为Service Fabric

时间:2017-03-05 14:51:23

标签: azure swagger azure-service-fabric swagger-ui

我们启用了Swagger for Web API应用程序,该应用程序托管在Azure Service Fabric上。我们希望在Swagger UI上启用安全性。所以我按照下面的url启用了安全性 - https://blogs.msdn.microsoft.com/pratushb/2016/04/28/enable-swagger-to-authenticate-against-azure-ad/ https://github.com/domaindrivendev/Swashbuckle/issues/671(Oleksandr-Tokmakov的回应)

我可以看到“可用授权”弹出窗口,我可以在单击“授权”按钮的另一个选项卡上看到AAD身份验证成功完成。但是一旦身份验证完成,我看到令牌不会返回swagger ui,身份验证选项卡也不会关闭。

以下是我使用的代码。 (我创建了两个AAD,一个用于Service Fabric上托管的Web服务,另一个用于Swagger UI)

 config.EnableSwagger(
   c =>
    {
        c.SingleApiVersion("v1", "Title of Service");
        c.OAuth2("oauth2")
            .Description("OAuth2 Implicit Grant")
            .Flow("implicit")
            .AuthorizationUrl("https://login.microsoftonline.com/tenentId-guid/oauth2/authorize")
            .Scopes(scopes =>
            {
                scopes.Add("user_impersonation", "Access Services Local Swagger Secure");
            });
        c.OperationFilter<AssignOAuth2SecurityRequirements>();
    }
).EnableSwaggerUi(c =>
{
    c.EnableOAuth2Support(
            clientId: "Swagger AAD application Client Id",
            clientSecret: "Swagger AAD application Key",
            realm: "https://localhost:444/swagger/ui/o2c-html",
            appName: "https://serviceslocal/swagger/", // Free text, no reference to AAD
            scopeSeperator: "",
            additionalQueryStringParams: new Dictionary<string, string>() { { "resource", "Web API AAD application Client Id" } }
        );
}
);


public class AssignOAuth2SecurityRequirements : IOperationFilter
    {
        public void Apply(Operation operation, SchemaRegistry schemaRegistry, ApiDescription apiDescription)
        {
            // Correspond each "Authorize" role to an oauth2 scope
            var scopes = apiDescription.ActionDescriptor.GetFilterPipeline()
                .Select(filterInfo => filterInfo.Instance)
                .OfType<AuthorizeAttribute>()
                .SelectMany(attr => attr.Roles.Split(','))
                .Distinct();
            if (scopes.Any())
            {
                if (operation.security == null)
                    operation.security = new List<IDictionary<string, IEnumerable<string>>>();
                var oAuthRequirements = new Dictionary<string, IEnumerable<string>>
            {
                { "oauth2", scopes }
            };
                operation.security.Add(oAuthRequirements);
            }
        }
    }

1 个答案:

答案 0 :(得分:0)

我使用的是Auth0,但这是我为OAuth2所获得的功能。

options.AddSecurityDefinition("oauth2", new OAuth2Scheme
{
    Type = "oauth2",
    Flow = "implicit",
    AuthorizationUrl = Path.Combine(auth0Settings["Authority"].Value, "authorize")
});

app.UseSwaggerUI(c =>
{
    c.RoutePrefix = "docs";
    c.InjectOnCompleteJavaScript("/swagger-ui.js");
    c.SwaggerEndpoint("/swagger/v1/swagger.json", "Easy Streak API");
    c.ConfigureOAuth2(auth0Settings["ClientId"].Value, auth0Settings["ClientSecret"].Value, auth0Settings["Authority"].Value, "EasyStreak API");
});
相关问题
最新问题