Closed djedlajn closed 4 years ago
I have found solution tho I think it should be documented in better way. So I will probably make and PR and reference this issue.
const options = new DocumentBuilder()
.addApiKey({ type: 'apiKey', name: 'api_key', in: 'header', description: 'API Key For External calls' })
.addBearerAuth()
.setTitle('API Generator')
.setDescription('API Gateway')
.setVersion('1.0')
.build()
Where I assume name
needs to match optional array in @ApiSecurity
decorator. Name is also the name of the entry that will be added in my case to header of the request.
And on controller itself decorator should look like: @ApiSecurity('api_key', ['api_key'])
where second argument is array of security dependencies I assume. Documentation as noted above should be improved in this regard.
@djedlajn PRs are more than welcome :) Feel free to create one here https://github.com/nestjs/docs.nestjs.com And I'm glad you found the solution!
Maybe it helps someone, for me to get it to work, I had to add the name as well.
addApiKey({ type: 'apiKey', name: 'X-API-KEY', in: 'header' }, 'X-API-KEY')
X-API-KEY
Thanks! it worked for me :)
Sets the name to upper case worked for me too!
addApiKey({ type: 'apiKey', name: 'X-API-KEY', in: 'header' }, 'X-API-KEY')
@wnqueiroz @Benny739
Is it possible for you to provide a comprehensive example of what you did with addApiKey
as well as if there are any decorators on your controllers? I've not been able to get this to work.
Warning: Probably a dirty hack
For anyone else who comes across this here is a workaround with BearerAuth
Controller
@ApiBearerAuth()
@Controller
...your controller
Config
const config = new DocumentBuilder()
.setTitle('Title')
.setDescription('Whatever')
.setVersion('0.0.1')
.addBearerAuth()
.build();
Then you can check request headers for authorization
and compare your key
Custom Guard
@Injectable()
export class ExampleGuard implements CanActivate {
canActivate(
context: ExecutionContext,
): boolean | Promise<boolean> | Observable<boolean> {
const req = context.switchToHttp().getRequest();
const key = req.headers['authorization'];
// your validator function
return key === 'Bearer <your actual key here>';
}
}
I'm submitting a...
Current behavior
By adding decorator on my controller route I should get option to use ApiKey authorization method. And it also fails to add header to request.
Related issue: #484
Expected behavior
Option does not show at all.
Minimal reproduction of the problem with instructions
OpenAPI Configuration
Route example
What is the motivation / use case for changing the behavior?
Environment