使用授权标头(Bearer)设置Swagger(ASP.NET Core)

本文介绍了使用授权标头(Bearer)设置Swagger(ASP.NET Core)的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我有一个Web API(ASP.NET Core)，我正在尝试调整范围以从中进行调用.这些调用必须包含Authorization标头，并且我正在使用Bearer身份验证.来自Postman等第三方应用程序的呼叫正常.但是我在设置标题时会遇到麻烦(出于某些原因，我没有收到标题).这是现在的样子:

I have a Web API (ASP.NET Core) and I am trying to adjust the swagger to make the calls from it.The calls must contains the Authorization header and I am using Bearer authentication.The calls from third party apps like Postman, etc. go fine.But I am having the issue with setting up the headers for swagger (for some reason I don't receive the headers). This is how it looks like now:

  "host": "localhost:50352",
  "basePath": "/" ,
  "schemes": [
    "http",
    "https"
  ],
 "securityDefinitions":  {
    "Bearer": {
      "name": "Authorization",
      "in": "header",
      "type": "apiKey",
      "description": "HTTP/HTTPS Bearer"
    }
  },
  "paths": {
    "/v1/{subAccountId}/test1": {
      "post": {
        "tags": [
          "auth"
        ],
        "operationId": "op1",
        "consumes": ["application/json", "application/html"],
        "produces": ["application/json", "application/html"],
        "parameters": [
          {
            "name": "subAccountId",
            "in": "path",
            "required": true,
            "type": "string"
          }
        ],
        "security":[{
          "Bearer": []
        }],
        "responses": {
          "204": {
            "description": "No Content"
          },
          "400": {
            "description": "BadRequest",
            "schema": {
              "$ref": "#/definitions/ErrorResponse"
            }
          },
          "401": {
            "description": "Unauthorized",
            "schema": {
              "$ref": "#/definitions/ErrorResponse"
            }
          },
          "500": {
            "description": "InternalServerError",
            "schema": {
              "$ref": "#/definitions/ErrorResponse"
            }
          }
        },
        "deprecated": false
      }
    },

推荐答案

首先，您可以使用Swashbuckle.AspNetCore nuget包自动生成您的招摇定义. (在2.3.0上测试)

First of all, you can use Swashbuckle.AspNetCore nuget package for auto generating your swagger definition. (tested on 2.3.0)

安装软件包后，请在Startup.cs中使用ConfigureServices方法进行设置

After you've installed package, setup it in Startup.cs in method ConfigureServices

services.AddSwaggerGen(c => {
    c.SwaggerDoc("v1", new Info { Title = "You api title", Version = "v1" });
    c.AddSecurityDefinition("Bearer",
        new ApiKeyScheme { In = "header",
          Description = "Please enter into field the word 'Bearer' following by space and JWT",
          Name = "Authorization", Type = "apiKey" });
    c.AddSecurityRequirement(new Dictionary<string, IEnumerable<string>> {
        { "Bearer", Enumerable.Empty<string>() },
    });

});

然后，您可以使用页面右上方的授权"按钮.

Then you can use Authorize button at the top right of the page.

至少您可以尝试使用此程序包生成有效的摇头定义

At least you can try to use this package to generate valid swagger definition

这篇关于使用授权标头(Bearer)设置Swagger(ASP.NET Core)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！

1403页，肝出来的..