docs: enable refresh feature in swagger

Author: Kimcheolhui

src/idp/idp.service.ts

@@ -91,7 +91,7 @@ export class IdpService {
     const tokenResponse = await firstValueFrom(
       this.httpService
         .post<IdpJwtResponse>(
-          this.idpUrl + '/token',
+          this.idpUrl + '/oauth/token',
           {
             grant_type: 'refresh_token',
             refresh_token: refreshToken,

src/main.ts

@@ -4,6 +4,7 @@ import { ValidationPipe } from '@nestjs/common';
 
 import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger';
 import expressBasicAuth from 'express-basic-auth';
+import cookieParser from 'cookie-parser';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
@@ -17,6 +18,7 @@ async function bootstrap() {
       },
     }),
   );
+  app.use(cookieParser());
 
   app.useGlobalPipes(
     new ValidationPipe({
@@ -31,6 +33,20 @@ async function bootstrap() {
     )
     .setVersion('1.0')
     .addTag('Fint-it')
+    .addOAuth2({
+      type: 'oauth2',
+      flows: {
+        authorizationCode: {
+          authorizationUrl: `${process.env.IDP_WEB_URL}/authorize?prompt=consent`,
+          tokenUrl: `${process.env.IDP_URL}/oauth/token`,
+          scopes: {
+            openid: '',
+            profile: '',
+            offline_access: '',
+          },
+        },
+      },
+    })
     .addBearerAuth(
       {
         type: 'http',
@@ -40,13 +56,21 @@ async function bootstrap() {
       },
       'access-token',
     )
+    .addCookieAuth('refresh_token')
     .build();
 
   const document = SwaggerModule.createDocument(app, config);
 
   SwaggerModule.setup('api/docs', app, document, {
     swaggerOptions: {
+      oauth2RedirectUrl: `${process.env.IDP_CALLBACK_URL}`,
+      persistAuthorization: true,
       displayRequestDuration: true,
+      initOAuth: {
+        clientId: process.env.IDP_CLIENT_ID,
+        clientSecret: process.env.IDP_CLIENT_SECRET,
+        usePkceWithAuthorizationCodeGrant: true,
+      },
     },
   });
 

src/user/user.controller.ts

@@ -19,6 +19,8 @@ import { LoginCallbackDto } from './dto/req/callBack.dto';
 import { JwtTokenResDto } from './dto/res/jwtTokenRes.dto';
 import {
   ApiBearerAuth,
+  ApiCookieAuth,
+  ApiCreatedResponse,
   ApiInternalServerErrorResponse,
   ApiOkResponse,
   ApiOperation,
@@ -70,12 +72,21 @@ export class UserController {
     return { access_token };
   }
 
+  @ApiOperation({
+    summary: 'Refresh token',
+    description: 'Refresh the access token from idp',
+  })
+  @ApiCookieAuth('refresh_token')
+  @ApiCreatedResponse({ type: JwtTokenResDto, description: 'Return jwt token' })
+  @ApiUnauthorizedResponse({ description: 'Unauthorized' })
+  @ApiInternalServerErrorResponse({ description: 'Internal Server Error' })
   @Post('refresh')
   async refreshToken(
     @Req() req: Request,
     @Res({ passthrough: true }) res: Response,
   ): Promise<JwtTokenResDto> {
     const refreshToken = req.cookies['refresh_token'];
+
     if (!refreshToken) throw new UnauthorizedException();
 
     const { access_token, refresh_token } =