JWT 身份验证和 Swagger 与 .NET Core 3.0 [英] JWT Authentication and Swagger with .NET Core 3.0

查看:32
本文介绍了JWT 身份验证和 Swagger 与 .NET Core 3.0的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用 .NET Core 3.0 开发一些 Web API,并希望将其与 SwashBuckle.Swagger 集成.它工作正常,但是当我添加 JWT 身份验证时,它无法按我预期的那样工作.为此,我添加了以下代码:

I am developing some Web API with .NET Core 3.0 and want to integrate it with SwashBuckle.Swagger. It is working fine, but when I add JWT authentication, it does not work as I expect. To do that, I added the code below:

services.AddSwaggerGen(c =>
    {
        c.SwaggerDoc("v1", new Microsoft.OpenApi.Models.OpenApiInfo { Title = "My Web API", Version = "v1" });
        c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
        {
            Description = "JWT Authorization header using the Bearer scheme. Example: "Authorization: Bearer {token}"",
            Name = "Authorization",
            In = ParameterLocation.Header,
            Type = SecuritySchemeType.ApiKey
        });
    });

添加AddSecurityDefinition函数后,我可以看到授权按钮,当我点击它时,我看到下面的表格:

After adding AddSecurityDefinition function, I can see the Authorize button and when I click it, I see the form below:

然后我输入Bearer WhatEverApiKeyIsfgdgdgdg845734987fgdhgiher635kjh.执行此操作后,当我从 Swagger 向 Web API 发送请求时,我希望在请求标头中看到 authorization: Bearer WhatEverApiKeyIsfgdgdgdg845734987fgdhgiher635kjh,但未将授权添加到请求标头中.我正在使用 SwashBuckle.Swagger(5.0.0-rc3).请注意,有许多示例在 .NET Core 2.0 上运行良好,但 Swashbuckle swagger 函数在最新版本中发生了变化,因此我无法使用这些示例.

Then I type Bearer WhatEverApiKeyIsfgdgdgdg845734987fgdhgiher635kjh. After doing it, I expect to see authorization: Bearer WhatEverApiKeyIsfgdgdgdg845734987fgdhgiher635kjh in the request's header when I send a request to the Web API from Swagger, but authorization is not added to the request header. I am using SwashBuckle.Swagger(5.0.0-rc3). Please note there are many samples which work fine on .NET Core 2.0, but Swashbuckle swagger functions has changed on the latest version so I cannot use those samples.

推荐答案

经过一番研究,我终于找到了答案 这里

After some research, I eventually found the answer here

在看到这个页面之前,我知道我应该在AddSecurityDefinition之后使用AddSecurityRequirement,因为样本很多,但是在.NET上函数参数发生了变化是一个问题核心 3.0.

Before seeing this page, I knew that I should use AddSecurityRequirement after AddSecurityDefinition because of many samples, but it was a problem that the function parameters have changed on .NET Core 3.0.

顺便说一下,最终答案如下:

By the way, the final answer is as below:

services.AddSwaggerGen(c =>
{
  c.SwaggerDoc("v1", new OpenApiInfo { 
    Title = "My API", 
    Version = "v1" 
  });
  c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme {
    In = ParameterLocation.Header, 
    Description = "Please insert JWT with Bearer into field",
    Name = "Authorization",
    Type = SecuritySchemeType.ApiKey 
  });
  c.AddSecurityRequirement(new OpenApiSecurityRequirement {
   { 
     new OpenApiSecurityScheme 
     { 
       Reference = new OpenApiReference 
       { 
         Type = ReferenceType.SecurityScheme,
         Id = "Bearer" 
       } 
      },
      new string[] { } 
    } 
  });
});

这篇关于JWT 身份验证和 Swagger 与 .NET Core 3.0的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆