javamavensecurityopenapi-generator-maven-pluginstoplight

openapi generator unauthorized 401 via $ref url in yaml

Here is my problem: I am working on a Stoplight project for a specific use case and want to utilize one of the shared models in Stoplight, such as Model_1. When I added Model_1, this line was added to my YAML project:

title: Myapi
x-stoplight:
  type: object
  x-internal: false
  properties:
    id:
      type: string
      x-stoplight:
        id: env6e1e1evebr
      readOnly: true
    model2:
      $ref: 'https://path/common/models/Model_1.v1.yaml?deref=bundle'

When I run the build to generate code using the openapi-generator-maven-plugin, I encounter the following error:

[ERROR] unable to read javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alert.createSSLException (Alert.java:131)

After that I tried to use path to raw data in the repo of the model I need


  model2:    $ref: 'https://path/ccommon/models/Model_1.v1.yaml#master'
Or using the credential
model2:    $ref: 'https://${AR_USER}:${AR_PASSWORD}path/ccommon/models/Model_1.v1.yaml#master'

However, I still encounter the security error, regardless of whether I pass the credentials or not.

-[ERROR] unable to readjava.io.IOException: Server returned HTTP response code: 401 for URL: https://path/ccommon/models/Model_1.v1.yaml#master at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0 (Native Method) at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance (NativeConstructorAccessorImpl.java:77) at jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance (DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstanceWithCaller (Constructor.java:500) at java.lang.reflect.Constructor.newInstance (Constructor.java:481)

here my configuration plugin of openapi

<plugin>
    <groupId>org.openapitools</groupId>
    <artifactId>openapi-generator-maven-plugin</artifactId>
    <version>7.10.0</version>
    <configuration>
        <!-- https://github.com/OpenAPITools/openapi-generator/blob/master/docs/generators/jaxrs-spec.md -->
        <generatorName>jaxrs-spec</generatorName>
        <generateApiTests>false</generateApiTests>
        <inputSpec>${project.basedir}/reference/myApi.yaml</inputSpec>
        <modelPackage>package.dto</modelPackage>
        <configOptions>
            <sourceFolder>src</sourceFolder>
            <apiPackage>path.api</apiPackage>
            <useTags>true</useTags>
            <dateLibrary>java8-localdatetime</dateLibrary>
            <interfaceOnly>true</interfaceOnly>
            <returnResponse>true</returnResponse>
            <generateBuilders>true</generateBuilders>
            <serializableModel>true</serializableModel>
            <useJakartaEe>true</useJakartaEe>
        </configOptions>
    </configuration>
    <executions>
        <execution>
            <id>generate-api</id>
            <goals>
                <goal>generate</goal>
            </goals>
        </execution>
    </executions>
</plugin>

How can I pass the token or credentials to access the shared model, or is there an alternative way to resolve this issue to avoid duplication of the model

Solution

  • The solution I found to resolve the problem of unauthorize,

    I modify the openapi-generator-maven-plugin configuration by adding an tag, where I pass the credentials in the base64-encoded format. This should allow the plugin to authenticate with the server hosting the shared model.

    1. Base64 Encode the Credentials:
    echo -n "your-username:your-password" | base64

    This will output a string that looks something like this:

      dXNlcm5hbWU6cGFzc3dvcmQ=
    1. Update the OpenAPI Plugin Configuration: Now that you have the base64-encoded credentials, update your plugin configuration by adding the section. This section will set the Authorization header for the HTTP request used by the openapi-generator-maven-plugin.

    Here’s how you can modify your pom.xml:

      <plugin>
    <groupId>org.openapitools</groupId>
    <artifactId>openapi-generator-maven-plugin</artifactId>
    <version>7.10.0</version>
    <configuration>
        <!-- https://github.com/OpenAPITools/openapi-generator/blob/master/docs/generators/jaxrs-spec.md -->
        <generatorName>jaxrs-spec</generatorName>
        <generateApiTests>false</generateApiTests>
        <inputSpec>${project.basedir}/reference/myApi.yaml</inputSpec>
        <modelPackage>package.dto</modelPackage>
        **<auth>Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=</auth>**
        <configOptions>
            <sourceFolder>src</sourceFolder>
            <apiPackage>path.api</apiPackage>
            <useTags>true</useTags>
            <dateLibrary>java8-localdatetime</dateLibrary>
            <interfaceOnly>true</interfaceOnly>
            <returnResponse>true</returnResponse>
            <generateBuilders>true</generateBuilders>
            <serializableModel>true</serializableModel>
            <useJakartaEe>true</useJakartaEe>
        </configOptions>
    </configuration>
    <executions>
        <execution>
            <id>generate-api</id>
            <goals>
                <goal>generate</goal>
            </goals>
        </execution>
    </executions>
</plugin>
    1. You should continue to reference the shared model using the $ref in your OpenAPI specification, just as you originally did. Ensure the $ref points to the repository URL instead of a bundle.

    Here’s an example of how it should look in your OpenAPI YAML:

    title: Myapi
x-stoplight:
  type: object
  x-internal: false
  properties:
    id:
      type: string
      x-stoplight:
        id: env6e1e1evebr
      readOnly: true
    model2:
      $ref: 'https://path/ccommon/models/Model_1.v1.yaml#master'