Closed devmaxde closed 5 months ago
@devmaxde just so I'm totally clear, are you trying to use this API with the JWT in the Authorization
header?
Yeah
It seems like this request allows both. The usage of the Cookie and the Header. But because the Header isn't required, you can't set it in the autogenerated package. There are only 3 solutions to that:
Thanks @devmaxde . There is another option. Validate the JWT locally (which doesn't require a call to this API but is functionally the same). https://github.com/jfbilodeau/jwks-client is one option I found (though I'm no rust expert). I've seen this approach used by other FusionAuth users.
The OpenAPI spec is autogenerated from our client builder repository and the script doesn't handle the metadata for presenting a JWT in a header. We'd like to update that process, but don't currently have a timeline. I'm going to label this issue so when the opportunity presents itself we address it.
More details:
Also @devmaxde if you could share how you are generating your rust client library from the spec, that would be helpful.
Also @devmaxde if you could share how you are generating your rust client library from the spec, that would be helpful.
https://github.com/flexi-servers/fusionauth-rust-client --> https://crates.io/crates/fusionauth
I didn't know you had this generator. I'll have a look at it and maybe add a Rust configuration
@devmaxde seemed easier than I thought, so I created a PR to enable JWT authentication for certain API requests. Submitted it for review.
Added this fix to the 1.49 milestone, @andrewpai , as that is when the fixed YAML file will be released.
Release notes blurb:
Enhanced the OpenAPI specification to support JWT authentication. Previously, operations that used JWTs to authenticate, instead of an API key or no authentication, were not accurately described by the OpenAPI specification. Now they are.
When will the openapi.yaml be updated?
It gets generated when we do a release. Not sure when the next one is scheduled for.
You can also build it yourself by running the ruby script here: https://github.com/FusionAuth/fusionauth-client-builder/tree/master/bin .
OpenAPI Documentation missing Params
Description
My Software is written in Rust for max Performance. Because of that I tried using the OpenAPI Generator to generate the Package. This was also mentioned in #1038. I tried using the /api/jwt/validate function and saw, that the JWT Parameter is missing. You can use the Request by manually adding the Header. Is the Documentation done by Hand? If not can you add a 2nd entry using the Header as Authorization to allow the generated Code to work?
Affects versions
latest (1.49.0)
Expected behavior
Having all Possible Params in the OpenAPI Documentation
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
Release notes
Enhanced the OpenAPI specification to support JWT authentication. Previously, operations that used JWTs to authenticate, instead of an API key or no authentication, were not accurately described by the OpenAPI specification. Now they are.