Swashbuckle.aspnetcore: 5.0.0-rc2 - Authorization Header not being send from UI
Similar to #1022 but I am trying to use JWT bearer authentication.
After clicking the Authorize button the UI, and entering the value of the header, when executing a request from the UI, no Authentication header is appended to the request, or present in the curl command.
Here is my setup:
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1.0", new Microsoft.OpenApi.Models.OpenApiInfo { Title = "Main API v1.0", Version = "v1.0" });
var scheme = new OpenApiSecurityScheme
{
Description = "JWT Authorization header using the Bearer scheme.",
Name = "Authorization",
In = ParameterLocation.Header,
Scheme = "Bearer",
Type = SecuritySchemeType.Http,
BearerFormat = "Bearer {token}"
};
var requirement = new OpenApiSecurityRequirement();
requirement.Add(scheme, new List<string>());
c.AddSecurityDefinition("Bearer", scheme);
c.AddSecurityRequirement(requirement);
});
Here is the generated spec:
{
"openapi": "3.0.1",
"info": {
"title": "Main API v1.0",
"version": "v1.0"
},
"paths": {
"/api/FileOnServerAuthApi": {
"post": {
"tags": [
"FileOnServerAuthApi"
],
"requestBody": {
"content": {
"application/json-patch+json": {
"schema": {
"$ref": "#/components/schemas/AuthenticateViewModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/AuthenticateViewModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/AuthenticateViewModel"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/AuthenticateViewModel"
}
}
}
},
"responses": {
"200": {
"description": "Success"
}
}
}
},
"/api/PlatformSetup/ValidateDatabaseConnection": {
"post": {
"tags": [
"PlatformSetup"
],
"requestBody": {
"content": {
"application/json-patch+json": {
"schema": {
"$ref": "#/components/schemas/DatabaseConnectionModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/DatabaseConnectionModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/DatabaseConnectionModel"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/DatabaseConnectionModel"
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ValidateResponse"
}
}
}
}
}
}
},
"/api/PlatformSetup/Configure": {
"post": {
"tags": [
"PlatformSetup"
],
"requestBody": {
"content": {
"application/json-patch+json": {
"schema": {
"$ref": "#/components/schemas/PlatformSetupModel"
}
},
"application/json": {
"schema": {
"$ref": "#/components/schemas/PlatformSetupModel"
}
},
"text/json": {
"schema": {
"$ref": "#/components/schemas/PlatformSetupModel"
}
},
"application/*+json": {
"schema": {
"$ref": "#/components/schemas/PlatformSetupModel"
}
}
}
},
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ValidateResponse"
}
}
}
}
}
}
}
},
"components": {
"schemas": {
"AuthenticateViewModel": {
"required": [
"code"
],
"type": "object",
"properties": {
"code": {
"type": "string"
}
},
"additionalProperties": false
},
"DatabaseConnectionModel": {
"type": "object",
"properties": {
"connectionString": {
"type": "string"
}
},
"additionalProperties": false
},
"ValidateResponse": {
"type": "object",
"properties": {
"success": {
"type": "boolean"
}
},
"additionalProperties": false
},
"PlatformSetupModel": {
"required": [
"email",
"password",
"tenantName"
],
"type": "object",
"properties": {
"tenantName": {
"type": "string"
},
"email": {
"pattern": "\\w+([-+.']\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*",
"type": "string"
},
"password": {
"type": "string"
}
},
"additionalProperties": false
}
},
"securitySchemes": {
"Bearer": {
"type": "http",
"description": "JWT Authorization header using the Bearer scheme.",
"scheme": "Bearer",
"bearerFormat": "Bearer {token}"
}
}
},
"security": [
{ }
]
}
And here is the asp.net core controller method with authorise attribute:
[ApiController]
[Produces("application/json")]
[Authorize(Roles="Platform Admin")]
[Route("api/[controller]")]
public class PlatformSetupController : ControllerBase
{
[HttpPost("[action]")]
public ValidateResponse ValidateDatabaseConnection(DatabaseConnectionModel databaseConnectionModel)
{
// todo:
if (ModelState.IsValid)
{
return new ValidateResponse()
{
Success = true
};
}
else
{
return new ValidateResponse()
{
Success = true
};
}
}
}
dazinator
All 2 comments
You can try
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Description = "JWT Authorization header using the Bearer scheme.",
Name = "Authorization",
In = ParameterLocation.Header,
Scheme = "bearer",
Type = SecuritySchemeType.Http,
BearerFormat = "JWT"
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
},
new List<string>()
}
});
It works for me.
xcaptain
on 12 Jun 2019
👍7
thanks @xcaptain - that works!
dazinator
on 13 Jun 2019
Was this page helpful?
0 / 5 - 0 ratings
Related issues
jderus
路
4Comments
tibitoth
路
3Comments
rgelb
路
3Comments
brucewilkins
路
3Comments
jluqueba
路
4Comments
Most helpful comment
You can try
It works for me.