在Swashbuckle oauth 2密码流中,用户名和密码不会在标头中传递

问题描述 投票:1回答:1

我在我的项目中使用swashbuckle.core。下面是SwaggerConfig.cs:

    using System.Web.Http;
    using Swashbuckle.Application;
    using WebActivator;
    using System.Collections.Generic;
    using System;
    using Swashbuckle.Swagger;
    using System.Web.Http.Description;
    using System.Linq;
    using System.Web.Http.Filters;

public class SwaggerConfig
    {

        public static void Register()
        {
            var thisAssembly = typeof(SwaggerConfig).Assembly;

            GlobalConfiguration.Configuration

                 .EnableSwagger(c =>
                 {
                     c.SingleApiVersion("v1", "Test.Framework.Rest.ApplicationService");
                       c.UseFullTypeNameInSchemaIds();
                     c.PrettyPrint();



                    c.OAuth2("oauth2")
                        .Description("OAuth2 Password Grant")
                         .Flow("password")
                         .TokenUrl("https://BLR2TCM29.test/SecureTokenServiceRestV4.0/api/authorization/requestaccesstoken")
                            .Scopes(scopes =>
                                        {
                              scopes.Add("oauth2", "AUTHORIZATION");

                                 }
                                 );


                     c.OperationFilter<AddRequiredAuthorizationHeaderParameter>();


                 })
                 .EnableSwaggerUi(c =>
                 {
                     c.EnableOAuth2Support(
                     clientId: "Sample_App",
                     clientSecret: "xxxxx",
                     realm: "test-realm",
                     appName: "Swagger UI",
                     additionalQueryStringParams: new Dictionary<string, string>() { { "loginname", "password" } });
                 });


        }


        public class AddRequiredAuthorizationHeaderParameter : IOperationFilter
        {
            public void Apply(Operation operation, SchemaRegistry schemaRegistry, ApiDescription apiDescription)
            {
                var actFilters = apiDescription.ActionDescriptor.GetFilterPipeline();
                var allowsAnonymous = actFilters.Select(f => f.Instance).OfType<OverrideAuthorizationAttribute>().Any();
                if (allowsAnonymous)
                    return; // must be an anonymous method

                if (operation.security == null)
                    operation.security = new List<IDictionary<string, IEnumerable<string>>>();


                var oAuthRequirements = new Dictionary<string, IEnumerable<string>>
        {
            { "oauth2", new string[]{ "AUTHORIZATION"} }
        };

                operation.security.Add(oAuthRequirements);
            }

        }
        private static string GetXmlCommentsPath()
        {
            return System.AppDomain.CurrentDomain.BaseDirectory + @"\bin\Test.Rest.ApplicationService.Swagger.xml";
        }
    }

API正在获取令牌,但标题值,即用户名和密码不存在。

如果我遗漏任何配置,请告诉我。

swashbuckle oauth2密码流的任何示例都会有所帮助。

重要提示:当我使用Swashbuckle.Core时,不要为Swashbuckle.Aspnet提供解决方案

oauth-2.0 authorization swagger swashbuckle
1个回答
0
投票

最后,我能够找到它无法正常工作的原因。 Swashbuckle传递正文中的数据而不是也形成数据类型的标题。

screenshot the data

用于在api端接收数据:

 [System.Web.Http.HttpPost()]
    [Route(RELATIVE_PATH + AUTHORIZATION + "/requestauthenticationaccesstoken/")]
    public OAuthResponse AuthenticationAccessToken([FromBody] UserData value)

UserData包含用户名,密码,范围和grant_type的getter setter。

经过此oauth2密码流认证工作正常。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.