Forwarding CSRF token in cookie with requests

[alecvn]

According to the following documentation it should be possible to forward cookies with Swagger:
https://swagger.io/docs/specification/authentication/cookie-authentication/

In swagger_helper.rb I have the following:

    'v1/swagger.yaml' => {
      openapi: '3.0.1',
      # swagger: '2.0',
      components: {
        securitySchemes: {
          cookieAuth: {         # arbitrary name for the security scheme; will be used in the "security" key later
            type: "apiKey",
            in: "cookie",
            name: "CSRF-TOKEN"
          }
        }
      },
      security: {
        cookieAuth: []
      },
      info: {
        title: 'API V1',
        version: 'v1'
      },
  ...-

However the CSRF-TOKEN isn't added to the cookies forwarded with my request.

I was also unable to locate where I would configure to include credentials if that were necessary.

[jaydorsey]

The in: "cookie" syntax looks incorrect to me; it should probably be in: :header. A cookie is simply a type of header attribute/value

In order to set it, you'll also need to use something like let(:'CSRF-TOKEN') { 'my-token-value' } in your spec in order to pass it into the request

You'll also need your security: [cookieAuth: []] syntax in your spec, if you don't have it

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If the issue is still relevant to you, please leave a comment stating so to keep the issue from being closed. Thank you for your contributions.