springdoc openapi ui摆脱“客户机机密”

2nbm6dog  于 2021-07-14  发布在  Java
关注(0)|答案(0)|浏览(416)
<dependency>
            <groupId>org.springdoc</groupId>
            <artifactId>springdoc-openapi-ui</artifactId>
            <version>1.5.8</version>
        </dependency>

总的来说效果很好。
但当我打开时:http://localhost:8441/swagger ui/index.html?configurl=/v3/api docs/swagger config oauth登录gui总是显示一个不期望的“客户机密码”:

我已经尝试了“usepkcewithauthorizationcodegrant”选项

springdoc:
  version: '@springdoc.version@'
  swagger-ui:
    path: /swagger-ui.html
    url: /v3/api-docs
    oauth:
      clientId: ${OAUTH_CLIENT_ID:client-demo-test}
      usePkceWithAuthorizationCodeGrant: true
      additionalQueryStringParams:
        kc_idp_hint: azure_demo_prod

如何隐藏此字段?
打开api配置:

@Configuration
public class OpenApiConfig {
    private final String authServer;
    private final String realm;

    @Autowired
    public OpenApiConfig(
            @Value("${springdoc.oAuthFlow.authServerUrl}") String authServer,
            @Value("${springdoc.oAuthFlow.realm}") String realm) {
        this.authServer = authServer;
        this.realm = realm;
    }

    @Bean
    public OpenAPI openAPI() {
        var authUrl = String.format("%s/realms/%s/protocol/openid-connect", authServer, realm);
        return new OpenAPI()
                .components(new Components()
                        .addSecuritySchemes("spring_oauth", new SecurityScheme()
                                .type(SecurityScheme.Type.OAUTH2)
                                .description("Oauth2 flow")
                                .flows(new OAuthFlows()
                                        .authorizationCode(new OAuthFlow()
                                                .authorizationUrl(authUrl + "/auth")
                                                .refreshUrl(authUrl + "/token")
                                                .tokenUrl(authUrl + "/token")
                                                .scopes(new Scopes()
                                                        .addString("openid", null)
                                                        .addString("profile", null)
                                                        .addString("email", null)
                                                        .addString("offline_access", null)
                                                        .addString("sbbuid_ad", null)
                                                )
                                        )))
                )
                .security(Arrays.asList(
                        new SecurityRequirement().addList("spring_oauth")
                ))

                .info(new Info()
                        .title("CLEW-SSP")
                        .description("Your API")
                        .version("1.0.0")
                        .license(new License()
                                .name("MIT")
                                .url("https://opensource.org/licenses/MIT")
                        )
                );
    }

}

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题