Hi am using Swager APi with nodejs. I am new to this technology. i was facing issue in my code.
Tried to implement JWT token auth but unfortunately i was stuck and don't know how to over come this issue. i was getting 403 error. I have added my code and error below . so please let me know if anyone know it.
Swagger.yml
swagger: "2.0"
info:
version: "0.0.1"
title: Movie DB
# during dev, should point to your local machine
host: localhost:8000
# basePath prefixes all resource paths
basePath: /
#
schemes:
# tip: remove http to make production-grade
- http
- https
# format of bodies a client can send (Content-Type)
securityDefinitions:
Bearer:
type: apiKey
name: Authorization
in: header
consumes:
- application/json
- text/html
# format of the responses to the client (Accepts)
produces:
- application/json
paths:
/movies:
# binds a127 app logic to a route
x-swagger-router-controller: movies
get:
security:
- Bearer: []
x-security-scopes:
- admin
description: Returns 'Hello' to the caller
# used as the method name of the controller
operationId: index
parameters:
- name: name
in: query
description: The name of the person to whom to say hello
required: false
type: string
responses:
"200":
description: Success
schema:
# a pointer to a definition
$ref: "#/definitions/MovieListBody"
# responses may fall through to errors
default:
description: Error
schema:
$ref: "#/definitions/ErrorResponse"
post:
description: Creates a new movie entry
operationId: create
parameters:
- name: movie
required: true
in: body
description: a new movie details
schema:
$ref: "#/definitions/MovieBody"
responses:
"200":
description: a successfully stored movie details
schema:
$ref: "#/definitions/MovieBody"
default:
description: Error
schema:
$ref: "#/definitions/ErrorResponse"
/movies/{id}:
x-swagger-router-controller: movies
get:
description: get movie
operationId: show
parameters:
- name: id
required: true
in: path
description: get particular movie details
type: string
responses:
"200":
description: Sucess
schema:
$ref: "#/definitions/MovieBody"
default:
description: Error
schema:
$ref: "#/definitions/ErrorResponse"
put:
description: Update Movie
operationId: update
parameters:
- name: id
required: true
in: path
type: string
- name: movie
required: true
in: body
description: an updated movie details
schema:
$ref: "#/definitions/MovieBody"
responses:
"200":
description: Sucess
schema:
$ref: "#/definitions/MovieBody"
default:
description: Error
schema:
$ref: "#/definitions/ErrorResponse"
delete:
description: Delete Single Record
operationId: deleted
parameters:
- name: id
required: true
in: path
description: remove single record in db
type: string
responses:
"200":
description: Sucess
schema:
$ref: "#/definitions/MovieBody"
default:
description: Error
schema:
$ref: "#/definitions/ErrorResponse"
/login:
x-swagger-router-controller: movies
post:
description: Get Jwt Authentication Token
operationId: login
parameters:
- name: Userdetails
required: true
in: body
description: Jwt Auth token
schema:
$ref: "#/definitions/LoginBody"
responses:
"200":
description: Sucess
schema:
$ref: "#/definitions/LoginBody"
default:
description: Error
schema:
$ref: "#/definitions/ErrorResponse"
definitions:
MovieListBody:
required:
- movies
properties:
movies:
type: array
items:
$ref: "#/definitions/Movie"
Movie:
required:
- title
- gener
- year
properties:
title:
type: string
gener:
type: string
year:
type: integer
Login:
required:
- id
- name
- company
properties:
id:
type: integer
name:
type: string
company:
type: string
MovieBody:
required:
- movies
properties:
movies:
$ref: "#/definitions/Movie"
LoginBody:
required:
- details
properties:
details:
$ref: "#/definitions/Login"
ErrorResponse:
required:
- message
properties:
message:
type: string
Controller.js
'use strict';
var Movie = require('../models/movies')
var MongoClient = require('mongodb').MongoClient;
var jwt = require('jsonwebtoken')
const redis = require('redis');
const client = redis.createClient()
client.on('connect', function () {
console.log('Redis client connected');
});
client.on('error', function (err) {
console.log('Something went wrong ' + err);
});
var db;
module.exports = {index, create, show, update, deleted};
//Get Method:
function index(req,res,next)
{
console.log("hai")
var token = VerifyToken(req,res,next)
jwt.verify(req.token, 'secretkey', (err, authdata) => {
if (err) {
console.log(err)
}
else {
client.hgetall('products', (err, results) => {
if (results) {
res.send(results)
}
else {
db.collection('Ecommerce').find(30).toArray((err, results) => {
const ttl = 0
client.hmset('products', results, ttl)
res.send(results)
});
}
})
// db.collection('Ecommerce').find().toArray( (err, results) => {
// res.send(results)
// });
}
})
}
//Post Method:
function create(req,res,next)
{
var movie = res.json(req.body)
//res.json(movie)
db.collection('Ecommerce').save(movie, (err, result) => {
if (err) return console.log(err)
res.send("Inserted Scessfully")
})
}
//Get Particulardata
function show(req,res,next)
{
var number = parseInt(req.swagger.params.id.value)
db.collection('Ecommerce').find({ "id":number}).toArray((err, result) => {
console.log(result)
res.send(result)
})
}
//Update Method
function update(req,res,next)
{
var number = parseInt(req.swagger.params.id.value)
db.collection("Ecommerce").update({ "id": number }, { $set: { 'title': req.body.movies.title } }, (err, result) => {
res.send('user updated sucessfully');
});
}
//Delete Method
function deleted(req,res,next)
{
var number = parseInt(req.swagger.params.id.value)
db.collection('Ecommerce').deleteOne({ "id": number }, (err, result) => {
});
}
//Login Method
function login(req,res,next)
{
const user = req.body.details
jwt.sign({ user }, 'secretkey', { expiresIn: '30m' }, (err, token) => {
res.json({ token })
console.log({ token })
})
}
Facing Issue
{
"message": "unknown security handler: Bearer",
"code": "server_error",
"statusCode": 403
}
A bit old but in case it can help others, I believe your security definition is wrongly configured.
According to the Swagger documentation about Bearer authentication, you should use the following configuration:
securityDefinitions:
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
Related
I am trying to use Swagger. Below is the swagger.yml file.
swagger: "2.0"
basePath: /myapp/api
info:
description: My description
title: My title
version: 0.1.0
produces:
- application/json
consumes:
- application/json
schemes:
- http
paths:
/contract:
get:
operationId: "Get contract"
description: Get information
parameters:
- in: path
name: contractId
description: ID
required: true
schema:
type: integer
responses:
200:
description: Information...
schema:
$ref: "#/definitions/contract"
404:
description: "Not found."
post:
operationId: "Create"
parameters:
- in: body
name: contractId
schema:
$ref: '#/definitions/requestBodies/contract'
responses:
200:
description: Success...
400:
description: Problem...
definitions:
contract:
title: Contract
type: object
properties:
name:
title: Name
type: string
services:
title: Services
type: array
items:
title: Service
$ref: '#/definitions/service'
xyz:
title: Xyz
$ref: '#/definitions/virtualMachine'
service:
title: Service
type: object
properties:
containerName:
title: ContainerName
type: string
...
contracts:
title: Contracts
type: array
items:
title: Contract
$ref: '#/definitions/contract'
xyz:
title: Xyz
type: object
properties:
serverId:
title: ServerID
type: string
contractId:
title: ContractID
type: uuid
...
requestBodies:
contract:
content:
application/json:
schema:
$ref: '#/definitions/contract'
When I try to generate the documentation, I get the following error:
swagger generate server -f swagger.yml
2020/10/26 15:43:31 validating spec /home/dalton/workspace/.../.../swagger.yml
The swagger spec at "/home/dalton/workspace/.../.../swagger.yml" is invalid against swagger specification 2.0. see errors :
- definitions.requestBodies.contract in body is a forbidden property
- "definitions.xyz.properties.contractId.type" must validate at least one schema (anyOf)
- definitions.xyz.properties.contractId.type in body must be of type array: "string"
What am I doing wrong?
To make this code pass in the Swagger validation, I had to:
Remove the schema in the contractId parameter (get method);
Remove the requestBodies definition and change the schema in the contract parameter (post method);
Change the type of the contractId in the Xyz definition (the uuid type is not supported by the version 2 of Swagger).
The fixed code is below:
swagger: "2.0"
basePath: /myapp/api
info:
description: My description
title: My title
version: 0.1.0
produces:
- application/json
consumes:
- application/json
schemes:
- http
paths:
/contract:
get:
operationId: "Get contract"
description: Get information
parameters:
- in: path
name: contractId
description: ID
required: true
type: integer
responses:
200:
description: Information...
schema:
$ref: "#/definitions/contract"
404:
description: "Not found."
post:
operationId: "Create"
parameters:
- in: body
name: contractId
schema:
$ref: '#/definitions/contract'
responses:
200:
description: Success...
400:
description: Problem...
definitions:
contract:
title: Contract
type: object
properties:
name:
title: Name
type: string
services:
title: Services
type: array
items:
title: Service
$ref: '#/definitions/service'
xyz:
title: Xyz
$ref: '#/definitions/virtualMachine'
service:
title: Service
type: object
properties:
containerName:
title: ContainerName
type: string
...
contracts:
title: Contracts
type: array
items:
title: Contract
$ref: '#/definitions/contract'
xyz:
title: Xyz
type: object
properties:
serverId:
title: ServerID
type: string
contractId:
title: ContractID
type: string
format: uuid
Maybe you can try to edit your swagger.yml in the online Swagger Editor.
I'm trying to show custom example just for 401 Response status code (overriding default example values) But the following code will not do this for some reason (default values stay in place) Status.Code and Status.Verbal will not set, also the "Agent" object will notgo into Content.
paths:
/api/Users/Login:
post:
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LoginCredentials'
responses:
'200':
description: Login OK / Agent Object
content:
'*/*':
schema:
$ref: '#/components/schemas/RestResponse'
example:
Content:
schema:
$ref: '#/components/schemas/Agent'
'401':
description: Incorrect credentials
content:
'*/*':
schema:
$ref: '#/components/schemas/RestResponse'
example:
Status:
Verbal: Error
Code: 1074
Content: null
components:
schemas:
Agent:
type: object
RestResponse:
type: object
properties:
Status:
type: object
properties:
Verbal:
type: string
example: Success
Code:
type: string
format: int32
example: 104
Content:
type: object
Exception:
type: object
LoginCredentials:
type: object
required:
- UserName
- Password
properties:
UserName:
type: string
format: email
example: user#not.net
Password:
type: string
example: password
What I expect to see as response examples:
200:
{
"Status": {
"Verbal": "Success",
"Code": 104
},
"Content": "Agent{}"
}
401:
{
"Status": {
"Verbal": "Error",
"Code": 1074
},
"Content": null
}
I'm fairly new to swagger and would appreciate some direction on good resources for learning.
I have a test project that I'm putting together and I am running into some issues.
I'm getting an error saying that the "parameters" in my "delete" block is not valid. It looks ok to me from what I've seen in the examples. But apparently I'm missing something. Any ideas?
swagger: "2.0"
info:
version: "2"
title: My Title
description: Provides services for vacation rentals site
termsOfService: Private
contact:
name: My Name
url: www.myurl.com
email: my#email.address
license:
name: MIT
url: http://opensource.org/licenses/MIT
schemes:
- http
host: myurl.com
basePath: /api
paths:
/guestbook:
get:
summary: Gets some persons
description: Returns a list containing all persons.
responses:
200:
description: A list of posts
schema:
type: array
items:
required:
- firstName
properties:
firstName:
type: string
lastName:
type: string
email:
type: string
comment:
type: string
post:
summary: Adds a comment to the guestbook
description: Adds a comment to the guestbook
parameters:
- name: firstname
in: formData
required: true
type: string
- name: lastname
in: formData
required: true
type: string
- name: email
in: formData
required: true
type: string
- name: comment
in: formData
required: true
type: string
responses:
201:
description: Shows a successful post
'405':
description: Invalid input
/guestbook/{id}:
get:
summary: Gets a single post
description: Returns a single post
operationId: getPost
parameters:
- name: id
in: path
description: ID of pet to fetch
required: true
type: integer
format: int64
responses:
200:
description: A list of posts
schema:
type: array
items:
required:
- firstName
properties:
id:
type: number
firstName:
type: string
lastName:
type: string
email:
type: string
comment:
type: string
delete:
summary: Removes a post
description: Removes a post
operationId: deletePost
parameters:
- name: id
in: path
responses:
200:
description: Post has been removed
You just need to describe the id parameter in the delete /guestbook/{id} operation just like you did in get /guestbook/{id}.
delete:
summary: Removes a post
description: Removes a post
operationId: deletePost
parameters:
- name: id
in: path
description: ID of pet to fetch
required: true
type: integer
format: int64
responses:
200:
description: Post has been removed
You can also define this parameter once for all operations of path /guestbook/{id}:
/guestbook/{id}:
parameters:
- name: id
in: path
description: ID of pet to fetch
required: true
type: integer
format: int64
get:
summary: Gets a single post
description: Returns a single post
operationId: getPost
responses:
200:
description: A list of posts
schema:
type: array
items:
required:
- firstName
properties:
id:
type: number
firstName:
type: string
lastName:
type: string
email:
type: string
comment:
type: string
delete:
summary: Removes a post
description: Removes a post
operationId: deletePost
responses:
200:
description: Post has been removed
If you need to learn how to write OpenAPI (fka. Swagger) specification files, you can read my Writing OpenAPI/Swagger Specification Tutorial
Working on writing an API spec for my service with swagger. I'm using a model definition ('#/definitions/prototype') as the body parameter of both the POST /prototypes and PATCH /prototypes/:id routes.
How do you specify that the PATCH route only accepts a subset of the properties in the body of the request that the POST route does? For example, I want the PATCH /instances/:id route to only allow modification of the mobileDeviceId prototypes property.
swagger: "2.0"
info:
title: ""
description: ""
version: "1.0.0"
host: foo.example.com
schemes:
- https
basePath: /v1
produces:
- application/json
consumes:
- application/json
paths:
/prototypes:
post:
summary: Create new prototype
parameters:
- name: prototype
in: body
description: Prototype object
required: true
schema:
$ref: "#/definitions/Prototype"
responses:
201:
description: Success
schema:
$ref: "#/definitions/SuccessCreated"
403:
description: Prototype limit exceeded error
schema:
$ref: "#/definitions/Error"
default:
description: Unexpected error
schema:
$ref: "#/definitions/Error"
/prototypes/{id}:
patch:
summary: Update an existing prototype's properties
parameters:
- name: id
in: path
type: number
description: ID property of a prototype
required: true
- name: prototype
in: body
description: Prototype object
required: true
schema:
$ref: "#/definitions/Prototype"
responses:
200:
description: Success
definitions:
Prototype:
type: object
properties:
id:
type: integer
format: int64
name:
type: string
mobileDeviceId:
type: number
SuccessCreated:
type: object
description: Returned as response to successful resource create request
properties:
code:
type: number
default: 201
message:
type: string
Error:
type: object
properties:
code:
type: integer
format: int32
message:
type: string
fields:
type: string
Swagger uses json-schema: http://json-schema.org
$refs provide you w/ a way to repeat existing json-schema at a new path.
Notice that you are using a $ref for patch/parameters/-name:prototype/schema.
You can create a new definition just for patch in the definitions section and reference it instead
swagger: "2.0"
info:
title: ""
description: ""
version: "1.0.0"
host: foo.example.com
schemes:
- https
basePath: /v1
produces:
- application/json
consumes:
- application/json
paths:
/prototypes:
post:
summary: Create new prototype
parameters:
- name: prototype
in: body
description: Prototype object
required: true
schema:
$ref: "#/definitions/Prototype"
responses:
201:
description: Success
schema:
$ref: "#/definitions/SuccessCreated"
403:
description: Prototype limit exceeded error
schema:
$ref: "#/definitions/Error"
default:
description: Unexpected error
schema:
$ref: "#/definitions/Error"
/prototypes/{id}:
patch:
summary: Update an existing prototype's properties
parameters:
- name: id
in: path
type: number
description: ID property of a prototype
required: true
- name: prototype
in: body
description: Prototype object
required: true
schema:
$ref: "#/definitions/PatchPrototype"
responses:
200:
description: Success
definitions:
Prototype:
type: object
properties:
id:
type: integer
format: int64
name:
type: string
mobileDeviceId:
type: number
PatchPrototype:
type: object
properties:
mobileDeviceId:
type: number
SuccessCreated:
type: object
description: Returned as response to successful resource create request
properties:
code:
type: number
default: 201
message:
type: string
Error:
type: object
properties:
code:
type: integer
format: int32
message:
type: string
fields:
type: string
I want this API to produce JSON in response HTTP body.
responses:
'200':
description: success
schema:
$ref: '#/definitions/Company'
'400':
description: client doesn't exist
definitions:
Company:
description: ''
type: object
properties:
id:
type: string
description: Empty when creating a record
name:
type: string
description: Not empty when creating record, or updating this field
email:
type: string
I think the response body would be:
{
"code": 200,
"company": {...company object...}
}
Is this correct? or
{
"200": {...company object...}
}
Here is the document that swagger tool generated: