swagger-api
Topbar - add support for per-API auth settings
Desired capability
When the Swagger UI configuration includes a urls property the top bar is enabled, so the user can switch between APIs. This has proven quite convenient, but the topbar apparently strips away any auth configuration you might have applied.
I would like to be able to include initial auth settings in the list of APIs:
{
name: 'API Name',
url: 'https:// ...',
auth: {
usePkceWithAuthorizationCodeGrant: true,
clientId: 'string',
scopes: 'string string',
// ... other initial auth settings
}
},
...and have those (re)applied when the API selection changes.
Explanation
Certain auth settings can only be set in the UI. The usePkceWithAuthorizationCodeGrant flag is a good example. Okta requires the use of PKCE when using Authorization Code flow. This means the topbar plugin is incompatible with Okta + auth code flow.
I'm not experienced enough with React/Redux to follow all of the code, but it looks like this occurs in src/plugins/topbar/topbar.jsx:
flushAuthData() {
const { persistAuthorization } = this.props.getConfigs()
if (persistAuthorization)
{
return
}
this.props.authActions.restoreAuthorization({
authorized: {}
})
}
loadSpec = (url) => {
this.flushAuthData()
this.props.specActions.updateUrl(url)
this.props.specActions.download(url)
}
Workaround
If the settings can't be included in the API list, then I can wire up my own selection box instead of using the plugin. But I would need to know what methods to call on the instance to reset everything properly. Is it sufficient to just call SwaggerUIBundle and initOAuth methods again? (If someone clears this up I'll be happy to submit a PR for the docs on this.)
