Springboot Oauth 2統合Swagger 2権限検証実戦

スワーガーって何?何ができる?ここでは説明をしません.本文は主にOAuth 2のPasswordモード権限検証を統合し,インタフェースに権限があるかどうかを検証する方法を説明する.

依存

を導入

<dependency>
    <groupId>io.springfox</groupId>
    <artifactId>springfox-swagger2</artifactId>
    <version>2.9.2</version>
</dependency>
<dependency>
    <groupId>io.springfox</groupId>
    <artifactId>springfox-swagger-ui</artifactId>
    <version>2.9.2</version>
</dependency>

2.SwaggerConfig構成

package com.entfrm.core.swagger.config;

import com.entfrm.core.base.config.GlobalConfig;
import io.swagger.annotations.ApiOperation;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.OAuthBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.*;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;

import java.util.Arrays;
import java.util.Collections;

/**
 * @author entfrm
 * @date 2020/4/14
 * @description swagger   
 */
@Configuration
@EnableSwagger2
public class SwaggerConfig {

    @Bean
    public Docket createRestApi() {
        return new Docket(DocumentationType.SWAGGER_2)
                .pathMapping("/dev")
                .apiInfo(apiInfo())
                .select()
                .apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
                .paths(PathSelectors.any())
                .build()
                .securitySchemes(Collections.singletonList(securitySchemes()))
                .securityContexts(Collections.singletonList(securityContexts()));
    }


    /**
     *           
     */
    private SecurityScheme securitySchemes() {
        GrantType grantType = new ResourceOwnerPasswordCredentialsGrant("/dev/oauth/token");

        return new OAuthBuilder()
                .name("Authorization")
                .grantTypes(Collections.singletonList(grantType))
                .scopes(Arrays.asList(scopes()))
                .build();
    }

    /**
     *    swagger2         
     */
    private SecurityContext securityContexts() {
        return SecurityContext.builder()
                .securityReferences(Collections.singletonList(new SecurityReference("Authorization", scopes())))
                .forPaths(PathSelectors.any())
                .build();
    }

    /**
     *      scope
     */
    private AuthorizationScope[] scopes() {
        AuthorizationScope authorizationScope = new AuthorizationScope("test", "    ");
        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
        authorizationScopes[0] = authorizationScope;
        return authorizationScopes;
    }

    /**
     *       
     */
    private ApiInfo apiInfo() {
        //  ApiInfoBuilder    
        return new ApiInfoBuilder()
                //     
                .title(GlobalConfig.getName())
                //   
                .description(GlobalConfig.getName() + "    ")
                //     
                .contact(new Contact("entfrm", "http://47.100.3.58/", "[email protected]"))
                //   
                .version("   :" + GlobalConfig.getVersion())
                .build();
    }
}

3.Controllerで@Api,@ApiOperationを注記する

/**
 * @author entfrm
 * @date 2020-04-01 10:04:11
 * @description   Controller
 */
@Api("    ")
@RestController
@AllArgsConstructor
@RequestMapping("/cms/article")
public class ArticleController {

    private final CategoryService categoryService;
    private final ArticleService articleService;

    @ApiOperation("    ")
    @PreAuthorize("@ps.hasPerm('article_view')")
    @GetMapping("/list")
    @ResponseBody
    public R list(Page page, Article article) {
        IPage<Article> articlePage = articleService.page(page, getQueryWrapper(article));
        return R.ok(articlePage.getRecords(), articlePage.getTotal());
    }
}

4.再起動して効果5を見る.コードクラウドアドレス
ソースのダウンロード