Burgyn
commented
2 years ago Hi,
thanks fort your question.
Unfortunately, this behavior is not currently supported. The SecuritySchemes section is fully taken from the downstream definition.
The only option I can think of is your own transformation of the resulting upstream documentation:
public string AlterUpstreamSwaggerJson(HttpContext context, string swaggerJson)
{
var swagger = JObject.Parse(swaggerJson);
// ... alter upstream json
return swagger.ToString(Formatting.Indented);
}
app.UseSwaggerForOcelotUI(opt => {
opt.ReConfigureUpstreamSwaggerJson = AlterUpstreamSwaggerJson;
})
github-actions[bot]
Not sure if it's a bug or expected behavior. When you defining security definition and requirements for gateway, it only applies to gateway definition itself. All downstream definitions contains only security section specified. I.e. gateway definition contains section:
"securitySchemes": { "Bearer": { "type": "http", "description": "Enter JWT Bearer token", "scheme": "Bearer", "bearerFormat": "JWT" } }and"security": [ { "Bearer": [ ] } ]Re routes configured with"AuthenticationOptions": { "AuthenticationProviderKey": "Bearer" },but definitions of downstreams contains only "security" sections. That makes it impossible to authenticate requests from Swagger UI to downstream services.Expected behavior Use same securitySchemes for downstreams.
P.S. Thanks for creating this library.