Swashbuckle.aspnetcore: Error in Swagger UI for OAuth2 security definition.

Created on 16 Oct 2019  路  3Comments  路  Source: domaindrivendev/Swashbuckle.AspNetCore

I am getting an error in Swagger UI for such defined security definition:

opt.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
    Description =
        "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
    Name = "Authorization",
    In = ParameterLocation.Header,
    Type = SecuritySchemeType.OAuth2
});

var req = new OpenApiSecurityRequirement();
req.Add(new OpenApiSecurityScheme
{
    Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer"}

}, new List<string>());
opt.AddSecurityRequirement(req);

Browser shows me the message:

Could not render this component, see the console.

And here is what I see in console:

[object Error]: {description: "Unable to get property 'entrySeq' of undefined or null reference", message: "Unable to get property 'entrySeq' of undefined or null reference", number: -2146823281, stack: "TypeError: Unable to get property 'entrySeq' of undefined or null reference at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:71:30372) at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:38996) at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:31190) at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:38517) at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:37534) at ft.prototype.__iterate (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:25552) at Tt.prototype.__iterate (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:37494) at Nt.prototype.__iterate (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:38461) at r.__iterateUncached (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:31155) at ce (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:5707)"}
description: "Unable to get property 'entrySeq' of undefined or null reference"
message: "Unable to get property 'entrySeq' of undefined or null reference"
number: -2146823281
stack: "TypeError: Unable to get property 'entrySeq' of undefined or null reference at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:71:30372) at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:38996) at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:31190) at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:38517) at Anonymous function (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:37534) at ft.prototype.__iterate (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:25552) at Tt.prototype.__iterate (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:37494) at Nt.prototype.__iterate (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:38461) at r.__iterateUncached (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:31155) at ce (http://localhost:53775/identity/swagger/swagger-ui-bundle.js:1:5707)"

VERSION:

5.0.0-rc4

picture voroninp

Most helpful comment

Looks like this is the config you want:

c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
    Type = SecuritySchemeType.Http,
    Scheme = "bearer",
    BearerFormat = "JWT"
});

c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
    {
        new OpenApiSecurityScheme
        {
            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
        },
        new string[] { }
    }
});
picture domaindrivendev on 17 Oct 2019
👍3

All 3 comments

In your scheme definition, you've specified a SecuritySchemType.OAuth2 but you're not providing the list of applicable OAuth Flows.

If you are in fact trying to configure an OAuth2 scheme, then please refer to the readme for instructions on adding OAuth2 metadata to the Swagger/OpenAPI document.

If you're trying to configure some other scheme (I see you've mentioned JWT in your description) then you need to first figure out if it's possible to describe it in Swagger/OpenAPI, independently of Swashbuckle. Once you've figured that out, translating to the Swashbuckle config should be relatively straightforward.

This post here seems like it might be relevant - https://swagger.io/docs/specification/authentication/bearer-authentication/

domaindrivendev picture domaindrivendev on 17 Oct 2019
👍1

Looks like this is the config you want:

c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
    Type = SecuritySchemeType.Http,
    Scheme = "bearer",
    BearerFormat = "JWT"
});

c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
    {
        new OpenApiSecurityScheme
        {
            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
        },
        new string[] { }
    }
});
domaindrivendev picture domaindrivendev on 17 Oct 2019
👍3

@domaindrivendev , yeah, it works this way, thanks.

But what is the purpose of requirement? So Swagger knows which API is protected by this security scheme?

voroninp picture voroninp on 17 Oct 2019
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

m-demydiuk picture m-demydiuk  路  3Comments
jderus picture jderus  路  4Comments
vanillajonathan picture vanillajonathan  路  3Comments
voroninp picture voroninp  路  3Comments
michael-x picture michael-x  路  3Comments