How do you configure authentication? #1029
Comments
|
You can do that under nelmio_api_doc:
documentation:
security_definitions:
api_key:
type: apiKey
name: api_key
in: header
security:
api_key: []The best is to look at http://swagger.io/specification/ to know the fields available. |
|
I need to write Also, lock icon is missing, Authorization popup seems broken: no cross to close it. How can I mark an action as using authorization/security? I use voters, so I can't use |
|
Is JWT supported by swagger ? |
|
you can pass a token in as a header parameter
|
|
I have tried following and so many other solutions, but it is failing to pick up any security settings. I have even installed Only this solution works, but its not proper solution to put in all the api calls..
|
|
@iBasit, is your custom config well exposed? (you can check by looking at the sources of the doc page) If it is, then that's probably an issue in swagger-ui. |
|
Yes, it is exposed, because configuration info for title, version, and description is working fine, but not the security. |
|
The |
|
You need to change from |
|
@Alex-D — Thank you, it start showing "Authorize button" after clicking it shows following:
After pressing it shows
But after testing the API call, it does not show api_key in the header definition. Following is the config I have set it up. Do you know what I'm missing now or what I'm doing wrong now? |
|
I think it's a nelmio-api-doc/swagger-ui issue because it does not works for me too. |
|
@iBasit are you still using it under Also aren't you suppose to define |
|
@iBasit You have to define the security node as following (note the dash before api_key): It is because the JavaScript behind expects an array. However, it remains a problem with the swagger-ui bundle who seems to transform the header name in lower case.. So you get your "Authorization" header as "authorization" which is quite annoying. (see screenshot below)
|
|
@noglitchyo Can you paste your full configuration settings here. I see you even got name working and @GuilhemN I did try |
|
@iBasit To get the Bearer I put it directly in the api input with my token nelmio_api_doc:
models: { use_jms: false }
routes:
path_patterns:
- ^/api/[^doc]
documentation:
info:
title: My API
description: Amazing right?
version: '0.1'
securityDefinitions:
api_key:
type: apiKey
description: Your Json Web Token
name: authorization
in: header
security:
- api_key: []Edit: I have seen your deleted answer in my emails (no luck! ^^'), so do not forget to remove the "session" between brackets for api_key :) Yes the authorization header is present on your screenshot and contains "session" |
|
finally working now!. I hope they fix few stuff, we have OAuth, so will implement those settings too, later on, see if that works. |
|
@noglitchyo Can use tell me how you configured a ControllerRoute, where you reused your defined Bearer-Authorization? |
|
@Alex-D is it mie or is the Close-Button still missing for the Authorization-Overlay |
|
Yep, you need to add that: https://github.com/Collect-io/Collect.io/blob/develop/back/app/Resources/NelmioApiDocBundle/views/SwaggerUi/index.html.twig#L101 I'm sure it could be done here: https://github.com/nelmio/NelmioApiDocBundle/blob/master/Resources/views/SwaggerUi/index.html.twig But I did not have time to make a PR for the moment. |
|
Thanks @Alex-D. |
|
What about impliment Bearer Authentication Thank you in advance. |
|
You point the OpenAPI 3.0.0, we are in Swagger 2.0.0 here I guess. |
|
Would anyone be interested in writing an article in our docs to help others deal with this ? :) |
|
I am interested in doing this. But i could start at earliest in february |
|
I don't think that's a problem, it would be very nice of you :) |
|
Since i still have some questions about this, i would like to talk to you
about this upfront in february, okay?
2018-01-10 14:52 GMT+01:00 Guilhem N <notifications@github.com>:
… I don't think that's a problem, it would be very nice of you :)
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1029 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AECBhkHkrtQuijD4OKnveURr0z2j-BDgks5tJMCtgaJpZM4OHQYI>
.
|
|
Well i'm not sure I'm the best placed to answer your questions about auth but I can do my best to of course. |
|
In case you're interested, i managed to configure oAuth with both password and client_credentials flow with this configuration: I still get the lower case 'bearer' keyword in the Authorization header making all of the calls fail. As I've got to understand this problems comes out of FOSOAuthServerBundle, as this issue points out: The solution for the ones here working with both bundles, would be to add this to the fosoauth config: |
|
Any update about doc or some help? when I enter api key: in header was: Can someone provide config, doc or etc for version 3.0? |
|
Also in swagger-ui-bundle.js I find next code. As I understand it's means Bearer can be added in Authorization. But how it should be in config? |
|
documentation added in #1265 |
I want to use api key or jwt in later, but for now I just want /api/doc to use
I tried to run
./bin/console debug:config NelmioApiDocBundle
But all it lists is the basic config, where are the rest of the options?
The text was updated successfully, but these errors were encountered: