我有一个自定义的授权方案,设置如下:
services.AddAuthentication("ClientApp")
.AddScheme<ClientAppAuthenticationOptions, ClientAppAuthenticationHandler>("ClientApp", null);然后我有以下NSwag OpenAPI文档配置:
services.AddOpenApiDocument((settings, provider) =>
{
settings.DocumentName = "openapi";
settings.AddSecurity("ClientApp", Enumerable.Empty<string>(), new OpenApiSecurityScheme
{
Type = OpenApiSecuritySchemeType.ApiKey,
Description = "Authentications used for client apps, such as Mmcc.Stats.TpsMonitor",
Name = "X-Auth-Token",
In = OpenApiSecurityApiKeyLocation.Header
});
settings.OperationProcessors.Add(
new AspNetCoreOperationSecurityScopeProcessor("ClientApp")
);
// ...
}我已经用[AllowAnonymous]和[Authorize(AuthenticationSchemes = "ClientApp")]装饰了我的控制器中的操作,但是NSwag在ReDoc UI中将我的所有端点标记为需要ClientApp授权,而不考虑装饰器。为什么?为什么?
2条答案
按热度按时间1aaf6o9v1#
我已经通过将我的代码改为这样来修复它:
wecizke32#
对
Enumerable.Empty<string>()使用正确的方法,将身份验证添加到全局范围。