We are building a Web API wrapper for MS Graph API.
I want to use Swagger to test my APIs. But I can't get the configuration right. I keep getting Bad Request and no other clue. I can't install Fiddler or other tools on this corporate laptop to help me investigate.
And here is the code to configure Swagger:
app.UseSwaggerUi3WithApiExplorer(settings =>
{
settings.GeneratorSettings.DefaultPropertyNameHandling = PropertyNameHandling.CamelCase;
settings.PostProcess = document =>
{
document.Info.Title = "App title";
document.Info.Description = "App description";
};
settings.OAuth2Client = new OAuth2ClientSettings
{
ClientId = [clientid]
ClientSecret = [clientsecret]
AppName = "app_name",
};
settings.OAuth2Client.AdditionalQueryStringParameters.Add("response_type", "code id_token");
settings.OAuth2Client.AdditionalQueryStringParameters.Add("nonce", "AnyValueShouldBeRandom");
settings.GeneratorSettings.DocumentProcessors.Add(new SecurityDefinitionAppender("Auth Token", new SwaggerSecurityScheme
{
Type = SwaggerSecuritySchemeType.OpenIdConnect,
Description = "Swagger OAuth2",
OpenIdConnectUrl = "https://login.microsoftonline.com/[tenantid]/v2.0/.well-known/openid-configuration",
Flow = SwaggerOAuth2Flow.Implicit,
AuthorizationUrl = "https://login.microsoftonline.com/[tenantid]/oauth2/v2.0/authorize",
TokenUrl = "https://login.microsoftonline.com/[tenantid]/oauth2/v2.0/token",
In = SwaggerSecurityApiKeyLocation.Header,
Scopes = new Dictionary<string, string>
{
{ "api://[api]/user_impersonation", "" },
{ "user.read", "" },
{ "openid", "" },
{ "email", "" },
{ "profile", "" },
{ "roles", "" }
}
}));
settings.GeneratorSettings.OperationProcessors.Add(new OperationSecurityScopeProcessor("oauth2"));
});
My question is what am I doing wrong?
I have been struggling with this since this morning. Any help is greatly appreciated.
Thanks!
UPDATE 3/21/2019
I figured it out.
change this from
Type = SwaggerSecuritySchemeType.OpenIdConnect
to
Type = SwaggerSecuritySchemeType.OAuth2
I also removed a bunch of stuff like the ff lines
settings.OAuth2Client.AdditionalQueryStringParameters.Add("response_type", "code id_token");
settings.OAuth2Client.AdditionalQueryStringParameters.Add("nonce", "AnyValueShouldBeRandom");
It's now working.
At least on the outside.
Swagger tells me I am already Authenticated:
BUT when I run the application, HttpContext.User.Identity.IsAuthenticated tells me I'm not.
Same question: What am I doing wrong?
Finally I can answer my own question.
I'm not going to be too hard on myself this time because the fix was not very obvious, at least to me.
Apparently,
should have a matching
It's partly my fault if I didn't google hard enough or the docs really wasn't that accessible.
But this line
Needs a match. So replace the following
with
I hope this helps somebody else.