I am using Swagger UI to generate api doc and want to call api in this page for grape api.
I set the security_definitions as below:
add_swagger_documentation(
hide_documentation_path: true,
doc_version: '18.0',
mount_path: '/api_doc',
add_version: true,
hide_format: true,
info: {
title: "Search API documentation"
},
security_definitions: {
ApiKeyAuth:{
type: "apiKey",
name: "X-Auth-Token",
in: "header",
description: "Requests should pass an api_key header."
}
},
security: {
ApiKeyAuth: []
}
)
But when input the value and sent the request, there is no value in request header.
Set the apikey value
calling the api
security is an array so it should be
security: [{ ApiKeyAuth: [] }]
Related
I am trying to add custom oauth provider to my next.js app. I am adding custom provider in [...nextauth].js:
export default NextAuth({
// Configure one or more authentication providers
providers: [
{
id: "moneybutton",
name: "Money Button",
type: "oauth",
version: "2.0",
scope: "auth.user_identity:read users.profiles:read users.profiles.email:read users.balance:read",
params: {
grant_type: "authorization_code"
},
accessTokenUrl: "https://www.moneybutton.com/oauth/v1/token",
requestTokenUrl: "https://www.moneybutton.com/oauth/v1/token",
authorizationUrl: "https://www.moneybutton.com/oauth/v1/authorize?response_type=code",
profileUrl: "https://www.moneybutton.com/api/v1/auth/user_identity",
profile(profile) {
return {
id: profile.data.attributes.id,
name: profile.data.attributes.name,
};
},
clientId: 'my_oauth_identifier',
clientSecret: 'my_client_secret'
}
// ...add more providers here
],
debug: true
});
OAuth flow seems to work correct, as i am seeing my profile id coming back in responses but it finishes on http://localhost:3000/api/auth/signin?error=Callback
I set debug to true and i am getting following errors:
[next-auth][error][oauth_get_access_token_error]
https://next-auth.js.org/errors#oauth_get_access_token_error {
statusCode: 400,
data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'
} undefined undefined
[next-auth][error][oauth_get_access_token_error]
https://next-auth.js.org/errors#oauth_get_access_token_error {
statusCode: 400,
data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'
} moneybutton 9f3970b8ae39f9d46f9fae56f6fb6135ecb7e87b
[next-auth][error][oauth_callback_error]
https://next-auth.js.org/errors#oauth_callback_error {
statusCode: 400,
data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'
It says that client is invalid, but i am sure oauth identifier and secret are correct, as well as redirect URL set to http://localhost:3000/api/auth/callback/moneybutton.
response for profile looks like this if it would be helpful:
{
"data": {
"id": "75101",
"type": "user_identities",
"attributes": {
"id": "75101",
"name": "John Doe"
}
},
"jsonapi": {
"version": "1.0"
}
}
Links to documentations:
https://next-auth.js.org/configuration/providers
https://docs.moneybutton.com/docs/api/v1/api-v1-user-identity
I don't know if it's some bug or my approach is wrong and will apreciate any help
I'm new to swagger.
We have an API written already so I'm trying manually write the swagger.yaml
So far I have figured out how to do my /login route.. and get back a JWT in the response.
But I'm not sure what way to go next.
Is it possible to automatically plug the returned JWT into subsequent calls?
Or do I have to manually copy and paste the returned JWT?
If I have to manually do it.. then.. ehh.. how?
In the swagger editor an Authenticate button appears and I can click that and get an input box looking for the apikey...
But its not the same when viewing the swagger UI ... when I browse to localhost to see the swagger UI I don't get the authenticate button and don't have anywhere to paste the JWT text...
My swagger.yaml is as follows:
swagger: "2.0"
info:
version: 1.0.0
title: Identity Management Service
description: API to allow JWT authentication and authorisation
termsOfService: http://swagger.io/terms/
license:
name: MIT
url: http://github.com/gruntjs/grunt/blob/master/LICENSE-MIT
host: localhost:8000
basePath: /
schemes:
- http
- https
securityDefinitions:
Bearer:
type: apiKey
name: Authorization
in: header
consumes:
- application/json
produces:
- application/json
paths:
/login:
post:
summary: User Authentication returning a JWT.
description: Authenticate a user.
parameters:
- name: credentials
in: body
description: maximum number of results to return
required: false
schema:
$ref: '#/definitions/creds'
responses:
"200":
description: will send JWT
default:
description: unexpected error
schema:
$ref: '#/definitions/Error'
/getUsers:
get:
summary: Gets list of all users
description: Authenticate a user.
security:
- Bearer: []
responses:
"200":
description: will send JWT
default:
description: unexpected error
schema:
$ref: '#/definitions/Error'
definitions:
creds:
type: object
required:
- username
- password
properties:
username:
type: string
password:
type: string
Error:
required:
- code
- message
properties:
code:
type: integer
format: int32
message:
type: string
Obviously I'd much prefer to have it so that the response token from the /login call be stored and used in the /getUsers ...
The response from a call to /login looks like this:
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0eXBlIjoidXNlciIsInVzZXJpZCI6InBqbWVhbHkiLCJlbWFpbCI6InBqbWVhbHlAZ21haWwuY29tIiwiZmlyc3RuYW1lIjoiUEoiLCJsYXN0bmFtZSI6Ik1lYWx5Iiwib3JnIjoib3JnMSIsInRlYW1zIjpbInRlYW0xIl0sImFjbCI6WyJlbXBsb3llZSIsInRlYW1MZWFkIl0sInRva2VuVHlwZSI6IndlYkFwcFRva2VuIiwidG9rZW5WZXJzaW9uIjoiMSIsImlhdCI6MTQ2NzkxMDkyNSwiZXhwIjoxNDY3OTk3MzI1fQ.e4Trk-0kDoid5Xr9BQ5ZP_HMBN2l8_G2pn7ac2tt4uE",
"user": {
"type": "user",
"userid": "joebloggs",
"email": "joe#bloggs.com",
"firstname": "Joe",
"lastname": "Bloggs",
"org": "org1",
"teams": [
"team1"
],
"acl": [
"employee",
"teamLead"
],
"tokenType": "webAppToken",
"tokenVersion": "1",
"iat": 1467910925,
"exp": 1467997325
}
}
You can try this, it include an Authorization Header where you can save the token and it will apply to all endpoints.
#Bean
public Docket newsApi() {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.any())
.paths(PathSelectors.any())
.build()
.securitySchemes(Lists.newArrayList(apiKey()))
.securityContexts(Lists.newArrayList(securityContext()))
.apiInfo(generateApiInfo());
}
#Bean
SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.forPaths(PathSelectors.any())
.build();
}
List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope
= new AuthorizationScope("global", "accessEverything");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] = authorizationScope;
return Lists.newArrayList(
new SecurityReference("JWT", authorizationScopes));
}
private ApiKey apiKey() {
return new ApiKey("JWT", "Authorization", "header");
}
I'm using the docusign_rest gem to integrate with the Docusign REST API in my rails application. I have created a custom envelope field in the Docusign admin called SFID. I need to pass an ID into SFID inside of the envelope. I'm getting the following error with my JSON code:
{"errorCode"=>"INVALID_REQUEST_BODY", "message"=>"The request body is missing or improperly formatted. Cannot deserialize the current JSON array (e.g. [1,2,3]) into type 'API_REST.Models.v2.customFields' because the type requires a JSON object (e.g. {\"name\":\"value\"}) to deserialize correctly.\r\nTo fix this error either change the JSON to a JSON object (e.g. {\"name\":\"value\"}) or change the deserialized type to an array or a type that implements a collection interface (e.g. ICollection, IList) like List<T> that can be deserialized from a JSON array. JsonArrayAttribute can also be added to the type to force it to deserialize from a JSON array.\r\nPath 'customFields', line 1, position 1073."}
My controller code:
#envelope_response = client.create_envelope_from_template(
status: 'sent',
email: {
subject: "The test email subject envelope",
body: ""
},
template_id: '90B58E8F-xxxxx',
custom_fields: [
{
textCustomFields: [
{
name: 'SFID',
value:'12345',
required: 'false',
show: 'true'
}
]
}
],
signers: [
...
The Docusign API explorer says the following is the correct way to push an envelope custom field:
{
"customFields": {
"textCustomFields": [
{
"value": "0101010101",
"required": "true",
"show": "true",
"name": "SFID"
},
{
"required": "true",
"show": "true"
}
]
}
}
The Docusign_rest gem says the following on custom envelope fields:
customFields - (Optional) A hash of listCustomFields and textCustomFields.
# Each contains an array of corresponding customField hashes.
# For details, please see: http://bit.ly/1FnmRJx
What formatting changes to I need to make to my controller code to get it to successfully push a custom envelope field?
You have an extra array in your customFields node.
Remove the [] array from your custom_fields:
#envelope_response = client.create_envelope_from_template(
status: 'sent',
email: {
subject: "The test email subject envelope",
body: ""
},
template_id: '90B58E8F-xxxxx',
custom_fields:
{
textCustomFields: [
{
name: 'SFID',
value:'12345',
required: 'false',
show: 'true'
}
]
},
signers: [
...
Also I'm assuming that your client.create_envelope_from_template is converting your _'s into a camelCased string. if that is not happening, then that also needs to change.
Using Sencha Touch, How do we query youtube v3 search api?
Below is the sample url which works fine when issued from a browser directly (NOTE: Key is required) :
"https://www.googleapis.com/youtube/v3/search?part=snippet&order=date&type=video&channelId=UC3djj8jS0370cu_ghKs_Ong&key=MY_KEY"
However the same url fails when loaded using sencha touch Store ajax proxy.
It seems that OPTIONS call is made against this URL and GET was aborted.
What is needed in Sencha touch store for working with youtube V3 google apis? I did not find jsonp support for youtube V3 api.
I have used this api like this,
proxy: {
type: 'ajax',
url: 'https://www.googleapis.com/youtube/v3/search',
useDefaultXhrHeader: false,
extraParams: {
part: 'snippet',
q: 'ambarsariya',
regionCode: 'IN',
maxResults: 30,
key: 'your_key'
},
reader: {
type: 'json',
rootProperty: 'items'
}
}
One more thing you have to do and thats is you have set a idProperty in the model of this store. Inside config of the model used I have used
idProperty: 'videoId',// its better if this name is not same as any fields name
fields: [{
name: 'snippet'
}, {
name: 'thumbnail',
mapping: 'snippet.thumbnails.default.url'
}, {
name: 'title',
mapping: 'snippet.title'
}]
Hope this solves your problem.
It works well for me.
STORE:-
Ext.define('MyApp.store.videos', {
extend: 'Ext.data.Store',
model: 'MyApp.model.Video',
config: {
autoLoad: true,
proxy: {
type: 'ajax',
//This is required to enable cross-domain request
useDefaultXhrHeader: false,
url: 'https://www.googleapis.com/youtube/v3/search',
extraParams: {
part: 'snippet',
q: "Enrique", //Query string
regionCode: 'IN',
maxResults: 30,
key: 'AIzaSyD6FvoLaIFqyQGoEY4oV7TEWGAJSlDd1-8'
}
}
}
});
This is the model used by the above store.
MyApp.model.Video:-
Ext.define('MyApp.model.Video', {
extend: 'Ext.data.Model',
requires: [],
config: {
idProperty: 'videoId',
fields: [{
name: 'id'
}, {
name: 'videoId',
mapping: 'id.videoId'
}]
}
});
It also works well for jsonp proxy also,
just change type: jsonp inside proxy and remove useDefaultXhrHeader config.
I'm trying to use Google's 'google-api-nodejs-client' package (https://github.com/google/google-api-nodejs-client) to handle OAuth 2.0 authentication.
I've modified the example in examples/oauth2.js to console.log the entire profile object.
What scope can I use to correctly extract users' 'givenName' and 'familyName' if they're authenticating using a Google Apps account? Using the following scope:
scope: [
'https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/plus.profile.emails.read'
]
returns the following response once authenticated:
{ kind: 'plus#person',
etag: '"LONG STRING"',
emails: [ { value: 'example#example.example', type: 'account' } ],
objectType: 'person',
id: '123456',
displayName: '',
name: { familyName: '', givenName: '' },
image:
{ url: 'https://lh3.googleusercontent.com/ etc etc',
isDefault: false },
isPlusUser: false,
language: 'en_GB',
circledByCount: 0,
verified: false,
domain: 'example.example' }
I tried fooling around with the API on the API Explorer (https://developers.google.com/apis-explorer/#p/plus/v1/plus.people.get?userId=me) and only needed the 'https://www.googleapis.com/auth/plus.login' scope to get my familyName and givenName.
Perhaps the user that you are requesting the data from does not have a given and family name set?