我有一个Web API(ASP.NET核心),我正在尝试调整swagger来进行调用.这些调用必须包含Authorization标头,我正在使用Bearer身份验证.来自Postman等第三方应用的电话也没问题.但我遇到了设置swagger标头的问题(由于某种原因我没有收到标头).这就是现在的样子:
"host": "localhost:50352",
"basePath": "/" ,
"schemes": [
"http",
"https"
],
"securityDefinitions": {
"Bearer": {
"name": "Authorization",
"in": "header",
"type": "apiKey",
"description": "HTTP/HTTPS Bearer"
}
},
"paths": {
"/v1/{subAccountId}/test1": {
"post": {
"tags": [
"auth"
],
"operationId": "op1",
"consumes": ["application/json", "application/html"],
"produces": ["application/json", "application/html"],
"parameters": [
{
"name": "subAccountId",
"in": "path",
"required": true,
"type": "string"
}
],
"security":[{
"Bearer": []
}],
"responses": {
"204": {
"description": "No Content"
},
"400": {
"description": "BadRequest",
"schema": {
"$ref": "#/definitions/ErrorResponse"
}
}, …我已经使用ASP.NET Core开发了Web API,并且需要能够对同一服务使用基本身份验证和承载身份验证方案。由于某种原因,它不起作用:它始终将呼叫视为承载者。这是我的代码:
这是我在控制器中拥有的属性:
[Authorize(ActiveAuthenticationSchemes = "Basic,Bearer")]
[ResponseCache(NoStore = true, Duration = 0, VaryByHeader = "Authorization")]
这是我的startup.cs:
这部分是针对基本身份验证的:
app.UseBasicAuthentication(new BasicAuthenticationOptions
{
AutomaticAuthenticate = false,
AutomaticChallenge = false,
Realm = "test",
Events = new BasicAuthenticationEvents
{
OnValidateCredentials = context =>
{
if (svc.IsValidCredential(context.Username, context.Password))
{
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, context.Username),
new Claim(ClaimTypes.Name, context.Username)
};
context.Ticket = new AuthenticationTicket(
new ClaimsPrincipal(
new ClaimsIdentity(claims, context.Options.AuthenticationScheme)),
new AuthenticationProperties(),
context.Options.AuthenticationScheme);
}
return Task.FromResult<object>(null);
}
}
});
和这段用于承载身份验证的代码:
app.UseAPIKeyAuthentication(new BearerApiKeyOptions
{
AuthenticationScheme = …authentication asp.net-mvc basic-authentication bearer-token asp.net-core