我正在尝试使用 openapi-generator 生成的(java)代码来访问 oauth2 安全 api 端点。
生成的代码是使用 open-api-generator-maven-plugin 和 pom 完成的:
<build>
<plugins>
<plugin>
<groupId>org.openapitools</groupId>
<artifactId>openapi-generator-maven-plugin</artifactId>
<version>5.4.0</version>
<executions>
<execution>
<goals>
<goal>generate</goal>
</goals>
<configuration>
<inputSpec>/home/git/scpec.json</inputSpec>
<skipValidateSpec>true</skipValidateSpec>
<generatorName>java</generatorName>
<generateApiTests>false</generateApiTests>
<generateModelTests>false</generateModelTests>
<apiPackage>test.storage.api</apiPackage>
<modelPackage>test.storage.model</modelPackage>
<configOptions>
</configOptions>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
生成的代码接缝结构良好。 要使用生成的代码,我在此处运行以下示例:
HashMap parameters = new HashMap<>();
parameters.put("scope","perf");
parameters.put("login","user-login");
parameters.put("password","xxxxxxxxxxxxxxx");
parameters.put("grant_type","password");
ApiClient client = new ApiClient(url, "clientId", "clientSecret", parameters);
PluginControllerApi api = new PluginControllerApi(client);
List<EntityModelString> types = api.getPluginTypes(true);
Assertions.assertTrue(!types.isEmpty());
生成代码是在规范下使用此处生成的:
{
"openapi": "3.0.1",
"info": {
"title": "Storage service",
"description": "Files storage management",
"license": {
"name": "GPL-3.0"
},
"version": "1.0.0"
},
"servers": [
{
"url": "http://myserver/api/v1/rs-storage",
"description": "Generated server url"
}
],
"security": [
{
"REGARDS_OAUTH2": []
}
],
"paths": {
"/plugintypes": {
"get": {
"tags": [
"plugin-controller"
],
"operationId": "getPluginTypes",
"parameters": [
{
"name": "available",
"in": "query",
"required": false,
"schema": {
"type": "boolean"
}
}
],
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"type": "array",
"items": {
"$ref": "#/components/schemas/EntityModelString"
}
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"EntityModelString": {
"type": "object",
"properties": {
"content": {
"type": "string"
},
"links": {
"type": "array",
"items": {
"$ref": "#/components/schemas/Link"
}
}
}
},
"Link": {
"type": "object",
"properties": {
"rel": {
"type": "string"
},
"href": {
"type": "string"
},
"hreflang": {
"type": "string"
},
"media": {
"type": "string"
},
"title": {
"type": "string"
},
"type": {
"type": "string"
},
"deprecation": {
"type": "string"
},
"profile": {
"type": "string"
},
"name": {
"type": "string"
}
}
}
},
"securitySchemes": {
"REGARDS_OAUTH2": {
"type": "oauth2",
"flows": {
"password": {
"tokenUrl": "http://myserver/api/v1/rs-authentication/oauth/token",
"scopes": {
"perf": ""
}
}
}
}
}
}
}
当我运行测试代码时,客户端 api 调用配置的端点进行身份验证,但在 oauth/token@POST 请求中发送的标头“Authorization: basic xxxxxxx”(其中 xxxx 是 clientId:clientSecret 以 base64 编码)未提供。 oauth2 需要此标头在对用户进行身份验证之前对客户端进行身份验证。
有没有办法配置任何内容以在 oauth2 令牌请求中添加此标头?
谢谢。
编辑:我的问题似乎与一个未解决的问题有关:https://github.com/swagger-api/swagger-codegen/issues/7648。有计划修复吗?
这对我有用:
springdoc:
oauth:
client-id: da
client-secret: da_secret
scopes:
- read
- write
- admin
use-basic-authentication-with-access-code-grant: true
Authorization: Basic ZGE6ZGFfc2VjcmV0