Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Available authorizations empty #2812

Open
KieranFoot opened this issue Apr 17, 2024 · 4 comments
Open

Available authorizations empty #2812

KieranFoot opened this issue Apr 17, 2024 · 4 comments
Labels
help-wanted A change up for grabs for contributions from the community

Comments

@KieranFoot
Copy link

KieranFoot commented Apr 17, 2024
edited

I am using C# 8 with Swashbuckle.AspNetCore.Swagger, Swashbuckle.AspNetCore.SwaggerGen & Swashbuckle.AspNetCore.Annotations at version 6.5.0

Using what seems to be appropriate configuration (documentation is terrible), I have implemented OpenId as an authorization method for swagger UI as below;

var identityServerUrl = builder.Configuration.GetServiceUrl("identity-server").TrimEnd('/');
var docUri = new Uri($"{identityServerUrl}/.well-known/openid-configuration");
            
options.AddSecurityDefinition("OpenId", new OpenApiSecurityScheme
{
    Name = "OpenId Connect",
    Type = SecuritySchemeType.OpenIdConnect,
    OpenIdConnectUrl = docUri
});
            
options.AddSecurityRequirement(new OpenApiSecurityRequirement
{
    {
        new OpenApiSecurityScheme
        {
            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "OpenId" }
        }, []
    }
});

I also set the ClientId and ClientSecret inside the UseSwaggerUI options as below (Secret has been redacted);

app.UseSwaggerUI(options =>
{           
    options.OAuthAppName("API Explorer");
    options.OAuthClientId("swagger");
    options.OAuthClientSecret("REDACTED");
    options.OAuthScopes(["openid", "profile", "email", "offline_access", "tenant", "PublicApi"]);
});

However, when running, the Swagger UI has no available authorizations (as shown below). I cannot find any documentation or example code on how to implement this. I have tried many suggestions from stackoverflow with no success, so I'm assuming there is either a bug or you need to update/add documentation covering OpenId.

image
@martincostello
Copy link
Collaborator

Do either of these comments help?

Alternatively, if you add a custom Swagger index.html that uses the latest version of swagger-ui, does that fix it? I have #2806 open to update the version of SwaggerUI we repackage.

@KieranFoot
Copy link
Author

@martincostello I moved to OAuth that just uses the openid scope.

I still think there needs to be a working example of using OpenId as I tried to do, since it's not clear how to get it working.

@martincostello martincostello added the help-wanted A change up for grabs for contributions from the community label Apr 17, 2024
@amranmo1
Copy link

I face similar issue, this is due to CORS. whitelist the client IP in the server and you will get it populated.
however I faced another issue in the callback page with this error

AuthenticationFailureException: An error was encountered while handling the remote login.

@martincostello
Copy link
Collaborator

AuthenticationFailureException: An error was encountered while handling the remote login.

You'll have to look in your logs for more details. A common cause is correlation failure due to SameSite cookie settings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help-wanted A change up for grabs for contributions from the community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@martincostello @KieranFoot @amranmo1