abp版本:
abp 2.9.0
Swashbuckle.AspNetCore 5.4.1
使用Abp cli 創建項目后,啟動項目跳轉至swagger頁面,此時項目未啟動token認證的,對於配置了權限訪問的接口是無法訪問的(返回401)
swagger 開啟bearer token 認證
根據網上配置,在ConfigureServices中增加代碼:
context.Services.AddSwaggerGen( options => { options.SwaggerDoc("v1", new OpenApiInfo {Title = "API", Version = "v1"}); options.DocInclusionPredicate((docName, description) => true); options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme() { Name = "Authorization", Scheme = "Bearer", Description = "Specify the authorization token.", In = ParameterLocation.Header, Type = SecuritySchemeType.ApiKey, }); options.AddSecurityRequirement(new OpenApiSecurityRequirement() { { new OpenApiSecurityScheme { Reference = new OpenApiReference {Type = ReferenceType.SecurityScheme, Id = "Bearer"} }, new string[] { } }, }); });
配置后啟動項目,可以在swagger界面看到綠鎖標志
輸入token后,仍然無法訪問需要權限的接口,查看請求發現,token未通過header發送出去
再查詢后發現,swagger 3.0后 配置發生了改變,Scheme的設置強制使用小寫字母,使用大寫字母開頭,則swagger界面將不會傳輸請求頭,最后可使用的配置修改如下:
context.Services.AddSwaggerGen( options => { options.SwaggerDoc("v1", new OpenApiInfo {Title = "API", Version = "v1"}); options.DocInclusionPredicate((docName, description) => true); options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme() { Name = "Authorization", Scheme = "bearer", Description = "Specify the authorization token.", In = ParameterLocation.Header, Type = SecuritySchemeType.Http, }); options.AddSecurityRequirement(new OpenApiSecurityRequirement() { { new OpenApiSecurityScheme { Reference = new OpenApiReference {Type = ReferenceType.SecurityScheme, Id = "Bearer"} }, new string[] { } }, }); });