Skip to content
Permalink
Browse files

Get EndpointMetadata via reflection in AspNetCoreOperationSecuritySco…

…peProcessor, #2090
  • Loading branch information...
RicoSuter committed Apr 12, 2019
1 parent 328b133 commit 4e068cbf34ee3e829a5b3778f8d5c8f6cb43c3ac
@@ -8,18 +8,14 @@

using System.Collections.Generic;
using System.Linq;
using System.Reflection;
using System.Threading.Tasks;
using NSwag.SwaggerGeneration.Processors;
using NSwag.SwaggerGeneration.Processors.Contexts;
using Microsoft.AspNetCore.Authorization;
using NSwag.SwaggerGeneration.AspNetCore;
using NJsonSchema.Infrastructure;

namespace NSwag.SwaggerGeneration.Processors.Security
{
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Controllers;

using NSwag.SwaggerGeneration.AspNetCore;

/// <summary>Generates the OAuth2 security scopes for an operation by reflecting the AuthorizeAttribute attributes.</summary>
public class AspNetCoreOperationSecurityScopeProcessor : IOperationProcessor
{
@@ -44,30 +40,32 @@ public Task<bool> ProcessAsync(OperationProcessorContext context)
{
var aspNetCoreContext = (AspNetCoreOperationProcessorContext)context;

var endpointMetadata = aspNetCoreContext.ApiDescription.ActionDescriptor.EndpointMetadata;

var allowAnonymous = endpointMetadata.OfType<AllowAnonymousAttribute>().Any();
if (allowAnonymous)
var endpointMetadata = aspNetCoreContext?.ApiDescription?.ActionDescriptor?.TryGetPropertyValue<IList<object>>("EndpointMetadata");
if (endpointMetadata != null)
{
return Task.FromResult(true);
}
var allowAnonymous = endpointMetadata.OfType<AllowAnonymousAttribute>().Any();
if (allowAnonymous)
{
return Task.FromResult(true);
}

var authorizeAttributes = endpointMetadata.OfType<AuthorizeAttribute>().ToList();
if (!authorizeAttributes.Any())
{
return Task.FromResult(true);
}
var authorizeAttributes = endpointMetadata.OfType<AuthorizeAttribute>().ToList();
if (!authorizeAttributes.Any())
{
return Task.FromResult(true);
}

if (context.OperationDescription.Operation.Security == null)
{
context.OperationDescription.Operation.Security = new List<SwaggerSecurityRequirement>();
}
if (context.OperationDescription.Operation.Security == null)
{
context.OperationDescription.Operation.Security = new List<SwaggerSecurityRequirement>();
}

var scopes = this.GetScopes(authorizeAttributes);
context.OperationDescription.Operation.Security.Add(new SwaggerSecurityRequirement
{
{ _name, scopes }
});
var scopes = GetScopes(authorizeAttributes);
context.OperationDescription.Operation.Security.Add(new SwaggerSecurityRequirement
{
{ _name, scopes }
});
}

return Task.FromResult(true);
}

0 comments on commit 4e068cb

Please sign in to comment.
You can’t perform that action at this time.