欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

swagger结合shiro如何配置

程序员文章站 2023-11-18 22:16:16
为了节省开发人员的时间与成本,swagger插件油然而生,省去您写开发文档的时间好好去快乐的玩耍,不说废话,接下来我将使用github上比较受欢迎的swagger bootstrap ui插件进行说明讲解,可能与swagger在配置上有所不同,但是原理差不过,只是在资源文件的过滤方面有所不同,特别是 ......

为了节省开发人员的时间与成本,swagger插件油然而生,省去您写开发文档的时间好好去快乐的玩耍,不说废话,接下来我将使用github上比较受欢迎的swagger-bootstrap-ui插件进行说明讲解,可能与swagger在配置上有所不同,但是原理差不过,只是在资源文件的过滤方面有所不同,特别是结合了过滤spring security或者是shiro的有尤为注意:

添加依赖

<properties>
        <java.version>1.8</java.version>
        <shiro.version>1.4.0</shiro.version>
        <swagger2.version>2.9.2</swagger2.version>
    </properties>
<!--swagger api文档 start-->
        <dependency>
            <groupid>io.springfox</groupid>
            <artifactid>springfox-swagger2</artifactid>
            <version>${swagger2.version}</version>
            <exclusions>
                <exclusion>
                    <groupid>io.swagger</groupid>
                    <artifactid>swagger-models</artifactid>
                </exclusion>
                <!--<exclusion>-->
                <!--<artifactid>guava</artifactid>-->
                <!--<groupid>com.google.guava</groupid>-->
                <!--</exclusion>-->
            </exclusions>
        </dependency>
        <dependency>
            <groupid>com.github.xiaoymin</groupid>
            <artifactid>swagger-bootstrap-ui</artifactid>
            <version>1.9.0</version>
        </dependency>
        <dependency>
            <groupid>io.swagger</groupid>
            <artifactid>swagger-models</artifactid>
            <version>1.5.21</version>
            <exclusions>
                <exclusion>
                    <artifactid>swagger-annotations</artifactid>
                    <groupid>io.swagger</groupid>
                </exclusion>
            </exclusions>
        </dependency>
        <!--shiro安全框架 start-->
        <dependency>
            <groupid>org.apache.shiro</groupid>
            <artifactid>shiro-core</artifactid>
            <version>${shiro.version}</version>
        </dependency>
        <dependency>
            <groupid>org.apache.shiro</groupid>
            <artifactid>shiro-web</artifactid>
            <version>${shiro.version}</version>
        </dependency>
        <dependency>
            <groupid>org.apache.shiro</groupid>
            <artifactid>shiro-ehcache</artifactid>
            <version>${shiro.version}</version>
        </dependency>
        <dependency>
            <groupid>org.apache.shiro</groupid>
            <artifactid>shiro-spring</artifactid>
            <version>${shiro.version}</version>
        </dependency>

swagger结合shiro代码分析

由于spring默认是不开放资源文件(如图片,html文件),所以我们要添加一个配置类,让它开放:

import org.springframework.beans.factory.annotation.value;
import org.springframework.boot.web.servlet.filterregistrationbean;
import org.springframework.context.annotation.bean;
import org.springframework.context.annotation.configuration;
import org.springframework.web.cors.corsconfiguration;
import org.springframework.web.cors.urlbasedcorsconfigurationsource;
import org.springframework.web.filter.corsfilter;
import org.springframework.web.servlet.config.annotation.resourcehandlerregistry;
import org.springframework.web.servlet.config.annotation.webmvcconfigurationsupport;

import javax.servlet.servletcontext;


@configuration
public class webmvcconfiguration extends webmvcconfigurationsupport {

    //  请在properties文件中添加该属性,判断是否开启swagger
    @value("${swagger.enable}")
    private boolean swaggerenable;

    @override
    protected void addresourcehandlers(resourcehandlerregistry registry) {
        registry.addresourcehandler("/static/**")
                .addresourcelocations("classpath:/static/");
        registry.addresourcehandler("/logo.png")
                .addresourcelocations("classpath:/");
        registry.addresourcehandler("/favicon.ico")
                .addresourcelocations("classpath:/");
        // 判断是否启用swagger文档界面,启用则会开放这些资源,让开发者能够访问到
        if (swaggerenable) {
            registry.addresourcehandler("/doc.html")
                    .addresourcelocations("classpath:/meta-inf/resources/");
            registry.addresourcehandler("/webjars/**")
                    .addresourcelocations("classpath:/meta-inf/resources/webjars/");
        }
        super.addresourcehandlers(registry);
    }

    @suppresswarnings({"unchecked"})
    @bean
    public filterregistrationbean normalcorsfilter() {
        urlbasedcorsconfigurationsource source = new urlbasedcorsconfigurationsource();
        corsconfiguration config = new corsconfiguration();
        config.setallowcredentials(true);
        // 设置你要允许的网站域名,如果全允许则设为 *
        config.addallowedorigin("*");
        // 如果要限制 header 或 method 请自行更改
        config.addallowedheader("*");
        config.addallowedmethod("*");
        source.registercorsconfiguration("/**", config);
        filterregistrationbean bean = new filterregistrationbean(new corsfilter(source));
        // 这个顺序很重要哦,为避免麻烦请设置在最前面
        bean.setorder(0);
        return bean;
    }

    @override
    public void setservletcontext(servletcontext servletcontext) {
        servletcontext.setsessiontimeout(12*60*60);
        super.setservletcontext(servletcontext);
    }
}
import com.github.xiaoymin.swaggerbootstrapui.annotations.enableswaggerbootstrapui;
import org.springframework.context.annotation.bean;
import org.springframework.context.annotation.configuration;
import org.springframework.context.annotation.profile;
import springfox.documentation.builders.apiinfobuilder;
import springfox.documentation.builders.pathselectors;
import springfox.documentation.builders.requesthandlerselectors;
import springfox.documentation.service.apiinfo;
import springfox.documentation.spi.documentationtype;
import springfox.documentation.spring.web.plugins.docket;
import springfox.documentation.swagger2.annotations.enableswagger2;


/**
 * 仅在测试与开发环境使用
 * @author anthony
 */
@configuration
@enableswagger2
@enableswaggerbootstrapui
@profile({"dev", "test"}) // 当你有多个properties配置文件时,添加
public class swaggerconfiguration {

    @bean
    public docket createrestapi() {
        return new docket(documentationtype.swagger_2)
                .apiinfo(apiinfo())
                .select()
.apis(requesthandlerselectors.basepackage("com.shiro.demo.crud.controller")) // 最后面这个是你controller所在包的位置
                .paths(pathselectors.any())
                .build();
    }

    private apiinfo apiinfo() {
        return new apiinfobuilder()
                .title("shiro权限控制")
                .description("restful风格")
                .version("1.0")
                .build();
    }
}

由于我最近在学习shiro,所以就以shiro为基础讲解swagger的用法,接下来是防止shiro过滤swagger文件的配置,如果没有使用shiro或者是spring security的请忽略,谢谢:

 /** 创建一个配置类,创建一个叫做shirofilter的bean,这就是shiro的过滤器配置类,设置对应的过滤条件和跳转条件,下面我只写了swagger中不需要shiro过滤的文件 **/
@bean(name = "shirofilter")
public shirofilterfactorybean shirofilterfactorybean(@qualifier("securitymanager") securitymanager securitymanager) {
shirofilterfactorybean shirofilterfactorybean = new shirofilterfactorybean();
// 配置不会被拦截的链接 顺序判断
        filterchaindefinitionmap.put("/static/**", "anon");
        filterchaindefinitionmap.put("/login", "anon");
        //被shiro拦截的swagger资源放行
        filterchaindefinitionmap.put("/doc.html/**", "anon");
        filterchaindefinitionmap.put("/swagger-resources/**", "anon");
        filterchaindefinitionmap.put("/v2/api-docs/**", "anon");
        filterchaindefinitionmap.put("/webjars/**", "anon");
        filterchaindefinitionmap.put("/swagger-resources/configuration/ui/**", "anon");
        filterchaindefinitionmap.put("/swagger-resources/configuration/security/**", "anon");
shirofilterfactorybean.setfilterchaindefinitionmap(filterchaindefinitionmap);
return shirofilterfactorybean;
}

swagger-bootstrap-ui是集成了swagger并对其进行拓展的接口文档插件,推荐使用
效果演示:
swagger结合shiro如何配置

这篇主要讲解shiro和swagger的结合,下一篇我将介绍原生swagger的简单应用