feat(open-api): Enhance the swagger configuration

- Swagger has added the oauth config
- The cors configuration can be a string array
- Add cross-domain initialization configuration for the microservice oauth client

aspnet-core/migrations/LY.MicroService.Applications.Single.EntityFrameworkCore/DataSeeder/ClientDataSeederContributor.cs

@@ -1,6 +1,7 @@
 using Microsoft.Extensions.Configuration;
 using OpenIddict.Abstractions;
 using System;
+using System.Collections.Generic;
 using System.Globalization;
 using System.Threading.Tasks;
 using Volo.Abp.Authorization.Permissions;
@@ -94,18 +95,18 @@ public class ClientDataSeederContributor : IDataSeedContributor, ITransientDepen
                 await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
                     ClientId = vueClientId,
-                    ClientSecret = "1q2w3e*",
+                    ClientSecret = configurationSection["VueAdmin:ClientSecret"],
                     ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
                     ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
                     DisplayName = "Abp Vue Admin Client",
                     PostLogoutRedirectUris =
                     {
-                        new Uri(vueClientRootUrl + "signout-callback-oidc"),
+                        new Uri(vueClientRootUrl + "signout-callback"),
                         new Uri(vueClientRootUrl)
                     },
                     RedirectUris =
                     {
-                        new Uri(vueClientRootUrl + "/signin-oidc"),
+                        new Uri(vueClientRootUrl + "signin-callback"),
                         new Uri(vueClientRootUrl)
                     },
                     Permissions =
@@ -158,7 +159,7 @@ public class ClientDataSeederContributor : IDataSeedContributor, ITransientDepen
                 await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
                     ClientId = internalServiceClientId,
-                    ClientSecret = "1q2w3e*",
+                    ClientSecret = configurationSection["InternalService:ClientSecret"],
                     ClientType = OpenIddictConstants.ClientTypes.Confidential,
                     ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
                     ApplicationType = OpenIddictConstants.ApplicationTypes.Native,
@@ -205,30 +206,22 @@ public class ClientDataSeederContributor : IDataSeedContributor, ITransientDepen
             }
         }
 
-        var oauthClientId = configurationSection["OAuthClient:ClientId"];
+        var oauthClientId = configurationSection["VueOAuthClient:ClientId"];
         if (!oauthClientId.IsNullOrWhiteSpace())
         {
-            var oauthClientRootUrl = configurationSection["OAuthClient:RootUrl"].EnsureEndsWith('/');
+            var oauthClientRootUrls = configurationSection.GetSection("VueOAuthClient:RootUrls").Get<List<string>>();
 
             if (await _applicationRepository.FindByClientIdAsync(oauthClientId) == null)
             {
-                await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
+                var application = new OpenIddictApplicationDescriptor
                 {
                     ClientId = oauthClientId,
                     ClientSecret = null,
                     ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
                     ConsentType = OpenIddictConstants.ConsentTypes.Implicit,
                     DisplayName = "OAuth Client",
-                    PostLogoutRedirectUris =
+                    PostLogoutRedirectUris = { },
-                    {
+                    RedirectUris = { },
-                        new Uri(oauthClientRootUrl + "signout-callback"),
-                        new Uri(oauthClientRootUrl)
-                    },
-                    RedirectUris =
-                    {
-                        new Uri(oauthClientRootUrl + "/signin-callback"),
-                        new Uri(oauthClientRootUrl)
-                    },
                     Permissions =
                     {
                         OpenIddictConstants.Permissions.Endpoints.Authorization,
@@ -257,8 +250,20 @@ public class ClientDataSeederContributor : IDataSeedContributor, ITransientDepen
                         OpenIddictConstants.Permissions.Scopes.Phone,
                         OpenIddictConstants.Permissions.Prefixes.Scope + scope
                     }
+                };
+
+                oauthClientRootUrls.ForEach(url =>
+                {
+                    application.PostLogoutRedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/')));
+                    application.PostLogoutRedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "signout-callback"));
+
+                    application.RedirectUris.AddIfNotContains(new Uri(url));
+                    application.RedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "signin-callback"));
+                    application.RedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "swagger/oauth2-redirect.html"));
                 });
 
+                await _applicationManager.CreateAsync(application);
+
                 var oauthClientPermissions = new string[1]
                 {
                     "AbpIdentity.UserLookup"

aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj

@@ -33,7 +33,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Quartz.Serialization.Json" />
 		<PackageReference Include="Volo.Abp.Account.Web.OpenIddict" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
@@ -55,6 +54,7 @@
 		<PackageReference Include="Volo.Abp.PermissionManagement.Web" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.Web" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.Identity.AspNetCore" />
 		<PackageReference Include="Volo.Abp.Identity.Web" />
 		<PackageReference Include="Volo.Abp.VirtualFileExplorer.Web" />

aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs

@@ -610,13 +610,32 @@ public partial class MicroServiceApplicationsSingleModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Single APP"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "App API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Single APP API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -630,13 +649,13 @@ public partial class MicroServiceApplicationsSingleModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            {
+                        },
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        new string[] { }
-                            },
+                    }
-                            new string[] { }
-                        }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
             });
@@ -896,12 +915,18 @@ public partial class MicroServiceApplicationsSingleModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs

@@ -1,3 +1,5 @@
+using Volo.Abp.Swashbuckle;
+
 namespace LY.MicroService.Applications.Single;
 
 [DependsOn(
@@ -370,6 +372,7 @@ namespace LY.MicroService.Applications.Single;
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpAspNetCoreMvcIdempotentWrapperModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpMailKitModule),
     typeof(AbpAutofacModule),
 
@@ -418,7 +421,6 @@ public partial class MicroServiceApplicationsSingleModule : AbpModule
         ConfigureIdentity(configuration);
         ConfigureDbContext(configuration);
         ConfigureAuthServer(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureEndpoints(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
@@ -429,6 +431,7 @@ public partial class MicroServiceApplicationsSingleModule : AbpModule
         ConfigurePermissionManagement(configuration);
         ConfigureNotificationManagement(configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureOssManagement(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureKestrelServer(configuration, hostingEnvironment);

aspnet-core/services/LY.MicroService.Applications.Single/Program.cs

@@ -4,25 +4,6 @@ using Volo.Abp.IO;
 using Volo.Abp.Modularity.PlugIns;
 
 var builder = WebApplication.CreateBuilder(args);
-builder.Services.AddCors(options =>
-{
-    options.AddDefaultPolicy(policy =>
-    {
-        policy
-            .WithOrigins(
-                builder.Configuration["App:CorsOrigins"]
-                    .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                    .Select(o => o.RemovePostFix("/"))
-                    .ToArray()
-            )
-            .WithAbpExposedHeaders()
-            .WithAbpWrapExposedHeaders()
-            .SetIsOriginAllowedToAllowWildcardSubdomains()
-            .AllowAnyHeader()
-            .AllowAnyMethod()
-            .AllowCredentials();
-    });
-});
 builder.Host.AddAppSettingsSecretsJson()
     .UseAutofac()
     .ConfigureAppConfiguration((context, config) =>
@@ -81,9 +62,12 @@ app.UseAbpSession();
 app.UseDynamicClaims();
 app.UseAuthorization();
 app.UseSwagger();
-app.UseSwaggerUI(options =>
+app.UseAbpSwaggerUI(options =>
 {
-    options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support App API");
+    options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Single APP API");
+
+    options.OAuthClientId(app.Configuration["AuthServer:SwaggerClientId"]);
+    options.OAuthScopes(app.Configuration["AuthServer:Audience"]);
 });
 app.UseAuditing();
 app.UseAbpSerilogEnrichers();

aspnet-core/services/LY.MicroService.Applications.Single/appsettings.Development.json

@@ -2,7 +2,7 @@
   "App": {
     "ShowPii": true,
     "SelfUrl": "http://127.0.0.1:30001/",
-    "CorsOrigins": "http://127.0.0.1:3100,http://localhost:5666,http://127.0.0.1:30001",
+    "CorsOrigins": [ "http://127.0.0.1:5666", "http://127.0.0.1:30001" ],
     "Urls": {
       "Applications": {
         "MVC": {
@@ -149,8 +149,7 @@
     "Authority": "http://127.0.0.1:30001/",
     "Audience": "lingyun-abp-application",
     "RequireHttpsMetadata": false,
-    "SwaggerClientId": "InternalServiceClient",
+    "SwaggerClientId": "vue-oauth-client"
-    "SwaggerClientSecret": "1q2w3E*"
   },
   "IdentityServer": {
     "Clients": {
@@ -172,9 +171,12 @@
       "InternalService": {
         "ClientId": "InternalServiceClient"
       },
-      "OAuthClient": {
+      "VueOAuthClient": {
         "ClientId": "vue-oauth-client",
-        "RootUrl": "http://localhost:5666"
+        "RootUrls": [
+          "http://127.0.0.1:5666",
+          "http://127.0.0.1:30001"
+        ]
       }
     },
     "Lifetime": {

aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs

@@ -364,13 +364,32 @@ public partial class AuthServerHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Identity Service API"}
+            }, 
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "AuthServer API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Identity Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -429,12 +448,18 @@ public partial class AuthServerHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs

@@ -38,10 +38,10 @@ using Volo.Abp.EntityFrameworkCore.MySQL;
 using Volo.Abp.FeatureManagement.EntityFrameworkCore;
 using Volo.Abp.Http.Client;
 using Volo.Abp.Modularity;
-using Volo.Abp.MultiTenancy;
 using Volo.Abp.OpenIddict.EntityFrameworkCore;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.AuthServer;
 
@@ -86,6 +86,7 @@ namespace LY.MicroService.AuthServer;
     typeof(AbpTelemetrySkyWalkingModule),
     typeof(AbpExporterMiniExcelModule),
     typeof(AbpClaimsMappingModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class AuthServerHttpApiHostModule : AbpModule
@@ -120,11 +121,11 @@ public partial class AuthServerHttpApiHostModule : AbpModule
         ConfigureCaching(configuration);
         ConfigureTiming(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -156,9 +157,13 @@ public partial class AuthServerHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support IdentityServer API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Identity Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();

aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/LY.MicroService.AuthServer.HttpApi.Host.csproj

@@ -26,7 +26,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Authentication.JwtBearer" />
@@ -41,6 +40,7 @@
 		<PackageReference Include="Volo.Abp.OpenIddict.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 

aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/appsettings.Development.json

@@ -11,7 +11,7 @@
   },
   "App": {
     "ShowPii": true,
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "Urls": {
       "Applications": {
         "MVC": {
@@ -92,7 +92,8 @@
     "Authority": "http://127.0.0.1:44385",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "AuditLogging": {
     "Elasticsearch": {

aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs

@@ -430,12 +430,18 @@ public partial class AuthServerModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs

@@ -5,6 +5,7 @@ using LINGYUN.Abp.OpenIddict.WeChat;
 using Microsoft.Extensions.Configuration;
 using OpenIddict.Abstractions;
 using System;
+using System.Collections.Generic;
 using System.Globalization;
 using System.Threading.Tasks;
 using Volo.Abp.Authorization.Permissions;
@@ -207,28 +208,19 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
         var oauthClientId = configurationSection["VueOAuthClient:ClientId"];
         if (!oauthClientId.IsNullOrWhiteSpace())
         {
-            var oauthClientRootUrl = configurationSection["VueOAuthClient:RootUrl"].EnsureEndsWith('/');
+            var oauthClientRootUrls = configurationSection.GetSection("VueOAuthClient:RootUrls").Get<List<string>>();
 
             if (await _applicationRepository.FindByClientIdAsync(oauthClientId) == null)
             {
-                await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
+                var application = new OpenIddictApplicationDescriptor
                 {
                     ClientId = oauthClientId,
                     ClientSecret = null,
                     ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
                     ConsentType = OpenIddictConstants.ConsentTypes.Implicit,
                     DisplayName = "OAuth Client",
-                    PostLogoutRedirectUris =
+                    PostLogoutRedirectUris = { },
-                    {
+                    RedirectUris = { },
-                        new Uri(oauthClientRootUrl + "signout-callback"),
-                        new Uri(oauthClientRootUrl)
-                    },
-                    RedirectUris =
-                    {
-                        new Uri(oauthClientRootUrl + "signin-callback"),
-                        new Uri(oauthClientRootUrl + "swagger/oauth2-redirect.html"),
-                        new Uri(oauthClientRootUrl)
-                    },
                     Permissions =
                     {
                         OpenIddictConstants.Permissions.Endpoints.Authorization,
@@ -257,8 +249,20 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
                         OpenIddictConstants.Permissions.Scopes.Phone,
                         OpenIddictConstants.Permissions.Prefixes.Scope + scope
                     }
+                };
+
+                oauthClientRootUrls.ForEach(url =>
+                {
+                    application.PostLogoutRedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/')));
+                    application.PostLogoutRedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "signout-callback"));
+
+                    application.RedirectUris.AddIfNotContains(new Uri(url));
+                    application.RedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "signin-callback"));
+                    application.RedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "swagger/oauth2-redirect.html"));
                 });
 
+                await _applicationManager.CreateAsync(application);
+
                 var oauthClientPermissions = new string[1]
                 {
                     "AbpIdentity.UserLookup"

aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json

@@ -10,7 +10,18 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:5666,http://localhost:5666",
+    "CorsOrigins": [
+      "http://127.0.0.1:5666",
+      "http://127.0.0.1:30010",
+      "http://127.0.0.1:30015",
+      "http://127.0.0.1:30020",
+      "http://127.0.0.1:30025",
+      "http://127.0.0.1:30030",
+      "http://127.0.0.1:30040",
+      "http://127.0.0.1:30045",
+      "http://127.0.0.1:30050",
+      "http://127.0.0.1:30060"
+    ],
     "Urls": {
       "Applications": {
         "MVC": {
@@ -106,7 +117,18 @@
       },
       "VueOAuthClient": {
         "ClientId": "vue-oauth-client",
-        "RootUrl": "http://localhost:5666"
+        "RootUrls": [
+          "http://127.0.0.1:5666",
+          "http://127.0.0.1:30010",
+          "http://127.0.0.1:30015",
+          "http://127.0.0.1:30020",
+          "http://127.0.0.1:30025",
+          "http://127.0.0.1:30030",
+          "http://127.0.0.1:30040",
+          "http://127.0.0.1:30045",
+          "http://127.0.0.1:30050",
+          "http://127.0.0.1:30060"
+        ]
       }
     }
   },

aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs

@@ -314,13 +314,32 @@ public partial class BackendAdminHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Admin Service API"}
+            }, 
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "BackendAdmin API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Admin Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -334,13 +353,13 @@ public partial class BackendAdminHttpApiHostModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            {
+                        },
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        new string[] { }
-                            },
+                    }
-                            new string[] { }
-                        }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
             });
@@ -394,12 +413,18 @@ public partial class BackendAdminHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.cs

@@ -54,6 +54,7 @@ using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.PermissionManagement.Identity;
 using Volo.Abp.PermissionManagement.IdentityServer;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.BackendAdmin;
 
@@ -123,6 +124,7 @@ namespace LY.MicroService.BackendAdmin;
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
     typeof(AbpClaimsMappingModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class BackendAdminHttpApiHostModule : AbpModule
@@ -155,11 +157,11 @@ public partial class BackendAdminHttpApiHostModule : AbpModule
         ConfigureTiming(configuration);
         ConfigureCaching(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
@@ -193,9 +195,13 @@ public partial class BackendAdminHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support BackendAdmin API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Admin Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();

aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/LY.MicroService.BackendAdmin.HttpApi.Host.csproj

@@ -20,10 +20,6 @@
 		<PackageReference Include="DotNetCore.CAP.RabbitMQ" />
 		<PackageReference Include="DistributedLock.Redis" />
 		<PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" />
-		<!--<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.5">
-		  <PrivateAssets>all</PrivateAssets>
-		  <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-		</PackageReference>-->
 		<PackageReference Include="Serilog.AspNetCore" />
 		<PackageReference Include="Serilog.Enrichers.Environment" />
 		<PackageReference Include="Serilog.Enrichers.Assembly" />
@@ -32,7 +28,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Mvc.UI.MultiTenancy" />
@@ -48,6 +43,7 @@
 		<PackageReference Include="Volo.Abp.PermissionManagement.Domain.Identity" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.Domain.IdentityServer" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.HttpApi" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>

aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/appsettings.Development.json

@@ -10,8 +10,8 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
     "ShowPii": true,
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
   "Auditing": {
@@ -66,7 +66,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "RemoteServices": {
     "Platform": {

aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs

@@ -346,13 +346,32 @@ public partial class IdentityServerHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Identity Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "IdentityServer4 API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Identity Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -366,13 +385,13 @@ public partial class IdentityServerHttpApiHostModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            {
+                        },
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        new string[] { }
-                            },
+                    }
-                            new string[] { }
-                        }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
             });
@@ -415,16 +434,21 @@ public partial class IdentityServerHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
-                    // 引用 LINGYUN.Abp.AspNetCore.Mvc.Wrapper 包时可替换为 WithAbpWrapExposedHeaders
+                    .WithAbpWrapExposedHeaders()
-                    .WithExposedHeaders("_AbpWrapResult", "_AbpDontWrapResult")
                     .SetIsOriginAllowedToAllowWildcardSubdomains()
                     .AllowAnyHeader()
                     .AllowAnyMethod()

aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.cs

@@ -35,6 +35,7 @@ using Volo.Abp.Http.Client;
 using Volo.Abp.Modularity;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.IdentityServer;
 
@@ -78,6 +79,7 @@ namespace LY.MicroService.IdentityServer;
     typeof(AbpTelemetrySkyWalkingModule),
     typeof(AbpExporterMiniExcelModule),
     typeof(AbpClaimsMappingModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class IdentityServerHttpApiHostModule : AbpModule
@@ -111,11 +113,11 @@ public partial class IdentityServerHttpApiHostModule : AbpModule
         ConfigureTiming(configuration);
         ConfigureCaching(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -147,9 +149,13 @@ public partial class IdentityServerHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support IdentityServer API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Identity Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();

aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/LY.MicroService.identityServer.HttpApi.Host.csproj

@@ -33,7 +33,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.MultiTenancy" />
@@ -48,6 +47,7 @@
 		<PackageReference Include="Volo.Abp.IdentityServer.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 

aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/appsettings.Development.json

@@ -11,7 +11,7 @@
   },
   "App": {
     "ShowPii": true,
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "Urls": {
       "Applications": {
         "MVC": {
@@ -92,7 +92,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "AuditLogging": {
     "Elasticsearch": {

aspnet-core/services/LY.MicroService.IdentityServer/IdentityServerModule.Configure.cs

@@ -383,12 +383,18 @@ public partial class IdentityServerModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.IdentityServer/appsettings.Development.json

@@ -10,7 +10,18 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [
+      "http://127.0.0.1:5666",
+      "http://127.0.0.1:30010",
+      "http://127.0.0.1:30015",
+      "http://127.0.0.1:30020",
+      "http://127.0.0.1:30025",
+      "http://127.0.0.1:30030",
+      "http://127.0.0.1:30040",
+      "http://127.0.0.1:30045",
+      "http://127.0.0.1:30050",
+      "http://127.0.0.1:30060"
+    ],
     "Urls": {
       "Applications": {
         "MVC": {

aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LY.MicroService.LocalizationManagement.HttpApi.Host.csproj

@@ -16,10 +16,6 @@
 		<PackageReference Include="DotNetCore.CAP.RabbitMQ" />
 		<PackageReference Include="DistributedLock.Redis" />
 		<PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" />
-		<!--<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.5">
-			<PrivateAssets>all</PrivateAssets>
-			<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-		</PackageReference>-->
 		<PackageReference Include="Serilog.AspNetCore" />
 		<PackageReference Include="Serilog.Enrichers.Environment" />
 		<PackageReference Include="Serilog.Enrichers.Assembly" />
@@ -28,7 +24,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.MultiTenancy" />
@@ -38,6 +33,7 @@
 		<PackageReference Include="Volo.Abp.Http.Client" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 

aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs

@@ -235,13 +235,32 @@ public partial class LocalizationManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Localization Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "Localization Management API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Localization Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -300,12 +319,18 @@ public partial class LocalizationManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.cs

@@ -30,6 +30,7 @@ using Volo.Abp.Http.Client;
 using Volo.Abp.Modularity;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.LocalizationManagement;
 
@@ -61,6 +62,7 @@ namespace LY.MicroService.LocalizationManagement;
     typeof(AbpEmailingPlatformModule),
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class LocalizationManagementHttpApiHostModule : AbpModule
@@ -90,11 +92,11 @@ public partial class LocalizationManagementHttpApiHostModule : AbpModule
         ConfigureCaching(configuration);
         ConfigureIdentity(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
@@ -129,9 +131,13 @@ public partial class LocalizationManagementHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Localization Management API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Localization Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();

aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/appsettings.Development.json

@@ -10,7 +10,7 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "ShowPii": true,
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
@@ -72,7 +72,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "AuditLogging": {
     "Elasticsearch": {

aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/LY.MicroService.PlatformManagement.HttpApi.Host.csproj

@@ -16,10 +16,6 @@
 		<PackageReference Include="DotNetCore.CAP.RabbitMQ" />
 		<PackageReference Include="DistributedLock.Redis" />
 		<PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" />
-		<!--<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.5">
-			<PrivateAssets>all</PrivateAssets>
-			<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-		</PackageReference>-->
 		<PackageReference Include="Serilog.AspNetCore" />
 		<PackageReference Include="Serilog.Enrichers.Environment" />
 		<PackageReference Include="Serilog.Enrichers.Assembly" />
@@ -28,7 +24,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.MultiTenancy" />
@@ -42,6 +37,7 @@
 		<PackageReference Include="Volo.Abp.EntityFrameworkCore.MySQL" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 

aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs

@@ -312,13 +312,32 @@ public partial class PlatformManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Platform Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "Platform API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Platform Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -377,12 +396,18 @@ public partial class PlatformManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.cs

@@ -52,6 +52,7 @@ using Volo.Abp.MailKit;
 using Volo.Abp.Modularity;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 using Volo.Abp.Threading;
 
 namespace LY.MicroService.PlatformManagement;
@@ -103,6 +104,7 @@ namespace LY.MicroService.PlatformManagement;
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpClaimsMappingModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class PlatformManagementHttpApiHostModule : AbpModule
@@ -133,11 +135,11 @@ public partial class PlatformManagementHttpApiHostModule : AbpModule
         ConfigureCaching(configuration);
         ConfigureIdentity(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureOssManagement(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
@@ -191,9 +193,13 @@ public partial class PlatformManagementHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Platform API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Platform Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();

aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/appsettings.Development.json

@@ -17,7 +17,7 @@
         "127.0.0.1"
       ]
     },
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "ShowPii": true,
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
@@ -97,7 +97,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "AuditLogging": {
     "Elasticsearch": {

aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/LY.MicroService.RealtimeMessage.HttpApi.Host.csproj

@@ -20,10 +20,6 @@
 		<PackageReference Include="DotNetCore.CAP.RabbitMQ" />
 		<PackageReference Include="DistributedLock.Redis" />
 		<PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" />
-		<!--<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.5">
-			<PrivateAssets>all</PrivateAssets>
-			<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-		</PackageReference>-->
 		<PackageReference Include="Microsoft.AspNetCore.SignalR.StackExchangeRedis" />
 		<PackageReference Include="Quartz.Serialization.Json" />
 		<PackageReference Include="Serilog.AspNetCore" />
@@ -34,7 +30,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.MultiTenancy" />
@@ -45,6 +40,7 @@
 		<PackageReference Include="Volo.Abp.Identity.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 

aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs

@@ -334,13 +334,32 @@ public partial class RealtimeMessageHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Message Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "Realtime Message API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Message Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -372,12 +391,18 @@ public partial class RealtimeMessageHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.cs

@@ -60,6 +60,7 @@ using Volo.Abp.Http.Client;
 using Volo.Abp.Modularity;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.RealtimeMessage;
 
@@ -124,6 +125,7 @@ namespace LY.MicroService.RealtimeMessage;
     typeof(AbpTelemetrySkyWalkingModule),
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class RealtimeMessageHttpApiHostModule : AbpModule
@@ -160,9 +162,9 @@ public partial class RealtimeMessageHttpApiHostModule : AbpModule
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureBackgroundTasks(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
@@ -195,9 +197,13 @@ public partial class RealtimeMessageHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Realtime Message API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Message Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();

aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/appsettings.Development.json

@@ -10,7 +10,7 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "Forwarded": {
       "ForwardedHeaders": 5,
       "KnownProxies": [
@@ -78,7 +78,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "Quartz": {
     "UsePersistentStore": false,

aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs

@@ -202,12 +202,18 @@ public partial class TaskManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
@@ -312,13 +318,32 @@ public partial class TaskManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Task Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "TaskManagement API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Task Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme

aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.cs

@@ -118,10 +118,10 @@ public partial class TaskManagementHttpApiHostModule : AbpModule
         ConfigureAuditing(configuration);
         ConfigureIdentity(configuration);
         ConfigureMultiTenancy(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -145,12 +145,11 @@ public partial class TaskManagementHttpApiHostModule : AbpModule
         app.UseSwagger();
         app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Task Management API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Task Service API");
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
-            options.OAuthScopes(configuration["AuthServer:Scopes"]);
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();

aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/appsettings.Development.json

@@ -11,6 +11,7 @@
   },
   "App": {
     "ShowPii": true,
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
   "Auditing": {

aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs

@@ -308,13 +308,32 @@ public partial class WebhooksManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Webhook Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "WebhooksManagement API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Webhook Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -410,12 +429,18 @@ public partial class WebhooksManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.cs

@@ -121,11 +121,11 @@ public partial class WebhooksManagementHttpApiHostModule : AbpModule
         ConfigureAuditing(configuration);
         ConfigureIdentity(configuration);
         ConfigureMultiTenancy(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureWebhooks(context.Services);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureBackgroundTasks(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
@@ -152,12 +152,11 @@ public partial class WebhooksManagementHttpApiHostModule : AbpModule
         app.UseSwagger();
         app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support APP API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Webhook Service API");
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
-            options.OAuthScopes("WebhooksManagement");
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();

aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/appsettings.Development.json

@@ -11,6 +11,7 @@
   },
   "App": {
     "ShowPii": true,
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
   "Auditing": {
@@ -103,8 +104,7 @@
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
     "RequireHttpsMetadata": false,
-    "SwaggerClientId": "InternalServiceClient",
+    "SwaggerClientId": "vue-oauth-client"
-    "SwaggerClientSecret": "1q2w3E*"
   },
   "Logging": {
     "Serilog": {

aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs

@@ -256,15 +256,20 @@ public partial class WechatManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Wechat Service API"}
+            },
             options =>
             {
                 options.SwaggerDoc("v1", new OpenApiInfo
                 {
-                    Title = "WechatManagement API", Version = "v1",
+                    Title = "Wechat Service API", Version = "v1",
                     Contact = new OpenApiContact
                     {
                         Name = "colin",
@@ -360,12 +365,18 @@ public partial class WechatManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.cs

@@ -105,10 +105,10 @@ public partial class WechatManagementHttpApiHostModule : AbpModule
         ConfigureAuditing(configuration);
         ConfigureIdentity(configuration);
         ConfigureMultiTenancy(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -133,12 +133,11 @@ public partial class WechatManagementHttpApiHostModule : AbpModule
         app.UseSwagger();
         app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support APP API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Wechat Service API");
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
-            options.OAuthScopes("WechatManagement");
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();

aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/appsettings.Development.json

@@ -10,6 +10,7 @@
   },
   "App": {
     "ShowPii": true,
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
   "Auditing": {

aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs

@@ -389,13 +389,32 @@ public partial class WorkflowManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Workflow Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "Workflow API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Workflow Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -409,13 +428,13 @@ public partial class WorkflowManagementHttpApiHostModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            {
+                        },
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        new string[] { }
-                            },
+                    }
-                            new string[] { }
-                        }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
             });
@@ -489,12 +508,18 @@ public partial class WorkflowManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.cs

@@ -124,10 +124,10 @@ public partial class WorkflowManagementHttpApiHostModule : AbpModule
         ConfigureIdentity(configuration);
         ConfigureMultiTenancy(configuration);
         ConfigureBackgroundTasks(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureEndpoints(context.Services);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureBlobStoring(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
@@ -160,8 +160,7 @@ public partial class WorkflowManagementHttpApiHostModule : AbpModule
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
-            options.OAuthScopes(configuration["AuthServer:Scopes"]);
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();

aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/appsettings.Development.json

@@ -9,7 +9,7 @@
     "tag": "LINGYUN.Abp.Workflow"
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "ShowPii": true,
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
@@ -177,8 +177,7 @@
     "RequireHttpsMetadata": false,
     "Scopes": "lingyun-abp-application",
     "ElsaClientId": "InternalServiceClient",
-    "SwaggerClientId": "InternalServiceClient",
+    "SwaggerClientId": "vue-oauth-client"
-    "SwaggerClientSecret": "1q2w3E*"
   },
   "Logging": {
     "Serilog": {

aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs

@@ -422,12 +422,18 @@ public partial class ProjectNameHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
+                    .WithOrigins(corsOrigins
-                        configuration["App:CorsOrigins"]
+                        .Select(o => o.RemovePostFix("/"))
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .ToArray()
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()

aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/appsettings.Development.json

@@ -9,7 +9,7 @@
     "tag": "PackageName.CompanyName.ProjectName"
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:30000",
+    "CorsOrigins": [ "http://127.0.0.1:30000" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015/",
     "HealthChecks": "/healthz"
   },
@@ -140,8 +140,7 @@
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
     "RequireHttpsMetadata": false,
-    "SwaggerClientId": "InternalServiceClient",
+    "SwaggerClientId": "vue-oauth-client"
-    "SwaggerClientSecret": "1q2w3E*"
   },
 
   "FeatureManagement": {