-
Notifications
You must be signed in to change notification settings - Fork 196
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding API Key doesn't appear to do anything #13
Comments
Do you have your own template? Look at https://github.com/TinkerDev/grape-swagger-rails/blob/master/app/views/grape_swagger_rails/application/index.html.erb#L2. |
I am having this same issue and I am not using a custom template |
Any news on this? |
@osuthorpe @Ninigi Do you have a project in which this is reproduced that we can see? |
@dblock I do not. I'm creating a project to reproduce this now. |
@dblock there is a project, but I do not own it, so I don't know if I can show you. However, after looking at your javascript I realised it was mainly my bad. The handler for adding the api key to the requests is bound to a $.change listener, which is of course only triggered if I actually CHANGE the field after a reload (most browsers will fill it with the last value, which will not trigger the change event)... I had it running for a while and then did something, I am still not sure what, to break it again, but again I think it's my own fault :) |
I'll wait to hear from @whatasunnyday. |
@dblock Please let me know if there's anything else I can do to clarify the problem. |
This took me a while. The header auth information is properly added by the UI where it should be. However, Swagger-UI doesn't use it. As soon as the endpoint has I didn't dig through the code, it could be as simple as a key/name conflict or maybe this is by design? Maybe you can try and take it from here? |
I think this should be reproducible with a test here now (get an endpoint in spec/dummy to return Then, I have updated https://github.com/TinkerDev/grape-swagger-rails to the latest https://github.com/swagger-api/swagger-ui. To debug this I substitute swagger-ui.min.js by swagger-ui.js from https://github.com/swagger-api/swagger-ui. |
@dblock thank you very much for putting time into this. i'm not entirely sure where the fix would live. do you think is this an issue with grape-swagger-rails, grape-swagger or wine_bouncer? |
also, i'm happy to take this on now that you've helped me find the bug. thanks again. |
I think this is a bug with swagger-ui, but it will be much easier to reproduce here, that's what you should do IMO first. |
It appears that Swagger-UI correctly sets an authorization header when added in the interface (api key field). However, if the endpoint has the option "authorizations" set with "oauth2", it will override the value. See ruby-grape#13.
@dblock Let me know if there's anything I can do to improve the PR. |
It appears that Swagger-UI correctly sets an authorization header when added in the interface (api key field). However, if the endpoint has the option "authorizations" set with "oauth2", it will override the value. See ruby-grape#13.
It appears that Swagger-UI correctly sets an authorization header when added in the interface (api key field). However, if the endpoint has the option "authorizations" set with "oauth2", it will override the value. See ruby-grape#13.
@dblock Going to give it a go. How did you go about doing this? Did you have to fork the gem and replace it there or is there a simpler way? |
I just copied the file into this project. |
I have this issue too on v0.1.0 |
Hi,
My initializer looks something like this:
When I fill in my API key and try to explore the API, my API returns that I'm not authenticated. Chrome headers show my response looks like this:
The swaggerApi object doesn't appear to be including any authorization handlers either.
SwaggerApi {url: "http://api.rails-app.dev:3000/swagger_doc", debug: false, basePath: "http://api.rails-app.dev:3000/swagger_doc", authorizations: null, authorizationScheme: null…}
My Gemfile.lock looks like this:
I looked around in the code to try to debug this myself but I couldn't quite figure out where the options were being read.
The text was updated successfully, but these errors were encountered: