Merge pull request #88 from PandaTechAM/development

swagger headers bug fix

Author: HaikAsatryan

src/SharedKernel/OpenApi/OpenApiOptionsExtensions.cs

@@ -30,42 +30,38 @@ internal OpenApiOptions AddDocument(Document doc, OpenApiConfig openApiConfig)
 
          return options;
       }
-
+      
       internal OpenApiOptions UseApiSecuritySchemes(OpenApiConfig? config)
       {
-         if (config?.SecuritySchemes is not { Count: > 0 })
-         {
-            return options;
-         }
+         if (config?.SecuritySchemes is not { Count: > 0 }) { return options; }
 
          options.AddDocumentTransformer((document, _, _) =>
          {
             document.Components ??= new OpenApiComponents();
-            document.Components.SecuritySchemes ??= new Dictionary<string, IOpenApiSecurityScheme>(StringComparer.Ordinal);
+            document.Components.SecuritySchemes ??=
+               new Dictionary<string, IOpenApiSecurityScheme>(StringComparer.Ordinal);
+
+            document.Security ??= new List<OpenApiSecurityRequirement>();
+            document.Security.Clear();
 
-            foreach (var scheme in config.SecuritySchemes)
+            foreach (var s in config.SecuritySchemes)
             {
-               document.Components.SecuritySchemes[scheme.HeaderName] = new OpenApiSecurityScheme
+               // Strongly recommended: separate ID from header name.
+               // If you can't change config now, keep s.HeaderName as the ID.
+               var schemeId = s.HeaderName;
+
+               document.Components.SecuritySchemes[schemeId] = new OpenApiSecurityScheme
                {
                   Type = SecuritySchemeType.ApiKey,
                   In = ParameterLocation.Header,
-                  Name = scheme.HeaderName,
-                  Description = scheme.Description
+                  Name = s.HeaderName,
+                  Description = s.Description
                };
-            }
-
-            return Task.CompletedTask;
-         });
-
-         options.AddOperationTransformer((operation, _, _) =>
-         {
-            operation.Security ??= new List<OpenApiSecurityRequirement>();
 
-            foreach (var scheme in config.SecuritySchemes)
-            {
-               operation.Security.Add(new OpenApiSecurityRequirement
+               // IMPORTANT: reference must be created with document context
+               document.Security.Add(new OpenApiSecurityRequirement
                {
-                  [new OpenApiSecuritySchemeReference(scheme.HeaderName)] = []
+                  [new OpenApiSecuritySchemeReference(schemeId, document)] = []
                });
             }
 
@@ -74,5 +70,49 @@ [new OpenApiSecuritySchemeReference(scheme.HeaderName)] = []
 
          return options;
       }
+
+      // internal OpenApiOptions UseApiSecuritySchemes(OpenApiConfig? config)
+      // {
+      //    if (config?.SecuritySchemes is not { Count: > 0 })
+      //    {
+      //       return options;
+      //    }
+      //
+      //    options.AddDocumentTransformer((document, _, _) =>
+      //    {
+      //       document.Components ??= new OpenApiComponents();
+      //       document.Components.SecuritySchemes ??= new Dictionary<string, IOpenApiSecurityScheme>(StringComparer.Ordinal);
+      //
+      //       foreach (var scheme in config.SecuritySchemes)
+      //       {
+      //          document.Components.SecuritySchemes[scheme.HeaderName] = new OpenApiSecurityScheme
+      //          {
+      //             Type = SecuritySchemeType.ApiKey,
+      //             In = ParameterLocation.Header,
+      //             Name = scheme.HeaderName,
+      //             Description = scheme.Description
+      //          };
+      //       }
+      //
+      //       return Task.CompletedTask;
+      //    });
+      //
+      //    options.AddOperationTransformer((operation, _, _) =>
+      //    {
+      //       operation.Security ??= new List<OpenApiSecurityRequirement>();
+      //
+      //       foreach (var scheme in config.SecuritySchemes)
+      //       {
+      //          operation.Security.Add(new OpenApiSecurityRequirement
+      //          {
+      //             [new OpenApiSecuritySchemeReference(scheme.HeaderName)] = []
+      //          });
+      //       }
+      //
+      //       return Task.CompletedTask;
+      //    });
+      //
+      //    return options;
+      // }
    }
 }

src/SharedKernel/SharedKernel.csproj

@@ -8,13 +8,13 @@
         <PackageReadmeFile>Readme.md</PackageReadmeFile>
         <Authors>Pandatech</Authors>
         <Copyright>MIT</Copyright>
-        <Version>2.1.1</Version>
+        <Version>2.1.2</Version>
         <PackageId>Pandatech.SharedKernel</PackageId>
         <Title>Pandatech Shared Kernel Library</Title>
         <PackageTags>Pandatech, shared kernel, library, OpenAPI, Swagger, utilities, scalar</PackageTags>
         <Description>Pandatech.SharedKernel provides centralized configurations, utilities, and extensions for ASP.NET Core projects. For more information refere to readme.md document.</Description>
         <RepositoryUrl>https://github.com/PandaTechAM/be-lib-sharedkernel</RepositoryUrl>
-        <PackageReleaseNotes>request/response logging armenian support</PackageReleaseNotes>
+        <PackageReleaseNotes>Swagger headers bug fix</PackageReleaseNotes>
 
 
         <!-- Never run analyzers as part of compilation (local, CI, dotnet build/test/publish) -->
@@ -65,7 +65,7 @@
         <PackageReference Include="Pandatech.FluentMinimalApiMapper" Version="3.0.1"/>
         <PackageReference Include="Pandatech.PandaVaultClient" Version="5.0.1"/>
         <PackageReference Include="Pandatech.ResponseCrafter" Version="6.0.1"/>
-        <PackageReference Include="Scalar.AspNetCore" Version="2.12.18"/>
+        <PackageReference Include="Scalar.AspNetCore" Version="2.12.24" />
         <PackageReference Include="Serilog.AspNetCore" Version="10.0.0"/>
         <PackageReference Include="Serilog.Sinks.Async" Version="2.1.0"/>
         <PackageReference Include="Serilog.Sinks.Grafana.Loki" Version="8.3.2"/>