diff --git a/README.md b/README.md
index e875b8c..b13f5c2 100644
--- a/README.md
+++ b/README.md
@@ -283,6 +283,9 @@ swagger.docket.aaa.ignored-parameter-types[1]=com.didispace.demo.Product
# 鉴权策略ID,对应 SecurityReferences ID
swagger.authorization.name=Authorization
+# 鉴权策略,可选 ApiKey | BasicAuth | None,默认ApiKey
+swagger.authorization.type=ApiKey
+
# 鉴权传递的Header参数
swagger.authorization.key-name=token
@@ -290,7 +293,7 @@ swagger.authorization.key-name=token
swagger.authorization.auth-regex=^.*$
```
-备注:目前支持`ApiKey`鉴权模式,后续添加`Oauth2`和`BasicAuth`支持
+备注:目前支持`ApiKey` | `BasicAuth`鉴权模式,`None`除消鉴权模式,默认ApiKey,后续添加`Oauth2`支持
**使用须知**
diff --git a/pom.xml b/pom.xml
index ac1cb28..5f3789f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
com.spring4all
swagger-spring-boot-starter
- 1.8.0.RELEASE
+ 1.9.0.RELEASE
spring-boot-starter-swagger
https://github.com/SpringForAll/spring-boot-starter-swagger
@@ -50,7 +50,7 @@
1.8
2.9.2
1.5.10.RELEASE
- 1.16.18
+ 1.18.6
diff --git a/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java b/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java
index 143dd4e..77d9e9f 100644
--- a/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java
+++ b/src/main/java/com/spring4all/swagger/SwaggerAutoConfiguration.java
@@ -107,11 +107,16 @@ public List createRestApi(SwaggerProperties swaggerProperties) {
Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2)
.host(swaggerProperties.getHost())
.apiInfo(apiInfo)
- .securitySchemes(Collections.singletonList(apiKey()))
.securityContexts(Collections.singletonList(securityContext()))
.globalOperationParameters(buildGlobalOperationParametersFromSwaggerProperties(
swaggerProperties.getGlobalOperationParameters()));
+ if ("BasicAuth".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) {
+ docketForBuilder.securitySchemes(Collections.singletonList(basicAuth()));
+ } else if (!"None".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) {
+ docketForBuilder.securitySchemes(Collections.singletonList(apiKey()));
+ }
+
// 全局响应消息
if (!swaggerProperties.getApplyDefaultResponseMessages()) {
buildGlobalResponseMessage(swaggerProperties, docketForBuilder);
@@ -175,11 +180,16 @@ public List createRestApi(SwaggerProperties swaggerProperties) {
Docket docketForBuilder = new Docket(DocumentationType.SWAGGER_2)
.host(swaggerProperties.getHost())
.apiInfo(apiInfo)
- .securitySchemes(Collections.singletonList(apiKey()))
.securityContexts(Collections.singletonList(securityContext()))
.globalOperationParameters(assemblyGlobalOperationParameters(swaggerProperties.getGlobalOperationParameters(),
docketInfo.getGlobalOperationParameters()));
+ if ("BasicAuth".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) {
+ docketForBuilder.securitySchemes(Collections.singletonList(basicAuth()));
+ } else if (!"None".equalsIgnoreCase(swaggerProperties.getAuthorization().getType())) {
+ docketForBuilder.securitySchemes(Collections.singletonList(apiKey()));
+ }
+
// 全局响应消息
if (!swaggerProperties.getApplyDefaultResponseMessages()) {
buildGlobalResponseMessage(swaggerProperties, docketForBuilder);
@@ -218,6 +228,15 @@ private ApiKey apiKey() {
ApiKeyVehicle.HEADER.getValue());
}
+ /**
+ * 配置基于 BasicAuth 的鉴权对象
+ *
+ * @return
+ */
+ private BasicAuth basicAuth() {
+ return new BasicAuth(swaggerProperties().getAuthorization().getName());
+ }
+
/**
* 配置默认的全局鉴权策略的开关,以及通过正则表达式进行匹配;默认 ^.*$ 匹配所有URL
* 其中 securityReferences 为配置启用的鉴权策略
diff --git a/src/main/java/com/spring4all/swagger/SwaggerProperties.java b/src/main/java/com/spring4all/swagger/SwaggerProperties.java
index 0a43142..17768f6 100644
--- a/src/main/java/com/spring4all/swagger/SwaggerProperties.java
+++ b/src/main/java/com/spring4all/swagger/SwaggerProperties.java
@@ -344,6 +344,11 @@ static class Authorization {
*/
private String name = "Authorization";
+ /**
+ * 鉴权策略,可选 ApiKey | BasicAuth | None,默认ApiKey
+ */
+ private String type = "ApiKey";
+
/**
* 鉴权传递的Header参数
*/