powertools-lambda-python icon indicating copy to clipboard operation
powertools-lambda-python copied to clipboard

Published 20 hours ago verified publisher icon aws-powertools

Bug: swaggerUIRedirectOauth2 null after redirect

Open Thomas-McKanna opened this issue 8 months ago • 4 comments

Expected Behaviour

Complete login flow to generate JWT access token.

Current Behaviour

When I click on "Authorize" button in Swagger UI, the login flow begins and I'm eventually redirected back to a URL like:

https://example.com/v3/swagger?format=oauth2-redirect&code=XXXXXXXX-6ee0-4b21-a78a-1a1d9652df68&state=XXXXXXXXXSAzMCAyMDI0IDE1OjE3OjA0IEdNVC0wNTAwIChDZW50cmFsIERheWxpZ2h0IFRpbWUp

But at this point, the flow fails with a blank page. The HTML for the page is the correct "Redirect" generated HTML, but there is an error in the console like:

TypeError: Cannot read properties of null (reading 'swaggerUIRedirectOauth2')
    at run (swagger?format=oauth2-redirect&code=XXXXXe0-4b21-a78a-1a1d9652df68&state=XXXXXCAyMDI0IDE1OjE3OjA0IEdNVC0wNTAwIChDZW50cmFsIERheWxpZ2h0IFRpbWUp:10:36)
    at HTMLDocument.<anonymous> (swagger?format=oauth2-redirect&code=XXXXX-6ee0-4b21-a78a-1a1d9652df68&state=XXXXXCAyMDI0IDE1OjE3OjA0IEdNVC0wNTAwIChDZW50cmFsIERheWxpZ2h0IFRpbWUp:74:13)

And it seems that no other Javascript is being loaded by the page.

Code snippet

oauth2 = OAuth2Config(
    client_id="CHANGEME",
    app_name="CHANGEME",
)

app = APIGatewayRestResolver(enable_validation=True)
app.enable_swagger(
    path="/swagger",
    oauth2_config=oauth2,
    security_schemes={
        "oauth": OAuth2(
            flows=OAuthFlows(
                authorizationCode=OAuthFlowAuthorizationCode(
                    authorizationUrl="https://CHANGEME/oauth2/authorize",
                    tokenUrl="https://CHANGEME/oauth2/token",
                ),
            ),
        ),
    },
    security=[{"oauth": []}],
)

Possible Solution

I wonder if the swagger_js generated for the main Swagger page is supposed to also be loaded in here, but is not because of the redirect flow resetting the web page (https://docs.powertools.aws.dev/lambda/python/latest/api/event_handler/openapi/swagger_ui/index.html).

Steps to Reproduce

Should be able to use the config I gave in the code snippet, assuming you have an oauth2 identity provider at hand.

Powertools for AWS Lambda (Python) version

latest

AWS Lambda function runtime

3.10

Packaging format used

PyPi

Debugging logs

No response

Thomas-McKanna avatar May 30 '24 20:05 Thomas-McKanna