Fhi.HelseId.Swagger 8.0.0

dotnet add package Fhi.HelseId.Swagger --version 8.0.0                
NuGet\Install-Package Fhi.HelseId.Swagger -Version 8.0.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Fhi.HelseId.Swagger" Version="8.0.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Fhi.HelseId.Swagger --version 8.0.0                
#r "nuget: Fhi.HelseId.Swagger, 8.0.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Fhi.HelseId.Swagger as a Cake Addin
#addin nuget:?package=Fhi.HelseId.Swagger&version=8.0.0

// Install Fhi.HelseId.Swagger as a Cake Tool
#tool nuget:?package=Fhi.HelseId.Swagger&version=8.0.0                

Fhi.HelseId.Swagger

This package provides infrastructure so that developers can easily use Swagger with HelseID and generate tokens within their browsers. This functionality is limited in Swagger out of the box due to the fact it does not yet support JWT Bearer client assertions when creating the token. This package adds a test token endpoint that will act as a proxy between Swagger and authority in order to create a token request towards the authority using a JWT Bearer client assertion.

The endpoint that is provided in this package is only intended to be used in development context and not in a production environment.

Getting started

The example bellow is intended for the usage of an API that requires a token using the authorization code flow.

Setting up appsettings.json when using HelseID as an STS

You will need a separate client registration in HelseID selvbetjening for the Swagger client. After creating the client registration, add the HelseID configuration to appsettings under a SwaggerHelseIdConfiguration property and add the TokenEndpoint property as follows:

  "SwaggerHelseIdConfiguration": {
    "TokenEndpoint": "https://localhost:7113/.swagger-dev/token",
    "clientName": "FOLKEHELSEINSTITUTTET -  Fhi.SomeServiceName",
    "authority": "https://helseid-sts.test.nhn.no",
    "clientId": "fcffea32-8f2d-4efc-a25a-b668a788d4f1",
    "grantTypes": [
      "authorization_code"
    ],
    "scopes": [
      "openid",
      "helseid://scopes/hpr/hpr_number",
      "fhi:someservicename/api"
    ],
    "redirectUris": [
      "https://localhost:44380/swagger/oauth2-redirect.html"
    ],
    "postLogoutRedirectUris": [],
    "secretType": "private_key_jwt:RsaPrivateKeyJwtSecret",
    "rsaPrivateKey": "\u003CRSAKeyValue\u003E\u003...",
    "rsaKeySizeBits": 4096,
    "privateJwk": "{\u0022d\u0022:\u0022Qo5q2Fo...}",
    "pkceRequired": true
  }

The TokenEndpoint will point towards the test token endpoint that Swagger will use to obtain an authorization token.

Program.cs

Add required services and configuration:

using Fhi.HelseId.Swagger;

// ...

if (builder.Environment.IsDevelopment())
{
    var swaggerAuthConfig = builder.Configuration.GetSection(nameof(SwaggerHelseIdConfiguration)).Get<SwaggerHelseIdConfiguration>()!;
    builder.AddHelseIdTestTokens(swaggerAuthConfig);
}

Ensure that AddSwaggerGen is configured to use the auth token:

builder.Services.AddSwaggerGen(c =>
{
    var securityScheme = new OpenApiSecurityScheme
    {
        In = ParameterLocation.Header,
        Type = SecuritySchemeType.OAuth2,
        Flows = new OpenApiOAuthFlows
        {
            AuthorizationCode = new OpenApiOAuthFlow()
            {
                AuthorizationUrl = new Uri($"{swaggerAuthConfig.Authority}/connect/authorize"),
                TokenUrl = new Uri(swaggerAuthConfig.TokenEndpoint),
                Scopes = swaggerAuthConfig.Scopes.ToDictionary(k => k, v => string.Empty)
            }
        },
        Reference = new OpenApiReference
        {
            Id = JwtBearerDefaults.AuthenticationScheme,
            Type = ReferenceType.SecurityScheme
        }
    };

    c.AddSecurityDefinition(securityScheme.Reference.Id, securityScheme);

    c.AddSecurityRequirement(new OpenApiSecurityRequirement
    {
        { securityScheme, Array.Empty<string>() }
    });
    /// ...
});

and add the test token end point together with configuration of how Swagger UI will build the token requests:

if (app.Environment.IsDevelopment())
{
    var swaggerAuthConfig = app.Services.GetRequiredService<SwaggerHelseIdConfiguration>();

    app.UseSwagger();
    app.UseSwaggerUI(options =>
    {
        options.OAuthAppName(swaggerAuthConfig.ClientName);
        options.OAuthClientId(swaggerAuthConfig.ClientId);

        options.OAuthScopeSeparator(" ");
        options.OAuthUsePkce();
        options.OAuthScopes(swaggerAuthConfig.Scopes);
    });
    app.UseHelseIdTestTokenEndpoint();
}
Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
8.0.0 68 11/19/2024
7.1.2 75 11/6/2024
7.1.1 85 11/1/2024
7.1.0 81 10/31/2024
7.0.1 78 10/23/2024
7.0.0 70 10/21/2024
6.3.0 91 10/11/2024
6.2.1 82 10/7/2024
6.2.0 85 9/27/2024
6.2.0-beta.2 48 9/24/2024
6.2.0-beta.1 61 9/17/2024
6.1.0 106 9/10/2024
6.0.0 108 8/7/2024
1.0.0 121 5/6/2024