OAuth2 authorization

237 views
Skip to first unread message

Bojan Gašpar

unread,
Aug 23, 2016, 3:58:03 AM8/23/16
to Swagger
Hi everyone. I'm having problems with swagger documentation for API endpoints which have the @PreAuthorize annotation (we use spring framework and OAuth2 for authorization). When I click "Try it out!" I get a 403 response (forbidden). I was trying to use the @Authorization and @AuthorizationScope annotations but without any luck. 

Can I perform the authorization somehow or at least is there a way to detect that an endpoint needs authorization so that I can mark that endpoint in the documentation?

This is how I used the annotations: 
@ApiOperation(value = "Value", authorizations = { @Authorization("ADMIN") })
@PreAuthorize("isAuthenticated()")

...but the response was the same.

Ron Ratovsky

unread,
Aug 23, 2016, 9:12:51 PM8/23/16
to swagger-sw...@googlegroups.com

It’s unclear if you’re using Spring MVC or other Spring components, and so whether you use Springfox or swagger-core.

Have you looked into the generated spec itself to see that the oauth2 flow is included there?

Which version of swagger-ui do you use?

--
You received this message because you are subscribed to the Google Groups "Swagger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggers...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Bojan Gašpar

unread,
Aug 24, 2016, 4:42:49 AM8/24/16
to Swagger
We use SpringMVC and springfox (io.springfox:springfox-swagger2:jar:2.5.0 and io.springfox:springfox-swagger-ui:jar:2.5.0).

I don't see the OAuth2 flow in the documentation (there should be an ON/OFF button?). I guess I have to add "securityDefinitions" to the swagger configuration, but I don't know where because I'm using annotations in java for all my settings.

Ron Ratovsky

unread,
Aug 24, 2016, 12:35:47 PM8/24/16
to swagger-sw...@googlegroups.com

I don’t know what version of swagger-ui is provided with springfox – we don’t maintain that project.

Try checking with the latest swagger-ui release (not the one provided with springfox). If it works use that. If not, we can proceed from there.

 

 

 

From: <swagger-sw...@googlegroups.com> on behalf of Bojan Gašpar <bo...@q-alliance.com>
Reply-To:

--

Reply all
Reply to author
Forward
0 new messages