swagger filters
This commit is contained in:
Tizian.Breuch
@@ -11,6 +11,8 @@ using Webshop.Infrastructure.Data;
|
|||||||
using Webshop.Infrastructure.Repositories;
|
using Webshop.Infrastructure.Repositories;
|
||||||
using Microsoft.AspNetCore.HttpOverrides;
|
using Microsoft.AspNetCore.HttpOverrides;
|
||||||
using Microsoft.Extensions.Logging;
|
using Microsoft.Extensions.Logging;
|
||||||
|
using Microsoft.OpenApi.Models;
|
||||||
|
using Webshop.Api.SwaggerFilters;
|
||||||
|
|
||||||
var builder = WebApplication.CreateBuilder(args);
|
var builder = WebApplication.CreateBuilder(args);
|
||||||
|
|
||||||
@@ -70,7 +72,39 @@ builder.Services.AddScoped<AdminProductService>();
|
|||||||
// 5. Controller und Swagger/OpenAPI hinzuf<75>gen
|
// 5. Controller und Swagger/OpenAPI hinzuf<75>gen
|
||||||
builder.Services.AddControllers();
|
builder.Services.AddControllers();
|
||||||
builder.Services.AddEndpointsApiExplorer();
|
builder.Services.AddEndpointsApiExplorer();
|
||||||
builder.Services.AddSwaggerGen();
|
|
||||||
|
builder.Services.AddSwaggerGen(c =>
|
||||||
|
{
|
||||||
|
// 1. JWT Security Definition hinzuf<75>gen
|
||||||
|
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
|
||||||
|
{
|
||||||
|
Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
|
||||||
|
Name = "Authorization",
|
||||||
|
In = ParameterLocation.Header, // Der Token wird im Header gesendet
|
||||||
|
Type = SecuritySchemeType.Http, // Dies ist ein HTTP-Schema
|
||||||
|
Scheme = "Bearer" // Das Schema ist "Bearer"
|
||||||
|
});
|
||||||
|
|
||||||
|
// 2. Security Requirement f<>r alle Operationen hinzuf<75>gen
|
||||||
|
c.AddSecurityRequirement(new OpenApiSecurityRequirement
|
||||||
|
{
|
||||||
|
{
|
||||||
|
new OpenApiSecurityScheme
|
||||||
|
{
|
||||||
|
Reference = new OpenApiReference
|
||||||
|
{
|
||||||
|
Type = ReferenceType.SecurityScheme,
|
||||||
|
Id = "Bearer" // Verweist auf die oben definierte "Bearer" Sicherheit
|
||||||
|
}
|
||||||
|
},
|
||||||
|
new string[] {} // Keine spezifischen "Scopes" f<>r JWT (leer lassen)
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
// 3. Optional: Filtern und Anzeigen von Autorisierungsinformationen (Rollen)
|
||||||
|
// Damit Swagger die "Authorize"-Informationen von Ihren Controllern anzeigt.
|
||||||
|
c.OperationFilter<AuthorizeOperationFilter>();
|
||||||
|
});
|
||||||
|
|
||||||
// --- ENDE: DIENSTE ZUM CONTAINER HINZUF<55>GEN ---
|
// --- ENDE: DIENSTE ZUM CONTAINER HINZUF<55>GEN ---
|
||||||
|
|
||||||
|
|||||||
65
Webshop.Api/SwaggerFilters/AuthorizeOperationFilter.cs
Normal file
65
Webshop.Api/SwaggerFilters/AuthorizeOperationFilter.cs
Normal file
@@ -0,0 +1,65 @@
|
|||||||
|
// src/Webshop.Api/SwaggerFilters/AuthorizeOperationFilter.cs
|
||||||
|
using Microsoft.AspNetCore.Authorization;
|
||||||
|
using Microsoft.OpenApi.Models;
|
||||||
|
using Swashbuckle.AspNetCore.SwaggerGen;
|
||||||
|
using System.Linq; // Für .Any(), .Union(), .Select()
|
||||||
|
using System.Collections.Generic; // Für List<string>
|
||||||
|
|
||||||
|
namespace Webshop.Api.SwaggerFilters
|
||||||
|
{
|
||||||
|
public class AuthorizeOperationFilter : IOperationFilter
|
||||||
|
{
|
||||||
|
public void Apply(OpenApiOperation operation, OperationFilterContext context)
|
||||||
|
{
|
||||||
|
// Überprüfe, ob die Methode oder der Controller ein [Authorize]-Attribut hat
|
||||||
|
// und kein [AllowAnonymous]-Attribut.
|
||||||
|
var authorizeAttributes = context.MethodInfo.DeclaringType.GetCustomAttributes(true)
|
||||||
|
.Union(context.MethodInfo.GetCustomAttributes(true))
|
||||||
|
.OfType<AuthorizeAttribute>();
|
||||||
|
|
||||||
|
var allowAnonymousAttributes = context.MethodInfo.DeclaringType.GetCustomAttributes(true)
|
||||||
|
.Union(context.MethodInfo.GetCustomAttributes(true))
|
||||||
|
.OfType<AllowAnonymousAttribute>();
|
||||||
|
|
||||||
|
// Wenn Authorize-Attribute vorhanden sind UND kein AllowAnonymous-Attribut (für die Operation)
|
||||||
|
if (authorizeAttributes.Any() && !allowAnonymousAttributes.Any())
|
||||||
|
{
|
||||||
|
// Füge ein "lock" Symbol in Swagger UI hinzu
|
||||||
|
operation.Security = new List<OpenApiSecurityRequirement>
|
||||||
|
{
|
||||||
|
new OpenApiSecurityRequirement
|
||||||
|
{
|
||||||
|
{
|
||||||
|
new OpenApiSecurityScheme
|
||||||
|
{
|
||||||
|
Reference = new OpenApiReference
|
||||||
|
{
|
||||||
|
Type = ReferenceType.SecurityScheme,
|
||||||
|
Id = "Bearer" // Verweis auf die JWT-Definition in Program.cs
|
||||||
|
}
|
||||||
|
},
|
||||||
|
new List<string>() // Scopes, hier leer für JWT
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
// Füge Rolleninformationen zur Beschreibung des Endpunkts hinzu (optional, aber hilfreich)
|
||||||
|
var requiredRoles = authorizeAttributes
|
||||||
|
.Select(attr => attr.Roles)
|
||||||
|
.Where(roles => !string.IsNullOrWhiteSpace(roles))
|
||||||
|
.SelectMany(roles => roles.Split(','))
|
||||||
|
.Distinct()
|
||||||
|
.ToList();
|
||||||
|
|
||||||
|
if (requiredRoles.Any())
|
||||||
|
{
|
||||||
|
operation.Summary += $" (Auth Required: {string.Join(", ", requiredRoles)})";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
operation.Summary += " (Auth Required)";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user