-
Notifications
You must be signed in to change notification settings - Fork 10.6k
Automatically infer OpenApiSecuritySchemes from authentication configuration #39761
Copy link
Copy link
Open
Open
Copy link
Labels
Priority:1Work that is critical for the release, but we could probably ship withoutWork that is critical for the release, but we could probably ship withoutarea-minimalIncludes minimal APIs, endpoint filters, parameter binding, request delegate generator etcIncludes minimal APIs, endpoint filters, parameter binding, request delegate generator etcarea-mvcIncludes: MVC, Actions and Controllers, Localization, CORS, most templatesIncludes: MVC, Actions and Controllers, Localization, CORS, most templatesenhancementThis issue represents an ask for new feature or an enhancement to an existing oneThis issue represents an ask for new feature or an enhancement to an existing onefeature-openapi
Milestone
Description
Metadata
Metadata
Assignees
Labels
Priority:1Work that is critical for the release, but we could probably ship withoutWork that is critical for the release, but we could probably ship withoutarea-minimalIncludes minimal APIs, endpoint filters, parameter binding, request delegate generator etcIncludes minimal APIs, endpoint filters, parameter binding, request delegate generator etcarea-mvcIncludes: MVC, Actions and Controllers, Localization, CORS, most templatesIncludes: MVC, Actions and Controllers, Localization, CORS, most templatesenhancementThis issue represents an ask for new feature or an enhancement to an existing oneThis issue represents an ask for new feature or an enhancement to an existing onefeature-openapi
Type
Fields
Give feedbackNo fields configured for Feature.
At the moment, when users enable authentication in their ASP.NET apps, they typically have to manually the describe the
OpenApiSecuritySchemesin their application and the top level and configureOpenApiSecurityRequirementsfor each route that requires authentication and authorization.We should infer as much of these definitions as possible so users don't need to configure auth twice, once for their application and another time for OpenAPI.
Provide metadata support for parts of the specification documented in https://swagger.io/docs/specification/authentication/.