Shulou(Shulou.com)06/02 Report--

Swagger2 how to integrate OAuth2, I believe that many inexperienced people do not know what to do, so this article summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.

GitHub address

Code cloud address

Swagger is an elegant interface api display tool, here we are not specific to explain, interested in Baidu. This article focuses on how to integrate OAuth3 authentication, that is, to add token to the request to verify that the interface has permissions.

Method 1: add an Authorization window to each request and manually enter token:

/ * @ Description Swagger api configuration * @ Author wwz * @ Date 2019-08-05 * / @ Configuration@EnableSwagger2public class SwaggerConfig2 {@ Value ("${swagger.is.enable}") private boolean SWAGGER_IS_ENABLE; / / whether to activate the switch or not, configure injection @ Bean public Docket docket () {/ / add head parameter configuration start ParameterBuilder tokenPar = new ParameterBuilder (); List pars = new ArrayList () in application.yml TokenPar.name ("Authorization") .description ("token") .modelRef (new ModelRef ("string")) .parameterType ("header") .required (false) .build (); pars.add (tokenPar.build ()) Return new Docket (DocumentationType.SWAGGER_2) .enable (SWAGGER_IS_ENABLE) .apiInfo (apiInfo ()) .select () .apis (RequestHandlerSelectors.basePackage ("com.wwz.frame.controller")) .build () .globalOperationParameters (pars) / / pay attention to this } private ApiInfo apiInfo () {return new ApiInfoBuilder () / / Page title ("OAuth3 Rights Management API document") .contact (new Contact ("wwz", "" "wwzwtf@qq.com") .description ("OAuth3 maintenance document") .version ("1.0") .extensions (Collections.emptyList ()) .build () }}

Screenshot of the effect:

Method 2: configure the application.yml file to set the token login address, whether to enable swagger, and create a new configuration file

/ * * @ Description Swagger api configuration mode 2: add login * @ Author wwz * @ Date 2019-08-05 * / @ Configuration@EnableSwagger2public class SwaggerConfig {@ Value ("${swagger.is.enable}") private boolean SWAGGER_IS_ENABLE; / / whether to activate the switch, and configure injection @ Value ("${swagger.auth.server}") private String AUTH_SERVER in application.yml @ Value ("${swagger.service.name}") private String SERVICE_NAME @ Bean public Docket docket () {return new Docket (DocumentationType.SWAGGER_2) .enable (SWAGGER_IS_ENABLE) .apiInfo (apiInfo ()) .select () .apis (RequestHandlerSelectors.basePackage ("com.wwz.frame.controller")) .enable (PathSelectors.any ()) .build () / / .pathMapping (SERVICE_NAME) .securityschemes (Collections.singletonList (securityScheme () .securityConformations (Collections.singletonList (securityContext () } private ApiInfo apiInfo () {return new ApiInfoBuilder () / / Page title ("OAuth3 Rights Management API document") .contact (new Contact ("wwz", "" "wwzwtf@qq.com") .description ("OAuth3 maintenance document") .version ("1.0") .extensions (Collections.emptyList ()) .build () This class determines which authentication method you use. I use password mode * / private SecurityScheme securityScheme () {GrantType grantType = new ResourceOwnerPasswordCredentialsGrant (AUTH_SERVER) here. Return new OAuthBuilder () .name ("OAuth3") .grantTypes (Collections.singletonList (grantType)) .scopes (Arrays.asList (scopes () .build () } / * the security context of swagger2 authentication is set here * / private SecurityContext securityContext () {return SecurityContext.builder () .securityreferences (Collections.singletonList (new SecurityReference ("OAuth3", scopes () .forPaths (PathSelectors.any ()) .build () } / * here is the scope * / private AuthorizationScope [] scopes () {return new AuthorizationScope [] {};}} that allows authentication

Related to the release of swagger in MySecurityResourceServerConfig.

Screenshot of the interface:

Login screenshot:

Test:

Swagger integration OAuth2 completed.

After reading the above, have you mastered how swagger2 integrates OAuth2? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.