search

luolingchun / flask-openapi3

Generate REST API and OpenAPI documentation for your Flask project.
https://luolingchun.github.io/flask-openapi3/
MIT License
186 stars 28 forks source link

Swagger-UI template does not includes oauth2-redirect.html #159

Closed Colin-b closed 3 months ago

Colin-b commented 3 months ago

Hi,

OAuth2 flows requiring a redirect (such as authorization code) are not working because Swagger-UI will request the token to be received on oauth2-redirect.html, and this file does not exists: issue_redirect

Looking at the new plugins repository that you introduced with the future version 4, it looks like a new endpoint will be added (not sure if it will serves the .html though as it seems to be on /oauth2-redirect and not /oauth2-redirect.html).

Can you confirm that this is a known issue with v3 and v4 will fix it? Or should we expect a fix in v3?

Thanks again

Environment:

luolingchun commented 3 months ago

This feature is indeed implemented in the v4 release, using the route /openapi/swagger/oauth2-redirect.

The v4 (v4.0.0rc2) version is initially available, but there are some breaking updates, and the documentation is not ready. Here's how to use this feature:

from flask_openapi3 import Info
from flask_openapi3 import OpenAPI

info = Info(title='oauth API', version='1.0.0')

# https://spec.openapis.org/oas/v3.1.0#implicit-oauth2-sample
oauth2 = {
    "type": "oauth2",
    "flows": {
        "implicit": {
            "authorizationUrl": "/openapi/swagger/oauth2-redirect",
            "scopes": {
                "write:pets": "modify pets in your account",
                "read:pets": "read your pets"
            }
        }
    }
}
security_schemes = {"oauth2": oauth2}

app = OpenAPI(__name__, info=info, security_schemes=security_schemes)

# https://github.com/swagger-api/swagger-ui/blob/0ce792c9d0965a8b6b5d75f5e1341ff6936a4cb0/docs/usage/oauth2.md
oauth_config = {
    "clientId": "xxx",
    "clientSecret": "xxx"
}
app.config["OAUTH_CONFIG"] = oauth_config

# https://spec.openapis.org/oas/v3.1.0#oauth2-security-requirement
security = [
    {"oauth2": ["write:pets", "read:pets"]}
]

@app.get("/", security=security)
def oauth():
    return "oauth"

if __name__ == '__main__':
    app.run(debug=True)
Colin-b commented 3 months ago

Thanks for the quick reply,

I think we are mixing concerns here.

The authorization URL is a parameter related to the OAuth2 flow, this is not something you can really tweak as this is supposed to be related to your identity provider.

Looking at Swagger-UI documentation, there is a oauth2RedirectUrl parameter that can be provided to the SwaggerUI constructor, and I assume the same applies to the SwaggerUIBundle parameter that you are using in the plugins. Meaning this parameter can be provided via the SWAGGER_CONFIG flask configuration key. It looks like no default value for this setting is set by flask-openapi3, so it could in theory be provided. My only concern is that this URL will have to be a full one, and not a path that would be appended afterwards. You can see that this is what is done for the default value in Swagger-UI.

To sum this up, I think it should be the responsability of either flask-openapi3, either the flask-openapi3 swagger-ui plugin to set this value properly.

In the meantime I will see if I can try this out on my end by providing a https://my_server/openapi/swagger/oauth2-redirect type of URL.

An other solution (and maybe a cleaner one) would be to serve the redirect page in the expected Swagger-UI default route. I created a PR for this.

luolingchun commented 3 months ago

An other solution (and maybe a cleaner one) would be to serve the redirect page in the expected Swagger-UI default route. I created a PR for this.

The PR above has been merged, now please upgrade flask-openapi3-swagger to the latest version

Colin-b commented 3 months ago

I confirm the redirection works now !

Thanks again for the reactivity