SpringBoot2整合SpringSecurity+Swagger3系列
创建一个Maven项目并引入相关依赖
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.example</groupId>
<artifactId>spring-boot-swagger-security</artifactId>
<version>1.0.0.0</version>
<properties>
<maven.compiler.encoding>UTF-8</maven.compiler.encoding>
<jdk.source.veriosn>1.8</jdk.source.veriosn>
<jdk.target.veriosn>1.8</jdk.target.veriosn>
<argLine>-Dfile.encoding=UTF-8</argLine>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-framework-bom</artifactId>
<version>5.1.10.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>2.1.9.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-autoconfigure</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- 认证服务 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
<version>3.0.0</version>
</dependency>
<dependency>
<groupId>org.springframework.plugin</groupId>
<artifactId>spring-plugin-core</artifactId>
<version>2.0.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.plugin</groupId>
<artifactId>spring-plugin-metadata</artifactId>
<version>2.0.0.RELEASE</version>
</dependency>
</dependencies>
<build>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.5.1</version>
<configuration>
<source>${jdk.source.veriosn}</source>
<target>${jdk.target.veriosn}</target>
<encoding>${maven.compiler.encoding}</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>2.1.9.RELEASE</version>
<configuration>
<mainClass>org.spring.swagger.security.StartMain</mainClass>
<includeSystemScope>true</includeSystemScope>
</configuration>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
创建启动类
package org.spring.swagger.security;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import java.util.Arrays;
/**
* @date: 2021/7/28 13:05
* http://localhost:8080/swagger-ui/index.html
* @version: 1.0
*/
@SpringBootApplication
public class StartMain {
public static void main(String[] args) {
if (args != null) {
System.out.println(Arrays.toString(args));
}
SpringApplication.run(StartMain.class, args);
}
}
设置安全配置类
package org.spring.swagger.security.config;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("admin")
.password(passwordEncoder().encode("123456"))
.authorities("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.and()
.logout()
.and()
.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
}
配置swagger安全模式
package org.spring.swagger.security.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import springfox.documentation.swagger.web.SecurityConfiguration;
import springfox.documentation.swagger.web.SecurityConfigurationBuilder;
@Configuration
public class SwaggerConfiguration implements WebMvcConfigurer {
@Bean
public SecurityConfiguration securityConfiguration() {
return SecurityConfigurationBuilder.builder()
.enableCsrfSupport(true)
.build();
}
}
编写控制器
package org.spring.swagger.security.controller;
import org.spring.swagger.security.entity.User;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class UserController {
@GetMapping(value = "/user/{userId}")
public User getUser(@PathVariable("userId") Long userId) {
User user = new User();
user.setUserId(userId);
user.setAge(18);
user.setMale(false);
user.setName("如花");
return user;
}
}
对应实体类
package org.spring.swagger.security.entity;
/**
* @date: 2021/7/28 13:18
* @version: 1.0
*/
public class User {
private Long userId;
private boolean male;
private String name;
private Integer age;
setter/getter略
}
package org.spring.swagger.security.controller;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestPart;
import org.springframework.web.multipart.MultipartFile;
@Controller
public class FileUploadController {
@RequestMapping(value = "/upload", consumes = { MediaType.MULTIPART_FORM_DATA_VALUE }, method = RequestMethod.POST)
public ResponseEntity<Void> uploadFile(@RequestPart String description, @RequestPart MultipartFile file) {
//yaay!
return ResponseEntity.ok(null);
}
}
配置文件
spring.application.name=spring-boot-swagger-security
logging.level.root=info
server.port=8080
logging.level.springfox.documentation=INFO
#server.servlet.context-path=/
#springfox.documentation.swagger.v2.use-model-v3=false
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
spring.mvc.view.prefix=/
spring.mvc.view.suffix=.html
项目结构
测试
启动程序,通过前台访问http://localhost:8080/swagger-ui/index.html
会自动调到登录页面,输入admin和123456之后进入swagger页面
如上图所示
整合成功