diff --git a/README.md b/README.md index e875b8c..b13f5c2 100644 --- a/README.md +++ b/README.md @@ -283,6 +283,9 @@ swagger.docket.aaa.ignored-parameter-types[1]=com.didispace.demo.Product # 鉴权策略ID,对应 SecurityReferences ID swagger.authorization.name=Authorization +# 鉴权策略,可选 ApiKey | BasicAuth | None,默认ApiKey +swagger.authorization.type=ApiKey + # 鉴权传递的Header参数 swagger.authorization.key-name=token @@ -290,7 +293,7 @@ swagger.authorization.key-name=token swagger.authorization.auth-regex=^.*$ ``` -备注:目前支持`ApiKey`鉴权模式,后续添加`Oauth2`和`BasicAuth`支持 +备注:目前支持`ApiKey` | `BasicAuth`鉴权模式,`None`除消鉴权模式,默认ApiKey,后续添加`Oauth2`支持 **使用须知** diff --git a/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java b/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java index 143dd4e..77d9e9f 100644 --- a/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java +++ b/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java @@ -107,11 +107,16 @@ public List createRestApi(SwaggerProperties swaggerProperties) { Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2) .host(swaggerProperties.getHost()) .apiInfo(apiInfo) - .securitySchemes(Collections.singletonList(apiKey())) .securityContexts(Collections.singletonList(securityContext())) .globalOperationParameters(buildGlobalOperationParametersFromSwaggerProperties( swaggerProperties.getGlobalOperationParameters())); + if ("BasicAuth".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) { + docketForBuilder.securitySchemes(Collections.singletonList(basicAuth())); + } else if (!"None".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) { + docketForBuilder.securitySchemes(Collections.singletonList(apiKey())); + } + // 全局响应消息 if (!swaggerProperties.getApplyDefaultResponseMessages()) { buildGlobalResponseMessage(swaggerProperties, docketForBuilder); @@ -175,11 +180,16 @@ public List createRestApi(SwaggerProperties swaggerProperties) { Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2) .host(swaggerProperties.getHost()) .apiInfo(apiInfo) - .securitySchemes(Collections.singletonList(apiKey())) .securityContexts(Collections.singletonList(securityContext())) .globalOperationParameters(assemblyGlobalOperationParameters(swaggerProperties.getGlobalOperationParameters(), docketInfo.getGlobalOperationParameters())); + if ("BasicAuth".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) { + docketForBuilder.securitySchemes(Collections.singletonList(basicAuth())); + } else if (!"None".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) { + docketForBuilder.securitySchemes(Collections.singletonList(apiKey())); + } + // 全局响应消息 if (!swaggerProperties.getApplyDefaultResponseMessages()) { buildGlobalResponseMessage(swaggerProperties, docketForBuilder); @@ -218,6 +228,15 @@ private ApiKey apiKey() { ApiKeyVehicle.HEADER.getValue()); } + /** + * 配置基于 BasicAuth 的鉴权对象 + * + * @return + */ + private BasicAuth basicAuth() { + return new BasicAuth(swaggerProperties().getAuthorization().getName()); + } + /** * 配置默认的全局鉴权策略的开关,以及通过正则表达式进行匹配;默认 ^.*$ 匹配所有URL * 其中 securityReferences 为配置启用的鉴权策略 diff --git a/src/main/java/com/spring4all/swagger/SwaggerProperties.java b/src/main/java/com/spring4all/swagger/SwaggerProperties.java index 0a43142..17768f6 100644 --- a/src/main/java/com/spring4all/swagger/SwaggerProperties.java +++ b/src/main/java/com/spring4all/swagger/SwaggerProperties.java @@ -344,6 +344,11 @@ static class Authorization { */ private String name = "Authorization"; + /** + * 鉴权策略,可选 ApiKey | BasicAuth | None,默认ApiKey + */ + private String type = "ApiKey"; + /** * 鉴权传递的Header参数 */