我们的spring安全令牌服务将用户名和密码字段作为基本身份验证。此外,它在请求主体中需要一个额外不同的“username”、“password”、“grand\u type”参数。我做了一个设置如下:招摇集成。但是我想发送头信息作为基本身份验证和其他参数,除了身体部分。我该怎么做?
@Bean
public Docket swaggerPersonApi10() {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.basePackage("com.test"))
.paths(PathSelectors.any()).build()
.securitySchemes(Collections.singletonList(securitySchema()))
.securityContexts(Collections.singletonList(securityContext()))
.apiInfo(
new ApiInfoBuilder()
.version("1.0")
.title("Customer API")
.description("Documentation Customer API v1.0")
.build());
}
private OAuth securitySchema() {
List<AuthorizationScope> authorizationScopeList = new ArrayList<>();
authorizationScopeList.add(new AuthorizationScope("read", "read all"));
authorizationScopeList.add(new AuthorizationScope("trust", "trust all"));
authorizationScopeList.add(new AuthorizationScope("write", "access all"));
List<GrantType> grantTypes = new ArrayList<>();
GrantType creGrant = new ResourceOwnerPasswordCredentialsGrant(authLink + "/oauth/token");
grantTypes.add(creGrant);
return new OAuth("oauth2schema", authorizationScopeList, grantTypes);
}
private SecurityContext securityContext() {
return SecurityContext.builder().securityReferences(defaultAuth())
.forPaths(PathSelectors.ant("/**"))
.build();
}
private List<SecurityReference> defaultAuth() {
final AuthorizationScope[] authorizationScopes = new AuthorizationScope[3];
authorizationScopes[0] = new AuthorizationScope("read", "read all");
authorizationScopes[1] = new AuthorizationScope("trust", "trust all");
authorizationScopes[2] = new AuthorizationScope("write", "write all");
return Collections.singletonList(new SecurityReference("oauth2schema", authorizationScopes));
}
下面是一个示例curl请求,当从安全服务获取令牌时,我们发送基本身份验证的信息,并在正文中发送额外的信息作为用户名密码和授权类型
curl --location --request POST 'http://localhost:9090/security-service/oauth/token' \
--header 'Authorization: Basic dHVyavsNlbasuZHNzY3ftOnR2cmtzZWxvQbRze2NtbQ==' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=user' \
--data-urlencode 'password=pass' \
--data-urlencode 'grant_type=password'
暂无答案!
目前还没有任何答案,快来回答吧!