Add Authentication to /swagger/ui/index page - Swagger | Web API | Swashbuckle
I\'m working on a Swagger (Web API) project.
When I first run the application it shows the Login page for Swagger UI.
So, a user first has to login to access Swagger UI
-
spring-security login page
in my case, that is not swagger page but spring-security login page. boot version 2.X includes security auto configuration, so if you add spring-security plugin in build.gradle, remove and restart.
讨论(0) -
You can take a look this link which describes how to lock down the Swagger UI so that only authenticated users can see it
http://knowyourtoolset.com/2015/09/secure-web-apis-with-swagger-swashbuckle-and-oauth2-part-4/
讨论(0) -
Finally, I solved it with
DelegtingHandler, here's how I did it:
Create a fileSwaggerAccessMessageHandler.csand add it inApp_Startfolder.using System; using System.Net; using System.Net.Http; using System.Threading; using System.Threading.Tasks; public class SwaggerAccessMessageHandler : DelegatingHandler { protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { if (IsSwagger(request) && !Thread.CurrentPrincipal.Identity.IsAuthenticated) { HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.Redirect); // Redirect to login URL string uri = string.Format("{0}://{1}", request.RequestUri.Scheme, request.RequestUri.Authority); response.Headers.Location = new Uri(uri); return Task.FromResult(response); } else { return base.SendAsync(request, cancellationToken); } } private bool IsSwagger(HttpRequestMessage request) { return request.RequestUri.PathAndQuery.Contains("/swagger"); } }Next, Wire up the handler in
SwaggeConfig.csjust before enabling Swagger as follows:GlobalConfiguration.Configuration.MessageHandlers.Add(new SwaggerAccessMessageHandler()); GlobalConfiguration.Configuration.EnableSwagger(c => { ... });讨论(0)
加载中...
- 热议问题