Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How can I use the Bearer Authentication for apis? #90

Open
xxiaocheng opened this issue Nov 22, 2019 · 7 comments
Open

How can I use the Bearer Authentication for apis? #90

xxiaocheng opened this issue Nov 22, 2019 · 7 comments

Comments

@xxiaocheng
Copy link

No description provided.

@nfyxhan
Copy link

nfyxhan commented Nov 22, 2019

Definition
// @securityDefinitions.basic BasicAuth
or

// @securityDefinitions.apikey ApiKeyAuth
// @in header
// @name X-Token

use
// @Security BasicAuth
or
// @Security ApiKeyAuth

@xxiaocheng
Copy link
Author

Definition
// @securityDefinitions.basic BasicAuth
or

// @securityDefinitions.apikey ApiKeyAuth
// @in header
// @name X-Token

use
// @Security BasicAuth
or
// @Security ApiKeyAuth

I use comment
// @securityDefinitions.apikey ApiKeyAuth // @in header // @name Authorization
for the main function ,and use // @Security ApiKeyAuth for the api function.
But I have to fill in this value for the apiKey like bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NzQ0ODc1NzQsInVzZXJuYW1lIjoieGlhb2NoZW5nIn0.3HtjJoc5u3-2h_b3mLRpmgvKai8MoLQIxWHQsJ_M92s manually.
It can get the token when fill the username and password automatically?

@Aiglobelam
Copy link

Hi, I am very new to this, and for sure I use the wrong syntax!?

I'm trying to get the Header value prefixed with Bearer

@xxiaocheng At way back =), did you find a solution?

In main.go I did like this:

// @securityDefinitions.apikey BearerAuth
// @in header
// @name Authorization

And then at the routes I added // @Security BearerAuth

But in the gui I have to add the string Bearer XYZ...... for the header to have the correct value...
Swagger_UI

The generated files for ex docs/swagger.json seem to generate a ApiKeyAuth instead even if I specified BearerAuth

"securityDefinitions": {
        "BearerAuth": {
            "type": "apiKey",
            "name": "Authorization",
            "in": "header"
        }
}

At Swagger see BearerAuth it seems that you should specify Bearerauth like this:

"BearerAuth":
      "type": "http",
      "scheme": "bearer"

@codechaitu
Copy link

codechaitu commented Jan 11, 2021
edited

If you want to use with swagger v2.0, then after trying few solutions, it worked for me.
// @Param Authorization header string true "Insert your access token" default(Bearer <Add access token here>)

@ansonhwa92
Copy link

Hi, I am very new to this, and for sure I use the wrong syntax!?

I'm trying to get the Header value prefixed with Bearer

@xxiaocheng At way back =), did you find a solution?

In main.go I did like this:

// @securityDefinitions.apikey BearerAuth
// @in header
// @name Authorization

And then at the routes I added // @Security BearerAuth

But in the gui I have to add the string Bearer XYZ...... for the header to have the correct value...
Swagger_UI

The generated files for ex docs/swagger.json seem to generate a ApiKeyAuth instead even if I specified BearerAuth

"securityDefinitions": {
        "BearerAuth": {
            "type": "apiKey",
            "name": "Authorization",
            "in": "header"
        }
}

At Swagger see BearerAuth it seems that you should specify Bearerauth like this:

"BearerAuth":
      "type": "http",
      "scheme": "bearer"

Server.go
// @securityDefinitions.apikey BearerAuth
// @in header
// @name Authorization

At controller:
// @Security BearerAuth

@ericlingit
Copy link

ericlingit commented Apr 19, 2022
edited

To summarize the findings of previous posters:

  • OpenAPI 2.0 does not support bearer authorization syntax (it's supported in OpenAPI 3.0). Since this library generates 2.0 spec, there is no direct way to specify bearer authorization.
  • To work around that, add the following comments:
    1. To your main.go: 
      // @securityDefinitions.apikey ApiKeyAuth
// @in header
// @name Authorization
    2. To your handler/controller: 
      // @Security ApiKeyAuth
func myHandler(c *gin.Context) {...}

When using Swagger UI in a browser, you must specify bearer in the value field of the authorization pop up:

avail-auth

@JohnSalazar
Copy link

Hi, for OpenAPI 2.0 just enter the following comments and generate the docs by swag init.

  1. To your main.go:
// @securityDefinitions.apikey Bearer
// @in header
// @name Authorization
// @description Type "Bearer" followed by a space and JWT token.
  1. To your handler/controllers that need authentication
// Profile godoc
// @Summary      Profile user
// @Description  get user info
// @Tags         users
// @Accept       json
// @Produce      json
// @Success      200  {object}  dtos.User
// @Failure      400  {object}  httputil.ResponseError
// @Failure      401  {object}  httputil.ResponseError
// @Failure      403  {object}  httputil.ResponseError
// @Router       /profile [get]
// @Security Bearer  <-----------------------------------------add this in all controllers that need authentication
func (auth *AuthController) Profile(c *gin.Context) {...}

On Swagger UI in a browser, you must specify the bearer in the value field of the authorization pop up:

Bearer_Authorization

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@Aiglobelam @ansonhwa92 @nfyxhan @JohnSalazar @xxiaocheng @ericlingit @codechaitu