1. 升级spring-boot为1.5.10的稳定版本；

2. 优化springfox在2.8版本更新后废弃的方法；
3. 核心升级主要是终于修复了SecuritySchemes和SecurityContexts在这个版本的可用性，已经默认开启ApiKey模式，可自由配置；
3.1 默认ApiKey("Authorization", "token", "^.*$")，分别为鉴权策略ID，鉴权是header的参数名，和需要开启鉴权URL的正则；

Author: gumutianqi

pom.xml

@@ -49,7 +49,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <version.java>1.8</version.java>
         <version.swagger>2.8.0</version.swagger>
-        <version.spring-boot>1.5.9.RELEASE</version.spring-boot>
+        <version.spring-boot>1.5.10.RELEASE</version.spring-boot>
         <version.lombok>1.16.18</version.lombok>
     </properties>
 

src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java

@@ -20,7 +20,9 @@
 import springfox.documentation.spi.DocumentationType;
 import springfox.documentation.spi.service.contexts.SecurityContext;
 import springfox.documentation.spring.web.plugins.Docket;
+import springfox.documentation.swagger.web.ApiKeyVehicle;
 import springfox.documentation.swagger.web.UiConfiguration;
+import springfox.documentation.swagger.web.UiConfigurationBuilder;
 
 import java.util.*;
 import java.util.stream.Collectors;
@@ -48,15 +50,20 @@ public SwaggerProperties swaggerProperties() {
 
     @Bean
     public UiConfiguration uiConfiguration(SwaggerProperties swaggerProperties) {
-        return new UiConfiguration(
-                swaggerProperties.getUiConfig().getValidatorUrl(),// url
-                swaggerProperties.getUiConfig().getDocExpansion(),       // docExpansion          => none | list
-                swaggerProperties.getUiConfig().getApiSorter(),      // apiSorter             => alpha
-                swaggerProperties.getUiConfig().getDefaultModelRendering(),     // defaultModelRendering => schema
-                swaggerProperties.getUiConfig().getSubmitMethods().split(","),
-                swaggerProperties.getUiConfig().getJsonEditor(),        // enableJsonEditor      => true | false
-                swaggerProperties.getUiConfig().getShowRequestHeaders(),         // showRequestHeaders    => true | false
-                swaggerProperties.getUiConfig().getRequestTimeout());      // requestTimeout => in milliseconds, defaults to null (uses jquery xh timeout)
+        return UiConfigurationBuilder.builder()
+                .deepLinking(swaggerProperties.getUiConfig().getDeepLinking())
+                .defaultModelExpandDepth(swaggerProperties.getUiConfig().getDefaultModelExpandDepth())
+                .defaultModelRendering(swaggerProperties.getUiConfig().getDefaultModelRendering())
+                .defaultModelsExpandDepth(swaggerProperties.getUiConfig().getDefaultModelsExpandDepth())
+                .displayOperationId(swaggerProperties.getUiConfig().getDisplayOperationId())
+                .displayRequestDuration(swaggerProperties.getUiConfig().getDisplayRequestDuration())
+                .docExpansion(swaggerProperties.getUiConfig().getDocExpansion())
+                .maxDisplayedTags(swaggerProperties.getUiConfig().getMaxDisplayedTags())
+                .operationsSorter(swaggerProperties.getUiConfig().getOperationsSorter())
+                .showExtensions(swaggerProperties.getUiConfig().getShowExtensions())
+                .tagsSorter(swaggerProperties.getUiConfig().getTagsSorter())
+                .validatorUrl(swaggerProperties.getUiConfig().getValidatorUrl())
+                .build();
     }
 
     @Bean
@@ -92,16 +99,16 @@ public List<Docket> createRestApi(SwaggerProperties swaggerProperties) {
             }
 
             // exclude-path处理
-            List<Predicate<String>> excludePath = new ArrayList();
+            List<Predicate<String>> excludePath = new ArrayList<>();
             for (String path : swaggerProperties.getExcludePath()) {
                 excludePath.add(PathSelectors.ant(path));
             }
 
             Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2)
                     .host(swaggerProperties.getHost())
                     .apiInfo(apiInfo)
-                    .securitySchemes(this.securitySchemes())
-                    .securityContexts(this.securityContexts())
+                    .securitySchemes(Collections.singletonList(apiKey()))
+                    .securityContexts(Collections.singletonList(securityContext()))
                     .globalOperationParameters(buildGlobalOperationParametersFromSwaggerProperties(
                             swaggerProperties.getGlobalOperationParameters()));
 
@@ -119,9 +126,9 @@ public List<Docket> createRestApi(SwaggerProperties swaggerProperties) {
                             )
                     ).build();
 
-            /** ignoredParameterTypes **/
-            Class[] array = new Class[swaggerProperties.getIgnoredParameterTypes().size()];
-            Class[] ignoredParameterTypes = swaggerProperties.getIgnoredParameterTypes().toArray(array);
+            /* ignoredParameterTypes **/
+            Class<?>[] array = new Class[swaggerProperties.getIgnoredParameterTypes().size()];
+            Class<?>[] ignoredParameterTypes = swaggerProperties.getIgnoredParameterTypes().toArray(array);
             docket.ignoredParameterTypes(ignoredParameterTypes);
 
             configurableBeanFactory.registerSingleton("defaultDocket", docket);
@@ -168,8 +175,8 @@ public List<Docket> createRestApi(SwaggerProperties swaggerProperties) {
             Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2)
                     .host(swaggerProperties.getHost())
                     .apiInfo(apiInfo)
-                    .securitySchemes(this.securitySchemes())
-                    .securityContexts(this.securityContexts())
+                    .securitySchemes(Collections.singletonList(apiKey()))
+                    .securityContexts(Collections.singletonList(securityContext()))
                     .globalOperationParameters(assemblyGlobalOperationParameters(swaggerProperties.getGlobalOperationParameters(),
                             docketInfo.getGlobalOperationParameters()));
 
@@ -189,9 +196,9 @@ public List<Docket> createRestApi(SwaggerProperties swaggerProperties) {
                     )
                     .build();
 
-            /** ignoredParameterTypes **/
-            Class[] array = new Class[docketInfo.getIgnoredParameterTypes().size()];
-            Class[] ignoredParameterTypes = docketInfo.getIgnoredParameterTypes().toArray(array);
+            /* ignoredParameterTypes **/
+            Class<?>[] array = new Class[docketInfo.getIgnoredParameterTypes().size()];
+            Class<?>[] ignoredParameterTypes = docketInfo.getIgnoredParameterTypes().toArray(array);
             docket.ignoredParameterTypes(ignoredParameterTypes);
 
             configurableBeanFactory.registerSingleton(groupName, docket);
@@ -201,36 +208,41 @@ public List<Docket> createRestApi(SwaggerProperties swaggerProperties) {
     }
 
     /**
-     * 配置 Authorization ApiKey
+     * 配置基于 ApiKey 的鉴权对象
      *
      * @return
      */
-    private List<ApiKey> securitySchemes() {
-        return newArrayList(
-                new ApiKey(swaggerProperties().getAuthorization().getName(),
-                        swaggerProperties().getAuthorization().getKeyName(), "header"));
+    private ApiKey apiKey() {
+        return new ApiKey(swaggerProperties().getAuthorization().getName(),
+                swaggerProperties().getAuthorization().getKeyName(),
+                ApiKeyVehicle.HEADER.getValue());
     }
 
     /**
-     * 通过正则设置需要传递 Authorization 信息的API接口
+     * 配置默认的全局鉴权策略的开关，以及通过正则表达式进行匹配；默认 ^.*$ 匹配所有URL
+     * 其中 securityReferences 为配置启用的鉴权策略
      *
      * @return
      */
-    private List<SecurityContext> securityContexts() {
-        return newArrayList(
-                SecurityContext.builder()
-                        .securityReferences(defaultAuth())
-                        .forPaths(PathSelectors.regex(swaggerProperties().getAuthorization().getAuthRegex()))
-                        .build()
-        );
+    private SecurityContext securityContext() {
+        return SecurityContext.builder()
+                .securityReferences(defaultAuth())
+                .forPaths(PathSelectors.regex(swaggerProperties().getAuthorization().getAuthRegex()))
+                .build();
     }
 
-    List<SecurityReference> defaultAuth() {
+    /**
+     * 配置默认的全局鉴权策略；其中返回的 SecurityReference 中，reference 即为ApiKey对象里面的name，保持一致才能开启全局鉴权
+     *
+     * @return
+     */
+    private List<SecurityReference> defaultAuth() {
         AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
         AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
         authorizationScopes[0] = authorizationScope;
-        return newArrayList(
-                new SecurityReference("BearerToken", authorizationScopes));
+        return Collections.singletonList(SecurityReference.builder()
+                .reference(swaggerProperties().getAuthorization().getName())
+                .scopes(authorizationScopes).build());
     }
 
 
@@ -295,15 +307,15 @@ private List<Parameter> assemblyGlobalOperationParameters(
     /**
      * 设置全局响应消息
      *
-     * @param swaggerProperties 支持 POST,GET,PUT,PATCH,DELETE,HEAD,OPTIONS,TRACE
-     * @param docketForBuilder
+     * @param swaggerProperties swaggerProperties 支持 POST,GET,PUT,PATCH,DELETE,HEAD,OPTIONS,TRACE
+     * @param docketForBuilder  swagger docket builder
      */
     private void buildGlobalResponseMessage(SwaggerProperties swaggerProperties, Docket docketForBuilder) {
 
         SwaggerProperties.GlobalResponseMessage globalResponseMessages =
                 swaggerProperties.getGlobalResponseMessage();
 
-        // POST,GET,PUT,PATCH,DELETE,HEAD,OPTIONS,TRACE 响应消息体
+        /* POST,GET,PUT,PATCH,DELETE,HEAD,OPTIONS,TRACE 响应消息体 **/
         List<ResponseMessage> postResponseMessages = getResponseMessageList(globalResponseMessages.getPost());
         List<ResponseMessage> getResponseMessages = getResponseMessageList(globalResponseMessages.getGet());
         List<ResponseMessage> putResponseMessages = getResponseMessageList(globalResponseMessages.getPut());
@@ -327,10 +339,11 @@ private void buildGlobalResponseMessage(SwaggerProperties swaggerProperties, Doc
     /**
      * 获取返回消息体列表
      *
-     * @param globalResponseMessageBodyList
+     * @param globalResponseMessageBodyList 全局Code消息返回集合
      * @return
      */
-    private List<ResponseMessage> getResponseMessageList(List<SwaggerProperties.GlobalResponseMessageBody> globalResponseMessageBodyList) {
+    private List<ResponseMessage> getResponseMessageList
+    (List<SwaggerProperties.GlobalResponseMessageBody> globalResponseMessageBodyList) {
         List<ResponseMessage> responseMessages = new ArrayList<>();
         for (SwaggerProperties.GlobalResponseMessageBody globalResponseMessageBody : globalResponseMessageBodyList) {
             ResponseMessageBuilder responseMessageBuilder = new ResponseMessageBuilder();

src/main/java/com/spring4all/swagger/SwaggerProperties.java

@@ -3,6 +3,10 @@
 import lombok.Data;
 import lombok.NoArgsConstructor;
 import org.springframework.boot.context.properties.ConfigurationProperties;
+import springfox.documentation.swagger.web.DocExpansion;
+import springfox.documentation.swagger.web.ModelRendering;
+import springfox.documentation.swagger.web.OperationsSorter;
+import springfox.documentation.swagger.web.TagsSorter;
 
 import java.util.ArrayList;
 import java.util.LinkedHashMap;
@@ -51,7 +55,7 @@ public class SwaggerProperties {
     /**
      * 忽略的参数类型
      **/
-    private List<Class> ignoredParameterTypes = new ArrayList<>();
+    private List<Class<?>> ignoredParameterTypes = new ArrayList<>();
 
     private Contact contact = new Contact();
 
@@ -184,7 +188,7 @@ public static class DocketInfo {
         /**
          * 忽略的参数类型
          **/
-        private List<Class> ignoredParameterTypes = new ArrayList<>();
+        private List<Class<?>> ignoredParameterTypes = new ArrayList<>();
 
     }
 
@@ -279,10 +283,8 @@ public static class GlobalResponseMessageBody {
     @NoArgsConstructor
     public static class UiConfig {
 
-        private String validatorUrl;
-        private String docExpansion = "none";    // none | list
-        private String apiSorter = "alpha";       // alpha
-        private String defaultModelRendering = "schema";   // schema
+
+        private String apiSorter = "alpha";
 
         /**
          * 是否启用json编辑器
@@ -301,24 +303,51 @@ public static class UiConfig {
          **/
         private Long requestTimeout = 10000L;
 
+        private Boolean deepLinking;
+        private Boolean displayOperationId;
+        private Integer defaultModelsExpandDepth;
+        private Integer defaultModelExpandDepth;
+        private ModelRendering defaultModelRendering;
+
+        /**
+         * 是否显示请求耗时，默认false
+         */
+        private Boolean displayRequestDuration = true;
+        /**
+         * 可选 none | list
+         */
+        private DocExpansion docExpansion;
+        /**
+         * Boolean=false OR String
+         */
+        private Object filter;
+        private Integer maxDisplayedTags;
+        private OperationsSorter operationsSorter;
+        private Boolean showExtensions;
+        private TagsSorter tagsSorter;
+
+        /**
+         * Network
+         */
+        private String validatorUrl;
     }
 
     /**
      * securitySchemes 支持方式之一 ApiKey
      */
     @Data
     @NoArgsConstructor
-    public static class Authorization {
+    static class Authorization {
 
         /**
          * 鉴权 API-KEY 名称标识
          */
-        private String name = "TOKEN";
+        private String name = "Authorization";
 
         /**
          * 鉴权参数
          */
-        private String keyName = "API-TOKEN";
+        private String keyName = "TOKEN";
 
         /**
          * 通过正则设置需要传递Authorization信息的API接口