-
Notifications
You must be signed in to change notification settings - Fork 195
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth2 Workflow - oauth2-redirect.html not found #47
Comments
Sure it's not http://localhost:7071/api/* ? |
Yes, swagger docs are hosted under default settings at http://localhost:7071/api/swagger/ui |
@Derich367 Can I ask the steps to repro this issue on my end? If you change this URL, http://localhost:7071/oauth2-redirect.html, to http://localhost:7071/api/oauth2-redirect.html (adding the If you use the default settings, the |
@justinyoo Yes, i created a demo project to reproduce this: |
@Derich367 I saw your sample repo. But I don't see any endpoint pointing to either public static async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "oauth2-redirect.html")] HttpRequest req,
ILogger log)
{
...
return new ContentResult() { Content = "something", ContentType = "text/html" };
} Alternatively, you can use |
What is then the file oauth2-redirect.html in this repo for? I thought the OAuthToken Retreive and Store-Handling is Part of this Extension. |
OH! Is that mine? 🙈🙈🙈 I should implement it then. I totally overlooked that part. Thanks for letting me know! |
And just a quick work-around for anyone who is struggling with this, just add a {
"$schema": "http://json.schemastore.org/proxies",
"proxies": {
"SwaggerUiRedirect": {
"matchCondition": {
"methods": [ "GET" ],
"route": "/oauth2-redirect.html"
},
//I'm not sure if this url is allowed, but you get the point.
"backendUri": "https://petstore.swagger.io/oauth2-redirect.html"
}
}
} |
I'm not sure it that solves it. the redirect url isn't configured at the moment so it will revert to In which case there is still the need for a proxy file. |
Oh, it's implemented and will be included in the next release. I'll comment it when it's released. |
I can confirm @svrooij , the redirectUrl included in the AuthorizationUrl is still http://localhost:7071/oauth2-redirect.html. So after successful Authentication you still get 404. But if i then change to http://localhost:7071/api/oauth2-redirect.html, then its no more 404. |
You can however create a proxy entry to redirect urls to other local urls (something similar as my comment above). To change the redirect url, I think you need to change the url in the javascript file that swagger uses. Maybe that can be configurable? |
@Derich367 If you want to use
It's because Azure Functions runtime behaves like this, which is beyond my control. Just be curious, @Derich367 Can you change the behaviour from |
The redirect uri is mandatory in the authorize/token request according to the oauth2 specs. The authentication server has a list of allowed redirect uris per application and only checks it the request uri is in the list. The specs have no room for other configuration According to this page you can setup swagger to load a configuraton uri upon load. Which will then load a all the configuration from some url (which could also be a function). That way you would enable all sort of configuration stuff. You can also add the settings as an object in the original ui html (that is how it works in the aps.net core swagger package). Next to this is would also be very nice if there was some way to control these settings from the configuation. |
@svrooij Thanks for the info! For now, I'll fix the |
@Derich367 @svrooij I haven't released the fix yet, but can you try on this branch beforehand? It seems to be OK on my end but want to make sure. https://github.com/Azure/azure-functions-openapi-extension/tree/hotfix/oauth2-redirect |
do you also build hotfix branches? or do we need to build it ourself? I checked the code and to my understanding that should fix the issue. |
Currently the build is halted, but it should be built automatically. I haven't it merged back to the main repo yet, though. |
@Derich367 @svrooij v0.5.1-preview has been released including this hotfix. |
@justinyoo Thanks a lot! I tested it and now OAuth is working as expected! |
I also tested this, and your solution works! I have one more improvement, the Swagger UI is available at |
@svrooij Oh, thanks for suggestion! It makes sense to me as well. I'll have a look at the next release. |
During Implementing an OAuth2 Workflow for the api documentation i'm getting the issue that the redirect page can't be found.
E.g. for local running function http://localhost:7071/oauth2-redirect.html can't be found (404) after successful authentication.
My OpenApiOAuthSecurityFlows looks like this:
Am i missing some configuration for the redirect page?
The text was updated successfully, but these errors were encountered: