Header security authentication
1. OAS_30 way
The default access: http://localhost:8080/swagger-ui/index.html
1.1 pom depends on
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
<version>${springfox.verion}</version>
</dependency>
Copy the code
1.2 the resources
application.yml
spring:
swagger:
front:
groupName: The front desk management
basePackage: com.ecommerce.onion.application
title: Order Management AI
description: Process of order processing (security verification) using domain driven development approach
contactName: luds
contactUrl: https://juejin.cn/user/4327332666152279
contactEmail:
version: 1.0. 0
enable: true
back:
groupName: Background management
basePackage: com.ecommerce.onion.application
title: Order Management API
description: Use domain - driven development to process orders
contactName: luds
contactUrl: https://juejin.cn/user/4327332666152279
contactEmail:
version: 1.0. 0
enable: true
Copy the code
1.3 SwaggerProperties. Java
/** * Swagger attribute configuration class */
@ConfigurationProperties(prefix = "spring.swagger")
@Data
public class SwaggerProperties {
/** * Front interface configuration */
private SwaggerEntity front;
/** * Background interface configuration */
private SwaggerEntity back;
@Data
public static class SwaggerEntity {
private String groupName;
private String basePackage;
private String title;
private String description;
private String contactName;
private String contactEmail;
private String contactUrl;
private String version;
privateBoolean enable; }}Copy the code
1.4 SwaggerConfig. Java
@EnableOpenApi
@Configuration
@EnableConfigurationProperties(value = {SwaggerProperties.class})
public class SwaggerConfig {
/** * Configure attributes */
@Autowired
private SwaggerProperties properties;
@Bean
public Docket frontApi(a) {
RequestParameter parameter = new RequestParameterBuilder()
.name("platform")
.description("Request header")
.in(ParameterType.HEADER)
.required(true)
.build();
List<RequestParameter> parameters = Collections.singletonList(parameter);
return new Docket(DocumentationType.OAS_30)
// Whether to enable the function based on the environment
.enable(properties.getFront().getEnable())
.groupName(properties.getFront().getGroupName())
.apiInfo(frontApiInfo())
.select()
// Specify the packet to scan
.apis(RequestHandlerSelectors.basePackage(properties.getFront().getBasePackage()))
.paths(PathSelectors.any())
.build()
.securitySchemes(securitySchemes())
.securityContexts(securityContexts());
}
/** * Set the authorization information */
private List<SecurityScheme> securitySchemes(a) {
ApiKey apiKey = new ApiKey("BASE_TOKEN"."token", In.HEADER.toValue());
return Collections.singletonList(apiKey);
}
/** * Authorization information global application */
private List<SecurityContext> securityContexts(a) {
return Collections.singletonList(
SecurityContext.builder()
.securityReferences(Collections.singletonList(new SecurityReference("BASE_TOKEN".new AuthorizationScope[]{new AuthorizationScope("global"."")})))
.build()
);
}
/** * Foreground API information */
private ApiInfo frontApiInfo(a) {
return new ApiInfoBuilder()
.title(properties.getFront().getTitle())
.description(properties.getFront().getDescription())
.version(properties.getFront().getVersion())
.contact( // Add some information about the developer
new Contact(properties.getFront().getContactName(), properties.getFront().getContactUrl(),
properties.getFront().getContactEmail()))
.build();
}
/** * background API */
@Bean
public Docket backApi(a) {
return new Docket(DocumentationType.OAS_30)
// Whether to enable the function based on the environment
.enable(properties.getBack().getEnable())
.groupName("Back office")
.apiInfo(backApiInfo())
.select()
.apis(RequestHandlerSelectors.basePackage(properties.getBack().getBasePackage()))
.paths(PathSelectors.any())
.build();
}
/** * background API information */
private ApiInfo backApiInfo(a) {
return new ApiInfoBuilder()
.title(properties.getBack().getTitle())
.description(properties.getBack().getDescription())
.version(properties.getBack().getVersion())
.contact( // Add some information about the developer
newContact(properties.getBack().getContactName(), properties.getBack().getContactUrl(), properties.getBack().getContactEmail())) .build(); }}Copy the code
2. Swagger2 Style (old version)
The default access: http://localhost:8080/swagger-ui/index.html
Or http://localhost:8080/doc.html#
2.1 pom depends on
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>2.7.0</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>2.7.0</version>
</dependency>
<dependency>
<groupId>com.github.xiaoymin</groupId>
<artifactId>swagger-bootstrap-ui</artifactId>
<version>1.9.6</version>
</dependency>
Copy the code
2.2 SwaggerConfig. Java
@Configuration
@EnableSwagger2
public class SwaggerConfig {
@Bean
public Docket docket(a){
return new Docket(DocumentationType.SWAGGER_2)
.apiInfo(apiInfo())
.securityContexts(Arrays.asList(securityContext()))
.securitySchemes(Arrays.asList(apiKey(),apiKeyUserName()))
.select()
.apis(RequestHandlerSelectors.basePackage("com.ecommerce.onion.application"))
.paths(PathSelectors.any())
.build();
}
private ApiInfo apiInfo(a){
return new ApiInfoBuilder()
.title("title")
.description("test")
.version("0.0.1")
.build();
}
private ApiKey apiKeyUserName(a){
return new ApiKey("userName"."userName"."header");
}
private ApiKey apiKey(a){
return new ApiKey("Authorization"."Authorization"."header");
}
private SecurityContext securityContext(a){
return SecurityContext.builder().securityReferences(defaultAuth()).build();
}
private List<SecurityReference> defaultAuth(a){
AuthorizationScope authorizationScope = new AuthorizationScope("global"."accessEverything");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] =authorizationScope;
return Arrays.asList(new SecurityReference("Authorization",authorizationScopes),new SecurityReference("userName",authorizationScopes)); }}Copy the code
3. How to deal with the requirement that Swagger is disabled in on-line environment and see the different results
3.1 Dialog Box Style Swagger2
- @Profile({“dev”,”test”})
- @ConditionalOnProperty(prefix = “swagger2”, value = {“enable”}, havingValue = “true”)
Note: In the background, there will be an error message
3.2 error page
- Docket(DocumentationType.OAS_30).enable(false)
Note: background, calm as water, no error message reported