我使用springdoc-openapi-ui作为API文档
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-ui</artifactId>
<version>1.6.14</version>
</dependency>
并且,遵循Spring Boot的安全配置。
.
.
public static String[] SWAGGER_WHITELIST = {
"/api-docs",
"/swagger-ui.html",
"/swagger-resources/**",
"/webjars/**",
"/swagger.json"
};
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.cors().disable();
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http
.authorizeHttpRequests()
.requestMatchers(SWAGGER_WHITELIST).permitAll()
.requestMatchers(AUTH_WHITELIST).permitAll()
.and()
.addFilterAt(new JWTAuthenticationFilter(userService, jwtService, authenticationProvider()), UsernamePasswordAuthenticationFilter.class)
// .addFilterAfter(new UserAuthorizationFilter(), JWTAuthenticationFilter.class)
.authorizeHttpRequests()
.anyRequest().authenticated();
return http.build();
}
.
.
Spring boot父版本:3
当我尝试访问http://localhost:8080/swagger-ui.html时,我得到403。
有人遇到类似的问题吗?有什么问题吗?
我试着
- 将swagger url加入白名单
- 从config 更改swagger文档路径
我
- 调试失败,控制台没有显示任何异常
- 它只是拒绝请求而不打印任何日志
以下更改为我修复了这个问题
- 从springdoc-openapi-ui:1.6.14更改为springdoc-openapi-starter-webmvc-ui:2.0.2,因为它支持spring启动v3。
- 添加以下内容到白名单
public static String[] SWAGGER_WHITELIST = {
"/api-docs/**",
"/api-docs.yaml",
"/swagger-ui/**",
"/swagger-ui.html",
};
- 新的.properties文件(与白名单匹配)
#Swagger
springdoc.swagger-ui.path=/swagger-ui.html
springdoc.api-docs.path=/api-docs