Java 使用openapi 3.0、aws cognito oauth2配置Springboot时出现问题
我试图将OpenAPI 3.0集成到我现有的springboot restpai应用程序中。到目前为止,我可以通过使用这个代码片段用oAuth2配置openapiJava 使用openapi 3.0、aws cognito oauth2配置Springboot时出现问题,java,spring-boot,oauth-2.0,swagger,openapi,Java,Spring Boot,Oauth 2.0,Swagger,Openapi,我试图将OpenAPI 3.0集成到我现有的springboot restpai应用程序中。到目前为止,我可以通过使用这个代码片段用oAuth2配置openapi @Bean public OpenAPI customOpenAPI() { OAuthFlow oAuthFlowObject = new OAuthFlow(); oAuthFlowObject .setAuthorizationUrl("https
@Bean
public OpenAPI customOpenAPI() {
OAuthFlow oAuthFlowObject = new OAuthFlow();
oAuthFlowObject
.setAuthorizationUrl("https://<my-domain>.auth.us-east-2.amazoncognito.com/oauth2/authorize");
oAuthFlowObject.setRefreshUrl("https://<my-domain>.auth.us-east-2.amazoncognito.com/oauth2/refresh");
oAuthFlowObject.setTokenUrl("https://<my-domain>.auth.us-east-2.amazoncognito.com/oauth2/token");
OAuthFlows oAuthFlows = new OAuthFlows();
oAuthFlows.authorizationCode(oAuthFlowObject);
return new OpenAPI()
.components(new Components()
.addSecuritySchemes("oauth2", new SecurityScheme().in(SecurityScheme.In.HEADER)
.type(SecurityScheme.Type.OAUTH2)
.flows(oAuthFlows)
.bearerFormat("JWT")
.scheme("bearer")
))
.info(new Info().title("Contact Application API").description(
"This is a sample Spring Boot RESTful service using springdoc-openapi and OpenAPI 3."))
;
}
@Bean
公共OpenAPI自定义OpenAPI(){
OAuthFlow oAuthFlowObject=新的OAuthFlow();
oAuthFlowObject
.setAuthorizationUrl(“https://.auth.us-east-2.amazoncognito.com/oauth2/authorize");
oAuthFlowObject.setRefreshUrl(“https://.auth.us-east-2.amazoncognito.com/oauth2/refresh");
oAuthFlowObject.setTokenUrl(“https://.auth.us-east-2.amazoncognito.com/oauth2/token");
OAuthFlows OAuthFlows=新的OAuthFlows();
授权代码(oAuthFlowObject);
返回新的OpenAPI()
.组件(新组件()
.addSecuritySchemes(“oauth2”,新的SecurityScheme().in(SecurityScheme.in.HEADER)
.type(SecurityScheme.type.OAUTH2)
.flows(oAuthFlows)
.BearPerformat(“JWT”)
.方案(“持票人”)
))
.info(新信息().title(“联系应用程序API”).description(
“这是一个使用springdoc openapi和openapi 3的示例Spring Boot RESTful服务。”)
;
}
看来我可以从cognito那里成功地得到令牌了。
但问题是,当我从swagger ui试用任何api时,它都不包括承载令牌
我有什么遗漏吗?
如何设置路径前缀,以便在调用这些路径时附加令牌。另外,我只想从swagger发送授权承载头中的“id_令牌” 要为swagger配置aws cognito并使其发送id令牌而不是访问令牌,我们需要配置两种安全机制。下面是示例代码片段。这是一个变通办法。由于默认情况下会发送
access token
,我们需要发送id token
,因此我们配置了两个选项
@Bean
public OpenAPI customOpenAPI() {
return new OpenAPI()
//bearer auth with oAuth2
.addSecurityItem(new SecurityRequirement().addList("bearerAuth"))
.components(new Components().addSecuritySchemes("oAuth2", new SecurityScheme() .type(SecurityScheme.Type.OAUTH2) .flows(getOAuthFlows())
)
/// Bearer AUTH security config settings. ## for id-token.
.addSecuritySchemes("bearerAuth", new SecurityScheme()
.type(SecurityScheme.Type.HTTP)
.scheme("bearer")
.bearerFormat("JWT")
)
).info(getInfo());
}
private Info getInfo() {
return new Info()
.title("Title")
.version("1.0")
.description("Project description..");
}
下面是它的样子:
之后,您需要从浏览器控制台配置id令牌。