Swashbuckle.AspNetCore v1.0.0 with OAuth2,流程:应用程序 ->身份服务器4 [英] Swashbuckle.AspNetCore v1.0.0 with OAuth2, flow : application -> IdentityServer4
问题描述
我似乎无法让我的 .net 核心 Web API 与 swashbuckle、OAuth2 与应用程序流程一起使用.当我单击 Authorize 按钮时,Fiddler 显示调用正常,并且我的本地 IdentityServer(4) 回复了一个 access_token.这一切都很棒,但我不认为 Swagger 会注意到这一点,什么也没有发生,而且我无法在没有收到 401 的情况下触发我的控制器方法.我看不到 cookie,什么也没有.我确定我错过了一些非常微不足道的东西.有人可以帮我吗?
I can't seem to make my .net core web API work with swashbuckle, OAuth2 with an application flow. When I click the Authorize button, Fiddler shows that the call is OK and my local IdentityServer(4) replies with an access_token. That's all great and all but I don't think Swagger picks this up, there's nothing happening and I can't trigger my controller methods without getting a 401. I see no cookies, nothing. I'm sure I'm missing something super trivial. Can someone help me out?
相关代码:
Startup.cs 中的配置服务
ConfigureServices in Startup.cs
c.AddSecurityDefinition("oauth2", new OAuth2Scheme
{
Type = "oauth2",
Flow = "application",
TokenUrl = "http://localhost:61798/connect/token",
Scopes = new Dictionary<string, string>
{
{ "readAccess", "Access read operations" },
{ "writeAccess", "Access write operations" }
}
});
在 Startup.cs 中配置
Configure in Startup.cs
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
Authority = "http://localhost:61798",
RequireHttpsMetadata = false,
ApiName = "api1",
AutomaticAuthenticate = true, //Doesn't change anything...
});
....
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "V1 Docs");
c.ConfigureOAuth2("Swagger", "swaggersecret", "swaggerrealm", "Swagger UI");
});
我的 IdentityServer 配置正常.我可以在 Postman 和一个简单的客户端中调用这个 API,没有任何问题.我唯一的问题是 Swagger (Swashbuckle.AspNetCore 1.0.0).
My IdentityServer is configured OK. I can call this API in Postman and a simple client without any problem. My only problem is Swagger (Swashbuckle.AspNetCore 1.0.0).
推荐答案
对于当前项目,我们有一个非常相似的设置.我们的 rest api 使用 jwt 不记名身份验证和 azure ad b2c 进行保护.在这种情况下,没有办法大摇大摆地自动拿起令牌.
We have a very similar setup for a current project. Our rest api is secured with jwt bearer authentication and azure ad b2c. In this case there is no way swagger to pick up automatically the token.
此解决方案非常适合我们:https://stackoverflow.com/a/39759152/536196
This solution works perfect for us: https://stackoverflow.com/a/39759152/536196
services.AddSwaggerGen(c =>
{
c.OperationFilter<AuthorizationHeaderParameterOperationFilter>();
});
之后,当您运行 swagger UI 时,您应该会看到一个额外的令牌字段.
After that when you run your swagger UI, you should see an additional field for the token.
这篇关于Swashbuckle.AspNetCore v1.0.0 with OAuth2,流程:应用程序 ->身份服务器4的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!