Enable reuse of BackOfficeSecurityRequirementsOperationFilter for custom APIs #15699
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Prerequisites
Description
The
BackOfficeSecurityRequirementsOperationFilter
enables back-office authentication for Swagger UI. It is currently both internal and hardcoded to be applied only to controllers within the Management API group ("management"
).If one would like to use back-office out for Swagger UI with a custom API, but also use a custom group instead of
"management"
, one has to clone-and-own the entire implementation. That seems a little silly, so this PR introduces an abstract base class that can be reused for custom APIs.Testing this PR
Using the code snippet below, the custom API within the
"my-api-v1"
group should be able to use back-office auth with Swagger UI:Code snippet