.Net WebApi接口之Swagger UI 隐藏指定接口类或方法
swagger的一个最大的优点是能实时同步api与文档,但有些时候我们不想全部公开接口,而要隐藏或屏蔽一些接口类或方法,swagger也是支持的,只需要设置一下DocumentFilter方法。
第一步:在SwaggerConfig.cs配置文件中设置DocumentFileter
public class SwaggerConfig { public static void Register() { var thisAssembly = typeof(SwaggerConfig).Assembly; GlobalConfiguration.Configuration .EnableSwagger(c => { // By default, the service root url is inferred from the request used to access the docs. // However, there may be situations (e.g. proxy and load-balanced environments) where this does not // resolve correctly. You can workaround this by providing your own code to determine the root URL. // //c.RootUrl(req => GetRootUrlFromAppConfig()); // If schemes are not explicitly provided in a Swagger 2.0 document, then the scheme used to access // the docs is taken as the default. If your API supports multiple schemes and you want to be explicit // about them, you can use the "Schemes" option as shown below. // //c.Schemes(new[] { "http", "https" }); // Use "SingleApiVersion" to describe a single version API. Swagger 2.0 includes an "Info" object to // hold additional metadata for an API. Version and title are required but you can also provide // additional fields by chaining methods off SingleApiVersion. // c.SingleApiVersion("v1", "Project.Example.WebApi在线文档接口"); // If you want the output Swagger docs to be indented properly, enable the "PrettyPrint" option. // //c.PrettyPrint(); // If your API has multiple versions, use "MultipleApiVersions" instead of "SingleApiVersion". // In this case, you must provide a lambda that tells Swashbuckle which actions should be // included in the docs for a given API version. Like "SingleApiVersion", each call to "Version" // returns an "Info" builder so you can provide additional metadata per API version. // //c.MultipleApiVersions( // (apiDesc, targetApiVersion) => ResolveVersionSupportByRouteConstraint(apiDesc, targetApiVersion), // (vc) => // { // vc.Version("v2", "Swashbuckle Dummy API V2"); // vc.Version("v1", "Swashbuckle Dummy API V1"); // }); // You can use "BasicAuth", "ApiKey" or "OAuth2" options to describe security schemes for the API. // See https://github.com/swagger-api/swagger-spec/blob/master/versions/2.0.md for more details. // NOTE: These only define the schemes and need to be coupled with a corresponding "security" property // at the document or operation level to indicate which schemes are required for an operation. To do this, // you'll need to implement a custom IDocumentFilter and/or IOperationFilter to set these properties // according to your specific authorization implementation // //取消注释是为了请求验证 c.BasicAuth("basic").Description("Basic HTTP Authentication"); //将swagger中输入的api-key添加到请求头中 c.ApiKey("apikey") .Description("API Key Authentication") .Name("apikey") .In("header"); // // NOTE: You must also configure 'EnableApiKeySupport' below in the SwaggerUI section //c.ApiKey("apiKey") // .Description("API Key Authentication") // .Name("apiKey") // .In("header"); // //c.OAuth2("oauth2") // .Description("OAuth2 Implicit Grant") // .Flow("implicit") // .AuthorizationUrl("http://petstore.swagger.wordnik.com/api/oauth/dialog") // //.TokenUrl("https://tempuri.org/token") // .Scopes(scopes => // { // scopes.Add("read", "Read access to protected resources"); // scopes.Add("write", "Write access to protected resources"); // }); // Set this flag to omit descriptions for any actions decorated with the Obsolete attribute //c.IgnoreObsoleteActions(); // Each operation be assigned one or more tags which are then used by consumers for various reasons. // For example, the swagger-ui groups operations according to the first tag of each operation. // By default, this will be controller name but you can use the "GroupActionsBy" option to // override with any value. // //c.GroupActionsBy(apiDesc => apiDesc.HttpMethod.ToString()); // You can also specify a custom sort order for groups (as defined by "GroupActionsBy") to dictate // the order in which operations are listed. For example, if the default grouping is in place // (controller name) and you specify a descending alphabetic sort order, then actions from a // ProductsController will be listed before those from a CustomersController. This is typically // used to customize the order of groupings in the swagger-ui. // //c.OrderActionGroupsBy(new DescendingAlphabeticComparer()); // If you annotate Controllers and API Types with // Xml comments (http://msdn.microsoft.com/en-us/library/b2s063f7(v=vs.110).aspx), you can incorporate // those comments into the generated docs and UI. You can enable this by providing the path to one or // more Xml comment files. // //c.IncludeXmlComments(GetXmlCommentsPath()); // Swashbuckle makes a best attempt at generating Swagger compliant JSON schemas for the various types // exposed in your API. However, there may be occasions when more control of the output is needed. // This is supported through the "MapType" and "SchemaFilter" options: // // Use the "MapType" option to override the Schema generation for a specific type. // It should be noted that the resulting Schema will be placed "inline" for any applicable Operations. // While Swagger 2.0 supports inline definitions for "all" Schema types, the swagger-ui tool does not. // It expects "complex" Schemas to be defined separately and referenced. For this reason, you should only // use the "MapType" option when the resulting Schema is a primitive or array type. If you need to alter a // complex Schema, use a Schema filter. // //c.MapType<ProductType>(() => new Schema { type = "integer", format = "int32" }); // If you want to post-modify "complex" Schemas once they've been generated, across the board or for a // specific type, you can wire up one or more Schema filters. // //c.SchemaFilter<ApplySchemaVendorExtensions>(); // In a Swagger 2.0 document, complex types are typically declared globally and referenced by unique // Schema Id. By default, Swashbuckle does NOT use the full type name in Schema Ids. In most cases, this // works well because it prevents the "implementation detail" of type namespaces from leaking into your // Swagger docs and UI. However, if you have multiple types in your API with the same class name, you'll // need to opt out of this behavior to avoid Schema Id conflicts. // c.UseFullTypeNameInSchemaIds(); //解决在生成swagger文档时类名冲突问题(不同的命名空间中定义了两个具有相同名称的不同类) //c.SchemaId(x => x.FullName); // Alternatively, you can provide your own custom strategy for inferring SchemaId's for // describing "complex" types in your API. // //c.SchemaId(t => t.FullName.Contains('`') ? t.FullName.Substring(0, t.FullName.IndexOf('`')) : t.FullName); // Set this flag to omit schema property descriptions for any type properties decorated with the // Obsolete attribute //c.IgnoreObsoleteProperties(); // In accordance with the built in JsonSerializer, Swashbuckle will, by default, describe enums as integers. // You can change the serializer behavior by configuring the StringToEnumConverter globally or for a given // enum type. Swashbuckle will honor this change out-of-the-box. However, if you use a different // approach to serialize enums as strings, you can also force Swashbuckle to describe them as strings. // //c.DescribeAllEnumsAsStrings(); // Similar to Schema filters, Swashbuckle also supports Operation and Document filters: // // Post-modify Operation descriptions once they've been generated by wiring up one or more // Operation filters. // //c.OperationFilter<AddDefaultResponse>(); // // If you've defined an OAuth2 flow as described above, you could use a custom filter // to inspect some attribute on each action and infer which (if any) OAuth2 scopes are required // to execute the operation // //c.OperationFilter<AssignOAuth2SecurityRequirements>(); // Post-modify the entire Swagger document by wiring up one or more Document filters. // This gives full control to modify the final SwaggerDocument. You should have a good understanding of // the Swagger 2.0 spec. - https://github.com/swagger-api/swagger-spec/blob/master/versions/2.0.md // before using this option. // 在接口类、方法标记属性 [HiddenApi],可以阻止【Swagger文档】生成 c.DocumentFilter<HiddenApiFilter>(); // In contrast to WebApi, Swagger 2.0 does not include the query string component when mapping a URL // to an action. As a result, Swashbuckle will raise an exception if it encounters multiple actions // with the same path (sans query string) and HTTP method. You can workaround this by providing a // custom strategy to pick a winner or merge the descriptions for the purposes of the Swagger docs // //c.ResolveConflictingActions(apiDescriptions => apiDescriptions.First()); // Wrap the default SwaggerGenerator with additional behavior (e.g. caching) or provide an // alternative implementation for ISwaggerProvider with the CustomProvider option. // //c.CustomProvider((defaultProvider) => new CachingSwaggerProvider(defaultProvider)); c.IncludeXmlComments(string.Format("{0}/Doc/Project.Example.Web.XML", System.AppDomain.CurrentDomain.BaseDirectory)); c.IncludeXmlComments(string.Format("{0}/Doc/Project.Example.Model.XML", System.AppDomain.CurrentDomain.BaseDirectory)); //设置控制器上的注释显示 var xmlFile = string.Format("{0}/Doc/Project.Example.Web.XML", System.AppDomain.CurrentDomain.BaseDirectory); c.CustomProvider((defaultProvider) => new SwaggerControllerDescProvider(defaultProvider, xmlFile)); }) .EnableSwaggerUi(c => { // Use the "DocumentTitle" option to change the Document title. // Very helpful when you have multiple Swagger pages open, to tell them apart. // c.DocumentTitle("Project.Example Swagger UI"); // Use the "InjectStylesheet" option to enrich the UI with one or more additional CSS stylesheets. // The file must be included in your project as an "Embedded Resource", and then the resource's // "Logical Name" is passed to the method as shown below. // //c.InjectStylesheet(containingAssembly, "Swashbuckle.Dummy.SwaggerExtensions.testStyles1.css"); // Use the "InjectJavaScript" option to invoke one or more custom JavaScripts after the swagger-ui // has loaded. The file must be included in your project as an "Embedded Resource", and then the resource's // "Logical Name" is passed to the method as shown above. // //c.InjectJavaScript(thisAssembly, "Swashbuckle.Dummy.SwaggerExtensions.testScript1.js"); //注入自定义的js文件 //定义一个JS文件,设置属性成嵌入资源,这个js文件的功能主要有两个,一个是汉化,另一个就是在界面上显示控制器的描述文字 c.InjectJavaScript(thisAssembly, "DairyStar.Web.AppApi.Scripts.Swagger.Swagger-Custom.js"); //取消注释是为了请求验证 //c.InjectJavaScript(thisAssembly, "DairyStar.Web.AppApi.Scripts.Swagger.api-key-header-auth.js"); // The swagger-ui renders boolean data types as a dropdown. By default, it provides "true" and "false" // strings as the possible choices. You can use this option to change these to something else, // for example 0 and 1. // //c.BooleanValues(new[] { "0", "1" }); // By default, swagger-ui will validate specs against swagger.io's online validator and display the result // in a badge at the bottom of the page. Use these options to set a different validator URL or to disable the // feature entirely. //c.SetValidatorUrl("http://localhost/validator"); //c.DisableValidator(); // Use this option to control how the Operation listing is displayed. // It can be set to "None" (default), "List" (shows operations for each resource), // or "Full" (fully expanded: shows operations and their details). // //c.DocExpansion(DocExpansion.List); // Specify which HTTP operations will have the 'Try it out!' option. An empty paramter list disables // it for all operations. // //c.SupportedSubmitMethods("GET", "HEAD"); // Use the CustomAsset option to provide your own version of assets used in the swagger-ui. // It's typically used to instruct Swashbuckle to return your version instead of the default // when a request is made for "index.html". As with all custom content, the file must be included // in your project as an "Embedded Resource", and then the resource's "Logical Name" is passed to // the method as shown below. // //c.CustomAsset("index", containingAssembly, "YourWebApiProject.SwaggerExtensions.index.html"); // If your API has multiple versions and you've applied the MultipleApiVersions setting // as described above, you can also enable a select box in the swagger-ui, that displays // a discovery URL for each version. This provides a convenient way for users to browse documentation // for different API versions. // //c.EnableDiscoveryUrlSelector(); // If your API supports the OAuth2 Implicit flow, and you've described it correctly, according to // the Swagger 2.0 specification, you can enable UI support as shown below. // //c.EnableOAuth2Support( // clientId: "test-client-id", // clientSecret: null, // realm: "test-realm", // appName: "Swagger UI" // //additionalQueryStringParams: new Dictionary<string, string>() { { "foo", "bar" } } //); // If your API supports ApiKey, you can override the default values. // "apiKeyIn" can either be "query" or "header" // c.EnableApiKeySupport("apiKey", "header"); }); } }
第二步:在SwaggerConfig.cs配置文件中最后面增加HiddenApiFilter类
/// <summary> /// 隐藏接口,不生成到swagger文档展示 /// 注意:如果不加[HiddenApi]标记的接口名称和加过标记的隐藏接口名称相同,则该普通接口也会被隐藏不显示,所以建议接口名称最好不要重复 /// </summary> [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class)] public partial class HiddenApiAttribute : Attribute { } public class HiddenApiFilter : IDocumentFilter { /// <summary> /// 重写Apply方法,移除隐藏接口的生成 /// </summary> /// <param name="swaggerDoc">swagger文档文件</param> /// <param name="schemaRegistry"></param> /// <param name="apiExplorer">api接口集合</param> public void Apply(SwaggerDocument swaggerDoc, SchemaRegistry schemaRegistry, IApiExplorer apiExplorer) { foreach (ApiDescription apiDescription in apiExplorer.ApiDescriptions) { if (Enumerable.OfType<HiddenApiAttribute>(apiDescription.GetControllerAndActionAttributes<HiddenApiAttribute>()).Any()) { string key = "/" + apiDescription.RelativePath; if (key.Contains("?")) { int idx = key.IndexOf("?", StringComparison.Ordinal); key = key.Substring(0, idx); } swaggerDoc.paths.Remove(key); } } } }
第三步:API接口调用实例
注意:如果不加[HiddenApi]标记的接口名称和加过标记的隐藏接口名称相同,则该普通接口也会被隐藏不显示,所以建议接口名称最好不要重复
/// <summary> /// 隐藏接口方法生成文档(添加[HiddenApi]特性) /// </summary> /// <param name="value"></param> /// <returns></returns> [HiddenApi] [Route("HideApi")] [HttpGet] public HttpResponseMessage HideApi(string value) { return Request.CreateResponse(HttpStatusCode.OK, new { errorCode = "0", value = value }); }
最后注意要在WebApiConfig.cs配置中添加 config.Formatters.XmlFormatter.SupportedMediaTypes.Clear();
public static class WebApiConfig { public static void Register(HttpConfiguration config) { ////跨域配置 //config.EnableCors(new EnableCorsAttribute("*", "*", "*")); config.Routes.MapHttpRoute( name: "DefaultApi", routeTemplate: "api/{controller}/{action}/{id}", defaults: new { id = RouteParameter.Optional } ); //配置Swagger文档需要 config.Formatters.XmlFormatter.SupportedMediaTypes.Clear(); } }
