c# - How can I setup SwashBuckle.AspNetCore.Swagger to use Authorization? -


i have documented api using swashbuckle.aspnetcore.swagger , want test resources have authorize attribute on them using swagger ui.

api

 using microsoft.aspnetcore.authorization;     using microsoft.aspnetcore.mvc;     using system.linq;      namespace api.controllers     {         [route("[controller]")]         [authorize]         public class identitycontroller : controllerbase         {             [httpget]             public iactionresult get()             {                 return new jsonresult(from c in user.claims select new { c.type, c.value });             }         }     }

swagger ui

response code unauthorized 401, how can authorize using swagger?

i have authorization server setup using identityserver4.

authorization server - startup.cs

services.addidentityserver()         .addtemporarysigningcredential()         .addinmemorypersistedgrants()         .addinmemoryidentityresources(config.getidentityresources())         .addinmemoryapiresources(config.getapiresources())         .addinmemoryclients(config.getclients())         .addaspnetidentity<applicationuser>();

authorization server - config.cs

    public class config {     // scopes define resources in system     public static ienumerable<identityresource> getidentityresources()     {         return new list<identityresource>         {             new identityresources.openid(),             new identityresources.profile(),         };     }      public static ienumerable<apiresource> getapiresources()     {         return new list<apiresource>         {             new apiresource("api1", "my api")         };     }    ...    ... }

api - startup.cs

// method gets called runtime. use method configure http request pipeline.     public void configure(iapplicationbuilder app, ihostingenvironment env, iloggerfactory loggerfactory,         ecommercedbcontext context)     {         loggerfactory.addconsole(configuration.getsection("logging"));         loggerfactory.adddebug();          app.useidentityserverauthentication(new identityserverauthenticationoptions         {             authority = "http://localhost:5000/",             requirehttpsmetadata = false,             automaticauthenticate = true,             apiname = "api1"         });           // enable middleware serve generated swagger json endpoint.         app.useswagger();          // enable middleware serve swagger-ui (html, js, css etc.), specifying swagger json endpoint.         app.useswaggerui(c =>         {             c.swaggerendpoint("/swagger/v1/swagger.json", "my api v1");         });          dbinitialiser.init(context);          app.usemvc();     }

i want authorize button redirects login screen , grants access api resources user has permissions for. possible use asp.net core 1.1 swagger middleware this? or need write javascript gets token identityserver4 authorization server? please new authentication , authorization

i solved adding new client identityserver4 authorization server project.

config.cs

 // clients want access resources (aka scopes)         public static ienumerable<client> getclients()         {             // client credentials client             return new list<client>             {                 new client                 {                     clientid="swaggerui",                     clientname = "swagger ui",                     allowedgranttypes=granttypes.implicit,                     allowaccesstokensviabrowser=true,                     redirecturis = { "http://localhost:49831/swagger/o2c.html" },                     postlogoutredirecturis={ "http://localhost:49831/swagger/" },                     allowedscopes = {"api1"}                 },     ...     ...     ...    } }

i created swagger operationfilter in tha api red exclamation mark icon appears next method requires authorization

internal class authorizecheckoperationfilter : ioperationfilter     {         public void apply(operation operation, operationfiltercontext context)         {             // check authorize attribute             var hasauthorize = context.apidescription.controllerattributes().oftype<authorizeattribute>().any() ||                                context.apidescription.actionattributes().oftype<authorizeattribute>().any();              if (hasauthorize)             {                 operation.responses.add("401", new response { description = "unauthorized" });                 operation.responses.add("403", new response { description = "forbidden" });                  operation.security = new list<idictionary<string, ienumerable<string>>>();                 operation.security.add(new dictionary<string, ienumerable<string>>             {                 { "oauth2", new [] { "api1" } }             });             }         }     }

to finish configured authorization in swagger adding oauth2 security definition , operationfilter

startup.cs

 services.addswaggergen(c =>             {                 c.swaggerdoc("v1", new info                 {                     version = "v1",                     title = "ecommerce api",                     description = "",                     termsofservice = "none",                     contact = new contact { name = "", email = "", url = "" },                     license = new license { name = "", url = "" }                 });                  //set comments path swagger json , ui.                 var basepath = platformservices.default.application.applicationbasepath;                 var xmlpath = path.combine(basepath, "webapi.xml");                 c.includexmlcomments(xmlpath);                  c.operationfilter<authorizecheckoperationfilter>();                  c.addsecuritydefinition("oauth2", new oauth2scheme                 {                     type = "oauth2",                     flow = "implicit",                     authorizationurl = "http://localhost:5000/connect/authorize",                     tokenurl = "http://localhost:5000/connect/token",                     scopes = new dictionary<string, string>()                     {                         { "api1", "my api" }                     }                 });             });

Comments

Post a Comment

Popular posts from this blog

ubuntu - PHP script to find files of certain extensions in a directory, returns populated array when run in browser, but empty array when run from terminal -

i running os ububtu 16.04. ultimate goal able run php script cron job every minute. here php script located @ /var/www/html/tests/test/index.php : <?php $directorypath = $_server['document_root']."/tests/test/data/"; echo "directorypath: $directorypath<br><br>";//check $imagefilepathsarray = glob($directorypath . "*.{png,gif}", glob_brace); echo "<br><br>imagefilepathsarray: "; print_r($imagefilepathsarray);//check ?> when open php script in browser visiting url my-ip-address/tests/test/index.php , get: directorypath: /var/www/html/tests/test/data/ imagefilepathsarray:array( [0] => /var/www/html/tests/test/data/pic.png [1] => /var/www/html/tests/test/data/pic.gif ) before writing cron job in crontab file, need check if can run anywhere using terminal . opened ubuntu terminal @ /home/ location, , executed in terminal: sudo php /var/www/html/tests/test/index.php i got following out...
Read more

php - How can i create a user dashboard -

today have questions you, want create user dashboard site, include (obviously), users data, example -email -username -and others stuff how can information, , print them in html page? if can, how can these information via php sessions? shuld use session? example, if user login, , start new session ( session_start() ), how can data print in dashboard? should use php "project"? in advice, have day , thank time!
Read more

javascript - How to detect toggling of the fullscreen-toolbar in jQuery Mobile? -

i have jquery mobile page fixed full-screen toolbar, data-tap-toggle enabled. straight under toolbar have positioned banner should slide upwards when toolbar hiding , slide downward when toolbar showing. jquery mobile toggles toolbar applying , removing ui-fixed-hidden class - sadly, can't find in documentation of toolbar widget toggle , hide or show event that. how can detect when toolbar toggled, reposition banner? .banner { position: fixed; background-color: darkseagreen; top: 46px; min-height: 48px; width: 100%; text-align: center; line-height: 48px; } <!doctype html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no"> <link rel="stylesheet" href="https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.css"> <script src="https://code.jquery.com/jquery-1....
Read more