Fatal编程技术网
  • spring/
  • Spring boot Swagger Oauth和Basic Auth一起进行身份验证

Spring boot Swagger Oauth和Basic Auth一起进行身份验证

spring spring-boot swagger microservices

Spring boot Swagger Oauth和Basic Auth一起进行身份验证,spring,spring-boot,swagger,microservices,openapi,Spring,Spring Boot,Swagger,Microservices,Openapi,我们的spring安全令牌服务将用户名和密码字段作为基本身份验证。此外,它在请求正文中采用了额外的不同“username”、“password”、“grand_type”参数。我做了一个如下的设置:招摇过市整合。但是我想把标题信息作为基本Auth和身体部位之外的其他参数发送。我怎么做 @Bean public Docket swaggerPersonApi10() { return new Docket(DocumentationType.SWAGGER_2) .se

我们的spring安全令牌服务将用户名和密码字段作为基本身份验证。此外,它在请求正文中采用了额外的不同“username”、“password”、“grand_type”参数。我做了一个如下的设置:招摇过市整合。但是我想把标题信息作为基本Auth和身体部位之外的其他参数发送。我怎么做

@Bean
  public Docket swaggerPersonApi10() {
    return new Docket(DocumentationType.SWAGGER_2)
        .select()
        .apis(RequestHandlerSelectors.basePackage("com.test"))
        .paths(PathSelectors.any()).build()
        .securitySchemes(Collections.singletonList(securitySchema()))
        .securityContexts(Collections.singletonList(securityContext()))
        .apiInfo(
            new ApiInfoBuilder()
                .version("1.0")
                .title("Customer API")
                .description("Documentation Customer API v1.0")
                .build());
  }

private OAuth securitySchema() {

    List<AuthorizationScope> authorizationScopeList = new ArrayList<>();
    authorizationScopeList.add(new AuthorizationScope("read", "read all"));
    authorizationScopeList.add(new AuthorizationScope("trust", "trust all"));
    authorizationScopeList.add(new AuthorizationScope("write", "access all"));

    List<GrantType> grantTypes = new ArrayList<>();
    GrantType creGrant = new ResourceOwnerPasswordCredentialsGrant(authLink + "/oauth/token");

    grantTypes.add(creGrant);

    return new OAuth("oauth2schema", authorizationScopeList, grantTypes);

  }

  private SecurityContext securityContext() {
    return SecurityContext.builder().securityReferences(defaultAuth())
        .forPaths(PathSelectors.ant("/**"))
        .build();
  }

  private List<SecurityReference> defaultAuth() {

    final AuthorizationScope[] authorizationScopes = new AuthorizationScope[3];
    authorizationScopes[0] = new AuthorizationScope("read", "read all");
    authorizationScopes[1] = new AuthorizationScope("trust", "trust all");
    authorizationScopes[2] = new AuthorizationScope("write", "write all");

    return Collections.singletonList(new SecurityReference("oauth2schema", authorizationScopes));
  }

    curl --location --request POST 'http://localhost:9090/security-service/oauth/token' \
--header 'Authorization: Basic dHVyavsNlbasuZHNzY3ftOnR2cmtzZWxvQbRze2NtbQ==' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=user' \
--data-urlencode 'password=pass' \
--data-urlencode 'grant_type=password'