3.x JWT bearer auth not working

[ccorliss]

• L5-Swagger Version: #.#.# (composer show | grep l5-swagger)
  darkaonline/l5-swagger 5.6.8 Swagger integration to Laravel 5
• PHP Version (php -v):
  PHP 7.2.5
• OS:
  macOS 10.14

Description:

In l5-swagger config I'm configuring JWT bearer auth per documentation.

'security' => [
        'bearer' => [ // Unique name of security
            'type' => 'http', // The type of the security scheme. Valid values are "basic", "apiKey" or "oauth2".
            'scheme' => 'bearer',
            "bearerFormat" => "JWT",
        ],

I also added bearer security requirement to an operation:

@OA\Get(
     *   path="/api/schemas/{id}",
     *   summary="Returns schema for supplied product id",
     *   @OA\Parameter(
     *         name="id",
     *         in="path",
     *         description="Product id",
     *         required=true,
     *         @OA\Schema(
     *             type="string"
     *         )
     *   ),
     *   @OA\Response(
     *         response=200,
     *         description="json schema",
     *         @OA\MediaType(
     *             mediaType="application/json",
     *         ),
     *     ),
     *     @OA\Response(
     *         response=404,
     *         description="Schema does not exist for supplied product id"
     *     ),
     *     security={ {"bearer": {}} },
     * )

The authorization button appears and seems to accept my JWT fine:

But when I run the operation it does not send an Authorization or any other header as desired, so obviously the request fails.

[ccorliss]

Any thoughts @DarkaOnLine

[DarkaOnLine]

Did you checked #57 and #68 ?

[MasadAshraf]

works for me . thanks @ccorliss

[luhuiya]

@ccorliss you way works for me :D

[elangamani]

i'm also facing the same issue. @ccorliss can you please help me how to resolve this.

[kedarv]

To be more explicit:

in l5-swagger.php (your configuration file):

'security' => [
        'bearer' => [
            'type' => 'http',
            'description' => 'Authorization token obtained from logging in.',
            'name' => 'Authorization',
            'in' => 'header',
            'scheme' => 'bearer',
        ],`
]

Now for your operations, add

     *     security={
     *         {"bearer": {}}
     *     }

Like so:

    /**
     * @OA\Get(
     *     path="/account/someRoute",
     *     tags={"account"},
     *     summary="Get some authenticated route",
     *     operationId="someRoute",
     *     @OA\Response(
     *         response=200,
     *         description="Success with some route data"
     *     ),
     *     security={
     *         {"bearer": {}}
     *     }
     * )
     */    

[henryejemuta]

To be more explicit:

in l5-swagger.php (your configuration file):

'security' => [
        'bearer' => [
            'type' => 'http',
            'description' => 'Authorization token obtained from logging in.',
            'name' => 'Authorization',
            'in' => 'header',
            'scheme' => 'bearer',
        ],`
]

Now for your operations, add

     *     security={
     *         {"bearer": {}}
     *     }

Like so:

    /**
     * @OA\Get(
     *     path="/account/someRoute",
     *     tags={"account"},
     *     summary="Get some authenticated route",
     *     operationId="someRoute",
     *     @OA\Response(
     *         response=200,
     *         description="Success with some route data"
     *     ),
     *     security={
     *         {"bearer": {}}
     *     }
     * )
     */    

Thanks @kedarv work like champ!

[janithchamp]

Hi @kedarv ,
Can we add that Authorization automatically? If login operation returns an access token how do we authorise automatically to other operations without manually doing it?

Thank you