knife4j生产环境禁止打开页面

Knife4j是一个集Swagger2 和 OpenAPI3为一体的增强解决方案,官网地址:Knife4j · 集Swagger2及OpenAPI3为一体的增强解决方案. | Knife4j

考虑到安全性问题,在实际服务部署到生产环境后就需要禁用到swagger页面的展示,这个时候只需要进行如下配置即可实现该功能:

复制代码
knife4j:
  production: true

是的,通过设置knife4j.production为true就意味着在生产环境下,这个时候就无法打开swagger对应页面,当你输入http://localhost:8081/doc.html页面会返回如下错误信息:

下面简单看下knife4j是如何实现该功能的,找到Knife4jAutoConfiguration这个类,看如下的Bean创建即可

    // knife4j.productio为true时创建ProductionSecurityFilter对象
    @Bean
    @ConditionalOnMissingBean(ProductionSecurityFilter.class)
    @ConditionalOnProperty(name = "knife4j.production", havingValue = "true")
    public ProductionSecurityFilter productionSecurityFilter(Knife4jProperties knife4jProperties) {
        boolean prod = false;
        ProductionSecurityFilter p = null;
        if (knife4jProperties == null) {
            if (environment != null) {
                String prodStr = environment.getProperty("knife4j.production");
                if (logger.isDebugEnabled()) {
                    logger.debug("swagger.production:{}", prodStr);
                }
                prod = Boolean.valueOf(prodStr);
            }
            p = new ProductionSecurityFilter(prod);
        } else {
            p = new ProductionSecurityFilter(knife4jProperties.isProduction());
        }
        
        return p;
    }
复制代码
ProductionSecurityFilter类如其名,该类是一个Filter实现类,所以看下这个类的doFilter方法实现
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        if (production) {
            String uri = httpServletRequest.getRequestURI();
            // 判断uri是否是要被拦截的地址,被拦截地址有如下几个:
            // 
     /*
    public BasicFilter() {
        urlFilters = new ArrayList<>();
        urlFilters.add(Pattern.compile(".*?/doc\\.html.*", Pattern.CASE_INSENSITIVE));
        urlFilters.add(Pattern.compile(".*?/v2/api-docs.*", Pattern.CASE_INSENSITIVE));
        urlFilters.add(Pattern.compile(".*?/v2/api-docs-ext.*", Pattern.CASE_INSENSITIVE));
        urlFilters.add(Pattern.compile(".*?/swagger-resources.*", Pattern.CASE_INSENSITIVE));
        urlFilters.add(Pattern.compile(".*?/swagger-resources/configuration/ui.*", Pattern.CASE_INSENSITIVE));
        urlFilters.add(Pattern.compile(".*?/swagger-resources/configuration/security.*", Pattern.CASE_INSENSITIVE));
        // https://gitee.com/xiaoym/knife4j/issues/I6H8BE
        urlFilters.add(Pattern.compile(".*?/swagger-ui.*", Pattern.CASE_INSENSITIVE));
        urlFilters.add(Pattern.compile(".*?/v3/api-docs.*", Pattern.CASE_INSENSITIVE));
    }*/
            if (!match(uri)) {
                chain.doFilter(request, response);
            } else {
                response.setContentType("text/palin;charset=UTF-8");
                PrintWriter pw = response.getWriter();
                // 下面信息就是页面展示的无权访问信息
                pw.write("You do not have permission to access this page");
                pw.flush();
            }
        } else {
            chain.doFilter(request, response);
        }
    }
相关推荐
Hello Dam2 天前
整合 Knife4j 于 Spring Cloud 网关:实现跨服务的 API 文档统一展示
后端·spring·spring cloud·knife4j
努力编程的阿伟4 个月前
Knife4j:为Spring Boot API赋能的文档生成器
ide·spring boot·knife4j·openapi
麻辣香蝈蝈4 个月前
【Java】微服务Knife4j报错503问题 网关整合解决
java·开发语言·spring boot·spring cloud·微服务·knife4j
小谭の努力4 个月前
Swagger的增强knife4j
spring boot·swagger·knife4j
hac13226 个月前
Knife4j 生成 API 文档
java·swagger·knife4j
你家宝宝7 个月前
自定义实现 Java17+SpringBoot3+OpenAPI+Knife4j Starter
springboot3·swagger·knife4j·java 17·接口文档
落败.8 个月前
SpringBoot整合knife4j
java·spring boot·后端·knife4j
AimerDaniil1 年前
Spring Cloud Gateway集成Knife4j
gateway·knife4j
一只呆桃酱1 年前
黑马头条---day1
nacos·gateway·swagger·knife4j