zoukankan      html  css  js  c++  java
  • swaggerui集成oauth implicit

    swaggerui集成oauth implicit

    添加引用
    Swashbuckle.AspNetCore
    IdentityServer4.AccessTokenValidation

    预先准备好IdentityServer4配置client与Api Resources
    Startup 配置 Authentication Api Resources 和SwaggerUI Client配置

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc(option =>
        {
            option.Filters.Add(typeof(ActionFilter));
            option.Filters.Add(typeof(ExceptionFilter));
        })
        .SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
        string youAuthority = "http://127.0.0.1";
        services.AddAuthentication("Bearer")
            .AddIdentityServerAuthentication(options =>
            {
                options.Authority = youAuthority;
                options.ApiName = "Api";
                options.RequireHttpsMetadata = false;
            });
    
        services.AddSwaggerGen(options =>
        {
            options.SwaggerDoc("v1", new Info { Title = "Test Service API", Version = "v1" });
            options.DocInclusionPredicate((docName, description) => true);
            options.CustomSchemaIds(type => type.FullName);
    
            options.AddSecurityDefinition("oauth2", new OAuth2Scheme
            {
                Type = "oauth2",
                Flow = "implicit",
                AuthorizationUrl = $"{youAuthority}/connect/authorize",
                TokenUrl = $"{youAuthority}/connect/token",
                Scopes = new Dictionary<string, string>()
                {
                    { "scope", "定义的scope" }  //Api Resources 中的 scope
                }
            });
    
            options.OperationFilter<AuthResponsesOperationFilter>();
        });
    }
    
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        app.UseAuthentication();
        app.UseMiddleware<FirstMiddleware>();
    
        app.UseMvc();
        
        app.UseSwagger().
            UseSwaggerUI(options =>![](https://img2018.cnblogs.com/blog/355798/201903/355798-20190328201652364-1689226610.png)
    
            {
                options.SwaggerEndpoint("/swagger/v1/swagger.json", "Test Service API");
                //支持 implicit 的 Client
                options.OAuthClientId("swaggerui");
                options.OAuthAppName("Test Service Swagger Ui");
            });
    }
    

    对有鉴权属性的方法添加请求时传递token和添加预设返回状态

    public class AuthResponsesOperationFilter : IOperationFilter
    {
        public void Apply(Operation operation, OperationFilterContext context)
        {
            // 反射Controller 包含 AuthorizeAttribute 时在请求头添加authorization: Bearer 
            var controllerScopes = context.ApiDescription.ControllerAttributes()
                .OfType<AuthorizeAttribute>()
                .Select(attr => attr.Policy);
    
            var actionScopes = context.MethodInfo
                .GetCustomAttributes(true)
                .OfType<AuthorizeAttribute>()
                .Select(attr => attr.Policy)
                .Distinct();
    
            var requiredScopes = controllerScopes.Union(actionScopes).Distinct();
    
            if (requiredScopes.Any())
            {
                operation.Responses.Add("401", new Response { Description = "Unauthorized" });
                operation.Responses.Add("403", new Response { Description = "Forbidden" });
    
                operation.Security = new List<IDictionary<string, IEnumerable<string>>>();
                operation.Security.Add(new Dictionary<string, IEnumerable<string>>
                {
                    { "oauth2", requiredScopes }
                });
            }
        }
    }
    

    在 Action 上添加 Authorize

    [HttpGet("{id}")]
    [Authorize]
    public ActionResult<string> Get(int id)
    {
        return "value";
    }
    

    效果图

    //新增的两种返回状态
    operation.Responses.Add("401", new Response { Description = "Unauthorized" });
    operation.Responses.Add("403", new Response { Description = "Forbidden" });
    

    登录完后请求会带上authorization: Bearer

    示例代码
    Swashbuckle.AspNetCore

  • 相关阅读:
    【系统安全性】一、背景、原理与解决思路
    Spring Boot使用阿里云证书启用HTTPS
    图片上传前先在本地预览
    gulp的使用以及Gulp新手入门教程
    bootstrap datetimepicker、bootstrap datepicker日期组件对范围的简单封装
    作为程序员,你关注哪些国外 IT 网站?
    sql server 2014安装后用sa登录问题
    win server2012r2上发布网站常见错误 "HTTP 错误 500.19 请求的页面的相关配置数据无效" 解决办法
    dapper使用时性能优化
    解决Web部署 svg/woff/woff2字体 404错误
  • 原文地址:https://www.cnblogs.com/ddrsql/p/10617370.html
Copyright © 2011-2022 走看看