Swashbuckle .NET Core 2 中 JWT 承载的授权

本文介绍了Swashbuckle .NET Core 2 中 JWT 承载的授权的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我使用身份验证服务为我的应用生成的令牌.那里没有问题.现在我已经介绍了 Swashbuckle 来记录我的 API，我可以通过使用此代码在每个请求中发送 JWT 来进行如下身份验证；

I use tokens generated by an authentication service for my app. No problems there. Now I have introduced Swashbuckle to document my API an I can authenticate as follows by sending the JWT with every request using this code;

services.AddSwaggerGen(c => { var a = new ApiKeyScheme(); //c.AddSecurityDefinition("Bearer", new ApiKeyScheme() //{ In = "header", Description = "Please insert JWT with Bearer into field", Name = "Authorization", Type = "apiKey" }); c.OperationFilter<AuthorizationHeaderParameterOperationFilter>(); c.SwaggerDoc("v2", new Info { Version = "v2", Title = "MyTitle", Description = "An interface for ...", TermsOfService = "None", Contact = new Contact() { Name = "MyApp", Email = "a@example", Url = "www.example" } }); // Set the comments path for the Swagger JSON and UI. var basePath = AppContext.BaseDirectory; var xmlPath = Path.Combine(basePath, "cpDataCore.xml"); c.IncludeXmlComments(xmlPath); }); public class AuthorizationHeaderParameterOperationFilter : IOperationFilter { public void Apply(Operation operation, OperationFilterContext context) { var filterPipeline = context.ApiDescription.ActionDescriptor.FilterDescriptors; var isAuthorized = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is AuthorizeFilter); var allowAnonymous = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is IAllowAnonymousFilter); if (isAuthorized && !allowAnonymous) { if (operation.Parameters == null) operation.Parameters = new List<IParameter>(); operation.Parameters.Add(new NonBodyParameter { Name = "Authorization", In = "header", Description = "access token", Required = true, Type = "string" }); } } }

这给了我以下标题 - 正如预期的那样

Which gives me the following header - as expected

accept:application/json Accept-Encoding:gzip, deflate, br Accept-Language:en-AU,en;q=0.9 Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9naXZlbm5hbWUiOiJEZW5uaXMiLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9zdXJuYW1lIjoiR2FzY29pZ25lIiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZSI6ImRlbm5pc2ciLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9zaWQiOiI1NCIsIlJlZnJlc2hUb2tlbiI6IjY5OTA1NTFmLTNhOTQtNDVmYi1hYjc2LTZlOTQyNGE3NjJmOCIsIkFsbERhdGFSZWFkT25seUZvckFwcHJvdmVycyI6IlRydWUiLCJQcm9qZWN0SUQiOiI2IiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoic3lzYWRtaW4iLCJuYmYiOjE1MTk2MzY2NDIsImV4cCI6MTUxOTYzODQ0MiwiaXNzIjoiaHR0cHM6Ly9kYXRhLmNpdmlscHJvc29mdHdhcmUuY29tLyIsImF1ZCI6Imh0dHBzOi8vcm1zLmNpdmlscHJvc29mdHdhcmUuY29tLyJ9.nBEZgzcmZVGhFJmKI8u7p7g7xPU13HEAGJu_lrWylnc Connection:keep-alive Cookie:username=demo; jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9naXZlbm5hbWUiOiJUcm95IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvc3VybmFtZSI6IkVsZGVyIiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZSI6InRyb3kiLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9zaWQiOiI1IiwiUmVmcmVzaFRva2VuIjoiMTNhNzRmNDQtNmVmOC00MDQ3LTlmYWYtOWQ3MzI4MmNhZjQ4IiwiUHJvamVjdElEIjoiLTEiLCJuYmYiOjE1MDUwOTc3MjEsImV4cCI6MTUwNTA5ODYyMSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo2MDAwMC8iLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjYwMDAwLyJ9.8You0XiUlvdHb2TRuDzaiXv6r74v7ga1Av_Z3ikmblU Host:localhost:60000 Referer:localhost:60000/swagger/ User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.167 Safari/537.36

虽然，我不确定 Cookie 是从哪里来的.这与我的代码无关.我只是忽略它 - 到目前为止一切都很好.

Although, I am not sure where the Cookie is coming from. That is nothing to do with my code. I just ignore it - so far so good.

问题在于，这意味着每次请求都必须输入令牌，这很痛苦.理想情况下，我想使用内置的 swagger 接口进行身份验证 - 根据几篇文章，我应该能够做到这一点；

The problem is that this means the token has to be entered with every request which is a pain. Ideally, I would want to authenticate using the inbuilt swagger interface - according to several articles, I should be able to do this;

c.AddSecurityDefinition("Bearer", new ApiKeyScheme() { In = "header", Description = "Please insert JWT with Bearer into field", Name = "Authorization", Type = "apiKey" });

这很好用，我可以添加令牌，我似乎缺少将令牌添加到每个请求的标头的步骤.如果我只是添加身份验证，那么这会给我以下标头，这当然无法通过身份验证.

This works fine, and I can add the token, there just seems to be a step I am missing to add the token to the header of every request. If I just add the auth, then this gives me the following header, which of course fails the authentication.

GET /api/ApprovalItemTypes HTTP/1.1 Host: localhost:60000 Connection: keep-alive accept: application/json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.167 Safari/537.36 Referer: localhost:60000/swagger/ Accept-Encoding: gzip, deflate, br Accept-Language: en-AU,en;q=0.9 Cookie: username=demo; jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW5_xxx__LTEiLCJuYmYiOjE1MDUwOTc3MjEsImV4cCI6MTUwNTA5ODYyMSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo2MDAwMC8iLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjYwMDAwLyJ9.8You0XiUlvdHb2TRuDzaiXv6r74v7ga1Av_Z3ikmblU

为了让请求包含每个后续请求的令牌，我还需要做什么?

What else do I need to do in order to get the request to include the token for every subsequent request?

推荐答案

最后我搬到了 NSwag，所以我不确定最初的问题是什么.Nswag中的解决方案如下；

In the end I moved to NSwag so I am not sure what the original issue was. The solution in Nswag is as follows;

services.AddSwaggerDocument(document => { document.DocumentName = "CPSwagger"; document.Title = "My Mobile API"; document.Version = "v10.3.4"; document.Description = "An interface for some software."; document.DocumentProcessors.Add( new SecurityDefinitionAppender("JWT token", new NSwag.OpenApiSecurityScheme { Type = NSwag.OpenApiSecuritySchemeType.ApiKey, Name = "Authorization", Description = "Copy 'Bearer ' + valid JWT token into field", In = NSwag.OpenApiSecurityApiKeyLocation.Header })); document.OperationProcessors.Add(new OperationSecurityScopeProcessor("JWT token")); });