Authorization Handler not being called

[karlmoad]

Utilized swaggerize generator to initialize project from a pre-defined yaml spec. Authorization handler is not being called for applicable routes.

/ticket:
    put:
      tags:
        - ticket
      summary: submit a request ticket
      operationId: addRequestTicket
      consumes:
        - application/json
      produces:
        - application/json
      parameters:
        - in: body
          name: body
          description: Request ticket object to be submitted
          required: true
          schema:
            $ref: '#/definitions/Ticket'
      responses:
        '400':
          description: Invalid ID supplied
        '401':
          description: Unauthorized
        '404':
          description: Not found
        '405':
          description: Validation exception
      security:
        - token: []
securityDefinitions:
  token:
    type: apiKey
    name: auth
    in: header

in security/token.js

module.exports = function authorize(req, res, next) {
    //The context('this') for authorize will be bound to the 'securityDefinition'
    //this.name - The name of the header or query parameter to be used for securityDefinitions:token apiKey security scheme.
    //this.in - The location of the API key ("query" or "header") for securityDefinitions:token apiKey security scheme.

    var auth = req.headers[this.name];
    console.log("In Token.js Authorize, token: %s", auth);
    next();
};

Problem token.js authorize code is never executed, attempted x-authorize specified implementation as well same result:

PUT /api/ticket HTTP/1.1
auth: 987654321
Content-Type: application/json
Host: localhost:8000
Connection: close
User-Agent: Paw/2.3.2 (Macintosh; OS X/10.11.6) GCDHTTPRequest
Content-Length: 204

{"id":"123456789","username":"uname","lastName":"Doe","firstName":"John","email":"john.doe@notreal.com","deviceId":"01","message":"It is broken and does not start, tried turning it off and back on again"}

401 Unauthorized response is returned

Error: Unauthorized.
   at passed (/Documents/code/git/test-api/node_modules/swaggerize-express/lib/expressroutes.js:182:25)
   at /Documents/code/git/test-api/node_modules/async/lib/async.js:360:13
   at /Documents/code/git/test-api/node_modules/async/lib/async.js:122:13
   at _each (/Documents/code/git/test-api/node_modules/async/lib/async.js:46:13)
   at Object.async.each (/Documents/code/git/test-api/node_modules/async/lib/async.js:121:9)
   at Object.async.some (/Documents/code/git/test-api/node_modules/async/lib/async.js:359:15)
   at authorize (/Documents/code/git/test-api/node_modules/swaggerize-express/lib/expressroutes.js:194:15)
   at Layer.handle [as handle_request] (/Documents/code/git/test-api/node_modules/express/lib/router/layer.js:95:5)
   at next (/Documents/code/git/test-api/node_modules/express/lib/router/route.js:131:13)
   at Route.dispatch (/Documents/code/git/test-api/node_modules/express/lib/router/route.js:112:3)

code available at following repo

[https://github.com/karlmoad/test-api]

[subeeshcbabu-zz]

Hmm. I think the swaggerize-routes need a publish with my PR for this - https://github.com/krakenjs/swaggerize-routes/pull/68. Looks like the change went in sometime ago, but the module never got published.

@tlivings - Can you publish a new version Or give me ({ name: "subeeshcbabu", email: "subeeshcbabu@yahoo.co.in" }) the publish privileges ?

[subeeshcbabu-zz]

@karlmoad, published swaggerize-routes@1.0.9. Can you upgrade and try ?

[karlmoad]

Upgraded to swaggerize-routes 1.0.9 problem remains

[subeeshcbabu-zz]

Did you add the security: Path.resolve('./security') option for defining the base directory to look for security/auth handlers? https://github.com/krakenjs/swaggerize-routes#security-directory

https://github.com/karlmoad/test-api/blob/master/server.js#L20 <- Here you need to specify the security option and set the path to security handlers directory.

[karlmoad]

Apologies, after adding the security option to the app setup the function is being called correctly

[subeeshcbabu-zz]

Nice 👏 . Great to know it worked.