fix: Adding Authorization Configuration

llin6025 · llin6025 · commit 1017efdb15d0 · 2021-09-22T16:25:43.000+08:00
diff --git a/src/main/java/com/spring4all/swagger/DocketConfiguration.java b/src/main/java/com/spring4all/swagger/DocketConfiguration.java
@@ -19,7 +19,6 @@
 
 import com.google.common.base.Predicates;
 
-import org.springframework.context.annotation.DependsOn;
 import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.builders.RequestHandlerSelectors;
 import springfox.documentation.builders.RequestParameterBuilder;
@@ -47,6 +46,9 @@ public class DocketConfiguration implements BeanFactoryAware {
     @Autowired
     private SwaggerProperties swaggerProperties;
 
+    @Autowired
+    private SwaggerAuthorizationConfiguration authConfiguration;
+
     private static final String BEAN_NAME = "spring-boot-starter-swagger-";
 
     @Override
@@ -75,7 +77,9 @@ public void createSpringFoxRestApi() {
             docket4Group.host(swaggerProperties.getHost()).apiInfo(apiInfo)
                 .globalRequestParameters(
                     assemblyRequestParameters(swaggerProperties.getGlobalOperationParameters(), new ArrayList<>()))
-                .select().apis(RequestHandlerSelectors.basePackage(swaggerProperties.getBasePackage()))
+                .securityContexts(Collections.singletonList(authConfiguration.securityContext()))
+                .securitySchemes(authConfiguration.getSecuritySchemes()).select()
+                .apis(RequestHandlerSelectors.basePackage(swaggerProperties.getBasePackage()))
                 .paths(paths(swaggerProperties.getBasePath(), swaggerProperties.getExcludePath())).build();
             return;
         }
@@ -131,7 +135,9 @@ public void createSpringFoxRestApi() {
             docket4Group.groupName(groupName).host(docketInfo.getBasePackage()).apiInfo(apiInfo)
                 .globalRequestParameters(assemblyRequestParameters(swaggerProperties.getGlobalOperationParameters(),
                     docketInfo.getGlobalOperationParameters()))
-                .select().apis(RequestHandlerSelectors.basePackage(docketInfo.getBasePackage()))
+                .securityContexts(Collections.singletonList(authConfiguration.securityContext()))
+                .securitySchemes(authConfiguration.getSecuritySchemes()).select()
+                .apis(RequestHandlerSelectors.basePackage(docketInfo.getBasePackage()))
                 .paths(paths(docketInfo.getBasePath(), docketInfo.getExcludePath())).build();
         }
     }
@@ -157,9 +163,9 @@ private List<RequestParameter> getRequestParameters(List<SwaggerProperties.Globa
     /**
      * 局部参数按照name覆盖局部参数
      *
-     * @param globalRequestParameters
-     * @param groupRequestParameters
-     * @return
+     * @param globalRequestParameters 全局配置
+     * @param groupRequestParameters Group 的配置
+     * @return 汇总配置
      */
     private List<RequestParameter> assemblyRequestParameters(
         List<SwaggerProperties.GlobalOperationParameter> globalRequestParameters,
diff --git a/src/main/java/com/spring4all/swagger/SwaggerAuthorizationConfiguration.java b/src/main/java/com/spring4all/swagger/SwaggerAuthorizationConfiguration.java
@@ -1,18 +1,16 @@
 package com.spring4all.swagger;
 
+import java.util.Collections;
+import java.util.List;
+
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
+
 import springfox.documentation.builders.PathSelectors;
-import springfox.documentation.service.ApiKey;
-import springfox.documentation.service.AuthorizationScope;
-import springfox.documentation.service.BasicAuth;
-import springfox.documentation.service.SecurityReference;
+import springfox.documentation.service.*;
 import springfox.documentation.spi.service.contexts.SecurityContext;
 import springfox.documentation.swagger.web.ApiKeyVehicle;
 
-import java.util.Collections;
-import java.util.List;
-
 /**
  * securitySchemes 支持方式之一 ApiKey
  *
@@ -24,43 +22,55 @@
 @EnableConfigurationProperties(SwaggerAuthorizationProperties.class)
 public class SwaggerAuthorizationConfiguration {
 
-    public SwaggerAuthorizationProperties swaggerAuthorizationProperties;
+    public SwaggerAuthorizationProperties properties;
 
-    public SwaggerAuthorizationConfiguration(SwaggerAuthorizationProperties swaggerAuthorizationProperties) {
-        this.swaggerAuthorizationProperties = swaggerAuthorizationProperties;
+    public SwaggerAuthorizationConfiguration(SwaggerAuthorizationProperties properties) {
+        this.properties = properties;
     }
 
+    /**
+     * 配置默认的全局鉴权策略的开关，以及通过正则表达式进行匹配
+     *
+     * @return SecurityContext
+     */
     public SecurityContext securityContext() {
         // 配置默认的全局鉴权策略的开关，以及通过正则表达式进行匹配；默认 ^.*$ 匹配所有URL
         // 其中 securityReferences 为配置启用的鉴权策略
         AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
         AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
         authorizationScopes[0] = authorizationScope;
-        List<SecurityReference> defaultAuth = Collections.singletonList(SecurityReference.builder()
-                .reference(swaggerAuthorizationProperties.getName())
-                .scopes(authorizationScopes).build());
+        List<SecurityReference> defaultAuth = Collections.singletonList(
+            SecurityReference.builder().reference(properties.getName()).scopes(authorizationScopes).build());
+
+        return SecurityContext.builder().securityReferences(defaultAuth)
+            .forPaths(PathSelectors.regex(properties.getAuthRegex())).build();
+    }
 
-        return SecurityContext.builder()
-                .securityReferences(defaultAuth)
-                .forPaths(PathSelectors.regex(swaggerAuthorizationProperties.getAuthRegex()))
-                .build();
+    /**
+     * Authorization 配置项
+     *
+     * @return List<SecurityScheme>
+     */
+    public List<SecurityScheme> getSecuritySchemes() {
+        if ("BasicAuth".equalsIgnoreCase(getType())) {
+            return Collections.singletonList(basicAuth());
+        } else if (!"None".equalsIgnoreCase(getType())) {
+            return Collections.singletonList(apiKey());
+        }
+        return null;
     }
 
-    public ApiKey apiKey() {
+    private ApiKey apiKey() {
         // 配置基于 ApiKey 的鉴权对象
-        return new ApiKey(swaggerAuthorizationProperties.getName(),
-                swaggerAuthorizationProperties.getKeyName(),
-                ApiKeyVehicle.HEADER.getValue());
+        return new ApiKey(properties.getName(), properties.getKeyName(), ApiKeyVehicle.HEADER.getValue());
     }
 
-    public BasicAuth basicAuth() {
+    private BasicAuth basicAuth() {
         // 配置基于 BasicAuth 的鉴权对象
-        return new BasicAuth(swaggerAuthorizationProperties.getName());
+        return new BasicAuth(properties.getName());
     }
 
-    public String getType() {
-        return swaggerAuthorizationProperties.getType();
+    private String getType() {
+        return properties.getType();
     }
-
-
 }
