externalize swagger document security definitions

OutOfSchool/OutOfSchool.WebApi/Config/SwaggerConfig.cs

@@ -1,3 +1,5 @@
+using System.Collections.Generic;
+
 namespace OutOfSchool.WebApi.Config
 {
     public class SwaggerConfig
@@ -7,6 +9,8 @@ public class SwaggerConfig
         public IdentityAccessConfig IdentityAccess { get; set; }
 
         public ApiInfoConfig ApiInfo { get; set; }
+
+        public SecurityDefinitionsConfig SecurityDefinitions { get; set; }
     }
 
     public class IdentityAccessConfig
@@ -37,4 +41,15 @@ public class ContactConfig
 
         public string Email { get; set; }
     }
+
+    public class SecurityDefinitionsConfig
+    {
+        public const string Name = "SecurityDefinitions";
+
+        public string Title { get; set; }
+
+        public string Description { get; set; }
+
+        public List<string> AccessScopes { get; set; }
+    }
 }

OutOfSchool/OutOfSchool.WebApi/Extensions/Startup/SwaggerExtensions.cs

@@ -4,7 +4,6 @@
 using System.Reflection;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Mvc.ApiExplorer;
-using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.OpenApi.Models;
 using OutOfSchool.Common.Config;
@@ -36,9 +35,9 @@ public static IServiceCollection AddSwagger(this IServiceCollection services, Sw
                     c.IncludeXmlComments(XmlCommentsFilePath);
 
                     c.OperationFilter<AuthorizeCheckOperationFilter>();
-                    c.AddSecurityDefinition("Identity server", new OpenApiSecurityScheme
+                    c.AddSecurityDefinition(config.SecurityDefinitions.Title, new OpenApiSecurityScheme
                     {
-                        Description = "Identity server",
+                        Description = config.SecurityDefinitions.Description,
                         Type = SecuritySchemeType.OAuth2,
                         Flows = new OpenApiOAuthFlows
                         {
@@ -48,7 +47,7 @@ public static IServiceCollection AddSwagger(this IServiceCollection services, Sw
                                 TokenUrl = new Uri($"{identityBaseUrl}/connect/token", UriKind.Absolute),
                                 Scopes = new Dictionary<string, string>
                                 {
-                                    {"openid outofschoolapi.read offline_access", "Scopes"},
+                                    {string.Join(" ", config.SecurityDefinitions.AccessScopes), "Scopes"},
                                 },
                             },
                         },

OutOfSchool/OutOfSchool.WebApi/Startup.cs

@@ -55,8 +55,7 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IApiVers
                 SupportedUICultures = supportedCultures,
             };
 
-            var proxyOptions = new ReverseProxyOptions();
-            Configuration.GetSection(ReverseProxyOptions.Name).Bind(proxyOptions);
+            var proxyOptions = Configuration.GetSection(ReverseProxyOptions.Name).Get<ReverseProxyOptions>();
             app.UseProxy(proxyOptions);
 
             app.UseRequestLocalization(requestLocalization);

OutOfSchool/OutOfSchool.WebApi/appsettings.json

@@ -23,7 +23,16 @@
         "FullName": "Admin",
         "Email": "[email protected]"
       },
-      "DeprecationMessage": " This API version has been deprecated."
+      "DeprecationMessage": "This API version has been deprecated."
+    },
+    "SecurityDefinitions":{
+      "Title": "Identity server",
+      "Description": "Identity server",
+      "AccessScopes": [
+        "openid",
+        "outofschoolapi.read",
+        "offline_access"
+      ]
     }
   },