jwt认证spring boot&swagger用户界面

zzoitvuj  于 2021-07-26  发布在  Java
关注(0)|答案(1)|浏览(390)

我有这样一个 swagger 的姿势:

@Configuration
@EnableSwagger2
public class SwaggerConfiguration {

    public static final String AUTHORIZATION_HEADER = "Authorization";

    @Bean
    public Docket api() {
        return new Docket(DocumentationType.SWAGGER_2)
                .securityContexts(Arrays.asList(securityContext()))
                .securitySchemes(Arrays.asList(apiKey()))
                .select()
                .apis(RequestHandlerSelectors.any())
                .paths(PathSelectors.any())
                .build();
    }

    private ApiKey apiKey() {
        return new ApiKey("JWT", AUTHORIZATION_HEADER, "header");
    }

    private SecurityContext securityContext() {
        return SecurityContext.builder()
                .securityReferences(defaultAuth())
                .build();
    }

    List<SecurityReference> defaultAuth() {
        AuthorizationScope authorizationScope
                = new AuthorizationScope("global", "accessEverything");
        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
        authorizationScopes[0] = authorizationScope;
        return Arrays.asList(new SecurityReference("JWT", authorizationScopes));
    }

}

当我在swaggerui中测试一个api时,它发出jwt fine,但是它仍然给出一个

{
  "error": "Full authentication is required to access this resource"
}

在《 Postman 》中试用同样的令牌也行。
以下是招摇的ui curl :

curl -X GET "http://localhost:8082/api/helloadmin" -H "accept: */*" -H "Authorization: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJuYXoiLCJpc0FkbWluIjp0cnVlLCJleHAiOjE2MTk1MzA3MTUsImlhdCI6MTYxOTUxMjcxNX0.GvEuOYqIPuS98DqhDrtHDFhjXrtwhGjLfylEXwkPeRTGRoWxcwIAYBEawl2Bl5qoQrI2zQOjKZGDq3KEZuyALQ"

我做错什么了?

4bbkushb

4bbkushb1#

正确的头格式是“authorization:bearer[token]”

相关问题