From 5be30eb152d0953c9bb1c94ba52580625f108d28 Mon Sep 17 00:00:00 2001 From: suiaing Date: Tue, 19 Feb 2019 09:20:53 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E6=8C=81=20BasicAuth?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 5 +++- .../swagger/SwaggerAutoConfiguration.java | 23 +++++++++++++++++-- .../spring4all/swagger/SwaggerProperties.java | 5 ++++ 3 files changed, 30 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index e875b8c..b13f5c2 100644 --- a/README.md +++ b/README.md @@ -283,6 +283,9 @@ swagger.docket.aaa.ignored-parameter-types[1]=com.didispace.demo.Product # 鉴权策略ID,对应 SecurityReferences ID swagger.authorization.name=Authorization +# 鉴权策略,可选 ApiKey | BasicAuth | None,默认ApiKey +swagger.authorization.type=ApiKey + # 鉴权传递的Header参数 swagger.authorization.key-name=token @@ -290,7 +293,7 @@ swagger.authorization.key-name=token swagger.authorization.auth-regex=^.*$ ``` -备注:目前支持`ApiKey`鉴权模式,后续添加`Oauth2`和`BasicAuth`支持 +备注:目前支持`ApiKey` | `BasicAuth`鉴权模式,`None`除消鉴权模式,默认ApiKey,后续添加`Oauth2`支持 **使用须知** diff --git a/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java b/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java index 143dd4e..77d9e9f 100644 --- a/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java +++ b/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java @@ -107,11 +107,16 @@ public List createRestApi(SwaggerProperties swaggerProperties) { Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2) .host(swaggerProperties.getHost()) .apiInfo(apiInfo) - .securitySchemes(Collections.singletonList(apiKey())) .securityContexts(Collections.singletonList(securityContext())) .globalOperationParameters(buildGlobalOperationParametersFromSwaggerProperties( swaggerProperties.getGlobalOperationParameters())); + if ("BasicAuth".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) { + docketForBuilder.securitySchemes(Collections.singletonList(basicAuth())); + } else if (!"None".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) { + docketForBuilder.securitySchemes(Collections.singletonList(apiKey())); + } + // 全局响应消息 if (!swaggerProperties.getApplyDefaultResponseMessages()) { buildGlobalResponseMessage(swaggerProperties, docketForBuilder); @@ -175,11 +180,16 @@ public List createRestApi(SwaggerProperties swaggerProperties) { Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2) .host(swaggerProperties.getHost()) .apiInfo(apiInfo) - .securitySchemes(Collections.singletonList(apiKey())) .securityContexts(Collections.singletonList(securityContext())) .globalOperationParameters(assemblyGlobalOperationParameters(swaggerProperties.getGlobalOperationParameters(), docketInfo.getGlobalOperationParameters())); + if ("BasicAuth".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) { + docketForBuilder.securitySchemes(Collections.singletonList(basicAuth())); + } else if (!"None".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) { + docketForBuilder.securitySchemes(Collections.singletonList(apiKey())); + } + // 全局响应消息 if (!swaggerProperties.getApplyDefaultResponseMessages()) { buildGlobalResponseMessage(swaggerProperties, docketForBuilder); @@ -218,6 +228,15 @@ private ApiKey apiKey() { ApiKeyVehicle.HEADER.getValue()); } + /** + * 配置基于 BasicAuth 的鉴权对象 + * + * @return + */ + private BasicAuth basicAuth() { + return new BasicAuth(swaggerProperties().getAuthorization().getName()); + } + /** * 配置默认的全局鉴权策略的开关,以及通过正则表达式进行匹配;默认 ^.*$ 匹配所有URL * 其中 securityReferences 为配置启用的鉴权策略 diff --git a/src/main/java/com/spring4all/swagger/SwaggerProperties.java b/src/main/java/com/spring4all/swagger/SwaggerProperties.java index 0a43142..17768f6 100644 --- a/src/main/java/com/spring4all/swagger/SwaggerProperties.java +++ b/src/main/java/com/spring4all/swagger/SwaggerProperties.java @@ -344,6 +344,11 @@ static class Authorization { */ private String name = "Authorization"; + /** + * 鉴权策略,可选 ApiKey | BasicAuth | None,默认ApiKey + */ + private String type = "ApiKey"; + /** * 鉴权传递的Header参数 */