在 Swashbuckle oauth 2 密码流程中,未传入用户名和密码 headers
In Swashbuckle oauth 2 password flow, username and password are not passed in headers
我在我的项目中使用 swashbuckle.core。
下面是 SwaggerConfig.cs:
using System.Web.Http;
using Swashbuckle.Application;
using WebActivator;
using System.Collections.Generic;
using System;
using Swashbuckle.Swagger;
using System.Web.Http.Description;
using System.Linq;
using System.Web.Http.Filters;
public class SwaggerConfig
{
public static void Register()
{
var thisAssembly = typeof(SwaggerConfig).Assembly;
GlobalConfiguration.Configuration
.EnableSwagger(c =>
{
c.SingleApiVersion("v1", "Test.Framework.Rest.ApplicationService");
c.UseFullTypeNameInSchemaIds();
c.PrettyPrint();
c.OAuth2("oauth2")
.Description("OAuth2 Password Grant")
.Flow("password")
.TokenUrl("https://BLR2TCM29.test/SecureTokenServiceRestV4.0/api/authorization/requestaccesstoken")
.Scopes(scopes =>
{
scopes.Add("oauth2", "AUTHORIZATION");
}
);
c.OperationFilter<AddRequiredAuthorizationHeaderParameter>();
})
.EnableSwaggerUi(c =>
{
c.EnableOAuth2Support(
clientId: "Sample_App",
clientSecret: "xxxxx",
realm: "test-realm",
appName: "Swagger UI",
additionalQueryStringParams: new Dictionary<string, string>() { { "loginname", "password" } });
});
}
public class AddRequiredAuthorizationHeaderParameter : IOperationFilter
{
public void Apply(Operation operation, SchemaRegistry schemaRegistry, ApiDescription apiDescription)
{
var actFilters = apiDescription.ActionDescriptor.GetFilterPipeline();
var allowsAnonymous = actFilters.Select(f => f.Instance).OfType<OverrideAuthorizationAttribute>().Any();
if (allowsAnonymous)
return; // must be an anonymous method
if (operation.security == null)
operation.security = new List<IDictionary<string, IEnumerable<string>>>();
var oAuthRequirements = new Dictionary<string, IEnumerable<string>>
{
{ "oauth2", new string[]{ "AUTHORIZATION"} }
};
operation.security.Add(oAuthRequirements);
}
}
private static string GetXmlCommentsPath()
{
return System.AppDomain.CurrentDomain.BaseDirectory + @"\bin\Test.Rest.ApplicationService.Swagger.xml";
}
}
API 正在获取令牌,但 headers 值,即用户名和密码不存在。
如果我缺少任何配置,请告诉我。
swashbuckle oauth2 密码流程的任何示例都会有所帮助。
重要提示:不要为 Swashbuckle.Aspnet 提供解决方案,因为我正在使用 Swashbuckle.Core
我终于找到了它不起作用的原因。
Swashbuckle 在 body 中传递数据而不是 header 也形成数据类型。
api端接收数据:
[System.Web.Http.HttpPost()]
[Route(RELATIVE_PATH + AUTHORIZATION + "/requestauthenticationaccesstoken/")]
public OAuthResponse AuthenticationAccessToken([FromBody] UserData value)
UserData 包含 getter setter 用于用户名、密码、范围和 grant_type。
在这个 oauth2 密码流认证之后工作正常。
我在我的项目中使用 swashbuckle.core。 下面是 SwaggerConfig.cs:
using System.Web.Http;
using Swashbuckle.Application;
using WebActivator;
using System.Collections.Generic;
using System;
using Swashbuckle.Swagger;
using System.Web.Http.Description;
using System.Linq;
using System.Web.Http.Filters;
public class SwaggerConfig
{
public static void Register()
{
var thisAssembly = typeof(SwaggerConfig).Assembly;
GlobalConfiguration.Configuration
.EnableSwagger(c =>
{
c.SingleApiVersion("v1", "Test.Framework.Rest.ApplicationService");
c.UseFullTypeNameInSchemaIds();
c.PrettyPrint();
c.OAuth2("oauth2")
.Description("OAuth2 Password Grant")
.Flow("password")
.TokenUrl("https://BLR2TCM29.test/SecureTokenServiceRestV4.0/api/authorization/requestaccesstoken")
.Scopes(scopes =>
{
scopes.Add("oauth2", "AUTHORIZATION");
}
);
c.OperationFilter<AddRequiredAuthorizationHeaderParameter>();
})
.EnableSwaggerUi(c =>
{
c.EnableOAuth2Support(
clientId: "Sample_App",
clientSecret: "xxxxx",
realm: "test-realm",
appName: "Swagger UI",
additionalQueryStringParams: new Dictionary<string, string>() { { "loginname", "password" } });
});
}
public class AddRequiredAuthorizationHeaderParameter : IOperationFilter
{
public void Apply(Operation operation, SchemaRegistry schemaRegistry, ApiDescription apiDescription)
{
var actFilters = apiDescription.ActionDescriptor.GetFilterPipeline();
var allowsAnonymous = actFilters.Select(f => f.Instance).OfType<OverrideAuthorizationAttribute>().Any();
if (allowsAnonymous)
return; // must be an anonymous method
if (operation.security == null)
operation.security = new List<IDictionary<string, IEnumerable<string>>>();
var oAuthRequirements = new Dictionary<string, IEnumerable<string>>
{
{ "oauth2", new string[]{ "AUTHORIZATION"} }
};
operation.security.Add(oAuthRequirements);
}
}
private static string GetXmlCommentsPath()
{
return System.AppDomain.CurrentDomain.BaseDirectory + @"\bin\Test.Rest.ApplicationService.Swagger.xml";
}
}
API 正在获取令牌,但 headers 值,即用户名和密码不存在。
如果我缺少任何配置,请告诉我。
swashbuckle oauth2 密码流程的任何示例都会有所帮助。
重要提示:不要为 Swashbuckle.Aspnet 提供解决方案,因为我正在使用 Swashbuckle.Core
我终于找到了它不起作用的原因。 Swashbuckle 在 body 中传递数据而不是 header 也形成数据类型。
api端接收数据:
[System.Web.Http.HttpPost()]
[Route(RELATIVE_PATH + AUTHORIZATION + "/requestauthenticationaccesstoken/")]
public OAuthResponse AuthenticationAccessToken([FromBody] UserData value)
UserData 包含 getter setter 用于用户名、密码、范围和 grant_type。
在这个 oauth2 密码流认证之后工作正常。