如何在 swagger 上自动使用 Bearer 或 Apikey 关键字 java
How to use Bearer or Apikey keywords automatically onswagger java
我正在尝试在我的 SwaggerConfiguration class 中进行一些安全配置。我的目的是发送带有身份验证密钥的方案关键字,如
curl -X GET "http://localhost:8080" -H "accept: */*" -H "Authorization: Bearer <authorization-value>"
或
curl -X GET "http://localhost:8080" -H "accept: */*" -H "Authorization: ApiKey <authorization-value>"
在 ASP.Core 上是可能的,但我只能在 java 上实现,如下所示:
我的 Docket 安全方案应该使用什么来代替 ApiKey?
Docket docket = new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.basePackage("mypackagename"))
.build()
.useDefaultResponseMessages(false)
.apiInfo(metaData())
.securitySchemes(Collections.singletonList(getApiKey()))
.securityContexts(Collections.singletonList(securityContext()));
private ApiKey getApiKey() {
return new ApiKey("apiKey", "Authorization", "Header");
}
您可以通过打开 API 规范 3 来实现。为此,您需要添加依赖项:
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-ui</artifactId>
<version>${open.api.version}</version>
</dependency>
包含此内容后,您需要将 swagger 配置更新为 post 您不需要在令牌前面添加 Bearer 方案:
package com.test.config;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Info;
import io.swagger.v3.oas.models.info.License;
import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import lombok.extern.log4j.Log4j2;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
@Log4j2
public class SwaggerConfig {
private static final String SCHEME_NAME = "bearerScheme";
private static final String SCHEME = "Bearer";
@Bean
public OpenAPI customOpenAPI() {
var openApi = new OpenAPI()
.info(getInfo());
addSecurity(openApi);
return openApi;
}
private Info getInfo() {
return new Info()
.title("Your APIs Documentation")
.description("The API documentation for your Portal.")
.version("1.0.0")
.license(getLicense());
}
private License getLicense() {
return new License()
.name("Your")
.url("https://www.yours.com/en/");
}
private void addSecurity(OpenAPI openApi) {
var components = createComponents();
var securityItem = new SecurityRequirement().addList(SCHEME_NAME);
openApi
.components(components)
.addSecurityItem(securityItem);
}
private Components createComponents() {
var components = new Components();
components.addSecuritySchemes(SCHEME_NAME, createSecurityScheme());
return components;
}
private SecurityScheme createSecurityScheme() {
return new SecurityScheme()
.name(SCHEME_NAME)
.type(SecurityScheme.Type.HTTP)
.scheme(SCHEME);
}
}
详情可以参考this.
我正在尝试在我的 SwaggerConfiguration class 中进行一些安全配置。我的目的是发送带有身份验证密钥的方案关键字,如
curl -X GET "http://localhost:8080" -H "accept: */*" -H "Authorization: Bearer <authorization-value>"
或
curl -X GET "http://localhost:8080" -H "accept: */*" -H "Authorization: ApiKey <authorization-value>"
在 ASP.Core 上是可能的,但我只能在 java 上实现,如下所示:
我的 Docket 安全方案应该使用什么来代替 ApiKey?
Docket docket = new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.basePackage("mypackagename"))
.build()
.useDefaultResponseMessages(false)
.apiInfo(metaData())
.securitySchemes(Collections.singletonList(getApiKey()))
.securityContexts(Collections.singletonList(securityContext()));
private ApiKey getApiKey() {
return new ApiKey("apiKey", "Authorization", "Header");
}
您可以通过打开 API 规范 3 来实现。为此,您需要添加依赖项:
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-ui</artifactId>
<version>${open.api.version}</version>
</dependency>
包含此内容后,您需要将 swagger 配置更新为 post 您不需要在令牌前面添加 Bearer 方案:
package com.test.config;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Info;
import io.swagger.v3.oas.models.info.License;
import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import lombok.extern.log4j.Log4j2;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
@Log4j2
public class SwaggerConfig {
private static final String SCHEME_NAME = "bearerScheme";
private static final String SCHEME = "Bearer";
@Bean
public OpenAPI customOpenAPI() {
var openApi = new OpenAPI()
.info(getInfo());
addSecurity(openApi);
return openApi;
}
private Info getInfo() {
return new Info()
.title("Your APIs Documentation")
.description("The API documentation for your Portal.")
.version("1.0.0")
.license(getLicense());
}
private License getLicense() {
return new License()
.name("Your")
.url("https://www.yours.com/en/");
}
private void addSecurity(OpenAPI openApi) {
var components = createComponents();
var securityItem = new SecurityRequirement().addList(SCHEME_NAME);
openApi
.components(components)
.addSecurityItem(securityItem);
}
private Components createComponents() {
var components = new Components();
components.addSecuritySchemes(SCHEME_NAME, createSecurityScheme());
return components;
}
private SecurityScheme createSecurityScheme() {
return new SecurityScheme()
.name(SCHEME_NAME)
.type(SecurityScheme.Type.HTTP)
.scheme(SCHEME);
}
}
详情可以参考this.