public static SwaggerSecurityScheme CreateOAuthSchema(MyUrlsOptions urlOptions)
{
var tokenUrl = urlOptions.BuildUrl($"{Constants.IdentityServerPrefix}/connect/token", false);
var securityDocs = LoadDocs("security");
var securityText = securityDocs.Replace("<TOKEN_URL>", tokenUrl);
var result =
new SwaggerSecurityScheme
{
TokenUrl = tokenUrl,
Type = SwaggerSecuritySchemeType.OAuth2,
Flow = SwaggerOAuth2Flow.Application,
Scopes = new Dictionary <string, string>
{
{ Constants.ApiScope, "Read and write access to the API" },
{ SquidexRoles.AppOwner, "App contributor with Owner permission." },
{ SquidexRoles.AppEditor, "Client (writer) or App contributor with Editor permission." },
{ SquidexRoles.AppReader, "Client (readonly) or App contributor with Editor permission." },
{ SquidexRoles.AppDeveloper, "App contributor with Developer permission." }
},
Description = securityText
};
return(result);
}
public static SwaggerSecurityScheme CreateOAuthSchema(MyUrlsOptions urlOptions)
{
var tokenUrl = urlOptions.BuildUrl($"{Constants.IdentityPrefix}/connect/token");
var securityDocs = LoadDocs("security");
var securityDescription = securityDocs.Replace("<TOKEN_URL>", tokenUrl);
var result =
new SwaggerSecurityScheme
{
TokenUrl = tokenUrl,
Type = SwaggerSecuritySchemeType.OAuth2,
Flow = SwaggerOAuth2Flow.Application,
Scopes = new Dictionary <string, string>
{
{ Constants.ApiScope, "Read and write access to the API" },
{ SquidexRoles.AppOwner, "You get this scope / role when you are owner of the app you are accessing." },
{ SquidexRoles.AppEditor, "You get this scope / role when you are owner of the app you are accessing or when the subject is a client." },
{ SquidexRoles.AppDeveloper, "You get this scope / role when you are owner of the app you are accessing." }
},
Description = securityDescription
};
return(result);
}
private static void SetupDescription(SwaggerSecurityScheme securityScheme, string tokenUrl)
{
var securityDocs = NSwagHelper.LoadDocs("security");
var securityText = securityDocs.Replace("<TOKEN_URL>", tokenUrl);
securityScheme.Description = securityText;
}
public static IServiceCollection AddMvcAndVersionedSwagger(this IServiceCollection services)
{
services
.AddMvcCore()
.AddDataAnnotations()
.AddApiExplorer()
.AddJsonFormatters()
.SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
.AddVersionedApiExplorer(options =>
{
options.SubstituteApiVersionInUrl = true;
options.GroupNameFormat = "VVV";
});
services.AddApiVersioning(options =>
{
options.ApiVersionReader = new UrlSegmentApiVersionReader();
options.AssumeDefaultVersionWhenUnspecified = true;
});
services.AddSwaggerDocument(document =>
{
// Add an authenticate button to Swagger for JWT tokens
document.OperationProcessors.Add(new OperationSecurityScopeProcessor("JWT"));
var swaggerSecurityScheme = new SwaggerSecurityScheme
{
Type = SwaggerSecuritySchemeType.ApiKey,
Name = "Authorization",
In = SwaggerSecurityApiKeyLocation.Header,
Description = "Type into the textbox: Bearer {your JWT token}. You can get a JWT token from /Authorization/Authenticate."
};
document.ApiGroupNames = new[] { "3" };
document.DocumentName = "v3";
document.DocumentProcessors.Add(new SecurityDefinitionAppender("JWT", swaggerSecurityScheme));
document.PostProcess = d =>
{
d.Info.Title = "Roadkill API";
d.Info.Version = "3.0";
};
});
return(services);
}
private static SwaggerSecurityScheme CreateOAuthSchema(UrlsOptions urlOptions)
{
var security = new SwaggerSecurityScheme
{
Type = SwaggerSecuritySchemeType.OAuth2
};
var tokenUrl = urlOptions.BuildUrl($"{Constants.IdentityServerPrefix}/connect/token", false);
security.TokenUrl = tokenUrl;
SetupDescription(security, tokenUrl);
security.Flow = SwaggerOAuth2Flow.Application;
security.Scopes = new Dictionary <string, string>
{
[Constants.ApiScope] = "Read and write access to the API"
};
return(security);
}
public static SwaggerSecurityScheme CreateOAuthSchema(MyUrlsOptions urlOptions)
{
var tokenUrl = urlOptions.BuildUrl($"{Constants.IdentityServerPrefix}/connect/token", false);
var securityDocs = LoadDocs("security");
var securityText = securityDocs.Replace("<TOKEN_URL>", tokenUrl);
var result =
new SwaggerSecurityScheme
{
TokenUrl = tokenUrl,
Type = SwaggerSecuritySchemeType.OAuth2,
Flow = SwaggerOAuth2Flow.Application,
Scopes = new Dictionary <string, string>
{
{ Constants.ApiScope, "Read and write access to the API" }
},
Description = securityText
};
return(result);
}
private static SwaggerSecurityScheme CreateOAuthSchema(UrlsOptions urlOptions)
{
var securityScheme = new SwaggerSecurityScheme();
var tokenUrl = urlOptions.BuildUrl($"{Constants.IdentityServerPrefix}/connect/token", false);
securityScheme.TokenUrl = tokenUrl;
var securityDocs = NSwagHelper.LoadDocs("security");
var securityText = securityDocs.Replace("<TOKEN_URL>", tokenUrl);
securityScheme.Description = securityText;
securityScheme.Type = SwaggerSecuritySchemeType.OAuth2;
securityScheme.Flow = SwaggerOAuth2Flow.Application;
securityScheme.Scopes = new Dictionary <string, string>
{
[Constants.ApiScope] = "Read and write access to the API"
};
return(securityScheme);
}
/// <summary>Initializes a new instance of the <see cref="SecurityDefinitionAppender" /> class.</summary>
/// <param name="name">The name/key of the security scheme/definition.</param>
/// <param name="swaggerSecurityScheme">The Swagger security scheme.</param>
public SecurityDefinitionAppender(string name, SwaggerSecurityScheme swaggerSecurityScheme)
{
_name = name;
_swaggerSecurityScheme = swaggerSecurityScheme;
}
/// <summary>Initializes a new instance of the <see cref="SecurityDefinitionAppender" /> class.</summary>
/// <param name="name">The name/key of the security scheme/definition.</param>
/// <param name="swaggerSecurityScheme">The Swagger security scheme.</param>
public SecurityDefinitionAppender(string name, SwaggerSecurityScheme swaggerSecurityScheme)
{
_name = name;
_swaggerSecurityScheme = swaggerSecurityScheme;
}
/// <summary>Initializes a new instance of the <see cref="SecurityDefinitionAppender" /> class.</summary>
/// <param name="name">The name/key of the security scheme/definition.</param>
/// <param name="scopeNames">The scope names to add to as security requirement with the scheme name in the 'security' property (can be an empty list).</param>
/// <param name="swaggerSecurityScheme">The Swagger security scheme.</param>
public SecurityDefinitionAppender(string name, IEnumerable <string> scopeNames, SwaggerSecurityScheme swaggerSecurityScheme)
{
_name = name;
_scopeNames = scopeNames ?? throw new ArgumentNullException(nameof(scopeNames));
_swaggerSecurityScheme = swaggerSecurityScheme;
}
/// <summary>Appends the OAuth2 security scheme and requirement to the document's security definitions.</summary>
/// <remarks>Adds a <see cref="SecurityDefinitionAppender"/> document processor with the given arguments.</remarks>
/// <param name="settings">The settings.</param>
/// <param name="name">The name/key of the security scheme/definition.</param>
/// <param name="scopeNames">The scope names to add to as security requirement with the scheme name in the 'security' property (can be an empty list).</param>
/// <param name="swaggerSecurityScheme">The Swagger security scheme.</param>
public static SwaggerGeneratorSettings AddSecurity(this SwaggerGeneratorSettings settings, string name, IEnumerable <string> scopeNames, SwaggerSecurityScheme swaggerSecurityScheme)
{
settings.DocumentProcessors.Add(new SecurityDefinitionAppender(name, scopeNames, swaggerSecurityScheme));
return(settings);
}
