Skip to content

Security Scheme should be defined per API group and not globally. #53

Open
Open
Security Scheme should be defined per API group and not globally.#53
Labels
enhancementNew feature or requestgood first issueGood for newcomers
@robinmanuelthiel

Description

@robinmanuelthiel
robinmanuelthiel
opened on Dec 5, 2023

OpenApiEnvironment's .WithApiGroup() should define the Security Scheme, because each API group can have a different security scheme. See the example below. Technically, the internal group does not need SecuritySchemeDefaults.JwtBearer

Before

_options
    .AddOpenApi("v1")
    .WithApiGroup("public", "Public Space Blocks Core API", "This is the public API.")
    .WithApiGroup("internal", "Internal Space Blocks Core API", "This is the internal APIs", publish: false)
    .WithApiGroup("permissions", "Permissions Config API", "This is the Permissions Space Block Config APIs")
    .WithSecurityScheme(SecuritySchemeDefaults.JwtBearer);

After

_options
    .AddOpenApi("v1")
    .WithApiGroup("public", "Public Space Blocks Core API", "This is the public API.", SecuritySchemeDefaults.JwtBearer)
    .WithApiGroup("internal", "Internal Space Blocks Core API", "This is the internal APIs", SecuritySchemeDefaults.None, publish: false)
    .WithApiGroup("permissions", "Permissions Config API", "This is the Permissions Space Block Config APIs", SecuritySchemeDefaults.JwtBearer);

libs-aspnet/src/Wemogy.AspNet/Swagger/OpenApiEnvironment.cs

Line 34 in 0bb0d24

public OpenApiEnvironment WithApiGroup(string name, string title, string description, bool publish = true)

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestgood first issueGood for newcomers

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions