Fix/#8

[Hgyeol]

📌 swagger 인가 작업 제외

---

📑 개요

swagger 인가 작업 제외

---

✅ 작업 내용

• swagger 인가 작업 제외
• swagger title 변경

---

🔗 관련 이슈

Close fix/#8

---

📌 체크리스트

• 코드 컨벤션을 지켰나요?
• 커밋 메시지 컨벤션을 지켰나요?
• 테스트를 완료했나요?

---

Summary by CodeRabbit

• New Features
  • Swagger UI를 인증 없이 접근할 수 있도록 공개 범위를 확장했습니다. 기존 공개 엔드포인트 목록에 Swagger UI 경로가 추가되어, API 탐색과 기본 테스트를 로그인 없이 이용할 수 있습니다.
• Documentation
  • API 문서 제목을 “Clue Swagger”로 업데이트했습니다. 설명과 버전 등 기타 메타데이터는 기존과 동일합니다.

[coderabbitai]

Walkthrough

보안 설정에서 Swagger UI 경로(/swagger-ui/**)를 공개 엔드포인트에 추가했고, Swagger 메타데이터의 제목을 "Clue Swagger"로 변경했습니다. 그 외 로직, 공개 API 시그니처, 제어 흐름의 구조적 변경은 없습니다.

Changes

Cohort / File(s)	Change Summary
글로벌 설정 업데이트 src/main/java/hello/cluebackend/global/config/SecurityConfig.java, src/main/java/hello/cluebackend/global/config/SwaggerConfig.java	SecurityConfig: permitAll 목록에 /swagger-ui/** 추가(기존 공개 엔드포인트 유지). 주석의 예시는 삭제됨. SwaggerConfig: Swagger Info 제목을 "CodeArena Swagger"에서 "Clue Swagger"로 변경. 기타 필드는 동일.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Client
  participant SecurityFilterChain as Security Filter
  participant Authz as Authorization
  participant SwaggerUI as Swagger UI Controller

  Client->>SecurityFilterChain: GET /swagger-ui/index.html
  SecurityFilterChain->>Authz: Check match against permitAll
  Authz-->>SecurityFilterChain: Matched (/swagger-ui/**) - allow
  SecurityFilterChain-->>SwaggerUI: Forward request
  SwaggerUI-->>Client: 200 OK (UI assets)
  Note over SecurityFilterChain,SwaggerUI: 신규 공개 경로 적용

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• Feat/#7 #52: 동일한 SwaggerConfig.java의 apiInfo() 제목/메타데이터 변경을 다루며, 본 변경과 직접적으로 연관됨.

Poem

깡총, 깡총—문 여는 발자국!
스웨거 문턱도 활짝 열렸지요 🗝️
제목은 새 옷—Clue라 부르면 되고,
토큰 없이도 문서 길 스르륵—
나는 토끼, 패치 노래 부르며 춤춰요 (\^_^\)

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/#8

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between dc17b2b and a9e49e4.

📒 Files selected for processing (2)

• src/main/java/hello/cluebackend/global/config/SecurityConfig.java (1 hunks)
• src/main/java/hello/cluebackend/global/config/SwaggerConfig.java (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

src/main/java/hello/cluebackend/global/config/SecurityConfig.java (1)

src/main/java/hello/cluebackend/global/config/CorsMvcConfig.java (1)

• Override (10-19)

🔇 Additional comments (1)

src/main/java/hello/cluebackend/global/config/SwaggerConfig.java (1)

21-21: Swagger 제목 변경 LGTM

브랜딩 목적의 문자열 교체만 이뤄졌고, 다른 동작에는 영향 없습니다.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Swagger UI만 허용하면 스펙(/v3/api-docs)이 401 — api-docs도 permitAll 필요

Swagger UI는 기본적으로 /v3/api-docs(및 /v3/api-docs/**)에서 스펙을 불러옵니다. 현재 /swagger-ui/**만 열어두면 UI는 뜨지만 스펙 호출이 401로 막혀 실제 화면에 API가 표시되지 않습니다. 아래처럼 "/v3/api-docs/**"(필요시 "/swagger-ui.html")도 함께 허용해 주세요.

-                        .requestMatchers("/", "/refresh-token", "/register", "/first-register", "/api/timetable/**", "/test", "/swagger-ui/**").permitAll()
+                        .requestMatchers("/", "/refresh-token", "/register", "/first-register", "/api/timetable/**", "/test",
+                                         "/swagger-ui/**", "/swagger-ui.html", "/v3/api-docs/**").permitAll()

스펙 경로를 springdoc.api-docs.path로 커스텀했다면 해당 경로로 치환이 필요합니다.

---

🏁 Script executed:

#!/bin/bash
rg -nP --color=never 'requestMatchers' -C3 src/main/java/hello/cluebackend/global/config/SecurityConfig.java || true
rg -n 'springdoc.api-docs.path' -n -g '*.properties' -g '*.yml' -g '*.yaml' || true

Length of output: 519

---

/v3/api-docs/** 및 /swagger-ui.html도 permitAll에 추가
SecurityConfig.java 117행의 .requestMatchers(..., "/swagger-ui/**").permitAll()에 /v3/api-docs/**와 필요 시 /swagger-ui.html을 추가해야 Swagger UI가 API 스펙을 정상 표시합니다.

- .requestMatchers("/", "/refresh-token", "/register", "/first-register", "/api/timetable/**", "/test", "/swagger-ui/**").permitAll()
+ .requestMatchers("/", "/refresh-token", "/register", "/first-register", "/api/timetable/**", "/test",
+                  "/swagger-ui/**", "/swagger-ui.html", "/v3/api-docs/**").permitAll()

(커스텀 springdoc.api-docs.path를 사용 중이라면 해당 값으로 /v3/api-docs/**를 대체해주세요.)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	.requestMatchers("/", "/refresh-token", "/register", "/first-register", "/api/timetable/**", "/test", "/swagger-ui/**").permitAll()
	.requestMatchers("/", "/refresh-token", "/register", "/first-register", "/api/timetable/**", "/test",
	"/swagger-ui/**", "/swagger-ui.html", "/v3/api-docs/**").permitAll()

🤖 Prompt for AI Agents

In src/main/java/hello/cluebackend/global/config/SecurityConfig.java around line
117, the requestMatchers permit list currently allows "/swagger-ui/**" but is
missing "/v3/api-docs/**" and optionally "/swagger-ui.html", so add
"/v3/api-docs/**" (or your custom springdoc.api-docs.path + "/**") and
"/swagger-ui.html" to the requestMatchers list to ensure Swagger UI and API docs
are served without authentication.