Bearer Authentication #26
Description
Hi, I am trying to implement a Bearer token authentication. I am experiencing the exact same problems as explained in this issue: https://github.com/springfox/springfox/issues/2194.
I followed all recommendations but I am still unable to see the "lock" at the methods I am trying to secure.
My Docket method is as follows:
@Bean
Docket api() {
new Docket(DocumentationType.SWAGGER_2)
.ignoredParameterTypes(MetaClass)
.select()
.apis(RequestHandlerSelectors.basePackage(myPackage))
.paths(not(ant("/error")))
.build()
.host(myHost)
.pathMapping(myPath)
.securitySchemes(Arrays.asList(apiKey()))
.securityContexts(Arrays.asList(securityContext()))
.useDefaultResponseMessages(false)
}
The other security related methods are:
@Bean
SecurityConfiguration security() {
return SecurityConfigurationBuilder.builder()
.clientId("test")
.clientSecret("test-secret")
.scopeSeparator("")
.useBasicAuthenticationWithAccessCodeGrant(false)
.build()
}
private ApiKey apiKey() {
return new ApiKey("apiKey", "Authorization", "header")
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.forPaths(PathSelectors.regex("/accounts/api/v2.*"))
.build()
}
private List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything")
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1]
authorizationScopes[0] = authorizationScope
return Arrays.asList(new SecurityReference("apiKey", authorizationScopes))
}
I even added the code at my API methods as follows:
@ApiOperation(value="Create new.", authorizations = @Authorization("apiKey"))
My end result is having a popup where I can successfully input a token but it is not being passed on to the requests. I am using the following:
compile "io.springfox:springfox-swagger2:2.8.0"
compile "io.springfox:springfox-swagger-ui:2.8.0"
compile "io.springfox.grails:springfox-grails:1.0.0"
Any help would be greatly appreciated. Cheers.