📚 Spring Boot(Kotlin) Server Setup — Series Overview
- Why Multi-Module Architecture? (Architecture Philosophy & System Design)
- API Response Format Design
- Global Exception Handling (GlobalExceptionHandler)
- Swagger(OpenAPI) Configuration ← You are here
- Security(JWT) Core Structure
- JWT TokenProvider
- Redis Configuration
- Validation Setup
- Logging + MDC(traceId)
- application.yml Profile Separation (local/dev/prod)
- Multi-Module + JPA Base Structure
- Final Project Template git share
📌 Why Do We Need Swagger(OpenAPI)?
When developing a backend API server, we face some common challenges:
- Do we need to manually explain request/response structures every time?
- How do we easily test APIs that require JWT authentication?
The most widely used solution to these problems is Swagger(OpenAPI). It provides automatically generated API documentation and allows you to test APIs directly from the browser.
📌 Why Is SwaggerConfig Placed in the API Module?
Swagger belongs to the API layer, which is responsible for external interaction.
- API Module: controllers, request/response models, Swagger, exception handling
Therefore, Swagger configuration naturally belongs in the API module, where external clients access and browse the API list.
📌 Required Dependency
implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0")
✔ Access via /swagger-ui.html or /swagger-ui/index.html
📌 Full SwaggerConfig Code
Project name has been changed to Example API for demonstration.
@Configuration
class SwaggerConfig {
@Bean
fun openApi(): OpenAPI {
return OpenAPI()
.info(apiInfo())
.servers(listOf(Server().url("/")))
.components(components())
.addSecurityItem(SecurityRequirement().addList("access-token"))
}
private fun apiInfo(): Info {
return Info()
.title("Example API")
.description("Example API Documentation")
.version("v1")
}
private fun components(): Components {
val securityScheme = SecurityScheme()
.type(SecurityScheme.Type.HTTP)
.scheme("bearer")
.bearerFormat("JWT")
.`in`(SecurityScheme.In.HEADER)
.name("Authorization")
return Components().addSecuritySchemes("access-token", securityScheme)
}
}
📌 Code Breakdown
1️⃣ @Configuration + @Bean
2️⃣ OpenAPI().info(apiInfo())
3️⃣ .servers(listOf(Server().url("/")))
4️⃣ JWT SecurityScheme
SecurityScheme()
.type(HTTP)
.scheme("bearer")
.bearerFormat("JWT")
5️⃣ .addSecurityItem(SecurityRequirement())
📌 Using JWT Inside Swagger
This server uses JWT-based authentication. Swagger supports this seamlessly.
✔ Bearer token format enforced
✔ Makes testing secure APIs extremely convenient
JWT internals will be explored more deeply in upcoming chapters (Security → JWT TokenProvider).
📌 Swagger URL
http://localhost:8080/swagger-ui/index.html
📌 Conclusion
✔ Automated API documentation
✔ Improved team collaboration
✔ Easier API testing
✔ Built-in JWT support
✔ Perfectly aligned with API module responsibilities
📌 Next Episode
Episode 5 — Security(JWT) Core Structure
We’ll explore the baseline structure for JWT-based authentication.
https://jaemoi8.tistory.com/37
Spring Boot (Kotlin) — ep.5 Building the Core Security Architecture with JWT in Spring Boot
📚 Spring Boot(Kotlin) Server Basic Setup — Series GuideWhy Multi-Module Architecture? (Architecture Philosophy & Overall Design)API Response Format DesignGlobal Exception Handling (GlobalExceptionHandler)Swagger(OpenAPI) ConfigurationSecurity (JWT) Co
jaemoi8.tistory.com
