SecurityDefinition Use in Java Code

[Bryan Nelson]

Greetings,

I'm working on a JAX-RS rest-based Java application in which I currently have Swagger working using Java annotations.  I'm trying to get some authorization working using the ApiKey approach.  I have an annotation in one of my operations that looks like this:

@ApiOperation(value = "Retrieves information",

authorizations = {

@Authorization(value = "specificKey")}) 

@ApiResponses(value = {

@ApiResponse(code = 404, message = "Events not found") })

        public Response getInfo(...) {

            // code

        }

My question is surrounding how I set up the overall Security Definition in my swagger json.  I haven't been able to find a full example of how this is accomplished.  It seems like this could be done with an @SwaggerDefinition annotation or by perhaps by using a Swagger object itself.  However, I'm unsure if either of this is the correct approach, and if so where should I put one of them given my current setup which uses a BeanConfig in my extended javax.ws.rs.core.Application class.  

Any help or examples would be very much appreciated.

Thanks for your time!

bryan

[Arthur De Magalhaes]

Hey,  

In this example (https://github.com/microservices-api/java-rest-user) I used a swagger snippet to define the security definition (https://github.com/microservices-api/java-rest-user/blob/master/swagger-sample-application/src/main/webapp/META-INF/stub/swagger.yaml), and then I could reference that from my Java class (https://github.com/microservices-api/java-rest-user/blob/master/swagger-sample-application/src/main/java/microservices/api/user/jaxrs/ProfileResource.java).

The snippet is merged with my annotations, when running on WebSphere Liberty with the apiDiscovery-1.0 feature enabled.