无法使用 Springfox 发送授权承载令牌

2022-01-22 00:00:00 swagger swagger-ui spring java springfox

我无法理解为什么没有使用 Springfox 2.5.0 在我的 api 中发送授权:承载 __".我有以下配置:

私有 ApiKey apiKey() {返回新的 ApiKey("Authorization",//name: My key - Authorization"api_key",//键名:api_key标题");}@豆角,扁豆安全配置安全(){返回新的安全配置(空,空,空,"Docserver2_fwk",//应用名称"BEARER",//api键值ApiKeyVehicle.HEADER, "授权", ",");}

发送的卷曲是:

似乎我无法在 springfox (2.5.0) 中发送Authorization: Bearer Token",这可能吗?这是一个已知问题吗?

类似问题:

我希望有一种更自动化的方式.但就目前而言,似乎文本框中的内容简单获取已粘贴到给定标题条目的值部分.我想前缀 Bearer 没有被自动注入的原因是因为 Swagger 会对它的用户使用哪种身份验证非常固执!

@Configuration@EnableSwagger2类 SwaggerConfig {@豆角,扁豆案卷 api() {返回新案卷(DocumentationType.SWAGGER_2).选择().apis(RequestHandlerSelectors.any()).paths(Predicates.not(PathSelectors.regex("/error.*"))).建造().securitySchemes(securitySchemes())}私有静态 ArrayList安全方案(){return [new ApiKey("Bearer", "Authorization", "header")]}}

REST 端点方法:

@GetMapping("/count")@ApiOperation(value = "计算与资源名称关联的实体数.此操作不需要任何角色." , authorizations = [@Authorization(value = "Bearer")])定义计数(){计数(服务)}

登录前的curl命令:

curl -X GET "http://localhost:8080/category/count" -H "accept: */*"

回复:

<代码>{"时间戳": "2018-10-29T15:13:02.388+0000",状态":401,错误":未经授权",消息":未经授权",路径":/类别/计数"}

登录后的curl命令:

curl -X GET "http://localhost:8080/category/count" -H "accept: */*" -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9..."

回复:

<代码>{"message": "有 0 个实体",计数":0}

注意:我的代码是用 Groovy 编写的,如果您使用标准 Java,我相信您可以翻译.

I'm having trouble understanding why "Authorization: Bearer __" is not being sent in my api using Springfox 2.5.0. I have the following configuration:

private ApiKey apiKey() {
        return new ApiKey(
                "Authorization", // name: My key - Authorization
                "api_key", // keyname: api_key
                "header");
    }

@Bean
    SecurityConfiguration security() {
        return new SecurityConfiguration(
                null, null, null,
                "Docserver2_fwk", // app name
                "BEARER", // api key value
                ApiKeyVehicle.HEADER, "Authorization", ",");
    }

And the curl being sent is:

It seems I am unable to send "Authorization: Bearer Token" in springfox (2.5.0), is this possible?, is it a known problem?

Similar issue: https://github.com/springfox/springfox/issues/1812

PS: OpenAPI 3.0 allows the "bearer" format, example: https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.1.md#jwt-bearer-sample

Thanks.

解决方案

A simple workaround is to type Bearer than paste the token after it. You will end up with a text box that contains:

Bearer <token>

I wish there was a more automated way. But for now, it appears as though what goes in the text box simple get's pasted into the value section of a given header entry. I suppose the reason the prefix Bearer does not get injected automatically is because then Swagger would be quite opinionated about which sort of authentication its users used!

@Configuration
@EnableSwagger2
class SwaggerConfig {

    @Bean
    Docket api() {

        return new Docket(DocumentationType.SWAGGER_2)
                .select()
                .apis(RequestHandlerSelectors.any())
                .paths(Predicates.not(PathSelectors.regex("/error.*")))
                .build()
                .securitySchemes(securitySchemes())
    }

    private static ArrayList<? extends SecurityScheme> securitySchemes() {

        return [new ApiKey("Bearer", "Authorization", "header")]
    }
}

The REST endpoint method:

@GetMapping("/count")
@ApiOperation(value = "Count the number of entities associated with resource name. This operation does not requires any role." , authorizations = [@Authorization(value = "Bearer")])
def count() {

    count(service)
}

The curl command before logging in:

curl -X GET "http://localhost:8080/category/count" -H "accept: */*"

Response:

{
  "timestamp": "2018-10-29T15:13:02.388+0000",
  "status": 401,
  "error": "Unauthorized",
  "message": "Unauthorized",
  "path": "/category/count"
}

The curl command after logging in:

curl -X GET "http://localhost:8080/category/count" -H "accept: */*" -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9..."

Response:

{
  "message": "There are 0 entities",
  "count": 0
}

Note: My code is in Groovy, I am sure you can translate if you are using standard Java.

相关文章