From 62dfcd8946e628e3aec8557efa525df6bc33e56b Mon Sep 17 00:00:00 2001
From: JustArchi <JustArchi@JustArchi.net>
Date: Wed, 7 Nov 2018 01:32:40 +0100
Subject: [PATCH] Teach swagger about IPCPassword

---
 .../Middleware/ApiAuthenticationMiddleware.cs    |  4 +++-
 ArchiSteamFarm/IPC/Startup.cs                    | 16 ++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/ArchiSteamFarm/IPC/Middleware/ApiAuthenticationMiddleware.cs b/ArchiSteamFarm/IPC/Middleware/ApiAuthenticationMiddleware.cs
index 701d6f548..ca2379f59 100644
--- a/ArchiSteamFarm/IPC/Middleware/ApiAuthenticationMiddleware.cs
+++ b/ArchiSteamFarm/IPC/Middleware/ApiAuthenticationMiddleware.cs
@@ -32,6 +32,8 @@ using Microsoft.Extensions.Primitives;
 namespace ArchiSteamFarm.IPC.Middleware {
 	[SuppressMessage("ReSharper", "ClassNeverInstantiated.Global")]
 	internal sealed class ApiAuthenticationMiddleware {
+		internal const string HeadersField = "Authentication";
+
 		private const byte FailedAuthorizationsCooldownInHours = 1;
 		private const byte MaxFailedAuthorizationAttempts = 5;
 
@@ -86,7 +88,7 @@ namespace ArchiSteamFarm.IPC.Middleware {
 				}
 			}
 
-			if (!context.Request.Headers.TryGetValue("Authentication", out StringValues passwords) && !context.Request.Query.TryGetValue("password", out passwords)) {
+			if (!context.Request.Headers.TryGetValue(HeadersField, out StringValues passwords) && !context.Request.Query.TryGetValue("password", out passwords)) {
 				return HttpStatusCode.Unauthorized;
 			}
 
diff --git a/ArchiSteamFarm/IPC/Startup.cs b/ArchiSteamFarm/IPC/Startup.cs
index 1a60af5da..c4ea749c6 100644
--- a/ArchiSteamFarm/IPC/Startup.cs
+++ b/ArchiSteamFarm/IPC/Startup.cs
@@ -20,6 +20,7 @@
 // limitations under the License.
 
 using System;
+using System.Collections.Generic;
 using System.IO;
 using ArchiSteamFarm.IPC.Middleware;
 using Microsoft.AspNetCore.Builder;
@@ -101,6 +102,21 @@ namespace ArchiSteamFarm.IPC {
 			// Add swagger documentation generation
 			services.AddSwaggerGen(
 				c => {
+					c.AddSecurityDefinition(
+						nameof(GlobalConfig.IPCPassword), new ApiKeyScheme {
+							Description = "IPCPassword authentication using request headers. Check https://github.com/JustArchiNET/ArchiSteamFarm/wiki/IPC#authentication for more info.",
+							In = "header",
+							Name = ApiAuthenticationMiddleware.HeadersField,
+							Type = "apiKey"
+						}
+					);
+
+					c.AddSecurityRequirement(
+						new Dictionary<string, IEnumerable<string>> {
+							{ nameof(GlobalConfig.IPCPassword), new string[0] }
+						}
+					);
+
 					c.DescribeAllEnumsAsStrings();
 					c.EnableAnnotations();
 					c.SwaggerDoc("ASF", new Info { Title = "ASF API" });