Open chawax opened 5 years ago
👍 Thanks for opening this issue! 🏷 I have applied any labels matching special text in your issue.
The team will review the labels and make any necessary changes.
how about downloading the api definition before generating e.g. with curl
?
Or maybe try http://myserver/api-docs
instead (http without the s)
how about this:
Dealing with self-signed SSL certificates If you're dealing with self-signed SSL certificates, or those signed by GoDaddy, you'll need to disable SSL Trust Manager. That's done by setting a system environment variable as such:
export TRUST_ALL=true
-Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true
is not working for me as mentioned in here https://github.com/OpenAPITools/openapi-generator/blob/master/docs/faq-extending.md
So it looks like another version swagger parser util got referenced else where in the code. I finally got it to work after running with these 2 flags -Dio.swagger.parser.util.RemoteUrl.trustAll=true
-Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true
@StrictlyDPBlaine thanks. I've updated the FAQ: https://github.com/OpenAPITools/openapi-generator/wiki/FAQ#is-there-a-way-to-disable-certificate-verification
Running
> npx openapi-generator generate -Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true -g typescript-angular -i ...
Throws this error
[DEPRECATED] -D arguments after 'generate' are application arguments and not Java System Properties, please consider changing to -p, or apply your options to JAVA_OPTS, or move the -D arguments before the jar option.
Exception in thread "main" java.lang.UnsupportedOperationException
at com.google.common.collect.ImmutableMap.put(ImmutableMap.java:529)
at org.openapitools.codegen.config.WorkflowSettings$Builder.withSystemProperty(WorkflowSettings.java:465)
at org.openapitools.codegen.config.CodegenConfigurator.addSystemProperty(CodegenConfigurator.java:141)
at org.openapitools.codegen.config.CodegenConfiguratorUtils.applySystemPropertiesKvp(CodegenConfiguratorUtils.java:54)
at org.openapitools.codegen.config.CodegenConfiguratorUtils.applySystemPropertiesKvpList(CodegenConfiguratorUtils.java:47)
at org.openapitools.codegen.cmd.Generate.run(Generate.java:404)
at org.openapitools.codegen.OpenAPIGenerator.main(OpenAPIGenerator.java:60)
Version
"@openapitools/openapi-generator-cli": "^1.0.1-4.1.3"
Hello -- I tried this as well in my npm script and it's not working for me. Any suggestions? I have a feeling these parameters aren't being passed from node down to the JVM that does the generation? openapi-generator generate -Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true -i https://localhost/mysite/swagger/v1/swagger.json -g typescript-fetch --skip-validate-spec -o src/services/gateway --additional-properties=supportsES6=true,typescriptThreePlus=true
It's work for me in docker-compose.yml
version: "3.7"
services:
openapi-generator:
image: openapitools/openapi-generator-cli:v4.2.2
environment:
JAVA_OPTS: >
-Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true
command: generate -i https://api.project.loc/api/doc.json -g typescript-angular -o src/api/auto
Running
npx openapi-generator generate -Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true -g typescript-angular -i ...
Throws this error
[DEPRECATED] -D arguments after 'generate' are application arguments and not Java System Properties, please consider changing to -p, or apply your options to JAVA_OPTS, or move the -D arguments before the jar option. Exception in thread "main" java.lang.UnsupportedOperationException at com.google.common.collect.ImmutableMap.put(ImmutableMap.java:529) at org.openapitools.codegen.config.WorkflowSettings$Builder.withSystemProperty(WorkflowSettings.java:465) at org.openapitools.codegen.config.CodegenConfigurator.addSystemProperty(CodegenConfigurator.java:141) at org.openapitools.codegen.config.CodegenConfiguratorUtils.applySystemPropertiesKvp(CodegenConfiguratorUtils.java:54) at org.openapitools.codegen.config.CodegenConfiguratorUtils.applySystemPropertiesKvpList(CodegenConfiguratorUtils.java:47) at org.openapitools.codegen.cmd.Generate.run(Generate.java:404) at org.openapitools.codegen.OpenAPIGenerator.main(OpenAPIGenerator.java:60)
Version
"@openapitools/openapi-generator-cli": "^1.0.1-4.1.3"
I'm having this issue as well. I have an npm script I run from package.json and I don't know how to disable the ssl check from there:
"scripts": {
...
"swagger:generate": "openapi-generator generate -i https://xxxxxx/swagger/1.0/swagger.json -g typescript-angular -o ./src/code-gen",
},
Running
npx openapi-generator generate -Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true -g typescript-angular -i ...
Throws this error
[DEPRECATED] -D arguments after 'generate' are application arguments and not Java System Properties, please consider changing to -p, or apply your options to JAVA_OPTS, or move the -D arguments before the jar option. Exception in thread "main" java.lang.UnsupportedOperationException at com.google.common.collect.ImmutableMap.put(ImmutableMap.java:529) at org.openapitools.codegen.config.WorkflowSettings$Builder.withSystemProperty(WorkflowSettings.java:465) at org.openapitools.codegen.config.CodegenConfigurator.addSystemProperty(CodegenConfigurator.java:141) at org.openapitools.codegen.config.CodegenConfiguratorUtils.applySystemPropertiesKvp(CodegenConfiguratorUtils.java:54) at org.openapitools.codegen.config.CodegenConfiguratorUtils.applySystemPropertiesKvpList(CodegenConfiguratorUtils.java:47) at org.openapitools.codegen.cmd.Generate.run(Generate.java:404) at org.openapitools.codegen.OpenAPIGenerator.main(OpenAPIGenerator.java:60)
Version
"@openapitools/openapi-generator-cli": "^1.0.1-4.1.3"
I'm having this issue as well. I have an npm script I run from package.json and I don't know how to disable the ssl check from there:
"scripts": { ... "swagger:generate": "openapi-generator generate -i https://xxxxxx/swagger/1.0/swagger.json -g typescript-angular -o ./src/code-gen", },
Hi Mario, you can define the script like this
"scripts": {
...
"swagger:generate": "SET JAVA_OPTS=-Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true && openapi-generator generate -i https://xxxxxx/swagger/1.0/swagger.json -g typescript-angular -o ./src/code-gen"
}
@chawax I had the same issue. It has to do your the target server using an expired or self signed ssl certificate. Unfortunately i cannot find an option to ignore ssl valitation on https://openapi-generator.tech/docs/usage/.
As a work around, I am downloading the specs manually and use the local file as an input to the generator. You could write a script to automate that..
If for whatever reason you are trying to do this with Powershell you can do the following:
[System.Environment]::SetEnvironmentVariable('JAVA_OPTS','-Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true')
openapi-generator generate -i https://xxxxxx/swagger/1.0/swagger.json -g typescript-angular -o ./src/code-gen
When targeting a server with self-signed certificate, this worked for executing using npx
on macOS:
$ export JAVA_OPTS="-Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true"
$ npx @openapitools/openapi-generator-cli generate ...
Recently I learned there's Java Trust Store. If you add your self-signed certificate there, it will work out of the box. Eg. mkcert does it automatically https://github.com/FiloSottile/mkcert#supported-root-stores
Not working for me.
Still getting that ugly :
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alert.createSSLException (Alert.java:131)
Either with
<plugin>
<groupId>org.openapitools</groupId>
<artifactId>openapi-generator-maven-plugin</artifactId>
<version>5.3.0</version>
<configuration>
<generatorName>spring</generatorName>
...
<environmentVariables>
<io.swagger.parser.util.RemoteUrl.trustAll>true</io.swagger.parser.util.RemoteUrl.trustAll>
<io.swagger.v3.parser.util.RemoteUrl.trustAll>true</io.swagger.v3.parser.util.RemoteUrl.trustAll>
</environmentVariables>
</plugin>
or with mvn compile -Dio.swagger.parser.util.RemoteUrl.trustAll=true -Dio.swagger.v3.parser.util.RemoteUrl.trustAll=true
or both.
Btw, are you sure you really need BOTH environment variables ??? If your plugin relies on both of them just to download an inputSpecs
stream, this looks very clumsy imo. Do you really have an open dependency on both io.swagger:parser
and io.swagger.v3:parser
libraries ?
I may be wrong but I see no kind of overriding of the URI fetcher, nor any mention of "RemoteUrl.trustAll" variables. Are you even reading it somewhere in your code ??
/**
* Try to parse inputSpec setting string into URL
* @return A valid URL or null if inputSpec is not a valid URL
*/
private URL inputSpecRemoteUrl(){
try {
return new URI(inputSpec).toURL();
} catch (URISyntaxException | MalformedURLException | IllegalArgumentException e) {
return null;
}
}
This looks like a major feature loss between legacy library which I'll stick on until yours become indeed better.
Is it possible to clear this cache manually? I couldn't find the specific keystore used by the openapi-generator. I'm getting this error after my old certificate expired. The new one is valid but I think the old one is still cached.
What's the solution for this for nestjs generator?
Hello guys, Here to report my findings. I'm working with a self signed certificate which should work both for localhost and for 193.162.1.10. 1) Any Java option to ignore the SSL validation I tried after Java command seems to be straight ignored 2) adding the certificate authority (ca.crt or ca.pem) Which I used to sign my server certificate to my jvm cacerts works BUT it takes into consideration only the common name (CN field of the certificate) and it ignores the Subject Alternate Names (SAN). SAN should be checked before CN so I think there is a bug somewhere. Could someone point me out to where SSL is checked or is it a jvm issue? Regards
Hi,
I try to use this CLI in my project to generate my API typescript client. But my swagger.yaml file is on a https url and I have errors because of SSL certificate.
I added the following script to my
package.json
:But when I run
npm swagger
I have the following stack trace :Any idea how I could solve this ?