碼上歡樂
相關內容    簡體    繁體

Spring OAuth2 Swagger 需要token驗證登錄信息解決方案

本文轉載自   查看原文   2020-12-22 17:59   2489    java

背景:

spring cloud + spring OAuth2  + swagger 的時候,接口需要權限才能訪問

 

目標:

登錄一次后,swagger 測試時自帶身份信息

 

參考: https://cloud.tencent.com/developer/article/1493502

 

代碼如下:

package org.jmcloud.upms.biz.config;

import io.swagger.annotations.ApiOperation;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiKey;
import springfox.documentation.service.AuthorizationScope;
import springfox.documentation.service.SecurityReference;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import java.util.ArrayList;
import java.util.List;
import static springfox.documentation.builders.PathSelectors.regex;

/**
 * @Title:
 * @Description:
 * @Reference: https://cloud.tencent.com/developer/article/1493502
 * @Author 胡俊敏(rober)
 * @DateTime 2020/12/22 16:12
 */
@Configuration
public class SwaggerAutoConfiguration {
    @Bean
    public Docket platformApi() {

        return new Docket(DocumentationType.SWAGGER_2)
                .forCodeGeneration(true)
                .select().apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
                .apis(RequestHandlerSelectors.any())
                .paths(regex("^.*(?<!error)$"))
                .build()
                .securitySchemes(securitySchemes())
                .securityContexts(securityContexts());


    }
    private List<ApiKey> securitySchemes() {
        List<ApiKey> apiKeyList= new ArrayList();
        //注意,這里應對應登錄token鑒權對應的k-v
//        apiKeyList.add(new ApiKey("x-auth-token", "x-auth-token", "header"));

        apiKeyList.add(new ApiKey("Authorization", "Authorization", "header"));
        return apiKeyList;
    }

    private List<SecurityContext> securityContexts() {
        List<SecurityContext> securityContexts=new ArrayList<>();
        securityContexts.add(
                SecurityContext.builder()
                        .securityReferences(defaultAuth())
                        .forPaths(regex("^(?!auth).*$"))
                        .build());
        return securityContexts;
    }

    List<SecurityReference> defaultAuth() {
        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
        authorizationScopes[0] = authorizationScope;
        List<SecurityReference> securityReferences=new ArrayList<>();
        securityReferences.add(new SecurityReference("Authorization", authorizationScopes));
        return securityReferences;
    }

}

  

配置后,swagger 如下圖:

 

 

 

 

 

 輸入 token

 

 

 

 

 

 

 

 

 

 

 

 

 

已經正常訪問了!


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 基於OAuth2的跨網站統一登錄解決方案 Spring OAuth2 GitHub 自定義登錄信息 Spring Security OAuth2 之token 和 refresh token 基於Spring Security的AJAX請求需要登錄的解決方案 Spring Security OAuth2 token權限隔離 Spring Security Oauth2:RedisTokenStore之Token內容 Spring Security OAuth2 優雅的集成短信驗證碼登錄以及第三方登錄 Spring Security 實戰干貨:OAuth2登錄獲取Token的核心邏輯 spring cloud security oauth2單點登錄 Spring Security OAuth2:SSO單點登錄
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM