I configure my swagger like this:
services.AddSwaggerGen(
options =>
{
options.SwaggerDoc(
IntegrationApiVersion,
new OpenApiInfo { Title = IntegrationApiName, Version = IntegrationApiVersion });
options.SwaggerDoc(
ApplicationApiVersion,
new OpenApiInfo { Title = ApplicationApiName, Version = ApplicationApiVersion });
options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Description = "Bearer Token: e.g. \"Bearer <your token here>\"",
Name = "Authorization",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey,
Scheme = "Bearer",
Reference = new OpenApiReference
{
Id = "Bearer",
Type = ReferenceType.SecurityScheme
}
});
options.ResolveConflictingActions(apiDescriptions => apiDescriptions.First());
options.EnableAnnotations();
options.SchemaFilter<SmartEnumSchemaFilter>();
options.SupportNonNullableReferenceTypes();
options.UseAllOfToExtendReferenceSchemas();
options.IncludeXmlComments(
Path.Combine(AppContext.BaseDirectory, $"{Assembly.GetExecutingAssembly().GetName().Name}.xml"),
includeControllerXmlComments: true);
options.OperationFilter<TestOperationFilter>();
})
.AddFluentValidationRulesToSwagger();
But since only 1 of my documents requires authentication IntegrationApiVersion, I want to hide the 'Authorize' button for the other doc. I found that the call to AddSecutityDefinition is what adds the button, but it does not let me define an api name/version, and I can't figure out how to set that definition from a filter
I managed to get the little locks to display, and JWT auth works great by adding this filter:
public class TestOperationFilter : IOperationFilter
{
public void Apply(OpenApiOperation operation, OperationFilterContext context)
{
if (context.DocumentName == SwaggerConfiguration.IntegrationApiVersion)
{
operation.Security = new List<OpenApiSecurityRequirement>
{
new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "Bearer"
},
Scheme = "oauth2",
Name = "Bearer",
In = ParameterLocation.Header
},
Array.Empty<string>()
}
}
};
}
}
}
But I can't figure out how to apply the same solution for the 'Authorize' button itself, so that it only appears on my IntegrationApiVersion page
The closes thing I could find was people doing this, but using something called NonBodyParameter to add a SecurityDefinition inside a filter, but it seems that type is no longer available to me. Does anyone have any advice?
Using SwashBuckle 6.3.0
Security definition gets add at the document level so you have to modify the document.
here I have written a document filter which removes the schema only for this document.
public class SwaggerDocumentFilter : IDocumentFilter
{
public void Apply(OpenApiDocument swaggerDoc, DocumentFilterContext context)
{
if(context.DocumentName == SwaggerConfiguration.ApplicationApiVersion)
{
swaggerDoc.Components.SecuritySchemes.Remove("Bearer");
}
}
}
hope it is helpful