一、序言
在生产环境下,我们需要关闭swagger配置,避免暴露接口的这种危险行为。
二、方法:
禁用方法1:
使用注解 @Value() 推荐使用
1 package com.dc.config;
2
3 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
4 import org.springframework.context.annotation.Bean;
5 import org.springframework.context.annotation.Configuration;
6 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
7 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
8 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
9 import springfox.documentation.builders.ApiInfoBuilder;
10 import springfox.documentation.builders.PathSelectors;
11 import springfox.documentation.builders.RequestHandlerSelectors;
12 import springfox.documentation.service.ApiInfo;
13 import springfox.documentation.service.Contact;
14 import springfox.documentation.spi.DocumentationType;
15 import springfox.documentation.spring.web.plugins.Docket;
16 import springfox.documentation.swagger2.annotations.EnableSwagger2;
17
18 /**
19 * @author zhaohp
20 * @version V1.0
21 * @Package com.dc.config
22 * @date 2018/1/16 17:33
23 * @Description: 主要用途:开启在线接口文档和添加相关配置
24 */
25 @Configuration
26 @EnableSwagger2
27 public class Swagger2Config extends WebMvcConfigurerAdapter {
28
29 @Value("${swagger.enable}")
30 private Boolean enable;
31
32 @Bean
33 public Docket createRestApi() {
34 return new Docket(DocumentationType.SWAGGER_2)
35 .enable(enable)
36 .apiInfo(apiInfo())
37 .select()
38 .apis(RequestHandlerSelectors.basePackage("com.dc.controller"))
39 .paths(PathSelectors.any())
40 //.paths(PathSelectors.none())
41 .build();
42 }
43
44 private ApiInfo apiInfo() {
45 return new ApiInfoBuilder()
46 .title("auth系统数据接口文档")
47 .description("此系统为新架构Api说明文档")
48 .termsOfServiceUrl("")
49 .contact(new Contact("赵化鹏 18310695431@163.com", "", "zhaohuapeng@zichan360.com"))
50 .version("1.0")
51 .build();
52 }
53
54 /**
55 * swagger ui资源映射
56 * @param registry
57 */
58 @Override
59 public void addResourceHandlers(ResourceHandlerRegistry registry) {
60 registry.addResourceHandler("swagger-ui.html")
61 .addResourceLocations("classpath:/META-INF/resources/");
62
63 registry.addResourceHandler("/webjars/**")
64 .addResourceLocations("classpath:/META-INF/resources/webjars/");
65 }
66
67 /**
68 * swagger-ui.html路径映射,浏览器中使用/api-docs访问
69 * @param registry
70 */
71 @Override
72 public void addViewControllers(ViewControllerRegistry registry) {
73 registry.addRedirectViewController("/api-docs","/swagger-ui.html");
74 }
75 }
禁用方法2:
使用注解@Profile({“dev”,“test”}) 表示在开发或测试环境开启,而在生产关闭。(推荐使用)
1 package com.dc.config;
2
3 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
4 import org.springframework.context.annotation.Bean;
5 import org.springframework.context.annotation.Configuration;
6 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
7 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
8 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
9 import springfox.documentation.builders.ApiInfoBuilder;
10 import springfox.documentation.builders.PathSelectors;
11 import springfox.documentation.builders.RequestHandlerSelectors;
12 import springfox.documentation.service.ApiInfo;
13 import springfox.documentation.service.Contact;
14 import springfox.documentation.spi.DocumentationType;
15 import springfox.documentation.spring.web.plugins.Docket;
16 import springfox.documentation.swagger2.annotations.EnableSwagger2;
17
18 /**
19 * @author zhaohp
20 * @version V1.0
21 * @Package com.dc.config
22 * @date 2018/1/16 17:33
23 * @Description: 主要用途:开启在线接口文档和添加相关配置
24 */
25 @Configuration
26 @EnableSwagger2
27 @Profile({“dev”,“test”})
28 public class Swagger2Config extends WebMvcConfigurerAdapter {
29
30 @Bean
31 public Docket createRestApi() {
32 return new Docket(DocumentationType.SWAGGER_2)
33 .apiInfo(apiInfo())
34 .select()
35 .apis(RequestHandlerSelectors.basePackage("com.dc.controller"))
36 .paths(PathSelectors.any())
37 //.paths(PathSelectors.none())
38 .build();
39 }
40
41 private ApiInfo apiInfo() {
42 return new ApiInfoBuilder()
43 .title("auth系统数据接口文档")
44 .description("此系统为新架构Api说明文档")
45 .termsOfServiceUrl("")
46 .contact(new Contact("赵化鹏 18310695431@163.com", "", "zhaohuapeng@zichan360.com"))
47 .version("1.0")
48 .build();
49 }
50
51 /**
52 * swagger ui资源映射
53 * @param registry
54 */
55 @Override
56 public void addResourceHandlers(ResourceHandlerRegistry registry) {
57 registry.addResourceHandler("swagger-ui.html")
58 .addResourceLocations("classpath:/META-INF/resources/");
59
60 registry.addResourceHandler("/webjars/**")
61 .addResourceLocations("classpath:/META-INF/resources/webjars/");
62 }
63
64 /**
65 * swagger-ui.html路径映射,浏览器中使用/api-docs访问
66 * @param registry
67 */
68 @Override
69 public void addViewControllers(ViewControllerRegistry registry) {
70 registry.addRedirectViewController("/api-docs","/swagger-ui.html");
71 }
72 }
禁用方法3:
使用注解@ConditionalOnProperty(name = “swagger.enable”,
havingValue = “true”) 然后在测试配置或者开发配置中 添加 swagger.enable = true
即可开启,生产环境不填则默认关闭Swagger.
关键就是这里的 @ConditionalOnProperty
这里的属性key是 swagger.enable ,havingValue 是期望值,只有在值等于期望值的时候,才会生效。也就是说,swagger.enable只能为true的时候才会生效,其他值或不设值,都不会生效的。
1 package com.dc.config;
2
3 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
4 import org.springframework.context.annotation.Bean;
5 import org.springframework.context.annotation.Configuration;
6 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
7 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
8 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
9 import springfox.documentation.builders.ApiInfoBuilder;
10 import springfox.documentation.builders.PathSelectors;
11 import springfox.documentation.builders.RequestHandlerSelectors;
12 import springfox.documentation.service.ApiInfo;
13 import springfox.documentation.service.Contact;
14 import springfox.documentation.spi.DocumentationType;
15 import springfox.documentation.spring.web.plugins.Docket;
16 import springfox.documentation.swagger2.annotations.EnableSwagger2;
17
18 /**
19 * @author zhaohp
20 * @version V1.0
21 * @Package com.dc.config
22 * @date 2018/1/16 17:33
23 * @Description: 主要用途:开启在线接口文档和添加相关配置
24 */
25 @Configuration
26 @EnableSwagger2
27 @ConditionalOnProperty(name ="enabled" ,prefix = "swagger",havingValue = "true",matchIfMissing = true)
28 public class Swagger2Config extends WebMvcConfigurerAdapter {
29
30 @Bean
31 public Docket createRestApi() {
32 return new Docket(DocumentationType.SWAGGER_2)
33 .apiInfo(apiInfo())
34 .select()
35 .apis(RequestHandlerSelectors.basePackage("com.dc.controller"))
36 .paths(PathSelectors.any())
37 //.paths(PathSelectors.none())
38 .build();
39 }
40
41 private ApiInfo apiInfo() {
42 return new ApiInfoBuilder()
43 .title("auth系统数据接口文档")
44 .description("此系统为新架构Api说明文档")
45 .termsOfServiceUrl("")
46 .contact(new Contact("赵化鹏 18310695431@163.com", "", "zhaohuapeng@zichan360.com"))
47 .version("1.0")
48 .build();
49 }
50
51 /**
52 * swagger ui资源映射
53 * @param registry
54 */
55 @Override
56 public void addResourceHandlers(ResourceHandlerRegistry registry) {
57 registry.addResourceHandler("swagger-ui.html")
58 .addResourceLocations("classpath:/META-INF/resources/");
59
60 registry.addResourceHandler("/webjars/**")
61 .addResourceLocations("classpath:/META-INF/resources/webjars/");
62 }
63
64 /**
65 * swagger-ui.html路径映射,浏览器中使用/api-docs访问
66 * @param registry
67 */
68 @Override
69 public void addViewControllers(ViewControllerRegistry registry) {
70 registry.addRedirectViewController("/api-docs","/swagger-ui.html");
71 }
72 }