Nswag: Implicit flow using "id_token" rather than "token"

Created on 8 Jul 2019  路  9Comments  路  Source: RicoSuter/NSwag

I am using Azure Active Directory and to get the correct token response I need to change the current "response_type" from "token" to "id_token", how can I achieve this?

question
Source
picture Meberem

All 9 comments

Can you show what the current spec is and the expected one?

RicoSuter picture RicoSuter on 17 Jul 2019

Does this help: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow#send-the-sign-in-request

The table with the parameters expected in the request is a little further down.

Meberem picture Meberem on 17 Jul 2019

How did you configure the spec?

RicoSuter picture RicoSuter on 17 Jul 2019

Where do you need this? In swagger ui?

RicoSuter picture RicoSuter on 17 Jul 2019

Yes I was hoping to have this in available for Swagger UI, it looks like they expose an x-tokenName property that I think acomplishes it. Sorry if I am not clear I am not super well versed in this

For completeness

Startup.cs

services
    .AddOpenApiDocument((options, serviceProvider) =>
    {
        options.AddSecurity("bearer", new string[0], new OpenApiSecurityScheme
        {
            Type = OpenApiSecuritySchemeType.OAuth2,
            Description = "Bearer authentication using Azure Active Directory",
            Flow = OpenApiOAuth2Flow.Implicit,
            AuthorizationUrl = $"{Configuration["Authentication:BaseUrl"]}/oauth2/v2.0/authorize?nonce=SWAGGER",
            Scopes = new Dictionary<string, string>
            {
                [$"{Configuration["Authentication:ClientId"] ?? "CLIENT_ID"}/.default"] = "The resource we are accessing"
            }
        });

        options.OperationProcessors.Add(new AspNetCoreOperationSecurityScopeProcessor("JWT token"));
    });

app
    .UseSwaggerUi3(settings =>
    {
        settings.OAuth2Client = new OAuth2ClientSettings
        {
            ClientId = Configuration["Authentication:ClientId"],
        };
    });

/swagger/v1/swagger.json

"securitySchemes": {
  "bearer": {
    "type": "oauth2",
    "description": "Bearer authentication using Azure Active Directory",
    "flows": {
      "implicit": {
        "authorizationUrl": "**snip**/oauth2/v2.0/authorize?nonce=SWAGGER",
        "scopes": {
          "**snip**/.default": "The resource we are accessing"
        }
      }
    }
  }
}
Meberem picture Meberem on 17 Jul 2019

So you'd do this:

```
options.AddSecurity("bearer", new string[0], new OpenApiSecurityScheme
{
Type = OpenApiSecuritySchemeType.OAuth2,
ExtensionData = { { "x-tokenName", "id_token" } },
...

RicoSuter picture RicoSuter on 17 Jul 2019

With that I can see it has been added to the swagger definition, yay! Now its just down to swagger ui to use that for OpenAPI3 documents.

Thank you so much for your help

Meberem picture Meberem on 17 Jul 2019
🎉1

Is it supported now? I am having similar issues. Because swagger ui always uses token response type

hypervtechnics picture hypervtechnics on 20 Feb 2020

@hypervtechnics The answer above works but the syntax changed a bit:

ExtensionData = new Dictionary<string, object>
{
    { "x-tokenName", "access_token" }
}
iTiamo picture iTiamo on 23 Oct 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

alanedwardes picture alanedwardes  路  3Comments
BlackGad picture BlackGad  路  4Comments
Zshazz picture Zshazz  路  4Comments
p0wertiger picture p0wertiger  路  3Comments
akamyshanov picture akamyshanov  路  4Comments