diff --git a/src/Infrastructure/BotSharp.OpenAPI/BotSharpOpenApiExtensions.cs b/src/Infrastructure/BotSharp.OpenAPI/BotSharpOpenApiExtensions.cs
index fb65580e2..19584d5a6 100644
--- a/src/Infrastructure/BotSharp.OpenAPI/BotSharpOpenApiExtensions.cs
+++ b/src/Infrastructure/BotSharp.OpenAPI/BotSharpOpenApiExtensions.cs
@@ -5,6 +5,8 @@
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
+using Swashbuckle.AspNetCore.SwaggerGen;
using System.IdentityModel.Tokens.Jwt;
namespace BotSharp.OpenAPI;
@@ -18,8 +20,8 @@ public static class BotSharpOpenApiExtensions
///
///
///
- public static IServiceCollection AddBotSharpOpenAPI(this IServiceCollection services,
- IConfiguration config,
+ public static IServiceCollection AddBotSharpOpenAPI(this IServiceCollection services,
+ IConfiguration config,
string[] origins,
IHostEnvironment env,
bool enableValidation)
@@ -62,7 +64,31 @@ public static IServiceCollection AddBotSharpOpenAPI(this IServiceCollection serv
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
services.AddEndpointsApiExplorer();
- services.AddSwaggerGen();
+ services.AddSwaggerGen(
+ c =>
+ {
+ c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+ {
+ In = ParameterLocation.Header,
+ Description = "Please insert JWT with Bearer into field",
+ Name = "Authorization",
+ Type = SecuritySchemeType.ApiKey
+ });
+ c.AddSecurityRequirement(new OpenApiSecurityRequirement {
+ {
+ new OpenApiSecurityScheme
+ {
+ Reference = new OpenApiReference
+ {
+ Type = ReferenceType.SecurityScheme,
+ Id = "Bearer"
+ }
+ },
+ Array.Empty()
+ }
+ });
+ }
+ );
services.AddHttpContextAccessor();
@@ -94,6 +120,7 @@ public static IApplicationBuilder UseBotSharpOpenAPI(this IApplicationBuilder ap
app.UseCors(policy);
app.UseSwagger();
+
if (env.IsDevelopment())
{
app.UseSwaggerUI();
@@ -103,7 +130,7 @@ public static IApplicationBuilder UseBotSharpOpenAPI(this IApplicationBuilder ap
app.UseAuthentication();
app.UseRouting();
-
+
app.UseAuthorization();
app.UseEndpoints(
@@ -150,3 +177,4 @@ public static IApplicationBuilder UseBotSharpUI(this IApplicationBuilder app, bo
return app;
}
}
+
diff --git a/src/Infrastructure/BotSharp.OpenAPI/Controllers/UserController.cs b/src/Infrastructure/BotSharp.OpenAPI/Controllers/UserController.cs
index 197c0e999..13dd6c786 100644
--- a/src/Infrastructure/BotSharp.OpenAPI/Controllers/UserController.cs
+++ b/src/Infrastructure/BotSharp.OpenAPI/Controllers/UserController.cs
@@ -1,3 +1,5 @@
+using System.ComponentModel.DataAnnotations;
+
namespace BotSharp.OpenAPI.Controllers;
[Authorize]
@@ -12,10 +14,15 @@ public UserController(IUserService userService)
[AllowAnonymous]
[HttpPost("/token")]
- public async Task> GetToken()
+ public async Task> GetToken([FromHeader(Name = "Authorization")][Required] string authcode)
{
- var authcode = Request.Headers["Authorization"].ToString();
- var token = await _userService.GetToken(authcode.Split(' ')[1]);
+ if (authcode.Contains(' '))
+ {
+ authcode = authcode.Split(' ')[1];
+ }
+
+ var token = await _userService.GetToken(authcode);
+
if (token == null)
{
return Unauthorized();