JWT 身份验证 Spring 引导和 Swagger UI
JWT Authentication Spring Boot & Swagger UI
我有一个这样的 SwaggerConfig:
@Configuration
@EnableSwagger2
public class SwaggerConfiguration {
public static final String AUTHORIZATION_HEADER = "Authorization";
@Bean
public Docket api() {
return new Docket(DocumentationType.SWAGGER_2)
.securityContexts(Arrays.asList(securityContext()))
.securitySchemes(Arrays.asList(apiKey()))
.select()
.apis(RequestHandlerSelectors.any())
.paths(PathSelectors.any())
.build();
}
private ApiKey apiKey() {
return new ApiKey("JWT", AUTHORIZATION_HEADER, "header");
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.build();
}
List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope
= new AuthorizationScope("global", "accessEverything");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] = authorizationScope;
return Arrays.asList(new SecurityReference("JWT", authorizationScopes));
}
}
当我在 swagger ui 中测试 API 时,它会发出 JWT 罚款,但它仍然会给出
{
"error": "Full authentication is required to access this resource"
}
在邮递员中尝试相同的令牌工作正常。
招摇ui curl:
curl -X GET "http://localhost:8082/api/helloadmin" -H "accept: */*" -H "Authorization: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXoiLCJpc0FkbWluIjp0cnVlLCJleHAiOjE2MTk1MzA3MTUsImlhdCI6MTYxOTUxMjcxNX0.GvEuOYqIPuS98DqhDrtHDFhjXrtwhGjLfylEXwkPeRTGRoWxcwIAYBEawl2Bl5qoQrI2zQOjKZGDq3KEZuyALQ"
我做错了什么?
正确的 header 格式是“授权:Bearer [token]”
我有一个这样的 SwaggerConfig:
@Configuration
@EnableSwagger2
public class SwaggerConfiguration {
public static final String AUTHORIZATION_HEADER = "Authorization";
@Bean
public Docket api() {
return new Docket(DocumentationType.SWAGGER_2)
.securityContexts(Arrays.asList(securityContext()))
.securitySchemes(Arrays.asList(apiKey()))
.select()
.apis(RequestHandlerSelectors.any())
.paths(PathSelectors.any())
.build();
}
private ApiKey apiKey() {
return new ApiKey("JWT", AUTHORIZATION_HEADER, "header");
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.build();
}
List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope
= new AuthorizationScope("global", "accessEverything");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] = authorizationScope;
return Arrays.asList(new SecurityReference("JWT", authorizationScopes));
}
}
当我在 swagger ui 中测试 API 时,它会发出 JWT 罚款,但它仍然会给出
{
"error": "Full authentication is required to access this resource"
}
在邮递员中尝试相同的令牌工作正常。
招摇ui curl:
curl -X GET "http://localhost:8082/api/helloadmin" -H "accept: */*" -H "Authorization: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXoiLCJpc0FkbWluIjp0cnVlLCJleHAiOjE2MTk1MzA3MTUsImlhdCI6MTYxOTUxMjcxNX0.GvEuOYqIPuS98DqhDrtHDFhjXrtwhGjLfylEXwkPeRTGRoWxcwIAYBEawl2Bl5qoQrI2zQOjKZGDq3KEZuyALQ"
我做错了什么?
正确的 header 格式是“授权:Bearer [token]”