swagger结合shiro如何配置
程序员文章站
2023-11-18 22:16:16
为了节省开发人员的时间与成本,swagger插件油然而生,省去您写开发文档的时间好好去快乐的玩耍,不说废话,接下来我将使用github上比较受欢迎的swagger bootstrap ui插件进行说明讲解,可能与swagger在配置上有所不同,但是原理差不过,只是在资源文件的过滤方面有所不同,特别是 ......
为了节省开发人员的时间与成本,swagger插件油然而生,省去您写开发文档的时间好好去快乐的玩耍,不说废话,接下来我将使用github上比较受欢迎的swagger-bootstrap-ui插件进行说明讲解,可能与swagger在配置上有所不同,但是原理差不过,只是在资源文件的过滤方面有所不同,特别是结合了过滤spring security或者是shiro的有尤为注意:
添加依赖
<properties> <java.version>1.8</java.version> <shiro.version>1.4.0</shiro.version> <swagger2.version>2.9.2</swagger2.version> </properties> <!--swagger api文档 start--> <dependency> <groupid>io.springfox</groupid> <artifactid>springfox-swagger2</artifactid> <version>${swagger2.version}</version> <exclusions> <exclusion> <groupid>io.swagger</groupid> <artifactid>swagger-models</artifactid> </exclusion> <!--<exclusion>--> <!--<artifactid>guava</artifactid>--> <!--<groupid>com.google.guava</groupid>--> <!--</exclusion>--> </exclusions> </dependency> <dependency> <groupid>com.github.xiaoymin</groupid> <artifactid>swagger-bootstrap-ui</artifactid> <version>1.9.0</version> </dependency> <dependency> <groupid>io.swagger</groupid> <artifactid>swagger-models</artifactid> <version>1.5.21</version> <exclusions> <exclusion> <artifactid>swagger-annotations</artifactid> <groupid>io.swagger</groupid> </exclusion> </exclusions> </dependency> <!--shiro安全框架 start--> <dependency> <groupid>org.apache.shiro</groupid> <artifactid>shiro-core</artifactid> <version>${shiro.version}</version> </dependency> <dependency> <groupid>org.apache.shiro</groupid> <artifactid>shiro-web</artifactid> <version>${shiro.version}</version> </dependency> <dependency> <groupid>org.apache.shiro</groupid> <artifactid>shiro-ehcache</artifactid> <version>${shiro.version}</version> </dependency> <dependency> <groupid>org.apache.shiro</groupid> <artifactid>shiro-spring</artifactid> <version>${shiro.version}</version> </dependency>
swagger结合shiro代码分析
由于spring默认是不开放资源文件(如图片,html文件),所以我们要添加一个配置类,让它开放:
import org.springframework.beans.factory.annotation.value; import org.springframework.boot.web.servlet.filterregistrationbean; import org.springframework.context.annotation.bean; import org.springframework.context.annotation.configuration; import org.springframework.web.cors.corsconfiguration; import org.springframework.web.cors.urlbasedcorsconfigurationsource; import org.springframework.web.filter.corsfilter; import org.springframework.web.servlet.config.annotation.resourcehandlerregistry; import org.springframework.web.servlet.config.annotation.webmvcconfigurationsupport; import javax.servlet.servletcontext; @configuration public class webmvcconfiguration extends webmvcconfigurationsupport { // 请在properties文件中添加该属性,判断是否开启swagger @value("${swagger.enable}") private boolean swaggerenable; @override protected void addresourcehandlers(resourcehandlerregistry registry) { registry.addresourcehandler("/static/**") .addresourcelocations("classpath:/static/"); registry.addresourcehandler("/logo.png") .addresourcelocations("classpath:/"); registry.addresourcehandler("/favicon.ico") .addresourcelocations("classpath:/"); // 判断是否启用swagger文档界面,启用则会开放这些资源,让开发者能够访问到 if (swaggerenable) { registry.addresourcehandler("/doc.html") .addresourcelocations("classpath:/meta-inf/resources/"); registry.addresourcehandler("/webjars/**") .addresourcelocations("classpath:/meta-inf/resources/webjars/"); } super.addresourcehandlers(registry); } @suppresswarnings({"unchecked"}) @bean public filterregistrationbean normalcorsfilter() { urlbasedcorsconfigurationsource source = new urlbasedcorsconfigurationsource(); corsconfiguration config = new corsconfiguration(); config.setallowcredentials(true); // 设置你要允许的网站域名,如果全允许则设为 * config.addallowedorigin("*"); // 如果要限制 header 或 method 请自行更改 config.addallowedheader("*"); config.addallowedmethod("*"); source.registercorsconfiguration("/**", config); filterregistrationbean bean = new filterregistrationbean(new corsfilter(source)); // 这个顺序很重要哦,为避免麻烦请设置在最前面 bean.setorder(0); return bean; } @override public void setservletcontext(servletcontext servletcontext) { servletcontext.setsessiontimeout(12*60*60); super.setservletcontext(servletcontext); } }
import com.github.xiaoymin.swaggerbootstrapui.annotations.enableswaggerbootstrapui; import org.springframework.context.annotation.bean; import org.springframework.context.annotation.configuration; import org.springframework.context.annotation.profile; import springfox.documentation.builders.apiinfobuilder; import springfox.documentation.builders.pathselectors; import springfox.documentation.builders.requesthandlerselectors; import springfox.documentation.service.apiinfo; import springfox.documentation.spi.documentationtype; import springfox.documentation.spring.web.plugins.docket; import springfox.documentation.swagger2.annotations.enableswagger2; /** * 仅在测试与开发环境使用 * @author anthony */ @configuration @enableswagger2 @enableswaggerbootstrapui @profile({"dev", "test"}) // 当你有多个properties配置文件时,添加 public class swaggerconfiguration { @bean public docket createrestapi() { return new docket(documentationtype.swagger_2) .apiinfo(apiinfo()) .select() .apis(requesthandlerselectors.basepackage("com.shiro.demo.crud.controller")) // 最后面这个是你controller所在包的位置 .paths(pathselectors.any()) .build(); } private apiinfo apiinfo() { return new apiinfobuilder() .title("shiro权限控制") .description("restful风格") .version("1.0") .build(); } }
由于我最近在学习shiro,所以就以shiro为基础讲解swagger的用法,接下来是防止shiro过滤swagger文件的配置,如果没有使用shiro或者是spring security的请忽略,谢谢:
/** 创建一个配置类,创建一个叫做shirofilter的bean,这就是shiro的过滤器配置类,设置对应的过滤条件和跳转条件,下面我只写了swagger中不需要shiro过滤的文件 **/ @bean(name = "shirofilter") public shirofilterfactorybean shirofilterfactorybean(@qualifier("securitymanager") securitymanager securitymanager) { shirofilterfactorybean shirofilterfactorybean = new shirofilterfactorybean(); // 配置不会被拦截的链接 顺序判断 filterchaindefinitionmap.put("/static/**", "anon"); filterchaindefinitionmap.put("/login", "anon"); //被shiro拦截的swagger资源放行 filterchaindefinitionmap.put("/doc.html/**", "anon"); filterchaindefinitionmap.put("/swagger-resources/**", "anon"); filterchaindefinitionmap.put("/v2/api-docs/**", "anon"); filterchaindefinitionmap.put("/webjars/**", "anon"); filterchaindefinitionmap.put("/swagger-resources/configuration/ui/**", "anon"); filterchaindefinitionmap.put("/swagger-resources/configuration/security/**", "anon"); shirofilterfactorybean.setfilterchaindefinitionmap(filterchaindefinitionmap); return shirofilterfactorybean; }
swagger-bootstrap-ui是集成了swagger并对其进行拓展的接口文档插件,推荐使用
效果演示:
这篇主要讲解shiro和swagger的结合,下一篇我将介绍原生swagger的简单应用
上一篇: php实现天干地支计算器示例