Swagger-UI: Just uses OPTION instead of GET/POST/PUT/DELETE

[marc....@gmail.com]

Hi,

I have a problem with SWAGGER-UI. When I try to call the REST operation SWAGGER always sends an OPTIONS method instead of GET / POST / PUT or DELETE.

I have no clue why.

Here is my json:

{
    "apiVersion": "1.0.0",
    "swaggerVersion": "1.2",
   "basePath": "http://localhost:9999/lazydoc-spring",
   "resourcePath": "/customers",
   "apis": [
       {
           "path": "/customers",
           "description": "Creates a new customer",
           "operations": [
                {
   "method": "POST",
   "nickname": "createCustomer",
   "type": "Customer",
   "summary": "Creates a new customer",
   "notes": "",
   "authorization": {

   },
   "errorResponses": [],
   "parameters": [
      {
         "paramType": "body",
         "name": "requestBody",
         "description": "The data of the customer to be created",
         "type": "Customer",
         "required": true,
         "allowMultiple": false,
         "list": false
      }
   ],
   "responseMessages": [
      {
         "code": 400,
         "message": "Invalid ID supplied"
      },
      {
         "code": 404,
         "message": "Pet not found"
      },
      {
         "code": 405,
         "message": "Validation exception"
      }
   ]
}
           ]
       },
       {
           "path": "/customers/{customerId}",
           "description": "Deletes the customer for the given id",
           "operations": [
                {
   "method": "DELETE",
   "nickname": "deleteCustomer",
   "responseClass": "void",
   "parameters": [
       {
   "paramType": "path",
   "name": "customerId",
   "description": "The id of the customer to be updated",
   "type": "long",
   "required": true,
   "allowMultiple": false,
   "list": false
}

   ],
   "summary": "Deletes the customer for the given id",
   "notes": "",
   "authorization": "",
   "errorResponses": []
}
           ]
       },
       {
           "path": "/customers/{customerId}",
           "description": "Returns the customer for the given id",
           "operations": [
                {
   "method": "GET",
   "nickname": "getCustomer",
   "responseClass": "Customer",
   "parameters": [
       {
   "paramType": "path",
   "name": "customerId",
   "description": "The id of the customer to be updated",
   "type": "long",
   "required": true,
   "allowMultiple": false,
   "list": false
}

   ],
   "summary": "Returns the customer for the given id",
   "notes": "",
   "authorization": "",
   "errorResponses": []
}
           ]
       },
       {
           "path": "/customers",
           "description": "Returns all customers",
           "operations": [
                {
   "method": "GET",
   "nickname": "getCustomers",
   "responseClass": "List[Customer]",
   "parameters": [

   ],
   "summary": "Returns all customers",
   "notes": "",
   "authorization": "",
   "errorResponses": []
}
           ]
       },
       {
           "path": "/customers/{customerId}",
           "description": "Updates a customer specified by the id",
           "operations": [
                {
   "method": "PUT",
   "nickname": "updateCustomer",
   "responseClass": "Customer",
   "parameters": [
       {
   "paramType": "path",
   "name": "customerId",
   "description": "The id of the customer to be updated",
   "type": "long",
   "required": true,
   "allowMultiple": false,
   "list": false
}
,
       {
   "paramType": "form",
   "name": "requestBody",
   "description": "The data of the customer to be created",
   "type": "Customer",
   "required": true,
   "allowMultiple": false,
   "list": false
}

   ],
   "summary": "Updates a customer specified by the id",
   "notes": "",
   "authorization": "",
   "errorResponses": []
}
           ]
       }   ],
   "models": {
           "Customer": {
   "properties": {
         "city": {
              "type": "String",
              "description": "The city of the customer's address",
              "required": false,
              "request": true,
              "response": true,
              "list": false
           },
         "customerId": {
              "type": "long",
              "description": "The unique identifier of the customer",
              "required": false,
              "request": true,
              "response": true,
              "list": false
           },
         "firstname": {
              "type": "String",
              "description": "The firstname of the customer",
              "sample": "Maxi",
              "required": false,
              "request": true,
              "response": true,
              "list": false
           },
         "lastname": {
              "type": "String",
              "description": "The lastname of the customer",
              "sample": "Miller",
              "required": false,
              "request": true,
              "response": true,
              "list": false
           },
         "street": {
              "type": "String",
              "description": "The street of the customer's address",
              "sample": "Effnerstr. 5",
              "required": false,
              "request": true,
              "response": true,
              "list": false
           },
         "zipCode": {
              "type": "String",
              "description": "The zipcode of the customer's address",
              "required": false,
              "request": true,
              "response": true,
              "list": false
           }
   }
}
   }
}

[Ron]

You need to make sure CORS is enabled on the server side.

How do you produce your Swagger documentation?

--
You received this message because you are subscribed to the Google Groups "Swagger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggers...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Marc Eckart]

Hmm, I added a CORS filter in my spring boot application, but it does not change anything. I still see the OPTIONS method instead of the GET method in the firebug network traffic list

I found an example of a CORS filter and added it. Are these values ok?

response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");

I have a generator to produce the SWAGGER documentation.

--
You received this message because you are subscribed to a topic in the Google Groups "Swagger" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/swagger-swaggersocket/uzZs8j1dvoQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to swagger-swaggers...@googlegroups.com.

[Ron]

Not sure what you mean by 'a generator' :) Is it generated by your application? Which library do you use?

Try testing your CORS settings with http://test-cors.org.

[Marc Eckart]

Hmm, as far as I see it looks fine so far ... ?!? This is what I get from http://test-cors.org.:

Sending GET request to http://localhost:9999/lazydoc-spring/customers

Fired XHR event: loadstart
Fired XHR event: readystatechange
Fired XHR event: progress
Fired XHR event: readystatechange
Fired XHR event: readystatechange
Fired XHR event: load
XHR status: 200
XHR status text: OK
XHR exposed response headers:

Pragma: no-cache
Content-Type: application/json
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

This is what send by swagger

OPTIONS /lazydoc-spring/customers HTTP/1.1
Host: localhost:9999
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:33.0) Gecko/20100101 Firefox/33.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Origin: http://localhost:9990
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Connection: keep-alive

And this is answered by the server:

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
access-control-allow-origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: x-requested-with
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
x-frame-options: DENY
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Content-Length: 0
Date: Sun, 09 Nov 2014 19:46:56 GMT

I'm developing an documentation framework which is parsing my application for documentation and generating Swagger, docbook, asciidoc and other documentation. I like the swagger ui and want to use it in an example ...

[Ron]

Try changing the CORS settings you pasted to these:

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
Access-Control-Allow-Headers: Content-Type, api_key, Authorization

[Marc Eckart]

This fixed it! Thank you :)

[Ron]

Happy to hear! Feel free to ask any other questions.

[Abhishek Goswami]

Hello everybody,

Still facing the same problem with my API . OPTIONS method fire when i request POST method. But it works fine when it is GET or POST method with formData value. But when i send POST with body data its request method changes to OPTIONS Method.   

[Tony Tam]

That's just how CORS works. When you post a body it must do a preflight check via options. Posting with www-form-urlencoded will not

--

[Abhishek Goswami]

[...]

On Tuesday, 2 August 2016 12:36:17 UTC+5:30, tony tam wrote:

That's just how CORS works. When you post a body it must do a preflight check via options. Posting with www-form-urlencoded will not

[/...]

So can you please tell me as to how can i solve it because when i run the curl command which is generated by itself, provides me correct output but through swagger console it shows "no content" and in network tab it shows "404" that means either server is returning 404 when it's requested through swagger or my code is wrong. If server setting is required then please guide me because i have already made some changes on server to enable request from swagger but when i am passing body parameter, it doesn't work. If my code is wrong then what are the possible errors/points to look at?

Thanks in advance 

[Tony Tam]

Yes he solution is in my post. You need to fix your gateway because it should not add the header twice. Curl is not affected because it is not a web browser

--

[Abhishek Goswami]

Still i am stuck with same problem, currently i am using these settings 

    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET, POST, DELETE, PUT, PATCH, OPTIONS"
    Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept"

Still getting same issue, i.e it changes POST method to OPTIONS method. Please help me out.

To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggersocket+unsub...@googlegroups.com.

[Tony Tam]

I can't help if you don't want to listen. For POST, with CORS, the browser will do a preflight check which is what the options call is. If the headers are wrong, or your server returns the wrong response it will fail. This is server setup, not swagger UI specifically

To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggers...@googlegroups.com.