[英]How can I send "audience" field in oauth2/token call made by Swagger-ui?
I am using Swagger-UI with Swashbuckle v5.6 to document an Auth0 (OAuth2) secured .NET Web API. I've been trying to configure Swagger to obtain a token in the UI from Auth0 service.我正在使用带有 Swashbuckle v5.6 的 Swagger-UI 来记录 Auth0 (OAuth2) 安全 .NET Web API。我一直在尝试配置 Swagger 以从 Auth0 服务获取 UI 中的令牌。 So far I've managed to do that, but the problem is that I need to send in the POST /token request's body the "audience" field, and I am struggling to find out how to do that from SwaggerConfig.cs.到目前为止,我已经设法做到了这一点,但问题是我需要在 POST /token 请求的主体中发送“受众”字段,我正在努力从 SwaggerConfig.cs 中找出如何做到这一点。
So far my SwaggerConfig.cs looks like this:到目前为止,我的 SwaggerConfig.cs 看起来像这样:
public class SwaggerConfig
{
public static void Register()
{
var thisAssembly = typeof(SwaggerConfig).Assembly;
string appName = "myApi";
var audience = System.Configuration.ConfigurationManager.AppSettings["AuthAudience"];
string tokenUrl = "somethingsomething/oauth/token";
GlobalConfiguration.Configuration
.EnableSwagger(c =>
{
c.SingleApiVersion("v1", "myApi");
c.IncludeXmlComments(string.Format(@"{0}\bin\myApi.XML", System.AppDomain.CurrentDomain.BaseDirectory));
c.DescribeAllEnumsAsStrings();
c.OAuth2("oauth2")
.Description("client credentials grant flow")
.Flow("password")
.TokenUrl(tokenUrl)
.Scopes(scopes =>
{
scopes.Add("myapi", "openid profile email address phone");
});
c.OperationFilter<AssignOperationFilters>();
c.DocumentFilter<SecurityRequirementsDocumentFilter>();
})
.EnableSwaggerUi(c =>
{
var clientId = System.Configuration.ConfigurationManager.AppSettings["Auth0ApiClientId"];
var clientSecret = System.Configuration.ConfigurationManager.AppSettings["Auth0ApiClientSecret"];
var additionalParams = new Dictionary<string, string>{ {"audience", audience } };
c.EnableOAuth2Support(clientId,
clientSecret,
appName,
"tmdq",
additionalQueryStringParams: additionalParams);
});
}
}
In Swagger starting in version 6.0.0 you can use Request Interceptor like this:在从 6.0.0 版开始的 Swagger 中,您可以像这样使用请求拦截器:
app.UseSwaggerUI(options =>
{
options.UseRequestInterceptor("(req) => { if (req.url.endsWith('oauth/token') && req.body) req.body += '&audience=" + appsettings.Audience + "'; return req; }");
});
Your can use OAuthAdditionalQueryStringParams...您可以使用 OAuthAdditionalQueryStringParams ...
app.UseSwaggerUI(options =>
{
options.OAuthClientId("YOUR_CLIENT_ID");
options.SwaggerEndpoint("v1/swagger.json", "v1");
options.OAuthAdditionalQueryStringParams(new Dictionary<string, string>() { {"audience","YOUR_AUDIENCE"}});
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.