Merge branch 'master' of github.com:abelsilva/swaggerwcf

README.md

@@ -111,13 +111,36 @@ Notes:
 * `tags` will be described further down
 
 #### Configure via code
+Configure the base properties via code. New: You can add security settings to your api (see also the new Security-Methodattribute)
+
 ```csharp
-SwaggerWcfEndpoint.Configure(new SwaggerWcf.Models.Info
+var info = new Info
+{
+Description = "Sample Service to test SwaggerWCF",
+Version = "0.0.1"
+// etc
+};
+
+var security = new SecurityDefinitions
 {
- Description = "Sample Service to test SwaggerWCF",
- Version = "0.0.1"
- // etc
-});
+ {
+ "api-gateway", new SecurityAuthorization
+ {
+ Type = "oauth2",
+ Name = "api-gateway",
+ Description = "Forces authentication with credentials via an api gateway",
+ Flow = "password",
+ Scopes = new Dictionary<string, string="">
+ {
+ { "author", "use author scope"},
+ { "admin", "use admin scope"},
+ },
+ AuthorizationUrl = "http://yourapi.net/oauth/token"
+ }
+ }
+};
+
+SwaggerWcfEndpoint.Configure(info, security);
 ```
 
 ### Step 5: Decorate WCF services interfaces
@@ -204,6 +227,7 @@ Note: make sure you add at least the `DataContract` and `DataMember` attributes
 | `SwaggerWcfDefinition` | `Class` | Configure a data type | `ExternalDocsDescription`, `ExternalDocsUrl` |
 | `SwaggerWcfReturnType` | `Method` | Override method return type | `ReturnType` |
 | `SwaggerWcfContentTypes` | `Method` | Override consume/produce content-types | `ConsumeTypes`, `ProduceTypes` |
+| `SwaggerWcfSecurity` | `Method` | Add security background to this method | `SecurityDefinitionName`, `params Scopes` |
 
 
 ## Tags

src/SwaggerWcf.Test.Service/Global.asax.cs

@@ -1,7 +1,9 @@
 using System;
+using System.Collections.Generic;
 using System.ServiceModel.Activation;
 using System.Web;
 using System.Web.Routing;
+using SwaggerWcf.Models;
 
 namespace SwaggerWcf.Test.Service
 {
@@ -11,6 +13,34 @@ protected void Application_Start(object sender, EventArgs e)
  {
  RouteTable.Routes.Add(new ServiceRoute("v1/rest", new WebServiceHostFactory(), typeof(BookStore)));
  RouteTable.Routes.Add(new ServiceRoute("api-docs", new WebServiceHostFactory(), typeof(SwaggerWcfEndpoint)));
+
+ var info = new Info
+ {
+ Description = "Sample Service to test SwaggerWCF",
+ Version = "0.0.1"
+ // etc
+ };
+
+ var security = new SecurityDefinitions
+ {
+ {
+ "api-gateway", new SecurityAuthorization
+ {
+ Type = "oauth2",
+ Name = "api-gateway",
+ Description = "Forces authentication with credentials via an api gateway",
+ Flow = "implicit",
+ Scopes = new Dictionary<string, string>
+ {
+ { "fu", "use fu scope"},
+ { "bar", "use bar scope"},
+ },
+ AuthorizationUrl = "http://yourapi.net/oauth/token"
+ }
+ }
+ };
+
+ SwaggerWcfEndpoint.Configure(info, security);
  }
 
  protected void Session_Start(object sender, EventArgs e)

src/SwaggerWcf.Test.Service/IStore.cs

@@ -11,6 +11,7 @@ public interface IStore
  {
  #region /books
 
+ [SwaggerWcfSecurity("api-gateway", "fu", "bar")]
  [SwaggerWcfPath("Create book", "Create a book on the store")]
  // default Method for WebInvoke is POST
  [WebInvoke(UriTemplate = "/books", BodyStyle = WebMessageBodyStyle.Wrapped, //Method = "POST",

src/SwaggerWcf/Attributes/SwaggerWcfHeaderAttribute.cs

@@ -5,7 +5,7 @@ namespace SwaggerWcf.Attributes
  /// <summary>
  /// Describe a parameter
  /// </summary>
- [AttributeUsage(AttributeTargets.Method)]
+ [AttributeUsage(AttributeTargets.Method, AllowMultiple = true)]
  public class SwaggerWcfHeaderAttribute : Attribute
  {
  /// <summary>

src/SwaggerWcf/Attributes/SwaggerWcfSecurityAttribute.cs

@@ -0,0 +1,33 @@
+using System;
+
+namespace SwaggerWcf.Attributes
+{
+ /// <summary>
+ /// Attribute to link operation to a security definition
+ /// </summary>
+ [AttributeUsage(AttributeTargets.Method, AllowMultiple = true)]
+ public class SwaggerWcfSecurityAttribute : Attribute
+ {
+ /// <summary>
+ /// Specify security definition for this operation
+ /// </summary>
+ /// <param name="securityDefinitionName">Name of the Security Definition</param>
+ /// <param name="scopes">Scopes of the security definition</param>
+ public SwaggerWcfSecurityAttribute(string securityDefinitionName, params string[] scopes)
+ {
+ SecurityDefinitionName = securityDefinitionName;
+ SecurityDefinitionScopes = scopes;
+ }
+
+ /// <summary>
+ /// Name of the Security Definition
+ /// </summary>
+ public string SecurityDefinitionName { get; set; }
+
+ /// <summary>
+ /// Scopes of the Security Definition
+ /// </summary>
+ public string[] SecurityDefinitionScopes { get; set; }
+
+ }
+}

src/SwaggerWcf/Models/PathAction.cs

@@ -40,7 +40,7 @@ public PathAction()
 
  public bool Deprecated { get; set; }
 
- //public List<Security> security { get; set; }
+ public List<KeyValuePair<string, string[]>> Security { get; set; }
 
  public void Serialize(JsonWriter writer)
  {
@@ -137,12 +137,38 @@ public void Serialize(JsonWriter writer)
  }
  writer.WriteEndArray();
  }
+
  if (Deprecated)
  {
  writer.WritePropertyName("deprecated");
  writer.WriteValue(Deprecated);
  }
 
+ if (Security != null && Security.Any())
+ {
+ writer.WritePropertyName("security");
+ writer.WriteStartArray();
+
+ foreach (var security in Security)
+ {
+ writer.WriteStartObject();
+ writer.WritePropertyName(security.Key);
+ writer.WriteStartArray();
+
+ if (security.Value != null && security.Value.Any())
+ {
+ foreach (var scopename in security.Value)
+ {
+ writer.WriteValue(scopename);
+ }
+ }
+ writer.WriteEndArray();
+ writer.WriteEndObject();
+ }
+
+ writer.WriteEndArray();
+ }
+
  writer.WriteEndObject();
  }
  }

src/SwaggerWcf/Models/SecurityAuthorization.cs

@@ -0,0 +1,118 @@
+using System.Collections.Generic;
+using Newtonsoft.Json;
+
+namespace SwaggerWcf.Models
+{
+ public class SecurityAuthorization
+ {
+ /// <summary>
+ /// (Required) The type of the security scheme. Valid values are "basic", "apiKey" or "oauth2".
+ /// </summary>
+ public string Type { get; set; }
+
+ /// <summary>
+ /// A short description for security scheme.
+ /// </summary>
+ public string Description { get; set; }
+
+ /// <summary>
+ /// (Required) The name of the header or query parameter to be used.
+ /// WARNING: Use only, when <see cref="Type"/> equals "apiKey"
+ /// </summary>
+ public string Name { get; set; }
+
+ /// <summary>
+ /// (Required) The location of the API key. Valid values are "query" or "header".
+ /// WARNING: Use only, when <see cref="Type"/> equals "apiKey"
+ /// </summary>
+ public string In { get; set; }
+
+ /// <summary>
+ /// (Required) The flow used by the OAuth2 security scheme. Valid values are "implicit", "password", "application" or "accessCode".
+ /// WARNING: Use only, when <see cref="Type"/> equals "oauth2"
+ /// </summary>
+ public string Flow { get; set; }
+
+ /// <summary>
+ /// (Required) The authorization URL to be used for this flow. This SHOULD be in the form of a URL.
+ /// WARNING: Use only, when <see cref="Type"/> equals "oauth2" and <see cref="Flow"/> equals "implicit" or "accessCode"
+ /// </summary>
+ public string AuthorizationUrl { get; set; }
+
+ /// <summary>
+ /// (Required) The token URL to be used for this flow. This SHOULD be in the form of a URL.
+ /// WARNING: Use only, when <see cref="Type"/> equals "oauth2" and <see cref="Flow"/> equals "password" or "application" or "accessCode"
+ /// </summary>
+ public string TokenUrl { get; set; }
+
+ /// <summary>
+ /// (Required) The available scopes for the OAuth2 security scheme.
+ /// This maps between a name of a scope to a short description of it (as the value of the property).
+ /// WARNING: Use only, when <see cref="Type"/> equals "oauth2"
+ /// </summary>
+ public Dictionary<string, string> Scopes { get; set; }
+
+ public void Serialize(JsonWriter writer)
+ {
+ writer.WriteStartObject();
+
+ if (Type != null)
+ {
+ writer.WritePropertyName("type");
+ writer.WriteValue(Type);
+ }
+
+ if (Description != null)
+ {
+ writer.WritePropertyName("description");
+ writer.WriteValue(Description);
+ }
+
+ if (Name != null)
+ {
+ writer.WritePropertyName("name");
+ writer.WriteValue(Name);
+ }
+
+ if (In != null)
+ {
+ writer.WritePropertyName("in");
+ writer.WriteValue(In);
+ }
+
+ if (Flow != null)
+ {
+ writer.WritePropertyName("flow");
+ writer.WriteValue(Flow);
+ }
+
+ if (AuthorizationUrl != null)
+ {
+ writer.WritePropertyName("authorizationUrl");
+ writer.WriteValue(AuthorizationUrl);
+ }
+
+ if (TokenUrl != null)
+ {
+ writer.WritePropertyName("tokenUrl");
+ writer.WriteValue(TokenUrl);
+ }
+
+ if (Scopes != null)
+ {
+ writer.WritePropertyName("scopes");
+ writer.WriteStartObject();
+
+ foreach (var scope in Scopes)
+ {
+ writer.WritePropertyName(scope.Key);
+ writer.WriteValue(scope.Value);
+ }
+
+ writer.WriteEndObject();
+ }
+
+ writer.WriteEndObject();
+ }
+ }
+}

src/SwaggerWcf/Models/SecurityDefinitions.cs

@@ -0,0 +1,9 @@
+using System.Collections.Generic;
+
+namespace SwaggerWcf.Models
+{
+ public class SecurityDefinitions : Dictionary<string, SecurityAuthorization>
+ {
+ //This is just a wrapper
+ }
+}

src/SwaggerWcf/Models/Service.cs

@@ -25,6 +25,8 @@ public Service()
 
  public List<Definition> Definitions { get; set; }
 
+ public SecurityDefinitions SecurityDefinitions { get; set; }
+
  public void Serialize(JsonWriter writer)
  {
  writer.WriteStartObject();
@@ -58,6 +60,13 @@ public void Serialize(JsonWriter writer)
  writer.WritePropertyName("definitions");
  WriteDefinitions(writer);
  }
+
+ if (SecurityDefinitions != null && SecurityDefinitions.Any())
+ {
+ writer.WritePropertyName("securityDefinitions");
+ WriteSecurityDefinitions(writer);
+ }
+
  writer.WriteEndObject();
  }
 
@@ -80,5 +89,16 @@ private void WriteDefinitions(JsonWriter writer)
  }
  writer.WriteEndObject();
  }
+
+ private void WriteSecurityDefinitions(JsonWriter writer)
+ {
+ writer.WriteStartObject();
+ foreach (var d in SecurityDefinitions)
+ {
+ writer.WritePropertyName(d.Key);
+ d.Value.Serialize(writer);
+ }
+ writer.WriteEndObject();
+ }
  }
 }