oauth - clientId is null while using swagger (both Swashbuckle & Swashbuckle.Core versions are 5.3.2) with Web Api (v5.2.3) -
i trying setup swagger documentation web api uses oauth (using owin middleware 'useoauthauthorizationserver') running issues.
i have done oauth swagger configuration below:
general oauth configuration scopes:
c.oauth2("oauth2") .description("oauth2 implicit grant") .flow("implicit") .authorizationurl(configurationmanager.appsettings[constants.authorizationhosturl]) .tokenurl(configurationmanager.appsettings[constants.tokenurl]) .scopes(scopes => { scopes.add("admin", "admin permission required"); }); enabling oauth selected apis:
c.operationfilter<assignoauth2securityrequirements>(); swagger ui configuration:
c.enableoauth2support("myportal", "test-realm", "swagger ui"); with above code, can view toggle buttons on appropriate end point methods. when click button, displays scopes according above configuration well.
once, select scope , hit authorization button, oauth server fails authenticate because first validates client , seems swagger not passing client-id value. issue detected in oauth server i.e.,
oauthauthorizationserverprovider::validateclientauthentication(oauthvalidateclientauthenticationcontext context) method fails @ below lines:
if (!context.trygetbasiccredentials(out suppliedclientid, out suppliedclientsecret)) { //if resource provider taking client credentials forms authentication context.trygetformcredentials(out suppliedclientid, out suppliedclientsecret); } if (context.clientid == null) { context.seterror("invalid_clientid", "client_id not set"); return; } oauthvalidateclientauthenticationcontext argument has no information client.
while debugging, in above method, have escaped failure points , validated client.
but still, got below error have no clue:
unsupported_grant_type can me how fix these issues?
i can't see pass client id in. following works me:
try:
c.enableoauth2support("your client id here", "test-realm", "swagger ui"); instead of
c.enableoauth2support("myportal", "test-realm", "swagger ui"); the assignoauth2securityrequirements operation filter should - need put client id in i've indicated:
public class assignoauth2securityrequirements : ioperationfilter { public void apply(operation operation, schemaregistry schemaregistry, apidescription apidescription) { var actfilters = apidescription.actiondescriptor.getfilterpipeline(); var allowsanonymous = actfilters.select(f => f.instance).oftype<overrideauthorizationattribute>().any(); if (allowsanonymous) return; if (operation.security == null) operation.security = new list<idictionary<string, ienumerable<string>>>(); var oauthrequirements = new dictionary<string, ienumerable<string>> { {"oauth2", new list<string> {"your client id here"}} }; operation.security.add(oauthrequirements); } }
Comments
Post a Comment