Add JWT Bearer Authorization to Swagger and ASP.NET Core

 
 

If you have an ASP.NET Core web application that already has JWT authorization, this guide will help you add JWT (JSON Web Token) support to the Swagger UI.

What is Swagger UI?

Swagger UI is a collection of HTML, Javascript and CSS assets that dynamically generates beautiful documentation from a Swagger-compliant API. You can learn more in https://swagger.io/ and in the project’s GitHub repository.

Setup Swagger UI in ASP.NET Core

In order to use Swagger UI in your ASP.NET Core project you need a NuGet package called Swashbuckle.AspNetCore. You can add it to your project either by command line:

 
dotnet add package swashbuckle.aspnetcore

or using the NuGet package manager in Visual Studio:

Then you need to add Swagger support toConfigureServices(IServiceCollection services) and toConfigure(IApplicationBuilder app, IHostingEnvironment env) in your application’s Startup.cs file. To do so, you need to create a SwaggerServiceExtensions class and add the necessary code to support Swagger in your app.

using Microsoft.AspNetCore.Builder;

using Microsoft.Extensions.DependencyInjection;

using Swashbuckle.AspNetCore.Swagger;

namespace JwtSwaggerDemo.Infrastructure

{

    public static class SwaggerServiceExtensions

    {

        public static IServiceCollection AddSwaggerDocumentation(this IServiceCollection services)

        {

            services.AddSwaggerGen(c =>

            {

                c.SwaggerDoc("v1.0", new Info { Title = "Main API v1.0", Version = "v1.0" });

                c.AddSecurityDefinition("Bearer", new ApiKeyScheme

                {

                    Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",

                    Name = "Authorization",

                    In = "header",

                    Type = "apiKey"

                });

            });

            return services;

        }

        public static IApplicationBuilder UseSwaggerDocumentation(this IApplicationBuilder app)

        {

            app.UseSwagger();

            app.UseSwaggerUI(c =>

            {

                c.SwaggerEndpoint("/swagger/v1.0/swagger.json", "Versioned API v1.0");

                c.DocExpansion("none");

            });

            return app;

        }

    }

}

Changes in Startup.cs file

Using the above class, the only thing you need to do in your Startup.cs file is the following:

namespace JwtSwaggerDemo

{

    public class Startup

    {

        // This method gets called by the runtime. Use this method to add services to the container.

        public IServiceProvider ConfigureServices(IServiceCollection services)

        {

            //... rest of services configuration

            services.AddSwaggerDocumentation();

            //...

        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.

        public void Configure(IApplicationBuilder app, IHostingEnvironment env)

        {

            if (env.IsDevelopment())

            {

                //.... rest of app configuration

                app.UseSwaggerDocumentation();

            }

            //.... rest of app configuration

        }

    }

Authorize requests in Swagger UI

Now, when you load the Swagger’s UI address (e.g: https://localhost:44321/swagger/#/), you will see an Authorize button at the top. Clicking on it leads to a modal window, which allows you to authorize your app with a JWT token, by adding Bearer <your_token> in the value input field.

It is like logging in with a user and, therefore, all your next API calls will be using this token to authorize requests.

For swagger 2.x

To support JWT authentication in Swagger 2.x you need to update your code with the following snippet:

 
using Microsoft.AspNetCore.Builder;

using Microsoft.Extensions.DependencyInjection;

using Swashbuckle.AspNetCore.Swagger;

namespace JwtSwaggerDemo.Infrastructure

{

    public static class SwaggerServiceExtensions

    {

        public static IServiceCollection AddSwaggerDocumentation(this IServiceCollection services)

        {

            services.AddSwaggerGen(c =>

            {

                c.SwaggerDoc("v1.0", new Info { Title = "Main API v1.0", Version = "v1.0" });

                // Swagger 2.+ support

                var security = new Dictionary<string, IEnumerable<string>>

                {

                    {"Bearer", new string[] { }},

                };

                c.AddSecurityDefinition("Bearer", new ApiKeyScheme

                {

                    Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",

                    Name = "Authorization",

                    In = "header",

                    Type = "apiKey"

                });

                c.AddSecurityRequirement(security);

            });

            return services;

        }

        public static IApplicationBuilder UseSwaggerDocumentation(this IApplicationBuilder app)

        {

            app.UseSwagger();

            app.UseSwaggerUI(c =>

            {

                c.SwaggerEndpoint("/swagger/v1.0/swagger.json", "Versioned API v1.0");

                c.DocumentTitle = "Title Documentation";

                c.DocExpansion(DocExpansion.None);

            });

            return app;

        }

    }

}

来源:https://ppolyzos.com/2017/10/30/add-jwt-bearer-authorization-to-swagger-and-asp-net-core/

Add JWT Bearer Authorization to Swagger and ASP.NET Core的更多相关文章

  1. 使用JWT的ASP.NET CORE令牌身份验证和授权(无Cookie)——第1部分

    原文:使用JWT的ASP.NET CORE令牌身份验证和授权(无Cookie)--第1部分 原文链接:https://www.codeproject.com/Articles/5160941/ASP- ...

  2. asp.net core使用Swashbuckle.AspNetCore(swagger)生成接口文档

    asp.net core中使用Swashbuckle.AspNetCore(swagger)生成接口文档 Swashbuckle.AspNetCore:swagger的asp.net core实现 项 ...

  3. ASP.NET Core系列:JWT身份认证

    1. JWT概述 JSON Web Token(JWT)是目前流行的跨域身份验证解决方案. JWT的官网地址:https://jwt.io JWT的实现方式是将用户信息存储在客户端,服务端不进行保存. ...

  4. [转]教你实践ASP.NET Core Authorization

    本文转自:http://www.cnblogs.com/rohelm/p/Authorization.html 本文目录 Asp.net Core 对于授权的改动很友好,非常的灵活,本文以MVC为主, ...

  5. ASP.NET Core 2 学习笔记(十三)Swagger

    Swagger也算是行之有年的API文件生成器,只要在API上使用C#的<summary />文件注解标签,就可以产生精美的线上文件,并且对RESTful API有良好的支持.不仅支持生成 ...

  6. Asp.Net Core配置Swagger

    本文主要参考:Using Swagger with ASP.net Core 1.创建WebApi项目 本文使用ASP.Net Core Web API项目模板演示Swagger到使用,首先创建Web ...

  7. ASP.NET Core管道深度剖析(4):管道是如何建立起来的?

    在<管道是如何处理HTTP请求的?>中,我们对ASP.NET Core的请求处理管道的构成以及它对请求的处理流程进行了详细介绍,接下来我们需要了解的是这样一个管道是如何被构建起来的.这样一 ...

  8. Docker & ASP.NET Core (2):定制Docker镜像

    上一篇文章:把代码连接到容器 Dockerfile 在Docker的世界里,我们可以通过一个叫Dockerfile的文件来创建Docker镜像,随后可以运行容器. Dockerfile就是一个文本文件 ...

  9. Asp.net core中的依赖注入

    使用服务 在Asp.net core的Controller中,可以通过如下两种方式获取系统注入的服务: 构造函数 可以直接在构造函数中传入所依赖的服务,这是非常常见的DI注入方式. public Va ...

随机推荐

  1. c++复习——临考前的女娲补天 >=.<

    一些零零散散的知识点... 1.抽象类只能作为其他类的基类,不能建立对象,但抽象类的派生类如果给出纯虚函数的函数体,这个派生类仍然是一个抽象类.//这个好理解 懂了 2.抽象类不能作为参数类型,函数的 ...

  2. Leetcode 7. Reverse Integer(水)

    7. Reverse Integer Easy Given a 32-bit signed integer, reverse digits of an integer. Example 1: Inpu ...

  3. django model 操作总结

    使用场景 一对一:在某表中创建一行数据时,有一个单选的下拉框(下拉框中的内容被用过一次就消失了).//两个表的数据一一对应 例如:原有含10列数据的一张表保存相关信息,经过一段时间之后,10列无法满足 ...

  4. VMware 启动之后发现 eth0不存在

    启动虚拟机之后发现,eth0不存在. 问题现象: 解决办法(我): 1. 查看/etc/sysconfi/network-scripts/ifcfg-eth0的配置是否与外部网络配置一致. 例如NAT ...

  5. 记录redis 存放JSON字符串,在并发操作时读-改-写问题

    问题描述: 这里涉及到的问题其实就是普遍的读-改-写,redis可以保证每个操作的原子性,但是无法保证多个操作的原子性,解决的方法可以使用redis提供的multi和watch命令,具体使用如下:1. ...

  6. UE4从4.15移植到4.16

    如果是旧版本的工程需要移植到4.16,有几个地方需要修改: 假设RC是工程名,修改如下(三个CS文件) 类似的,插件也需要这样修改

  7. linux 搭建环境

    报错:cannot find valid baseurl for repo:base 解决办法: https://blog.csdn.net/banqgg/article/details/782560 ...

  8. IE等浏览器兼容问题解决方案

    <meta http-equiv="X-UA-Compatible" content="IE=100" /> 在<head>标签中添加.

  9. nodejs工作大全

    1.修改文件夹中图片的名称 var fs = require('fs');var fileDirectory = "F:\\zdw\\修改文件夹名称\\newFile";var n ...

  10. 记一次SQL Server delete语句的优化过程

    今天测试反应问题,性能测试环境一个脚本执行了3个小时没有出结果,期间其他dba已经建立了一些索引但是没有效果. 语句: DELETE T  from License T  WHERE exists ( ...