springbootdemo: Gemini review cleanup — extract OpenAPI path constants, parameterize axis2 version, remove dead code

robertlazarski · claude · robertlazarski · commit 2b2246a8f5bd · 2026-04-05T16:29:14.000-10:00
- Extract PATH_OPENAPI_JSON/YAML/SWAGGER_UI constants in HTTPPostOnlyRejectionFilter and JWTAuthenticationFilter (both springbootdemo and tomcat11) to eliminate magic strings - Replace hardcoded 2.0.1-SNAPSHOT in antrun copy tasks with ${axis2.version} property - Delete dead OpenApiController.java — DispatcherServlet is not wired in this WAR deployment so @GetMapping handlers were never invoked; OpenApiServlet registered directly in Axis2WebAppInitializer handles these paths instead Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
diff --git a/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java b/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java
@@ -38,9 +38,13 @@
 import java.util.UUID;
 
 public class HTTPPostOnlyRejectionFilter extends OncePerRequestFilter {
- 
+
+    private static final String PATH_OPENAPI_JSON = "/openapi.json";
+    private static final String PATH_OPENAPI_YAML = "/openapi.yaml";
+    private static final String PATH_SWAGGER_UI = "/swagger-ui";
+
     private static Log logger = LogFactory.getLog(HTTPPostOnlyRejectionFilter.class);
-    
+
     private final RedirectStrategy redirectStrategy = new NoRedirectStrategy();
 
     public HTTPPostOnlyRejectionFilter() {
@@ -52,11 +56,11 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
         String uuid = UUID.randomUUID().toString();
         String logPrefix = "HTTPPostOnlyRejectionFilter.doFilterInternal , uuid: " + uuid + " , ";
-        
+
         logger.trace(logPrefix + "starting ... ");
-        
+
         String uri = request.getRequestURI();
-        boolean isOpenApiPath = uri.endsWith("/openapi.json") || uri.endsWith("/openapi.yaml") || uri.endsWith("/swagger-ui");
+        boolean isOpenApiPath = uri.endsWith(PATH_OPENAPI_JSON) || uri.endsWith(PATH_OPENAPI_YAML) || uri.endsWith(PATH_SWAGGER_UI);
         if (isOpenApiPath) {
             filterChain.doFilter(request, response);
             return;
diff --git a/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java b/modules/samples/userguide/src/userguide/springbootdemo-tomcat11/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java
@@ -39,7 +39,11 @@
 import org.owasp.esapi.Validator;
 
 public class JWTAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
-    
+
+    private static final String PATH_OPENAPI_JSON = "/openapi.json";
+    private static final String PATH_OPENAPI_YAML = "/openapi.yaml";
+    private static final String PATH_SWAGGER_UI = "/swagger-ui";
+
     @Autowired
     private WSSecUtils wssecutils;
 
@@ -56,7 +60,7 @@ public void setAuthenticationManager(AuthenticationManager authenticationManager
     @Override
     protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) {
         String uri = request.getRequestURI();
-        if (uri.endsWith("/openapi.json") || uri.endsWith("/openapi.yaml") || uri.endsWith("/swagger-ui")) {
+        if (uri.endsWith(PATH_OPENAPI_JSON) || uri.endsWith(PATH_OPENAPI_YAML) || uri.endsWith(PATH_SWAGGER_UI)) {
             return false; // OpenAPI documentation endpoints are public
         }
         return true;
diff --git a/modules/samples/userguide/src/userguide/springbootdemo/pom.xml b/modules/samples/userguide/src/userguide/springbootdemo/pom.xml
@@ -42,6 +42,7 @@
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <java.version>17</java.version>
         <spring-boot.version>3.4.3</spring-boot.version>
+        <axis2.version>2.0.1-SNAPSHOT</axis2.version>
     </properties>
 
     <dependencies>
@@ -372,8 +373,8 @@
                                 </copy>
                                 <!-- Create openapi module archive for WEB-INF/modules -->
                                 <mkdir dir="${project.build.directory}/deploy/axis2-json-api.war/WEB-INF/modules"/>
-                                <copy file="${settings.localRepository}/org/apache/axis2/axis2-openapi/2.0.1-SNAPSHOT/axis2-openapi-2.0.1-SNAPSHOT.jar"
-                                      tofile="${project.build.directory}/deploy/axis2-json-api.war/WEB-INF/modules/openapi-2.0.1-SNAPSHOT.mar"/>
+                                <copy file="${settings.localRepository}/org/apache/axis2/axis2-openapi/${axis2.version}/axis2-openapi-${axis2.version}.jar"
+                                      tofile="${project.build.directory}/deploy/axis2-json-api.war/WEB-INF/modules/openapi-${axis2.version}.mar"/>
                                 <unzip src="${project.build.directory}/axis2-json-api-0.0.1-SNAPSHOT.war" dest="${project.build.directory}/exploded"/>
                                 <jar jarfile="${project.build.directory}/exploded/WEB-INF/services/Login.aar">
                                     <metainf file="resources-axis2/login_resources/services.xml"/>
@@ -391,8 +392,8 @@
                                 </copy>
                                 <!-- Create openapi module archive for exploded WEB-INF/modules -->
                                 <mkdir dir="${project.build.directory}/exploded/WEB-INF/modules"/>
-                                <copy file="${settings.localRepository}/org/apache/axis2/axis2-openapi/2.0.1-SNAPSHOT/axis2-openapi-2.0.1-SNAPSHOT.jar"
-                                      tofile="${project.build.directory}/exploded/WEB-INF/modules/openapi-2.0.1-SNAPSHOT.mar"/>
+                                <copy file="${settings.localRepository}/org/apache/axis2/axis2-openapi/${axis2.version}/axis2-openapi-${axis2.version}.jar"
+                                      tofile="${project.build.directory}/exploded/WEB-INF/modules/openapi-${axis2.version}.mar"/>
                             </target>
                         </configuration>
                         <goals>
diff --git a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/configuration/OpenApiController.java b/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/configuration/OpenApiController.java
diff --git a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java b/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/HTTPPostOnlyRejectionFilter.java
@@ -38,9 +38,13 @@
 import java.util.UUID;
 
 public class HTTPPostOnlyRejectionFilter extends OncePerRequestFilter {
- 
+
+    private static final String PATH_OPENAPI_JSON = "/openapi.json";
+    private static final String PATH_OPENAPI_YAML = "/openapi.yaml";
+    private static final String PATH_SWAGGER_UI = "/swagger-ui";
+
     private static Log logger = LogFactory.getLog(HTTPPostOnlyRejectionFilter.class);
-    
+
     private final RedirectStrategy redirectStrategy = new NoRedirectStrategy();
 
     public HTTPPostOnlyRejectionFilter() {
@@ -52,11 +56,11 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
         String uuid = UUID.randomUUID().toString();
         String logPrefix = "HTTPPostOnlyRejectionFilter.doFilterInternal , uuid: " + uuid + " , ";
-        
+
         logger.trace(logPrefix + "starting ... ");
-        
+
         String uri = request.getRequestURI();
-        boolean isOpenApiPath = uri.endsWith("/openapi.json") || uri.endsWith("/openapi.yaml") || uri.endsWith("/swagger-ui");
+        boolean isOpenApiPath = uri.endsWith(PATH_OPENAPI_JSON) || uri.endsWith(PATH_OPENAPI_YAML) || uri.endsWith(PATH_SWAGGER_UI);
         if (isOpenApiPath) {
             filterChain.doFilter(request, response);
             return;
diff --git a/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java b/modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/JWTAuthenticationFilter.java
@@ -39,7 +39,11 @@
 import org.owasp.esapi.Validator;
 
 public class JWTAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
-    
+
+    private static final String PATH_OPENAPI_JSON = "/openapi.json";
+    private static final String PATH_OPENAPI_YAML = "/openapi.yaml";
+    private static final String PATH_SWAGGER_UI = "/swagger-ui";
+
     @Autowired
     private WSSecUtils wssecutils;
 
@@ -56,7 +60,7 @@ public void setAuthenticationManager(AuthenticationManager authenticationManager
     @Override
     protected boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) {
         String uri = request.getRequestURI();
-        if (uri.endsWith("/openapi.json") || uri.endsWith("/openapi.yaml") || uri.endsWith("/swagger-ui")) {
+        if (uri.endsWith(PATH_OPENAPI_JSON) || uri.endsWith(PATH_OPENAPI_YAML) || uri.endsWith(PATH_SWAGGER_UI)) {
             return false; // OpenAPI documentation endpoints are public
         }
         return true;
