diff --git a/src/Services/Services.Common/AuthorizeCheckOperationFilter.cs b/src/Services/Services.Common/AuthorizeCheckOperationFilter.cs index 7e8d0d2ef..21785ae16 100644 --- a/src/Services/Services.Common/AuthorizeCheckOperationFilter.cs +++ b/src/Services/Services.Common/AuthorizeCheckOperationFilter.cs @@ -6,9 +6,11 @@ using Swashbuckle.AspNetCore.SwaggerGen; namespace Services.Common; internal class AuthorizeCheckOperationFilter : IOperationFilter { + private readonly IConfiguration _configuration; + public AuthorizeCheckOperationFilter(IConfiguration configuration) { - + _configuration = configuration; } public void Apply(OpenApiOperation operation, OperationFilterContext context) @@ -27,11 +29,14 @@ internal class AuthorizeCheckOperationFilter : IOperationFilter Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "oauth2" } }; + var identitySection = _configuration.GetSection("Identity"); + var scopes = identitySection.GetRequiredSection("Scopes").GetChildren().Select(r => r.Key).ToArray(); + operation.Security = new List { new() { - [ oAuthScheme ] = new [] { "basketapi" } + [ oAuthScheme ] = scopes } }; }