chore: add security configuration into swagger (#21)

Co-authored-by: rick <LinuxSuRen@users.noreply.github.com>

Author: LinuxSuRen

pom.xml

@@ -47,12 +47,6 @@
 			<version>1.1.0</version>
         </dependency>
 
-		<dependency>
-			<groupId>org.springdoc</groupId>
-			<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
-			<version>2.2.0</version>
-		</dependency>
-
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-test</artifactId>

src/main/java/io/github/devopsws/demo/config/SpringdocConfig.java

@@ -0,0 +1,27 @@
+package io.github.devopsws.demo.config;
+
+import org.springframework.context.annotation.Configuration;
+
+import io.swagger.v3.oas.annotations.ExternalDocumentation;
+import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeIn;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
+import io.swagger.v3.oas.annotations.info.Info;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.security.SecurityScheme;
+
+@OpenAPIDefinition(info = @Info(title = "Demo Project for API Testing"),
+    externalDocs = @ExternalDocumentation(
+        description = "Read more from the offical document.",
+        url = "https://linuxsuren.github.io/api-testing/"
+    ),
+    security = {
+        @SecurityRequirement(name = "basicAuth")
+    })
+@Configuration
+@SecurityScheme(
+  type = SecuritySchemeType.HTTP,
+  in = SecuritySchemeIn.HEADER,
+  name = "basicAuth",
+  scheme = "basic")
+public class SpringdocConfig {}

src/main/java/io/github/devopsws/demo/config/WebSecurityConfig.java

@@ -21,7 +21,7 @@ public class WebSecurityConfig {
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http.authorizeHttpRequests((requests) -> requests
-                .requestMatchers("/health", "/v3/api-docs", "/graphql", "/graphiql").permitAll()
+                .requestMatchers("/health", "/v3/api-docs/**", "/swagger-ui/*", "/graphql", "/graphiql").permitAll()
                 .anyRequest().authenticated())
                 .httpBasic(withDefaults())
                 .csrf(AbstractHttpConfigurer::disable);