2

I want to generate swagger document that puts authorization token to header after loging in successfully with authorization button. I used Password flow with TokenUrl to link the login API to the authorization button

My configs in code

startup.cs

        public void ConfigureServices(IServiceCollection services)
        {
            // this endpoint links to login API, require user name and password
            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new OpenApiInfo { Title = "API", Version = "1.0.0" });
                var uri = new Uri("/api/Account/IdentityLoginRequestFormData", UriKind.Relative);
                c.AddSecurityDefinition("basic", new OpenApiSecurityScheme
                {
                    // ..........
                    Type = SecuritySchemeType.OAuth2,
                    Name = "Authorization",
                    Flows = new OpenApiOAuthFlows
                    {
                        Password = new OpenApiOAuthFlow
                        {
                            TokenUrl = uri,
                        }
                    },
                    In = ParameterLocation.Header,
                    Scheme = "basic"
                });
                c.OperationFilter<SecureEndpointAuthRequirementFilter>();
            });

            // ...................
        }

SecureEndpointAuthRequirementFilter is the class that filters all controller actions with Authorized attribute on it

controller.cs

    [Route("api/[controller]")]
    public class TestController : BaseAPIController
    {
        public TestController(IRepository repository) : base(repository)
        { }
        [Authorize(AuthenticationSchemes = "BearerScheme")]
        [HttpGet("secure")]
        public IActionResult GetSomethingPrivate()
        {
            return Ok("secret");
        }

        [HttpGet("public")]
        public IActionResult GetSomethingPublic()
        {
            return Ok("hey");
        }
    }

after login using authorization button, and use postman to send secure request to /api/test/secure endpoint, it shows the error response body

can't parse JSON.  Raw result:

No authentication handlers are registered. Did you forget to call AddAuthentication().Add[SomeAuthHandler]("BearerScheme",...)?

Did I do something wrong or missing something in configuration Thanks

Helen
  • 87,344
  • 17
  • 243
  • 314
Ming Hieu
  • 149
  • 3
  • 13
  • 2
    And did you forget to call it? – ProgrammingLlama Mar 25 '22 at 07:57
  • I don't know what i'm missing in my code – Ming Hieu Mar 25 '22 at 08:08
  • Can you show the code for setting up your authentication stuff? – ProgrammingLlama Mar 25 '22 at 08:13
  • I only use `services.AddAuthentication("BearerScheme");` to setup authentication in `ConfigureServices`, and `app.UseAuthentication();` in `Configure` function – Ming Hieu Mar 25 '22 at 08:15
  • Remove this line `[Authorize(AuthenticationSchemes = "BearerScheme")]`, it will work. And I don't know how to use `Authorize` in swagger. pls [refer this post](https://stackoverflow.com/questions/43447688/setting-up-swagger-asp-net-core-using-the-authorization-headers-bearer), hope it will useful to you. – Jason Pan Mar 28 '22 at 08:49

0 Answers0