首页 文章

如何使用Swagger生成选项(CORS)

提问于
浏览
5

对于我们正在开发的项目,我们会自动生成Swagger文件 . 但是此时我们正在努力应对CORS部分 .

我们正在使用Amazon API网关导入api功能 . 要与Swagger和CORS结合使用,我们必须在源代码中创建一个额外的操作(操作),它允许每个api方法(操作)的CORS(选项)!例如:

[HttpOptions]
    [Route("{id}")]
    [ProducesResponseType((int)HttpStatusCode.OK)]
    public IActionResult UserOptions()
    {
        return new OkResult();
    }

正如您所看到的,这会使代码变得更脏 . 这是一个临时修复,但我们找不到另一种方法 . 有没有办法在swagger定义文件中自动生成这个?或者我们如何做到这一点,亚马逊API网关需要这个(文档:http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html

c# asp.net-core swagger aws-api-gateway swashbuckle

3 回答

  • 1

    您可以通过x-amazon-apigateway-integration swagger扩展来驱动api网关 .

    使用Swashbuckle document filter,您可以在所有路径上生成选项操作,而无需在控制器中执行相应操作 .

    下面是一个示例代码,它将为您的swagger中的所有路径生成选项操作,并添加use swagger扩展以在这些OPTION方法的api网关中生成模拟:

    public class AddCorsApiGatewayDocumentFilter : IDocumentFilter
    {
        private Operation BuildCorsOptionOperation()
        {
            var response = new Response
            {
                Description = "Successful operation",
                Headers = new Dictionary<string, Header>
                {
                    { "Access-Control-Allow-Origin", new Header(){Type="string",Description="URI that may access the resource" } },
                    { "Access-Control-Allow-Methods", new Header(){Type="string",Description="Method or methods allowed when accessing the resource" } },
                    { "Access-Control-Allow-Headers", new Header(){Type="string",Description="Used in response to a preflight request to indicate which HTTP headers can be used when making the request." } },
                }
            };
            return new Operation
            {
                Consumes = new List<string> { "application/json" },
                Produces = new List<string> { "application/json" },
                Responses = new Dictionary<string, Response>{{"200",response}}
            };
        }

        private object BuildApiGatewayIntegrationExtension()
        {
            return new
            {
                responses = new
                {
                    @default = new
                    {
                        statusCode = "200",
                        responseParameters = new Dictionary<string, string>
                            {
                                { "method.response.header.Access-Control-Allow-Methods", "'POST,GET,OPTIONS'" },
                                { "method.response.header.Access-Control-Allow-Headers", "'Content-Type,X-Amz-Date,Authorization,X-Api-Key'"},
                                { "method.response.header.Access-Control-Allow-Origin", "'*'"}
                            }
                    },
                },
                passthroughBehavior = "when_no_match",
                requestTemplates = new Dictionary<string, string> { { "application/json", "{\"statusCode\": 200}" } },
                type = "mock"
            };
        }

        public void Apply(SwaggerDocument swaggerDoc, DocumentFilterContext context)
        {
            foreach (var path in swaggerDoc.Paths)
            {
                var corsOptionOperation = BuildCorsOptionOperation();
                var awsApiGatewayExtension = BuildApiGatewayIntegrationExtension();
                corsOptionOperation.Extensions.Add("x-amazon-apigateway-integration", awsApiGatewayExtension);
                path.Value.Options = corsOptionOperation;
            }
        }
    }

    不要忘记在swashbuckle中注册该过滤器:

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc();
        services.AddSwaggerGen(c =>
        {
            c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" });
            c.DocumentFilter<AddCorsApiGatewayDocumentFilter>();
        });
    }
    回复于
  • 0

    使用控制台中的简单一键式功能执行“启用CORS”步骤,然后部署API,最后转到舞台并将API导回到swagger .

    现在,您可以检查swagger以了解如何在自己的招摇中配置CORS .

    回复于
  • 0

    我遇到了同样的问题,我最终在Java中创建了一个实用程序,它自动将这些头添加到Swagger JSON中 . 您可以在将其导入API网关之前运行它,并导入在所有方法中启用了CORS的输出JSON

    https://github.com/anandlalvb/SwaggerToAPIGateway

    将这些标头添加到Swagger JSON中的所有方法是一项繁琐的工作 .

    "headers": {
            "Access-Control-Allow-Origin": {
                "type": "string"
            },
            "Access-Control-Allow-Methods": {
                "type": "string"
            },
            "Access-Control-Allow-Headers": {
                "type": "string"
            }
        }

    我希望这个实用程序可以帮助您轻松地做到这一点

    回复于

相关问题