search

SMILEY4 / ktor-swagger-ui

Kotlin Ktor plugin to generate OpenAPI and provide Swagger UI
Apache License 2.0
150 stars 25 forks source link

Is there a way to hide custom plugin in the swagger UI? and the lock icon doesn't appear on the swagger ui #88

Closed UkiDelly closed 5 months ago

UkiDelly commented 5 months ago

I made my own Jwt RouteSelector and using it to protect some routes.

This is my my custom plugin

class AuthRouter(private val tokenType: TokenType) : RouteSelector() {
  override fun evaluate(context: RoutingResolveContext, segmentIndex: Int): RouteSelectorEvaluation =
    RouteSelectorEvaluation.Transparent

  override fun toString(): String {
    return "(${tokenType.name})"
  }
}

The problem is, when i open the swagger UI and try to test the api, the toString() shows in the route like this screen-shot 2024 03 19_04 48 PM and also show in the url when i send a request like this screen-shot 2024 03 19_04 49 PM

Is there a option to hide that?

And also i declare a secureSchema

securityScheme("Jwt") {
      type = AuthType.HTTP
      location = AuthKeyLocation.HEADER
      bearerFormat = "jwt"
      scheme = AuthScheme.BEARER
    }

and apply it to a route

get<AuthResource.Info>(info) {
      val id = call.getUserId()
      val response = authService.getResidentInfo(id)

      call.respond(response)
    }
...
private val info: OpenApiRoute.() -> Unit = {
  tags = listOf("Auth")
  securitySchemeName = "Jwt"
  request {
    headerParameter<String>("Authorization") {
      description = "Bearer Token"
      required = true
    }
  }
  response {
    HttpStatusCode.OK to {
      body<ResidentInfoDto>()
      description = "success"
    }

    HttpStatusCode.NotFound to {
      body<ErrorResponse>()
      description = "User not Exist!"
    }

    HttpStatusCode.Unauthorized to {
      body<ErrorResponse>()
      description = "Fail to Authenticate"
    }
  }
}

but the lock icon doesn't appear on the swagger UI screen-shot 2024 03 19_04 54 PM Is there something i missed?

SMILEY4 commented 5 months ago

Hi,

you should be able to ignore the custom plugin in the url by adding it to the ignored selectors in the plugin config

install(SwaggerUI) {
    ignoredRouteSelectors += AuthRouter::class
}

To get the lock-button, you have to mark the route as protected - either by wrapping it in an "authenticated-block" or - more fitting for your case - setting the "protected"-flag.

private val info: OpenApiRoute.() -> Unit = {
    //...
    securitySchemeName = "Jwt"
    protected = true
    //...
}
UkiDelly commented 5 months ago

Thank you so much!