swaggerui集成oauth implicit
添加引用
Swashbuckle.AspNetCore
IdentityServer4.AccessTokenValidation
预先准备好IdentityServer4配置client与Api Resources
Startup 配置 Authentication Api Resources 和SwaggerUI Client配置
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc(option =>
{
option.Filters.Add(typeof(ActionFilter));
option.Filters.Add(typeof(ExceptionFilter));
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
string youAuthority = "http://127.0.0.1";
services.AddAuthentication("Bearer")
.AddIdentityServerAuthentication(options =>
{
options.Authority = youAuthority;
options.ApiName = "Api";
options.RequireHttpsMetadata = false;
}); services.AddSwaggerGen(options =>
{
options.SwaggerDoc("v1", new Info { Title = "Test Service API", Version = "v1" });
options.DocInclusionPredicate((docName, description) => true);
options.CustomSchemaIds(type => type.FullName); options.AddSecurityDefinition("oauth2", new OAuth2Scheme
{
Type = "oauth2",
Flow = "implicit",
AuthorizationUrl = $"{youAuthority}/connect/authorize",
TokenUrl = $"{youAuthority}/connect/token",
Scopes = new Dictionary<string, string>()
{
{ "scope", "定义的scope" } //Api Resources 中的 scope
}
}); options.OperationFilter<AuthResponsesOperationFilter>();
});
}public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseAuthentication();
app.UseMiddleware<FirstMiddleware>(); app.UseMvc(); app.UseSwagger().
UseSwaggerUI(options => {
options.SwaggerEndpoint("/swagger/v1/swagger.json", "Test Service API");
//支持 implicit 的 Client
options.OAuthClientId("swaggerui");
options.OAuthAppName("Test Service Swagger Ui");
});
}
对有鉴权属性的方法添加请求时传递token和添加预设返回状态
public class AuthResponsesOperationFilter : IOperationFilter
{
public void Apply(Operation operation, OperationFilterContext context)
{
// 反射Controller 包含 AuthorizeAttribute 时在请求头添加authorization: Bearer
var controllerScopes = context.ApiDescription.ControllerAttributes()
.OfType<AuthorizeAttribute>()
.Select(attr => attr.Policy); var actionScopes = context.MethodInfo
.GetCustomAttributes(true)
.OfType<AuthorizeAttribute>()
.Select(attr => attr.Policy)
.Distinct(); var requiredScopes = controllerScopes.Union(actionScopes).Distinct(); if (requiredScopes.Any())
{
operation.Responses.Add("401", new Response { Description = "Unauthorized" });
operation.Responses.Add("403", new Response { Description = "Forbidden" }); operation.Security = new List<IDictionary<string, IEnumerable<string>>>();
operation.Security.Add(new Dictionary<string, IEnumerable<string>>
{
{ "oauth2", requiredScopes }
});
}
}
}
在 Action 上添加 Authorize
[HttpGet("{id}")]
[Authorize]
public ActionResult<string> Get(int id)
{
return "value";
}
效果图
//新增的两种返回状态
operation.Responses.Add("401", new Response { Description = "Unauthorized" });
operation.Responses.Add("403", new Response { Description = "Forbidden" });
登录完后请求会带上authorization: Bearer
