How can I send "audience" field in oauth2/token call made by Swagger-ui?
Asked Answered
H

2

6

I am using Swagger-UI with Swashbuckle v5.6 to document an Auth0 (OAuth2) secured .NET Web API. I've been trying to configure Swagger to obtain a token in the UI from Auth0 service. So far I've managed to do that, but the problem is that I need to send in the POST /token request's body the "audience" field, and I am struggling to find out how to do that from SwaggerConfig.cs.

So far my SwaggerConfig.cs looks like this :

public class SwaggerConfig
{
    public static void Register()
    {
        var thisAssembly = typeof(SwaggerConfig).Assembly;
        string appName = "myApi";
        var audience = System.Configuration.ConfigurationManager.AppSettings["AuthAudience"];
        string tokenUrl = "somethingsomething/oauth/token";

        GlobalConfiguration.Configuration
            .EnableSwagger(c =>
                {
                    c.SingleApiVersion("v1", "myApi");
                    c.IncludeXmlComments(string.Format(@"{0}\bin\myApi.XML", System.AppDomain.CurrentDomain.BaseDirectory));
                    c.DescribeAllEnumsAsStrings();

                    c.OAuth2("oauth2")
                        .Description("client credentials grant flow")
                        .Flow("password")
                        .TokenUrl(tokenUrl)
                        .Scopes(scopes =>
                        {
                            scopes.Add("myapi", "openid profile email address phone");
                        });

                    c.OperationFilter<AssignOperationFilters>();
                    c.DocumentFilter<SecurityRequirementsDocumentFilter>();
                })
            .EnableSwaggerUi(c =>
            {
                var clientId =  System.Configuration.ConfigurationManager.AppSettings["Auth0ApiClientId"];
                var clientSecret = System.Configuration.ConfigurationManager.AppSettings["Auth0ApiClientSecret"];

                var additionalParams = new Dictionary<string, string>{ {"audience", audience } };

                c.EnableOAuth2Support(clientId,
                                    clientSecret,
                                    appName,
                                    "tmdq",
                                    additionalQueryStringParams: additionalParams);

            });
    }
}
Hortensiahorter answered 18/1, 2019 at 13:13 Comment(0)
C
2

In Swagger starting in version 6.0.0 you can use Request Interceptor like this:

 app.UseSwaggerUI(options =>
                {
                        options.UseRequestInterceptor("(req) => { if (req.url.endsWith('oauth/token') && req.body) req.body += '&audience=" + appsettings.Audience + "'; return req; }");

                });
Cowry answered 21/4, 2021 at 6:14 Comment(0)
C
1

Your can use OAuthAdditionalQueryStringParams...

   app.UseSwaggerUI(options =>
            {
                options.OAuthClientId("YOUR_CLIENT_ID");  
                options.SwaggerEndpoint("v1/swagger.json", "v1");
                options.OAuthAdditionalQueryStringParams(new Dictionary<string, string>() { {"audience","YOUR_AUDIENCE"}});
            });
Clunk answered 11/2, 2022 at 18:40 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.