“Quarkus Swagger-UI Authorization” 可翻译为:**Quarkus Swagger-UI 授权**

huangapple go评论79阅读模式
英文:

Quarkus Swagger-UI Authorization

问题

我目前正在使用Quarkus和由quarkus-smallrye-openapi提供的Swagger-UI进行工作。
我们使用Azure AD的OIDC作为安全性,但Swagger-UI目前不支持它(请参阅Swagger文档),所以我无法向Swagger添加“真正的”授权。
这意味着,我无法使用Swagger,因为我的端点至少受到@RolesAllowed的保护。
我们有一个端点来获取模拟安全令牌,但我不知道如何告诉Swagger使用此令牌。
基本上,我想告诉swagger-ui:“这里,我有这个令牌,请将它添加为所有请求的Authorization: Bearer XXX”,但我不知道如何在Quarkus中实现这一点。

英文:

Im currently working with Quarkus and Swagger-UI as delivered by quarkus-smallrye-openapi.
We have OIDC from Azure AD as security, which is currently not supported by Swagger-UI (see Swagger-Docs), so I can't add the "real" authorization to swagger.
This means, I can't use Swagger since my endpoints are at least secured with @RolesAllowed.
We have an endpoint to fetch a mock-security token, but I don't know how to tell swagger to take this token.
Basically I want to tell swagger-ui "Here, I have this token, add it as Authorization: Bearer XXXto all requests", but I don't know how to do that in Quarkus.

答案1

得分: 10

Sure, here's the translated content:

  1. 注册安全方案
@Path("/sample")
@SecuritySchemes(value = {
        @SecurityScheme(securitySchemeName = "apiKey", 
                        type = SecuritySchemeType.HTTP,
                        scheme = "Bearer")}
)
public class SampleResource {
  1. 使用已注册的方案名称标记操作的安全要求。
    @GET
    @SecurityRequirement(name = "apiKey")
    String hello() {
  1. 现在在Swagger页面上应该有授权选项。在此处输入您的模拟API密钥。
    “Quarkus Swagger-UI Authorization” 可翻译为:**Quarkus Swagger-UI 授权**

  2. 从Swagger UI触发服务。现在您可以在请求中看到设置了Authorization: Bearer <VALUE>头部。

英文:
  1. Register security scheme
@Path(&quot;/sample&quot;)
@SecuritySchemes(value = {
        @SecurityScheme(securitySchemeName = &quot;apiKey&quot;, 
                        type = SecuritySchemeType.HTTP,
                        scheme = &quot;Bearer&quot;)}
)
public class SampleResource {
  1. Mark the operation's security requirement with the scheme name registered.
    @GET
    @SecurityRequirement(name = &quot;apiKey&quot;)
    String hello() {
  1. Authorize option should be now available on swagger page. Enter your mock api key here.
    “Quarkus Swagger-UI Authorization” 可翻译为:**Quarkus Swagger-UI 授权**

  2. Trigger the service from swagger ui. You could now see Authorization: Bearer &lt;VALUE&gt; header set in request.

huangapple
  • 本文由 发表于 2020年10月1日 19:37:04
  • 转载请务必保留本文链接:https://go.coder-hub.com/64154593.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定