search

PWZER / swagger-ui-py

Swagger UI for Python web framework, such Tornado, Flask and Sanic. https://pwzer.github.io/swagger-ui-py/
https://pypi.org/project/swagger-ui-py
Apache License 2.0
68 stars 31 forks source link

Add partial support for initOAuth and add support for OAuth2 Implicit Flow to Falcon #20

Closed Ja7ub closed 2 years ago

Ja7ub commented 4 years ago

Hi, this is a great library. However, it could be enhanced by supporting initOAuth Javascript method, which allows to prefill some OAuth2 configurations, which, please correct me if I am wrong, cannot be saved directly into the api specification. Namely client-id and client-secret. https://swagger.io/docs/open-source-tools/swagger-ui/usage/oauth2/ Also, I was unable to expose the redirect page for OAuth2 Implicit Flow (oauth2-redirect.html), please advise if there is already a way to do that. If there is not, my proposed solution has many drawbacks, I only implemented it for Falcon framework and it only works if the prefix url is "/". And I cannot seem to figure out, how to configure custom redirection url to the swagger ui.

For a little bit of context, I am using Keycloak as an identity provider and I am generating the swagger documentation with APISpec where I use following code to define the security and it is working fine for me with the proposed changes. ` OPENAPI_SPEC = """

Apply security globally

security: 
  - jwt_password: 
  - jwt_implicit:
"""
settings = yaml.safe_load(OPENAPI_SPEC)
spec = APISpec(
    title='API',
    version='0.0.0',
    openapi_version='2.0',
    description="Documentation",
    plugins=[
        FalconPlugin(falcon_app),
        MarshmallowPlugin(),
    ],
    **settings
)

jwt_password_scheme = {
    "type": "oauth2",
    "flow": "password",
    "tokenUrl": "http://10.0.0.1:30000/auth/realms/master/protocol/openid-connect/token",
    "scopes": {}
}
spec.components.security_scheme("jwt_password", jwt_password_scheme)

jwt_implicit_scheme = {
    "type": "oauth2",
    "flow": "implicit",
    "authorizationUrl": "http://10.0.0.1:30000/auth/realms/master/protocol/openid-connect/auth",
    "scopes": {}
}
spec.components.security_scheme("jwt_implicit", jwt_implicit_scheme)`
Ja7ub commented 4 years ago

I am also adding support for running the UI on sub path with path rewrite engine.

PWZER commented 2 years ago

@Ja7ub Thank you for your PR, but it has been refactored and OAuth2 is also supported. You can see OAuth2 Configuration.