spring boot swagger oauth和basic auth一起进行身份验证

z9ju0rcb  于 2021-07-13  发布在  Java
关注(0)|答案(0)|浏览(294)

我们的spring安全令牌服务将用户名和密码字段作为基本身份验证。此外,它在请求主体中需要一个额外不同的“username”、“password”、“grand\u type”参数。我做了一个设置如下:招摇集成。但是我想发送头信息作为基本身份验证和其他参数,除了身体部分。我该怎么做?

@Bean
  public Docket swaggerPersonApi10() {
    return new Docket(DocumentationType.SWAGGER_2)
        .select()
        .apis(RequestHandlerSelectors.basePackage("com.test"))
        .paths(PathSelectors.any()).build()
        .securitySchemes(Collections.singletonList(securitySchema()))
        .securityContexts(Collections.singletonList(securityContext()))
        .apiInfo(
            new ApiInfoBuilder()
                .version("1.0")
                .title("Customer API")
                .description("Documentation Customer API v1.0")
                .build());
  }

private OAuth securitySchema() {

    List<AuthorizationScope> authorizationScopeList = new ArrayList<>();
    authorizationScopeList.add(new AuthorizationScope("read", "read all"));
    authorizationScopeList.add(new AuthorizationScope("trust", "trust all"));
    authorizationScopeList.add(new AuthorizationScope("write", "access all"));

    List<GrantType> grantTypes = new ArrayList<>();
    GrantType creGrant = new ResourceOwnerPasswordCredentialsGrant(authLink + "/oauth/token");

    grantTypes.add(creGrant);

    return new OAuth("oauth2schema", authorizationScopeList, grantTypes);

  }

  private SecurityContext securityContext() {
    return SecurityContext.builder().securityReferences(defaultAuth())
        .forPaths(PathSelectors.ant("/**"))
        .build();
  }

  private List<SecurityReference> defaultAuth() {

    final AuthorizationScope[] authorizationScopes = new AuthorizationScope[3];
    authorizationScopes[0] = new AuthorizationScope("read", "read all");
    authorizationScopes[1] = new AuthorizationScope("trust", "trust all");
    authorizationScopes[2] = new AuthorizationScope("write", "write all");

    return Collections.singletonList(new SecurityReference("oauth2schema", authorizationScopes));
  }

下面是一个示例curl请求,当从安全服务获取令牌时,我们发送基本身份验证的信息,并在正文中发送额外的信息作为用户名密码和授权类型

curl --location --request POST 'http://localhost:9090/security-service/oauth/token' \
--header 'Authorization: Basic dHVyavsNlbasuZHNzY3ftOnR2cmtzZWxvQbRze2NtbQ==' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=user' \
--data-urlencode 'password=pass' \
--data-urlencode 'grant_type=password'

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题