Micronaut (Gradle & Java) - Swagger Integration Views not accessible with security enabled

Question

Following the documentation over here - https://micronaut-projects.github.io/micronaut-openapi/latest/guide/index.html

I configured my build.gradle to include compile time tasks for swagger yaml generation as follows-

tasks.withType(JavaCompile){
options.fork = true
options.forkOptions.jvmArgs << '-Dmicronaut.openapi.views.spec=rapidoc.enabled=true,swagger-ui.enabled=true,swagger-ui.theme=flattop'
options.encoding = "UTF-8"
options.compilerArgs.add('-parameters')}

This is how my application.yaml looks like-

micronaut:
   application:
    name: email-api
   server:
    port: 5655
    cors:
     enabled: true
   security:
     enabled: true
     token:
      jwt:
       enabled: true
       generator:
        accessTokenExpiration: 86400
       signatures:
        secret:
          generator:
            secret: Test@2020-Ok-Letus-chageit-later
   router:
    static-resources:
     swagger:
      paths: classpath:META-INF/swagger
      mapping: /swagger/**
     swagger-ui:
      paths: classpath:META-INF/swagger/views/swagger-ui
      mapping: /swagger-ui/**

Like the doc said, I also annotated by Application.java as shown below-

import io.micronaut.runtime.Micronaut;
import io.swagger.v3.oas.annotations.OpenAPIDefinition;
import io.swagger.v3.oas.annotations.info.Contact;
import io.swagger.v3.oas.annotations.info.Info;
import io.swagger.v3.oas.annotations.info.License;

@OpenAPIDefinition(
    info = @Info(
            title = "Email Service",
            version = "0.0",
            description = "Email Service API",
            license = @License(name = "Apache 2.0", url = "https://foo.bar"),
            contact = @Contact(url = "https://gigantic-server.com", name = "Fred", email = "Fred@gigagantic-server.com")
    )
)
public class Application {

public static void main(String[] args) {
    Micronaut.run(Application.class);
 }
}

After doing all this, when I try to open http://localhost:5655/swagger/email-service-0.0.yaml it opens the generated open API spec yaml. However, if I try opening http://localhost:5655/swagger-ui/ , I get a 404. Note that if I set security as false everything working fine.

Can anyone help me with this problem?

Answer 1

I had the same issue but it works with following rule:

micronaut:
  security:
    enabled: true
    intercept-url-map:
      -
        pattern: /swagger-ui/**
        http-method: GET
        access:
          - isAnonymous() 

Just try it with two ** instead of one.

Answer 2

From the guide https://micronaut-projects.github.io/micronaut-security/latest/guide/

Not necessary to include the GET method

micronaut:
  security:
    enabled: true
    intercept-url-map:
      - pattern: /swagger-ui/**
        access:
          - isAnonymous()

Answer 3

you could use security rules on your swagger endpoint https://micronaut-projects.github.io/micronaut-security/latest/guide/#interceptUrlMap

like

micronaut:
  security:
    enabled: true
    intercept-url-map:
      -
        pattern: /swagger-ui/*
        access:
          - isAnonymous()