无法使用 Springfox 发送授权承载令牌
我无法理解为什么没有使用 Springfox 2.5.0 在我的 api 中发送授权:承载 __".我有以下配置:
私有 ApiKey apiKey() {返回新的 ApiKey("Authorization",//name: My key - Authorization"api_key",//键名:api_key标题");}@豆角,扁豆安全配置安全(){返回新的安全配置(空,空,空,"Docserver2_fwk",//应用名称"BEARER",//api键值ApiKeyVehicle.HEADER, "授权", ",");}发送的卷曲是:
似乎我无法在 springfox (2.5.0) 中发送Authorization: Bearer Token",这可能吗?这是一个已知问题吗?
类似问题:
我希望有一种更自动化的方式.但就目前而言,似乎文本框中的内容简单获取已粘贴到给定标题条目的值部分.我想前缀 Bearer 没有被自动注入的原因是因为 Swagger 会对它的用户使用哪种身份验证非常固执!
@Configuration@EnableSwagger2类 SwaggerConfig {@豆角,扁豆案卷 api() {返回新案卷(DocumentationType.SWAGGER_2).选择().apis(RequestHandlerSelectors.any()).paths(Predicates.not(PathSelectors.regex("/error.*"))).建造().securitySchemes(securitySchemes())}私有静态 ArrayList安全方案(){return [new ApiKey("Bearer", "Authorization", "header")]}}REST 端点方法:
@GetMapping("/count")@ApiOperation(value = "计算与资源名称关联的实体数.此操作不需要任何角色." , authorizations = [@Authorization(value = "Bearer")])定义计数(){计数(服务)}登录前的curl命令:
curl -X GET "http://localhost:8080/category/count" -H "accept: */*"回复:
<代码>{"时间戳": "2018-10-29T15:13:02.388+0000",状态":401,错误":未经授权",消息":未经授权",路径":/类别/计数"}登录后的curl命令:
curl -X GET "http://localhost:8080/category/count" -H "accept: */*" -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9..."回复:
<代码>{"message": "有 0 个实体",计数":0}注意:我的代码是用 Groovy 编写的,如果您使用标准 Java,我相信您可以翻译.
I'm having trouble understanding why "Authorization: Bearer __" is not being sent in my api using Springfox 2.5.0. I have the following configuration:
private ApiKey apiKey() {
return new ApiKey(
"Authorization", // name: My key - Authorization
"api_key", // keyname: api_key
"header");
}
@Bean
SecurityConfiguration security() {
return new SecurityConfiguration(
null, null, null,
"Docserver2_fwk", // app name
"BEARER", // api key value
ApiKeyVehicle.HEADER, "Authorization", ",");
}
And the curl being sent is:
It seems I am unable to send "Authorization: Bearer Token" in springfox (2.5.0), is this possible?, is it a known problem?
Similar issue: https://github.com/springfox/springfox/issues/1812
PS: OpenAPI 3.0 allows the "bearer" format, example: https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.1.md#jwt-bearer-sample
Thanks.
解决方案A simple workaround is to type Bearer than paste the token after it. You will end up with a text box that contains:
Bearer <token>
I wish there was a more automated way. But for now, it appears as though what goes in the text box simple get's pasted into the value section of a given header entry. I suppose the reason the prefix Bearer does not get injected automatically is because then Swagger would be quite opinionated about which sort of authentication its users used!
@Configuration
@EnableSwagger2
class SwaggerConfig {
@Bean
Docket api() {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.any())
.paths(Predicates.not(PathSelectors.regex("/error.*")))
.build()
.securitySchemes(securitySchemes())
}
private static ArrayList<? extends SecurityScheme> securitySchemes() {
return [new ApiKey("Bearer", "Authorization", "header")]
}
}
The REST endpoint method:
@GetMapping("/count")
@ApiOperation(value = "Count the number of entities associated with resource name. This operation does not requires any role." , authorizations = [@Authorization(value = "Bearer")])
def count() {
count(service)
}
The curl command before logging in:
curl -X GET "http://localhost:8080/category/count" -H "accept: */*"
Response:
{
"timestamp": "2018-10-29T15:13:02.388+0000",
"status": 401,
"error": "Unauthorized",
"message": "Unauthorized",
"path": "/category/count"
}
The curl command after logging in:
curl -X GET "http://localhost:8080/category/count" -H "accept: */*" -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9..."
Response:
{
"message": "There are 0 entities",
"count": 0
}
Note: My code is in Groovy, I am sure you can translate if you are using standard Java.
相关文章