Swagger-ui：如何配置以服务于 MVC 核心项目

Question

如果在控制器上设置了授权属性，如何配置 swagger-ui 以调用 web api。我已配置但无法使其工作，或者我做错了。

        public void ConfigureServices(IServiceCollection services)
    {

        services.AddSwaggerGen(options =>
        {
            options.DescribeAllEnumsAsStrings();
            options.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info
            {
                Title = "Parent Side HTTP API",
                Version = "v1",
                Description = "The Parent Side Microservcie HTTP API",
                TermsOfService = "Term Of Service"
            });
            options.AddSecurityDefinition("oauth2", new OAuth2Scheme
            {

                Type = "oauth2",
                Flow = "implicit",
                AuthorizationUrl = $"{Configuration.GetValue<string>("IdentityUrlExternal")}/connect/authorize",
                TokenUrl = $"{Configuration.GetValue<string>("IdentityUrlExternal")}/connect/token",
                Scopes = new Dictionary<string, string>()
                {
                    { "api1", "Read access to protected resources" }
                }
            });

            options.OperationFilter<AuthorizeCheckOperationFilter>();
        });

        services.AddCors(options =>
        {
            options.AddPolicy("CorsPolicy",
                builder => builder.AllowAnyOrigin()
                .AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials());
        });

        //services.AddCustomMvc(Configuration)
        //    .AddCustomAuthentication(Configuration);
        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
        var identityUrl = Configuration.GetValue<string>("urls:identity");
        services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;

        }).AddJwtBearer(options =>
        {
            options.Authority = Configuration.GetValue<string>("IdentityUrlExternal");
            options.RequireHttpsMetadata = false;
            options.Audience = "parent.api.gateway";              
            options.Events = new JwtBearerEvents()
            {
                OnAuthenticationFailed = async ctx =>
                {
                    int i = 0;
                },
                OnTokenValidated = async ctx =>
                {
                    int i = 0;
                }
            };
        });

        services.AddMvc(); 
        //    .AddIdentityServerAuthent;

    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseSwagger()
           .UseSwaggerUI(c =>
           {
               c.SwaggerEndpoint("/swagger/v1/swagger.json", "Parent API V1");
           }); 

        app.UseAuthentication();  

        app.UseMvc();
    }

它只在身份服务器登录页面的新浏览器上显示。登录后，即使已登录，它也只会停留在同一个登录屏幕上。

我什至使用显示登录弹出窗口的 BasicAuthScheme。弹出窗口也显示为已授权，但列出的 api 仍然未经授权。一旦我授权，是否可以调用那些授权代码来执行。

Answer 1

如果您使用的是 swagger 3.0，在您点击“关闭”之前，弹出窗口不会自行关闭。

我看到你增加了范围，但你似乎没有将它应用于任何控制器。您必须在 AddSecurityDefinition() 之后调用 AddSecurityRequirement()。