How can I use AddSecurityRequirement in NSwag

[itsoli91]

Hi, Currently we are using this code to add Security Definition, however I can't find AddSecurityRequirement in nswag? Any help on rewriting this price of code with nswag version ?

services.AddSwaggerGen(options =>
        {
            options.OperationFilter<SwaggerDefaultValues>();

            options.AddSecurityDefinition(ApiConstants.CIAM.AuthenticationScheme, new OpenApiSecurityScheme
            {
                Description =
                    $"{ApiConstants.ResourceDisplayName} {ApiConstants.CIAM.AuthenticationScheme} Authentication",
                Type = SecuritySchemeType.OAuth2,
                Flows = new OpenApiOAuthFlows
                {
                    ClientCredentials = new OpenApiOAuthFlow
                    {
                        Scopes = new Dictionary<string, string>
                        {
                            { ApiConstants.CIAM.DefaultScopeName, ApiConstants.Policies.DefaultPolicyName }
                        },
                        TokenUrl = new Uri($"{identityIssuerOptions.CiamAuthority}/connect/token", UriKind.Absolute),
                        AuthorizationUrl =
                            new Uri($"{identityIssuerOptions.CiamAuthority}/connect/authorize", UriKind.Absolute),
                        RefreshUrl =
                            new Uri($"{identityIssuerOptions.CiamAuthority}/connect/refresh", UriKind.Absolute)
                    }
                }
            });

            options.AddSecurityRequirement(new OpenApiSecurityRequirement
            {
                {
                    new OpenApiSecurityScheme
                    {
                        Reference = new OpenApiReference
                        {
                            Type = ReferenceType.SecurityScheme, Id = ApiConstants.CIAM.AuthenticationScheme
                        }
                    },
                    new[] { ApiConstants.CIAM.DefaultScopeName }
                }
            });
        });

[davidkeaveny]

Hi @itsoli91 ,

I'm using NSwag 13.18.2 here, and my Startup.cs looks something like this:

services.AddOpenApiDocument((configure, provider) =>
        {
            configure.Title = "My Amazing API";
            configure.Description = "This API is amazing.";
            configure.DocumentName = $"v1.0";
            configure.Version = "1.0.0";
            configure.UseControllerSummaryAsTagDescription = true;

            configure.AddSecurity("Bearer", Array.Empty<string>(), new OpenApiSecurityScheme
            {
                Type = OpenApiSecuritySchemeType.OAuth2,
                Description = "The Identity Server will return an access token; this should be added to every request, using the Authorization header with the Bearer scheme.",
                Flows = new OpenApiOAuthFlows
                {
                    ClientCredentials = new OpenApiOAuthFlow
                    {
                        Scopes = new Dictionary<string, string>{
                          { "read", "The user is able to read from the resource" },
                          { "write", "The user is able to write to the resource" },
                          { "delete", "The user is able to delete the resource" }
                        },
                        TokenUrl = $"{IdentityServerUrl}/connect/token"
                    }
                }
            });

As the code hopefully makes clear, this implements the OAuth client credentials profile (for services talking directly to the API ,using a Client ID and a Client Secret. NSwag supports other OAuth profiles, just change the property that is being set on the OpenApiOAuthFlows instance.

[tushroy]

I was trying to migrate SwashBuckle to NSwag but I am having same issues with AddSecurityRequirement, AddSecurityDefinition and DocInclusionPredicate of SwashBuckle.