C# Swashbuckle.NET核心自定义授权标头不会反映在任何API请求中
在过去的几天里,我一直在仔细阅读文档,以实现对Swashback.AspNetCore 5.x.x的自定义授权头支持,并且无法传播SwaggerUI,从而正确地将API请求从API文档发送到任何API(API被命中,但它总是在“我的授权”属性处失败,因为包含API密钥的头密钥为空) 我还偶然发现了以下问题: 我使用的是5.2.0版本的Swashback的.NET Core 3.1.2包 好像不管用!:( 这是我的C# Swashbuckle.NET核心自定义授权标头不会反映在任何API请求中,c#,.net-core,dependency-injection,swashbuckle,swashbuckle.aspnetcore,C#,.net Core,Dependency Injection,Swashbuckle,Swashbuckle.aspnetcore,在过去的几天里,我一直在仔细阅读文档,以实现对Swashback.AspNetCore 5.x.x的自定义授权头支持,并且无法传播SwaggerUI,从而正确地将API请求从API文档发送到任何API(API被命中,但它总是在“我的授权”属性处失败,因为包含API密钥的头密钥为空) 我还偶然发现了以下问题: 我使用的是5.2.0版本的Swashback的.NET Core 3.1.2包 好像不管用!:( 这是我的ConfigureServices,用于身份验证、授权和招摇过市 servic
ConfigureServices
,用于身份验证、授权和招摇过市
services.AddAuthentication(options =>
{
options.DefaultScheme = ApiKeyAuthenticationOptions.DefaultScheme;
options.DefaultAuthenticateScheme = ApiKeyAuthenticationOptions.DefaultScheme;
})
.AddScheme<ApiKeyAuthenticationOptions, ApiKeyAuthenticationHandler>(
ApiKeyAuthenticationOptions.DefaultScheme, o => { });
services.AddAuthorization(options =>
{
var defaultAuthorizationPolicyBuilder = new AuthorizationPolicyBuilder(
ApiKeyAuthenticationOptions.DefaultScheme);
defaultAuthorizationPolicyBuilder =
defaultAuthorizationPolicyBuilder.RequireAuthenticatedUser();
options.DefaultPolicy = defaultAuthorizationPolicyBuilder.Build();
});
services.AddSwaggerGen(config =>
{
config.SwaggerDoc(GlobalApiVariables.CURRENT_API_VERSION, new OpenApiInfo {
Title = "XXXX API",
Version = GlobalApiVariables.CURRENT_API_REVISION.ToString()
});
config.EnableAnnotations();
// Adds "(Auth)" to the summary so that you can see which endpoints have Authorization
config.OperationFilter<AppendAuthorizeToSummaryOperationFilter>();
// or use the generic method, e.g. c.OperationFilter<AppendAuthorizeToSummaryOperationFilter<MyCustomAttribute>>();
// [SwaggerRequestExample] & [SwaggerResponseExample]
// version < 3.0 like this: c.OperationFilter<ExamplesOperationFilter>();
// version 3.0 like this: c.AddSwaggerExamples(services.BuildServiceProvider());
// version > 4.0 like this:
config.ExampleFilters();
config.OperationFilter<AddResponseHeadersFilter>(); // [SwaggerResponseHeader]
// Locate the XML file being generated by .NET Core
var filePath = Path.Combine(AppContext.BaseDirectory,
$"{Assembly.GetExecutingAssembly().GetName().Name}.xml");
config.IncludeXmlComments(filePath);
// Define the Api Key scheme that's in use (i.e. Implicit Flow)
config.AddSecurityDefinition(ApiKeyAuthenticationOptions.DefaultScheme, new OpenApiSecurityScheme
{
Description = "Testtest",
In = ParameterLocation.Header,
Name = ApiKeyAuthenticationOptions.HeaderKey,
Type = SecuritySchemeType.ApiKey,
Flows = new OpenApiOAuthFlows
{
Implicit = new OpenApiOAuthFlow
{
AuthorizationUrl = new Uri("/connect/validate", UriKind.Relative),
Scopes = new Dictionary<string, string>
{
{ "readAccess", "Access read operations" },
{ "writeAccess", "Access write operations" }
}
}
}
});
// add Security information to each operation for OAuth2
config.OperationFilter<SecurityRequirementsOperationFilter>();
config.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = ApiKeyAuthenticationOptions.DefaultScheme
}
},
new[] { "readAccess", "writeAccess" }
}
});
});
services.AddSwaggerExamplesFromAssemblies(Assembly.GetEntryAssembly());
以下是ApiKeyAuthenticationOptions
,如果需要:
public class ApiKeyAuthenticationOptions : AuthenticationSchemeOptions
{
public const string DefaultScheme = "API Key";
public string Scheme => DefaultScheme;
public string AuthenticationType = DefaultScheme;
public const string HeaderKey = "X-Api-Key";
}
还有,下面是测试:
提前让我知道我做错了什么
public class ApiKeyAuthenticationOptions : AuthenticationSchemeOptions
{
public const string DefaultScheme = "API Key";
public string Scheme => DefaultScheme;
public string AuthenticationType = DefaultScheme;
public const string HeaderKey = "X-Api-Key";
}