Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Swagger UI: pass custom Authorization header

I'm using Swashbuckle and Swagger on an ASP.NET Web API. I'm trying to find a way to pass an Authorization header containing a Bearer token through Swagger UI. I've been searching around, but all the answers seem to point at this link.

However, this assumes that the content of the header is known upfront. I really need a way to change the header within Swagger UI (right before hitting the 'Try it out!' button), because the Bearer token expires every hour. Something similar to the way Postman allows you to add headers.

It seems like such a ridiculously simple problem, but what is the answer?

like image 282
fikkatra Avatar asked Aug 11 '16 21:08

fikkatra


People also ask

How do I pass the authorization header in GET request?

To send a GET request with a Bearer Token authorization header, you need to make an HTTP GET request and provide your Bearer Token with the Authorization: Bearer {token} HTTP header.

How do I add authorization to swagger UI?

In the Swagger Editor (the right pane), click the Authorize button, paste the sample API key shown in the description into the Value field (or use your own OpenWeatherMap API key), and click Authorize. Then click Close to close the authorization modal.


1 Answers

We ran into the same problem on our project. I also wanted to add the header parameters to the Swagger UI website. This is how we did it:

1. Define an OperationFilter class OperationFilters are executed on every API operation every time you build Swagger. According to your code, operations will be checked according to your filters. In this example, we make the header parameter required on every operation, but make it optional on operations that have the AllowAnonymous attribute.

    public class AddAuthorizationHeader : IOperationFilter
    {
        /// <summary>
        /// Adds an authorization header to the given operation in Swagger.
        /// </summary>
        /// <param name="operation">The Swashbuckle operation.</param>
        /// <param name="schemaRegistry">The Swashbuckle schema registry.</param>
        /// <param name="apiDescription">The Swashbuckle api description.</param>
        public void Apply(Operation operation, SchemaRegistry schemaRegistry, ApiDescription apiDescription)
        {
            if (operation == null) return;

            if (operation.parameters == null)
            {
                operation.parameters = new List<Parameter>();
            }

            var parameter = new Parameter
            {
                description = "The authorization token",
                @in = "header",
                name = "Authorization",
                required = true,
                type = "string"
            };

            if (apiDescription.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Any())
            {
                parameter.required = false;
            }

            operation.parameters.Add(parameter);
        }
    }

2. Tell Swagger to use this OperationFilter In the SwaggerConfig, just add that the operation filter should be used as follows:

    c.OperationFilter<AddAuthorizationHeader>();

Hope this helps you out!

like image 173
Philippe De Croock Avatar answered Sep 24 '22 13:09

Philippe De Croock