[英]Swashbuckle Swagger C# WebApi Core 2.0 - “Produces” is empty
[英]C#: Swagger/Swashbuckle - Connect security schemes with "AND"
我有一个 ASP.NET Core Api,其中需要对一个操作使用多个身份验证方案。 我试图通过在 Swagger UI 中显示所有必需的身份验证方案来记录这些操作。 因此,我使用Swashbuckle.AspNetCore (5.1.0)库将OpenApiSecurityRequirement
动态添加到IOperationFilter
的OpenApiOperation
:
if (authorizeAttributes.Any(x => x.AuthenticationSchemes.Contains(InternalControllerBasicAuthentication.AuthenticationScheme)))
{
requirements.Add(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme {
Reference = new OpenApiReference {
Type = ReferenceType.SecurityScheme,
Id = "credentials"
}
},
new [] { "Basic <credentials-value>" }
}
});
}
if (authorizeAttributes.Any(x => x.AuthenticationSchemes.Contains(OneTimePasswordAuthentication.AuthenticationScheme)))
{
requirements.Add(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme {
Reference = new OpenApiReference {
Type = ReferenceType.SecurityScheme,
Id = "one-time-password"
}
},
new [] { "Basic <one-time-password-value>" }
}
});
}
operation.Security = new List<OpenApiSecurityRequirement>(requirements);
此外,我使用SwaggerGenOptions
来注册所有可能的方案:
var oneTimePasswordScheme = new OpenApiSecurityScheme
{
Name = "one-time-password",
In = ParameterLocation.Header,
Scheme = "one-time-password",
Type = SecuritySchemeType.ApiKey
};
options.AddSecurityDefinition("one-time-password", oneTimePasswordScheme);
var credentialsScheme = new OpenApiSecurityScheme
{
Name = "credentials",
In = ParameterLocation.Header,
Scheme = "credentials",
Type = SecuritySchemeType.ApiKey
};
options.AddSecurityDefinition("credentials", credentialsScheme);
除了 Swagger 在 UI 中使用OR
连接器外,一切正常:
有没有办法使用AND
连接器配置 Swagger?
任何帮助将不胜感激!
不是添加的OpenApiSecurityRequirement
每个OpenApiSecurityScheme
,有必要把所有OpenApiSecurityScheme
对象到一个单一的OpenApiSecurityRequirement
。
将安全要求与OR 联系起来:
var requirements = new List<OpenApiSecurityRequirement>();
requirements.Add(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme {
Reference = new OpenApiReference {
Type = ReferenceType.SecurityScheme,
Id = "scheme-1"
}
},
new [] { "scheme-1-value" }
}
});
requirements.Add(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme {
Reference = new OpenApiReference {
Type = ReferenceType.SecurityScheme,
Id = "scheme-2"
}
},
new [] { "scheme-2-value" }
}
});
operation.Security = new List<OpenApiSecurityRequirement>(requirements);
将安全要求与AND 联系起来:
var requirement = new OpenApiSecurityRequirement();
requirement.Add(new OpenApiSecurityScheme {
Reference = new OpenApiReference {
Type = ReferenceType.SecurityScheme,
Id = "scheme-1"
}
},
new [] { "scheme-1-value" }
);
requirement.Add(new OpenApiSecurityScheme {
Reference = new OpenApiReference {
Type = ReferenceType.SecurityScheme,
Id = "scheme-2"
}
},
new [] { "scheme-2-value" }
);
operation.Security = new List<OpenApiSecurityRequirement> { requirement };
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.