#5 #4 处理枚举和 servers参数

2025-08-04 10:47:58 +08:00 · 2020-08-25 02:48:52 +08:00
parent 1d63f2c585
commit 8ea53827f5
28 changed files with 587 additions and 13 deletions
--- a/test/WebSites/OAuth2Integration/ResourceServer/Swagger/SecurityRequirementsOperationFilter.cs
+++ b/test/WebSites/OAuth2Integration/ResourceServer/Swagger/SecurityRequirementsOperationFilter.cs
@ -0,0 +1,40 @@
+using System.Linq;
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.OpenApi.Models;
+using Swashbuckle.AspNetCore.SwaggerGen;
+
+namespace OAuth2Integration.ResourceServer.Swagger
+{
+    public class SecurityRequirementsOperationFilter : IOperationFilter
+    {
+        public void Apply(OpenApiOperation operation, OperationFilterContext context)
+        {
+            // Policy names map to scopes
+            var requiredScopes = context.MethodInfo
+                .GetCustomAttributes(true)
+                .OfType<AuthorizeAttribute>()
+                .Select(attr => attr.Policy)
+                .Distinct();
+
+            if (requiredScopes.Any())
+            {
+                operation.Responses.Add("401", new OpenApiResponse { Description = "Unauthorized" });
+                operation.Responses.Add("403", new OpenApiResponse { Description = "Forbidden" });
+
+                var oAuthScheme = new OpenApiSecurityScheme
+                {
+                    Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "oauth2" }
+                };
+
+                operation.Security = new List<OpenApiSecurityRequirement>
+                {
+                    new OpenApiSecurityRequirement
+                    {
+                        [ oAuthScheme ] = requiredScopes.ToList()
+                    }
+                };
+            }
+        }
+    }
+}