-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Expand file tree
/
Copy pathAspNetCoreOperationSecurityScopeProcessor.cs
More file actions
81 lines (70 loc) · 3.32 KB
/
AspNetCoreOperationSecurityScopeProcessor.cs
File metadata and controls
81 lines (70 loc) · 3.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
//-----------------------------------------------------------------------
// <copyright file="AspNetCoreOperationSecurityScopeProcessor.cs" company="NSwag">
// Copyright (c) Rico Suter. All rights reserved.
// </copyright>
// <license>https://github.com/RicoSuter/NSwag/blob/master/LICENSE.md</license>
// <author>Rico Suter, mail@rsuter.com</author>
//-----------------------------------------------------------------------
using NSwag.Generation.Processors.Contexts;
using Microsoft.AspNetCore.Authorization;
using NSwag.Generation.AspNetCore;
using Namotion.Reflection;
namespace NSwag.Generation.Processors.Security
{
/// <summary>Generates the OAuth2 security scopes for an operation by reflecting the AuthorizeAttribute attributes.</summary>
public class AspNetCoreOperationSecurityScopeProcessor : IOperationProcessor
{
private readonly string _name;
/// <summary>Initializes a new instance of the <see cref="OperationSecurityScopeProcessor"/> class with 'Bearer' name.</summary>
public AspNetCoreOperationSecurityScopeProcessor() : this("Bearer")
{
}
/// <summary>Initializes a new instance of the <see cref="OperationSecurityScopeProcessor"/> class.</summary>
/// <param name="name">The security definition name.</param>
public AspNetCoreOperationSecurityScopeProcessor(string name)
{
_name = name;
}
/// <summary>Processes the specified method information.</summary>
/// <param name="context"></param>
/// <returns>true if the operation should be added to the Swagger specification.</returns>
public bool Process(OperationProcessorContext context)
{
var aspNetCoreContext = (AspNetCoreOperationProcessorContext)context;
var endpointMetadata = aspNetCoreContext?.ApiDescription?.ActionDescriptor?.TryGetPropertyValue<IList<object>>("EndpointMetadata");
if (endpointMetadata != null)
{
var allowAnonymous = endpointMetadata.OfType<AllowAnonymousAttribute>().Any();
if (allowAnonymous)
{
return true;
}
var authorizeAttributes = endpointMetadata.OfType<AuthorizeAttribute>().ToList();
if (authorizeAttributes.Count == 0)
{
return true;
}
if (context.OperationDescription.Operation.Security == null)
{
context.OperationDescription.Operation.Security = [];
}
var scopes = GetScopes(authorizeAttributes);
context.OperationDescription.Operation.Security.Add(new OpenApiSecurityRequirement
{
{ _name, scopes }
});
}
return true;
}
/// <summary>Gets the security scopes for an operation.</summary>
/// <param name="authorizeAttributes">The authorize attributes.</param>
/// <returns>The scopes.</returns>
protected virtual IEnumerable<string> GetScopes(IEnumerable<AuthorizeAttribute> authorizeAttributes)
{
return authorizeAttributes
.Where(a => a.Roles != null)
.SelectMany(a => a.Roles.Split(','))
.Distinct();
}
}
}