Swagger2配置Security授权认证全过程
Swagger2配置Security授权认证
- package com.ytm.yeb.config;
- import org.springframework.beans.factory.annotation.Value;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import springfox.documentation.builders.ApiInfoBuilder;
- import springfox.documentation.builders.PathSelectors;
- import springfox.documentation.builders.RequestHandlerSelectors;
- import springfox.documentation.service.*;
- import springfox.documentation.spi.DocumentationType;
- import springfox.documentation.spi.service.contexts.SecurityContext;
- import springfox.documentation.spring.web.plugins.Docket;
- import springfox.documentation.swagger2.annotations.EnableSwagger2;
- import Java.util.ArrayList;
- import java.util.List;
- /**
- * @author TongMing Yang
- * @since 2021/1/12
- */
- @EnableSwagger2
- @Configuration
- public class Swagger2Config {
- @Bean
- public Docket createRestApi() {
- return new Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo())
- // 是否开启
- .enable(true).select()
- // 扫描的路径包
- .apis(RequestHandlerSelectors.basePackage(“com.ytm.yeb.controller”))
- // 指定路径处理PathSelectors.any()代表所有的路径
- .paths(PathSelectors.any()).build()
- .pathMapping(“/”)
- .securitySchemes(securitySchemes())
- .securityContexts(securityContexts());
- }
- private List<ApiKey> securitySchemes() {
- List<ApiKey> apiKeyList= new ArrayList();
- apiKeyList.add(new ApiKey(“Authorization”, “Authorization”, “header”));
- return apiKeyList;
- }
- private List<SecurityContext> securityContexts() {
- List<SecurityContext> securityContexts=new ArrayList<>();
- securityContexts.add(
- SecurityContext.builder()
- .securityReferences(defaultAuth())
- .forPaths(PathSelectors.regex(“^(?!auth).*$”))
- .build());
- return securityContexts;
- }
- List<SecurityReference> defaultAuth() {
- AuthorizationScope authorizationScope = new AuthorizationScope(“global”, “AccessEverything”);
- AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
- authorizationScopes[0] = authorizationScope;
- List<SecurityReference> securityReferences=new ArrayList<>();
- securityReferences.add(new SecurityReference(“Authorization”, authorizationScopes));
- return securityReferences;
- }
- private ApiInfo apiInfo() {
- return new ApiInfoBuilder()
- .title(“云E办接口文档”)
- .description(“云E办接口文档”)
- .contact(new Contact(“yeb”, “http://localhost:8081/doc.html“, “ytm5021@163.com”))
- .version(“1.0”)
- .build();
- }
- }
Swagger2 3.0版本相关配置和坑
Swagger2 介绍
**网上介绍:**Swagger 是一个规范和完整的框架,用于生成、描述、调用和可视化 RESTful 风格的 Web 服务。
总体目标是使客户端和文件系统作为服务器以同样的速度来更新。文件的方法、参数和模型紧密集成到服务器端的代码,允许 API 来始终保持同步。Swagger 让部署管理和使用功能强大的 API 从未如此简单。
整合使用完整过程
1.引入依赖
- Swagger2 3.0由于新增了Starter 因此可以直接使用starter方式
- <!– https://mvnrepository.com/artifact/io.springfox/springfox-boot-starter –>
- <dependency>
- <groupId>io.springfox</groupId>
- <artifactId>springfox–boot–starter</artifactId>
- <version>3.0.0</version>
- </dependency>
- 在没有starter前 一般都是引入以下依赖 两个依赖的版本最好一致,避免出现冲突
- <!– <!– https://mvnrepository.com/artifact/io.springfox/springfox-swagger2 –>–>
- <!– <dependency>–>
- <!– <groupId>io.springfox</groupId>–>
- <!– <artifactId>springfox–swagger2</artifactId>–>
- <!– <version>3.0.0</version>–>
- <!– </dependency>–>
- <!– <dependency>–>
- <!– <groupId>io.springfox</groupId>–>
- <!– <artifactId>springfox–swagger–ui</artifactId>–>
- <!– <version>3.0.0</version>–>
- <!– </dependency>–>
tips:推荐使用idea的插件,方便查看依赖冲突:
2.拦截配置
- package com.deer.primer3.config;
- import lombok.extern.slf4j.Slf4j;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.web.servlet.config.annotation.*;
- /**
- * @author lujy
- * @version 1.0
- * @date 2021/2/2 12:36
- */
- @EnableWebMvc
- @Configuration
- @Slf4j
- public class CorsConfig implements WebMvcConfigurer {
- @Override
- public void addResourceHandlers(ResourceHandlerRegistry registry) {
- registry.addResourceHandler(“/swagger-ui/**”)
- .addResourceLocations(“classpath:/META-INF/resources/webjars/springfox-swagger-ui/”)
- .resourceChain(false);
- }
- @Override
- public void addViewControllers(ViewControllerRegistry registry) {
- registry.addViewController(“/swagger-ui/”)
- .setViewName(“forward:/swagger-ui/index.html”);
- }
- //这个是跨域配置 不需要的可以不配
- @Override
- public void addCorsMappings(CorsRegistry registry) {
- log.info(“跨域配置开启”);
- registry.addMapping(“/**”)
- .allowedOriginPatterns(“*”)
- .allowedMethods(“*”)
- .allowedHeaders(“*”)
- .allowCredentials(true)
- .maxAge(3600);
- }
- }
3.可选配置
- /**
- * @author lujy
- * @version 1.0
- * @date 2021/2/7 10:04
- */
- @Configuration
- @EnableOpenApi
- public class SwaggerConfig {
- @Bean
- public Docket createRestApi() {
- return new Docket(DocumentationType.OAS_30)
- .apiInfo(api())
- .select()
- .apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
- .paths(PathSelectors.any())
- .build();
- }
- private ApiInfo api() {
- return new ApiInfoBuilder()
- .title(“Swagger3接口文档”)
- .description(“文档描述”)
- .contact(new Contact(“lujy”, “#”, “18506239610@163.com”))
- .version(“1.0”)
- .build();
- }
- }
- new Docket(DocumentationType documentationType); 有参构造 参数 对应为 swagger版本
- .apiInfo(api()) return —>>>Docket ApiInfoBuilder()
- .select() —>>> return ApiSelectorBuilder
- ApiSelectorBuilder .apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
寻找Controller层请求处理的方法中有ApiOperation的注解(个人理解)
SpringSecurity 拦截放行
坑:
swagger 似乎 无法进行文件上传 测试多次 后台都报 空指针,用postman测试则没有影响
总结
以上为个人经验,希望能给大家一个参考,也希望大家多多支持我们。
发表评论