Swagger support for the Google App Engine (GAE)?

[edouardmercier]

Hello.

First of all, congratulations for the good job on Restlet, and the new support for Swagger.

I've been trying to play with this new extension (org.restlet.gae:org.restlet.ext.swagger) through Restlet v2.3-SNAPSHOT. Here is a feedback regarding issues that I've been facing:

1. the POM references the javax.ws.rs:javax.ws.rs-api:2.0.0 which does not exist ; the one existing seems to be javax.ws.rs:javax.ws.rs-api:2.0: this makes the compilation tedious, and my work-around was to add directly the javax.ws.rs:javax.ws.rs-api:2.0 artefact directly in my project POM ;
2. the POM references the org.restlet.gae:org.restlet.lib.org.restlet.lib.org.eclipse.e4.core.contexts:jar:${lib-e4-version} artefact: the lib-e4-version property does not seem to be defined, which causes a compilation issue. My work-around was to use the Maven -Dlib-e4-version=0.12.RC1 command-line option ;
3. the document at http://restlet.com/learn/guide/2.3/extensions/swagger seems out-dated compared to the latest version of the source-code ;
4. I tried to declare a "SwaggerApplication" in my project, and ran it on a GAE development server and got the following exception stack trace:

[INFO] Avertissement: Exception or error caught by status service
[INFO] java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.sun.reflect.generics.reflectiveObjects")
[INFO]  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
[INFO]  at java.security.AccessController.checkPermission(AccessController.java:559)
[INFO]  at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
[INFO]  at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:429)
[INFO]  at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1529)
[INFO]  at java.lang.Class.checkPackageAccess(Class.java:2265)
[INFO]  at java.lang.Class.checkMemberAccess(Class.java:2245)
[INFO]  at java.lang.Class.getDeclaredFields(Class.java:1805)
[INFO]  at org.restlet.ext.swagger.internal.reflect.ReflectUtils.getAllDeclaredFields(ReflectUtils.java:59)
[INFO]  at org.restlet.ext.swagger.internal.info.RepresentationInfo.introspect(RepresentationInfo.java:117)
[INFO]  at org.restlet.ext.swagger.internal.reflect.Introspector.toDefinition(Introspector.java:682)
[INFO]  at org.restlet.ext.swagger.internal.reflect.Introspector.<init>(Introspector.java:841)
[INFO]  at org.restlet.ext.swagger.internal.reflect.Introspector.<init>(Introspector.java:828)
[INFO]  at org.restlet.ext.swagger.SwaggerSpecificationRestlet.getDefinition(SwaggerSpecificationRestlet.java:169)
[INFO]  at org.restlet.ext.swagger.SwaggerSpecificationRestlet.getResourceListing(SwaggerSpecificationRestlet.java:201)
[INFO]  at org.restlet.ext.swagger.SwaggerSpecificationRestlet.handle(SwaggerSpecificationRestlet.java:243)

Update: this exception occurs with the class sun.reflect.generics.reflectiveObjects.ParameterizedTypeImpl argument on line 59 of the ReflectUtils class. I've trying to understand why this happens…

It seems that the Restlet Swagger ReflectUtils class uses an introspection which is not compliant with Google App Engine. I'm surprised because I actually use the GAE flavor of Restlet, hence is this due to the fact that I run the code in a GAE development server? Could you confirm that this Restlet Swagger extension is supposed to be compliant with the GAE, please? If yes, do you also intend to support the JaxRsApplication restlets?

Thank you for your time and support. Regards,

Édouard

[kerbymart]

It seems this extension would not really work with GAE. There are quite many restrictions in the app engine environment. Let me know if you made this work I'm also curious about this.

[adpablos]

I have exactly the same problem.

I realize that Swagger only throws that exception when it has to (for some reason which i do not quite understand) access to my own Bean properties or methods.

Why am I saying this? because I've tried to run Swagger without problems when I had only one web service with Swagger annotations. This web service was:

@Override
@PUT
@Path("/leaseParkingSpace")
@ApiOperation(value = "PUT operation webService", notes = "Web service which makes a put operation.", response = String.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Correct response") })
public String webService(
        @ApiParam(value = "JSON input."}", required = true) @FormParam("json") String json) {

But when I added in the @ApiResponses the response property, indicating what was the response Bean, swagger returned me that exception.

it was the same service, but:

@Override
@PUT
@Path("/leaseParkingSpace")
@ApiOperation(value = "PUT operation webService", notes = "Web service which makes a put operation.", response = String.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Correct response", response=MyBea.class) })
public String webService(
        @ApiParam(value = "JSON input."}", required = true) @FormParam("json") String json) {

Is this a real compatibility problem between GAE and Swagger? If so, this bug will be fixed?

Thank you very much.

[quilicicf]

Hi @adpablos, could you please give us the structure of your MyBean class ?

The class it extends, the properties/methods it has/overrides...

[komasoftware]

The root cause for this issue is that the method java.lang.Class.getDeclaredFields is not whitelisted here : https://cloud.google.com/appengine/docs/java/jrewhitelist

Now would it be a reasonable solution to make deploying the Swagger extension for GAE a 2 phase process :

• before deploy -> run a program in a standard JVM to do introspection and save the representations
• at runtime on GAE -> read representations and display Swagger UI