给用户中心和作家中心中所有接口（不含登陆注册）添加认证header

2025-04-27 01:40:50 +00:00 · 2020-06-02 19:40:48 +08:00 · 2020-06-02 19:40:48 +08:00 · 73474c066e
commit 73474c066e
parent 08f08bf65b
1 changed files with 38 additions and 3 deletions
--- a/novel-common/src/main/java/com/java2nb/novel/common/config/Swagger2Config.java
+++ b/novel-common/src/main/java/com/java2nb/novel/common/config/Swagger2Config.java
@ -3,15 +3,24 @@ package com.java2nb.novel.common.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import springfox.documentation.builders.ApiInfoBuilder;
+import springfox.documentation.builders.ParameterBuilder;
 import springfox.documentation.builders.PathSelectors;
 import springfox.documentation.builders.RequestHandlerSelectors;
-import springfox.documentation.service.ApiInfo;
+import springfox.documentation.schema.ModelRef;
+import springfox.documentation.service.*;
 import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spi.service.contexts.SecurityContext;
 import springfox.documentation.spring.web.plugins.Docket;
 import springfox.documentation.swagger2.annotations.EnableSwagger2;

+import java.util.ArrayList;
+import java.util.List;
+
+import static com.google.common.collect.Lists.newArrayList;
+
 /**
 * Swagger2API文档的配置
+ *
 * @author xiongxiaoyang
 * @version 1.0
 * @since 2020/5/27
@ -20,7 +29,8 @@ import springfox.documentation.swagger2.annotations.EnableSwagger2;
@EnableSwagger2
 public class Swagger2Config {
    @Bean
-    public Docket createRestApi(){
+    public Docket createRestApi() {
+
        return new Docket(DocumentationType.SWAGGER_2)
                .apiInfo(apiInfo())
                .select()
@ -31,7 +41,9 @@ public class Swagger2Config {
                //为有@ApiOperation注解的方法生成API文档
                //.apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
                .paths(PathSelectors.any())
-                .build();
+                .build()
+                .securitySchemes(securitySchemes())
+                .securityContexts(securityContexts());
    }

    private ApiInfo apiInfo() {
@ -42,4 +54,27 @@ public class Swagger2Config {
                .version("1.0.0")
                .build();
    }
+
+    private List<ApiKey> securitySchemes() {
+        return newArrayList(
+                new ApiKey("Authorization", "Authorization", "header"));
+    }
+
+    private List<SecurityContext> securityContexts() {
+        return newArrayList(
+                SecurityContext.builder()
+                        .securityReferences(defaultAuth())
+                        //用户微服务和作家微服务（不包括登陆/注册）的接口需要认证
+                        .forPaths(PathSelectors.regex("^/(user|author)/(?!(login|register)).*$"))
+                        .build()
+        );
+    }
+
+    List<SecurityReference> defaultAuth() {
+        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
+        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
+        authorizationScopes[0] = authorizationScope;
+        return newArrayList(
+                new SecurityReference("Authorization", authorizationScopes));
+    }
 }