在Springfox Swagger中为OAuth2身份验证添加自定义标头

时间:2018-02-26 12:58:53

标签: swagger springfox

我正在尝试向OAuth安全方案添加自定义标头(Springfox Swagger 2.8.0)。 任何想法如何实现这一目标?

我当前的配置(使用OAuth和ImplicitGrant,服务器端是keycloak)看起来像:

@Bean
public SecurityContext securityContext() {
    return SecurityContext.builder().securityReferences(defaultAuth()).build();
}

private List<SecurityReference> defaultAuth() {
    return Arrays.asList(new SecurityReference(SECURITY_SCHEME_OAUTH2, defaultScope().toArray(new AuthorizationScope[] {})));
}
private Predicate<String> postPaths() {
    return regex("/.*");
}

private Predicate<String> springBootActuatorJmxPaths() {
    return regex("^/(?!env|restart|pause|resume|refresh).*$");
}

private List<AuthorizationScope> defaultScope() {
    AuthorizationScope authorizationScope = new AuthorizationScope("openid", "Basic Open ID Connect Scope");
    List<AuthorizationScope> authorizationScopes = new ArrayList<>();
    authorizationScopes.add(authorizationScope);
    return authorizationScopes;
}

@Bean
public Docket postsApi(List<SecurityContext> securityContexts) {
    return new Docket(DocumentationType.SWAGGER_2).groupName("public-api")
            .apiInfo(apiInfo()).select().paths(postPaths())
            .apis(RequestHandlerSelectors.basePackage("com.example"))
            .paths(springBootActuatorJmxPaths())
            .build()
            .securitySchemes(Collections.singletonList(oauth()))
            .securityContexts(securityContexts)
            ;
}
@Bean
List<GrantType> grantTypes() {
    List<GrantType> grantTypes = new ArrayList<>();
    grantTypes.add(
            new ImplicitGrant(
                    new LoginEndpoint(oAuthServerUri + "/realms/" + REALM_NAME + "/protocol/openid-connect/auth"),
                    "access_token"
            )
    );
    return grantTypes;
}

@Bean
SecurityScheme oauth() {
    return new OAuthBuilder()
            .name(SECURITY_SCHEME_OAUTH2)
            .scopes(defaultScope())
            .grantTypes(grantTypes())
            .build();
}

@Bean
public SecurityConfiguration securityInfo() {
    return SecurityConfigurationBuilder.builder()
            .clientId(clientId)
            .realm(REALM_NAME)
            .appName(serviceName)
            .scopeSeparator(" ")
            .build();
}

1 个答案:

答案 0 :(得分:1)

目前在Springfox Swagger中是不可能的,更多详细信息在这里:here