如何在 Swagger 中显示 WebApi OAuth 令牌端点
How to show WebApi OAuth token endpoint in Swagger
我创建了一个新的 Web Api 项目,添加了 Asp.Net 身份并像这样配置了 OAuth:
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
一切正常,我可以调用 /Token 端点并取回不记名令牌。
问题是这在我假设的 Swagger 中是不可发现的,因为它不在控制器上,因此没有为它生成 xml 文档。
有谁知道在我的 Swagger 文档中显示此登录端点的方法吗?
谢谢。
此外,我应该说 Swagger 文档适用于我所有的控制器,只是我缺少这个明显的方法 - 如何登录。
ApiExplorer 不会自动为您的端点生成任何信息,因此您需要添加自定义 DocumentFilter 才能手动描述令牌端点。
https://github.com/domaindrivendev/Swashbuckle/issues/332 中有一个这样的例子:
class AuthTokenOperation : IDocumentFilter
{
public void Apply(SwaggerDocument swaggerDoc, SchemaRegistry schemaRegistry, IApiExplorer apiExplorer)
{
swaggerDoc.paths.Add("/auth/token", new PathItem
{
post = new Operation
{
tags = new List<string> { "Auth" },
consumes = new List<string>
{
"application/x-www-form-urlencoded"
},
parameters = new List<Parameter> {
new Parameter
{
type = "string",
name = "grant_type",
required = true,
@in = "formData"
},
new Parameter
{
type = "string",
name = "username",
required = false,
@in = "formData"
},
new Parameter
{
type = "string",
name = "password",
required = false,
@in = "formData"
}
}
}
});
}
}
httpConfig.EnableSwagger(c =>
{
c.DocumentFilter<AuthTokenOperation>();
});
如果有人想知道如何向该操作添加响应正文,请查看更新后的 Ruaidhri 代码:
class AuthTokenOperation : IDocumentFilter
{
public void Apply(SwaggerDocument swaggerDoc, SchemaRegistry schemaRegistry, IApiExplorer apiExplorer)
{
swaggerDoc.paths.Add("/token", new PathItem
{
post = new Operation
{
tags = new List<string> { "Auth" },
consumes = new List<string>
{
"application/x-www-form-urlencoded"
},
parameters = new List<Parameter> {
new Parameter
{
type = "string",
name = "grant_type",
required = true,
@in = "formData"
},
new Parameter
{
type = "string",
name = "username",
required = false,
@in = "formData"
},
new Parameter
{
type = "string",
name = "password",
required = false,
@in = "formData"
}
},
responses = new Dictionary<string, Response>()
{
{
"200",
new Response {schema = schemaRegistry.GetOrRegister(typeof(OAuthTokenResponse))}
}
}
}
});
}
}
class OAuthTokenResponse
{
[JsonProperty("access_token")]
public string AccessToken { get; set; }
[JsonProperty("token_type")]
public string TokenType { get; set; }
[JsonProperty("expires_in")]
public long ExpiresIn { get; set; }
[JsonProperty("userName")]
public string Username { get; set; }
[JsonProperty(".issued")]
public DateTime Issued { get; set; }
[JsonProperty(".expires")]
public DateTime Expires { get; set; }
}
我创建了一个新的 Web Api 项目,添加了 Asp.Net 身份并像这样配置了 OAuth:
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
一切正常,我可以调用 /Token 端点并取回不记名令牌。
问题是这在我假设的 Swagger 中是不可发现的,因为它不在控制器上,因此没有为它生成 xml 文档。
有谁知道在我的 Swagger 文档中显示此登录端点的方法吗?
谢谢。
此外,我应该说 Swagger 文档适用于我所有的控制器,只是我缺少这个明显的方法 - 如何登录。
ApiExplorer 不会自动为您的端点生成任何信息,因此您需要添加自定义 DocumentFilter 才能手动描述令牌端点。
https://github.com/domaindrivendev/Swashbuckle/issues/332 中有一个这样的例子:
class AuthTokenOperation : IDocumentFilter
{
public void Apply(SwaggerDocument swaggerDoc, SchemaRegistry schemaRegistry, IApiExplorer apiExplorer)
{
swaggerDoc.paths.Add("/auth/token", new PathItem
{
post = new Operation
{
tags = new List<string> { "Auth" },
consumes = new List<string>
{
"application/x-www-form-urlencoded"
},
parameters = new List<Parameter> {
new Parameter
{
type = "string",
name = "grant_type",
required = true,
@in = "formData"
},
new Parameter
{
type = "string",
name = "username",
required = false,
@in = "formData"
},
new Parameter
{
type = "string",
name = "password",
required = false,
@in = "formData"
}
}
}
});
}
}
httpConfig.EnableSwagger(c =>
{
c.DocumentFilter<AuthTokenOperation>();
});
如果有人想知道如何向该操作添加响应正文,请查看更新后的 Ruaidhri 代码:
class AuthTokenOperation : IDocumentFilter
{
public void Apply(SwaggerDocument swaggerDoc, SchemaRegistry schemaRegistry, IApiExplorer apiExplorer)
{
swaggerDoc.paths.Add("/token", new PathItem
{
post = new Operation
{
tags = new List<string> { "Auth" },
consumes = new List<string>
{
"application/x-www-form-urlencoded"
},
parameters = new List<Parameter> {
new Parameter
{
type = "string",
name = "grant_type",
required = true,
@in = "formData"
},
new Parameter
{
type = "string",
name = "username",
required = false,
@in = "formData"
},
new Parameter
{
type = "string",
name = "password",
required = false,
@in = "formData"
}
},
responses = new Dictionary<string, Response>()
{
{
"200",
new Response {schema = schemaRegistry.GetOrRegister(typeof(OAuthTokenResponse))}
}
}
}
});
}
}
class OAuthTokenResponse
{
[JsonProperty("access_token")]
public string AccessToken { get; set; }
[JsonProperty("token_type")]
public string TokenType { get; set; }
[JsonProperty("expires_in")]
public long ExpiresIn { get; set; }
[JsonProperty("userName")]
public string Username { get; set; }
[JsonProperty(".issued")]
public DateTime Issued { get; set; }
[JsonProperty(".expires")]
public DateTime Expires { get; set; }
}