[BUG] Fails to render the specification if it contains oauth2 security scheme with password flow

[pltod2]

Description

When the specification contains securityScheme of type oauth2 that contains password flow and that scheme is referred in the document the spec fails to render. It happens in all the major browsers.

Expected result

The specification must be rendered successfully.

Actual result

The specification is not rendered, we get blank screen instead.

Steps to reproduce

The fastest way to reproduce is in async api studio which uses this component under the hood.
Add the following under components/securitySchemes:

    oauth2Password:
      type: oauth2
      description: OAuth 2.0 example
      flows:
        password:
          tokenUrl: https://auth.example.com/oauth/token
          refreshUrl: https://auth.example.com
          availableScopes:
            read:user: Read user information

Just adding the scheme is ok but if we further refer the scheme it will result in browser rendering a blank page. The error that can be seen in the console is:

Troubleshooting

As described in the spec the authorizationUrl does not apply to password flow.

However in the code it is handled as always present, which causes "undefined is not an object (evaluating 'i.authorizationUrl')" error.

[github-actions]

Welcome to AsyncAPI. Thanks a lot for reporting your first issue. Please check out our contributors guide and the instructions about a basic recommended setup useful for opening a pull request.
Keep in mind there are also other channels you can use to interact with AsyncAPI community. For more details check out this issue.

[derberg]

@pltod2 can you open a PR?

normally flow.authorizationUrl() should just return undefined (https://github.com/asyncapi/parser-js/blob/master/src/models/oauth-flow.ts#L6) but yeah, you can add a check based on hasAuthorizationUrl()

[pltod2]

@derberg I will try. If I manage to submit PR by tomorrow and it is approved, do you know when the fix will be released?

[derberg]

we use conventional commits with supporting automation, so once you submit a PR, with PR title containing prefix "fix: ", after merging, patch automatically goes out in few minutes.

longest takes review and getting PR accepted for merge - this is hard to predict

[derberg]

yeah, release takes like 15min after merging PR -> #1019 (comment)

[pltod2]

@derberg here is the PR #1023. The problem was slightly different though than the one in my initial troubleshooting analysis.

[asyncapi-bot]

🎉 This issue has been resolved in version 2.1.1 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀