orga0063
/
BootstrapAdmin
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: swagger 增加 Authorization 头认证

This commit is contained in:
Argo Windows 2019-10-18 22:03:42 +08:00
parent 98a7bbbfe9
commit 42c0be8093
8 changed files with 30 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/admin/Bootstrap.Admin/Bootstrap.Admin.csproj
View File

@ -11,7 +11,7 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Bootstrap.Security.Mvc" Version="3.0.1-beta9" />
<PackageReference Include="Bootstrap.Security.Mvc" Version="3.0.1-beta10" />
<PackageReference Include="Longbow.Logging" Version="3.0.1-beta1" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.Versioning" Version="4.0.0-preview8.19405.7" />
<PackageReference Include="Sentry.AspNetCore" Version="2.0.0-beta4" />

3
src/admin/Bootstrap.Admin/Controllers/Api/LoginController.cs
View File

@ -1,5 +1,6 @@
using Bootstrap.Admin.Query;
using Bootstrap.DataAccess;
using Bootstrap.Security.Authentication;
using Longbow.Web.Mvc;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
@ -38,7 +39,7 @@ namespace Bootstrap.Admin.Controllers.Api
string password = user.Password;
if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password) && UserHelper.Authenticate(userName, password))
{
token = "NOT Support yet!"; // BootstrapAdminJwtTokenHandler.CreateToken(userName);
token = BootstrapAdminJwtTokenHandler.CreateToken(userName);
}
HttpContext.Log(userName, token != null);
return token;

31
src/admin/Bootstrap.Admin/Extensions/HttpHeaderOperation.cs
View File

@ -1,31 +0,0 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.SwaggerGen;
using System.Collections.Generic;
namespace Bootstrap.Admin
{
/// <summary>
/// IOperationFilter 实现类
/// </summary>
public class HttpHeaderOperation : IOperationFilter
{
/// <summary>
/// 应用方法 增加 Authorization 授权头设置
/// </summary>
/// <param name="operation"></param>
/// <param name="context"></param>
public void Apply(OpenApiOperation operation, OperationFilterContext context)
{
if (context.MethodInfo.GetCustomAttributes(typeof(AllowAnonymousAttribute), true).Length == 0)
{
operation.Parameters.Add(new OpenApiParameter()
{
Name = "Authorization", //添加Authorization头部参数
In = ParameterLocation.Header,
Required = false
});
}
}
}
}

33
src/admin/Bootstrap.Admin/Extensions/SwaggerExtensions.cs
View File

@ -19,14 +19,6 @@ namespace Bootstrap.Admin
/// <param name="pathBase"></param>
public static void UseSwagger(this IApplicationBuilder app, string pathBase)
{
app.UseWhen(context => context.Request.Path.StartsWithSegments("/swagger"), builder =>
{
builder.Use(async (context, next) =>
{
if (!context.User.Identity.IsAuthenticated) await context.ChallengeAsync();
else await next();
});
});
app.UseSwagger();
app.UseSwaggerUI(c =>
{
@ -51,7 +43,30 @@ namespace Bootstrap.Admin
//Set the comments path for the swagger json and ui.
var xmlPath = Path.Combine(AppContext.BaseDirectory, "Bootstrap.Admin.xml");
options.IncludeXmlComments(xmlPath);
options.OperationFilter<HttpHeaderOperation>(); // 添加httpHeader参数
options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Name = "Authorization",
Type = SecuritySchemeType.ApiKey,
Scheme = "Bearer",
BearerFormat = "JWT",
In = ParameterLocation.Header,
Description = "JWT Authorization header using the Bearer scheme."
});
options.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "Bearer"
}
},
new string[]{ }
}
});
});
}
}

2
src/admin/Bootstrap.Admin/Startup.cs
View File

@ -107,7 +107,7 @@ namespace Bootstrap.Admin
app.UseStaticFiles();
app.UseAutoGenerateDatabase();
app.UseRouting();
app.UseBootstrapAdminAuthentication(RoleHelper.RetrievesByUserName, RoleHelper.RetrievesByUrl, AppHelper.RetrievesByUserName);
app.UseBootstrapAdminAuthentication("", RoleHelper.RetrievesByUserName, RoleHelper.RetrievesByUrl, AppHelper.RetrievesByUserName);
app.UseAuthorization();
app.UseSwagger(Configuration["SwaggerPathBase"].TrimEnd('/'));
app.UseOnlineUsers(TraceHelper.Filter, TraceHelper.Save);

2
src/client/Bootstrap.Client/Bootstrap.Client.csproj
View File

@ -6,7 +6,7 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Bootstrap.Security.Mvc" Version="3.0.1-beta9" />
<PackageReference Include="Bootstrap.Security.Mvc" Version="3.0.1-beta10" />
<PackageReference Include="Longbow.Logging" Version="3.0.1-beta1" />
<PackageReference Include="Microsoft.Data.Sqlite" Version="3.0.0" />
</ItemGroup>

2
src/client/Bootstrap.Client/Startup.cs
View File

@ -86,7 +86,7 @@ namespace Bootstrap.Client
app.UseCookiePolicy();
app.UseRouting();
app.UseBootstrapAdminAuthentication(RoleHelper.RetrievesByUserName, RoleHelper.RetrievesByUrl, AppHelper.RetrievesByUserName);
app.UseBootstrapAdminAuthentication(Configuration.GetValue("AppId", "2"), RoleHelper.RetrievesByUserName, RoleHelper.RetrievesByUrl, AppHelper.RetrievesByUserName);
app.UseAuthorization();
app.UseCacheManager();
app.UseOnlineUsers(callback: TraceHelper.Save);

21
test/UnitTest/Bootstrap.Admin/Api/HttpHeaderOperationTest.cs
View File

@ -1,21 +0,0 @@
using Microsoft.AspNetCore.Mvc.ApiExplorer;
using Microsoft.OpenApi.Models;
using Swashbuckle.AspNetCore.SwaggerGen;
using Xunit;
namespace Bootstrap.Admin.Api
{
public class HttpHeaderOperationTest
{
[Fact]
public void Apply_Ok()
{
var oper = new HttpHeaderOperation();
var api = new OpenApiOperation();
var desc = new ApiDescription();
var mi = typeof(HttpHeaderOperationTest).GetMethod("Apply_Ok");
var context = new OperationFilterContext(desc, null, null, mi);
oper.Apply(api, context);
}
}
}