在 ASP.NET WebAPI 集成 Swagger 后，由于接口使用了 IdentityServer 做的認證，調試起來很不方便；看了下 Swashbuckle 的文檔 ，是支持 OAuth2.0 的配置的，使用的簡化模式（Implicit grant type），交互的流程如下：

Implicit Grant Type （簡化模式）

參數：

• response_type：表示授權類型，此處的值固定為"token"，必選項。
• client_id：表示客戶端的ID，必選項。
• redirect_uri：表示重定向的URI，可選項。
• scope：表示權限范圍，可選項。
• state：表示客戶端的當前狀態，可以指定任意值，認證服務器會原封不動地返回這個值。

GET /authorize?response_type=token&client_id=s6BhdRkqt3&state=xyz&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb HTTP/1.1Host: server.example.com

認證服務器回應客戶端的URI，包含以下參數：

• access_token：表示訪問令牌，必選項。
• token_type：表示令牌類型，該值大小寫不敏感，必選項。
• expires_in：表示過期時間，單位為秒。如果省略該參數，必須其他方式設置過期時間。
• scope：表示權限范圍，如果與客戶端申請的范圍一致，此項可省略。
• state：如果客戶端的請求中包含這個參數，認證服務器的回應也必須一模一樣包含這個參數。

???? HTTP/1.1 302 Found
???? Location: http://example.com/cb#access_token=2YotnFZFEjr1zCsicMWpAA
?????????????? &state=xyz&token_type=example&expires_in=3600

Swagger 啟用 OAuth 2.0 配置

Idrv 中配置客戶端(Client)

new Client{ClientName = "Test_API_Flow",ClientId = "api_test_api_flow",Flow = Flows.Implicit,ClientUri = "https://identityserver.io",RequireConsent = true,AllowRememberConsent = true,RedirectUris = new List<string>{"http://localhost:39106/swagger/ui/o2c-html",},AllowedCorsOrigins = new List<string>{"http://localhost:39106"},AccessTokenLifetime = 3600,AccessTokenType = AccessTokenType.Jwt,AllowAccessToAllScopes=true},

API:

app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions{Authority = IdsvSetting.Authority,ValidationMode = ValidationMode.ValidationEndpoint,RequiredScopes=new List<string> {"all","user","order"}} }); /// <summary>/// 早餐控制器/// </summary>[RoutePrefix("api/v1/breakfast")]public class BreakfastController : ApiController{private static readonly Logger logger = LogManager.GetCurrentClassLogger();/// <summary>/// 早餐服務/// </summary>private readonly IBreakfastService _breakfastService;/// <summary>/// 構造方法/// </summary>/// <param name="breakfastService">早餐服務</param>public BreakfastController(IBreakfastService breakfastService){_breakfastService = breakfastService;}#region 獲得酒店關聯的餐廳的酒店/// <summary>/// 獲得酒店關聯的餐廳的酒店/// </summary>/// <param name="hotelcd">酒店編號</param>/// <returns>獲得酒店關聯的餐廳的酒店</returns> [Authorize][HttpGet][Route("{hotelcd}/mapping")]public async Task<IHttpActionResult> GetXhotelBreakfastHotelMappingRequest(string hotelcd){var response = await _breakfastService.GetXhotelBreakfastHotelMappingRequest(hotelcd);return Json(response);}#endregion} }

配置 SwaggerConfig

//https://tsso.xxx.cn/connect/authorize?response_type=token&redirect_uri=http%3A%2F%2Flocalhost%3A39106%2Fswagger%2Fui%2Fo2c-html&realm=test-realm&client_id=api_test_api_flow&scope=all%20%20&state=oauth2c.OAuth2("oauth2").Description("OAuth2 Implicit Grant").Flow("implicit").AuthorizationUrl("https://tsso.xxx.cn/connect/authorize")//.TokenUrl("https://sso.xxx.cn/connect/token").Scopes(scopes =>{scopes.Add("all", "all access to protected resources");scopes.Add("user", "user access to protected resources");scopes.Add("order", "order access to protected resources");}); ...??

c.OperationFilter<AssignOAuth2SecurityRequirements>();c.EnableOAuth2Support(clientId: "api_test_api_flow",clientSecret: null,realm: "test-realm",appName: "Swagger UI"//additionalQueryStringParams: new Dictionary<string, string>() { { "foo", "bar" } }); public class AssignOAuth2SecurityRequirements : IOperationFilter{public void Apply(Operation operation, SchemaRegistry schemaRegistry, ApiDescription apiDescription){var actFilters = apiDescription.ActionDescriptor.GetFilterPipeline();var allowsAnonymous = actFilters.Select(f => f.Instance).OfType<OverrideAuthorizationAttribute>().Any();if (allowsAnonymous)return; // must be an anonymous method//var scopes = apiDescription.ActionDescriptor.GetFilterPipeline()// .Select(filterInfo => filterInfo.Instance)// .OfType<AllowAnonymousAttribute>()// .SelectMany(attr => attr.Roles.Split(','))// .Distinct();if (operation.security == null)operation.security = new List<IDictionary<string, IEnumerable<string>>>();var oAuthRequirements = new Dictionary<string, IEnumerable<string>>{{"oauth2", new List<string> {"all","user","order"}}};operation.security.Add(oAuthRequirements);}}

OK ，配置完成，點擊紅色的圈圈，登錄成功會302到? http://localhost:39106/swagger/ui/o2c-htm 上

當然也可以退出授權：

REFER:

https://www.scottbrady91.com/Identity-Server/ASPNET-Core-Swagger-UI-Authorization-using-IdentityServer4
https://stackoverflow.com/questions/33752900/enable-oauth2-client-credentials-flow-in-swashbuckle
https://stackoverflow.com/questions/29275499/swagger-swashbuckle-oauth2-with-resource-owner-password-credentials-grant?rq=1
http://knowyourtoolset.com/2015/08/secure-web-apis-with-swagger-swashbuckle-and-oauth2-part-2/

轉載于:https://www.cnblogs.com/Irving/p/7275065.html

總結

以上是生活随笔為你收集整理的ASP.NET WebAPI 集成 Swagger 启用 OAuth 2.0 配置问题的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。