swagger-ui icon indicating copy to clipboard operation
swagger-ui copied to clipboard

Published 20 hours ago verified publisher icon swagger-api

authorizeRequest can't parse error responses containing complex objects

Open btonasse opened this issue 5 months ago • 0 comments

Q&A (please complete the following information)

  • OS: Windows and MacOS
  • Browser: Firefox and Chrome
  • Version: Firefox 126, Chrome 128
  • Method of installation: vai FastAPI
  • Swagger-UI version: 5.17.14
  • Swagger/OpenAPI version: OpenAPI 3.1

Content & configuration

Example Swagger/OpenAPI definition:

paths:
  /:
  /token:
    post:
      summary: Login
      operationId: login_token_post
      requestBody:
        content:
          application/x-www-form-urlencoded:
            schema:
              $ref: '#/components/schemas/Body_login_token_post'
        required: true
      responses:
        '200':
          description: Successful Response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Token'
        '422':
          description: Validation Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HTTPValidationError'
components:
  schemas:
    HTTPValidationError:
      properties:
        detail:
          items:
            $ref: '#/components/schemas/ValidationError'
          type: array
          title: Detail
      type: object
      title: HTTPValidationError

Swagger-UI configuration options:

All defaults

Describe the bug you're encountering

If the authorization endpoint returns an error response and that response's body is a complex object (such as an array), Swagger UI will fail to stringify it and the result will be:

swagger_auth_err

If, however, the status code of the response is 200, the response body is correctly stringified:

swagger_if_200

To reproduce...

My API is not public, but any endpoint that returns complex objects in an error response (see schema above) will cause the bug to occur.

Expected behavior

Complex objects in error response

Screenshots

Embedded above

Additional context or thoughts

I believe the issue is here: https://github.com/swagger-api/swagger-ui/blob/master/src/core/plugins/auth/actions.js

If the status code is 200, line #205 is executed and since we have a non-null error property, Swagger correctly identifies the authorization failed and, since response.ok is true, the error is stringified. This is not the case, however, if the status code is an error (such as 422 or 400).

Stack Overflow question: https://stackoverflow.com/questions/78960147/objects-in-error-response-cant-be-parsed-by-swagger-ui

btonasse avatar Sep 09 '24 12:09 btonasse