Swagger3无法使用Authorization作为header参数
Swagger3官方文档中3.0规范
当全局header参数中包含命名为Accpet、Content-Type、Authorization的参数时,参数的定义将被忽略,需要手动添加。
第一步、添加依赖
<!-- swagger3 -->
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
<version>3.0.0</version>
</dependency>
第二步、创建配置文件Swagger3Config
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.builders.RequestParameterBuilder;
import springfox.documentation.oas.annotations.EnableOpenApi;
import springfox.documentation.service.*;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
/**
* @author chilei
*/
@Configuration
@EnableOpenApi
public class Swagger3Config {
public Docket createRestApi(String groupName, String basePackage) {
return new Docket(DocumentationType.OAS_30)
//添加token的参数
.securityContexts(mySecurityContexts())
.securitySchemes(mySecuritySchemes())
.apiInfo(apiInfo()).groupName(groupName)
// true 启用Swagger3.0, false 禁用(生产环境要禁用)
.enable(true)
.select()
.apis(RequestHandlerSelectors.basePackage(basePackage))
.build()
.globalRequestParameters(getGlobalRequestParameters());
}
/**
* 这里设置 swagger 认证的安全上下文
*/
public List<SecurityContext> mySecurityContexts() {
return Collections.singletonList(SecurityContext.builder()
.securityReferences(Collections.singletonList(SecurityReference.builder()
.reference("Authorization")
.scopes(new AuthorizationScope[]{new AuthorizationScope("global",
"accessEverything")}).build())).build());
}
public List<SecurityScheme> mySecuritySchemes() {
//注意,这里应对应登录token鉴权对应的k-v
return Collections.singletonList(new ApiKey("Authorization", "Authorization", "header"));
}
/**
* API 页面上半部分展示信息
*/
private ApiInfo apiInfo() {
return new ApiInfoBuilder()
.title("Swagger3接口文档")
.description("heeiya-app接口文档")
.contact(new Contact("", "", ""))
.version("1.0")
.build();
}
private List<RequestParameter> getGlobalRequestParameters() {
List<RequestParameter> parameters = new ArrayList<>();
parameters.add(new RequestParameterBuilder().name("lang").description("国际化标识,如:中文 zh_cn,英文 en_us").in(ParameterType.HEADER).build());
parameters.add(new RequestParameterBuilder().name("Api-Version").description("版本").in(ParameterType.HEADER).build());
return parameters;
}
@Bean
public Docket account() {
return createRestApi("账号中心", "com.xxx.xxx.controller");
}
}
第三步、给接口添加注解
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.BeanUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
/**
* @author chilei
*/
@RestController
@RequestMapping("/api/xxx/app")
@Api(value = "登录", tags = "登录")
public class LoginController {
@Resource
private RedisUtil redisUtil;
@Resource
private TokenHelper tokenHelper;
@PostMapping("/login")
@ApiOperation("app用户登录注册接口")
public ResultI18n login(HttpServletRequest servletRequest) {
// 具体代码忽略
String authorization = servletRequest.getHeader("Authorization");
return ResultHelper.success();
}
}
在选中的地方添加自己token就行了
最后加一个shiro对swagger3放行
// 放行Swagger相关访问
filterChainDefinitionMap.put("/swagger-ui/**", "anon");
filterChainDefinitionMap.put("/swagger-resources/**", "anon");
filterChainDefinitionMap.put("/v3/**", "anon");
filterChainDefinitionMap.put("/error/**", "anon");
filterChainDefinitionMap.put("/**", "access");
