Exemplo n.º 1
0
        public void Apply(Microsoft.OpenApi.Models.OpenApiOperation operation, Swashbuckle.AspNetCore.SwaggerGen.OperationFilterContext context)
        {
            var isAuthorized = (context.MethodInfo.DeclaringType.GetCustomAttributes(true).OfType <Microsoft.AspNetCore.Authorization.AuthorizeAttribute>().Any() ||
                                context.MethodInfo.GetCustomAttributes(true).OfType <Microsoft.AspNetCore.Authorization.AuthorizeAttribute>().Any()) &&
                               !context.MethodInfo.GetCustomAttributes(true).OfType <Microsoft.AspNetCore.Authorization.AllowAnonymousAttribute>().Any();   // this excludes methods with AllowAnonymous attribute

            if (!isAuthorized)
            {
                return;
            }

            operation.Responses.TryAdd("401", new OpenApiResponse {
                Description = "Unauthorized"
            });
            operation.Responses.TryAdd("403", new OpenApiResponse {
                Description = "Forbidden"
            });

            var jwtbearerScheme = new OpenApiSecurityScheme
            {
                Reference = new OpenApiReference {
                    Type = ReferenceType.SecurityScheme, Id = "bearer"
                }
            };

            operation.Security = new List <OpenApiSecurityRequirement>
            {
                new OpenApiSecurityRequirement {
                    [jwtbearerScheme] = new string [] {}
                }
            };
        }
Exemplo n.º 2
0
        public void Apply(OpenApiOperation operation, Swashbuckle.AspNetCore.SwaggerGen.OperationFilterContext context)
        {
            if (operation.Parameters == null)
            {
                operation.Parameters = new List <OpenApiParameter>();
            }

            operation.Parameters.Add(new OpenApiParameter()
            {
                Name        = "X-User-Token",
                Description = "Teste",
                In          = ParameterLocation.Header,
                Schema      = new OpenApiSchema()
                {
                    Type = "String"
                },
                Required = true,
                Example  = new OpenApiString("Tenant ID example")
            });
        }
Exemplo n.º 3
0
        public void Apply(Operation operation, Swashbuckle.AspNetCore.SwaggerGen.OperationFilterContext context)
        {
            var filterPipeline = context.ApiDescription.ActionDescriptor.FilterDescriptors;
            var isAuthorized   = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is AuthorizeFilter);
            var allowAnonymous = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is IAllowAnonymousFilter);

            if (isAuthorized && !allowAnonymous)
            {
                if (operation.Parameters == null)
                {
                    operation.Parameters = new List <IParameter>();
                }

                operation.Parameters.Add(new NonBodyParameter
                {
                    Name        = "Authorization",
                    In          = "header",
                    Description = "Authorization",
                    Required    = true,
                    Type        = "string"
                });
            }
        }