/// <summary>
/// Adds OAuth 2.0 security scheme using the Implicit flow.
/// </summary>
/// <param name="options">The options used to generate the swagger.json file.</param>
/// <param name="settings">General settings for an ASP.NET Core application.</param>
/// <param name="name">A unique name for the scheme.</param>
public static SwaggerGenOptions AddOAuth2ImplicitFlow(this SwaggerGenOptions options, GeneralSettings settings, string name = "oauth2")
{
// https://swagger.io/docs/specification/authentication/
var implicitFlow = new OpenApiOAuthFlow {
TokenUrl = new Uri(settings?.Authority + "/connect/token"),
RefreshUrl = new Uri(settings?.Authority + "/connect/token"),
AuthorizationUrl = new Uri(settings?.Authority + "/connect/authorize"),
Scopes = GetScopes(settings)
};
var oauth2 = options.SwaggerGeneratorOptions.SecuritySchemes.SingleOrDefault(x => x.Value.Type == SecuritySchemeType.OAuth2);
if (oauth2.Value != null)
{
oauth2.Value.Flows.Implicit = implicitFlow;
return(options);
}
options.AddSecurityDefinition(name, new OpenApiSecurityScheme {
Type = SecuritySchemeType.OAuth2,
Description = "Identity Server OAuth2",
Flows = new OpenApiOAuthFlows {
Implicit = implicitFlow
}
});
options.AddSecurityRequirements(name, settings);
return(options);
}
/// <summary>
/// adds OpenId connect security scheme.
/// </summary>
/// <param name="options"></param>
/// <param name="settings"></param>
/// <param name="name">A unique name for the scheme.</param>
public static SwaggerGenOptions AddOAuth2(this SwaggerGenOptions options, GeneralSettings settings, string name = "oauth2")
{
var apiSettings = settings?.Api ?? new ApiSettings();
// Define the OAuth2.0 scheme that's in use (i.e. Implicit Flow).
var scopes = new Dictionary <string, string> {
{ apiSettings.ResourceName, $"Access to {apiSettings.FriendlyName}" },
};
foreach (var scope in apiSettings.Scopes)
{
scopes.Add($"{apiSettings.ResourceName}:{scope.Key}", scope.Value);
}
// https://swagger.io/docs/specification/authentication/
options.AddSecurityDefinition(name, new OpenApiSecurityScheme {
Type = SecuritySchemeType.OAuth2,
Description = "Identity Server oAuth2",
Flows = new OpenApiOAuthFlows {
Implicit = new OpenApiOAuthFlow {
TokenUrl = new Uri(settings?.Authority + "/connect/token"),
RefreshUrl = new Uri(settings?.Authority + "/connect/token"),
AuthorizationUrl = new Uri(settings?.Authority + "/connect/authorize"),
Scopes = scopes
},
ClientCredentials = new OpenApiOAuthFlow {
TokenUrl = new Uri(settings?.Authority + "/connect/token"),
RefreshUrl = new Uri(settings?.Authority + "/connect/token"),
AuthorizationUrl = new Uri(settings?.Authority + "/connect/authorize"),
Scopes = scopes
}
}
});
options.AddSecurityRequirements(name, settings);
return(options);
}
/// <summary>
/// Adds OpenId Connect security scheme.
/// </summary>
/// <param name="options">The options used to generate the swagger.json file.</param>
/// <param name="settings">General settings for an ASP.NET Core application.</param>
/// <param name="name">A unique name for the scheme.</param>
public static SwaggerGenOptions AddOpenIdConnect(this SwaggerGenOptions options, GeneralSettings settings, string name = "openid")
{
// https://swagger.io/docs/specification/authentication/
options.AddSecurityDefinition(name, new OpenApiSecurityScheme {
Type = SecuritySchemeType.OpenIdConnect,
Description = "Identity Server Openid connect",
OpenIdConnectUrl = new Uri(settings?.Authority + "/.well-known/openid-configuration")
});
options.AddSecurityRequirements(name, settings);
return(options);
}
/// <summary>
/// Adds Basic authentication via header as a security scheme.
/// </summary>
/// <param name="options">The options used to generate the swagger.json file.</param>
/// <param name="settings">General settings for an ASP.NET Core application.</param>
/// <param name="name">A unique name for the scheme.</param>
public static SwaggerGenOptions AddBasicAuthentication(this SwaggerGenOptions options, GeneralSettings settings, string name = "basic_authentication")
{
options.AddSecurityDefinition(name, new OpenApiSecurityScheme {
Type = SecuritySchemeType.Http,
Scheme = "basic",
Description = "Input your username and password to access this API",
Name = "Authorization",
In = ParameterLocation.Header
});
options.AddSecurityRequirements(name, settings);
return(options);
}
/// <summary>
/// Adds the ability to directly put your JWT for authentication.
/// </summary>
/// <param name="options">The options used to generate the swagger.json file.</param>
/// <param name="settings">General settings for an ASP.NET Core application.</param>
/// <param name="name">A unique name for the scheme.</param>
public static SwaggerGenOptions AddJwt(this SwaggerGenOptions options, GeneralSettings settings, string name = "jwt")
{
options.AddSecurityDefinition(name, new OpenApiSecurityScheme()
{
Type = SecuritySchemeType.Http,
Scheme = "bearer",
Description = "Input your JWT access token",
Name = "Authorization",
In = ParameterLocation.Header
});
options.AddSecurityRequirements("JWT", settings);
return(options);
}
/// <summary>
/// Adds OAuth 2.0 security scheme using the Implicit flow.
/// </summary>
/// <param name="options">The options used to generate the swagger.json file.</param>
/// <param name="settings">General settings for an ASP.NET Core application.</param>
/// <param name="name">A unique name for the scheme.</param>
public static SwaggerGenOptions AddOAuth2ImplicitFlow(this SwaggerGenOptions options, GeneralSettings settings, string name = "implicit")
{
// https://swagger.io/docs/specification/authentication/
options.AddSecurityDefinition(name, new OpenApiSecurityScheme {
Type = SecuritySchemeType.OAuth2,
Description = "Identity Server OAuth2 - Implicit Flow",
Flows = new OpenApiOAuthFlows {
Implicit = new OpenApiOAuthFlow {
TokenUrl = new Uri(settings?.Authority + "/connect/token"),
RefreshUrl = new Uri(settings?.Authority + "/connect/token"),
AuthorizationUrl = new Uri(settings?.Authority + "/connect/authorize"),
Scopes = GetScopes(settings)
}
}
});
options.AddSecurityRequirements(name, settings);
return(options);
}