Spring OAuth2 Swagger 需要token验证登录信息解决方案

背景:

spring cloud + spring OAuth2  + swagger 的时候,接口需要权限才能访问

 

目标:

登录一次后,swagger 测试时自带身份信息

 

参考: https://cloud.tencent.com/developer/article/1493502

 

代码如下:

package org.jmcloud.upms.biz.config;

import io.swagger.annotations.ApiOperation;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiKey;
import springfox.documentation.service.AuthorizationScope;
import springfox.documentation.service.SecurityReference;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import java.util.ArrayList;
import java.util.List;
import static springfox.documentation.builders.PathSelectors.regex;

/**
 * @Title:
 * @Description:
 * @Reference: https://cloud.tencent.com/developer/article/1493502
 * @Author 胡俊敏(rober)
 * @DateTime 2020/12/22 16:12
 */
@Configuration
public class SwaggerAutoConfiguration {
    @Bean
    public Docket platformApi() {

        return new Docket(DocumentationType.SWAGGER_2)
                .forCodeGeneration(true)
                .select().apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
                .apis(RequestHandlerSelectors.any())
                .paths(regex("^.*(?<!error)$"))
                .build()
                .securitySchemes(securitySchemes())
                .securityContexts(securityContexts());


    }
    private List<ApiKey> securitySchemes() {
        List<ApiKey> apiKeyList= new ArrayList();
        //注意,这里应对应登录token鉴权对应的k-v
//        apiKeyList.add(new ApiKey("x-auth-token", "x-auth-token", "header"));

        apiKeyList.add(new ApiKey("Authorization", "Authorization", "header"));
        return apiKeyList;
    }

    private List<SecurityContext> securityContexts() {
        List<SecurityContext> securityContexts=new ArrayList<>();
        securityContexts.add(
                SecurityContext.builder()
                        .securityReferences(defaultAuth())
                        .forPaths(regex("^(?!auth).*$"))
                        .build());
        return securityContexts;
    }

    List<SecurityReference> defaultAuth() {
        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
        authorizationScopes[0] = authorizationScope;
        List<SecurityReference> securityReferences=new ArrayList<>();
        securityReferences.add(new SecurityReference("Authorization", authorizationScopes));
        return securityReferences;
    }

}

  

配置后,swagger 如下图:

 

 

 

 

 

 输入 token

 

 

 

 

 

 

 

 

 

 

 

 

 

已经正常访问了!

posted @ 2020-12-22 17:59  hujunmin  阅读(5572)  评论(2)    收藏  举报