The judgment problem when the parameter of `Authorize` of `knife4j-springdoc-ui` is empty

[linghengqian]

Hi, due to the change of the default value of spring.mvc.pathmatch.matching-strategy after spring-boot-starter-parent:2.6.0, I am currently trying to migrate from springfox to springdoc, so I used knife4j -springdoc-ui. The component versions I use are org.springdoc:springdoc-openapi-ui:1.5.13 and com.github.xiaoymin:knife4j-springdoc-ui:3.0.3.

<!-- https://mvnrepository.com/artifact/org.springdoc/springdoc-openapi-ui -->
        <dependency>
            <groupId>org.springdoc</groupId>
            <artifactId>springdoc-openapi-ui</artifactId>
            <version>1.5.13</version>
        </dependency>
        <!-- https://mvnrepository.com/artifact/com.github.xiaoymin/knife4j-springdoc-ui -->
        <dependency>
            <groupId>com.github.xiaoymin</groupId>
            <artifactId>knife4j-springdoc-ui</artifactId>
            <version>3.0.3</version>
        </dependency>

The relevant configuration of my Swagger is as follows.

springdoc:
  version: '3.8.19'
  api-docs:
    groups:
      enabled: true
  swagger-ui:
    display-request-duration: true
    groups-order: DESC
    operationsSorter: method
    disable-swagger-default-url: true
    use-root-path: true
  show-actuator: true
  group-configs:
    - group: old
      paths-to-match: /param/getParamConf, /overView/findPath
  show-login-endpoint: true

 @Bean
    public GroupedOpenApi usersGroup() {
        return GroupedOpenApi.builder().group("users")
                .addOperationCustomizer((operation, handlerMethod) -> {
                    operation.addSecurityItem(new SecurityRequirement().addList("AuthorizationToken"));
                    operation.addSecurityItem(new SecurityRequirement().addList("LinghUserName"));
                    return operation;
                })
                .packagesToScan("com.lingh.controller")
                .build();
    }

    @Bean
    public OpenAPI customOpenAPI(@Value("${springdoc.version}") String appVersion) {
        return new OpenAPI()
                .addSecurityItem(new SecurityRequirement().addList("AuthorizationToken"))
                .addSecurityItem(new SecurityRequirement().addList("LinghUserName"))
                .components(new Components()
                                .addSecuritySchemes("AuthorizationToken", new SecurityScheme()
                                        .type(SecurityScheme.Type.APIKEY)
                                        .in(SecurityScheme.In.HEADER)
                                        .name("AuthorizationToken"))
                                .addSecuritySchemes("LinghUserName", new SecurityScheme()
                                        .type(SecurityScheme.Type.APIKEY)
                                        .in(SecurityScheme.In.HEADER)
                                        .name("LinghUserName"))
                )
                .info(new Info().title("SwaggerAPI").version(appVersion).description(
                                "test")
                        .termsOfService(null)
                        .license(new License().name("None LICENSE").url(null))
                        .contact(new Contact().name("linghengqian").url("https://github.com/linghengqian").email("[email protected]")));
    }

I therefore noticed a problem. In this configuration, the Authorize of the UI of springdoc allows all parameters to be empty or some parameters are empty, while the Authorize of the UI of knife4j requires that all parameters cannot be empty. I think This is a display problem.

In contrast, the UI of springdoc allows the parameter part to be empty, so there is no such problem.

Of course, there is an extremely simple solution. Modify the bean as follows.

@Bean
    public GroupedOpenApi usersGroup() {
        return GroupedOpenApi.builder().group("users")
                .packagesToScan("com.lingh.controller")
                .build();
    }

    @Bean
    public OpenAPI customOpenAPI(@Value("${springdoc.version}") String appVersion) {
        return new OpenAPI()
                .addSecurityItem(new SecurityRequirement().addList("AuthorizationToken"))
                .addSecurityItem(new SecurityRequirement().addList("LinghUserName"))
                .components(new Components()
                                .addSecuritySchemes("AuthorizationToken", new SecurityScheme()
                                        .type(SecurityScheme.Type.APIKEY)
                                        .in(SecurityScheme.In.HEADER)
                                        .name("AuthorizationToken"))
                                .addSecuritySchemes("LinghUserName", new SecurityScheme()
                                        .type(SecurityScheme.Type.APIKEY)
                                        .in(SecurityScheme.In.HEADER)
                                        .name("LinghUserName"))
                )
                .info(new Info().title("SwaggerAPI").version(appVersion).description(
                                "test")
                        .termsOfService(null)
                        .license(new License().name("None LICENSE").url(null))
                        .contact(new Contact().name("linghengqian").url("https://github.com/linghengqian").email("[email protected]")));
    }

Such modification will cause Authorize to become invalid in the current group. But I think knife4j -springdoc-ui is only used as the UI of springdoc and should not show different characteristics from springdoc, so I think this is a bug.