth2.client.provider.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.token-uri={{{tokenUrl}}}
+spring.security.oauth2.client.provider.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.authorization-uri={{{authorizationUrl}}}
+    {{/isCode}}
+    {{#isPassword}}
+spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.authorization-grant-type=password
+spring.security.oauth2.client.provider.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.token-uri={{{tokenUrl}}}
+    {{/isPassword}}
+    {{#isApplication}}
+spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.authorization-grant-type=client_credentials
+spring.security.oauth2.client.provider.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.token-uri={{{tokenUrl}}}
+    {{/isApplication}}
+    {{#isImplicit}}
+spring.security.oauth2.client.registration.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.authorization-grant-type=implicit
+spring.security.oauth2.client.provider.{{{name}}}{{#lambda.pascalcase}}{{{flow}}}{{/lambda.pascalcase}}.authorization-uri={{{authorizationUrl}}}
+    {{/isImplicit}}
+{{/isOAuth}}
+{{/authMethods}}

modules/openapi-generator/src/main/resources/JavaSpring/libraries/spring-cloud/pom-sb3.mustache

@@ -92,10 +92,10 @@
             <artifactId>spring-cloud-starter-openfeign</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.springframework.cloud</groupId>
-            <artifactId>spring-cloud-starter-oauth2</artifactId>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-client</artifactId>
             {{^parentOverridden}}
-            <version>2.2.5.RELEASE</version>
+            <version>6.1.1</version>
             {{/parentOverridden}}
         </dependency>
         {{#withXml}}

modules/openapi-generator/src/main/resources/JavaSpring/libraries/spring-cloud/pom.mustache

@@ -108,10 +108,10 @@
             <artifactId>spring-cloud-starter-openfeign</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.springframework.cloud</groupId>
-            <artifactId>spring-cloud-starter-oauth2</artifactId>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-client</artifactId>
             {{^parentOverridden}}
-            <version>2.2.5.RELEASE</version>
+            <version>5.7.8</version>
             {{/parentOverridden}}
         </dependency>
         {{#withXml}}

samples/client/petstore/spring-cloud-date-time/pom.xml

@@ -52,9 +52,9 @@
             <artifactId>spring-cloud-starter-openfeign</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.springframework.cloud</groupId>
-            <artifactId>spring-cloud-starter-oauth2</artifactId>
-            <version>2.2.5.RELEASE</version>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-client</artifactId>
+            <version>5.7.8</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.datatype</groupId>