public void Apply(Microsoft.OpenApi.Models.OpenApiOperation operation, Swashbuckle.AspNetCore.SwaggerGen.OperationFilterContext context) { var isAuthorized = (context.MethodInfo.DeclaringType.GetCustomAttributes(true).OfType <Microsoft.AspNetCore.Authorization.AuthorizeAttribute>().Any() || context.MethodInfo.GetCustomAttributes(true).OfType <Microsoft.AspNetCore.Authorization.AuthorizeAttribute>().Any()) && !context.MethodInfo.GetCustomAttributes(true).OfType <Microsoft.AspNetCore.Authorization.AllowAnonymousAttribute>().Any(); // this excludes methods with AllowAnonymous attribute if (!isAuthorized) { return; } operation.Responses.TryAdd("401", new OpenApiResponse { Description = "Unauthorized" }); operation.Responses.TryAdd("403", new OpenApiResponse { Description = "Forbidden" }); var jwtbearerScheme = new OpenApiSecurityScheme { Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "bearer" } }; operation.Security = new List <OpenApiSecurityRequirement> { new OpenApiSecurityRequirement { [jwtbearerScheme] = new string [] {} } }; }
public void Apply(OpenApiOperation operation, Swashbuckle.AspNetCore.SwaggerGen.OperationFilterContext context) { if (operation.Parameters == null) { operation.Parameters = new List <OpenApiParameter>(); } operation.Parameters.Add(new OpenApiParameter() { Name = "X-User-Token", Description = "Teste", In = ParameterLocation.Header, Schema = new OpenApiSchema() { Type = "String" }, Required = true, Example = new OpenApiString("Tenant ID example") }); }
public void Apply(Operation operation, Swashbuckle.AspNetCore.SwaggerGen.OperationFilterContext context) { var filterPipeline = context.ApiDescription.ActionDescriptor.FilterDescriptors; var isAuthorized = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is AuthorizeFilter); var allowAnonymous = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is IAllowAnonymousFilter); if (isAuthorized && !allowAnonymous) { if (operation.Parameters == null) { operation.Parameters = new List <IParameter>(); } operation.Parameters.Add(new NonBodyParameter { Name = "Authorization", In = "header", Description = "Authorization", Required = true, Type = "string" }); } }