Merge pull request #43 from damienbod/dev

damienbod · web-flow · commit b1389ecee024 · 2025-12-15T13:07:19.000+01:00
.NET 10 APIs sample
diff --git a/DownstreamApis/UserApiOne/BearerSecuritySchemeTransformer.cs b/DownstreamApis/UserApiOne/BearerSecuritySchemeTransformer.cs
@@ -0,0 +1,34 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.OpenApi;
+using Microsoft.OpenApi;
+
+namespace UserApiOne;
+
+internal sealed class BearerSecuritySchemeTransformer(IAuthenticationSchemeProvider authenticationSchemeProvider) : IOpenApiDocumentTransformer
+{
+    public async Task TransformAsync(OpenApiDocument document, OpenApiDocumentTransformerContext context, CancellationToken cancellationToken)
+    {
+        var authenticationSchemes = await authenticationSchemeProvider.GetAllSchemesAsync();
+        if (authenticationSchemes.Any(authScheme => authScheme.Name == "Bearer"))
+        {
+            var requirements = new Dictionary<string, IOpenApiSecurityScheme>
+            {
+                ["Bearer"] = new OpenApiSecurityScheme
+                {
+                    Type = SecuritySchemeType.Http,
+                    Scheme = "bearer", // "bearer" refers to the header name here
+                    In = ParameterLocation.Header,
+                    BearerFormat = "Json Web Token"
+                }
+            };
+            document.Components ??= new OpenApiComponents();
+            document.Components.SecuritySchemes = requirements;
+        }
+        document.Info = new()
+        {
+            Title = "My API Bearer scheme",
+            Version = "v1",
+            Description = "API for Damien"
+        };
+    }
+}
diff --git a/DownstreamApis/UserApiOne/Program.cs b/DownstreamApis/UserApiOne/Program.cs
@@ -2,7 +2,7 @@
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc.Authorization;
 using Microsoft.Identity.Web;
-using Microsoft.OpenApi.Models;
+using Microsoft.OpenApi;
 using UserApiOne;
 
 var builder = WebApplication.CreateBuilder(args);
@@ -17,41 +17,19 @@
     .EnableTokenAcquisitionToCallDownstreamApi()
     .AddDistributedTokenCaches();
 
-builder.Services.AddSwaggerGen(c =>
+builder.Services.AddOpenApi(options =>
 {
-    // add JWT Authentication
-    var securityScheme = new OpenApiSecurityScheme
-    {
-        Name = "JWT Authentication",
-        Description = "Enter JWT Bearer token **_only_**",
-        In = ParameterLocation.Header,
-        Type = SecuritySchemeType.Http,
-        Scheme = "bearer", // must be lower case
-        BearerFormat = "JWT",
-        Reference = new OpenApiReference
-        {
-            Id = JwtBearerDefaults.AuthenticationScheme,
-            Type = ReferenceType.SecurityScheme
-        }
-    };
-    c.AddSecurityDefinition(securityScheme.Reference.Id, securityScheme);
-    c.AddSecurityRequirement(new OpenApiSecurityRequirement
-            {
-                {securityScheme, Array.Empty<string>()}
-            });
-
-    c.SwaggerDoc("v1", new OpenApiInfo
-    {
-        Title = "User API One",
-        Version = "v1",
-        Description = "User API One",
-        Contact = new OpenApiContact
-        {
-            Name = "damienbod",
-            Email = string.Empty,
-            Url = new Uri("https://damienbod.com/"),
-        },
-    });
+    //options.UseTransformer((document, context, cancellationToken) =>
+    //{
+    //    document.Info = new()
+    //    {
+    //        Title = "My API",
+    //        Version = "v1",
+    //        Description = "API for Damien"
+    //    };
+    //    return Task.CompletedTask;
+    //});
+    options.AddDocumentTransformer<BearerSecuritySchemeTransformer>();
 });
 
 builder.Services.AddControllers(options =>
@@ -71,13 +49,6 @@
     app.UseHsts();
 }
 
-app.UseSwagger();
-app.UseSwaggerUI(c =>
-{
-    c.SwaggerEndpoint("/swagger/v1/swagger.json", "User API Two");
-    c.RoutePrefix = string.Empty;
-});
-
 app.UseHttpsRedirection();
 
 app.UseRouting();
@@ -87,4 +58,14 @@
 
 app.MapControllers();
 
+app.MapOpenApi("/openapi/v1/openapi.json");
+
+if (app.Environment.IsDevelopment())
+{
+    app.UseSwaggerUI(options =>
+    {
+        options.SwaggerEndpoint("/openapi/v1/openapi.json", "v1");
+    });
+}
+
 app.Run();
diff --git a/DownstreamApis/UserApiOne/Properties/launchSettings.json b/DownstreamApis/UserApiOne/Properties/launchSettings.json
@@ -3,7 +3,7 @@
     "UserApiOne": {
       "commandName": "Project",
       "launchBrowser": true,
-      "launchUrl": "",
+      "launchUrl": "swagger",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       },
diff --git a/DownstreamApis/UserApiOne/UserApiOne.csproj b/DownstreamApis/UserApiOne/UserApiOne.csproj
@@ -1,15 +1,18 @@
 ﻿<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <UserSecretsId>aspnet-UserApiOne-2ba0bbf9-49f5-452e-8333-1e33a467b74e</UserSecretsId>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="3.7.0" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="4.1.1" />
+
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="1.3.0" />
+    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.0" />
+    <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.0.1" />
   </ItemGroup>
 
 </Project>
diff --git a/DownstreamApis/UserApiTwo/BearerSecuritySchemeTransformer.cs b/DownstreamApis/UserApiTwo/BearerSecuritySchemeTransformer.cs
@@ -0,0 +1,34 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.OpenApi;
+using Microsoft.OpenApi;
+
+namespace UserApiTwo;
+
+internal sealed class BearerSecuritySchemeTransformer(IAuthenticationSchemeProvider authenticationSchemeProvider) : IOpenApiDocumentTransformer
+{
+    public async Task TransformAsync(OpenApiDocument document, OpenApiDocumentTransformerContext context, CancellationToken cancellationToken)
+    {
+        var authenticationSchemes = await authenticationSchemeProvider.GetAllSchemesAsync();
+        if (authenticationSchemes.Any(authScheme => authScheme.Name == "Bearer"))
+        {
+            var requirements = new Dictionary<string, IOpenApiSecurityScheme>
+            {
+                ["Bearer"] = new OpenApiSecurityScheme
+                {
+                    Type = SecuritySchemeType.Http,
+                    Scheme = "bearer", // "bearer" refers to the header name here
+                    In = ParameterLocation.Header,
+                    BearerFormat = "Json Web Token"
+                }
+            };
+            document.Components ??= new OpenApiComponents();
+            document.Components.SecuritySchemes = requirements;
+        }
+        document.Info = new()
+        {
+            Title = "My API Bearer scheme",
+            Version = "v1",
+            Description = "API for Damien"
+        };
+    }
+}
diff --git a/DownstreamApis/UserApiTwo/Program.cs b/DownstreamApis/UserApiTwo/Program.cs
@@ -3,7 +3,8 @@
 using Microsoft.AspNetCore.Mvc.Authorization;
 using Microsoft.Identity.Web;
 using Microsoft.IdentityModel.JsonWebTokens;
-using Microsoft.OpenApi.Models;
+using Microsoft.OpenApi;
+using UserApiTwo;
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -13,41 +14,19 @@
 builder.Services.AddMicrosoftIdentityWebApiAuthentication(
     builder.Configuration, "AzureAd");
 
-builder.Services.AddSwaggerGen(c =>
+builder.Services.AddOpenApi(options =>
 {
-    // add JWT Authentication
-    var securityScheme = new OpenApiSecurityScheme
-    {
-        Name = "JWT Authentication",
-        Description = "Enter JWT Bearer token **_only_**",
-        In = ParameterLocation.Header,
-        Type = SecuritySchemeType.Http,
-        Scheme = "bearer", // must be lower case
-        BearerFormat = "JWT",
-        Reference = new OpenApiReference
-        {
-            Id = JwtBearerDefaults.AuthenticationScheme,
-            Type = ReferenceType.SecurityScheme
-        }
-    };
-    c.AddSecurityDefinition(securityScheme.Reference.Id, securityScheme);
-    c.AddSecurityRequirement(new OpenApiSecurityRequirement
-            {
-                {securityScheme, Array.Empty<string>()}
-            });
-
-    c.SwaggerDoc("v1", new OpenApiInfo
-    {
-        Title = "User API Two",
-        Version = "v1",
-        Description = "User API Two",
-        Contact = new OpenApiContact
-        {
-            Name = "damienbod",
-            Email = string.Empty,
-            Url = new Uri("https://damienbod.com/"),
-        },
-    });
+    //options.UseTransformer((document, context, cancellationToken) =>
+    //{
+    //    document.Info = new()
+    //    {
+    //        Title = "My API",
+    //        Version = "v1",
+    //        Description = "API for Damien"
+    //    };
+    //    return Task.CompletedTask;
+    //});
+    options.AddDocumentTransformer<BearerSecuritySchemeTransformer>();
 });
 
 builder.Services.AddControllers(options =>
@@ -69,13 +48,6 @@
     app.UseHsts();
 }
 
-app.UseSwagger();
-app.UseSwaggerUI(c =>
-{
-    c.SwaggerEndpoint("/swagger/v1/swagger.json", "User API Two");
-    c.RoutePrefix = string.Empty;
-});
-
 app.UseHttpsRedirection();
 
 app.UseRouting();
@@ -85,4 +57,14 @@
 
 app.MapControllers();
 
+app.MapOpenApi("/openapi/v1/openapi.json");
+
+if (app.Environment.IsDevelopment())
+{
+    app.UseSwaggerUI(options =>
+    {
+        options.SwaggerEndpoint("/openapi/v1/openapi.json", "v1");
+    });
+}
+
 app.Run();
diff --git a/DownstreamApis/UserApiTwo/Properties/launchSettings.json b/DownstreamApis/UserApiTwo/Properties/launchSettings.json
@@ -3,7 +3,7 @@
     "UserApiTwo": {
       "commandName": "Project",
       "launchBrowser": true,
-      "launchUrl": "",
+      "launchUrl": "swagger",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       },
diff --git a/DownstreamApis/UserApiTwo/UserApiTwo.csproj b/DownstreamApis/UserApiTwo/UserApiTwo.csproj
@@ -1,14 +1,17 @@
 ﻿<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net9.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Identity.Web" Version="3.7.0" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="4.1.1" />
+
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="1.3.0" />
+    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.0" />
+    <PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="10.0.1" />
   </ItemGroup>
 
 </Project>
diff --git a/DownstreamApis/WebAppUserApis/BearerSecuritySchemeTransformer.cs b/DownstreamApis/WebAppUserApis/BearerSecuritySchemeTransformer.cs
@@ -0,0 +1,34 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.OpenApi;
+using Microsoft.OpenApi;
+
+namespace WebAppUserApis;
+
+internal sealed class BearerSecuritySchemeTransformer(IAuthenticationSchemeProvider authenticationSchemeProvider) : IOpenApiDocumentTransformer
+{
+    public async Task TransformAsync(OpenApiDocument document, OpenApiDocumentTransformerContext context, CancellationToken cancellationToken)
+    {
+        var authenticationSchemes = await authenticationSchemeProvider.GetAllSchemesAsync();
+        if (authenticationSchemes.Any(authScheme => authScheme.Name == "Bearer"))
+        {
+            var requirements = new Dictionary<string, IOpenApiSecurityScheme>
+            {
+                ["Bearer"] = new OpenApiSecurityScheme
+                {
+                    Type = SecuritySchemeType.Http,
+                    Scheme = "bearer", // "bearer" refers to the header name here
+                    In = ParameterLocation.Header,
+                    BearerFormat = "Json Web Token"
+                }
+            };
+            document.Components ??= new OpenApiComponents();
+            document.Components.SecuritySchemes = requirements;
+        }
+        document.Info = new()
+        {
+            Title = "My API Bearer scheme",
+            Version = "v1",
+            Description = "API for Damien"
+        };
+    }
+}
diff --git a/DownstreamApis/WebAppUserApis/CallUserApiOne/UserApiOneService.cs b/DownstreamApis/WebAppUserApis/CallUserApiOne/UserApiOneService.cs
@@ -1,5 +1,4 @@
 ﻿using Microsoft.Identity.Web;
-using Newtonsoft.Json.Linq;
 using System.Net.Http.Headers;
 
 namespace WebAppUserApis;
@@ -19,7 +18,7 @@ public UserApiOneService(IHttpClientFactory clientFactory,
         _configuration = configuration;
     }
 
-    public async Task<JArray> GetApiDataAsync()
+    public async Task<string> GetApiDataAsync()
     {
 
         var client = _clientFactory.CreateClient();
@@ -40,9 +39,7 @@ public async Task<JArray> GetApiDataAsync()
         if (response.IsSuccessStatusCode)
         {
             var responseContent = await response.Content.ReadAsStringAsync();
-            var data = JArray.Parse(responseContent);
-
-            return data;
+            return responseContent;
         }
 
         throw new ApplicationException($"Status code: {response.StatusCode}, Error: {response.ReasonPhrase}");
diff --git a/DownstreamApis/WebAppUserApis/Pages/CallApi.cshtml.cs b/DownstreamApis/WebAppUserApis/Pages/CallApi.cshtml.cs
@@ -1,6 +1,5 @@
 ﻿using Microsoft.AspNetCore.Mvc.RazorPages;
 using Microsoft.Identity.Web;
-using Newtonsoft.Json.Linq;
 
 namespace WebAppUserApis.Pages;
 
@@ -9,7 +8,7 @@ public class CallApiModel : PageModel
 {
     private readonly UserApiOneService _apiService;
 
-    public JArray? DataFromApi { get; set; }
+    public string? DataFromApi { get; set; }
 
     public CallApiModel(UserApiOneService apiService)
     {
diff --git a/DownstreamApis/WebAppUserApis/WebAppUserApis.csproj b/DownstreamApis/WebAppUserApis/WebAppUserApis.csproj

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,4 @@`
`1`	`1`	`using Microsoft.Identity.Web;`
`2`		`-using Newtonsoft.Json.Linq;`
`3`	`2`	`using System.Net.Http.Headers;`
`4`	`3`
`5`	`4`	`namespace WebAppUserApis;`
`@@ -19,7 +18,7 @@ public UserApiOneService(IHttpClientFactory clientFactory,`
`19`	`18`	`_configuration = configuration;`
`20`	`19`	`}`
`21`	`20`
`22`		`- public async Task<JArray> GetApiDataAsync()`
	`21`	`+ public async Task<string> GetApiDataAsync()`
`23`	`22`	`{`
`24`	`23`
`25`	`24`	`var client = _clientFactory.CreateClient();`
`@@ -40,9 +39,7 @@ public async Task<JArray> GetApiDataAsync()`
`40`	`39`	`if (response.IsSuccessStatusCode)`
`41`	`40`	`{`
`42`	`41`	`var responseContent = await response.Content.ReadAsStringAsync();`
`43`		`- var data = JArray.Parse(responseContent);`
`44`		`-`
`45`		`- return data;`
	`42`	`+ return responseContent;`
`46`	`43`	`}`
`47`	`44`
`48`	`45`	`throw new ApplicationException($"Status code: {response.StatusCode}, Error: {response.ReasonPhrase}");`