[TypeScript] Bug: Token Authentication headers missing in typescript-angular and typescript-fetch client stubs

[RS-Sautter]

Description

When I set the accessToken property in the configuration, the token does not get passed to the server with the request headers.

Swagger-codegen version

current version on editor.swagger.io

Related issues/PRs

#5656

[calcypher]

The same problem is present on PHP Client: security OpenAPI tags aren't "translated" into code, so there is no Authorization header on requests. I've produced a Java CLient with the same OpenAPI and I've verified that this code managed Authorization headers. So the problem is for PHP and TypeScript.

Is it possible to include it in this issue or it's necessary to open another issue for PHP?

[RS-Sautter]

Since it is a separate generator I would recommend opening another issue for it.

From: calcypher [email protected] Sent: Wednesday, June 12, 2019 2:14 PM To: swagger-api/swagger-codegen [email protected] Cc: Sautter David 1CoC-TA [email protected]; Author [email protected] Subject: EXT [Newsletter] Re: [swagger-api/swagger-codegen] [TypeScript] Bug: Token Authentication headers missing in typescript-angular and typescript-fetch client stubs (#9493)

The same problem is present on PHP Client: security OpenAPI tags aren't "translated" into code, so there is no Authorization header on requests. I've produced a Java CLient with the same OpenAPI and I've verified that this code managed Authorization headers. So the problem is for PHP and TypeScript.

Is it possible to include it in this issue or it's necessary to open another issue for PHP?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/swagger-api/swagger-codegen/issues/9493?email_source=notifications&email_token=AMDBR4KQCGIP43EB3V7OSXLP2DSB7A5CNFSM4HXGKRSKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODXQGTHY#issuecomment-501246367, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AMDBR4OKDJO2IJVZ5HK7XVDP2DSB7ANCNFSM4HXGKRSA.

[louisl]

I've just run into this problem. What are my short term options for TypeScript with an Open API 3 spec?

This did used to work on with a swagger 2 spec.

[louisl]

FYI, I have found a temporary fix for this.

It appears there's no allowance for bearer auth in the template file however, we can trick it by declaring open auth implicit.

https://github.com/swagger-api/swagger-codegen/blob/570327ea64c53e44d482a8abaffbbf35eaf2d380/modules/swagger-codegen/src/main/resources/typescript-angular/api.service.mustache#L218

My expected process is that you login get a token and supply that token in the header when making requests.

https://swagger.io/docs/specification/authentication/bearer-authentication/

Previously my spec had:-

...
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
security:
  - bearerAuth: []

Adding open auth even though I'm not using it restores expected code generation.

Ref: https://swagger.io/docs/specification/authentication/oauth2/
...
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
    oAuthNoScopes:
      type: oauth2
      flows: 
        implicit: 
          authorizationUrl: https://api.example.com/oauth2/authorize
          scopes: {}
security:
  - bearerAuth: []
  - oAuthNoScopes: []

[ghost]

Maybe it should be isBearer like in ASP?

https://github.com/swagger-api/swagger-codegen/blob/20d863d532998324d1a2d80d9d3e890b2d3184ed/modules/swagger-codegen/src/main/resources/aspnetcore/Startup.mustache#L64

[louisl]

Appears to be fixed for typescript using 3.0.14, I can now drop the oAuthNoScopes workaround. Thanks whoever fixed it.

[lalli-flores]

I'm using generator version v3.0.22 for typescript-fetch, and I'm still seeing having this issue

[humbertowoody]

Hey @lalli-flores i'm running into the same issue, however I found a workaround:

Set your bearer configuration to:

  securitySchemes:
    bearer:
      type: oauth2
      flows: 
        implicit:
          authorizationUrl: https://api.example.com/oauth2/authorize
          scopes: {}

Looking at https://github.com/swagger-api/swagger-codegen/blob/5a6d68716bc5a5f6fda10017ff380c382183d0c0/modules/swagger-codegen/src/main/resources/typescript-fetch/api.mustache#L138 there's clearly an error in which oAuth is the only way to get a working Bearer token. Hopefully this could be fixed, in the meantime you can use the above hack to override it!

Best of luck! :)

[jannis6023]

Hi, may anyone be so nice to fix this issue? It's open since 12th june 2019!!

[kit0kat]

Still not fixed in swagger-codegen-cli-3.0.36 for typescript-fetch. As a workaround you can also use apiKey:

"securitySchemes": {
  "Bearer Token": {
    "type": "apiKey",
    "name": "Authorization",
    "in": "header"
  }
}

I would also appreciate it if HTTP Bearer would work properly.

[maskaravivek]

Yes, it would be great to have a proper fix for it instead of relying on a workaround. Any timelines on when this issue would be fixed? :)

[oharkins]

Any Update to this?

[malloy045]

Yes, it would be great to have a proper fix for it instead of relying on a workaround. Any timelines on when this issue would be fixed? :)

+1

The apiKey workaround doesn't work when your API expects a separate header named apiKey :)

I was able to get unblocked by modifying my swagger.json using the "OAuth2" workaround ("type": "oauth2"), but this isn't sustainable.

[pierre-mike-pge]

I think this is still an issue for me as well

[wisaac407]

Any updates on this? I'm still seeing this issue