Swagger-ui:如何配置为与MVC核心项目一起使用

时间:2018-07-24 03:00:23

标签: authorization access-token identityserver4 swagger-ui

如果在控制器上设置了授权属性,如何配置swagger-ui来调用Web api。我已经配置好了,但是无法正常工作,或者我做错了方法。

        public void ConfigureServices(IServiceCollection services)
    {

        services.AddSwaggerGen(options =>
        {
            options.DescribeAllEnumsAsStrings();
            options.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info
            {
                Title = "Parent Side HTTP API",
                Version = "v1",
                Description = "The Parent Side Microservcie HTTP API",
                TermsOfService = "Term Of Service"
            });
            options.AddSecurityDefinition("oauth2", new OAuth2Scheme
            {

                Type = "oauth2",
                Flow = "implicit",
                AuthorizationUrl = $"{Configuration.GetValue<string>("IdentityUrlExternal")}/connect/authorize",
                TokenUrl = $"{Configuration.GetValue<string>("IdentityUrlExternal")}/connect/token",
                Scopes = new Dictionary<string, string>()
                {
                    { "api1", "Read access to protected resources" }
                }
            });

            options.OperationFilter<AuthorizeCheckOperationFilter>();
        });

        services.AddCors(options =>
        {
            options.AddPolicy("CorsPolicy",
                builder => builder.AllowAnyOrigin()
                .AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials());
        });

        //services.AddCustomMvc(Configuration)
        //    .AddCustomAuthentication(Configuration);
        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
        var identityUrl = Configuration.GetValue<string>("urls:identity");
        services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;

        }).AddJwtBearer(options =>
        {
            options.Authority = Configuration.GetValue<string>("IdentityUrlExternal");
            options.RequireHttpsMetadata = false;
            options.Audience = "parent.api.gateway";              
            options.Events = new JwtBearerEvents()
            {
                OnAuthenticationFailed = async ctx =>
                {
                    int i = 0;
                },
                OnTokenValidated = async ctx =>
                {
                    int i = 0;
                }
            };
        });

        services.AddMvc(); 
        //    .AddIdentityServerAuthent;

    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseSwagger()
           .UseSwaggerUI(c =>
           {
               c.SwaggerEndpoint("/swagger/v1/swagger.json", "Parent API V1");
           }); 

        app.UseAuthentication();  

        app.UseMvc();
    }

enter image description here

它仅在身份服务器登录页面的新浏览器上显示。登录后,即使已登录,它也只会停留在同一登录屏幕上。

我什至使用BasicAuthScheme来显示登录弹出窗口。弹出窗口也显示为已授权,但列出的api仍然未经授权。一旦我授权,是否可以调用那些授权代码来执行。

1 个答案:

答案 0 :(得分:0)

如果使用的是swagger 3.0,则弹出窗口不会自动关闭,直到您单击“关闭”为止。

我看到您添加了作用域,但是您似乎没有将其应用于任何控制器。您必须在AddSecurityDefinition()之后调用AddSecurityRequirement()。

相关问题
最新问题