How to show WebApi OAuth token endpoint in Swagger

Russ picture Russ · Aug 23, 2015 · Viewed 8.2k times · Source

I've created a new Web Api project, added Asp.Net Identity and configured OAuth like so:

OAuthOptions = new OAuthAuthorizationServerOptions
{
    TokenEndpointPath = new PathString("/Token"),
    Provider = new ApplicationOAuthProvider(PublicClientId),
    AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
    AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
    AllowInsecureHttp = true
};

This all works fine, I can call the /Token endpoint and get a bearer token back.

The problem is that this is not discoverable in Swagger I assume because it's not on a controller and therefore has no xml documentation generated for it.

Does anyone know of a way to display this login endpoint in my Swagger docs?

Thanks.

Also, i should've said that the Swagger documentation is working with all my controllers, it's just that I'm missing this one obvious method - how to login.

Answer

Ruaidhrí Primrose picture Ruaidhrí Primrose · Sep 1, 2015

ApiExplorer won't be automatically generating any info for your endpoint so you'll need to add a custom DocumentFilter in order to manually describe the token endpoint.

There's an example of this at https://github.com/domaindrivendev/Swashbuckle/issues/332 :

class AuthTokenOperation : IDocumentFilter
{
    public void Apply(SwaggerDocument swaggerDoc, SchemaRegistry schemaRegistry, IApiExplorer apiExplorer)
    {
        swaggerDoc.paths.Add("/auth/token", new PathItem
        {
            post = new Operation
            {
                tags = new List<string> { "Auth" },
                consumes = new List<string>
                {
                    "application/x-www-form-urlencoded"
                },
                parameters = new List<Parameter> {
                    new Parameter
                    {
                        type = "string",
                        name = "grant_type",
                        required = true,
                        @in = "formData"
                    },
                    new Parameter
                    {
                        type = "string",
                        name = "username",
                        required = false,
                        @in = "formData"
                    },
                    new Parameter
                    {
                        type = "string",
                        name = "password",
                        required = false,
                        @in = "formData"
                    }
                }
            }
        });
    }
}

httpConfig.EnableSwagger(c =>
{
    c.DocumentFilter<AuthTokenOperation>();
});