AuthorizationHeader no longer displaying in swagger document?

Question

After I upgraded all NuGet packages to the latest versions, the swagger authorization header no longer displays in swagger open api document.

What happened?

ASP.NET Core 3.1

My code...(this use to work, but no longer works)

           startup.cs
           ......
        services.ConfigureSwaggerGen(options =>
        {
            options.OperationFilter<AuthorizationHeaderParameterOperationFilter>();
            options.DescribeAllEnumsAsStrings();
            ....

        });

.

    public class AuthorizationHeaderParameterOperationFilter : IOperationFilter
{
    public void Apply(OpenApiOperation operation, OperationFilterContext context)
    {
        var filterPipeline = context.ApiDescription.ActionDescriptor.FilterDescriptors;
        var isAuthorized = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is AuthorizeFilter);
        var allowAnonymous = filterPipeline.Select(filterInfo => filterInfo.Filter).Any(filter => filter is IAllowAnonymousFilter);

        if (isAuthorized && !allowAnonymous)
        {
            if (operation.Parameters == null)
                operation.Parameters = new List<OpenApiParameter>();

            operation.Parameters.Add(new OpenApiParameter
            {
                Name = "Authorization",
                In = ParameterLocation.Header,
                Description = "access token",
                Required = true,
                Schema = new OpenApiSchema
                {
                    Type = "String",
                    Default = new OpenApiString("Bearer ")
                }
            });
        }

        if (allowAnonymous)
        {
            if (operation.Parameters == null)
                operation.Parameters = new List<OpenApiParameter>();

            operation.Parameters.Add(new OpenApiParameter
            {
                Name = "Authorization",
                In = ParameterLocation.Header,
                Description = "basic authentication",
                Required = true,
                Schema = new OpenApiSchema
                {
                    Type = "String",
                    Default = new OpenApiString("Basic ")
                }
            });
        }
    }

}

Authorization header must be defined as a security scheme instead of a header parameter - see the ^^ linked Q&A. — Helen, Jan 30 '20 at 13:32
do you mean in the AuthorizationHeaderParameterOperationFilter class file? — 001, Jan 30 '20 at 23:48
The code needs to call `.AddSecurityDefinition(...)` and `.AddSecurityRequirement.(...)` instead of `operation.Parameters.Add(...)`. Where you put that probably depends on how your code is structured. The examples in [Swashbuckle documentation](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/#add-security-definitions-and-requirements) put those method calls inside `services.AddSwaggerGen(...)`. — Helen, Jan 31 '20 at 08:04

AuthorizationHeader no longer displaying in swagger document?

0 Answers0