[type:feature] Add Swagger Import Functionality to ShenYu Admin (#6050)

* feature (admin) : add swagger import functionality with support for swagger 2.0 and openapi 3.0.

(cherry picked from commit 6cb0507)

* refactor(admin): Refactor Swagger-related code

- Add SwaggerVersion enum import in SwaggerDocParser
- Update test case descriptions in SwaggerImportServiceTest
- Move SwaggerVersion enum from the admin module to the common module

* refactor(admin): Optimize Swagger document parsing and import logic

- Refactor the property handling logic in SwaggerDocParser to improve code readability and efficiency
- Optimize HTTP request handling in SwaggerImportServiceImpl to enhance code flexibility
- Remove unnecessary static HttpUtils instances to reduce resource consumption
- Adjust code formatting and indentation to improve code cleanliness

* refactor(admin): Optimize Swagger import-related code

- Use Objects.isNull() instead of direct equality checks to enhance code readability and safety
- Improve the toString method of the SwaggerImportRequest class
- Remove unused imports and optimize parts of the code structure

* refactor(admin): Refactor Swagger document import functionality

- Extract base path method to support Swagger 2.0 and OpenAPI 3.0
- Optimize HTTP request handling, use Spring Bean to manage HttpUtils
- Improve log output, add document MD5 information
- Refactor code structure to enhance maintainability and testability

* feat(admin): Add URL security checks to prevent SSRF attacks

- Added UrlSecurityUtils utility class for URL security validation
- Integrated URL security checks into the Swagger import feature
- Implemented comprehensive validation for URL format, protocol, host, IP address, and port
- Effectively prevents SSRF (Server-Side Request Forgery) and other URL-based attacks

* feat(build): Update static resource version

- Update CSS file references in index.html
- Update JavaScript file references in index.html

* refactor(admin): Refactor Swagger import functionality and URL security utility class

- Optimized the code structure of the SwaggerImportServiceImpl class to improve code readability
- Refactored the UrlSecurityUtils class to enhance URL security check functionality
- Adjusted the exception handling method to make error messages clearer
- Removed unused import statements to streamline the code

---------

Co-authored-by: aias00 <[email protected]>

Author: guanzhenxing

shenyu-admin/src/main/java/org/apache/shenyu/admin/config/HttpUtilsConfiguration.java

@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shenyu.admin.config;
+
+import org.apache.shenyu.admin.utils.HttpUtils;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * HTTP utilities configuration.
+ */
+@Configuration
+public class HttpUtilsConfiguration {
+
+    /**
+     * Configure HttpUtils as a Spring Bean.
+     *
+     * @return HttpUtils instance
+     */
+    @Bean
+    @ConditionalOnMissingBean
+    public HttpUtils httpUtils() {
+        return new HttpUtils();
+    }
+} 

shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/SwaggerImportController.java

@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shenyu.admin.controller;
+
+import jakarta.validation.Valid;
+import org.apache.shenyu.admin.model.result.ShenyuAdminResult;
+import org.apache.shenyu.admin.model.dto.SwaggerImportRequest;
+import org.apache.shenyu.admin.service.SwaggerImportService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * Swagger Import Controller.
+ */
+@RestController
+@RequestMapping("/swagger")
+@Validated
+public class SwaggerImportController {
+
+    private static final Logger LOG = LoggerFactory.getLogger(SwaggerImportController.class);
+
+    private final SwaggerImportService swaggerImportService;
+
+    public SwaggerImportController(final SwaggerImportService swaggerImportService) {
+        this.swaggerImportService = swaggerImportService;
+    }
+
+    /**
+     * Import swagger documentation.
+     *
+     * @param request the swagger import request
+     * @return the result of swagger import
+     */
+    @PostMapping("/import")
+    public ShenyuAdminResult importSwagger(@Valid @RequestBody final SwaggerImportRequest request) {
+        LOG.info("Received Swagger import request: {}", request);
+
+        try {
+            String result = swaggerImportService.importSwagger(request);
+            return ShenyuAdminResult.success(result);
+
+        } catch (Exception e) {
+            LOG.error("Failed to import swagger document", e);
+
+            return ShenyuAdminResult.error("Import failed: " + e.getMessage());
+        }
+    }
+
+    /**
+     * Test connection to swagger URL.
+     *
+     * @param swaggerUrl the swagger URL to test
+     * @return the result of connection test
+     */
+    @PostMapping("/test-connection")
+    public ShenyuAdminResult testConnection(@RequestParam final String swaggerUrl) {
+        LOG.info("Testing Swagger URL connection: {}", swaggerUrl);
+
+        try {
+            boolean isConnected = swaggerImportService.testConnection(swaggerUrl);
+
+            return ShenyuAdminResult.success(isConnected ? "Connection successful" : "Connection failed");
+
+        } catch (Exception e) {
+            LOG.error("Failed to test connection", e);
+
+            return ShenyuAdminResult.error("Connection failed: " + e.getMessage());
+        }
+    }
+} 

shenyu-admin/src/main/java/org/apache/shenyu/admin/model/dto/SwaggerImportRequest.java

@@ -0,0 +1,70 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shenyu.admin.model.dto;
+
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Pattern;
+
+/**
+ * Swagger Import Request.
+ */
+public class SwaggerImportRequest {
+    
+    @NotBlank(message = "swagger URL cannot be empty")
+    @Pattern(regexp = "^https?://.*", message = "swagger URL must be a valid HTTP/HTTPS address")
+    private String swaggerUrl;
+    
+    @NotBlank(message = "project name cannot be empty")
+    private String projectName;
+    
+    private String projectDescription;
+    
+    public String getSwaggerUrl() {
+        return swaggerUrl;
+    }
+    
+    public void setSwaggerUrl(final String swaggerUrl) {
+        this.swaggerUrl = swaggerUrl;
+    }
+    
+    public String getProjectName() {
+        return projectName;
+    }
+    
+    public void setProjectName(final String projectName) {
+        this.projectName = projectName;
+    }
+    
+    public String getProjectDescription() {
+        return projectDescription;
+    }
+    
+    public void setProjectDescription(final String projectDescription) {
+        this.projectDescription = projectDescription;
+    }
+    
+    @Override
+    public String toString() {
+        return "SwaggerImportRequest{"
+                + "swaggerUrl='" + swaggerUrl + '\''
+                + ", projectName='" + projectName + '\''
+                + ", projectDescription='" + projectDescription + '\''
+                + '}';
+    }
+} 

shenyu-admin/src/main/java/org/apache/shenyu/admin/service/SwaggerImportService.java

@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shenyu.admin.service;
+
+import org.apache.shenyu.admin.model.dto.SwaggerImportRequest;
+
+/**
+ * Swagger Import Service.
+ */
+public interface SwaggerImportService {
+    
+    /**
+     * Import swagger documentation.
+     *
+     * @param request swagger import request
+     * @return import result message
+     */
+    String importSwagger(SwaggerImportRequest request);
+    
+    /**
+     * Test connection to swagger URL.
+     *
+     * @param swaggerUrl swagger URL to test
+     * @return true if connection is successful, false otherwise
+     */
+    boolean testConnection(String swaggerUrl);
+}