跳到主要内容

3.4 密码模式(password)

以Spring Security为例,为了达到快速演示效果,授权服务器和资源服务器都在同一个工程中

完整代码示例请参考knife4j-spring-oauth2-password

部分示例代码:

@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//密码模式(resource owner password credentials)
clients.inMemory()
.withClient("app1").secret(noOpPasswordEncoder.encode("123"))
.authorizedGrantTypes("password")
.scopes("read","write","reads","writes");
}

创建Docket对象时,设置OAuth2的授权类型,示例代码如下:

查看详细代码
@Configuration
@EnableSwagger2WebMvc
public class SwaggerConfig {

@Bean
public Docket productApi() {
//schema
List<GrantType> grantTypes=new ArrayList<>();
//密码模式
String passwordTokenUrl="http://localhost:18010/oauth/token";
ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant=new ResourceOwnerPasswordCredentialsGrant(passwordTokenUrl);
grantTypes.add(resourceOwnerPasswordCredentialsGrant);
OAuth oAuth=new OAuthBuilder().name("oauth2")
.grantTypes(grantTypes).build();
//context
//scope方位
List<AuthorizationScope> scopes=new ArrayList<>();
scopes.add(new AuthorizationScope("read","read resources"));
scopes.add(new AuthorizationScope("write","write resources"));
scopes.add(new AuthorizationScope("reads","read all resources"));
scopes.add(new AuthorizationScope("writes","write all resources"));

SecurityReference securityReference=new SecurityReference("oauth2",scopes.toArray(new AuthorizationScope[]{}));
SecurityContext securityContext=new SecurityContext(Lists.newArrayList(securityReference),PathSelectors.ant("/api/**"));
//schemas
List<SecurityScheme> securitySchemes=Lists.newArrayList(oAuth);
//securyContext
List<SecurityContext> securityContexts=Lists.newArrayList(securityContext);
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.basePackage("com.xiaominfo.knife4j.oauth2.web"))
.paths(PathSelectors.any())
.build()
.securityContexts(securityContexts)
.securitySchemes(securitySchemes)
.apiInfo(apiInfo());


}



private ApiInfo apiInfo() {
return new ApiInfoBuilder().title("knife4j-oauth2-demo").description("")
.termsOfServiceUrl("https://doc.xiaominfo.com")
.contact(new Contact("Developers", "https://gitee.com/xiaoym/knife4j", ""))
.license("Open Source")
.licenseUrl("\"https://www.apache.org/licenses/LICENSE-2.0")
.version("1.0.0")
.build();

}


}

最终呈现界面如下:

输入username,password,clientId以及clientSecret,然后点击Authorize按钮进行授权即可

授权完成后,测试我们再我们的接口中,就会看到我们的参数Authorization值已经更新了,如下图: