Adding basic auth to openapi.json file to enable security in auto-generated client with openapi-generator

Camunda 7 Topics Discussion & Questions
1

To whom it may help or suggest a better practice

Context:

  1. Using the camunda spring boot starter with rest engine

  2. Following the instructions in OpenAPI | docs.camunda.org to generate a rest client.

This two steps creates a camunda engine with rest services and a client project to consume the rest endpoints.

If you need to add basic auth to the rest-engine you can enable it adding

import javax.servlet.Filter;
import org.camunda.bpm.engine.rest.security.auth.ProcessEngineAuthenticationFilter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class CamundaSecurityFilter {


  @Bean
  public FilterRegistrationBean processEngineAuthenticationFilter() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setName("camunda-auth");
    registration.setFilter(getProcessEngineAuthenticationFilter());
    registration.addInitParameter("authentication-provider",
        "org.camunda.bpm.engine.rest.security.auth.impl.HttpBasicAuthenticationProvider");
    registration.addUrlPatterns("/engine-rest/*");
    return registration;
  }

  @Bean
  public Filter getProcessEngineAuthenticationFilter() {
    return new ProcessEngineAuthenticationFilter();
  }
}

Now if you try to use the generated client you can´t, because it doesn´t support basic auth. In my case i´ve solved this issue editing the openapi.json supplied here: openapi

Open the openapi.json and just after the “servers” element, add the following configuration:

"security": [
    {
      "basicAuth": [
      ]
    }
  ],

Also add this security schema just before the second } from the end of file (don´t forget the coma).

    ,"securitySchemes": {
      "basicAuth": {
        "type": "http",
        "scheme": "basic"
      }
    }

Sample image
image

Now you can generate again the client and basic auth will run.

ApiClient ac = new ApiClient().setBasePath(camundaBaseUri);
      ac.setUsername(userName);
      ac.setPassword(pass);
      apiMessage = new MessageApi(ac);

I wish it helps.
Camunda :rocket:

1 Like