如何授权Swagger使用MS Graph API [英] How to Authorize Swagger to use MS Graph API

问题描述

我们正在为MS Graph API构建Web API包装器.

We are building a Web API wrapper for MS Graph API.

我想使用Swagger来测试我的API.但是我无法正确配置.我一直收到错误请求，没有其他线索.我无法在这台公司笔记本电脑上安装Fiddler或其他工具来帮助我进行调查.

I want to use Swagger to test my APIs. But I can't get the configuration right. I keep getting Bad Request and no other clue. I can't install Fiddler or other tools on this corporate laptop to help me investigate.

这是错误

这是配置Swagger的代码:

And here is the code to configure Swagger:

app.UseSwaggerUi3WithApiExplorer(settings =>
{
    settings.GeneratorSettings.DefaultPropertyNameHandling = PropertyNameHandling.CamelCase;
    settings.PostProcess = document =>
    {
        document.Info.Title = "App title";
        document.Info.Description = "App description";
    };

    settings.OAuth2Client = new OAuth2ClientSettings
    {
        ClientId = [clientid]
        ClientSecret = [clientsecret]
        AppName = "app_name",
    };
    settings.OAuth2Client.AdditionalQueryStringParameters.Add("response_type", "code id_token");
    settings.OAuth2Client.AdditionalQueryStringParameters.Add("nonce", "AnyValueShouldBeRandom");

    settings.GeneratorSettings.DocumentProcessors.Add(new SecurityDefinitionAppender("Auth Token", new SwaggerSecurityScheme
    {
        Type = SwaggerSecuritySchemeType.OpenIdConnect,
        Description = "Swagger OAuth2",
        OpenIdConnectUrl = "https://login.microsoftonline.com/[tenantid]/v2.0/.well-known/openid-configuration",
        Flow = SwaggerOAuth2Flow.Implicit,
        AuthorizationUrl = "https://login.microsoftonline.com/[tenantid]/oauth2/v2.0/authorize",
        TokenUrl = "https://login.microsoftonline.com/[tenantid]/oauth2/v2.0/token",
        In = SwaggerSecurityApiKeyLocation.Header,

        Scopes = new Dictionary<string, string>
        {
            { "api://[api]/user_impersonation", "" },
            { "user.read", "" },
            { "openid", "" },
            { "email", "" },
            { "profile", "" },
            { "roles", "" }
        }
    }));

    settings.GeneratorSettings.OperationProcessors.Add(new OperationSecurityScopeProcessor("oauth2"));

});

我的问题是我在做什么错了?

My question is what am I doing wrong?

自从今天早上以来，我一直在为此苦苦挣扎.任何帮助，我们将不胜感激.

I have been struggling with this since this morning. Any help is greatly appreciated.

谢谢！

我知道了.

从

Type = SwaggerSecuritySchemeType.OpenIdConnect

到

Type = SwaggerSecuritySchemeType.OAuth2

我还删除了诸如ff行之类的一堆东西

I also removed a bunch of stuff like the ff lines

settings.OAuth2Client.AdditionalQueryStringParameters.Add("response_type", "code id_token");
settings.OAuth2Client.AdditionalQueryStringParameters.Add("nonce", "AnyValueShouldBeRandom");

它现在正在工作.

至少在外面.

Swagger告诉我我已经通过身份验证:

Swagger tells me I am already Authenticated:

但是当我运行应用程序时， HttpContext.User.Identity.IsAuthenticated 告诉我我不是.

BUT when I run the application, HttpContext.User.Identity.IsAuthenticated tells me I'm not.

同样的问题:我在做什么错了?

Same question: What am I doing wrong?

推荐答案

最后我可以回答自己的问题.

Finally I can answer my own question.

这次我不会对自己太苛刻，因为修复方法不是很明显，至少对我来说是如此.

I'm not going to be too hard on myself this time because the fix was not very obvious, at least to me.

显然，

settings.GeneratorSettings.OperationProcessors

应该有一个匹配的

settings.GeneratorSettings.DocumentProcessors

如果我对Google的搜索不够熟练或文档确实无法访问，则部分是我的错.

It's partly my fault if I didn't google hard enough or the docs really wasn't that accessible.

但是这行

settings.GeneratorSettings.OperationProcessors.Add(new OperationSecurityScopeProcessor("oauth2"));

需要一个比赛.因此，替换以下内容

Needs a match. So replace the following

settings.GeneratorSettings.DocumentProcessors.Add(new SecurityDefinitionAppender("Auth Token", new SwaggerSecurityScheme

使用

settings.GeneratorSettings.DocumentProcessors.Add(new SecurityDefinitionAppender("oauth2", new SwaggerSecurityScheme

我希望这对其他人有帮助.

I hope this helps somebody else.

这篇关于如何授权Swagger使用MS Graph API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！