<tfoot id='gMQEn'></tfoot>

    1. <legend id='gMQEn'><style id='gMQEn'><dir id='gMQEn'><q id='gMQEn'></q></dir></style></legend>
      <i id='gMQEn'><tr id='gMQEn'><dt id='gMQEn'><q id='gMQEn'><span id='gMQEn'><b id='gMQEn'><form id='gMQEn'><ins id='gMQEn'></ins><ul id='gMQEn'></ul><sub id='gMQEn'></sub></form><legend id='gMQEn'></legend><bdo id='gMQEn'><pre id='gMQEn'><center id='gMQEn'></center></pre></bdo></b><th id='gMQEn'></th></span></q></dt></tr></i><div id='gMQEn'><tfoot id='gMQEn'></tfoot><dl id='gMQEn'><fieldset id='gMQEn'></fieldset></dl></div>
    2. <small id='gMQEn'></small><noframes id='gMQEn'>

      • <bdo id='gMQEn'></bdo><ul id='gMQEn'></ul>

      Swashbuckle .NET Core 2 中 JWT 承载的授权

      时间:2023-06-03

        <small id='K4JTl'></small><noframes id='K4JTl'>

          • <tfoot id='K4JTl'></tfoot>
          • <i id='K4JTl'><tr id='K4JTl'><dt id='K4JTl'><q id='K4JTl'><span id='K4JTl'><b id='K4JTl'><form id='K4JTl'><ins id='K4JTl'></ins><ul id='K4JTl'></ul><sub id='K4JTl'></sub></form><legend id='K4JTl'></legend><bdo id='K4JTl'><pre id='K4JTl'><center id='K4JTl'></center></pre></bdo></b><th id='K4JTl'></th></span></q></dt></tr></i><div id='K4JTl'><tfoot id='K4JTl'></tfoot><dl id='K4JTl'><fieldset id='K4JTl'></fieldset></dl></div>
              <tbody id='K4JTl'></tbody>
              <bdo id='K4JTl'></bdo><ul id='K4JTl'></ul>

            • <legend id='K4JTl'><style id='K4JTl'><dir id='K4JTl'><q id='K4JTl'></q></dir></style></legend>
                本文介绍了Swashbuckle .NET Core 2 中 JWT 承载的授权的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

                问题描述

                限时送ChatGPT账号..

                我使用身份验证服务为我的应用生成的令牌.那里没有问题.现在我已经介绍了 Swashbuckle 来记录我的 API,我可以通过使用此代码在每个请求中发送 JWT 来进行如下身份验证;

                I use tokens generated by an authentication service for my app. No problems there. Now I have introduced Swashbuckle to document my API an I can authenticate as follows by sending the JWT with every request using this code;

                services.AddSwaggerGen(c =>
                {
                    var a = new ApiKeyScheme();
                    //c.AddSecurityDefinition("Bearer", new ApiKeyScheme()
                    //{ In = "header", Description = "Please insert JWT with Bearer into field", Name = "Authorization", Type = "apiKey" });
                
                    c.OperationFilter<AuthorizationHeaderParameterOperationFilter>();
                
                    c.SwaggerDoc("v2", new Info
                    {
                        Version = "v2",
                        Title = "MyTitle",
                        Description = "An interface for ...",
                        TermsOfService = "None",
                        Contact = new Contact() { Name = "MyApp", Email = "a@example.com", Url = "www.example.com" }
                    });
                    // Set the comments path for the Swagger JSON and UI.
                    var basePath = AppContext.BaseDirectory;
                    var xmlPath = Path.Combine(basePath, "cpDataCore.xml");
                    c.IncludeXmlComments(xmlPath);
                });
                
                public class AuthorizationHeaderParameterOperationFilter : IOperationFilter
                {
                    public void Apply(Operation operation, OperationFilterContext context)
                    {
                        var filterPipeline = context.ApiDescription.ActionDescriptor.FilterDescriptors;
                        var isAuthorized = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is AuthorizeFilter);
                        var allowAnonymous = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is IAllowAnonymousFilter);
                
                        if (isAuthorized && !allowAnonymous)
                        {
                            if (operation.Parameters == null)
                                operation.Parameters = new List<IParameter>();
                
                            operation.Parameters.Add(new NonBodyParameter
                            {
                                Name = "Authorization",
                                In = "header",
                                Description = "access token",
                                Required = true,
                                Type = "string"
                            });
                        }
                    }
                }
                

                这给了我以下标题 - 正如预期的那样

                Which gives me the following header - as expected

                accept:application/json
                Accept-Encoding:gzip, deflate, br
                Accept-Language:en-AU,en;q=0.9
                Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9naXZlbm5hbWUiOiJEZW5uaXMiLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9zdXJuYW1lIjoiR2FzY29pZ25lIiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZSI6ImRlbm5pc2ciLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9zaWQiOiI1NCIsIlJlZnJlc2hUb2tlbiI6IjY5OTA1NTFmLTNhOTQtNDVmYi1hYjc2LTZlOTQyNGE3NjJmOCIsIkFsbERhdGFSZWFkT25seUZvckFwcHJvdmVycyI6IlRydWUiLCJQcm9qZWN0SUQiOiI2IiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9yb2xlIjoic3lzYWRtaW4iLCJuYmYiOjE1MTk2MzY2NDIsImV4cCI6MTUxOTYzODQ0MiwiaXNzIjoiaHR0cHM6Ly9kYXRhLmNpdmlscHJvc29mdHdhcmUuY29tLyIsImF1ZCI6Imh0dHBzOi8vcm1zLmNpdmlscHJvc29mdHdhcmUuY29tLyJ9.nBEZgzcmZVGhFJmKI8u7p7g7xPU13HEAGJu_lrWylnc
                Connection:keep-alive
                Cookie:username=demo; jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9naXZlbm5hbWUiOiJUcm95IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvc3VybmFtZSI6IkVsZGVyIiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZSI6InRyb3kiLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9zaWQiOiI1IiwiUmVmcmVzaFRva2VuIjoiMTNhNzRmNDQtNmVmOC00MDQ3LTlmYWYtOWQ3MzI4MmNhZjQ4IiwiUHJvamVjdElEIjoiLTEiLCJuYmYiOjE1MDUwOTc3MjEsImV4cCI6MTUwNTA5ODYyMSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo2MDAwMC8iLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjYwMDAwLyJ9.8You0XiUlvdHb2TRuDzaiXv6r74v7ga1Av_Z3ikmblU
                Host:localhost:60000
                Referer:http://localhost:60000/swagger/
                User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.167 Safari/537.36
                

                虽然,我不确定 Cookie 是从哪里来的.这与我的代码无关.我只是忽略它 - 到目前为止一切都很好.

                Although, I am not sure where the Cookie is coming from. That is nothing to do with my code. I just ignore it - so far so good.

                问题在于,这意味着每次请求都必须输入令牌,这很痛苦.理想情况下,我想使用内置的 swagger 接口进行身份验证 - 根据几篇文章,我应该能够做到这一点;

                The problem is that this means the token has to be entered with every request which is a pain. Ideally, I would want to authenticate using the inbuilt swagger interface - according to several articles, I should be able to do this;

                c.AddSecurityDefinition("Bearer", new ApiKeyScheme()
                { In = "header", Description = "Please insert JWT with Bearer into field", Name = "Authorization", Type = "apiKey" });
                

                这很好用,我可以添加令牌,我似乎缺少将令牌添加到每个请求的标头的步骤.如果我只是添加身份验证,那么这会给我以下标头,这当然无法通过身份验证.

                This works fine, and I can add the token, there just seems to be a step I am missing to add the token to the header of every request. If I just add the auth, then this gives me the following header, which of course fails the authentication.

                GET /api/ApprovalItemTypes HTTP/1.1
                Host: localhost:60000
                Connection: keep-alive
                accept: application/json
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.167 Safari/537.36
                Referer: http://localhost:60000/swagger/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-AU,en;q=0.9
                Cookie: username=demo; jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW5_xxx__LTEiLCJuYmYiOjE1MDUwOTc3MjEsImV4cCI6MTUwNTA5ODYyMSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo2MDAwMC8iLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjYwMDAwLyJ9.8You0XiUlvdHb2TRuDzaiXv6r74v7ga1Av_Z3ikmblU
                

                为了让请求包含每个后续请求的令牌,我还需要做什么?

                What else do I need to do in order to get the request to include the token for every subsequent request?

                推荐答案

                最后我搬到了 NSwag,所以我不确定最初的问题是什么.Nswag中的解决方案如下;

                In the end I moved to NSwag so I am not sure what the original issue was. The solution in Nswag is as follows;

                    services.AddSwaggerDocument(document =>
                        {
                            document.DocumentName = "CPSwagger";
                            document.Title = "My Mobile API";
                            document.Version = "v10.3.4";
                            document.Description = "An interface for some software.";
                
                            document.DocumentProcessors.Add(
                                new SecurityDefinitionAppender("JWT token", new NSwag.OpenApiSecurityScheme
                                {
                                    Type = NSwag.OpenApiSecuritySchemeType.ApiKey,
                                    Name = "Authorization",
                                    Description = "Copy 'Bearer ' + valid JWT token into field",
                                    In = NSwag.OpenApiSecurityApiKeyLocation.Header
                                }));
                            document.OperationProcessors.Add(new OperationSecurityScopeProcessor("JWT token"));
                        });
                

                这篇关于Swashbuckle .NET Core 2 中 JWT 承载的授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!

                上一篇:.NET JWT 令牌验证的命名空间:系统与 Microsoft 下一篇:无法访问 JWT 令牌 .NET Core 中的角色

                相关文章

                最新文章

                    <bdo id='Jwlgy'></bdo><ul id='Jwlgy'></ul>
                1. <tfoot id='Jwlgy'></tfoot>

                    <i id='Jwlgy'><tr id='Jwlgy'><dt id='Jwlgy'><q id='Jwlgy'><span id='Jwlgy'><b id='Jwlgy'><form id='Jwlgy'><ins id='Jwlgy'></ins><ul id='Jwlgy'></ul><sub id='Jwlgy'></sub></form><legend id='Jwlgy'></legend><bdo id='Jwlgy'><pre id='Jwlgy'><center id='Jwlgy'></center></pre></bdo></b><th id='Jwlgy'></th></span></q></dt></tr></i><div id='Jwlgy'><tfoot id='Jwlgy'></tfoot><dl id='Jwlgy'><fieldset id='Jwlgy'></fieldset></dl></div>
                  1. <legend id='Jwlgy'><style id='Jwlgy'><dir id='Jwlgy'><q id='Jwlgy'></q></dir></style></legend>

                  2. <small id='Jwlgy'></small><noframes id='Jwlgy'>