Is there a way to make Restlet Swagger extension limit the API it shows?

问题

There are paths in the API we have that should not be explosed (just yet), what is the strategy to make sure that at least only specific org.restlet.routing.Router will be exposed? As we have many Routers in the Application.

回答1:

This isn't possible out of the box. The easier way to do that is IMO to patch the extension org.restlet.extension.swagger:

Update the method getSwagger of the class SwaggerSpecificationRestlet to allow to update introspected definition filtering, as described below:

public Representation getSwagger() {
    Definition definition = getDefinition();
    // The method to add for filtering the instropected structure
    filterDefinition(definition);
    Swagger swagger = Swagger2Translator.getSwagger(definition);
    (...)
}

protected void filterDefinition(Definition definition) {
}

In your application, configure this class by overriding the method getSwaggerSpecificationRestlet:

public SwaggerSpecificationRestlet getSwaggerSpecificationRestlet(
                 Context context) {
    SwaggerSpecificationRestlet result
               = new SwaggerSpecificationRestlet(this) {
        protected void filterDefinition(Definition definition) {
            (...)
        }
    };
    result.setApiInboundRoot(this);
    return result;
}

Here is a sample of the method filterDefinition:

private Definition filterDefinition(Definition definition) {
    List<Resource> resourcesToRemove = new ArrayList<>();
    Contract contract = definition.getContract();
    for (Resource resource : contract.getResources()) {
        resourcesToRemove.add(resource);
    }

    for (Resource resource : resourcesToRemove) {
        contract.getResources().remove(resource);
    }

    return definition;
}

Hope it helps you, Thierry

来源：https://stackoverflow.com/questions/29342625/is-there-a-way-to-make-restlet-swagger-extension-limit-the-api-it-shows

标签

java

google-app-engine

restlet

swagger