Authorization über access token eingebaut
This commit is contained in:
30
VERAG_REST_SERVER/App_Start/AddAuthTokenHeaderParamete.vb
Normal file
30
VERAG_REST_SERVER/App_Start/AddAuthTokenHeaderParamete.vb
Normal file
@@ -0,0 +1,30 @@
|
||||
'Imports System.Web.Http.Description
|
||||
'Imports System.Web.Http.Filters
|
||||
'Imports Microsoft.AspNetCore.Authorization
|
||||
'Imports Swashbuckle.Swagger
|
||||
|
||||
'Public Class AddAuthTokenHeaderParameter
|
||||
' Implements IOperationFilter
|
||||
|
||||
' Public Sub Apply(operation As Operation, schemaRegistry As SchemaRegistry, apiDescription As ApiDescription) Implements IOperationFilter.Apply
|
||||
|
||||
' Dim filterPipeline = apiDescription.ActionDescriptor.GetFilterPipeline()
|
||||
' Dim isAuthorized = filterPipeline.Select(Function(s) s.Instance).Any(Function(sc) sc.GetType().Equals(GetType(IAuthorizationFilter)))
|
||||
|
||||
' Dim allowAnonymous = apiDescription.ActionDescriptor.GetCustomAttributes(Of AllowAnonymousAttribute)().Any()
|
||||
|
||||
' If isAuthorized And (Not allowAnonymous) Then
|
||||
' If operation.parameters Is Nothing Then
|
||||
' operation.parameters = New List(Of Parameter)
|
||||
' End If
|
||||
' operation.parameters.Add(New Parameter With {
|
||||
' .name = "Authorization",
|
||||
' .in = "header",
|
||||
' .description = "access token",
|
||||
' .required = True,
|
||||
' .type = "string"
|
||||
' })
|
||||
' End If
|
||||
|
||||
' End Sub
|
||||
'End Class
|
||||
@@ -0,0 +1,34 @@
|
||||
Imports Newtonsoft.Json.Linq
|
||||
Imports Swashbuckle.Swagger
|
||||
Imports System.Web.Http
|
||||
Imports System.Web.Http.Description
|
||||
Imports System.Web.Http.Filters
|
||||
|
||||
Public Class AddAuthorizationHeaderParameterOperationFilter
|
||||
Implements IOperationFilter
|
||||
|
||||
Public Sub Apply(ByVal operation As Operation, ByVal schemaRegistry As SchemaRegistry, ByVal apiDescription As ApiDescription)
|
||||
'Dim myTokenAttribute = apiDescription.GetControllerAndActionAttributes(Of <Authorize>)().Any()
|
||||
Dim filterPipeline = apiDescription.ActionDescriptor.GetFilterPipeline()
|
||||
Dim isAuthorized = filterPipeline.[Select](Function(filterInfo) filterInfo.Instance).Any(Function(filter) TypeOf filter Is IAuthorizationFilter)
|
||||
Dim allowAnonymous = apiDescription.ActionDescriptor.GetCustomAttributes(Of AllowAnonymousAttribute)().Any()
|
||||
|
||||
If isAuthorized AndAlso Not allowAnonymous Then
|
||||
If operation.parameters Is Nothing Then
|
||||
operation.parameters = New List(Of Parameter)
|
||||
End If
|
||||
|
||||
operation.parameters.Add(New Parameter With {
|
||||
.name = "Authorization",
|
||||
.[in] = "header",
|
||||
.description = "access token",
|
||||
.required = True,
|
||||
.type = "string"
|
||||
})
|
||||
End If
|
||||
End Sub
|
||||
|
||||
Private Sub IOperationFilter_Apply(operation As Operation, schemaRegistry As SchemaRegistry, apiDescription As ApiDescription) Implements IOperationFilter.Apply
|
||||
Apply(operation, schemaRegistry, apiDescription)
|
||||
End Sub
|
||||
End Class
|
||||
@@ -20,6 +20,8 @@ Public Class SwaggerConfig
|
||||
|
||||
GlobalConfiguration.Configuration.EnableSwagger(Function(c)
|
||||
'c.SingleApiVersion("v1", descr)
|
||||
|
||||
|
||||
c.PrettyPrint()
|
||||
c.MultipleApiVersions(Function(apiDesc, targetApiVersion) ResolveVersionSupportByRouteConstraint(apiDesc, targetApiVersion), Function(vc)
|
||||
|
||||
@@ -27,18 +29,24 @@ Public Class SwaggerConfig
|
||||
vc.Version("v2", descr & " V2")
|
||||
vc.Version("v3", descr & " V3")
|
||||
End Function)
|
||||
c.ApiKey("apiKey").Description("API Key Authentication").Name("apiKey").In("header")
|
||||
|
||||
|
||||
'c.OAuth2("oauth2").Description("OAuth2 Implicit Grant").Flow("implicit").AuthorizationUrl("http://petstore.swagger.wordnik.com/api/oauth/dialog").Scopes(Function(scopes)
|
||||
' scopes.Add("read", "Read access to protected resources")
|
||||
' scopes.Add("write", "Write access to protected resources")
|
||||
' End Function)
|
||||
c.BasicAuth("basic").Description("Basic HTTP Authentication")
|
||||
c.OperationFilter(Of AddAuthorizationHeaderParameterOperationFilter)()
|
||||
|
||||
|
||||
'c.IncludeXmlComments($"{AppDomain.CurrentDomain.BaseDirectory}\bin\MyApi.XML")
|
||||
'c.RootUrl(Function(req) "http://localhost:58452/")
|
||||
|
||||
End Function).EnableSwaggerUi(Function(c)
|
||||
c.DocumentTitle(descr)
|
||||
c.EnableDiscoveryUrlSelector()
|
||||
c.DocExpansion(DocExpansion.List)
|
||||
c.EnableApiKeySupport("apiKey", "header")
|
||||
c.DocExpansion(DocExpansion.Full)
|
||||
|
||||
'c.EnableOAuth2Support(clientId:="test-client-id", clientSecret:=Nothing, realm:="test-realm", appName:="Swagger UI", additionalQueryStringParams:=New Dictionary(Of String, String)() From {
|
||||
' {"foo", "bar"}
|
||||
'})
|
||||
|
||||
@@ -59,6 +59,7 @@ Public Module WebApiConfig
|
||||
Dim constraintsResolver = New DefaultInlineConstraintResolver()
|
||||
constraintsResolver.ConstraintMap.Add("apiVersion", GetType(ApiVersionRouteConstraint))
|
||||
config.MapHttpAttributeRoutes(constraintsResolver)
|
||||
'config.Filters.Add(New AuthorizeAttribute)
|
||||
|
||||
|
||||
config.AddApiVersioning(Function(options)
|
||||
@@ -78,27 +79,6 @@ Public Module WebApiConfig
|
||||
|
||||
SwaggerConfig.Register(config)
|
||||
|
||||
' config.Routes.MapHttpRoute(
|
||||
' name:="AVISORoute2",
|
||||
' routeTemplate:="api/v{version:apiVersion}/{controller}/{id}",
|
||||
' defaults:=New With {.id = RouteParameter.Optional}
|
||||
')
|
||||
|
||||
' 'TEST/
|
||||
' config.Routes.MapHttpRoute(
|
||||
' name:="AVISORoute0TEST",
|
||||
' routeTemplate:="api/v{version:apiVersion}/{controller}/AVISO",
|
||||
' defaults:=New With {.id = RouteParameter.Optional}
|
||||
' )
|
||||
|
||||
|
||||
' config.Routes.MapHttpRoute(
|
||||
' name:="AVISO",
|
||||
' routeTemplate:="api/v{version:apiVersion}/{controller}/{id}",
|
||||
' defaults:=New With {.id = RouteParameter.Optional, .Constraints = New Microsoft.Web.Http.Routing.ApiVersionRouteConstraint()}
|
||||
' )
|
||||
|
||||
|
||||
End Sub
|
||||
|
||||
|
||||
|
||||
@@ -7,11 +7,30 @@ Namespace ApiController.Controllers
|
||||
|
||||
<ApiVersion("1")>
|
||||
<System.Web.Http.Route("api/v{version:apiVersion}/AVISO")>
|
||||
<Authorize>
|
||||
Public Class AVISOController
|
||||
Inherits System.Web.Http.ApiController
|
||||
|
||||
|
||||
|
||||
'If myTokenAttribute Then
|
||||
|
||||
'If operation.parameters Is Nothing Then
|
||||
' operation.parameters = New List(Of Parameter)()
|
||||
' End If
|
||||
|
||||
' operation.parameters.Add(New Parameter() With {
|
||||
' .name = "Authorization Token",
|
||||
' .[in] = "header",
|
||||
' .description = "my token description",
|
||||
' .required = True,
|
||||
' .type = "string"
|
||||
' })
|
||||
'End If
|
||||
|
||||
|
||||
Public Function GetValue() As String
|
||||
Return "Hello world!"
|
||||
Return "Hello world! -> muss autorisiert werden!"
|
||||
End Function
|
||||
|
||||
Public Function PostValue(ByVal API_AVISO As VERAG_PROG_ALLGEMEIN.cVERAG_in_TRAviso) As String
|
||||
|
||||
@@ -253,6 +253,8 @@
|
||||
<Content Include="Web.config" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Compile Include="App_Start\AddAuthorizationHeaderParameterOperationFilter.vb" />
|
||||
<Compile Include="App_Start\AddAuthTokenHeaderParamete.vb" />
|
||||
<Compile Include="App_Start\RouteConfig.vb" />
|
||||
<Compile Include="App_Start\SwaggerConfig.vb" />
|
||||
<Compile Include="App_Start\WebApiConfig.vb" />
|
||||
|
||||
Reference in New Issue
Block a user