springboot 安全 swagger springfox-boot-starter [英] springboot security swagger springfox-boot-starter
问题描述
pom.xml
<!-- swagger -->
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
<version>3.0.0</version>
</dependency>
spring-security 配置
protected void configure(HttpSecurity httpSecurity) throws Exception {
String[] SWAGGERS = {
"/swagger/**",
"/v3/**"
};
httpSecurity
.authorizeRequests(expressionInterceptUrlRegistry ->
expressionInterceptUrlRegistry
// 放行 druid 页面
.antMatchers("/zhy-druid/**").permitAll()
.antMatchers(SWAGGERS).anonymous()
.anyRequest().authenticated()
);
httpSecurity
.formLogin(httpSecurityFormLoginConfigurer ->
httpSecurityFormLoginConfigurer
.loginPage("/authentication")
.successHandler(accountAuthenticationSuccessHandler)
.failureHandler(accountAuthenticationFailureHandler)
);
httpSecurity
.logout(httpSecurityLogoutConfigurer ->
httpSecurityLogoutConfigurer
.logoutUrl("/cancellation")
.logoutSuccessHandler(accountLogoutSuccessHandler)
);
httpSecurity
.exceptionHandling(httpSecurityExceptionHandlingConfigurer ->
httpSecurityExceptionHandlingConfigurer
.authenticationEntryPoint(accountAuthenticationEntryPointHandler)
.accessDeniedHandler(accountAccessDeniedHandler)
);
httpSecurity
.cors();
httpSecurity
.csrf()
.disable();
}
application-local.yml
springfox:
documentation:
enabled: true
swagger-ui:
base-url: /swagger
我得到了这个结果.
无法呈现此定义提供的定义未指定有效的版本字段.
Unable to render this definition The provided definition does not specify a valid version field.
请指明有效的 Swagger
或 OpenAPI
版本字段.支持的版本字段有 swagger: 2.0 和匹配 openapi: 3.0.n 的字段(例如 openapi: 3.0.0).
Please indicate a valid Swagger
or OpenAPI
version field. Supported version fields are swagger: 2.0 and those that match openapi: 3.0.n (for example, openapi: 3.0.0).
推荐答案
Openapi
是最新的库,推荐用于 Spring Boot 应用程序.这是 swagger 的下一个版本.
Openapi
is the latest library and recommended for spring boot applications. It's the next version of swagger.
在您的应用程序中添加以下代码用于工作 openapi
.
Add the below code for work openapi
in your application.
pom.xml
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-ui</artifactId>
<version>1.2.32</version>
</dependency>
Spring-Security 配置为允许打开 api url.
Spring-Security configure to allow open api url.
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserServiceImpl userServiceImpl;
@Bean
BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and().csrf().disable()
.authorizeRequests()
.antMatchers(SecurityConstants.SIGN_UP_URL).permitAll()
.antMatchers("/swagger-ui/**").permitAll()
.antMatchers("/v3/**").permitAll()
.antMatchers("/api-docs.html").permitAll()
.anyRequest().authenticated()
.and()
.addFilter(new AuthorizationFilter(authenticationManager()))
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
}
application.yml
springdoc:
swagger-ui.path: /api-docs.html
这篇关于springboot 安全 swagger springfox-boot-starter的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!