Read more on scottbrady91.com
scottbrady91 / identityserver4-swagger-integration Goto Github PK
View Code? Open in Web Editor NEWHow to get Swashbuckle or NSwag Swagger UI's working with IdentityServer 4
License: MIT License
identityserver4-swagger-integration's Introduction
identityserver4-swagger-integration's People
Contributors
Stargazers
Watchers
Forkers
devbrsa matrixdekoder tuyndv dmitry-pavlov uzbekdev1 ccpu waynemunro josepoma ecocybernetyc bionstt raghavendar jun86616396 g-shabanin martin-chavez-9 ctgcontrols dystudio alfusinigoj bulusduan crixo rdbarbosa sachinkumarthakur flystunna andreybespamyatnov workcontrolgit bogarin manaatmoon krisums binhle0794 ehtickidentityserver4-swagger-integration's Issues
doesn't work in v3.0.0 of swashbuckle
I altered this line of code, it's not as elegant but does the same job:
public void Apply(Operation operation, OperationFilterContext context)
{
var found = false;
if (context.ApiDescription.ActionDescriptor is Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor controller)
{
found = controller.ControllerTypeInfo.GetCustomAttributes().OfType<AuthorizeAttribute>().Any();
}
if (!found)
{
if (!context.ApiDescription.TryGetMethodInfo(out var mi)) return;
if (!mi.GetCustomAttributes().OfType<AuthorizeAttribute>().Any()) return;
}
operation.Responses.TryAdd("401", new Response { Description = "Unauthorized" });
operation.Responses.TryAdd("403", new Response { Description = "Forbidden" });
operation.Security = new List<IDictionary<string, IEnumerable<string>>>
{
new Dictionary<string, IEnumerable<string>>
{
{ "oauth2", new [] { "identityapi" } }
}
};
}
This checks if the controller itself has the authorize attribute and if not checks the action. Might be worth updating your blog post with this snippet.
authorization swagger
I cant authorize swagger with test user credentials alice:alice, bob:bob even demo_api_swagger:secret.
what should I need to enter?
The swagger page is not opening
I downloaded the project and the identityserver opens and logged in successful but what next
Please create yml file for Docker Compose
How to block swagger docs instead of endpoints.
Thank you for this.
I would like to know how to block the docs using identity server that way I can deploy swagger to all environments without getting worried about my API being exposed to the public.
Thanks in advanced.
Can't sign in due to exceptions
I am starting Api.Swashbuckle.csproj.user
dotnet run
info: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[0]
User profile is available. Using 'C:\Users\max\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
info: Microsoft.Hosting.Lifetime[0]
Now listening on: https://localhost:5001
info: Microsoft.Hosting.Lifetime[0]
Now listening on: http://localhost:5000
info: Microsoft.Hosting.Lifetime[0]
Application started. Press Ctrl+C to shut down.
info: Microsoft.Hosting.Lifetime[0]
Hosting environment: Development
info: Microsoft.Hosting.Lifetime[0]
Content root path: c:\work\IdentityServer4-Swagger-Integration\Api.Swashbuckle
info: Microsoft.Hosting.Lifetime[0]
Now, when I am trying to authorize using Swagger I am redirected to https://localhost:5000/connect/authorize?response_type=code&client_id=demo_api_swagger&redirect_uri=https%3A%2F%2Flocalhost%3A5001%2Fswagger%2Foauth2-redirect.html&scope=api1&state=VHVlIEp1bCAwNyAyMDIwIDEzOjUzOjI5IEdNVCswMzAwICjQnNC%2B0YHQutCy0LAsINGB0YLQsNC90LTQsNGA0YLQvdC%2B0LUg0LLRgNC10LzRjyk%3D&code_challenge=B_M2Xf-8ZUdugsHiXmHvgPj4Nz-uIlqQoVmWMg1BRMk&code_challenge_method=S256 where I am getting ERR_SSL_PROTOCOL_ERROR
I am not sure, but this might be related to the security definition. My app servers HTTP on localhost:5000 and HTTPS on localhost:5001 using dotnet run command.
options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme
{
Type = SecuritySchemeType.OAuth2,
Flows = new OpenApiOAuthFlows
{
AuthorizationCode = new OpenApiOAuthFlow
{
AuthorizationUrl = new Uri("https://localhost:5000/connect/authorize"),
TokenUrl = new Uri("https://localhost:5000/connect/token"),
Scopes = new Dictionary<string, string>
{
{"api1", "Demo API - full access"}
}
}
}
});
I tried to use localhost:5001 in my security definition but in this case I am getting 404 error.
What difference between AddIdentityServerAuthentication and AddJwtBearer #777
hi , raw issues address is DuendeSoftware/IdentityServer#777 ,can you help me.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.