question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

HttpAuthenticationScheme - exception when name not given

See original GitHub issue

I am using SpringFox 3.0.0.

I encountered an exception when swagger-ui tried to call /v3/api-docs. After some time I found out that the reason is that I need to provide the name of the security scheme with new HttpAuthenticationBuilder().name("Authorization").scheme("Bearer").build();

SpringFox should throw better exception if required element is missing.

Exception:

java.lang.RuntimeException: Could not write JSON
        at springfox.documentation.spring.web.json.JsonSerializer.toJson(JsonSerializer.java:40) ~[springfox-spring-web-3.0.0.jar:3.0.0]
        at springfox.documentation.oas.web.OpenApiControllerWebMvc.getDocumentation(OpenApiControllerWebMvc.java:95) ~[springfox-oas-3.0.0.jar:3.0.0]
(...)
Caused by: com.fasterxml.jackson.databind.JsonMappingException: Null key for a Map not allowed in JSON (use a converting NullKeySerializer?) (through reference chain: io.swagger.v3.oas.models.OpenAPI["components"]->io.swagger.v3.oas.models.Components["securitySchemes"]->java.util.HashMap["null"])
        at com.fasterxml.jackson.databind.JsonMappingException.from(JsonMappingException.java:288) ~[jackson-databind-2.11.0.jar:2.11.0]
        at com.fasterxml.jackson.databind.SerializerProvider.mappingException(SerializerProvider.java:1337) ~[jackson-databind-2.11.0.jar:2.11.0]
        at com.fasterxml.jackson.databind.SerializerProvider.reportMappingProblem(SerializerProvider.java:1231) ~[jackson-databind-2.11.0.jar:2.11.0]
        at com.fasterxml.jackson.databind.ser.impl.FailingSerializer.serialize(FailingSerializer.java:35) ~[jackson-databind-2.11.0.jar:2.11.0]

My configuration:

@Configuration
public class SwaggerConfiguration {

    @Bean
    public Docket api () {
        return new Docket(DocumentationType.OAS_30)
                .select()
                .apis(RequestHandlerSelectors.any())
                .paths(PathSelectors.regex("/api.*"))
                .build()
                .securitySchemes(singletonList(securityScheme()))
                .securityContexts(singletonList(securityContext()));
    }

    private SecurityScheme securityScheme() {
        return new HttpAuthenticationBuilder().scheme("Bearer").build(); //name not set
    }

    private SecurityContext securityContext() {
        return SecurityContext.builder()
                .securityReferences(securityReferences())
                .build();
    }

    private List<SecurityReference> securityReferences() {
        return singletonList(
                new SecurityReference("Authorization", new AuthorizationScope[] {new AuthorizationScope("global", "global")}));
    }

}

Proposed solution: If name and type are always required, null-checks should be added in constructor of springfox.documentation.service.SecurityScheme abstract class.

  public SecurityScheme(
      String name,
      String type,
      String description,
      List<VendorExtension> extensions) {
    Objects.requireNonNull(name , "Security scheme name is required");
    Objects.requireNonNull(type, "Security scheme type is required");

    this.name = name;
    this.type = type;
    this.description = description;
    this.extensions.addAll(extensions);
  }

Issue Analytics

  • State:open
  • Created 3 years ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
Typraeurioncommented, Mar 10, 2021
  1. SpringFox needs better Javadoc documentation.
  2. https://springfox.github.io/springfox/javadoc/current/springfox/documentation/builders/HttpAuthenticationBuilder.html doesn’t show any “starting” builders, nor are any visible in the class (in version 3.0.0).
1reaction
okysuryadicommented, Dec 4, 2020

hello @dilipkrish, why does DocumentationType.SWAGGER_2 not support HttpAuthenticationScheme class? so, now I am using ApiKey class, will this case be fixed in version 3.0.1 as well?

Read more comments on GitHub >

github_iconTop Results From Across the Web

Cannot send Authorization Bearer Token using Springfox
A simple workaround is to type Bearer than paste the token after it. You will end up with a text box that contains:...
Read more >
Enum HTTPAuthenticationScheme - Oracle Help Center
static HTTPAuthenticationScheme, valueOf​(java.lang.String name). Returns the enum constant of this type with the specified name.
Read more >
draft-ietf-httpauth-basicauth-update-07
The 'Basic' HTTP Authentication Scheme (Internet-Draft, 2015) ... Provisions and are provided without warranty as described in the Simplified BSD License.
Read more >
Secure reverse proxy messages - IBM
An exception occurred while performing a WebSphere eXtreme Scale data replication operation: %s (0x38c5c79e) ... The server name supplied was not valid.
Read more >
PartitionManager (PicketLink Distribution 2.5.2.Final API)
Return the partition specified by the partition class and name. ... Throws: IdentityManagementException - if the default partition does not exists or any ......
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found