招摇+钥匙斗篷+承载令牌

htzpubme  于 2021-07-26  发布在  Java
关注(0)|答案(0)|浏览(252)

我正在做一个微型服务文档。我们的项目使用承载令牌来验证流。
一切似乎都很好,只是招摇过市增加了 Bearer: XXXXXX 请求头中的令牌。
我的问题是我必须发送邮件头 Authorization: bearer XXXXXXX 我该怎么做?我用Spring Boot招摇。

package XXXXXXX.config;

import static springfox.documentation.builders.PathSelectors.regex;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.*;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;

import java.util.Arrays;
import java.util.Collections;
import java.util.List;

@Configuration
@EnableSwagger2
public class SwaggerConfig {

    @Value("${keycloak-role.app}")
    private String roleApp;

    @Bean
    public Docket swaggerApi() {
        return new Docket(DocumentationType.SWAGGER_2)
                .select()
                .apis(RequestHandlerSelectors.basePackage("getnet.gs.controller"))
                .build()
                .apiInfo(metaData())
                .securitySchemes(Arrays.asList(apiKey()))
                .securityContexts(Collections.singletonList(securityContext()));
    }
    private ApiKey apiKey() {
        return new ApiKey("Bearer", "Authorization", "header");
    }
    private SecurityContext securityContext() {
        return SecurityContext.builder().securityReferences(defaultAuth()).forPaths(PathSelectors.regex("/.*")).build();
    }

    private List<SecurityReference> defaultAuth() {
        final AuthorizationScope authorizationScope = new AuthorizationScope(this.roleApp, "Credenciais do APP (TERMINAL)");
        final AuthorizationScope[] authorizationScopes = new AuthorizationScope[]{authorizationScope};
        return Collections.singletonList(new SecurityReference("Bearer", authorizationScopes));
    }

    private ApiInfo metaData() {
        ApiInfo apiInfo = new ApiInfo(
                "XXX- MS log",
                "XXXAPI MS log",
                "1.0",
                "Terms of service",
                new Contact("XXX", "https://confluence.XXXX.com.br:8444/#all-updates", "XXXX@getnXXXXet.com.br"),
               "Apache License Version 2.0",
                "https://confluence.XXXX.com.br:8444/#all-updates");
        return apiInfo;
    }
}

对于请求:

curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'Bearer: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI0Smd1Y0t6NVZ4RWNnWXFXQW1yTnFCd0dITFJ5ekZxRGJYTHZ4NzRfZzY0In0.eyJqdGkiOiIzZmFiMjBmYy1mNDQ0LTQyY2EtYjA4MS04ZTBhYmUyNTBhZGUiLCJleHAiOjE2MTk0NjQ0OTMsIm5iZiI6MCwiaWF0IjoxNjE5NDY0MTkzLCJpc3MiOiJodHRwOi8vMTgwLjEzNS4xNjEuMTE6ODA4MC9hdXRoL3JlYWxtcy9tYXN0ZXIiLCJhdWQiOiJnZXRzdG9yZS1tb2JpbGUtdGVtcCIsInN1YiI6ImQ2NDMyMjcxLTA5MDQtNDlhOC1hZjMyLTVlYjZkM2UzMzE5MCIsInR5cCI6IkJlYXJlciIsImF6cCI6ImdldHN0b3JlLW1vYmlsZS10ZW1wIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiNDQ1NzRiODUtZDI3Ny00OWZhLThmMjAtMGE5NTE0MTRiYWZkIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6W10sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJ1bWFfYXV0aG9yaXphdGlvbiIsIkVTVEFCRUxFQ0lNRU5UTyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sImNsaWVudElkIjoiZ2V0c3RvcmUtbW9iaWxlLXRlbXAiLCJjbGllbnRIb3N0IjoiMTAuMTgxLjExMi4yMTUiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJzZXJ2aWNlLWFjY291bnQtZ2V0c3RvcmUtbW9iaWxlLXRlbXAiLCJjbGllbnRBZGRyZXNzIjoiMTAuMTgxLjExMi4yMTUiLCJlbWFp' -d '{ ..... }' 'http://localhost:40070/log'

它的工作原理是这样的:

curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'Authorization: bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI0Smd1Y0t6NVZ4RWNnWXFXQW1yTnFCd0dITFJ5ekZxRGJYTHZ4NzRfZzY0In0.eyJqdGkiOiIzZmFiMjBmYy1mNDQ0LTQyY2EtYjA4MS04ZTBhYmUyNTBhZGUiLCJleHAiOjE2MTk0NjQ0OTMsIm5iZiI6MCwiaWF0IjoxNjE5NDY0MTkzLCJpc3MiOiJodHRwOi8vMTgwLjEzNS4xNjEuMTE6ODA4MC9hdXRoL3JlYWxtcy9tYXN0ZXIiLCJhdWQiOiJnZXRzdG9yZS1tb2JpbGUtdGVtcCIsInN1YiI6ImQ2NDMyMjcxLTA5MDQtNDlhOC1hZjMyLTVlYjZkM2UzMzE5MCIsInR5cCI6IkJlYXJlciIsImF6cCI6ImdldHN0b3JlLW1vYmlsZS10ZW1wIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiNDQ1NzRiODUtZDI3Ny00OWZhLThmMjAtMGE5NTE0MTRiYWZkIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6W10sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJ1bWFfYXV0aG9yaXphdGlvbiIsIkVTVEFCRUxFQ0lNRU5UTyJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sImNsaWVudElkIjoiZ2V0c3RvcmUtbW9iaWxlLXRlbXAiLCJjbGllbnRIb3N0IjoiMTAuMTgxLjExMi4yMTUiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJzZXJ2aWNlLWFjY291bnQtZ2V0c3RvcmUtbW9iaWxlLXRlbXAiLCJjbGllbnRBZGRyZXNzIjoiMTAuMTgxLjExMi4yMTUiLCJlbWFp' -d '{ ..... }' 'http://localhost:40070/log'
spring-bootAuthenticationswaggerdocumentation-generation

暂无答案!

目前还没有任何答案,快来回答吧!

我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com