C# 通过Swashbuckle(Swagger)从身份验证传递第二个值
我已经设置了Swashback来进行身份验证(它正在工作): 配置服务C# 通过Swashbuckle(Swagger)从身份验证传递第二个值,c#,asp.net-core,asp.net-core-3.1,swashbuckle,swashbuckle.aspnetcore,C#,Asp.net Core,Asp.net Core 3.1,Swashbuckle,Swashbuckle.aspnetcore,我已经设置了Swashback来进行身份验证(它正在工作): 配置服务 services.AddSwaggerGen(c=> { c、 SwaggerDoc(“v1”,新的openapinfo{Title=“WebAPI身份验证测试服务”,Version=“v1”}); c、 AddSecurityDefinition(“oauth2”,新的OpenApiSecurityScheme { 类型=SecuritySchemeType.OAuth2, Flows=新的OpenAPIOuthFlows
services.AddSwaggerGen(c=>
{
c、 SwaggerDoc(“v1”,新的openapinfo{Title=“WebAPI身份验证测试服务”,Version=“v1”});
c、 AddSecurityDefinition(“oauth2”,新的OpenApiSecurityScheme
{
类型=SecuritySchemeType.OAuth2,
Flows=新的OpenAPIOuthFlows
{
AuthorizationCode=新的OpenAPIOuthFlow
{
AuthorizationUrl=新Uri(“https://MyIdp/authorize"),
范围=新字典
{
{“脱机访问”,“发送ID令牌”},{“openid”,“通用开放ID”},
{“配置文件”,“配置文件”}
},
TokenUrl=新Uri(“https://MyIdp/token")
}
}
});
var openApiSecurityRequirement=新的openApiSecurityRequirement();
var openApiSecurityScheme=新的openApiSecurityScheme
{
Reference=new openapirection{Type=ReferenceType.SecurityScheme,Id=“oauth2”}
};
添加(openApiSecurityScheme,新字符串[]{});
c、 添加安全要求(openApiSecurityRequirement);
});
配置
app.UseSwagger(选项=>
{
options.RouteTemplate=“swagger/{documentName}/swagger.json”;
options.PreSerializeFilters.Add((swaggerDoc,httpReq)=>
{
swaggerDoc.Servers=新列表
{
新的OpenApiServer{Url=$“https://{apiGatewayHost}/TestService/v2”},
新OpenApiServer{Url=$“{httpReq.Scheme}://{httpReq.Host.Value}”
};
});
});
app.UseSwaggerUI(选项=>
{
options.SwaggerEndpoint(“/swagger/v1/swagger.json”,“WebAPI身份验证测试服务”);
options.RoutePrefix=string.Empty;
options.OAuthAppName(“招摇过市认证”);
选项。OAuthClientId(“”);
options.OAuthClientSecret(“”);
options.OAuthUsePkce();
});
当我这样做时,它会将访问令牌作为承载令牌添加到所有请求中(就像我希望它那样)
但我还想添加身份验证返回的ID令牌,作为名为UserJwt的HttpHeader
我想我可以设法把ID令牌而不是访问令牌放进去但我两者都需要。
我还可以设法将任何旧标题添加到我的招摇过市调用中(使用操作过滤器)
但是如何才能访问操作筛选器中的ID令牌(从身份验证调用中检索),以便我可以将我的ID令牌包含为标头?
更新:看起来
OperationFilter
在进行身份验证之前运行。因此,这将不是一个可行的方式来获得标题添加
不确定是否有其他过滤器或其他挂钩可供使用
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "WebAPI Authentication Test Service", Version = "v1" });
c.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,
Flows = new OpenApiOAuthFlows
{
AuthorizationCode = new OpenApiOAuthFlow
{
AuthorizationUrl = new Uri("https://MyIdp/authorize"),
Scopes = new Dictionary<string, string>
{
{"offline_access", "Sends the ID Token"}, {"openid", "Generic open Id"},
{"profile", "profile"}
},
TokenUrl = new Uri("https://MyIdp/token")
}
}
});
var openApiSecurityRequirement = new OpenApiSecurityRequirement();
var openApiSecurityScheme = new OpenApiSecurityScheme
{
Reference = new OpenApiReference {Type = ReferenceType.SecurityScheme, Id = "oauth2"}
};
openApiSecurityRequirement.Add(openApiSecurityScheme, new string[] { });
c.AddSecurityRequirement(openApiSecurityRequirement);
});
app.UseSwagger(options =>
{
options.RouteTemplate = "swagger/{documentName}/swagger.json";
options.PreSerializeFilters.Add((swaggerDoc, httpReq) =>
{
swaggerDoc.Servers = new List<OpenApiServer>
{
new OpenApiServer {Url = $"https://{apiGatewayHost}/TestService/v2"},
new OpenApiServer {Url = $"{httpReq.Scheme}://{httpReq.Host.Value}"}
};
});
});
app.UseSwaggerUI(options =>
{
options.SwaggerEndpoint("/swagger/v1/swagger.json", "WebAPI Authentication Test Service");
options.RoutePrefix = string.Empty;
options.OAuthAppName("Swagger Authentication");
options.OAuthClientId("<Client Id Here>");
options.OAuthClientSecret("<Client Secret Here>");
options.OAuthUsePkce();
});