Last active
December 11, 2016 20:13
-
-
Save nzpcmad/3739175b7e733b779924355de6f9bbe0 to your computer and use it in GitHub Desktop.
Using Swagger for Implicit Grant on ADFS 4.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Collections.Generic; | |
using System.Linq; | |
using System.Web; | |
using Swashbuckle; | |
using Swashbuckle.Swagger; | |
using System.Web.Http.Description; | |
namespace TodoListService | |
{ | |
public class AssignOAuth2SecurityRequirements : IOperationFilter | |
{ | |
public void Apply(Operation operation, SchemaRegistry schemaRegistry, ApiDescription apiDescription) | |
{ | |
/*var actFilters = apiDescription.ActionDescriptor.GetFilterPipeline(); | |
var allowsAnonymous = actFilters.Select(f => f.Instance).OfType<OverrideAuthorizationAttribute>().Any(); | |
if (allowsAnonymous) | |
return; // must be an anonymous method*/ | |
//var scopes = apiDescription.ActionDescriptor.GetFilterPipeline() | |
// .Select(filterInfo => filterInfo.Instance) | |
// .OfType<AllowAnonymousAttribute>() | |
// .SelectMany(attr => attr.Roles.Split(',')) | |
// .Distinct(); | |
if (operation.security == null) | |
operation.security = new List<IDictionary<string, IEnumerable<string>>>(); | |
var oAuthRequirements = new Dictionary<string, IEnumerable<string>> | |
{ | |
{"oauth2", new List<string> {"sampleapi", "user_impersonation"}} | |
}; | |
operation.security.Add(oAuthRequirements); | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
... | |
... | |
// NOTE: You must also configure 'EnableApiKeySupport' below in the SwaggerUI section | |
//c.ApiKey("apiKey") | |
// .Description("API Key Authentication") | |
// .Name("apiKey") | |
// .In("header"); | |
// | |
c.OAuth2("oauth2") | |
.Description("OAuth2 Implicit Grant") | |
.Flow("implicit") | |
.AuthorizationUrl("https://my-adfs/adfs/oauth2/authorize") | |
.TokenUrl("https://my-adfs/adfs/oauth2/token") | |
.Scopes(scopes => | |
{ | |
scopes.Add("user_impersonation", "use user impersonation"); | |
scopes.Add("sampleapi", "try out the sample api"); | |
}); | |
// Set this flag to omit descriptions for any actions decorated with the Obsolete attribute | |
//c.IgnoreObsoleteActions(); | |
... | |
... | |
// If you've defined an OAuth2 flow as described above, you could use a custom filter | |
// to inspect some attribute on each action and infer which (if any) OAuth2 scopes are required | |
// to execute the operation | |
// | |
c.OperationFilter<AssignOAuth2SecurityRequirements>(); | |
// Post-modify the entire Swagger document by wiring up one or more Document filters. | |
// This gives full control to modify the final SwaggerDocument. You should have a good understanding of | |
// the Swagger 2.0 spec. - https://github.com/swagger-api/swagger-spec/blob/master/versions/2.0.md | |
// before using this option. | |
... | |
... | |
// If your API supports the OAuth2 Implicit flow, and you've described it correctly, according to | |
// the Swagger 2.0 specification, you can enable UI support as shown below. | |
// | |
c.EnableOAuth2Support( | |
clientId: "7b2...7f2", | |
clientSecret: "4pr...wYP", | |
realm: "https://localhost:44326/", | |
appName: "Swagger UI", | |
//additionalQueryStringParams: new Dictionary<string, string>() { { "foo", "bar" } } | |
additionalQueryStringParams: new Dictionary<string, string>() { { "audience", "https://localhost:44326/NativeTodoListService1" } } | |
); | |
// If your API supports ApiKey, you can override the default values. | |
... | |
... | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
http://nzpcmad.blogspot.co.nz/2016/12/swagger-using-swagger-for-implicit.html