Fix compilation errors from Swashbuckle v10 / Microsoft.OpenApi v2 upgrade

src/Workleap.AspNetCore.Authentication.ClientCredentialsGrant/OpenAPI/SecurityDefinitionDocumentFilter.cs

@@ -1,6 +1,6 @@
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.Extensions.Options;
-using Microsoft.OpenApi.Models;
+using Microsoft.OpenApi;
 using Swashbuckle.AspNetCore.SwaggerGen;
 
 namespace Workleap.AspNetCore.Authentication.ClientCredentialsGrant.OpenAPI;
@@ -16,7 +16,7 @@ public void Apply(OpenApiDocument swaggerDoc, DocumentFilterContext context)
     {
         var apiPermissions = context.ApiDescriptions.SelectMany(SwaggerUtils.GetRequiredPermissions).ToHashSet(StringComparer.Ordinal);
 
-        swaggerDoc.Components.SecuritySchemes.Add(
+        swaggerDoc.Components?.SecuritySchemes?.Add(
             ClientCredentialsDefaults.OpenApiSecurityDefinitionId,
             new OpenApiSecurityScheme
             {

src/Workleap.AspNetCore.Authentication.ClientCredentialsGrant/OpenAPI/SecurityRequirementOperationFilter.cs

@@ -4,7 +4,7 @@
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.WebUtilities;
 using Microsoft.Extensions.Options;
-using Microsoft.OpenApi.Models;
+using Microsoft.OpenApi;
 using Swashbuckle.AspNetCore.SwaggerGen;
 
 namespace Workleap.AspNetCore.Authentication.ClientCredentialsGrant.OpenAPI;
@@ -32,30 +32,23 @@ public void Apply(OpenApiOperation operation, OperationFilterContext context)
 
     private static void AddAuthenticationAndAuthorizationErrorResponse(OpenApiOperation operation)
     {
-        operation.Responses.TryAdd(StatusCodes.Status401Unauthorized.ToString(CultureInfo.InvariantCulture), new OpenApiResponse { Description = ReasonPhrases.GetReasonPhrase(StatusCodes.Status401Unauthorized) });
-        operation.Responses.TryAdd(StatusCodes.Status403Forbidden.ToString(CultureInfo.InvariantCulture), new OpenApiResponse { Description = ReasonPhrases.GetReasonPhrase(StatusCodes.Status403Forbidden) });
+        operation.Responses?.TryAdd(StatusCodes.Status401Unauthorized.ToString(CultureInfo.InvariantCulture), new OpenApiResponse { Description = ReasonPhrases.GetReasonPhrase(StatusCodes.Status401Unauthorized) });
+        operation.Responses?.TryAdd(StatusCodes.Status403Forbidden.ToString(CultureInfo.InvariantCulture), new OpenApiResponse { Description = ReasonPhrases.GetReasonPhrase(StatusCodes.Status403Forbidden) });
     }
 
     private void AddOperationSecurityReference(OpenApiOperation operation, HashSet<string> permissions)
     {
-        var isAlreadyReferencingSecurityDefinition = operation.Security.Any(requirement => requirement.Keys.Any(key => key.Reference?.Id == ClientCredentialsDefaults.OpenApiSecurityDefinitionId));
+        var isAlreadyReferencingSecurityDefinition = operation.Security?.Any(requirement => requirement.Keys.Any(key => key.Reference?.Id == ClientCredentialsDefaults.OpenApiSecurityDefinitionId)) ?? false;
         if (isAlreadyReferencingSecurityDefinition)
         {
             return;
         }
 
-        var securityScheme = new OpenApiSecurityScheme
-        {
-            Reference = new OpenApiReference
-            {
-                Type = ReferenceType.SecurityScheme,
-                Id = ClientCredentialsDefaults.OpenApiSecurityDefinitionId,
-            },
-        };
+        var securitySchemeRef = new OpenApiSecuritySchemeReference(ClientCredentialsDefaults.OpenApiSecurityDefinitionId);
 
-        operation.Security.Add(new OpenApiSecurityRequirement
+        operation.Security?.Add(new OpenApiSecurityRequirement
         {
-            [securityScheme] = this.ExtractScopes(permissions).ToList(),
+            [securitySchemeRef] = this.ExtractScopes(permissions).ToList(),
         });
     }
 

src/Workleap.AspNetCore.Authentication.ClientCredentialsGrant/Workleap.AspNetCore.Authentication.ClientCredentialsGrant.csproj

@@ -14,7 +14,8 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12"/>
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="9.0.6" />
+    <PackageReference Include="Microsoft.OpenApi" Version="2.3.0" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.0" />
     <PackageReference Include="Microsoft.CodeAnalysis.PublicApiAnalyzers" Version="4.14.0">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>

src/tests/WebApi.OpenAPI.SystemTest/SwaggerConfigurationExtensions.cs

@@ -1,4 +1,4 @@
-using Microsoft.OpenApi.Models;
+using Microsoft.OpenApi;
 
 namespace WebApi.OpenAPI.SystemTest;
 

src/tests/WebApi.OpenAPI.SystemTest/WebApi.OpenAPI.SystemTest.csproj

@@ -3,16 +3,19 @@
         <TargetFramework>net8.0</TargetFramework>
         <IsPackable>false</IsPackable>
         <WarnOnPackingNonPackableProject>false</WarnOnPackingNonPackableProject>
+        <GenerateOpenApiDocument>false</GenerateOpenApiDocument>
+        <ValidateOpenApiDocument>false</ValidateOpenApiDocument>
     </PropertyGroup>
 
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.4" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="9.0.6" />
-    <PackageReference Include="Swashbuckle.AspNetCore.Annotations" Version="9.0.6" />
-    <PackageReference Include="Workleap.OpenApi.MSBuild" Version="0.12.3">
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.0" />
+    <PackageReference Include="Swashbuckle.AspNetCore.Annotations" Version="10.1.0" />
+    <!-- Temporarily disabled due to Swashbuckle v10 / Microsoft.OpenApi v2 incompatibility -->
+    <!--<PackageReference Include="Workleap.OpenApi.MSBuild" Version="0.12.3">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-    </PackageReference>
+    </PackageReference>-->
   </ItemGroup>
 
   <PropertyGroup>