1. 新增了 Swagger 的 Authorization 功能，开始 Api Key 的授权模式；

2. 同时授权模式支持通过 authRegex 正则表达式进行匹配哪些URL传递授权信息；
3. 升级 Springfox-swagger 到 2.8.0
4. 升级 lombok 到 1.16.18
5. 升级spring-boot到 1.5.9.RELEASE

Author: gumutianqi

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>com.spring4all</groupId>
     <artifactId>swagger-spring-boot-starter</artifactId>
-    <version>1.6.0.RELEASE</version>
+    <version>1.6.1.RELEASE</version>
 
     <name>spring-boot-starter-swagger</name>
     <url>https://github.com/SpringForAll/spring-boot-starter-swagger</url>
@@ -48,8 +48,9 @@
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <version.java>1.8</version.java>
-        <version.swagger>2.7.0</version.swagger>
-        <version.spring-boot>1.5.6.RELEASE</version.spring-boot>
+        <version.swagger>2.8.0</version.swagger>
+        <version.spring-boot>1.5.9.RELEASE</version.spring-boot>
+        <version.lombok>1.16.18</version.lombok>
     </properties>
 
     <dependencies>
@@ -81,7 +82,7 @@
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
-            <version>1.16.12</version>
+            <version>${version.lombok}</version>
             <scope>provided</scope>
         </dependency>
         <dependency>

src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java

@@ -2,7 +2,6 @@
 
 import com.google.common.base.Predicate;
 import com.google.common.base.Predicates;
-import com.google.common.collect.Lists;
 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.BeanFactory;
 import org.springframework.beans.factory.BeanFactoryAware;
@@ -17,17 +16,17 @@
 import org.springframework.web.bind.annotation.RequestMethod;
 import springfox.documentation.builders.*;
 import springfox.documentation.schema.ModelRef;
-import springfox.documentation.service.ApiInfo;
-import springfox.documentation.service.Contact;
-import springfox.documentation.service.Parameter;
-import springfox.documentation.service.ResponseMessage;
+import springfox.documentation.service.*;
 import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spi.service.contexts.SecurityContext;
 import springfox.documentation.spring.web.plugins.Docket;
 import springfox.documentation.swagger.web.UiConfiguration;
 
 import java.util.*;
 import java.util.stream.Collectors;
 
+import static com.google.common.collect.Lists.newArrayList;
+
 /**
  * @author 翟永超
  * Create date：2017/8/7.
@@ -101,6 +100,8 @@ public List<Docket> createRestApi(SwaggerProperties swaggerProperties) {
             Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2)
                     .host(swaggerProperties.getHost())
                     .apiInfo(apiInfo)
+                    .securitySchemes(this.securitySchemes())
+                    .securityContexts(this.securityContexts())
                     .globalOperationParameters(buildGlobalOperationParametersFromSwaggerProperties(
                             swaggerProperties.getGlobalOperationParameters()));
 
@@ -167,6 +168,8 @@ public List<Docket> createRestApi(SwaggerProperties swaggerProperties) {
             Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2)
                     .host(swaggerProperties.getHost())
                     .apiInfo(apiInfo)
+                    .securitySchemes(this.securitySchemes())
+                    .securityContexts(this.securityContexts())
                     .globalOperationParameters(assemblyGlobalOperationParameters(swaggerProperties.getGlobalOperationParameters(),
                             docketInfo.getGlobalOperationParameters()));
 
@@ -197,6 +200,39 @@ public List<Docket> createRestApi(SwaggerProperties swaggerProperties) {
         return docketList;
     }
 
+    /**
+     * 配置 Authorization ApiKey
+     *
+     * @return
+     */
+    private List<ApiKey> securitySchemes() {
+        return newArrayList(
+                new ApiKey(swaggerProperties().getAuthorization().getName(),
+                        swaggerProperties().getAuthorization().getKeyName(), "header"));
+    }
+
+    /**
+     * 通过正则设置需要传递 Authorization 信息的API接口
+     *
+     * @return
+     */
+    private List<SecurityContext> securityContexts() {
+        return newArrayList(
+                SecurityContext.builder()
+                        .securityReferences(defaultAuth())
+                        .forPaths(PathSelectors.regex(swaggerProperties().getAuthorization().getAuthRegex()))
+                        .build()
+        );
+    }
+
+    List<SecurityReference> defaultAuth() {
+        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
+        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
+        authorizationScopes[0] = authorizationScope;
+        return newArrayList(
+                new SecurityReference("BearerToken", authorizationScopes));
+    }
+
 
     @Override
     public void setBeanFactory(BeanFactory beanFactory) throws BeansException {
@@ -206,7 +242,7 @@ public void setBeanFactory(BeanFactory beanFactory) throws BeansException {
 
     private List<Parameter> buildGlobalOperationParametersFromSwaggerProperties(
             List<SwaggerProperties.GlobalOperationParameter> globalOperationParameters) {
-        List<Parameter> parameters = Lists.newArrayList();
+        List<Parameter> parameters = newArrayList();
 
         if (Objects.isNull(globalOperationParameters)) {
             return parameters;
@@ -242,7 +278,7 @@ private List<Parameter> assemblyGlobalOperationParameters(
                 .map(SwaggerProperties.GlobalOperationParameter::getName)
                 .collect(Collectors.toSet());
 
-        List<SwaggerProperties.GlobalOperationParameter> resultOperationParameters = Lists.newArrayList();
+        List<SwaggerProperties.GlobalOperationParameter> resultOperationParameters = newArrayList();
 
         if (Objects.nonNull(globalOperationParameters)) {
             for (SwaggerProperties.GlobalOperationParameter parameter : globalOperationParameters) {
@@ -268,24 +304,24 @@ private void buildGlobalResponseMessage(SwaggerProperties swaggerProperties, Doc
                 swaggerProperties.getGlobalResponseMessage();
 
         // POST,GET,PUT,PATCH,DELETE,HEAD,OPTIONS,TRACE 响应消息体
-        List<ResponseMessage> postResponseMessages      = getResponseMessageList(globalResponseMessages.getPost());
-        List<ResponseMessage> getResponseMessages       = getResponseMessageList(globalResponseMessages.getGet());
-        List<ResponseMessage> putResponseMessages       = getResponseMessageList(globalResponseMessages.getPut());
-        List<ResponseMessage> patchResponseMessages     = getResponseMessageList(globalResponseMessages.getPatch());
-        List<ResponseMessage> deleteResponseMessages    = getResponseMessageList(globalResponseMessages.getDelete());
-        List<ResponseMessage> headResponseMessages      = getResponseMessageList(globalResponseMessages.getHead());
-        List<ResponseMessage> optionsResponseMessages   = getResponseMessageList(globalResponseMessages.getOptions());
-        List<ResponseMessage> trackResponseMessages     = getResponseMessageList(globalResponseMessages.getTrace());
+        List<ResponseMessage> postResponseMessages = getResponseMessageList(globalResponseMessages.getPost());
+        List<ResponseMessage> getResponseMessages = getResponseMessageList(globalResponseMessages.getGet());
+        List<ResponseMessage> putResponseMessages = getResponseMessageList(globalResponseMessages.getPut());
+        List<ResponseMessage> patchResponseMessages = getResponseMessageList(globalResponseMessages.getPatch());
+        List<ResponseMessage> deleteResponseMessages = getResponseMessageList(globalResponseMessages.getDelete());
+        List<ResponseMessage> headResponseMessages = getResponseMessageList(globalResponseMessages.getHead());
+        List<ResponseMessage> optionsResponseMessages = getResponseMessageList(globalResponseMessages.getOptions());
+        List<ResponseMessage> trackResponseMessages = getResponseMessageList(globalResponseMessages.getTrace());
 
         docketForBuilder.useDefaultResponseMessages(swaggerProperties.getApplyDefaultResponseMessages())
-                .globalResponseMessage(RequestMethod.POST,      postResponseMessages)
-                .globalResponseMessage(RequestMethod.GET,       getResponseMessages)
-                .globalResponseMessage(RequestMethod.PUT,       putResponseMessages)
-                .globalResponseMessage(RequestMethod.PATCH,     patchResponseMessages)
-                .globalResponseMessage(RequestMethod.DELETE,    deleteResponseMessages)
-                .globalResponseMessage(RequestMethod.HEAD,      headResponseMessages)
-                .globalResponseMessage(RequestMethod.OPTIONS,   optionsResponseMessages)
-                .globalResponseMessage(RequestMethod.TRACE,     trackResponseMessages);
+                .globalResponseMessage(RequestMethod.POST, postResponseMessages)
+                .globalResponseMessage(RequestMethod.GET, getResponseMessages)
+                .globalResponseMessage(RequestMethod.PUT, putResponseMessages)
+                .globalResponseMessage(RequestMethod.PATCH, patchResponseMessages)
+                .globalResponseMessage(RequestMethod.DELETE, deleteResponseMessages)
+                .globalResponseMessage(RequestMethod.HEAD, headResponseMessages)
+                .globalResponseMessage(RequestMethod.OPTIONS, optionsResponseMessages)
+                .globalResponseMessage(RequestMethod.TRACE, trackResponseMessages);
     }
 
     /**