diff options
author | Safia Abdalla <safia@microsoft.com> | 2022-07-13 18:09:51 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-13 18:09:51 +0300 |
commit | 59bfcb1994409ad1e65eb6361ab26a380952c507 (patch) | |
tree | 01e7083875e46aa9c37936f9868ea0ad1cc18a66 | |
parent | 69c7a87cd8f05da9c05c373edfc0337c9e864d9e (diff) |
Set OpenApiSecurityRequirement for JWT-bearer scenarioscs/openapi-spec-requirement
-rw-r--r-- | src/OpenApi/src/Microsoft.AspNetCore.OpenApi.csproj | 3 | ||||
-rw-r--r-- | src/OpenApi/src/OpenApiGenerator.cs | 37 |
2 files changed, 38 insertions, 2 deletions
diff --git a/src/OpenApi/src/Microsoft.AspNetCore.OpenApi.csproj b/src/OpenApi/src/Microsoft.AspNetCore.OpenApi.csproj index 34a81cb704..d7fcd23d3b 100644 --- a/src/OpenApi/src/Microsoft.AspNetCore.OpenApi.csproj +++ b/src/OpenApi/src/Microsoft.AspNetCore.OpenApi.csproj @@ -9,6 +9,7 @@ <ItemGroup> <Reference Include="Microsoft.OpenApi" /> + <Reference Include="Microsoft.AspNetCore.Authentication.JwtBearer" /> <Reference Include="Microsoft.AspNetCore.Http.Abstractions" /> <Reference Include="Microsoft.AspNetCore.Routing" /> <Reference Include="Microsoft.AspNetCore.Mvc.Core" /> @@ -26,4 +27,4 @@ <InternalsVisibleTo Include="Microsoft.AspNetCore.OpenApi.Tests" /> </ItemGroup> -</Project>
\ No newline at end of file +</Project> diff --git a/src/OpenApi/src/OpenApiGenerator.cs b/src/OpenApi/src/OpenApiGenerator.cs index 454f3718ff..a8f77fe46c 100644 --- a/src/OpenApi/src/OpenApiGenerator.cs +++ b/src/OpenApi/src/OpenApiGenerator.cs @@ -6,6 +6,8 @@ using System.Linq; using System.Reflection; using System.Runtime.CompilerServices; using System.Security.Claims; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http.Metadata; using Microsoft.AspNetCore.Mvc; @@ -78,7 +80,8 @@ internal sealed class OpenApiGenerator Tags = GetOperationTags(methodInfo, metadata), Parameters = GetOpenApiParameters(methodInfo, metadata, pattern, disableInferredBody), RequestBody = GetOpenApiRequestBody(methodInfo, metadata, pattern), - Responses = GetOpenApiResponses(methodInfo, metadata) + Responses = GetOpenApiResponses(methodInfo, metadata), + Security = GetOpenApiSecurityRequirement(metadata) }; static bool ShouldDisableInferredBody(string method) @@ -93,6 +96,38 @@ internal sealed class OpenApiGenerator } } + private static IList<OpenApiSecurityRequirement> GetOpenApiSecurityRequirement(EndpointMetadataCollection metadata) + { + var authorizationMetadata = metadata.OfType<IAuthorizeData>(); + var securityRequirements = new List<OpenApiSecurityRequirement>(); + OpenApiSecurityScheme? scheme = null; + List<string> roles = new(); + foreach (var authorizationItem in authorizationMetadata) + { + var applicableSchemes = authorizationItem.AuthenticationSchemes?.Split(","); + if (applicableSchemes?.Length > 0 && applicableSchemes.Contains(JwtBearerDefaults.AuthenticationScheme)) + { + scheme = new OpenApiSecurityScheme() + { + Reference = new() + { + Type = ReferenceType.SecurityScheme, + Id = JwtBearerDefaults.AuthenticationScheme + } + }; + } + roles.AddRange(authorizationItem.Roles?.Split(',')); + } + if (scheme is not null) + { + securityRequirements.Add(new() { + { scheme, roles } + }); + } + + return securityRequirements; + } + private static OpenApiResponses GetOpenApiResponses(MethodInfo method, EndpointMetadataCollection metadata) { var responses = new OpenApiResponses(); |