解决安全漏扫问题

21e18b2a · 阳浪 · d14bb2ed · 21e18b2a · 21e18b2a
Commit 21e18b2a authored Dec 26, 2024 by 阳浪
Show whitespace changes
Inline Side-by-side

Showing with 27 additions and 2 deletions

cloud-lecturer/src/main/java/com/yizhi/application/LecturerApplication.java
+7 -0

cloud-lecturer/src/main/java/com/yizhi/application/SwaggerConfig.java
+20 -2

No files found.
--- a/cloud-lecturer/src/main/java/com/yizhi/application/LecturerApplication.java
+++ b/cloud-lecturer/src/main/java/com/yizhi/application/LecturerApplication.java
 package com.yizhi.application;
+import com.yizhi.core.application.security.config.SpringSecurityConfig;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.amqp.RabbitAutoConfiguration;
 import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
 import org.springframework.cloud.openfeign.EnableFeignClients;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.DependsOn;
 import org.springframework.transaction.annotation.EnableTransactionManagement;
 /**
@@ -23,5 +26,9 @@ public class LecturerApplication {
 	public static void main(String[] args) {
 		SpringApplication.run(LecturerApplication.class, args);
 	}
+	@Bean
+	public SpringSecurityConfig springSecurityConfig(){
+		return new SpringSecurityConfig();
+	}
 }
--- a/cloud-lecturer/src/main/java/com/yizhi/application/SwaggerConfig.java
+++ b/cloud-lecturer/src/main/java/com/yizhi/application/SwaggerConfig.java
@@ -7,11 +7,15 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.context.request.async.DeferredResult;
 import springfox.documentation.builders.ApiInfoBuilder;
-import springfox.documentation.service.ApiInfo;
+import springfox.documentation.builders.PathSelectors;
+import springfox.documentation.service.*;
 import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spi.service.contexts.SecurityContext;
 import springfox.documentation.spring.web.plugins.Docket;
 import springfox.documentation.swagger2.annotations.EnableSwagger2;
+import java.util.Collections;
 import static com.google.common.base.Predicates.or;
 import static springfox.documentation.builders.PathSelectors.regex;
@@ -32,7 +36,21 @@ public class SwaggerConfig {
                .pathMapping("/")
                .select()
                .build()
-                .apiInfo(apiInfo());
+                .apiInfo(apiInfo())
+                .securitySchemes(Collections.singletonList(securitySchema()))
+                .securityContexts(Collections.singletonList(securityContext()));
+    }
+    private SecurityScheme securitySchema() {
+        return new BasicAuth("BasicAuth");
+    }
+    private SecurityContext securityContext() {
+        return SecurityContext.builder()
+                .securityReferences(Collections.singletonList(
+                        new SecurityReference("BasicAuth", new AuthorizationScope[] {new AuthorizationScope("global", "accessAll")})))
+                .forPaths(PathSelectors.any())
+                .build();
    }
    private ApiInfo apiInfo() {