Java Crawl Pit--springboot + Swagger2 integration encountered permissions issues

Issue One: The project requires authentication permissions in addition to logging on to other interfaces

By degrees Niang and Google found there are two ways to solve:

1. Configure a global authentication parameter for each interface:

1  Packagecom.dongsport.configuration;2 3 ImportOrg.springframework.context.annotation.Bean;4 Importorg.springframework.context.annotation.Configuration;5 ImportOrg.springframework.web.context.request.async.DeferredResult;6 ImportSpringfox.documentation.builders.ApiInfoBuilder;7 ImportSpringfox.documentation.builders.ParameterBuilder;8 Importspringfox.documentation.builders.PathSelectors;9 ImportSpringfox.documentation.schema.ModelRef;Ten ImportSpringfox.documentation.service.ApiInfo; One Importspringfox.documentation.service.Contact; A ImportSpringfox.documentation.service.Parameter; - ImportSpringfox.documentation.spi.DocumentationType; - ImportSpringfox.documentation.spring.web.plugins.Docket; the ImportSpringfox.documentation.swagger2.annotations.EnableSwagger2; -  - Importjava.util.ArrayList; - Importjava.util.List; +  - /** + * @ClassName Swaggerconfigurer A * @Description Swagger2 configuration file at * @Author Mr. Q_ - * @Date 2018/4/27 15:01 -  **/ - @Configuration - @EnableSwagger2 -  Public classswaggerconfiguration { in @Bean -      PublicDocket Createrestapi () { to  +         //Add head parameter start -ParameterBuilder Tokenpar =NewParameterBuilder (); theList<parameter> Pars =NewArraylist<>(); *Tokenpar.name ("Authorization") $. Description ("token (get token after login)")Panax Notoginseng. Modelref (NewModelref ("string")) -. ParameterType ("header") the. Required (false) + . Build (); A Pars.add (Tokenpar.build ()); the         //Add head parameter end +  -         return NewDocket (documentationtype.swagger_2) $. Genericmodelsubstitutes (Deferredresult.class) $. Usedefaultresponsemessages (false) -. Forcodegeneration (false) -. Pathmapping ("") the . Select () -                 //TODO If it is an on-line environment, add path filter, set to all do not matchWuyi                 //. Paths (Pathselectors.none ()) the . Build () - . Globaloperationparameters (pars) Wu . Apiinfo (Productapiinfo ()); -     } About  $     Privateapiinfo Productapiinfo () { -         return NewApiinfobuilder () -. Title ("Building restful APIs using Swagger2") -. Description ("Wuhua Tianbao, Dragon light shoot cattle market \ r" + A"Outstanding, Shisuni Chen Yu of the couch") +. Termsofserviceurl ("www.baidu.com") the. Contact (NewContact ("Mr. Q_", "www.baidu.com", "email"))) -. Version ("1.0") $ . Build (); the     } the}

2. Use securityscheme and securitycontext support to configure the swagger to access our security APIs:

1  Packagecom.dongsport.configuration;2 3 ImportOrg.springframework.context.annotation.Bean;4 Importorg.springframework.context.annotation.Configuration;5 ImportSpringfox.documentation.builders.ApiInfoBuilder;6 Importspringfox.documentation.builders.PathSelectors;7 Importspringfox.documentation.builders.RequestHandlerSelectors;8 ImportSpringfox.documentation.service.*;9 ImportSpringfox.documentation.spi.DocumentationType;Ten ImportSpringfox.documentation.spi.service.contexts.SecurityContext; One ImportSpringfox.documentation.spring.web.plugins.Docket; A ImportSpringfox.documentation.swagger2.annotations.EnableSwagger2; -  - Importjava.util.List; the  - Import Staticcom.google.common.collect.Lists.newArrayList; -  - /** + * @ClassName Swaggerconfigurer - * @Description Swagger2 configuration file + * @Author Mr. Q_ A * @Date 2018/4/27 15:01 at  **/ - @Configuration - @EnableSwagger2 -  Public classswaggerconfiguration { -  - @Bean in      PublicDocket Createrestapi () { -  to         return NewDocket (documentationtype.swagger_2). +Usedefaultresponsemessages (false) - . Select () the . APIs (Requesthandlerselectors.any ()) *. Paths (Pathselectors.regex ("^ (?! AUTH). *$ ")) $ . Build ()Panax Notoginseng . Apiinfo (Productapiinfo ()) - . Securityschemes (Securityschemes ()) the . Securitycontexts (Securitycontexts ()) +                 ; A  the     } +  -     PrivateList<apikey>Securityschemes () { $         returnNewarraylist ( $                 NewApiKey ("Authorization", "Authorization", "header")); -     } -  the     PrivateList<securitycontext>securitycontexts () { -         returnNewarraylist (Wuyi Securitycontext.builder () the . Securityreferences (Defaultauth ()) -. Forpaths (Pathselectors.regex ("^ (?! AUTH). *$ ")) Wu . Build () -         ); About     } $  -List<securityreference>Defaultauth () { -Authorizationscope Authorizationscope =NewAuthorizationscope ("Global", "accesseverything"); -authorizationscope[] Authorizationscopes =NewAuthorizationscope[1]; AAuthorizationscopes[0] =Authorizationscope; +         returnNewarraylist ( the                 NewSecurityreference ("Authorization", Authorizationscopes)); -     } $  the     Privateapiinfo Productapiinfo () { the         return NewApiinfobuilder () the. Title ("Building restful APIs using Swagger2") the. Description ("Wuhua Tianbao, Dragon light shoot cattle market \ r" + -"Outstanding, Shisuni Chen Yu of the couch") in. Termsofserviceurl ("www.baidu.com") the. Contact (NewContact ("Mr. Q_", "www.baidu.com", "email"))) the. Version ("1.0") About . Build (); the     } the}

A authorization icon will appear.

Click Authorization after a box appears, you log in and go back to your ticket to fill here, with access to the interface can access the

Question two: How to give the Http://localhost:8081/swagger-ui.html interface address UI plus permissions, if others know your server address can be directly accessed

And so resolved in the amendment ....... ..... Leave a hole.

This article references: http://www.leftso.com/blog/393.html

Thanks to the great God for sharing

Spring Boot Security Swagger2 integration generates secure online REST API documentation Springmvc can also refer to

Java Crawl-springboot + Swagger2 integration encountered permissions issues