Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

wrong openapi 3 securityScheme types when base url is set #2014

Closed
nicolashenry opened this Issue Mar 7, 2019 · 0 comments

Comments

@nicolashenry
Copy link

nicolashenry commented Mar 7, 2019

Expected Behavior

When setting the "Base URL" parameter in swagger configuration and "Show the url" is checked, the resulting openapi.json file should only have the server urls modified, so the securitySchemes part should be left unmodified :

"components": {
    "securitySchemes": {
      "oauth2Scheme": {
        "type": "oauth2",
        "flows": {
          "authorizationCode": {
            "authorizationUrl": "https://example.com/authorize",
            "tokenUrl": "https://example.com/token",
            "scopes": {
              "user": "simple user rights"
            }
          }
        }
      }
    }
  }

as a result the Authorize button in documentation should show this popup :
image

Current Behavior

When setting the "Base URL" parameter in swagger configuration and "Show the url" is checked, the resulting openapi.json file have the server urls modified but the securitySchemes part have the "type" parameter in upper case :

"components": {
    "securitySchemes": {
      "oauth2Scheme": {
        "type": "OAUTH2",
        "flows": {
          "authorizationCode": {
            "authorizationUrl": "https://example.com/authorize",
            "tokenUrl": "https://example.com/token",
            "scopes": {
              "user": "simple user rights"
            }
          }
        }
      }
    }
  }

as a result the Authorize button in documentation is currently showing this popup :
image

Possible Solution

It seems that Gravitee is not using the v3 swagger parser to format the file here :
https://github.com/gravitee-io/gravitee-management-rest-api/blob/master/gravitee-management-api-service/src/main/java/io/gravitee/management/service/impl/SwaggerServiceImpl.java
I will do a PR when possible.

Steps to Reproduce

  1. Add a new swagger page using remote url openapi v3 file (having a server url set, and a securityScheme defined) e.g. :
"components": {
    "securitySchemes": {
      "oauth2Scheme": {
        "type": "oauth2",
        "flows": {
          "authorizationCode": {
            "authorizationUrl": "https://example.com/authorize",
            "tokenUrl": "https://example.com/token",
            "scopes": {
              "user": "simple user rights"
            }
          }
        }
      }
    }
  }
  1. Check "Enable Try it! mode", enter "/" in "Base URL" and check "Show the URL to download the content":
    image

  2. Go on documentation page and click on Authorize, you should see this:
    image

  3. Close the empty dialog and click on download link, you should have this content:

"components": {
   "securitySchemes": {
     "oauth2Scheme": {
       "type": "OAUTH2",
       "flows": {
         "authorizationCode": {
           "authorizationUrl": "https://example.com/authorize",
           "tokenUrl": "https://example.com/token",
           "scopes": {
             "user": "simple user rights"
           }
         }
       }
     }
   }
 }

Context

I want to use the "Base URL" option with an oAuth2 security scheme with an OpenAPI 3 remote file

Your Environment

  • Version used: 1.23.0
  • Browser Name and version: Chrome 72
  • Operating System and version: Windows 7
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.