Support Authentication Token in OpenAPI

[bartchen08]

Hi Temporal Team, I am Bart from LinkedIn. My Temporal and Temporal-UI are all running. Temporal-UI is working with SSO authentication enabled, and the JWT token was successfully sent to Temporal server’s authorizer plugin. However, the APIs over the UI Swagger (OpenAPI) page doesn’t work. The APIs always reports 401 (Unauthorized) error. Executing the API doesn’t look like it triggering the Temporal server’s authorizer plugin at all. 401 looks like it gets returned from Temporal-UI directly. Is there any way for me for the swagger page to fix the 401 error? Wish you can prioritize this issue soon. Otherwise Can you give us the pointers how to modify the code to support the feature? My team may try to change it. Thank you!

[feedmeapples]

in case anyone wants to take this task before I do. Atm there are few more priorities, mostly around https://github.com/temporalio/cli

Pointers: OpenAPI source code lives here https://github.com/temporalio/ui-server/tree/main/third_party/OpenAPI . This will be taken as a base to generate https://github.com/temporalio/ui-server/tree/main/server/generated/openapi

To generate this manually run make build-api. See https://github.com/temporalio/ui-server/blob/926b215b4b97e839b2945b4dd309372db788191f/Makefile#L48

• As an option we could copy the code from temporalio/ui repo that reads the Auth Token from localstorage . Then put in the OpenAPI source code.
• Because OpenAPI code is pre-compiled we may want to replace it with the original source code

[bartchen08]

Patched this issue in LinkedIn by following instruction https://stackoverflow.com/questions/51188820/adding-the-application-autehntication-to-swagger-ui. Only patched at the nephos-temporal-ui-server/server/generated/openapi/index.html. This works, but not elegant, as this is a generated file.