Open retrofreak83 opened 3 years ago
We're looking for this as well.
Same problem here using Swagger UI with FastAPI. I can specify a refresh_url in the oauth2_schema, but this doesn't work as expected:
oauth2_scheme = OAuth2AuthorizationCodeBearer(
authorizationUrl=ConfigHandler.get_config()["oauth2"]["authorization_server"]["authorization_url"], # The endpoint to get the authorization token
tokenUrl=ConfigHandler.get_config()["oauth2"]["authorization_server"]["token_url"], # The endpoint to get the actual access token
refreshUrl=ConfigHandler.get_config()["oauth2"]["authorization_server"]["token_url"]
)
We tried specifying refreshUrl
, too, but weren't able to get it to work.
Having this would help much in testing our APIs.
afaik, Swagger UI does not currently have token refresh. Happy to accept contributions, especially in this subject of authorization/authentication. 😉
Thinking about this more, one might be able to use requestIntercepters
to define custom handling to an auth request.
Any progress on this problem? I also need this functionality.
Any progress on this? it will be great help for developers
function authorize() { if ($('.btn.authorize').length < 1) return; if (!web.getCookie('accessToken')) return; let a = { CoreAPI: { name: 'CoreAPI', schema: swg_ui.authSelectors.definitionsToAuthorize().get(0).get('CoreAPI'), value: 'Bearer ' + web.getCookie('accessToken') } } swg_ui.authActions.authorize(a) }
Any progress on this? it will be great help for developers
+1
I am also looking for this feature in swagger, is there any progress?
+1
Is there any update on this feature? Do you know anything @tim-lai
I'm suffering with you
Wished the fastapi docs could do this
any progress in this?
For anyone looking for a quick workaround i've written this js which automatically patches OAuth token refreshing into SwaggerUI at runtime: https://gist.github.com/tom300z/ee48163e5c58e8572a251a593f2026e7
For anyone looking for a quick workaround i've written this js which automatically patches OAuth token refreshing into SwaggerUI at runtime: https://gist.github.com/tom300z/ee48163e5c58e8572a251a593f2026e7
If you are getting "Cannot patch OAuth token refresh hook. Missing patch target function "window.ui.authActions.authorizeOauth2". This is how I include the custom-swagger.js in a ASP.NET Core 8 app in the programs.cs of the web application server
app.UseSwaggerUI(c => {
// ...
c.InjectJavascript("/custom-swagger.js");
//...
});
Still getting the error
For anyone looking for a quick workaround i've written this js which automatically patches OAuth token refreshing into SwaggerUI at runtime: https://gist.github.com/tom300z/ee48163e5c58e8572a251a593f2026e7
Any hints on how to actually inject this js into swagger? Using i.e. FastAPI?
Q&A (please complete the following information)
Content & configuration
I am developing an application having a REST API that is secured by Spring Security, using Keycloak to provide OpenID Connect functionalities. The OpenAPI specification is generated using Springdoc. AFAIK, the correct way of getting SwaggerUI to authenticate against OpenID Connect is to use OpenID Connect Discovery.
Swagger/OpenAPI definition:
How can we help?
Authorization works well in principal, but the application needs to do a token refresh automatically and regularly. Currently, I can send valid request to the API until the validity of the token acquired during login has expired. In the SwaggerUI documentation, I did not find how to configure such a thing like token refresh. Is SwaggerUI able to perform an automatic token refresh or is there eventually a possibility that the user can trigger it manually?