然后,在Program.cs中修改Swagger相关的代码:
... builder.Services.AddSwaggerGen(options => { options.SwaggerDoc("v1", new OpenApiInfo { Title = "Protected API", Version = "v1" }); var strurl = builder.Configuration["IdentityServer4Api:Authority"]; options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme { Type = SecuritySchemeType.OAuth2, Flows = new OpenApiOAuthFlows { AuthorizationCode = new OpenApiOAuthFlow { AuthorizationUrl = new Uri( strurl +"/connect/authorize"), TokenUrl = new Uri(strurl + "/connect/token"), Scopes = new Dictionary<string, string> { {"testapi", "Demo API - full access"} } } } }); options.OperationFilter<AuthorizeCheckOperationFilter>(); }); ... if (app.Environment.IsDevelopment()) { app.UseSwagger(); app.UseSwaggerUI(options => { options.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1"); options.OAuthClientId("demo_api_swagger"); options.OAuthAppName("Demo API - Swagger"); options.OAuthUsePkce(); }); }改造完成,可以进行测试了,运行Web Api项目,缺省进入Swagger文档页面,我们会发现多了一个Authorize按钮,并且Web Api方法旁边会有一个加锁的图标:
这时,如果访问Web Api,会出现401错误,我们需要先进行认证再访问,点击加锁的图标,弹出认证界面:
点击认证按钮,如果顺利的话,会出现认证完成的界面:
点击Close关闭窗口,会发现加锁图标发生了变化:
这时,再次访问Web Api就可以正常返回数据了: