Giters

wemogy / libs-aspnet

ASP.NET Helpers and Tools

Home Page:http://libs-aspnet.docs.wemogy.com/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Security Scheme should be defined per API group and not globally.

robinmanuelthiel opened this issue · comments

commented

OpenApiEnvironment's .WithApiGroup() should define the Security Scheme, because each API group can have a different security scheme. See the example below. Technically, the internal group does not need SecuritySchemeDefaults.JwtBearer

Before

_options
    .AddOpenApi("v1")
    .WithApiGroup("public", "Public Space Blocks Core API", "This is the public API.")
    .WithApiGroup("internal", "Internal Space Blocks Core API", "This is the internal APIs", publish: false)
    .WithApiGroup("permissions", "Permissions Config API", "This is the Permissions Space Block Config APIs")
    .WithSecurityScheme(SecuritySchemeDefaults.JwtBearer);

After

_options
    .AddOpenApi("v1")
    .WithApiGroup("public", "Public Space Blocks Core API", "This is the public API.", SecuritySchemeDefaults.JwtBearer)
    .WithApiGroup("internal", "Internal Space Blocks Core API", "This is the internal APIs", SecuritySchemeDefaults.None, publish: false)
    .WithApiGroup("permissions", "Permissions Config API", "This is the Permissions Space Block Config APIs", SecuritySchemeDefaults.JwtBearer);

libs-aspnet/src/Wemogy.AspNet/Swagger/OpenApiEnvironment.cs

Line 34 in 0bb0d24

public OpenApiEnvironment WithApiGroup(string name, string title, string description, bool publish = true)