springboot项目中配置了权限认证,需要在请求头携带Authorization,如果想使用swagger做测试,需要配置认证,swagger3.0与swagger2.x配置的方式不一样。
配置方式如下:
package com.iscas.biz.config;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import springfox.documentation.builders.*;
import springfox.documentation.oas.annotations.EnableOpenApi;
import springfox.documentation.schema.ModelRef;
import springfox.documentation.service.*;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
/**
* swagger配置
*
* @author zhuquanwen
* @vesion 1.0
* @date 2020/08/28
* @since jdk1.8
*/
@Configuration
@EnableOpenApi
public class Swagger3Config {
@Value("${swagger.enable: true}")
private boolean swaggerEnable;
private String version = "1.0";
@Bean
public Docket defaultApi() {
return new Docket(DocumentationType.OAS_30)
.groupName("默认")
.apiInfo(defaultApiInfo())
.enable(swaggerEnable)
.securitySchemes(List.of(tokenScheme()))
.securityContexts(List.of(tokenContext()))
.select()
.apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
.paths(PathSelectors.any())
.build()/*.forCodeGeneration(true)*/;
}
private ApiInfo defaultApiInfo() {
return new ApiInfoBuilder()
.title("newframe-接口文档")
.description("基于swagger3的在线接口文档,如不喜欢此风格,可尝试使用http://<IP:PORT>/<context-path>/doc.html")
//服务条款网址
.version(version)
.build();
}
private HttpAuthenticationScheme tokenScheme() {
return HttpAuthenticationScheme.JWT_BEARER_BUILDER.name("Authorization").build();
}
private SecurityContext tokenContext() {
return SecurityContext.builder()
.securityReferences(List.of(SecurityReference.builder()
.scopes(new AuthorizationScope[0])
.reference("Authorization")
.build()))
.operationSelector(o -> o.requestMappingPattern().matches("/.*"))
.build();
}
}
其中,securitySchemes和securityContexts
是认证的配置,这样配置后Authorization
的value会带着Bearer
,注意一下token的认证。
swagger页面配置如下:
填入一个token
使用swagger测试