From 1b50dbff0b1b332db7737954d10acf3b93d121c5 Mon Sep 17 00:00:00 2001
From: colin <colin.in@foxmail.com>
Date: Mon, 23 Jun 2025 16:40:53 +0800
Subject: [PATCH 1/3] feat(auth-server): Increase the configuration of the
 swagget client

---
 .../AuthServerDataSeedContributor.cs          | 315 +++++++++++-------
 .../appsettings.Development.json              |  12 +-
 2 files changed, 208 insertions(+), 119 deletions(-)

diff --git a/aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs b/aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
index 3f2ff900d..5d0d99d5c 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
@@ -2,10 +2,12 @@
 using LINGYUN.Abp.OpenIddict.LinkUser;
 using LINGYUN.Abp.OpenIddict.Sms;
 using LINGYUN.Abp.OpenIddict.WeChat;
+using Microsoft.Extensions.Configuration;
 using OpenIddict.Abstractions;
 using System;
 using System.Globalization;
 using System.Threading.Tasks;
+using Volo.Abp.Authorization.Permissions;
 using Volo.Abp.Data;
 using Volo.Abp.DependencyInjection;
 using Volo.Abp.Guids;
@@ -13,173 +15,256 @@ using Volo.Abp.Identity;
 using Volo.Abp.MultiTenancy;
 using Volo.Abp.OpenIddict.Applications;
 using Volo.Abp.OpenIddict.Scopes;
+using Volo.Abp.PermissionManagement;
 
 namespace LY.MicroService.AuthServer.DataSeeder;
 
 public class ServerDataSeedContributor : IDataSeedContributor, ITransientDependency
 {
+    private readonly IConfiguration _configuration;
     private readonly ICurrentTenant _currentTenant;
-    private readonly IGuidGenerator _guidGenerator;
     private readonly IOpenIddictApplicationManager _applicationManager;
     private readonly IOpenIddictApplicationRepository _applicationRepository;
 
+    private readonly IPermissionDataSeeder _permissionDataSeeder;
+
     private readonly IOpenIddictScopeManager _scopeManager;
     private readonly IOpenIddictScopeRepository _scopeRepository;
 
-    private readonly IIdentityClaimTypeRepository _claimTypeRepository;
-
     public ServerDataSeedContributor(
+        IConfiguration configuration,
         ICurrentTenant currentTenant,
-        IGuidGenerator guidGenerator,
         IOpenIddictScopeManager scopeManager,
         IOpenIddictScopeRepository scopeRepository,
+        IPermissionDataSeeder permissionDataSeeder,
         IOpenIddictApplicationManager applicationManager,
-        IOpenIddictApplicationRepository applicationRepository,
-        IIdentityClaimTypeRepository identityClaimTypeRepository)
+        IOpenIddictApplicationRepository applicationRepository)
     {
+        _configuration = configuration;
         _currentTenant = currentTenant;
-        _guidGenerator = guidGenerator;
         _scopeManager = scopeManager;
         _scopeRepository = scopeRepository;
+        _permissionDataSeeder = permissionDataSeeder;
         _applicationManager = applicationManager;
         _applicationRepository = applicationRepository;
-        _claimTypeRepository = identityClaimTypeRepository;
     }
 
     public async Task SeedAsync(DataSeedContext context)
     {
-        if (!await _claimTypeRepository.AnyAsync(IdentityConsts.ClaimType.Avatar.Name))
+        using (_currentTenant.Change(context.TenantId))
         {
-            await _claimTypeRepository.InsertAsync(
-                new IdentityClaimType(
-                    _guidGenerator.Create(),
-                    IdentityConsts.ClaimType.Avatar.Name,
-                    isStatic: true
-                )
-            );
+            await CreateScopeAsync("lingyun-abp-application");
+            await CreateApplicationAsync("lingyun-abp-application");
         }
+    }
 
-        if (await _scopeRepository.FindByNameAsync("lingyun-abp-application") == null)
+    private async Task CreateScopeAsync(string scope)
+    {
+        if (await _scopeRepository.FindByNameAsync(scope) == null)
         {
             await _scopeManager.CreateAsync(new OpenIddictScopeDescriptor()
             {
-                Name = "lingyun-abp-application",
-                DisplayName = "lingyun-abp-application",
+                Name = scope,
+                DisplayName = scope + " access",
                 DisplayNames =
                 {
-                    [CultureInfo.GetCultureInfo("en")] = "abp application",
-                    [CultureInfo.GetCultureInfo("zh-Hans")] = "abp application",
+                    [CultureInfo.GetCultureInfo("zh-Hans")] = "Abp API 应用程序访问",
+                    [CultureInfo.GetCultureInfo("en")] = "Abp API Application Access"
                 },
                 Resources =
                 {
-                    "lingyun-abp-application"
+                    scope
                 }
             });
         }
+    }
 
-        if (await _applicationRepository.FindByClientIdAsync("vue-admin-client") == null)
+    private async Task CreateApplicationAsync(string scope)
+    {
+        var configurationSection = _configuration.GetSection("OpenIddict:Applications");
+
+        var vueClientId = configurationSection["VueAdmin:ClientId"];
+        if (!vueClientId.IsNullOrWhiteSpace())
         {
-            await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
+            var vueClientRootUrl = configurationSection["VueAdmin:RootUrl"].EnsureEndsWith('/');
+
+            if (await _applicationRepository.FindByClientIdAsync(vueClientId) == null)
             {
-                ClientId = "vue-admin-client",
-                ClientSecret = "1q2w3e*",
-                ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
-                DisplayName = "Vue Vben Admin Abp Application",
-                PostLogoutRedirectUris =
+                await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
-                    new Uri("https://127.0.0.1:3100/signout-callback-oidc"),
-                    new Uri("http://127.0.0.1:3100")
-                },
-                RedirectUris =
+                    ClientId = vueClientId,
+                    ClientSecret = configurationSection["VueAdmin:ClientSecret"],
+                    ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
+                    ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
+                    DisplayName = "Abp Vue Admin Client",
+                    PostLogoutRedirectUris =
+                    {
+                        new Uri(vueClientRootUrl + "signout-callback"),
+                        new Uri(vueClientRootUrl)
+                    },
+                    RedirectUris =
+                    {
+                        new Uri(vueClientRootUrl + "signin-callback"),
+                        new Uri(vueClientRootUrl)
+                    },
+                    Permissions =
+                    {
+                        OpenIddictConstants.Permissions.Endpoints.Authorization,
+                        OpenIddictConstants.Permissions.Endpoints.Token,
+                        OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization,
+                        OpenIddictConstants.Permissions.Endpoints.Introspection,
+                        OpenIddictConstants.Permissions.Endpoints.Revocation,
+                        OpenIddictConstants.Permissions.Endpoints.EndSession,
+
+                        OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
+                        OpenIddictConstants.Permissions.GrantTypes.Implicit,
+                        OpenIddictConstants.Permissions.GrantTypes.Password,
+                        OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
+                        OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
+                        OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
+
+                        OpenIddictConstants.Permissions.ResponseTypes.Code,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.IdToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.None,
+                        OpenIddictConstants.Permissions.ResponseTypes.Token,
+
+                        OpenIddictConstants.Permissions.Scopes.Roles,
+                        OpenIddictConstants.Permissions.Scopes.Profile,
+                        OpenIddictConstants.Permissions.Scopes.Email,
+                        OpenIddictConstants.Permissions.Scopes.Address,
+                        OpenIddictConstants.Permissions.Scopes.Phone,
+                        OpenIddictConstants.Permissions.Prefixes.Scope + scope
+                    }
+                });
+
+                var vueClientPermissions = new string[1]
                 {
-                    new Uri("https://127.0.0.1:3100/signin-oidc"),
-                    new Uri("http://127.0.0.1:3100")
-                },
-                Permissions =
+                    "AbpIdentity.UserLookup"
+                };
+                await _permissionDataSeeder.SeedAsync(ClientPermissionValueProvider.ProviderName, vueClientId, vueClientPermissions);
+            }
+        }
+
+        var internalServiceClientId = configurationSection["InternalService:ClientId"];
+        if (!internalServiceClientId.IsNullOrWhiteSpace())
+        {
+            if (await _applicationRepository.FindByClientIdAsync(internalServiceClientId) == null)
+            {
+                await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
-                    OpenIddictConstants.Permissions.Endpoints.Authorization,
-                    OpenIddictConstants.Permissions.Endpoints.Token,
-                    OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization,
-                    OpenIddictConstants.Permissions.Endpoints.Introspection,
-                    OpenIddictConstants.Permissions.Endpoints.Revocation,
-                    OpenIddictConstants.Permissions.Endpoints.EndSession,
-
-                    OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
-                    OpenIddictConstants.Permissions.GrantTypes.Implicit,
-                    OpenIddictConstants.Permissions.GrantTypes.Password,
-                    OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
-                    OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
-                    OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
-                    OpenIddictConstants.Permissions.Prefixes.GrantType + WeChatTokenExtensionGrantConsts.OfficialGrantType,
-                    OpenIddictConstants.Permissions.Prefixes.GrantType + WeChatTokenExtensionGrantConsts.MiniProgramGrantType,
-                    OpenIddictConstants.Permissions.Prefixes.GrantType + SmsTokenExtensionGrantConsts.GrantType,
-                    OpenIddictConstants.Permissions.Prefixes.GrantType + LinkUserTokenExtensionGrantConsts.GrantType,
-
-                    OpenIddictConstants.Permissions.ResponseTypes.Code,
-                    OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.IdToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.None,
-                    OpenIddictConstants.Permissions.ResponseTypes.Token,
-
-                    OpenIddictConstants.Permissions.Scopes.Roles,
-                    OpenIddictConstants.Permissions.Scopes.Profile,
-                    OpenIddictConstants.Permissions.Scopes.Email,
-                    OpenIddictConstants.Permissions.Scopes.Address,
-                    OpenIddictConstants.Permissions.Scopes.Phone,
-                    OpenIddictConstants.Permissions.Prefixes.Scope + WeChatTokenExtensionGrantConsts.ProfileKey,
-                    OpenIddictConstants.Permissions.Prefixes.Scope + "lingyun-abp-application"
-                }
-            });
+                    ClientId = internalServiceClientId,
+                    ClientSecret = configurationSection["InternalService:ClientSecret"],
+                    ClientType = OpenIddictConstants.ClientTypes.Confidential,
+                    ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
+                    ApplicationType = OpenIddictConstants.ApplicationTypes.Native,
+                    DisplayName = "Abp Vue Admin Client",
+                    Permissions =
+                    {
+                        OpenIddictConstants.Permissions.Endpoints.Authorization,
+                        OpenIddictConstants.Permissions.Endpoints.Token,
+                        OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization,
+                        OpenIddictConstants.Permissions.Endpoints.Introspection,
+                        OpenIddictConstants.Permissions.Endpoints.Revocation,
+                        OpenIddictConstants.Permissions.Endpoints.EndSession,
+
+                        OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
+                        OpenIddictConstants.Permissions.GrantTypes.Implicit,
+                        OpenIddictConstants.Permissions.GrantTypes.Password,
+                        OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
+                        OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
+                        OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
+
+                        OpenIddictConstants.Permissions.ResponseTypes.Code,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.IdToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.None,
+                        OpenIddictConstants.Permissions.ResponseTypes.Token,
+
+                        OpenIddictConstants.Permissions.Scopes.Roles,
+                        OpenIddictConstants.Permissions.Scopes.Profile,
+                        OpenIddictConstants.Permissions.Scopes.Email,
+                        OpenIddictConstants.Permissions.Scopes.Address,
+                        OpenIddictConstants.Permissions.Scopes.Phone,
+                        OpenIddictConstants.Permissions.Prefixes.Scope + scope
+                    }
+                });
+
+                var internalServicePermissions = new string[2]
+                {
+                    "AbpIdentity.UserLookup","AbpIdentity.Users"
+                };
+                await _permissionDataSeeder.SeedAsync(ClientPermissionValueProvider.ProviderName, internalServiceClientId, internalServicePermissions);
+            }
         }
 
-        if (await _applicationRepository.FindByClientIdAsync("InternalServiceClient") == null)
+        var oauthClientId = configurationSection["VueOAuthClient:ClientId"];
+        if (!oauthClientId.IsNullOrWhiteSpace())
         {
-            await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
+            var oauthClientRootUrl = configurationSection["VueOAuthClient:RootUrl"].EnsureEndsWith('/');
+
+            if (await _applicationRepository.FindByClientIdAsync(oauthClientId) == null)
             {
-                ClientId = "InternalServiceClient",
-                ClientSecret = "1q2w3e*",
-                ClientType = OpenIddictConstants.ClientTypes.Confidential,
-                ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
-                DisplayName = "Internal Service Client",
-                PostLogoutRedirectUris = {},
-                RedirectUris = {},
-                Permissions =
+                await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
-                    OpenIddictConstants.Permissions.Endpoints.Authorization,
-                    OpenIddictConstants.Permissions.Endpoints.Token,
-                    OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization,
-                    OpenIddictConstants.Permissions.Endpoints.Introspection,
-                    OpenIddictConstants.Permissions.Endpoints.Revocation,
-                    OpenIddictConstants.Permissions.Endpoints.EndSession,
-
-                    OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
-                    OpenIddictConstants.Permissions.GrantTypes.Implicit,
-                    OpenIddictConstants.Permissions.GrantTypes.Password,
-                    OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
-                    OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
-                    OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
-
-                    OpenIddictConstants.Permissions.ResponseTypes.Code,
-                    OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.IdToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
-                    OpenIddictConstants.Permissions.ResponseTypes.None,
-                    OpenIddictConstants.Permissions.ResponseTypes.Token,
-
-                    OpenIddictConstants.Permissions.Scopes.Roles,
-                    OpenIddictConstants.Permissions.Scopes.Profile,
-                    OpenIddictConstants.Permissions.Scopes.Email,
-                    OpenIddictConstants.Permissions.Scopes.Address,
-                    OpenIddictConstants.Permissions.Scopes.Phone,
-
-                    OpenIddictConstants.Permissions.Prefixes.Scope + "lingyun-abp-application"
-                }
-            });
+                    ClientId = oauthClientId,
+                    ClientSecret = null,
+                    ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
+                    ConsentType = OpenIddictConstants.ConsentTypes.Implicit,
+                    DisplayName = "OAuth Client",
+                    PostLogoutRedirectUris =
+                    {
+                        new Uri(oauthClientRootUrl + "signout-callback"),
+                        new Uri(oauthClientRootUrl)
+                    },
+                    RedirectUris =
+                    {
+                        new Uri(oauthClientRootUrl + "signin-callback"),
+                        new Uri(oauthClientRootUrl + "swagger/oauth2-redirect.html"),
+                        new Uri(oauthClientRootUrl)
+                    },
+                    Permissions =
+                    {
+                        OpenIddictConstants.Permissions.Endpoints.Authorization,
+                        OpenIddictConstants.Permissions.Endpoints.Token,
+                        OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization,
+                        OpenIddictConstants.Permissions.Endpoints.Introspection,
+                        OpenIddictConstants.Permissions.Endpoints.Revocation,
+                        OpenIddictConstants.Permissions.Endpoints.EndSession,
+
+                        OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
+                        OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
+
+                        OpenIddictConstants.Permissions.ResponseTypes.Code,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.IdToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
+                        OpenIddictConstants.Permissions.ResponseTypes.None,
+                        OpenIddictConstants.Permissions.ResponseTypes.Token,
+
+                        OpenIddictConstants.Permissions.Scopes.Roles,
+                        OpenIddictConstants.Permissions.Scopes.Profile,
+                        OpenIddictConstants.Permissions.Scopes.Email,
+                        OpenIddictConstants.Permissions.Scopes.Address,
+                        OpenIddictConstants.Permissions.Scopes.Phone,
+                        OpenIddictConstants.Permissions.Prefixes.Scope + scope
+                    }
+                });
+
+                var oauthClientPermissions = new string[1]
+                {
+                    "AbpIdentity.UserLookup"
+                };
+                await _permissionDataSeeder.SeedAsync(ClientPermissionValueProvider.ProviderName, oauthClientId, oauthClientPermissions);
+            }
         }
     }
 }
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json b/aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json
index 62e92ffce..ef6e1612e 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json
@@ -10,7 +10,7 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": "http://127.0.0.1:5666,http://localhost:5666",
     "Urls": {
       "Applications": {
         "MVC": {
@@ -24,7 +24,7 @@
           "RootUrl": "http://127.0.0.1:44385/"
         },
         "VueVbenAdmin": {
-          "RootUrl": "http://127.0.0.1:3100/",
+          "RootUrl": "http://127.0.0.1:5666/",
           "Urls": {
             "Abp.Account.EmailConfirm": "account/email-confirm",
             "Abp.Account.EmailVerifyLogin": "account/verify-code"
@@ -95,14 +95,18 @@
   },
   "OpenIddict": {
     "Applications": {
-      "AuthVueAdmin": {
+      "VueAdmin": {
         "ClientId": "vue-admin-client",
         "ClientSecret": "1q2w3e*",
-        "RootUrl": "http://127.0.0.1:3100/"
+        "RootUrl": "http://127.0.0.1:5666/"
       },
       "InternalService": {
         "ClientId": "InternalServiceClient",
         "ClientSecret": "1q2w3e*"
+      },
+      "VueOAuthClient": {
+        "ClientId": "vue-oauth-client",
+        "RootUrl": "http://localhost:5666"
       }
     }
   },

From 843e5977b53b281a6ff5a7efc3527d1c304a59bc Mon Sep 17 00:00:00 2001
From: colin <colin.in@foxmail.com>
Date: Mon, 23 Jun 2025 16:46:23 +0800
Subject: [PATCH 2/3] feat(template): The template adds swagger oauth
 configuration

---
 .../ProjectNameHttpApiHostModule.Configure.cs | 21 ++++++++++++-------
 .../ProjectNameHttpApiHostModule.cs           |  5 ++---
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs b/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs
index 27c854419..3ab0ad2b2 100644
--- a/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs
+++ b/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs
@@ -317,10 +317,15 @@ public partial class ProjectNameHttpApiHostModule
         }
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "ProjectName API"}
+            },
             options =>
             {
                 options.SwaggerDoc("v1", new OpenApiInfo { Title = "ProjectName API", Version = "v1" });
@@ -337,13 +342,13 @@ public partial class ProjectNameHttpApiHostModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
-                            {
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            },
-                            new string[] { }
-                        }
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        },
+                        new string[] { }
+                    }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
                 options.HideAbpEndpoints();
diff --git a/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs b/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
index b8f3bf007..6a109ba14 100644
--- a/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
+++ b/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
@@ -115,9 +115,9 @@ public partial class ProjectNameHttpApiHostModule : AbpModule
         ConfigurePermissionManagement(configuration);
         ConfigureTextTemplatingManagement(configuration);
 
-        ConfigureSwagger(context.Services);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -147,8 +147,7 @@ public partial class ProjectNameHttpApiHostModule : AbpModule
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
-            options.OAuthScopes("ProjectName");
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();

From 512d919b452588c291738013b0f7917053f14dad Mon Sep 17 00:00:00 2001
From: colin <colin.in@foxmail.com>
Date: Tue, 24 Jun 2025 14:41:27 +0800
Subject: [PATCH 3/3] feat(open-api): Enhance the swagger configuration

- Swagger has added the oauth config
- The cors configuration can be a string array
- Add cross-domain initialization configuration for the microservice oauth client
---
 .../DataSeeder/ClientDataSeederContributor.cs | 39 +++++++------
 ...LY.MicroService.Applications.Single.csproj |  2 +-
 ...rviceApplicationsSingleModule.Configure.cs | 53 +++++++++++++-----
 .../MicroServiceApplicationsSingleModule.cs   |  5 +-
 .../Program.cs                                | 26 ++-------
 .../appsettings.Development.json              | 12 ++--
 .../AuthServerHttpApiHostModule.Configure.cs  | 41 +++++++++++---
 .../AuthServerHttpApiHostModule.cs            | 13 +++--
 ...icroService.AuthServer.HttpApi.Host.csproj |  2 +-
 .../appsettings.Development.json              |  5 +-
 .../AuthServerModule.Configure.cs             | 16 ++++--
 .../AuthServerDataSeedContributor.cs          | 30 +++++-----
 .../appsettings.Development.json              | 26 ++++++++-
 ...BackendAdminHttpApiHostModule.Configure.cs | 53 +++++++++++++-----
 .../BackendAdminHttpApiHostModule.cs          | 12 +++-
 ...roService.BackendAdmin.HttpApi.Host.csproj |  6 +-
 .../appsettings.Development.json              |  5 +-
 ...entityServerHttpApiHostModule.Configure.cs | 56 +++++++++++++------
 .../IdentityServerHttpApiHostModule.cs        | 12 +++-
 ...Service.identityServer.HttpApi.Host.csproj |  2 +-
 .../appsettings.Development.json              |  5 +-
 .../IdentityServerModule.Configure.cs         | 16 ++++--
 .../appsettings.Development.json              | 13 ++++-
 ...LocalizationManagement.HttpApi.Host.csproj |  6 +-
 ...onManagementHttpApiHostModule.Configure.cs | 41 +++++++++++---
 ...LocalizationManagementHttpApiHostModule.cs | 12 +++-
 .../appsettings.Development.json              |  5 +-
 ...ice.PlatformManagement.HttpApi.Host.csproj |  6 +-
 ...rmManagementHttpApiHostModule.Configure.cs | 41 +++++++++++---
 .../PlatformManagementHttpApiHostModule.cs    | 12 +++-
 .../appsettings.Development.json              |  5 +-
 ...ervice.RealtimeMessage.HttpApi.Host.csproj |  6 +-
 ...ltimeMessageHttpApiHostModule.Configure.cs | 41 +++++++++++---
 .../RealtimeMessageHttpApiHostModule.cs       | 12 +++-
 .../appsettings.Development.json              |  5 +-
 ...skManagementHttpApiHostModule.Configure.cs | 41 +++++++++++---
 .../TaskManagementHttpApiHostModule.cs        |  7 +--
 .../appsettings.Development.json              |  1 +
 ...ksManagementHttpApiHostModule.Configure.cs | 41 +++++++++++---
 .../WebhooksManagementHttpApiHostModule.cs    |  7 +--
 .../appsettings.Development.json              |  4 +-
 ...atManagementHttpApiHostModule.Configure.cs | 27 ++++++---
 .../WechatManagementHttpApiHostModule.cs      |  7 +--
 .../appsettings.Development.json              |  1 +
 ...owManagementHttpApiHostModule.Configure.cs | 53 +++++++++++++-----
 .../WorkflowManagementHttpApiHostModule.cs    |  5 +-
 .../appsettings.Development.json              |  5 +-
 .../ProjectNameHttpApiHostModule.Configure.cs | 16 ++++--
 .../appsettings.Development.json              |  5 +-
 49 files changed, 596 insertions(+), 266 deletions(-)

diff --git a/aspnet-core/migrations/LY.MicroService.Applications.Single.EntityFrameworkCore/DataSeeder/ClientDataSeederContributor.cs b/aspnet-core/migrations/LY.MicroService.Applications.Single.EntityFrameworkCore/DataSeeder/ClientDataSeederContributor.cs
index 531152c02..22afb4b37 100644
--- a/aspnet-core/migrations/LY.MicroService.Applications.Single.EntityFrameworkCore/DataSeeder/ClientDataSeederContributor.cs
+++ b/aspnet-core/migrations/LY.MicroService.Applications.Single.EntityFrameworkCore/DataSeeder/ClientDataSeederContributor.cs
@@ -1,6 +1,7 @@
 using Microsoft.Extensions.Configuration;
 using OpenIddict.Abstractions;
 using System;
+using System.Collections.Generic;
 using System.Globalization;
 using System.Threading.Tasks;
 using Volo.Abp.Authorization.Permissions;
@@ -94,18 +95,18 @@ public class ClientDataSeederContributor : IDataSeedContributor, ITransientDepen
                 await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
                     ClientId = vueClientId,
-                    ClientSecret = "1q2w3e*",
+                    ClientSecret = configurationSection["VueAdmin:ClientSecret"],
                     ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
                     ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
                     DisplayName = "Abp Vue Admin Client",
                     PostLogoutRedirectUris =
                     {
-                        new Uri(vueClientRootUrl + "signout-callback-oidc"),
+                        new Uri(vueClientRootUrl + "signout-callback"),
                         new Uri(vueClientRootUrl)
                     },
                     RedirectUris =
                     {
-                        new Uri(vueClientRootUrl + "/signin-oidc"),
+                        new Uri(vueClientRootUrl + "signin-callback"),
                         new Uri(vueClientRootUrl)
                     },
                     Permissions =
@@ -158,7 +159,7 @@ public class ClientDataSeederContributor : IDataSeedContributor, ITransientDepen
                 await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
                     ClientId = internalServiceClientId,
-                    ClientSecret = "1q2w3e*",
+                    ClientSecret = configurationSection["InternalService:ClientSecret"],
                     ClientType = OpenIddictConstants.ClientTypes.Confidential,
                     ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
                     ApplicationType = OpenIddictConstants.ApplicationTypes.Native,
@@ -205,30 +206,22 @@ public class ClientDataSeederContributor : IDataSeedContributor, ITransientDepen
             }
         }
 
-        var oauthClientId = configurationSection["OAuthClient:ClientId"];
+        var oauthClientId = configurationSection["VueOAuthClient:ClientId"];
         if (!oauthClientId.IsNullOrWhiteSpace())
         {
-            var oauthClientRootUrl = configurationSection["OAuthClient:RootUrl"].EnsureEndsWith('/');
+            var oauthClientRootUrls = configurationSection.GetSection("VueOAuthClient:RootUrls").Get<List<string>>();
 
             if (await _applicationRepository.FindByClientIdAsync(oauthClientId) == null)
             {
-                await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
+                var application = new OpenIddictApplicationDescriptor
                 {
                     ClientId = oauthClientId,
                     ClientSecret = null,
                     ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
                     ConsentType = OpenIddictConstants.ConsentTypes.Implicit,
                     DisplayName = "OAuth Client",
-                    PostLogoutRedirectUris =
-                    {
-                        new Uri(oauthClientRootUrl + "signout-callback"),
-                        new Uri(oauthClientRootUrl)
-                    },
-                    RedirectUris =
-                    {
-                        new Uri(oauthClientRootUrl + "/signin-callback"),
-                        new Uri(oauthClientRootUrl)
-                    },
+                    PostLogoutRedirectUris = { },
+                    RedirectUris = { },
                     Permissions =
                     {
                         OpenIddictConstants.Permissions.Endpoints.Authorization,
@@ -257,8 +250,20 @@ public class ClientDataSeederContributor : IDataSeedContributor, ITransientDepen
                         OpenIddictConstants.Permissions.Scopes.Phone,
                         OpenIddictConstants.Permissions.Prefixes.Scope + scope
                     }
+                };
+
+                oauthClientRootUrls.ForEach(url =>
+                {
+                    application.PostLogoutRedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/')));
+                    application.PostLogoutRedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "signout-callback"));
+
+                    application.RedirectUris.AddIfNotContains(new Uri(url));
+                    application.RedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "signin-callback"));
+                    application.RedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "swagger/oauth2-redirect.html"));
                 });
 
+                await _applicationManager.CreateAsync(application);
+
                 var oauthClientPermissions = new string[1]
                 {
                     "AbpIdentity.UserLookup"
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj b/aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj
index 88e7de0e3..de2942f89 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj
@@ -33,7 +33,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Quartz.Serialization.Json" />
 		<PackageReference Include="Volo.Abp.Account.Web.OpenIddict" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
@@ -55,6 +54,7 @@
 		<PackageReference Include="Volo.Abp.PermissionManagement.Web" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.Web" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.Identity.AspNetCore" />
 		<PackageReference Include="Volo.Abp.Identity.Web" />
 		<PackageReference Include="Volo.Abp.VirtualFileExplorer.Web" />
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
index 0c52ddf44..dd1b896d3 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
@@ -610,13 +610,32 @@ public partial class MicroServiceApplicationsSingleModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Single APP"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "App API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Single APP API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -630,13 +649,13 @@ public partial class MicroServiceApplicationsSingleModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
-                            {
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            },
-                            new string[] { }
-                        }
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        },
+                        new string[] { }
+                    }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
             });
@@ -896,12 +915,18 @@ public partial class MicroServiceApplicationsSingleModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs
index 1022d76c7..8fa30a07b 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs
@@ -1,3 +1,5 @@
+using Volo.Abp.Swashbuckle;
+
 namespace LY.MicroService.Applications.Single;
 
 [DependsOn(
@@ -370,6 +372,7 @@ namespace LY.MicroService.Applications.Single;
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpAspNetCoreMvcIdempotentWrapperModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpMailKitModule),
     typeof(AbpAutofacModule),
 
@@ -418,7 +421,6 @@ public partial class MicroServiceApplicationsSingleModule : AbpModule
         ConfigureIdentity(configuration);
         ConfigureDbContext(configuration);
         ConfigureAuthServer(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureEndpoints(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
@@ -429,6 +431,7 @@ public partial class MicroServiceApplicationsSingleModule : AbpModule
         ConfigurePermissionManagement(configuration);
         ConfigureNotificationManagement(configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureOssManagement(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureKestrelServer(configuration, hostingEnvironment);
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/Program.cs b/aspnet-core/services/LY.MicroService.Applications.Single/Program.cs
index 90d9afbb4..50890bddf 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/Program.cs
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/Program.cs
@@ -4,25 +4,6 @@ using Volo.Abp.IO;
 using Volo.Abp.Modularity.PlugIns;
 
 var builder = WebApplication.CreateBuilder(args);
-builder.Services.AddCors(options =>
-{
-    options.AddDefaultPolicy(policy =>
-    {
-        policy
-            .WithOrigins(
-                builder.Configuration["App:CorsOrigins"]
-                    .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                    .Select(o => o.RemovePostFix("/"))
-                    .ToArray()
-            )
-            .WithAbpExposedHeaders()
-            .WithAbpWrapExposedHeaders()
-            .SetIsOriginAllowedToAllowWildcardSubdomains()
-            .AllowAnyHeader()
-            .AllowAnyMethod()
-            .AllowCredentials();
-    });
-});
 builder.Host.AddAppSettingsSecretsJson()
     .UseAutofac()
     .ConfigureAppConfiguration((context, config) =>
@@ -81,9 +62,12 @@ app.UseAbpSession();
 app.UseDynamicClaims();
 app.UseAuthorization();
 app.UseSwagger();
-app.UseSwaggerUI(options =>
+app.UseAbpSwaggerUI(options =>
 {
-    options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support App API");
+    options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Single APP API");
+
+    options.OAuthClientId(app.Configuration["AuthServer:SwaggerClientId"]);
+    options.OAuthScopes(app.Configuration["AuthServer:Audience"]);
 });
 app.UseAuditing();
 app.UseAbpSerilogEnrichers();
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/appsettings.Development.json b/aspnet-core/services/LY.MicroService.Applications.Single/appsettings.Development.json
index 7e7570be8..5c9e3ef69 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/appsettings.Development.json
@@ -2,7 +2,7 @@
   "App": {
     "ShowPii": true,
     "SelfUrl": "http://127.0.0.1:30001/",
-    "CorsOrigins": "http://127.0.0.1:3100,http://localhost:5666,http://127.0.0.1:30001",
+    "CorsOrigins": [ "http://127.0.0.1:5666", "http://127.0.0.1:30001" ],
     "Urls": {
       "Applications": {
         "MVC": {
@@ -149,8 +149,7 @@
     "Authority": "http://127.0.0.1:30001/",
     "Audience": "lingyun-abp-application",
     "RequireHttpsMetadata": false,
-    "SwaggerClientId": "InternalServiceClient",
-    "SwaggerClientSecret": "1q2w3E*"
+    "SwaggerClientId": "vue-oauth-client"
   },
   "IdentityServer": {
     "Clients": {
@@ -172,9 +171,12 @@
       "InternalService": {
         "ClientId": "InternalServiceClient"
       },
-      "OAuthClient": {
+      "VueOAuthClient": {
         "ClientId": "vue-oauth-client",
-        "RootUrl": "http://localhost:5666"
+        "RootUrls": [
+          "http://127.0.0.1:5666",
+          "http://127.0.0.1:30001"
+        ]
       }
     },
     "Lifetime": {
diff --git a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs
index c4cac9f55..b73cc5812 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs
@@ -364,13 +364,32 @@ public partial class AuthServerHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Identity Service API"}
+            }, 
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "AuthServer API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Identity Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -429,12 +448,18 @@ public partial class AuthServerHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs
index e51335ce6..d190b1607 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs
@@ -38,10 +38,10 @@ using Volo.Abp.EntityFrameworkCore.MySQL;
 using Volo.Abp.FeatureManagement.EntityFrameworkCore;
 using Volo.Abp.Http.Client;
 using Volo.Abp.Modularity;
-using Volo.Abp.MultiTenancy;
 using Volo.Abp.OpenIddict.EntityFrameworkCore;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.AuthServer;
 
@@ -86,6 +86,7 @@ namespace LY.MicroService.AuthServer;
     typeof(AbpTelemetrySkyWalkingModule),
     typeof(AbpExporterMiniExcelModule),
     typeof(AbpClaimsMappingModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class AuthServerHttpApiHostModule : AbpModule
@@ -120,11 +121,11 @@ public partial class AuthServerHttpApiHostModule : AbpModule
         ConfigureCaching(configuration);
         ConfigureTiming(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -156,9 +157,13 @@ public partial class AuthServerHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support IdentityServer API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Identity Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();
diff --git a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/LY.MicroService.AuthServer.HttpApi.Host.csproj b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/LY.MicroService.AuthServer.HttpApi.Host.csproj
index 5581efb74..fae5a1495 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/LY.MicroService.AuthServer.HttpApi.Host.csproj
+++ b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/LY.MicroService.AuthServer.HttpApi.Host.csproj
@@ -26,7 +26,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Authentication.JwtBearer" />
@@ -41,6 +40,7 @@
 		<PackageReference Include="Volo.Abp.OpenIddict.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 
diff --git a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/appsettings.Development.json
index 686ffb482..b2a92de2e 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/appsettings.Development.json
@@ -11,7 +11,7 @@
   },
   "App": {
     "ShowPii": true,
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "Urls": {
       "Applications": {
         "MVC": {
@@ -92,7 +92,8 @@
     "Authority": "http://127.0.0.1:44385",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "AuditLogging": {
     "Elasticsearch": {
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs b/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
index 78dced076..bd45d1590 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
@@ -430,12 +430,18 @@ public partial class AuthServerModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs b/aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
index 5d0d99d5c..9a05a9aa7 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
@@ -5,6 +5,7 @@ using LINGYUN.Abp.OpenIddict.WeChat;
 using Microsoft.Extensions.Configuration;
 using OpenIddict.Abstractions;
 using System;
+using System.Collections.Generic;
 using System.Globalization;
 using System.Threading.Tasks;
 using Volo.Abp.Authorization.Permissions;
@@ -207,28 +208,19 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
         var oauthClientId = configurationSection["VueOAuthClient:ClientId"];
         if (!oauthClientId.IsNullOrWhiteSpace())
         {
-            var oauthClientRootUrl = configurationSection["VueOAuthClient:RootUrl"].EnsureEndsWith('/');
+            var oauthClientRootUrls = configurationSection.GetSection("VueOAuthClient:RootUrls").Get<List<string>>();
 
             if (await _applicationRepository.FindByClientIdAsync(oauthClientId) == null)
             {
-                await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
+                var application = new OpenIddictApplicationDescriptor
                 {
                     ClientId = oauthClientId,
                     ClientSecret = null,
                     ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
                     ConsentType = OpenIddictConstants.ConsentTypes.Implicit,
                     DisplayName = "OAuth Client",
-                    PostLogoutRedirectUris =
-                    {
-                        new Uri(oauthClientRootUrl + "signout-callback"),
-                        new Uri(oauthClientRootUrl)
-                    },
-                    RedirectUris =
-                    {
-                        new Uri(oauthClientRootUrl + "signin-callback"),
-                        new Uri(oauthClientRootUrl + "swagger/oauth2-redirect.html"),
-                        new Uri(oauthClientRootUrl)
-                    },
+                    PostLogoutRedirectUris = { },
+                    RedirectUris = { },
                     Permissions =
                     {
                         OpenIddictConstants.Permissions.Endpoints.Authorization,
@@ -257,8 +249,20 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
                         OpenIddictConstants.Permissions.Scopes.Phone,
                         OpenIddictConstants.Permissions.Prefixes.Scope + scope
                     }
+                };
+
+                oauthClientRootUrls.ForEach(url =>
+                {
+                    application.PostLogoutRedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/')));
+                    application.PostLogoutRedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "signout-callback"));
+
+                    application.RedirectUris.AddIfNotContains(new Uri(url));
+                    application.RedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "signin-callback"));
+                    application.RedirectUris.AddIfNotContains(new Uri(url.EnsureEndsWith('/') + "swagger/oauth2-redirect.html"));
                 });
 
+                await _applicationManager.CreateAsync(application);
+
                 var oauthClientPermissions = new string[1]
                 {
                     "AbpIdentity.UserLookup"
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json b/aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json
index ef6e1612e..351eae675 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json
@@ -10,7 +10,18 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:5666,http://localhost:5666",
+    "CorsOrigins": [
+      "http://127.0.0.1:5666",
+      "http://127.0.0.1:30010",
+      "http://127.0.0.1:30015",
+      "http://127.0.0.1:30020",
+      "http://127.0.0.1:30025",
+      "http://127.0.0.1:30030",
+      "http://127.0.0.1:30040",
+      "http://127.0.0.1:30045",
+      "http://127.0.0.1:30050",
+      "http://127.0.0.1:30060"
+    ],
     "Urls": {
       "Applications": {
         "MVC": {
@@ -106,7 +117,18 @@
       },
       "VueOAuthClient": {
         "ClientId": "vue-oauth-client",
-        "RootUrl": "http://localhost:5666"
+        "RootUrls": [
+          "http://127.0.0.1:5666",
+          "http://127.0.0.1:30010",
+          "http://127.0.0.1:30015",
+          "http://127.0.0.1:30020",
+          "http://127.0.0.1:30025",
+          "http://127.0.0.1:30030",
+          "http://127.0.0.1:30040",
+          "http://127.0.0.1:30045",
+          "http://127.0.0.1:30050",
+          "http://127.0.0.1:30060"
+        ]
       }
     }
   },
diff --git a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs
index e9e6c960b..b14dcb98c 100644
--- a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs
@@ -314,13 +314,32 @@ public partial class BackendAdminHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Admin Service API"}
+            }, 
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "BackendAdmin API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Admin Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -334,13 +353,13 @@ public partial class BackendAdminHttpApiHostModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
-                            {
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            },
-                            new string[] { }
-                        }
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        },
+                        new string[] { }
+                    }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
             });
@@ -394,12 +413,18 @@ public partial class BackendAdminHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.cs
index 872626ec5..e0e27ef62 100644
--- a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.cs
@@ -54,6 +54,7 @@ using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.PermissionManagement.Identity;
 using Volo.Abp.PermissionManagement.IdentityServer;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.BackendAdmin;
 
@@ -123,6 +124,7 @@ namespace LY.MicroService.BackendAdmin;
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
     typeof(AbpClaimsMappingModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class BackendAdminHttpApiHostModule : AbpModule
@@ -155,11 +157,11 @@ public partial class BackendAdminHttpApiHostModule : AbpModule
         ConfigureTiming(configuration);
         ConfigureCaching(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
@@ -193,9 +195,13 @@ public partial class BackendAdminHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support BackendAdmin API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Admin Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();
diff --git a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/LY.MicroService.BackendAdmin.HttpApi.Host.csproj b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/LY.MicroService.BackendAdmin.HttpApi.Host.csproj
index 58dedc85c..f95425de4 100644
--- a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/LY.MicroService.BackendAdmin.HttpApi.Host.csproj
+++ b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/LY.MicroService.BackendAdmin.HttpApi.Host.csproj
@@ -20,10 +20,6 @@
 		<PackageReference Include="DotNetCore.CAP.RabbitMQ" />
 		<PackageReference Include="DistributedLock.Redis" />
 		<PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" />
-		<!--<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.5">
-		  <PrivateAssets>all</PrivateAssets>
-		  <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-		</PackageReference>-->
 		<PackageReference Include="Serilog.AspNetCore" />
 		<PackageReference Include="Serilog.Enrichers.Environment" />
 		<PackageReference Include="Serilog.Enrichers.Assembly" />
@@ -32,7 +28,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Mvc.UI.MultiTenancy" />
@@ -48,6 +43,7 @@
 		<PackageReference Include="Volo.Abp.PermissionManagement.Domain.Identity" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.Domain.IdentityServer" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.HttpApi" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
diff --git a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/appsettings.Development.json
index 4a878629e..a1a0df0ec 100644
--- a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/appsettings.Development.json
@@ -10,8 +10,8 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
     "ShowPii": true,
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
   "Auditing": {
@@ -66,7 +66,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "RemoteServices": {
     "Platform": {
diff --git a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs
index affe1bcdb..0943d54f6 100644
--- a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs
@@ -346,13 +346,32 @@ public partial class IdentityServerHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Identity Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "IdentityServer4 API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Identity Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -366,13 +385,13 @@ public partial class IdentityServerHttpApiHostModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
-                            {
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            },
-                            new string[] { }
-                        }
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        },
+                        new string[] { }
+                    }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
             });
@@ -415,16 +434,21 @@ public partial class IdentityServerHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
-                    // 引用 LINGYUN.Abp.AspNetCore.Mvc.Wrapper 包时可替换为 WithAbpWrapExposedHeaders
-                    .WithExposedHeaders("_AbpWrapResult", "_AbpDontWrapResult")
+                    .WithAbpWrapExposedHeaders()
                     .SetIsOriginAllowedToAllowWildcardSubdomains()
                     .AllowAnyHeader()
                     .AllowAnyMethod()
diff --git a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.cs
index c430aaf50..2be6447ba 100644
--- a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.cs
@@ -35,6 +35,7 @@ using Volo.Abp.Http.Client;
 using Volo.Abp.Modularity;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.IdentityServer;
 
@@ -78,6 +79,7 @@ namespace LY.MicroService.IdentityServer;
     typeof(AbpTelemetrySkyWalkingModule),
     typeof(AbpExporterMiniExcelModule),
     typeof(AbpClaimsMappingModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class IdentityServerHttpApiHostModule : AbpModule
@@ -111,11 +113,11 @@ public partial class IdentityServerHttpApiHostModule : AbpModule
         ConfigureTiming(configuration);
         ConfigureCaching(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -147,9 +149,13 @@ public partial class IdentityServerHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support IdentityServer API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Identity Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();
diff --git a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/LY.MicroService.identityServer.HttpApi.Host.csproj b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/LY.MicroService.identityServer.HttpApi.Host.csproj
index d8d5b6fe6..0f76b0410 100644
--- a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/LY.MicroService.identityServer.HttpApi.Host.csproj
+++ b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/LY.MicroService.identityServer.HttpApi.Host.csproj
@@ -33,7 +33,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.MultiTenancy" />
@@ -48,6 +47,7 @@
 		<PackageReference Include="Volo.Abp.IdentityServer.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 
diff --git a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/appsettings.Development.json
index 14e25e590..133460d6c 100644
--- a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/appsettings.Development.json
@@ -11,7 +11,7 @@
   },
   "App": {
     "ShowPii": true,
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "Urls": {
       "Applications": {
         "MVC": {
@@ -92,7 +92,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "AuditLogging": {
     "Elasticsearch": {
diff --git a/aspnet-core/services/LY.MicroService.IdentityServer/IdentityServerModule.Configure.cs b/aspnet-core/services/LY.MicroService.IdentityServer/IdentityServerModule.Configure.cs
index bd0eb3514..b9a4dc9a0 100644
--- a/aspnet-core/services/LY.MicroService.IdentityServer/IdentityServerModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.IdentityServer/IdentityServerModule.Configure.cs
@@ -383,12 +383,18 @@ public partial class IdentityServerModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.IdentityServer/appsettings.Development.json b/aspnet-core/services/LY.MicroService.IdentityServer/appsettings.Development.json
index 3233664d0..632c31e23 100644
--- a/aspnet-core/services/LY.MicroService.IdentityServer/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.IdentityServer/appsettings.Development.json
@@ -10,7 +10,18 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [
+      "http://127.0.0.1:5666",
+      "http://127.0.0.1:30010",
+      "http://127.0.0.1:30015",
+      "http://127.0.0.1:30020",
+      "http://127.0.0.1:30025",
+      "http://127.0.0.1:30030",
+      "http://127.0.0.1:30040",
+      "http://127.0.0.1:30045",
+      "http://127.0.0.1:30050",
+      "http://127.0.0.1:30060"
+    ],
     "Urls": {
       "Applications": {
         "MVC": {
diff --git a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LY.MicroService.LocalizationManagement.HttpApi.Host.csproj b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LY.MicroService.LocalizationManagement.HttpApi.Host.csproj
index 892587088..2033b5a63 100644
--- a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LY.MicroService.LocalizationManagement.HttpApi.Host.csproj
+++ b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LY.MicroService.LocalizationManagement.HttpApi.Host.csproj
@@ -16,10 +16,6 @@
 		<PackageReference Include="DotNetCore.CAP.RabbitMQ" />
 		<PackageReference Include="DistributedLock.Redis" />
 		<PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" />
-		<!--<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.5">
-			<PrivateAssets>all</PrivateAssets>
-			<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-		</PackageReference>-->
 		<PackageReference Include="Serilog.AspNetCore" />
 		<PackageReference Include="Serilog.Enrichers.Environment" />
 		<PackageReference Include="Serilog.Enrichers.Assembly" />
@@ -28,7 +24,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.MultiTenancy" />
@@ -38,6 +33,7 @@
 		<PackageReference Include="Volo.Abp.Http.Client" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 
diff --git a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs
index e2b603c32..af54d6af5 100644
--- a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs
@@ -235,13 +235,32 @@ public partial class LocalizationManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Localization Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "Localization Management API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Localization Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -300,12 +319,18 @@ public partial class LocalizationManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.cs
index 4948adfba..ae0f264fc 100644
--- a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.cs
@@ -30,6 +30,7 @@ using Volo.Abp.Http.Client;
 using Volo.Abp.Modularity;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.LocalizationManagement;
 
@@ -61,6 +62,7 @@ namespace LY.MicroService.LocalizationManagement;
     typeof(AbpEmailingPlatformModule),
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class LocalizationManagementHttpApiHostModule : AbpModule
@@ -90,11 +92,11 @@ public partial class LocalizationManagementHttpApiHostModule : AbpModule
         ConfigureCaching(configuration);
         ConfigureIdentity(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
@@ -129,9 +131,13 @@ public partial class LocalizationManagementHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Localization Management API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Localization Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();
diff --git a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/appsettings.Development.json
index 459f8c07e..4ca221a53 100644
--- a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/appsettings.Development.json
@@ -10,7 +10,7 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "ShowPii": true,
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
@@ -72,7 +72,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "AuditLogging": {
     "Elasticsearch": {
diff --git a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/LY.MicroService.PlatformManagement.HttpApi.Host.csproj b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/LY.MicroService.PlatformManagement.HttpApi.Host.csproj
index 109e80e23..0dfce9a2c 100644
--- a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/LY.MicroService.PlatformManagement.HttpApi.Host.csproj
+++ b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/LY.MicroService.PlatformManagement.HttpApi.Host.csproj
@@ -16,10 +16,6 @@
 		<PackageReference Include="DotNetCore.CAP.RabbitMQ" />
 		<PackageReference Include="DistributedLock.Redis" />
 		<PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" />
-		<!--<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.5">
-			<PrivateAssets>all</PrivateAssets>
-			<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-		</PackageReference>-->
 		<PackageReference Include="Serilog.AspNetCore" />
 		<PackageReference Include="Serilog.Enrichers.Environment" />
 		<PackageReference Include="Serilog.Enrichers.Assembly" />
@@ -28,7 +24,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.MultiTenancy" />
@@ -42,6 +37,7 @@
 		<PackageReference Include="Volo.Abp.EntityFrameworkCore.MySQL" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 
diff --git a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs
index 39129ee77..d7baae67e 100644
--- a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs
@@ -312,13 +312,32 @@ public partial class PlatformManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Platform Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "Platform API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Platform Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -377,12 +396,18 @@ public partial class PlatformManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.cs
index 5ef5bb619..bf951fef5 100644
--- a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.cs
@@ -52,6 +52,7 @@ using Volo.Abp.MailKit;
 using Volo.Abp.Modularity;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 using Volo.Abp.Threading;
 
 namespace LY.MicroService.PlatformManagement;
@@ -103,6 +104,7 @@ namespace LY.MicroService.PlatformManagement;
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpClaimsMappingModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class PlatformManagementHttpApiHostModule : AbpModule
@@ -133,11 +135,11 @@ public partial class PlatformManagementHttpApiHostModule : AbpModule
         ConfigureCaching(configuration);
         ConfigureIdentity(configuration);
         ConfigureAuditing(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureOssManagement(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
@@ -191,9 +193,13 @@ public partial class PlatformManagementHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Platform API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Platform Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();
diff --git a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/appsettings.Development.json
index 6d9489113..e0398797b 100644
--- a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/appsettings.Development.json
@@ -17,7 +17,7 @@
         "127.0.0.1"
       ]
     },
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "ShowPii": true,
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
@@ -97,7 +97,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "AuditLogging": {
     "Elasticsearch": {
diff --git a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/LY.MicroService.RealtimeMessage.HttpApi.Host.csproj b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/LY.MicroService.RealtimeMessage.HttpApi.Host.csproj
index 130192022..ab4205aa7 100644
--- a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/LY.MicroService.RealtimeMessage.HttpApi.Host.csproj
+++ b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/LY.MicroService.RealtimeMessage.HttpApi.Host.csproj
@@ -20,10 +20,6 @@
 		<PackageReference Include="DotNetCore.CAP.RabbitMQ" />
 		<PackageReference Include="DistributedLock.Redis" />
 		<PackageReference Include="Microsoft.AspNetCore.DataProtection.StackExchangeRedis" />
-		<!--<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="7.0.5">
-			<PrivateAssets>all</PrivateAssets>
-			<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-		</PackageReference>-->
 		<PackageReference Include="Microsoft.AspNetCore.SignalR.StackExchangeRedis" />
 		<PackageReference Include="Quartz.Serialization.Json" />
 		<PackageReference Include="Serilog.AspNetCore" />
@@ -34,7 +30,6 @@
 		<PackageReference Include="Serilog.Settings.Configuration" />
 		<PackageReference Include="Serilog.Sinks.Elasticsearch" />
 		<PackageReference Include="Serilog.Sinks.File" />
-		<PackageReference Include="Swashbuckle.AspNetCore" />
 		<PackageReference Include="Volo.Abp.AspNetCore.Serilog" />
 		<PackageReference Include="Volo.Abp.Caching.StackExchangeRedis" />
 		<PackageReference Include="Volo.Abp.AspNetCore.MultiTenancy" />
@@ -45,6 +40,7 @@
 		<PackageReference Include="Volo.Abp.Identity.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.FeatureManagement.EntityFrameworkCore" />
 		<PackageReference Include="Volo.Abp.SettingManagement.EntityFrameworkCore" />
+		<PackageReference Include="Volo.Abp.Swashbuckle" />
 		<PackageReference Include="Volo.Abp.PermissionManagement.EntityFrameworkCore" />
 	</ItemGroup>
 
diff --git a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs
index 9522eff17..7155353b8 100644
--- a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs
@@ -334,13 +334,32 @@ public partial class RealtimeMessageHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Message Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "Realtime Message API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Message Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -372,12 +391,18 @@ public partial class RealtimeMessageHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.cs
index 713353263..12603407b 100644
--- a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.cs
@@ -60,6 +60,7 @@ using Volo.Abp.Http.Client;
 using Volo.Abp.Modularity;
 using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.SettingManagement.EntityFrameworkCore;
+using Volo.Abp.Swashbuckle;
 
 namespace LY.MicroService.RealtimeMessage;
 
@@ -124,6 +125,7 @@ namespace LY.MicroService.RealtimeMessage;
     typeof(AbpTelemetrySkyWalkingModule),
     typeof(AbpAspNetCoreMvcWrapperModule),
     typeof(AbpAspNetCoreHttpOverridesModule),
+    typeof(AbpSwashbuckleModule),
     typeof(AbpAutofacModule)
     )]
 public partial class RealtimeMessageHttpApiHostModule : AbpModule
@@ -160,9 +162,9 @@ public partial class RealtimeMessageHttpApiHostModule : AbpModule
         ConfigureMultiTenancy(configuration);
         ConfigureJsonSerializer(configuration);
         ConfigureBackgroundTasks(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLocking(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
@@ -195,9 +197,13 @@ public partial class RealtimeMessageHttpApiHostModule : AbpModule
         // Swagger
         app.UseSwagger();
         // Swagger可视化界面
-        app.UseSwaggerUI(options =>
+        app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Realtime Message API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Message Service API");
+
+            var configuration = context.GetConfiguration();
+            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         // 审计日志
         app.UseAuditing();
diff --git a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/appsettings.Development.json
index b7f830b01..11ee6b61b 100644
--- a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/appsettings.Development.json
@@ -10,7 +10,7 @@
     "configCacheEncrypt": true
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "Forwarded": {
       "ForwardedHeaders": 5,
       "KnownProxies": [
@@ -78,7 +78,8 @@
     "Authority": "http://127.0.0.1:44385/",
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
-    "RequireHttpsMetadata": false
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "vue-oauth-client"
   },
   "Quartz": {
     "UsePersistentStore": false,
diff --git a/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs
index 17f3845b3..a50f0b57e 100644
--- a/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs
@@ -202,12 +202,18 @@ public partial class TaskManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
@@ -312,13 +318,32 @@ public partial class TaskManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Task Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "TaskManagement API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Task Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
diff --git a/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.cs
index 615948467..eb1f9a0ee 100644
--- a/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.cs
@@ -118,10 +118,10 @@ public partial class TaskManagementHttpApiHostModule : AbpModule
         ConfigureAuditing(configuration);
         ConfigureIdentity(configuration);
         ConfigureMultiTenancy(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -145,12 +145,11 @@ public partial class TaskManagementHttpApiHostModule : AbpModule
         app.UseSwagger();
         app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Task Management API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Task Service API");
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
-            options.OAuthScopes(configuration["AuthServer:Scopes"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();
diff --git a/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/appsettings.Development.json
index 55c39cfdf..a2f105c88 100644
--- a/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/appsettings.Development.json
@@ -11,6 +11,7 @@
   },
   "App": {
     "ShowPii": true,
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
   "Auditing": {
diff --git a/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs
index e135e97a9..a3df18412 100644
--- a/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs
@@ -308,13 +308,32 @@ public partial class WebhooksManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Webhook Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "WebhooksManagement API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Webhook Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -410,12 +429,18 @@ public partial class WebhooksManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.cs
index 099d9301a..ea00e0fa4 100644
--- a/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.cs
@@ -121,11 +121,11 @@ public partial class WebhooksManagementHttpApiHostModule : AbpModule
         ConfigureAuditing(configuration);
         ConfigureIdentity(configuration);
         ConfigureMultiTenancy(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureWebhooks(context.Services);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureBackgroundTasks(context.Services, configuration);
         ConfigureSeedWorker(context.Services, hostingEnvironment.IsDevelopment());
@@ -152,12 +152,11 @@ public partial class WebhooksManagementHttpApiHostModule : AbpModule
         app.UseSwagger();
         app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support APP API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Webhook Service API");
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
-            options.OAuthScopes("WebhooksManagement");
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();
diff --git a/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/appsettings.Development.json
index 5b6d69620..c208e5069 100644
--- a/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/appsettings.Development.json
@@ -11,6 +11,7 @@
   },
   "App": {
     "ShowPii": true,
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
   "Auditing": {
@@ -103,8 +104,7 @@
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
     "RequireHttpsMetadata": false,
-    "SwaggerClientId": "InternalServiceClient",
-    "SwaggerClientSecret": "1q2w3E*"
+    "SwaggerClientId": "vue-oauth-client"
   },
   "Logging": {
     "Serilog": {
diff --git a/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs
index aecae33c3..6f4144ceb 100644
--- a/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs
@@ -256,15 +256,20 @@ public partial class WechatManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Wechat Service API"}
+            },
             options =>
             {
                 options.SwaggerDoc("v1", new OpenApiInfo
                 {
-                    Title = "WechatManagement API", Version = "v1",
+                    Title = "Wechat Service API", Version = "v1",
                     Contact = new OpenApiContact
                     {
                         Name = "colin",
@@ -360,12 +365,18 @@ public partial class WechatManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.cs
index 34b9fad6a..63b5c767d 100644
--- a/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.cs
@@ -105,10 +105,10 @@ public partial class WechatManagementHttpApiHostModule : AbpModule
         ConfigureAuditing(configuration);
         ConfigureIdentity(configuration);
         ConfigureMultiTenancy(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureJsonSerializer(configuration);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
     }
@@ -133,12 +133,11 @@ public partial class WechatManagementHttpApiHostModule : AbpModule
         app.UseSwagger();
         app.UseAbpSwaggerUI(options =>
         {
-            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support APP API");
+            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Support Wechat Service API");
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
-            options.OAuthScopes("WechatManagement");
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();
diff --git a/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/appsettings.Development.json
index 986c0134e..9315c0abb 100644
--- a/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/appsettings.Development.json
@@ -10,6 +10,7 @@
   },
   "App": {
     "ShowPii": true,
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
   "Auditing": {
diff --git a/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs
index dd58a85bf..f6ca0ce89 100644
--- a/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs
@@ -389,13 +389,32 @@ public partial class WorkflowManagementHttpApiHostModule
         });
     }
 
-    private void ConfigureSwagger(IServiceCollection services)
+    private void ConfigureSwagger(IServiceCollection services, IConfiguration configuration)
     {
         // Swagger
-        services.AddSwaggerGen(
+        services.AddAbpSwaggerGenWithOAuth(
+            configuration["AuthServer:Authority"],
+            new Dictionary<string, string>
+            {
+                { configuration["AuthServer:Audience"], "Workflow Service API"}
+            },
             options =>
             {
-                options.SwaggerDoc("v1", new OpenApiInfo { Title = "Workflow API", Version = "v1" });
+                options.SwaggerDoc("v1", new OpenApiInfo
+                {
+                    Title = "Workflow Service API", Version = "v1",
+                    Contact = new OpenApiContact
+                    {
+                        Name = "colin",
+                        Email = "colin.in@foxmail.com",
+                        Url = new Uri("https://github.com/colinin")
+                    },
+                    License = new OpenApiLicense
+                    {
+                        Name = "MIT",
+                        Url = new Uri("https://github.com/colinin/abp-next-admin/blob/master/LICENSE")
+                    }
+                });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
                 options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
@@ -409,13 +428,13 @@ public partial class WorkflowManagementHttpApiHostModule
                 });
                 options.AddSecurityRequirement(new OpenApiSecurityRequirement
                 {
+                    {
+                        new OpenApiSecurityScheme
                         {
-                            new OpenApiSecurityScheme
-                            {
-                                Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
-                            },
-                            new string[] { }
-                        }
+                            Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
+                        },
+                        new string[] { }
+                    }
                 });
                 options.OperationFilter<TenantHeaderParamter>();
             });
@@ -489,12 +508,18 @@ public partial class WorkflowManagementHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.cs
index 94cbc4741..2a675dcfa 100644
--- a/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.cs
@@ -124,10 +124,10 @@ public partial class WorkflowManagementHttpApiHostModule : AbpModule
         ConfigureIdentity(configuration);
         ConfigureMultiTenancy(configuration);
         ConfigureBackgroundTasks(configuration);
-        ConfigureSwagger(context.Services);
         ConfigureEndpoints(context.Services);
         ConfigureMvc(context.Services, configuration);
         ConfigureCors(context.Services, configuration);
+        ConfigureSwagger(context.Services, configuration);
         ConfigureBlobStoring(context.Services, configuration);
         ConfigureDistributedLock(context.Services, configuration);
         ConfigureSecurity(context.Services, configuration, hostingEnvironment.IsDevelopment());
@@ -160,8 +160,7 @@ public partial class WorkflowManagementHttpApiHostModule : AbpModule
 
             var configuration = context.GetConfiguration();
             options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
-            options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
-            options.OAuthScopes(configuration["AuthServer:Scopes"]);
+            options.OAuthScopes(configuration["AuthServer:Audience"]);
         });
         app.UseAuditing();
         app.UseAbpSerilogEnrichers();
diff --git a/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/appsettings.Development.json b/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/appsettings.Development.json
index 6866980cd..d1e924737 100644
--- a/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/appsettings.Development.json
@@ -9,7 +9,7 @@
     "tag": "LINGYUN.Abp.Workflow"
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:3100",
+    "CorsOrigins": [ "http://127.0.0.1:5666" ],
     "ShowPii": true,
     "RefreshClaimsUrl": "http://127.0.0.1:30015"
   },
@@ -177,8 +177,7 @@
     "RequireHttpsMetadata": false,
     "Scopes": "lingyun-abp-application",
     "ElsaClientId": "InternalServiceClient",
-    "SwaggerClientId": "InternalServiceClient",
-    "SwaggerClientSecret": "1q2w3E*"
+    "SwaggerClientId": "vue-oauth-client"
   },
   "Logging": {
     "Serilog": {
diff --git a/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs b/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs
index 3ab0ad2b2..6faf74c7d 100644
--- a/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs
+++ b/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.Configure.cs
@@ -422,12 +422,18 @@ public partial class ProjectNameHttpApiHostModule
         {
             options.AddDefaultPolicy(builder =>
             {
+                var corsOrigins = configuration.GetSection("App:CorsOrigins").Get<List<string>>();
+                if (corsOrigins == null || corsOrigins.Count == 0)
+                {
+                    corsOrigins = configuration["App:CorsOrigins"]?
+                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToList() ?? new List<string>();
+                }
                 builder
-                    .WithOrigins(
-                        configuration["App:CorsOrigins"]
-                            .Split(",", StringSplitOptions.RemoveEmptyEntries)
-                            .Select(o => o.RemovePostFix("/"))
-                            .ToArray()
+                    .WithOrigins(corsOrigins
+                        .Select(o => o.RemovePostFix("/"))
+                        .ToArray()
                     )
                     .WithAbpExposedHeaders()
                     .WithAbpWrapExposedHeaders()
diff --git a/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/appsettings.Development.json b/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/appsettings.Development.json
index a4f781cb4..b1acf940c 100644
--- a/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/appsettings.Development.json
+++ b/aspnet-core/templates/micro/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/appsettings.Development.json
@@ -9,7 +9,7 @@
     "tag": "PackageName.CompanyName.ProjectName"
   },
   "App": {
-    "CorsOrigins": "http://127.0.0.1:30000",
+    "CorsOrigins": [ "http://127.0.0.1:30000" ],
     "RefreshClaimsUrl": "http://127.0.0.1:30015/",
     "HealthChecks": "/healthz"
   },
@@ -140,8 +140,7 @@
     "Audience": "lingyun-abp-application",
     "MapInboundClaims": false,
     "RequireHttpsMetadata": false,
-    "SwaggerClientId": "InternalServiceClient",
-    "SwaggerClientSecret": "1q2w3E*"
+    "SwaggerClientId": "vue-oauth-client"
   },
 
   "FeatureManagement": {