springboot 安全 swagger springfox-boot-starter [英] springboot security swagger springfox-boot-starter
问题描述
pom.xml
<!-- swagger -->
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
<version>3.0.0</version>
</dependency>
spring-security 配置
protected void configure(HttpSecurity httpSecurity) throws Exception {
String[] SWAGGERS = {
"/swagger/**",
"/v3/**"
};
httpSecurity
.authorizeRequests(expressionInterceptUrlRegistry ->
expressionInterceptUrlRegistry
// 放行 druid 页面
.antMatchers("/zhy-druid/**").permitAll()
.antMatchers(SWAGGERS).anonymous()
.anyRequest().authenticated()
);
httpSecurity
.formLogin(httpSecurityFormLoginConfigurer ->
httpSecurityFormLoginConfigurer
.loginPage("/authentication")
.successHandler(accountAuthenticationSuccessHandler)
.failureHandler(accountAuthenticationFailureHandler)
);
httpSecurity
.logout(httpSecurityLogoutConfigurer ->
httpSecurityLogoutConfigurer
.logoutUrl("/cancellation")
.logoutSuccessHandler(accountLogoutSuccessHandler)
);
httpSecurity
.exceptionHandling(httpSecurityExceptionHandlingConfigurer ->
httpSecurityExceptionHandlingConfigurer
.authenticationEntryPoint(accountAuthenticationEntryPointHandler)
.accessDeniedHandler(accountAccessDeniedHandler)
);
httpSecurity
.cors();
httpSecurity
.csrf()
.disable();
}
application-local.yml
springfox:
documentation:
enabled: true
swagger-ui:
base-url: /swagger
我得到了这个结果.
无法呈现此定义提供的定义未指定有效的版本字段.
Unable to render this definition The provided definition does not specify a valid version field.
请指明有效的 Swagger 或 OpenAPI 版本字段.支持的版本字段有 swagger: 2.0 和匹配 openapi: 3.0.n 的字段(例如 openapi: 3.0.0).
Please indicate a valid Swagger or OpenAPI version field. Supported version fields are swagger: 2.0 and those that match openapi: 3.0.n (for example, openapi: 3.0.0).
推荐答案
Openapi 是最新的库,推荐用于 Spring Boot 应用程序.这是 swagger 的下一个版本.
Openapi is the latest library and recommended for spring boot applications. It's the next version of swagger.
在您的应用程序中添加以下代码用于工作 openapi.
Add the below code for work openapi in your application.
pom.xml
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-ui</artifactId>
<version>1.2.32</version>
</dependency>
Spring-Security 配置为允许打开 api url.
Spring-Security configure to allow open api url.
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserServiceImpl userServiceImpl;
@Bean
BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and().csrf().disable()
.authorizeRequests()
.antMatchers(SecurityConstants.SIGN_UP_URL).permitAll()
.antMatchers("/swagger-ui/**").permitAll()
.antMatchers("/v3/**").permitAll()
.antMatchers("/api-docs.html").permitAll()
.anyRequest().authenticated()
.and()
.addFilter(new AuthorizationFilter(authenticationManager()))
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
}
application.yml
springdoc:
swagger-ui.path: /api-docs.html
这篇关于springboot 安全 swagger springfox-boot-starter的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
