bubblev
/
swagger-ui
4
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

If config useBasicAuthenticationWithAccessCodeGrant is truthy, send client id 

and secret as HTTP basic auth during authorization_code grant
bubble
Eric Turcotte 7 years ago
parent
fc8ad8168d
commit
b06971bf81
2 changed files with 16 additions and 3 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +5
    -2
      README.md
  2. +11
    -1
      src/core/oauth2-authorize.js

+ 5
- 2
README.md View File

@@ -97,7 +97,8 @@ To use swagger-ui's bundles, you should take a look at the [source of swagger-ui

#### OAuth2 configuration
You can configure OAuth2 authorization by calling `initOAuth` method with passed configs under the instance of `SwaggerUIBundle`
default `client_id` and `client_secret`, `realm`, an application name `appName`, `scopeSeparator`, `additionalQueryStringParams`.
default `client_id` and `client_secret`, `realm`, an application name `appName`, `scopeSeparator`, `additionalQueryStringParams`,
`useBasicAuthenticationWithAccessCodeGrant`.

Config Name | Description
--- | ---
@@ -107,6 +108,7 @@ realm | realm query parameter (for oauth1) added to `authorizationUrl` and `toke
appName | application name, displayed in authorization popup. MUST be a string
scopeSeparator | scope separator for passing scopes, encoded before calling, default value is a space (encoded value `%20`). MUST be a string
additionalQueryStringParams | Additional query parameters added to `authorizationUrl` and `tokenUrl`. MUST be an object
useBasicAuthenticationWithAccessCodeGrant | Only activated for the `accessCode` flow. During the `authorization_code` request to the `tokenUrl`, pass the [Client Password](https://tools.ietf.org/html/rfc6749#section-2.3.1) using the HTTP Basic Authentication scheme (`Authorization` header with `Basic base64encoded[client_id:client_secret]`). The default is `false`

```
const ui = SwaggerUIBundle({...})
@@ -118,7 +120,8 @@ ui.initOAuth({
realm: "your-realms",
appName: "your-app-name",
scopeSeparator: " ",
additionalQueryStringParams: {test: "hello"}
additionalQueryStringParams: {test: "hello"},
useBasicAuthenticationWithAccessCodeGrant: true
})
```



+ 11
- 1
src/core/oauth2-authorize.js View File

@@ -68,11 +68,21 @@ export default function authorize ( { auth, authActions, errActions, configs, au

// pass action authorizeOauth2 and authentication data through window
// to authorize with oauth2

let callback;
if (flow === "implicit") {
callback = authActions.preAuthorizeImplicit
} else if (authConfigs.useBasicAuthenticationWithAccessCodeGrant) {
callback = authActions.authorizeAccessCodeWithBasicAuthentication
} else {
callback = authActions.authorizeAccessCodeWithQueryParams
}

win.swaggerUIRedirectOauth2 = {
auth: auth,
state: state,
redirectUrl: redirectUrl,
callback: flow === "implicit" ? authActions.preAuthorizeImplicit : authActions.authorizeAccessCode,
callback: callback,
errCb: errActions.newAuthErr
}



Write Preview
Loading…
Cancel
Save