Springboot Oauth2 集成Swagger2权限验证实战
Swagger是什么?能干什么?在这就不展开讲解了。本文主要讲解如何集成OAuth2的Password模式权限验证,验证接口是否具有权限。
- 引入依赖
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>2.9.2</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>2.9.2</version>
</dependency>2.SwaggerConfig配置
package com.entfrm.core.swagger.config;
import com.entfrm.core.base.config.GlobalConfig;
import io.swagger.annotations.ApiOperation;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.OAuthBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.*;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.Arrays;
import java.util.Collections;
/**
* @author entfrm
* @date 2020/4/14
* @description swagger 配置
*/
@Configuration
@EnableSwagger2
public class SwaggerConfig {
@Bean
public Docket createRestApi() {
return new Docket(DocumentationType.SWAGGER_2)
.pathMapping("/dev")
.apiInfo(apiInfo())
.select()
.apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
.paths(PathSelectors.any())
.build()
.securitySchemes(Collections.singletonList(securitySchemes()))
.securityContexts(Collections.singletonList(securityContexts()));
}
/**
* 认证方式使用密码模式
*/
private SecurityScheme securitySchemes() {
GrantType grantType = new ResourceOwnerPasswordCredentialsGrant("/dev/oauth/token");
return new OAuthBuilder()
.name("Authorization")
.grantTypes(Collections.singletonList(grantType))
.scopes(Arrays.asList(scopes()))
.build();
}
/**
* 设置 swagger2 认证的安全上下文
*/
private SecurityContext securityContexts() {
return SecurityContext.builder()
.securityReferences(Collections.singletonList(new SecurityReference("Authorization", scopes())))
.forPaths(PathSelectors.any())
.build();
}
/**
* 允许认证的scope
*/
private AuthorizationScope[] scopes() {
AuthorizationScope authorizationScope = new AuthorizationScope("test", "接口测试");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] = authorizationScope;
return authorizationScopes;
}
/**
* 添加摘要信息
*/
private ApiInfo apiInfo() {
// 用ApiInfoBuilder进行定制
return new ApiInfoBuilder()
// 设置标题
.title(GlobalConfig.getName())
// 描述
.description(GlobalConfig.getName() + "接口文档")
// 作者信息
.contact(new Contact("entfrm", "http://47.100.3.58/", ""))
// 版本
.version("版本号:" + GlobalConfig.getVersion())
.build();
}
}3.在Controller中注解@Api,@ApiOperation
/**
* @author entfrm
* @date 2020-04-01 10:04:11
* @description 文章Controller
*/
@Api("文章管理")
@RestController
@AllArgsConstructor
@RequestMapping("/cms/article")
public class ArticleController {
private final CategoryService categoryService;
private final ArticleService articleService;
@ApiOperation("文章列表")
@PreAuthorize("@ps.hasPerm(‘article_view‘)")
@GetMapping("/list")
@ResponseBody
public R list(Page page, Article article) {
IPage<Article> articlePage = articleService.page(page, getQueryWrapper(article));
return R.ok(articlePage.getRecords(), articlePage.getTotal());
}
}4.重启看下效果
5.码云地址
相关推荐
SAMXIE 2020-11-04
XuDanT 2020-09-16
permanent00 2020-09-15
哈嘿Blog 2020-09-08
Qizonghui 2020-08-02
莫问前程 2020-08-02
SAMXIE 2020-07-26
XuDanT 2020-07-24
莫问前程 2020-07-18
Qizonghui 2020-07-18
coolhty 2020-07-05
Qizonghui 2020-06-28
Qizonghui 2020-06-25
莫问前程 2020-06-22
SAMXIE 2020-06-14
莫问前程 2020-06-14
XuDanT 2020-06-07
qingjiuquan 2020-06-07
TimeMagician 2020-06-03