Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add Authorization header for oauth2 in swagger ui schema request #1017

Merged
merged 1 commit into from
Jul 9, 2023
Merged

add Authorization header for oauth2 in swagger ui schema request #1017

merged 1 commit into from
Jul 9, 2023

Conversation

ds1371dani
Copy link
Contributor

I was trying to add swagger to my drf application which is using django-oauth-toolkit, my api should not be accessible by everyone so I used this config:

SPECTACULAR_SETTINGS = {
    'TITLE': API_TITLE,
    'DESCRIPTION': API_DESCRIPTION,
    'VERSION': '0.2.0',
    'SERVE_INCLUDE_SCHEMA': True,
    'SWAGGER_UI_DIST': 'SIDECAR',
    'SWAGGER_UI_FAVICON_HREF': 'SIDECAR',

    'SWAGGER_UI_SETTINGS': {
        'persistAuthorization': True,
    },
    'SERVE_PUBLIC': False,
    'AUTHENTICATION_WHITELIST': [
        'rest_framework.authentication.TokenAuthentication',
        'oauth2_provider.contrib.rest_framework.OAuth2Authentication'
    ],
    'SERVE_PERMISSIONS': ['rest_framework.permissions.AllowAny'],

    'SERVE_AUTHENTICATION': [
        'rest_framework.authentication.TokenAuthentication',
        'oauth2_provider.contrib.rest_framework.OAuth2Authentication'
    ],
    'OAUTH2_FLOWS': ['password'],
    'OAUTH2_AUTHORIZATION_URL': '/o/authorize/',
    'OAUTH2_TOKEN_URL': '/o/token/',
    'OAUTH2_REFRESH_URL': '/o/token/',
    'OAUTH2_SCOPES': OAUTH2_PROVIDER['SCOPES'],
}

When using TokenAuthentication everything was ok (Authorization header was added to both schema and api requests), but when I tried using OAuth2Authentication my api requests where ok but the schema request did not receive Authorization token.

The problem was in swagger-ui.js where id didn't try reading oauth2 config stored in the browser.

@codecov
Copy link

codecov bot commented Jun 23, 2023

Codecov Report

Patch and project coverage have no change.

Comparison is base (e0f749e) 98.54% compared to head (49254cf) 98.54%.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #1017   +/-   ##
=======================================
  Coverage   98.54%   98.54%           
=======================================
  Files          68       68           
  Lines        8338     8338           
=======================================
  Hits         8217     8217           
  Misses        121      121

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@tfranzel
Copy link
Owner

tfranzel commented Jul 9, 2023

great catch, this was missing functionality! thx @ds1371dani

@tfranzel tfranzel merged commit 31665a3 into tfranzel:master Jul 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ds1371dani @tfranzel