我正在尝试向OAuth安全方案添加自定义标头(Springfox Swagger 2.8.0)。 任何想法如何实现这一目标?
我当前的配置(使用OAuth和ImplicitGrant,服务器端是keycloak)看起来像:
@Bean
public SecurityContext securityContext() {
return SecurityContext.builder().securityReferences(defaultAuth()).build();
}
private List<SecurityReference> defaultAuth() {
return Arrays.asList(new SecurityReference(SECURITY_SCHEME_OAUTH2, defaultScope().toArray(new AuthorizationScope[] {})));
}
private Predicate<String> postPaths() {
return regex("/.*");
}
private Predicate<String> springBootActuatorJmxPaths() {
return regex("^/(?!env|restart|pause|resume|refresh).*$");
}
private List<AuthorizationScope> defaultScope() {
AuthorizationScope authorizationScope = new AuthorizationScope("openid", "Basic Open ID Connect Scope");
List<AuthorizationScope> authorizationScopes = new ArrayList<>();
authorizationScopes.add(authorizationScope);
return authorizationScopes;
}
@Bean
public Docket postsApi(List<SecurityContext> securityContexts) {
return new Docket(DocumentationType.SWAGGER_2).groupName("public-api")
.apiInfo(apiInfo()).select().paths(postPaths())
.apis(RequestHandlerSelectors.basePackage("com.example"))
.paths(springBootActuatorJmxPaths())
.build()
.securitySchemes(Collections.singletonList(oauth()))
.securityContexts(securityContexts)
;
}
@Bean
List<GrantType> grantTypes() {
List<GrantType> grantTypes = new ArrayList<>();
grantTypes.add(
new ImplicitGrant(
new LoginEndpoint(oAuthServerUri + "/realms/" + REALM_NAME + "/protocol/openid-connect/auth"),
"access_token"
)
);
return grantTypes;
}
@Bean
SecurityScheme oauth() {
return new OAuthBuilder()
.name(SECURITY_SCHEME_OAUTH2)
.scopes(defaultScope())
.grantTypes(grantTypes())
.build();
}
@Bean
public SecurityConfiguration securityInfo() {
return SecurityConfigurationBuilder.builder()
.clientId(clientId)
.realm(REALM_NAME)
.appName(serviceName)
.scopeSeparator(" ")
.build();
}