edv/REST_SERVER
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Authorization über access token eingebaut

Browse Source
This commit is contained in:
d.breimaier
2023-02-22 16:41:41 +01:00
parent 902685c7cf
commit 49079d0534
6 changed files with 98 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
VERAG_REST_SERVER/App_Start/AddAuthTokenHeaderParamete.vb Normal file
View File

@@ -0,0 +1,30 @@
'Imports System.Web.Http.Description
'Imports System.Web.Http.Filters
'Imports Microsoft.AspNetCore.Authorization
'Imports Swashbuckle.Swagger
'Public Class AddAuthTokenHeaderParameter
' Implements IOperationFilter
' Public Sub Apply(operation As Operation, schemaRegistry As SchemaRegistry, apiDescription As ApiDescription) Implements IOperationFilter.Apply
' Dim filterPipeline = apiDescription.ActionDescriptor.GetFilterPipeline()
' Dim isAuthorized = filterPipeline.Select(Function(s) s.Instance).Any(Function(sc) sc.GetType().Equals(GetType(IAuthorizationFilter)))
' Dim allowAnonymous = apiDescription.ActionDescriptor.GetCustomAttributes(Of AllowAnonymousAttribute)().Any()
' If isAuthorized And (Not allowAnonymous) Then
' If operation.parameters Is Nothing Then
' operation.parameters = New List(Of Parameter)
' End If
' operation.parameters.Add(New Parameter With {
' .name = "Authorization",
' .in = "header",
' .description = "access token",
' .required = True,
' .type = "string"
' })
' End If
' End Sub
'End Class

34
VERAG_REST_SERVER/App_Start/AddAuthorizationHeaderParameterOperationFilter.vb Normal file
View File

@@ -0,0 +1,34 @@
Imports Newtonsoft.Json.Linq
Imports Swashbuckle.Swagger
Imports System.Web.Http
Imports System.Web.Http.Description
Imports System.Web.Http.Filters
Public Class AddAuthorizationHeaderParameterOperationFilter
Implements IOperationFilter
Public Sub Apply(ByVal operation As Operation, ByVal schemaRegistry As SchemaRegistry, ByVal apiDescription As ApiDescription)
'Dim myTokenAttribute = apiDescription.GetControllerAndActionAttributes(Of <Authorize>)().Any()
Dim filterPipeline = apiDescription.ActionDescriptor.GetFilterPipeline()
Dim isAuthorized = filterPipeline.[Select](Function(filterInfo) filterInfo.Instance).Any(Function(filter) TypeOf filter Is IAuthorizationFilter)
Dim allowAnonymous = apiDescription.ActionDescriptor.GetCustomAttributes(Of AllowAnonymousAttribute)().Any()
If isAuthorized AndAlso Not allowAnonymous Then
If operation.parameters Is Nothing Then
operation.parameters = New List(Of Parameter)
End If
operation.parameters.Add(New Parameter With {
.name = "Authorization",
.[in] = "header",
.description = "access token",
.required = True,
.type = "string"
})
End If
End Sub
Private Sub IOperationFilter_Apply(operation As Operation, schemaRegistry As SchemaRegistry, apiDescription As ApiDescription) Implements IOperationFilter.Apply
Apply(operation, schemaRegistry, apiDescription)
End Sub
End Class

14
VERAG_REST_SERVER/App_Start/SwaggerConfig.vb
View File

@@ -20,6 +20,8 @@ Public Class SwaggerConfig
GlobalConfiguration.Configuration.EnableSwagger(Function(c) GlobalConfiguration.Configuration.EnableSwagger(Function(c)
'c.SingleApiVersion("v1", descr) 'c.SingleApiVersion("v1", descr)
c.PrettyPrint() c.PrettyPrint()
c.MultipleApiVersions(Function(apiDesc, targetApiVersion) ResolveVersionSupportByRouteConstraint(apiDesc, targetApiVersion), Function(vc) c.MultipleApiVersions(Function(apiDesc, targetApiVersion) ResolveVersionSupportByRouteConstraint(apiDesc, targetApiVersion), Function(vc)
@@ -27,18 +29,24 @@ Public Class SwaggerConfig
vc.Version("v2", descr & " V2") vc.Version("v2", descr & " V2")
vc.Version("v3", descr & " V3") vc.Version("v3", descr & " V3")
End Function) End Function)
c.ApiKey("apiKey").Description("API Key Authentication").Name("apiKey").In("header")
'c.OAuth2("oauth2").Description("OAuth2 Implicit Grant").Flow("implicit").AuthorizationUrl("http://petstore.swagger.wordnik.com/api/oauth/dialog").Scopes(Function(scopes) 'c.OAuth2("oauth2").Description("OAuth2 Implicit Grant").Flow("implicit").AuthorizationUrl("http://petstore.swagger.wordnik.com/api/oauth/dialog").Scopes(Function(scopes)
' scopes.Add("read", "Read access to protected resources") ' scopes.Add("read", "Read access to protected resources")
' scopes.Add("write", "Write access to protected resources") ' scopes.Add("write", "Write access to protected resources")
' End Function) ' End Function)
c.BasicAuth("basic").Description("Basic HTTP Authentication")
c.OperationFilter(Of AddAuthorizationHeaderParameterOperationFilter)()
'c.IncludeXmlComments($"{AppDomain.CurrentDomain.BaseDirectory}\bin\MyApi.XML")
'c.RootUrl(Function(req) "http://localhost:58452/")
End Function).EnableSwaggerUi(Function(c) End Function).EnableSwaggerUi(Function(c)
c.DocumentTitle(descr) c.DocumentTitle(descr)
c.EnableDiscoveryUrlSelector() c.EnableDiscoveryUrlSelector()
c.DocExpansion(DocExpansion.List) c.DocExpansion(DocExpansion.Full)
c.EnableApiKeySupport("apiKey", "header")
'c.EnableOAuth2Support(clientId:="test-client-id", clientSecret:=Nothing, realm:="test-realm", appName:="Swagger UI", additionalQueryStringParams:=New Dictionary(Of String, String)() From { 'c.EnableOAuth2Support(clientId:="test-client-id", clientSecret:=Nothing, realm:="test-realm", appName:="Swagger UI", additionalQueryStringParams:=New Dictionary(Of String, String)() From {
' {"foo", "bar"} ' {"foo", "bar"}
'}) '})

22
VERAG_REST_SERVER/App_Start/WebApiConfig.vb
View File

@@ -59,6 +59,7 @@ Public Module WebApiConfig
Dim constraintsResolver = New DefaultInlineConstraintResolver() Dim constraintsResolver = New DefaultInlineConstraintResolver()
constraintsResolver.ConstraintMap.Add("apiVersion", GetType(ApiVersionRouteConstraint)) constraintsResolver.ConstraintMap.Add("apiVersion", GetType(ApiVersionRouteConstraint))
config.MapHttpAttributeRoutes(constraintsResolver) config.MapHttpAttributeRoutes(constraintsResolver)
'config.Filters.Add(New AuthorizeAttribute)
config.AddApiVersioning(Function(options) config.AddApiVersioning(Function(options)
@@ -78,27 +79,6 @@ Public Module WebApiConfig
SwaggerConfig.Register(config) SwaggerConfig.Register(config)
' config.Routes.MapHttpRoute(
' name:="AVISORoute2",
' routeTemplate:="api/v{version:apiVersion}/{controller}/{id}",
' defaults:=New With {.id = RouteParameter.Optional}
')
' 'TEST/
' config.Routes.MapHttpRoute(
' name:="AVISORoute0TEST",
' routeTemplate:="api/v{version:apiVersion}/{controller}/AVISO",
' defaults:=New With {.id = RouteParameter.Optional}
' )
' config.Routes.MapHttpRoute(
' name:="AVISO",
' routeTemplate:="api/v{version:apiVersion}/{controller}/{id}",
' defaults:=New With {.id = RouteParameter.Optional, .Constraints = New Microsoft.Web.Http.Routing.ApiVersionRouteConstraint()}
' )
End Sub End Sub

21
VERAG_REST_SERVER/Controllers/V1/AvisoController/AVISOController.vb
View File

@@ -7,11 +7,30 @@ Namespace ApiController.Controllers
<ApiVersion("1")> <ApiVersion("1")>
<System.Web.Http.Route("api/v{version:apiVersion}/AVISO")> <System.Web.Http.Route("api/v{version:apiVersion}/AVISO")>
<Authorize>
Public Class AVISOController Public Class AVISOController
Inherits System.Web.Http.ApiController Inherits System.Web.Http.ApiController
'If myTokenAttribute Then
'If operation.parameters Is Nothing Then
' operation.parameters = New List(Of Parameter)()
' End If
' operation.parameters.Add(New Parameter() With {
' .name = "Authorization Token",
' .[in] = "header",
' .description = "my token description",
' .required = True,
' .type = "string"
' })
'End If
Public Function GetValue() As String Public Function GetValue() As String
Return "Hello world!" Return "Hello world! -> muss autorisiert werden!"
End Function End Function
Public Function PostValue(ByVal API_AVISO As VERAG_PROG_ALLGEMEIN.cVERAG_in_TRAviso) As String Public Function PostValue(ByVal API_AVISO As VERAG_PROG_ALLGEMEIN.cVERAG_in_TRAviso) As String

2
VERAG_REST_SERVER/VERAG_REST_SERVER.vbproj
View File

@@ -253,6 +253,8 @@
<Content Include="Web.config" /> <Content Include="Web.config" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<Compile Include="App_Start\AddAuthorizationHeaderParameterOperationFilter.vb" />
<Compile Include="App_Start\AddAuthTokenHeaderParamete.vb" />
<Compile Include="App_Start\RouteConfig.vb" /> <Compile Include="App_Start\RouteConfig.vb" />
<Compile Include="App_Start\SwaggerConfig.vb" /> <Compile Include="App_Start\SwaggerConfig.vb" />
<Compile Include="App_Start\WebApiConfig.vb" /> <Compile Include="App_Start\WebApiConfig.vb" />