Swagger 2.0 where to declare Basic Auth Schema

Question

How do I define basic authentication using Swagger 2.0 annotations and have it display in swagger UI.

In the resource I have:

@ApiOperation(value = "Return list of categories", response=Category.class, responseContainer="List", httpMethod="GET", authorizations = {@Authorization(value="basicAuth")})
public Response getCategories();

I looked here:

https://github.com/swagger-api/swagger-core/wiki/Annotations#authorization-authorizationscope

And it says "Once you've declared and configured which authorization schemes you support in your API, you can use these annotation to note which authorization scheme is required on a resource or a specific operation" But I can't find anything that talks about where to declare and configure the authorization schemes.

Update:

I found code on how to declare the schema, but I still do not see any information about the authentication schema in the UI. I'm not sure what I am missing

@SwaggerDefinition
public class MyApiDefinition implements ReaderListener {
    public static final String BASIC_AUTH_SCHEME = "basicAuth";

    @Override
    public void beforeScan(Reader reader, Swagger swagger) {
    }

    @Override
    public void afterScan(Reader reader, Swagger swagger) {
        BasicAuthDefinition basicAuthDefinition = new BasicAuthDefinition();
        swagger.addSecurityDefinition(BASIC_AUTH_SCHEME, basicAuthDefinition);
    }
}

Answer 1

Using Springfox 2.6 annotations, you must first define Basic authentication as one of the security schemes when you set up the Docket in your configuration, like this:

List<SecurityScheme> schemeList = new ArrayList<>();
schemeList.add(new BasicAuth("basicAuth"));

return new 
  Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo)
                                     .securitySchemes(schemeList)
                                     ...

Then you can use the Springfox annotations in your service to set Basic Auth for the operation for which you want to require authentication:

@ApiOperation(value = "Return list of categories", response=Category.class, responseContainer="List", httpMethod="GET", authorizations = {@Authorization(value="basicAuth")})
public Response getCategories();

Answer 2

I struggeled with this as well. In my case i used the swagger-maven-plugin. To solve this i added this within the maven plugin:

<securityDefinitions>
  <securityDefinition>
    <name>basicAuth</name>
    <type>basic</type>
  </securityDefinition>
</securityDefinitions>

After that i was able to add it on my resource like this:

@Api(value = "My REST Interface", authorizations = {@Authorization(value="basicAuth")})

The generated json included the security element for each endpoint:

"security":[{
  "basicAuth" : []
 }]

And the security definition:

  "securityDefinitions" : {
    "basicAuth" : {
      "type" : "basic"
    }
  }

I hope this helps others as well.