Playframework 招摇过市:如何在我的Play应用程序中启用API密钥?
在我的Playframework 招摇过市:如何在我的Play应用程序中启用API密钥?,playframework,swagger,Playframework,Swagger,在我的Play应用程序中,我为招摇过市者定义了一个AuthorizationFilter,如下所示: class AuthorizationFilter extends SwaggerSpecFilter { def isOperationAllowed( operation: Operation, api: ApiDescription, params: java.util.Map[String, java.util.List[String]], cook
Play
应用程序中,我为招摇过市者定义了一个AuthorizationFilter
,如下所示:
class AuthorizationFilter extends SwaggerSpecFilter {
def isOperationAllowed(
operation: Operation,
api: ApiDescription,
params: java.util.Map[String, java.util.List[String]],
cookies: java.util.Map[String, String],
headers: java.util.Map[String, java.util.List[String]]): Boolean = {
checkKey(params, headers) match {
case true => true
case false => {
Logger("swagger").debug(s"authenticated: false - method: ${operation.method} - path: ${api.path}")
if (operation.method == "GET" && api.path.indexOf("/admin") != -1) true
else if (operation.method == "GET" && api.path.indexOf("/auth/users") != -1) true
else false
}
}
}
def isParamAllowed(
parameter: Parameter,
operation: Operation,
api: ApiDescription,
params: java.util.Map[String, java.util.List[String]],
cookies: java.util.Map[String, String],
headers: java.util.Map[String, java.util.List[String]]): Boolean = {
val isAuthorized = checkKey(params, headers)
if (parameter.paramAccess == Some("internal") && !isAuthorized) false
else true
}
def checkKey(
params: java.util.Map[String, java.util.List[String]],
headers: java.util.Map[String, java.util.List[String]]): Boolean = {
val apiKey = params.containsKey("api_key") match {
case true => Some(params.get("api_key").get(0))
case _ => {
headers.containsKey("api_key") match {
case true => Some(headers.get("api_key").get(0))
case _ => None
}
}
}
apiKey match {
case Some(key) if (key == "special-key") => true
case _ => false
}
}
}
然后,我在我的conf\application.conf
中添加了以下配置:
api.version = "0.1"
swagger {
api {
basepath = "http://localhost:9000"
}
security {
filter = "security.apidocs.AuthorizationFilter"
}
}
。。。但是,
AuthorizationFilter
从未被调用。如何启用它?确保您的AuthorizationFilter首先在文件中定义了包security.apidocs