我已经将招摇与用于API文档的SAP Hybris commercewebservices api扩展集成在一起。
这是spring-v2-spring.xml中的条目:
<security:http pattern="/v2//api-docs" security="none"/>
<security:http pattern="/v2/*swagger*/**" security="none"/>
这是springmvc-v2-servlet.xml中的条目:
<mvc:resources mapping="**/swagger-ui.html" location="classpath:/META-INF/resources/" />
<mvc:resources mapping="/webjars/**" location="classpath:/META-INF/resources/webjars/" />
如何向swagger UI添加基本身份验证:/rest/v2/swagger-ui.html?提前致谢。
我已经在kotlin中对其进行了如下配置。
@Configuration
@EnableSwagger2
@EnableWebSecurity
class SecurityConfig : WebSecurityConfigurerAdapter() {
override fun configure(http: HttpSecurity) {
http.csrf().disable()
.antMatcher("/swagger-ui.html")
.authorizeRequests()
.anyRequest().authenticated()
.and().httpBasic()
}
@Autowired
override public fun configure(auth: AuthenticationManagerBuilder) {
auth.inMemoryAuthentication()
.withUser("user")
.password(passwordEncoder().encode("pass123"))
.authorities("USER")
}
@Bean
public fun passwordEncoder(): PasswordEncoder {
return BCryptPasswordEncoder()
}
}
如果要在swagger enable API上启用基本身份验证,请使用以下代码。
@Configuration
@EnableSwagger2
public class SwaggerConfig
{
private static final String AUTHORIZATION_URL = "/authorizationserver/oauth/token";
private static final String AUTHORIZATION_SCOPE = "basic";
private static final String ZAMOK_AUTHORIZATION_NAME = "oauth2_password";
@Resource
private ConfigurationService configurationService;
@Bean
public Docket commonApi()
{
return createDocket("SFront Common API", "/api/(?!sop|cart|wishlist|savings|checkout).*");
}
@Bean
public Docket checkoutApi()
{
return createDocket("Checkout API", "/api/checkout.*");
}
@Bean
public Docket wishlistApi()
{
return createDocket("Wishlist API", "/api/wishlist/.*");
}
@Bean
public Docket savingsApi()
{
return createDocket("Savings API", "/api/savings/.*");
}
@Bean
public Docket cartApi()
{
return createDocket("Cart API", "/api/cart/.*");
}
@Bean
public UiConfiguration uiConfiguration() {
return UiConfigurationBuilder.builder() //
.deepLinking(true) //
.displayOperationId(false) //
.defaultModelsExpandDepth(1) //
.defaultModelExpandDepth(1) //
.defaultModelRendering(ModelRendering.EXAMPLE) //
.displayRequestDuration(false) //
.docExpansion(DocExpansion.NONE) //
.filter(false) //
.maxDisplayedTags(null) //
.operationsSorter(OperationsSorter.ALPHA) //
.showExtensions(false) //
.tagsSorter(TagsSorter.ALPHA) //
.supportedSubmitMethods(UiConfiguration.Constants.DEFAULT_SUBMIT_METHODS) //
.validatorUrl(null) //
.build();
}
private Docket createDocket(String groupName, String... regexs)
{
ApiSelectorBuilder docket = new Docket(DocumentationType.SWAGGER_2) //
.groupName(groupName) //
.select() //
.apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class));
for (String regexp : regexs)
{
docket.paths(regex(regexp));
}
return docket.build() //
.enable(isSwaggerEnabled()) //
.securitySchemes(Collections.singletonList(passwordSecurityScheme())) //
.securityContexts(Collections.singletonList(oauthSecurityContext())) //
.produces(Sets.newHashSet(APPLICATION_JSON));
}
private boolean isSwaggerEnabled()
{
return configurationService.getConfiguration().getBoolean("swagger.enable", false);
}
private OAuth passwordSecurityScheme()
{
AuthorizationScope authorizationScope = new AuthorizationScope(AUTHORIZATION_SCOPE, StringUtils.EMPTY);
ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = new ResourceOwnerPasswordCredentialsGrant(
AUTHORIZATION_URL);
return new OAuth(ZAMOK_AUTHORIZATION_NAME, Collections.singletonList(authorizationScope),
Collections.singletonList(resourceOwnerPasswordCredentialsGrant));
}
private SecurityContext oauthSecurityContext()
{
// @formatter:off
return SecurityContext.builder()
.securityReferences(oauthSecurityReferences())
.forPaths(any())
.build();
// @formatter:on
}
private List<SecurityReference> oauthSecurityReferences()
{
AuthorizationScope[] authorizationScopes = {};
return Collections.singletonList(new SecurityReference(ZAMOK_AUTHORIZATION_NAME, authorizationScopes));
}
}