NET Core 3.0的JWT身份验证和Swagger [英] JWT Authentication and Swagger with .Net core 3.0

问题描述

我正在使用.Net core 3.0开发一些Web Api，并希望将其与SwashBuckle.Swagger集成. 它工作正常，但是当我添加JWT身份验证时，它无法按我预期的那样工作. 为此，我添加了以下代码:

I am developing some Web Api with .Net core 3.0 and want to integrate it with SwashBuckle.Swagger. It is working fine, but when I add JWT authentication, it does not work as I expect. To do that, I added the code below:

  services.AddSwaggerGen(c =>
        {
            c.SwaggerDoc("v1", new Microsoft.OpenApi.Models.OpenApiInfo { Title = "My Web API", Version = "v1" });
            c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
            {
                Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
                Name = "Authorization",
                In = ParameterLocation.Header,
                Type = SecuritySchemeType.ApiKey
            });

        });

添加AddSecurityDefinition函数后，我可以看到授权"按钮，单击该按钮时，将看到以下表单:

After adding AddSecurityDefinition function, I can see the Authorize button and when I click it, I see the form below:

然后我键入Bearer WhatEverApiKeyIsfgdgdgdg845734987fgdhgiher635kjh，完成此操作后，当我从Swagger向Web Api发送请求时，我希望在请求的标头中看到authorization: Bearer WhatEverApiKeyIsfgdgdgdg845734987fgdhgiher635kjh.但是授权未添加到请求标头中.我正在使用SwashBuckle.Swagger(5.0.0-rc3).请注意，有许多示例可以在.net core 2.0上正常工作，但是Swashbuckle摇摇欲坠的功能在最新版本上已更改，因此我无法使用该示例.

Then I type Bearer WhatEverApiKeyIsfgdgdgdg845734987fgdhgiher635kjh, After doing it I expect to see authorization: Bearer WhatEverApiKeyIsfgdgdgdg845734987fgdhgiher635kjh in the request's header , when I send a request to the Web Api from Swagger. But authorization is not added to the request header. I am using SwashBuckle.Swagger(5.0.0-rc3). Please note there are many samples which work fine on .net core 2.0, but Swashbuckle swagger functions has changed on the latest version so I cannot use that samples.

推荐答案

经过研究，我最终找到了答案此处

After some research, I eventually found the answer here

在看到此页面之前，我知道由于许多示例，我应该在AddSecurityDefinition之后使用AddSecurityRequirement，但是在.NET Core 3.0上功能参数已发生更改是一个问题.

Before seeing this page, I knew that I should use AddSecurityRequirement after AddSecurityDefinition because of many samples, but it was a problem that the function parameters have changed on .NET Core 3.0.

顺便说一句，最终答案如下:

By the way, the final answer is as below:

services.AddSwaggerGen(c =>
{
  c.SwaggerDoc("v1", new OpenApiInfo { 
    Title = "My API", 
    Version = "v1" 
  });
  c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme {
    In = ParameterLocation.Header, 
    Description = "Please insert JWT with Bearer into field",
    Name = "Authorization",
    Type = SecuritySchemeType.ApiKey 
  });
  c.AddSecurityRequirement(new OpenApiSecurityRequirement {
   { 
     new OpenApiSecurityScheme 
     { 
       Reference = new OpenApiReference 
       { 
         Type = ReferenceType.SecurityScheme,
         Id = "Bearer" 
       } 
      },
      new string[] { } 
    } 
  });
});

这篇关于NET Core 3.0的JWT身份验证和Swagger的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！