Closed xarpy closed 2 years ago
Hi @xarpy ,
I was looking into this because I wanted to be able to add a bearer token to the swagger UI and try some requests from there. What I realized after a couple of hours of searching is that the error that is returned is from the swagger package. If you remove the security specification. You'll be able to run it.
"/status": get: tags:
I think this fixes your issue with not being able to authenticate with Flask-JWT-Extended. If you want te be sure, create a curl request with the authorization header and your token as bearer
for reference, here's another issue that was opened with regards to your issue (scroll to the bottom)
https://github.com/zalando/connexion/issues/806#issuecomment-448184925
if you remove the security: <-- remove
This is not a bug.
according to https://connexion.readthedocs.io/en/latest/security.html With Connexion, the API security definition must include a x-tokenInfoFunc or set TOKENINFO_FUNC env var.
x-tokenInfoFunc must contain a reference to a function used to obtain the token info. you havent added x-tokenInfoFunc
in openapi doc.
For example
components:
securitySchemes:
jwt:
type: http
scheme: bearer
bearerFormat: JWT
x-bearerInfoFunc: routes.decodetoken
where in routes.py
for my case
from flask_jwt_extended import decode_token
def decodetoken(token):
return decode_token(token)
Description
I have a project already in production, being a REST API designed with flask, flask-restful and flask-jwt-extended. The system did not have any documentation yet, but this was necessary, being my first using connexion. I created the documentation by "swagger.editor.io" and created the correct instances in the project.
Initially I was unable to access the application, soon realizing that the need to install the CORS package, solving the first problem. Now I am unable to authenticate to any endpoint of the system, either by generating swagger / ui or POSTMAN. How do I disable connexion security or include the flask-jwt-extended decorator to validate the token?
Expected behaviour
Connexion Accepts Flask-JWT-Extended settings
Actual behaviour
Apart from the token generator endpoint, the others do not allow authentication.
Steps to reproduce
Connexion insertion in my project
n this short excerpt from init you can see that I had a problem adapting connexion to the project. Thanks a lot to the team for answering this #217 .
My endpoints build with Restful
All project endpoints were built using flask-restful package and flask-jwt-extended authentication, below is a simple example of the features that exist within the project. It works correctly without connexion, but now any endpoint I try to access, even generating the token I don't have access to.
Response swagger-ui
My swagger.yaml file
Additional info:
Output of the commands:
python --version
= Env: Python 3.6.8 :: Anaconda, Inc.pip show connexion | grep "^Version\:"
= Version: 2.3.0