在使用Swagger-Knife4j时,配置OAuth2认证功能可以通过以下步骤实现。以下是一个详细的配置指南:
1. 引入依赖
在你的pom.xml
文件中引入Knife4j和Spring Security的依赖:
<dependency>
<groupId>com.github.xiaoymin</groupId>
<artifactId>knife4j-spring-boot-starter</artifactId>
<version>3.0.3</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
<version>3.0.0</version>
</dependency>
2. 配置OAuth2
在你的Spring Boot配置类中,配置OAuth2的相关信息:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.builders.SecurityContextBuilder;
import springfox.documentation.service.*;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
@Configuration
@EnableSwagger2
public class SwaggerConfig {
@Bean
public Docket api() {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.basePackage("com.example.yourpackage"))
.paths(PathSelectors.any())
.build()
.securitySchemes(Arrays.asList(securityScheme()))
.securityContexts(Arrays.asList(securityContext()));
}
private SecurityScheme securityScheme() {
GrantType grantType = new AuthorizationCodeGrantBuilder()
.tokenEndpoint(new TokenEndpoint("https://your-auth-server.com/oauth/token", "oauthtoken"))
.tokenRequestEndpoint(
new TokenRequestEndpoint("https://your-auth-server.com/oauth/authorize", "clientId", "clientSecret"))
.build();
return new OAuthBuilder().name("spring_oauth")
.grantTypes(Collections.singletonList(grantType))
.scopes(Arrays.asList(scopes()))
.build();
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.forPaths(PathSelectors.any())
.build();
}
private List<SecurityReference> defaultAuth() {
final AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] = new AuthorizationScope("read", "for read operations");
return Collections.singletonList(new SecurityReference("spring_oauth", authorizationScopes));
}
private AuthorizationScope[] scopes() {
return new AuthorizationScope[]{
new AuthorizationScope("read", "for read operations"),
new AuthorizationScope("write", "for write operations"),
new AuthorizationScope("foo", "Access foo API")};
}
}
3. 配置Knife4j
在你的application.yml
或application.properties
文件中配置Knife4j:
knife4j:
enable: true
basic:
enable: true
swagger:
enable: true
4. 配置Spring Security
确保你已经配置了Spring Security来支持OAuth2。以下是一个简单的示例:
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/api/**").authenticated()
.and()
.oauth2Login();
}
}
5. 启动应用
启动你的Spring Boot应用,访问http://localhost:8080/doc.html
(默认端口为8080),你应该能够看到Knife4j的界面,并且可以使用OAuth2进行身份验证。
示例
假设你有一个API端点需要OAuth2身份验证,你可以在控制器方法上使用@PreAuthorize
注解来进行权限检查:
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/api")
public class MyController {
@GetMapping("/secure-endpoint")
@PreAuthorize("hasRole('ROLE_USER')")
public String secureEndpoint() {
return "This is a secure endpoint";
}
}
通过以上配置,你可以在Swagger-Knife4j中使用OAuth2进行API的身份验证。