# 一、序言
在生产环境下,我们需要关闭 swagger 配置,避免暴露接口的这种危险行为。
# 二、方法
# 禁用方法 1
使用注解 @Value() 推荐使用
/**
* 主要用途:开启在线接口文档和添加相关配置
*/
@Configuration
@EnableSwagger2
public class Swagger2Config extends WebMvcConfigurerAdapter {
@Value("${swagger.enable}")
private Boolean enable;
@Bean
public Docket createRestApi() {
return new Docket(DocumentationType.SWAGGER_2)
.enable(enable)
.apiInfo(apiInfo())
.select()
.apis(RequestHandlerSelectors.basePackage("com.dc.controller"))
.paths(PathSelectors.any())
//.paths(PathSelectors.none())
.build();
}
private ApiInfo apiInfo() {
return new ApiInfoBuilder()
.title("auth系统数据接口文档")
.description("此系统为新架构Api说明文档")
.termsOfServiceUrl("")
.contact(new Contact("赵化鹏 18310695431@163.com", "", "zhaohuapeng@zichan360.com"))
.version("1.0")
.build();
}
/**
* swagger ui资源映射
*/
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("swagger-ui.html")
.addResourceLocations("classpath:/META-INF/resources/");
registry.addResourceHandler("/webjars/**")
.addResourceLocations("classpath:/META-INF/resources/webjars/");
}
/**
* swagger-ui.html路径映射,浏览器中使用/api-docs访问
*/
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addRedirectViewController("/api-docs","/swagger-ui.html");
}
}
# 禁用方法 2
使用注解@Profile({“dev”,“test”}) 表示在开发或测试环境开启,而在生产关闭。(推荐使用)
/**
* 开启在线接口文档和添加相关配置
*/
@Configuration
@EnableSwagger2
@Profile({“dev”,“test”})
public class Swagger2Config extends WebMvcConfigurerAdapter {
@Bean
public Docket createRestApi() {
return new Docket(DocumentationType.SWAGGER_2)
.apiInfo(apiInfo())
.select()
.apis(RequestHandlerSelectors.basePackage("com.dc.controller"))
.paths(PathSelectors.any())
//.paths(PathSelectors.none())
.build();
}
private ApiInfo apiInfo() {
return new ApiInfoBuilder()
.title("auth系统数据接口文档")
.description("此系统为新架构Api说明文档")
.termsOfServiceUrl("")
.contact(new Contact("赵化鹏 18310695431@163.com", "", "zhaohuapeng@zichan360.com"))
.version("1.0")
.build();
}
/**
* swagger ui资源映射
* @param registry
*/
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("swagger-ui.html")
.addResourceLocations("classpath:/META-INF/resources/");
registry.addResourceHandler("/webjars/**")
.addResourceLocations("classpath:/META-INF/resources/webjars/");
}
/**
* swagger-ui.html路径映射,浏览器中使用/api-docs访问
* @param registry
*/
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addRedirectViewController("/api-docs","/swagger-ui.html");
}
}
# 禁用方法 3
使用注解@ConditionalOnProperty(name ="enabled" ,prefix = "swagger",havingValue = "true") 然后在测试配置或者开发配置中 添加 swagger.enable = true 即可开启,生产环境不填则默认关闭 Swagger.
/**
* 开启在线接口文档和添加相关配置
*/
@Configuration
@EnableSwagger2
@ConditionalOnProperty(name ="enabled" ,prefix = "swagger",havingValue = "true",matchIfMissing = true)
public class Swagger2Config extends WebMvcConfigurerAdapter {
@Bean
public Docket createRestApi() {
return new Docket(DocumentationType.SWAGGER_2)
.apiInfo(apiInfo())
.select()
.apis(RequestHandlerSelectors.basePackage("com.dc.controller"))
.paths(PathSelectors.any())
//.paths(PathSelectors.none())
.build();
}
private ApiInfo apiInfo() {
return new ApiInfoBuilder()
.title("auth系统数据接口文档")
.description("此系统为新架构Api说明文档")
.termsOfServiceUrl("")
.contact(new Contact("赵化鹏 18310695431@163.com", "", "zhaohuapeng@zichan360.com"))
.version("1.0")
.build();
}
/**
* swagger ui资源映射
* @param registry
*/
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("swagger-ui.html")
.addResourceLocations("classpath:/META-INF/resources/");
registry.addResourceHandler("/webjars/**")
.addResourceLocations("classpath:/META-INF/resources/webjars/");
}
/**
* swagger-ui.html路径映射,浏览器中使用/api-docs访问
* @param registry
*/
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addRedirectViewController("/api-docs","/swagger-ui.html");
}
}
配置文件(application.yml)
#Swagger lock
swagger:
enabled: true