學習swagger的結合shiro如何配置

時間  2019-12-20
標籤 學習 swagger 結合 shiro 如何 配置 简体版
原文   原文鏈接

爲了節省開發人員的時間與成本,swagger插件油然而生,省去您寫開發文檔的時間好好去快樂的玩耍,不說廢話,接下來我將使用github上比較受歡迎的swagger-bootstrap-ui插件進行說明講解,可能與swagger在配置上有所不一樣,可是原理差不過,只是在資源文件的過濾方面有所不一樣,特別是結合了過濾spring security或者是shiro的有尤其注意:html

添加依賴

<properties>
        <java.version>1.8</java.version>
        <shiro.version>1.4.0</shiro.version>
        <swagger2.version>2.9.2</swagger2.version>
    </properties>
<!--swagger api文檔 start-->
        <dependency>
            <groupId>io.springfox</groupId>
            <artifactId>springfox-swagger2</artifactId>
            <version>${swagger2.version}</version>
            <exclusions>
                <exclusion>
                    <groupId>io.swagger</groupId>
                    <artifactId>swagger-models</artifactId>
                </exclusion>
                <!--<exclusion>-->
                <!--<artifactId>guava</artifactId>-->
                <!--<groupId>com.google.guava</groupId>-->
                <!--</exclusion>-->
            </exclusions>
        </dependency>
        <dependency>
            <groupId>com.github.xiaoymin</groupId>
            <artifactId>swagger-bootstrap-ui</artifactId>
            <version>1.9.0</version>
        </dependency>
        <dependency>
            <groupId>io.swagger</groupId>
            <artifactId>swagger-models</artifactId>
            <version>1.5.21</version>
            <exclusions>
                <exclusion>
                    <artifactId>swagger-annotations</artifactId>
                    <groupId>io.swagger</groupId>
                </exclusion>
            </exclusions>
        </dependency>
        <!--shiro安全框架 start-->
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>${shiro.version}</version>
        </dependency>
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-web</artifactId>
            <version>${shiro.version}</version>
        </dependency>
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-ehcache</artifactId>
            <version>${shiro.version}</version>
        </dependency>
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>${shiro.version}</version>
        </dependency>

 

swagger結合shiro代碼分析

因爲spring默認是不開放資源文件(如圖片,html文件),因此咱們要添加一個配置類,讓它開放:java

import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.filter.CorsFilter; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport; import javax.servlet.ServletContext; @Configuration public class WebMvcConfiguration extends WebMvcConfigurationSupport { // 請在properties文件中添加該屬性,判斷是否開啓swagger @Value("${swagger.enable}") private boolean swaggerEnable; @Override protected void addResourceHandlers(ResourceHandlerRegistry registry) { registry.addResourceHandler("/static/**") .addResourceLocations("classpath:/static/"); registry.addResourceHandler("/logo.png") .addResourceLocations("classpath:/"); registry.addResourceHandler("/favicon.ico") .addResourceLocations("classpath:/"); // 判斷是否啓用swagger文檔界面,啓用則會開放這些資源,讓開發者可以訪問到 if (swaggerEnable) { registry.addResourceHandler("/doc.html") .addResourceLocations("classpath:/META-INF/resources/"); registry.addResourceHandler("/webjars/**") .addResourceLocations("classpath:/META-INF/resources/webjars/"); } super.addResourceHandlers(registry); } @SuppressWarnings({"unchecked"}) @Bean public FilterRegistrationBean normalCorsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // 設置你要容許的網站域名,若是全容許則設爲 * config.addAllowedOrigin("*"); // 若是要限制 HEADER 或 METHOD 請自行更改 config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); // 這個順序很重要哦,爲避免麻煩請設置在最前面 bean.setOrder(0); return bean; } @Override public void setServletContext(ServletContext servletContext) { servletContext.setSessionTimeout(12*60*60); super.setServletContext(servletContext); } } 
import com.github.xiaoymin.swaggerbootstrapui.annotations.EnableSwaggerBootstrapUI; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; import springfox.documentation.builders.ApiInfoBuilder; import springfox.documentation.builders.PathSelectors; import springfox.documentation.builders.RequestHandlerSelectors; import springfox.documentation.service.ApiInfo; import springfox.documentation.spi.DocumentationType; import springfox.documentation.spring.web.plugins.Docket; import springfox.documentation.swagger2.annotations.EnableSwagger2; /** * 僅在測試與開發環境使用 * @author Anthony */ @Configuration @EnableSwagger2 @EnableSwaggerBootstrapUI @Profile({"dev", "test"}) // 當你有多個properties配置文件時,添加 public class SwaggerConfiguration { @Bean public Docket createRestApi() { return new Docket(DocumentationType.SWAGGER_2) .apiInfo(apiInfo()) .select() .apis(RequestHandlerSelectors.basePackage("com.shiro.demo.CRUD.controller")) // 最後面這個是你Controller所在包的位置 .paths(PathSelectors.any()) .build(); } private ApiInfo apiInfo() { return new ApiInfoBuilder() .title("shiro權限控制") .description("restful風格") .version("1.0") .build(); } }

因爲我最近在學習shiro,因此就以shiro爲基礎講解swagger的用法,接下來是防止shiro過濾swagger文件的配置,若是沒有使用shiro或者是spring security的請忽略,謝謝:git

/** 建立一個配置類,建立一個叫作shiroFilter的bean,這就是shiro的過濾器配置類,設置對應的過濾條件和跳轉條件,下面我只寫了swagger中不須要shiro過濾的文件 **/ @Bean(name = "shiroFilter") public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager") SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); // 配置不會被攔截的連接 順序判斷 filterChainDefinitionMap.put("/static/**", "anon"); filterChainDefinitionMap.put("/login", "anon"); //被shiro攔截的swagger資源放行 filterChainDefinitionMap.put("/doc.html/**", "anon"); filterChainDefinitionMap.put("/swagger-resources/**", "anon"); filterChainDefinitionMap.put("/v2/api-docs/**", "anon"); filterChainDefinitionMap.put("/webjars/**", "anon"); filterChainDefinitionMap.put("/swagger-resources/configuration/ui/**", "anon"); filterChainDefinitionMap.put("/swagger-resources/configuration/security/**", "anon"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); return shiroFilterFactoryBean; }

swagger-bootstrap-ui是集成了swagger並對其進行拓展的接口文檔插件,推薦使用
效果演示:
github

這篇主要講解shiro和swagger的結合。web

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程