我已经在spring引导应用程序中配置了jwt承载令牌身份验证。我有“authenticate”和“hello”控制器,其中“hello”控制器接收承载令牌作为授权头。“authenticate“api生成承载令牌。 Postman 一切正常。但从招摇过市的Angular 来看,我不能禁用“authorize”按钮来验证api。招摇屏幕剪辑
我的代码如下:swaggerconfig文件:
@Bean
public Docket swaggerSpringfoxDocket() {
Contact contact = new Contact(
"shivaraj",
"https://shivaraj.co",
"bmxxxxx@xxxx.com");
List<VendorExtension> vext = new ArrayList<>();
ApiInfo apiInfo = new ApiInfo(
"Backend API",
"description",
"1.0.0",
"https://shivaraj.co",
contact,
"MIT",
"https://shivaraj.co",
vext);
Docket docket = new Docket(DocumentationType.SWAGGER_2)
.apiInfo(apiInfo)
.pathMapping("/")
.apiInfo(ApiInfo.DEFAULT)
.forCodeGeneration(true)
.genericModelSubstitutes(ResponseEntity.class)
.ignoredParameterTypes(SpringDataWebProperties.Pageable.class)
.ignoredParameterTypes(java.sql.Date.class)
.directModelSubstitute(java.time.LocalDate.class, java.sql.Date.class)
.directModelSubstitute(java.time.ZonedDateTime.class, Date.class)
.directModelSubstitute(java.time.LocalDateTime.class, Date.class)
.securityContexts(Lists.newArrayList(securityContext()))
.securitySchemes(Lists.newArrayList(apiKey()))
.useDefaultResponseMessages(false);
docket = docket.select()
.paths(regex(DEFAULT_INCLUDE_PATTERN))
.build();
return docket;
}
private ApiKey apiKey() {
return new ApiKey("JWT", AUTHORIZATION_HEADER, "header");
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.forPaths(PathSelectors.regex(DEFAULT_INCLUDE_PATTERN))
.build();
}
List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope
= new AuthorizationScope("global", "accessEverything");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] = authorizationScope;
return Lists.newArrayList(
new SecurityReference("JWT", authorizationScopes));
}作为另一种方法,是否有一种方法可以使每个单独的控制器在招摇授权按钮?
1条答案
按热度按时间qv7cva1a1#
添加
security = @SecurityRequirement(name = "bearerAuth")至@Operation允许标记启用/禁用令牌身份验证。