Add OAuth2 client configuration for swagger-ui (#57)

axnsan12 · Feb 4, 2018 · 71dee6e · 71dee6e
1 parent 7fa0cc0
commit 71dee6e
Show file tree

Hide file tree

Showing 7 changed files with 51 additions and 0 deletions.
diff --git a/docs/changelog.rst b/docs/changelog.rst
@@ -6,6 +6,7 @@ Changelog
 **1.4.0**
 *********
 
+- **ADDED:** added settings for OAuth2 client configuration in ``swagger-ui`` (:issue:`53`)
 - **IMPROVED:** updated ``swagger-ui`` to version 3.9.3
 
 *********

diff --git a/docs/security.rst b/docs/security.rst
@@ -47,3 +47,19 @@ Operation-level overrides can be added using the ``security`` parameter of
 :ref:`@swagger_auto_schema <custom-spec-swagger-auto-schema>`.
 
 
+-------------------------------
+``swagger-ui`` as OAuth2 client
+-------------------------------
+
+It is possible to configure ``swagger-ui`` to authenticate against your (or a third party) OAuth2 service when sending
+"Try it out" requests. This client-side configuration does not remove the requirement of a spec-side
+:ref:`security definiiton <security-definitions-settings>`, but merely allows you to test OAuth2 APIs using
+``swagger-ui`` as a client.
+
+**DISCLAIMER**: this setup is very poorly tested as I do not currently implement OAuth in any of my projects. All
+contributions relating to documentation, bugs, mistakes or anything else are welcome as an issue or pull request. The
+settings described below were added as a result of discussion in issue :issue:`53`.
+
+The settings of interest can be found on the :ref:`settings page <oauth2-settings>`. Configuration options are similar
+to most OAuth client setups like web or mobile applications. Reading the relevant ``swagger-ui`` docmentation linked
+will also probably help.
diff --git a/docs/settings.rst b/docs/settings.rst
@@ -253,6 +253,25 @@ Controls how many levels are expaned by default when showing nested models.
 **Default**: :python:`3` |br|
 *Maps to parameter*: ``defaultModelExpandDepth``
 
+.. _oauth2-settings:
+
+OAUTH2_REDIRECT_URL
+-------------------
+
+Used when OAuth2 authenitcation of API requests via swagger-ui is desired.
+
+**Default**: :python:`None` |br|
+*Maps to parameter*: ``oauth2RedirectUrl``
+
+OAUTH2_CONFIG
+-------------
+
+Used when OAuth2 authenitcation of API requests via swagger-ui is desired. Provides OAuth2 configuration parameters
+to the ``SwaggerUIBundle#initOAuth`` method, and must be a dictionary. See
+`OAuth2 configuration <https://github.com/swagger-api/swagger-ui/blob/master/docs/usage/oauth2.md>`_.
+
+**Default**: :python:`{}`
+
 ******************
 ``REDOC_SETTINGS``
 ******************

diff --git a/src/drf_yasg/app_settings.py b/src/drf_yasg/app_settings.py
@@ -43,6 +43,8 @@
     'SHOW_EXTENSIONS': True,
     'DEFAULT_MODEL_RENDERING': 'model',
     'DEFAULT_MODEL_DEPTH': 3,
+    'OAUTH2_REDIRECT_URL': None,
+    'OAUTH2_CONFIG': {},
 }
 
 REDOC_DEFAULTS = {

diff --git a/src/drf_yasg/renderers.py b/src/drf_yasg/renderers.py
@@ -63,6 +63,7 @@ def set_context(self, renderer_context, swagger):
         renderer_context['version'] = swagger.info.version
         renderer_context['swagger_settings'] = json.dumps(self.get_swagger_ui_settings())
         renderer_context['redoc_settings'] = json.dumps(self.get_redoc_settings())
+        renderer_context['oauth2_config'] = json.dumps(self.get_oauth2_config())
         renderer_context['USE_SESSION_AUTH'] = swagger_settings.USE_SESSION_AUTH
         renderer_context.update(self.get_auth_urls())
 
@@ -85,6 +86,7 @@ def get_swagger_ui_settings(self):
             'defaultModelRendering': swagger_settings.DEFAULT_MODEL_RENDERING,
             'defaultModelExpandDepth': swagger_settings.DEFAULT_MODEL_DEPTH,
             'defaultModelsExpandDepth': swagger_settings.DEFAULT_MODEL_DEPTH,
+            'oauth2RedirectUrl': swagger_settings.OAUTH2_REDIRECT_URL,
         }
         data = {k: v for k, v in data.items() if v is not None}
         if swagger_settings.VALIDATOR_URL != '':
@@ -102,6 +104,11 @@ def get_redoc_settings(self):
 
         return data
 
+    def get_oauth2_config(self):
+        data = swagger_settings.OAUTH2_CONFIG
+        assert isinstance(data, dict), "OAUTH2_CONFIG must be a dict"
+        return data
+
 
 class SwaggerUIRenderer(_UIRenderer):
     """Renders a swagger-ui web interface for schema browisng.

diff --git a/src/drf_yasg/static/drf-yasg/swagger-ui-init.js b/src/drf_yasg/static/drf-yasg/swagger-ui-init.js
@@ -49,13 +49,18 @@ function initSwaggerUi() {
     };
 
     var swaggerSettings = JSON.parse(document.getElementById('swagger-settings').innerHTML);
+    console.log(swaggerSettings);
 
     for (var p in swaggerSettings) {
         if (swaggerSettings.hasOwnProperty(p)) {
             swaggerConfig[p] = swaggerSettings[p];
         }
     }
     window.ui = SwaggerUIBundle(swaggerConfig);
+
+    var oauth2Config = JSON.parse(document.getElementById('oauth2-config').innerHTML);
+    console.log(oauth2Config);
+    window.ui.initOAuth(oauth2Config);
 }
 
 window.onload = function () {

diff --git a/src/drf_yasg/templates/drf-yasg/swagger-ui.html b/src/drf_yasg/templates/drf-yasg/swagger-ui.html
@@ -60,6 +60,7 @@
 
 
 <script id="swagger-settings" type="application/json">{{ swagger_settings | safe }}</script>
+<script id="oauth2-config" type="application/json">{{ oauth2_config | safe }}</script>
 
 <script src="{% static 'drf-yasg/swagger-ui-dist/swagger-ui-bundle.js' %}"></script>
 <script src="{% static 'drf-yasg/swagger-ui-dist/swagger-ui-standalone-preset.js' %}"></script>