feat(*): support oauth2 security configuration

Author: klieber

README.md

@@ -76,13 +76,54 @@ There are several other aspects you can optionally configure.  Here is the full
           <skip>false</skip>
           <format>JSON</format>
           <filename>openapi-2.0</filename>
+          <oauth2 />
         </configuration>
       </execution>
     </executions>
   </plugin>
 ```
 
-# Still in development
+### OAuth2 Configuration
+
+By default the plugin will not generate any security information.  You can optionally provide
+it using the `<oauth2 />` element.  Here is an example:
+
+```xml
+  <plugin>
+    <groupId>com.github.berkleytechnologyservices.restdocs-spec</groupId>
+    <artifactId>restdocs-spec-maven-plugin</artifactId>
+    <version>${restdocs-spec.version}</version>
+    <executions>
+      <execution>
+        <goals>
+          <goal>generate</goal>
+        </goals>
+        <configuration>
+          <oauth>
+            <tokenUrl>http://example.com/uaa/token</tokenUrl>
+            <authorizationUrl>http://example.com/uaa/authorize</authorizationUrl>
+            <flows>
+              <flow>accessCode</flow>
+              <flow>implicit</flow>
+            </flows>
+            <scopes>
+              <scope>
+                <name>read</name>
+                <description>Access to read operations.</description>
+              </scope>            
+              <scope>
+                <name>write</name>
+                <description>Access to write operations.</description>
+              </scope>
+            </scopes>
+          </oauth>
+        </configuration>
+      </execution>
+    </executions>
+  </plugin>
+```
+
+## Still in development
 
 * Support for additional specification formats is currently in development.  We plan to add 
   support for OpenAPI 3.0 and Postman Collections.

pom.xml

@@ -31,7 +31,7 @@
     <maven.compiler.target>1.8</maven.compiler.target>
     <maven.version>3.3.1</maven.version>
     <maven-plugin-tools.version>3.5.2</maven-plugin-tools.version>
-    <restdocs-openapi.version>0.2.5</restdocs-openapi.version>
+    <restdocs-openapi.version>0.2.8</restdocs-openapi.version>
     <junit.version>5.2.0</junit.version>
     <assertj.version>3.11.0</assertj.version>
     <mockito.version>2.21.0</mockito.version>

restdocs-spec-maven-plugin/src/it/default-settings/pom.xml

@@ -3,11 +3,11 @@
   xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
 
-  <groupId>com.berkleytechnologyservices.restdocs.it</groupId>
-  <artifactId>simple-it</artifactId>
+  <groupId>com.github.berkleytechnologyservices.restdocs-spec.it</groupId>
+  <artifactId>default-settings-it</artifactId>
   <version>1.0-SNAPSHOT</version>
 
-  <description>A simple IT verifying the basic use case.</description>
+  <description>Verify the default settings.</description>
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

restdocs-spec-maven-plugin/src/it/json-format/pom.xml

@@ -4,10 +4,10 @@
   <modelVersion>4.0.0</modelVersion>
 
   <groupId>com.berkleytechnologyservices.restdocs.it</groupId>
-  <artifactId>simple-it</artifactId>
+  <artifactId>json-format-it</artifactId>
   <version>1.0-SNAPSHOT</version>
 
-  <description>A simple IT verifying the basic use case.</description>
+  <description>Verify using json as the specification format.</description>
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -50,6 +50,24 @@
               <snippetsDirectory>${project.basedir}/snippets</snippetsDirectory>
               <filename>sample-api-spec</filename>
               <format>JSON</format>
+              <oauth2>
+                <tokenUrl>https://example.org/uaa/token</tokenUrl>
+                <authorizationUrl>https://example.org/uaa/authorize</authorizationUrl>
+                <flows>
+                  <flow>accessCode</flow>
+                  <flow>password</flow>
+                </flows>
+                <scopes>
+                  <scope>
+                    <name>write:cart</name>
+                    <description>Write cart to the database.</description>
+                  </scope>
+                  <scope>
+                    <name>read:cart</name>
+                    <description>Read cart from the database.</description>
+                  </scope>
+                </scopes>
+              </oauth2>
             </configuration>
           </execution>
         </executions>

restdocs-spec-maven-plugin/src/it/json-format/snippets/cart-get/resource.json

@@ -19,7 +19,12 @@
     "requestParameters" : [ ],
     "requestFields" : [ ],
     "example" : null,
-    "securityRequirements" : null
+    "securityRequirements" : {
+      "type": "OAUTH2",
+      "requiredScopes": [
+        "read:cart"
+      ]
+    }
   },
   "response" : {
     "status" : 200,

restdocs-spec-maven-plugin/src/it/json-format/snippets/carts-create/resource.json

@@ -13,7 +13,12 @@
     "requestParameters" : [ ],
     "requestFields" : [ ],
     "example" : null,
-    "securityRequirements" : null
+    "securityRequirements" : {
+      "type": "OAUTH2",
+      "requiredScopes": [
+        "write:cart"
+      ]
+    }
   },
   "response" : {
     "status" : 201,

restdocs-spec-maven-plugin/src/main/java/com/berkleytechnologyservices/restdocs/mojo/GenerateMojo.java

@@ -1,6 +1,7 @@
 package com.berkleytechnologyservices.restdocs.mojo;
 
 import com.berkleytechnologyservices.restdocs.spec.ApiDetails;
+import com.berkleytechnologyservices.restdocs.spec.AuthConfig;
 import com.berkleytechnologyservices.restdocs.spec.Specification;
 import com.berkleytechnologyservices.restdocs.spec.SpecificationFormat;
 import com.berkleytechnologyservices.restdocs.spec.generator.SpecificationGeneratorException;
@@ -100,6 +101,9 @@ public class GenerateMojo extends AbstractMojo {
   @Parameter
   private List<SpecificationOptions> specifications = Collections.emptyList();
 
+  @Parameter
+  private AuthConfig oauth2 = new AuthConfig();
+
   private final SnippetReader snippetReader;
   private final SpecificationGeneratorFactory specificationGeneratorFactory;
 
@@ -188,7 +192,8 @@ private ApiDetails createApiDetails(SpecificationOptions options) {
         .host(host)
         .basePath(basePath)
         .schemes(schemes)
-        .format(options.getFormat());
+        .format(options.getFormat())
+        .authConfig(oauth2);
   }
 
   private List<SpecificationOptions> getAllSpecificationOptions() {

restdocs-spec-maven-plugin/src/main/java/com/berkleytechnologyservices/restdocs/spec/ApiDetails.java

@@ -17,6 +17,7 @@ public class ApiDetails {
   private String basePath;
   private List<String> schemes;
   private SpecificationFormat format;
+  private AuthConfig authConfig;
 
   public ApiDetails() {
     this.name = DEFAULT_NAME;
@@ -25,6 +26,7 @@ public ApiDetails() {
     this.basePath = null;
     this.schemes = DEFAULT_SCHEMES;
     this.format = DEFAULT_FORMAT;
+    this.authConfig = new AuthConfig();
   }
 
   public String getName() {
@@ -80,4 +82,13 @@ public ApiDetails format(SpecificationFormat format) {
     this.format = format != null ? format : DEFAULT_FORMAT;
     return this;
   }
+
+  public AuthConfig getAuthConfig() {
+    return this.authConfig;
+  }
+
+  public ApiDetails authConfig(AuthConfig authConfig) {
+    this.authConfig = authConfig != null ? authConfig : new AuthConfig();
+    return this;
+  }
 }

restdocs-spec-maven-plugin/src/main/java/com/berkleytechnologyservices/restdocs/spec/AuthConfig.java

@@ -0,0 +1,49 @@
+package com.berkleytechnologyservices.restdocs.spec;
+
+import java.util.Collections;
+import java.util.List;
+
+public class AuthConfig {
+
+  private String tokenUrl;
+  private String authorizationUrl;
+  private List<String> flows;
+  private List<Scope> scopes;
+
+  public AuthConfig() {
+    this.flows = Collections.emptyList();
+    this.scopes = Collections.emptyList();
+  }
+
+  public String getTokenUrl() {
+    return tokenUrl;
+  }
+
+  public void setTokenUrl(String tokenUrl) {
+    this.tokenUrl = tokenUrl;
+  }
+
+  public String getAuthorizationUrl() {
+    return authorizationUrl;
+  }
+
+  public void setAuthorizationUrl(String authorizationUrl) {
+    this.authorizationUrl = authorizationUrl;
+  }
+
+  public List<String> getFlows() {
+    return flows;
+  }
+
+  public void setFlows(List<String> flows) {
+    this.flows = flows != null ? Collections.unmodifiableList(flows) : Collections.emptyList();
+  }
+
+  public List<Scope> getScopes() {
+    return scopes;
+  }
+
+  public void setScopes(List<Scope> scopes) {
+    this.scopes = scopes != null ? Collections.unmodifiableList(scopes) : Collections.emptyList();
+  }
+}

restdocs-spec-maven-plugin/src/main/java/com/berkleytechnologyservices/restdocs/spec/Scope.java

@@ -0,0 +1,23 @@
+package com.berkleytechnologyservices.restdocs.spec;
+
+public class Scope {
+
+  private String name;
+  private String description;
+
+  public String getName() {
+    return name;
+  }
+
+  public void setName(String name) {
+    this.name = name;
+  }
+
+  public String getDescription() {
+    return description;
+  }
+
+  public void setDescription(String description) {
+    this.description = description;
+  }
+}