Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[IMPROVEMENT] Use swagger_ui_init_oauth parameter of original function app for versioned /docs (e.g. /v1/docs) #45

Closed
stoney95 opened this issue Oct 23, 2023 · 11 comments
Closed

[IMPROVEMENT] Use swagger_ui_init_oauth parameter of original function app for versioned /docs (e.g. /v1/docs) #45

stoney95 opened this issue Oct 23, 2023 · 11 comments

Comments

@stoney95
Copy link

Subject of the issue

I use swagger_ui_init_oauth when creating the FastAPI instance. This allows me to use the set values when using the "Authorize" feature of the swagger UI. This is very handy as it allows to set the client id and scopes.

I use it like this:

fastapi_app = FastAPI(
    swagger_ui_parameters={"supportedSubmitMethods": allowed_http_methods},
    swagger_ui_init_oauth={
        "clientId": "my-client-id",
        "scopes": "required_scopes",
    },
)

versions = Versionizer(
     app=fastapi_app,
     prefix_format='/v{major}',
     semantic_version_format='{major}',
     latest_prefix='/latest',
     sort_routes=True
).versionize()

Applying the Versionizer does remove the values in versioned docs. It would be great if they are kept.
When accessing "example.com/docs" I can see "my-client-id" is set. But when accessing "example.com/v1/docs" I can't see the client id in the Authorize feature.

Screenshots for further details:

  • Authorize Feature
Screenshot 2023-10-23 at 18 48 22
  • Client id is set in root docs
Screenshot 2023-10-23 at 18 41 29
  • Client id is not set in versioned docs
Screenshot 2023-10-23 at 18 42 35

Your environment

  • 3.9.16
  • MacOS 13.2.1

Steps to reproduce

from fastapi import FastAPI
from fastapi_versionizer import Versionizer
from fastapi.openapi.models import OAuthFlowImplicit, OAuthFlows
from fastapi.security import OAuth2

oauth2_scheme = OAuth2(
    flows=OAuthFlows(
        implicit=OAuthFlowImplicit(
            authorizationUrl="https://login.microsoftonline.com/oauth2/v2.0/authorize",
        )
    ),
    auto_error=True,
)

fastapi_app = FastAPI(
    swagger_ui_init_oauth={
        "clientId": "my-client-id",
        "scopes": "required_scopes",
    },
)

versions = Versionizer(
     app=fastapi_app,
     prefix_format='/v{major}',
     semantic_version_format='{major}',
     latest_prefix='/latest',
     sort_routes=True
).versionize()

router = APIRouter(prefix="/test")

def check_token(token: Depends(oauth2_scheme)):
    print(token)

@router.get("", dependencies=[Depends(check_token)])
def print_test():
    print("test")

Expected behaviour

I can use the Authorize feature in the versioned docs.

Actual behaviour

The values initialized with swagger_ui_init_oauth are not available in versioned docs (example.com/v1/docs)
@alexschimpf
Copy link
Owner

Sure, I'll whip up a fix for this soon and let you know. Thanks for finding this!

@alexschimpf
Copy link
Owner

Alright, this should now be fixed in v3.0.2. Please let me know if you find any other problems.

@stoney95
Copy link
Author

@alexschimpf, Thanks for taking care of that issue so quickly!

Now I am able to see the client-id in the Authorize feature. I also tested it with our setup. I get forwarded to the right login page and can login in there -> scopes are also set correctly.

But this runs into another issue. The redirect url cannot be found. This happens with the root docs (/docs) as well as with the versioned docs (/v1/docs). It appears as the Versionizer overwrites / adjusts the swagger_ui_oauth2_redirect_url which defaults to "/docs/oauth2-redirect".

When trying to login via the "Authorize" button I see the following
Screenshot 2023-10-25 at 09 16 01

This refers to a login I did via the root docs

@alexschimpf
Copy link
Owner

Ok I'll try to look into this once I get a chance

@alexschimpf
Copy link
Owner

Ah okay. I think I see the issue. For the main docs page, it happens because the redirect route is being stripped out in the _strip_routes function. Then it's not getting added to the versioned docs because the redirect route is not of type APIRoute and is thus getting ignored.

Let me try to get a fix out for this.

@stoney95
Copy link
Author

stoney95 commented Nov 2, 2023

@alexschimpf Thanks for taking care of it :)

@stoney95
Copy link
Author

@alexschimpf are there any updates on this?

@alexschimpf
Copy link
Owner

Sorry for the delay. I need to get back to this. I had a solution mostly written some time ago, but never got around to pushing it. Hopefully I can get something pushed this week.

@alexschimpf
Copy link
Owner

alexschimpf commented Dec 23, 2023
edited
Loading

@stoney95 I think this PR should do this trick: #50
Could you check this to see if the behavior is expected?

If so, I'll add some extra tests and whatnot.

@stoney95
Copy link
Author

stoney95 commented Jan 8, 2024
edited
Loading

@alexschimpf, a happy new year to you!

Thanks for providing the fix. I ran some local tests and the issues from above are resolved 🚀

@stoney95 stoney95 mentioned this issue Jan 8, 2024
Merged
@alexschimpf
Copy link
Owner

Sorry for the long (ok, very long) delay. Been a busy bee. This fix is available in v4.0.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexschimpf @stoney95