From c542d18fa040b558d7465f80c25e9866f0f4a3e2 Mon Sep 17 00:00:00 2001 From: Trym Haugan Berger Date: Fri, 19 Sep 2025 15:32:39 +0200 Subject: [PATCH] automatic authenthication in swagger during development --- exercise.wwwapi/DTOs/Users/UserDTO.cs | 2 - exercise.wwwapi/Program.cs | 76 ++++++++++++++++++++++----- 2 files changed, 63 insertions(+), 15 deletions(-) diff --git a/exercise.wwwapi/DTOs/Users/UserDTO.cs b/exercise.wwwapi/DTOs/Users/UserDTO.cs index 2d90265..5f33c7a 100644 --- a/exercise.wwwapi/DTOs/Users/UserDTO.cs +++ b/exercise.wwwapi/DTOs/Users/UserDTO.cs @@ -59,7 +59,5 @@ public UserDTO(User model) Specialism = model.Specialism; Role = model.Role.ToString(); Notes = model.Notes.Select(n => new NoteDTO(n)).ToList(); - - } } \ No newline at end of file diff --git a/exercise.wwwapi/Program.cs b/exercise.wwwapi/Program.cs index 9c7b569..172b713 100644 --- a/exercise.wwwapi/Program.cs +++ b/exercise.wwwapi/Program.cs @@ -1,11 +1,20 @@ -using System.Diagnostics; +using exercise.wwwapi; using exercise.wwwapi.Configuration; using exercise.wwwapi.Data; +using exercise.wwwapi.DTOs.Comments; +using exercise.wwwapi.DTOs.Comments.UpdateComment; +using exercise.wwwapi.DTOs.Notes; +using exercise.wwwapi.DTOs.Posts; +using exercise.wwwapi.DTOs.Posts.UpdatePost; using exercise.wwwapi.DTOs.Register; using exercise.wwwapi.DTOs.UpdateUser; +using exercise.wwwapi.DTOs.Users; using exercise.wwwapi.Endpoints; using exercise.wwwapi.EndPoints; +using exercise.wwwapi.Models; using exercise.wwwapi.Repository; +using exercise.wwwapi.Validators.NoteValidators; +using exercise.wwwapi.Validators.PostValidators; using exercise.wwwapi.Validators.UserValidators; using FluentValidation; using Microsoft.AspNetCore.Authentication.JwtBearer; @@ -13,17 +22,10 @@ using Microsoft.IdentityModel.Tokens; using Microsoft.OpenApi.Models; using Scalar.AspNetCore; +using System.Diagnostics; +using System.IdentityModel.Tokens.Jwt; +using System.Security.Claims; using System.Text; -using exercise.wwwapi; -using exercise.wwwapi.Models; -using exercise.wwwapi.DTOs.Notes; -using exercise.wwwapi.Validators.NoteValidators; -using exercise.wwwapi.DTOs.Posts; -using exercise.wwwapi.Validators.PostValidators; -using exercise.wwwapi.DTOs.Posts.UpdatePost; -using exercise.wwwapi.DTOs.Comments; -using exercise.wwwapi.DTOs.Comments.UpdateComment; -using exercise.wwwapi.DTOs.Users; var builder = WebApplication.CreateBuilder(args); @@ -169,8 +171,29 @@ if (app.Environment.IsDevelopment()) { app.UseSwagger(c => c.OpenApiVersion = Microsoft.OpenApi.OpenApiSpecVersion.OpenApi2_0); - app.UseSwaggerUI(); - app.UseSwaggerUI(options => options.SwaggerEndpoint("/openapi/v3.json", "Demo API")); + + // Generate a JWT token using your existing signing key + var devJwtToken = GenerateDevJwtToken(token); + + app.UseSwaggerUI(c => + { + c.SwaggerEndpoint("/swagger/v1/swagger.json", "Demo API"); + c.SwaggerEndpoint("/openapi/v3.json", "Demo API"); + + c.HeadContent = $@" + "; + }); app.MapScalarApiReference(); } @@ -195,7 +218,34 @@ app.ConfigureCourseEndpoints(); app.Run(); +static string GenerateDevJwtToken(string signingKey) +{ + var tokenHandler = new JwtSecurityTokenHandler(); + var key = Encoding.UTF8.GetBytes(signingKey); + + var claims = new List + { + new Claim(ClaimTypes.Name, "Development User"), + new Claim(ClaimTypes.Email, "dev@localhost.com"), + new Claim(ClaimTypes.Role, "Teacher") + }; + + var tokenDescriptor = new SecurityTokenDescriptor + { + Subject = new ClaimsIdentity(claims), + Expires = DateTime.UtcNow.AddDays(30), + SigningCredentials = new SigningCredentials( + new SymmetricSecurityKey(key), + SecurityAlgorithms.HmacSha256Signature) + }; + + var jwtToken = tokenHandler.CreateToken(tokenDescriptor); + return tokenHandler.WriteToken(jwtToken); +} + public partial class Program { } // needed for testing - please ignore + +