Use JWT (Authorization: Bearer) in Swagger in ASP.NET Core

前端未结

关注

 7  656

闹比i 2020-12-02 15:37

I\'m creating a REST api in ASP.NET Core 1.0. I was using Swagger to test but now I added JWT authorization for some routes. (with UseJwtBearerAuthentication)

7条回答

眼角桃花 (楼主)

2020-12-02 16:09

I would also check for AuthorizeAttribute.

var filterDescriptor = context.ApiDescription.ActionDescriptor.FilterDescriptors;

var hasAuthorizedFilter = filterDescriptor.Select(filterInfo => filterInfo.Filter).Any(filter => filter is AuthorizeFilter);
var allowAnonymous = filterDescriptor.Select(filterInfo => filterInfo.Filter).Any(filter => filter is IAllowAnonymousFilter);
var hasAuthorizedAttribute = context.MethodInfo.ReflectedType?.CustomAttributes.First().AttributeType ==
                                     typeof(AuthorizeAttribute);

if ((hasAuthorizedFilter || hasAuthorizedAttribute) && !allowAnonymous)
{
    var oAuthScheme = new OpenApiSecurityScheme
    {
        Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
    };

    operation.Security = new List
    {
        new OpenApiSecurityRequirement
        {
            [ oAuthScheme ] = new List()
        }
    };
}

Controller Action:

[Authorize(Policy = AppConfiguration.PermissionReadWrite)]
[Route("api/[controller]")]
[ApiController]
public class FooController : ControllerBase
{
   ...
}

0 讨论(0)

查看其它7个回答