Springfox swagger-ui.html无法推断基本网址-由缺少Cookie引起 [英] Springfox swagger-ui.html unable to infer base URL - Caused by missing cookies

问题描述

我们在API网关后面提供了Spring Boot服务.使用较早版本的Springfox-2.1.2，在加载swagger-ui.html页面时没有问题.这与Spring Boot 1.4.3.RELEASE一起使用.从那时起，我们已升级到Boot 1.5.7，并将Springfox升级到了2.8.0.

We have our Spring Boot services behind an API Gateway. With an earlier version of Springfox - 2.1.2 we had no issues in loading the swagger-ui.html page. This worked with Spring Boot 1.4.3.RELEASE. From then, we have upgraded to Boot 1.5.7 and upgraded Springfox to 2.8.0.

现在，如果我们加载页面，则会显示一个带有以下长消息的警报框.

Now if we load the page we get an alert box with the following long message.

无法推断基本网址.这在使用动态servlet时很常见 注册或API位于API网关后面时.基本网址是 服务所有招摇资源的根.例如如果 可以在 http://example.org/api/v2/api-docs然后 基本网址为 http://example.org/api/.请输入位置 手动

Unable to infer base url. This is common when using dynamic servlet registration or when the API is behind an API Gateway. The base url is the root of where all the swagger resources are served. For e.g. if the api is available at http://example.org/api/v2/api-docs then the base url is http://example.org/api/. Please enter the location manually

我在网上搜索时得到了一些提示，但是这些情况似乎不适用于我们.首先，如果我简单地还原版本，它将通过相同的API网关再次开始工作.

I got some hints searching online, but it does not seem those situations apply to us. For one, if I simply revert back the versions, it starts working again through the same API Gateway.

跟踪流量，似乎对由.html页面进行的三个XHR资源的调用引起了问题.这些从我们的API网关返回401.他们返回401的原因是因为cookie没有传递.

Tracking the traffic, it seems calls to three XHR resources made by the .html page is causing issues. These are returning 401 from our API gateway. And the reason they return 401 is because the cookies are not passed along.

这三个电话是:

• https://base_address/base_context/swagger-resources/configuration/ui
• https://base_address/base_context/swagger-resources/configuration/security
• https://base_address/base_context/swagger-resources

• https://base_address/base_context/swagger-resources/configuration/ui
• https://base_address/base_context/swagger-resources/configuration/security
• https://base_address/base_context/swagger-resources

如果我将这些URL作为纯浏览器请求加载-它们可以工作-因为发送了cookie.

If I load these URLs as pure browser requests - they work - because cookies are sent.

我怀疑是否适用CORS，因为HTML是从与一般JSON和实际服务调用相同的地址提供的.

I doubt if CORS applies since the HTML is being served from the same address as the swagger JSON and actual service calls.

知道为什么会这样吗?有人遇到过类似的问题吗?解决方法的建议?提前谢谢.

Any idea why this may be happening? Anybody faced similar issues? Suggestions for workaround? Thanks much in advance.

推荐答案

在安全配置中添加-跳过了用于身份验证的URL ::

Add in the security config -- following URLS that are skipped for authentication ::

private static final String[] AUTH_WHITELIST = {
        "/swagger-resources/**",
        "/swagger-ui.html",
        "/v2/api-docs",
        "/webjars/**"
};

@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring().antMatchers(AUTH_WHITELIST);
}

这篇关于Springfox swagger-ui.html无法推断基本网址-由缺少Cookie引起的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！