How to Authorize Swagger to use MS Graph API
jok*_*kab 5 c# swagger-ui azure-ad-graph-api asp.net-core nswag
We are building a Web API wrapper for MS Graph API.
I want to use Swagger to test my APIs. But I can't get the configuration right. I keep getting Bad Request and no other clue. I can't install Fiddler or other tools on this corporate laptop to help me investigate.
Here is the Error
And here is the code to configure Swagger:
app.UseSwaggerUi3WithApiExplorer(settings =>
{
settings.GeneratorSettings.DefaultPropertyNameHandling = PropertyNameHandling.CamelCase;
settings.PostProcess = document =>
{
document.Info.Title = "App title";
document.Info.Description = "App description";
};
settings.OAuth2Client = new OAuth2ClientSettings
{
ClientId = [clientid]
ClientSecret = [clientsecret]
AppName = "app_name",
};
settings.OAuth2Client.AdditionalQueryStringParameters.Add("response_type", "code id_token");
settings.OAuth2Client.AdditionalQueryStringParameters.Add("nonce", "AnyValueShouldBeRandom");
settings.GeneratorSettings.DocumentProcessors.Add(new SecurityDefinitionAppender("Auth Token", new SwaggerSecurityScheme
{
Type = SwaggerSecuritySchemeType.OpenIdConnect,
Description = "Swagger OAuth2",
OpenIdConnectUrl = "https://login.microsoftonline.com/[tenantid]/v2.0/.well-known/openid-configuration",
Flow = SwaggerOAuth2Flow.Implicit,
AuthorizationUrl = "https://login.microsoftonline.com/[tenantid]/oauth2/v2.0/authorize",
TokenUrl = "https://login.microsoftonline.com/[tenantid]/oauth2/v2.0/token",
In = SwaggerSecurityApiKeyLocation.Header,
Scopes = new Dictionary<string, string>
{
{ "api://[api]/user_impersonation", "" },
{ "user.read", "" },
{ "openid", "" },
{ "email", "" },
{ "profile", "" },
{ "roles", "" }
}
}));
settings.GeneratorSettings.OperationProcessors.Add(new OperationSecurityScopeProcessor("oauth2"));
});
My question is what am I doing wrong?
I have been struggling with this since this morning. Any help is greatly appreciated.
Thanks!
UPDATE 3/21/2019
I figured it out.
change this from
Type = SwaggerSecuritySchemeType.OpenIdConnect
to
Type = SwaggerSecuritySchemeType.OAuth2
I also removed a bunch of stuff like the ff lines
settings.OAuth2Client.AdditionalQueryStringParameters.Add("response_type", "code id_token");
settings.OAuth2Client.AdditionalQueryStringParameters.Add("nonce", "AnyValueShouldBeRandom");
It's now working.
At least on the outside.
Swagger tells me I am already Authenticated:
BUT when I run the application, HttpContext.User.Identity.IsAuthenticated tells me I'm not.
Same question: What am I doing wrong?
我终于可以回答我自己的问题了。
这次我不会对自己太苛刻,因为解决办法并不是很明显,至少对我来说是这样。
显然,
settings.GeneratorSettings.OperationProcessors
应该有一个匹配的
settings.GeneratorSettings.DocumentProcessors
如果我没有足够努力地搜索谷歌或者文档确实不太容易访问,这在一定程度上是我的错。
但这行
settings.GeneratorSettings.OperationProcessors.Add(new OperationSecurityScopeProcessor("oauth2"));
需要匹配。所以替换以下内容
settings.GeneratorSettings.DocumentProcessors.Add(new SecurityDefinitionAppender("Auth Token", new SwaggerSecurityScheme
和
settings.GeneratorSettings.DocumentProcessors.Add(new SecurityDefinitionAppender("oauth2", new SwaggerSecurityScheme
我希望这对其他人有帮助。
| 归档时间: |
|
| 查看次数: |
232 次 |
| 最近记录: |