Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Swagger UI: Using implicit flow for OAuth2/OpenIdConnect

See original GitHub issue

After some trial and error I’ve managed to configure the OAuth2 authorization against AWS Cognito in the Swagger UI client.

Ideally, I would have used the OpenIdConnectUrl configuration in the SwaggerSecuritySchemeType.OpenIdConnect settings. Which seemed to work to an extent, as it was correctly downloading the configuration from the endpoint published by AWS Cognito and then redirecting to the login page.

However, Swagger UI was not receiving the configuration for the implicit flow, so the process was failing due to the missing response_type=token parameter in the query string.

As a workaround, the following configuration works when using OAuth2 config for Cognito. I’m leaving it here so that it can be found by others trying to use a similar setup.

// Note: This is a custom POCO used to retrieve the settings
var swaggerOptions = app.ApplicationServices.GetService<IOptions<SwaggerUIOptions>>()?.Value;

app.UseSwaggerUi3WithApiExplorer(settings =>
            {
                settings.GeneratorSettings.OperationProcessors.Add(new OperationSecurityScopeProcessor("JWT token"));

                settings.OAuth2Client = new OAuth2ClientSettings()
                {
                    AppName = "MyDemoApp",
                    ClientId = swaggerOptions.SwaggerClientId
                };

                settings.GeneratorSettings.DocumentProcessors.Add(new SecurityDefinitionAppender("JWT token",
                    new SwaggerSecurityScheme
                    {
                        Type = SwaggerSecuritySchemeType.OAuth2,
                        Flow = SwaggerOAuth2Flow.Implicit,
                        Flows = new OpenApiOAuthFlows() {
                            Implicit = new OpenApiOAuthFlow()
                            {
                                Scopes = new Dictionary<string, string> { { "openid", "User Profile" } },
                                AuthorizationUrl = swaggerOptions.AuthorizationUrl,
                                TokenUrl = swaggerOptions.TokenUrl
                            }
                        }
                    }));
                });

Issue Analytics

State:
Created 5 years ago
Reactions:7
Comments:15 (11 by maintainers)

Top GitHub Comments

2reactions

zyofengcommented, Feb 17, 2020

Sorry to dig up an old ticket, but can we get an example on how to configure OpenIDConnect client with swaggerui3? Currently I am manually setting up the SecurityScheme as Oauth2 with Implicit flow and various endpoints but would be keen to use proper discovery endpoint instead.

2reactions

jsanchocommented, Aug 17, 2018

brilliant, thanks for that, I’ll try to get some time to give this a shot 😃