openapi-ts
openapi-ts copied to clipboard
hey-api
Localhost Self Signed SSL cert fails to download swagger.json
Description
I have a .NETCore webserver hosting/serving a swagger file that is running on localhost over https with a self signed SSL certificate. But trying to do so I get the following error.
> [email protected] openapi-ts
> openapi-ts --input https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json --output src/Api
{
stack: 'JSONParserError: Error downloading https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json \n' +
'fetch failed\n' +
' at download (C:\\Code\\Contrib\\umbraco-accessibility-reporter\\src\\AccessibilityReporter\\client\\node_modules\\@apidevtools\\json-schema-ref-parser\\dist\\lib\\resolvers\\http.js:113:15)\n' +
' at process.processTicksAndRejections (node:internal/process/task_queues:95:5)',
code: 'ERESOLVER',
name: 'ResolverError',
message: 'Error downloading https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json \n' +
'fetch failed',
source: 'https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json',
path: null,
toJSON: [Function: toJSON],
footprint: 'null+https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json+ERESOLVER+Error downloading https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json \n' +
'fetch failed',
toString: [Function: toString]
}
OpenAPI specification (optional)
{
"openapi": "3.0.1",
"info": {
"title": "Accessibility Reporter Package API",
"version": "1.0"
},
"paths": {
"/umbraco/accessibilityreporter/api/v1/config/current": {
"get": {
"tags": [
"Config"
],
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"type": "array",
"items": {
"oneOf": [
{
"$ref": "#/components/schemas/NodeSummary"
}
]
}
}
},
"text/json": {
"schema": {
"type": "array",
"items": {
"oneOf": [
{
"$ref": "#/components/schemas/NodeSummary"
}
]
}
}
},
"text/plain": {
"schema": {
"type": "array",
"items": {
"oneOf": [
{
"$ref": "#/components/schemas/NodeSummary"
}
]
}
}
}
}
},
"401": {
"description": "The resource is protected and requires an authentication token"
}
},
"security": [
{
"Backoffice User": []
}
]
}
},
"/umbraco/accessibilityreporter/api/v1/pages": {
"get": {
"tags": [
"Directory"
],
"responses": {
"200": {
"description": "Success",
"content": {
"application/json": {
"schema": {
"type": "array",
"items": {
"oneOf": [
{
"$ref": "#/components/schemas/NodeSummary"
}
]
}
}
},
"text/json": {
"schema": {
"type": "array",
"items": {
"oneOf": [
{
"$ref": "#/components/schemas/NodeSummary"
}
]
}
}
},
"text/plain": {
"schema": {
"type": "array",
"items": {
"oneOf": [
{
"$ref": "#/components/schemas/NodeSummary"
}
]
}
}
}
}
},
"401": {
"description": "The resource is protected and requires an authentication token"
}
},
"security": [
{
"Backoffice User": []
}
]
}
}
},
"components": {
"schemas": {
"NodeSummary": {
"required": [
"docTypeAlias",
"guid",
"id",
"name",
"url"
],
"type": "object",
"properties": {
"guid": {
"type": "string",
"format": "uuid",
"readOnly": true
},
"id": {
"type": "integer",
"format": "int32",
"readOnly": true
},
"name": {
"type": "string",
"readOnly": true
},
"docTypeAlias": {
"type": "string",
"readOnly": true
},
"url": {
"type": "string"
}
},
"additionalProperties": false
}
},
"securitySchemes": {
"Backoffice User": {
"type": "oauth2",
"description": "Umbraco Authentication",
"flows": {
"authorizationCode": {
"authorizationUrl": "/umbraco/management/api/v1/security/back-office/authorize",
"tokenUrl": "/umbraco/management/api/v1/security/back-office/token",
"scopes": {}
}
}
}
}
}
}
Configuration
openapi-ts --input https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json --output src/Api
System information (optional)
OS: Windows 11
NPM: 10.2.4
Node: 20.11.0
Investigating a little myself, it seems you do not do any fetching of the file and are using @apidevtools/json-schema-ref-parser
So if this package can support passing config, flag to support it would be fab
Now to dig down the rabbit hole of that NPM package's repo 😄
OK seems like can fetch can use rejectUnauthorized: false
https://stackoverflow.com/a/72569955
Now to find the fetch or HTTP call to get the JSON/YML from inside this other package
Bingo found it https://github.com/APIDevTools/json-schema-ref-parser/blob/main/lib/resolvers/http.ts#L120-L125
Leaving my notes here for anyone else reading along, but for now I need sleep.
@warrenbuckley thanks for the bug report. Is this a bug with the underlying json-schema-ref-parser package or ours?
@jordanshatford and @mrlubos its with the dependant package from what I can tell.
@warrenbuckley to help us prioritise, how critical is this? Does it prevent you from using the package altogether?
@mrlubos its an annoyance, as I think I can try to get it to generate a client from localhost using HTTP and without SSL, but it would be nice if it just worked.
If I manage to do a PR to the other package, would you be happy for me to contribute a fix here as well ?
@warrenbuckley you mean JSON schema ref parser? Totally, we spoke about this with Jordan and think it's a reasonable expectation to have this working. We could even fork that package and depend on the fork if they're slow to review changes
As a temporary work around you should be able to use NODE_TLS_REJECT_UNAUTHORIZED=0 openapi-ts.
@Terit I was not able to get that to work for me.
NPM Script
"openapi-ts": "NODE_TLS_REJECT_UNAUTHORIZED=0 openapi-ts --input https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json --output src/Api"
Error Back from Console
> [email protected] openapi-ts
> NODE_TLS_REJECT_UNAUTHORIZED=0 openapi-ts --input https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json --output src/Api
'NODE_TLS_REJECT_UNAUTHORIZED' is not recognized as an internal or external command,
operable program or batch file.
@warrenbuckley Try it with cross-env. It's allowed me to keep my sanity working on Windows with a Linux CI process.
OK thanks @Terit 🥰
For anyone else reading this issue/thread
Install cross-env if your on Windows
npm install --save-dev cross-env
Then updated my script to
"openapi-ts": "cross-env NODE_TLS_REJECT_UNAUTHORIZED=0 openapi-ts --input https://localhost:44312/umbraco/swagger/AccessibilityReporter/swagger.json --output src/Api"
As a temporary work around you should be able to use
NODE_TLS_REJECT_UNAUTHORIZED=0 openapi-ts.
You saved my day with that @Terit 🙏 Do you know if now there is a way to manage self-signed/company-signed certificate properly ?
@Sulray I think the library would have to add a flag to set a path to your cert. That would allow them to do something like this:
let opts = {
method: 'GET',
hostname: "localhost",
port: listener.address().port,
path: '/',
ca: fs.readFileSync("cacert.pem")
};
https.request(opts, (response) => { }).end();
I doubt @mrlubos would prioritize that as the Node flag is a sufficient workaround for most cases.
You're spot on @Terit 😀 it doesn't seem to be a huge pain for people right now given the workaround
@warrenbuckley do you have a self-signed local certificate? If I allowed you to pass custom config options, which values would you need?
@mrlubos I'm running into the same issue now - I'd guess being able to specify a path to a key and a cert might be enough?
@rigtigeEmil does the workaround posted above not work for you? I can also enable what you described
@rigtigeEmil does the workaround posted above not work for you? I can also enable what you described
Yeah it does - I edited my comment above cause i thought it didn't. Turns out you need to run your API locally before it works 🤦
Hey, I am going to close this issue because the workaround is good enough and it's now referenced in the docs https://heyapi.dev/openapi-ts/configuration#input
In fact, Nuxt uses the same disclaimer which convinced me to leave it at that https://nuxt.com/docs/api/utils/dollarfetch
But any further comments are always welcome!