ASP Net Core 2.2 add locker icon only to methods that require authorization - Swagger UI

后端未结

关注

 2  1650

抹茶落季 2021-01-12 17:12

Versions:

ASP Net Core Web API - 2.2
Swashbuckle.AspNetCore - 4.0.1

What I currently have?

I have implemented swagg

2条回答

南方客 (楼主)

2021-01-12 17:36

Since it went more than a month since I asked this one. Here is how I did it.

I deleted the following code from Startup.cs:

c.AddSecurityDefinition("Bearer", new ApiKeyScheme
{
    In = "header",
    Description = "Please enter into field the word 'Bearer' following by space and your JWT token",
    Name = "Authorization",
    Type = "apiKey"
});
c.AddSecurityRequirement(new Dictionary>
{
    { "Bearer", Enumerable.Empty() },
});

And I added the following one:

c.OperationFilter();

And of course the AddAuthHeaderOperationFilter.cs:

    public class AddAuthHeaderOperationFilter : IOperationFilter
    {
        private readonly IHttpContextAccessor httpContextAccessor;

        public AddAuthHeaderOperationFilter(IHttpContextAccessor httpContextAccessor)
        {
            this.httpContextAccessor = httpContextAccessor;
        }

        public void Apply(Operation operation, OperationFilterContext context)
        {
            var filterDescriptor = context.ApiDescription.ActionDescriptor.FilterDescriptors;
            var isAuthorized = filterDescriptor.Select(filterInfo => filterInfo.Filter).Any(filter => filter is AuthorizeFilter);
            var allowAnonymous = filterDescriptor.Select(filterInfo => filterInfo.Filter).Any(filter => filter is IAllowAnonymousFilter);

            if (isAuthorized && !allowAnonymous)
            {
                if (operation.Parameters == null)
                    operation.Parameters = new List();

                operation.Parameters.Add(new NonBodyParameter
                {
                    Name = "Authorization",
                    In = "header",
                    Description = "JWT access token",
                    Required = true,
                    Type = "string",
                    //Default = $"Bearer {token}"
                });

                operation.Responses.Add("401", new Response { Description = "Unauthorized" });
                operation.Responses.Add("403", new Response { Description = "Forbidden" });

                operation.Security = new List>>();

                //Add JWT bearer type
                operation.Security.Add(new Dictionary>
                {
                    { "Bearer", new string[] { } }
                });
            }
        }
    }

Shortly, this OperationFilter class only adds the locker icon to methods that require Authorization. The locker is always Opened though. So not the perfect solution, but for now is ok.

Here is how it looks:

Note: So if you want to test the API, you first get a token and then fill it where needed.

0 讨论(0)

查看其它2个回答