Skip to content

Client credential flow and multiple schemes #1825

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Dec 18, 2015
Merged

Client credential flow and multiple schemes #1825

merged 5 commits into from
Dec 18, 2015

Conversation

@TomDemeranville
Copy link
Contributor

@TomDemeranville TomDemeranville commented Dec 18, 2015

Added support for client credentials (application) flow
Added support for multiple authentication schemes

To use the client credentials, index.html needs to have

  1. input boxes to receive client id and client secret
  2. handlers that intitialise OAuth correctly on change.

For example, you could replace the explore and apikey inputs in the header with:

  <div class='input'><input placeholder="client id" id="input_clientId" name="clientId" type="text" autocomplete="off"/></div>
  <div class='input'><input placeholder="client secret" id="input_clientSecret" name="clientSecret" type="text" autocomplete="off"/></div>

and add the following javascript to handle updates within the initialisation block (replacing the apikey javascript):

  function updateOauth(){
      initOAuth({
          clientId: $('#input_clientId')[0].value,
          clientSecret: $('#input_clientSecret')[0].value,
          realm: "blank",
          appName: "blank"
      });
  }

  $('#input_clientId').change(updateOauth);
  $('#input_clientSecret').change(updateOauth);

These examples could be incorporated into the swagger index.html file if required (or a new example created)

Issues - displaying multiple schemes could be improved. Currently the UI is unaware that a particular scheme is required for a call so displays all scopes as options. Will require work on core swagger ui and templates to make scheme available to swagger-oauth.js

@TomDemeranville
Added support for OAuth client credentials (application) flow
b745779 
Added support for multiple authentication schemes

To use the client credentials, index.html needs to have
1. input boxes to recieve client id and client secret
2. handlers that intitialse OAuth correctly on change.

For example, you could replace the explore and apikey inputs in the header with:

      <div class='input'><input placeholder="client id" id="input_clientId" name="clientId" type="text" autocomplete="off"/></div>
      <div class='input'><input placeholder="client secret" id="input_clientSecret" name="clientSecret" type="text" autocomplete="off"/></div>

and add the following javascrip to handle updates within the initialisation block (replacing the apikey javascript):

      function updateOauth(){
          initOAuth({
              clientId: $('#input_clientId')[0].value,
              clientSecret: $('#input_clientSecret')[0].value,
              realm: "blank",
              appName: "blank"
          });
      }

      $('#input_clientId').change(updateOauth);
      $('#input_clientSecret').change(updateOauth);
@TomDemeranville
Added support for client credentials (application) flow
bfc33ec 
Added support for multiple authentication schemes

To use the client credentials, index.html needs to have
1. input boxes to receive client id and client secret
2. handlers that intitialise OAuth correctly on change.

For example, you could replace the explore and apikey inputs in the header with:

      <div class='input'><input placeholder="client id" id="input_clientId" name="clientId" type="text" autocomplete="off"/></div>
      <div class='input'><input placeholder="client secret" id="input_clientSecret" name="clientSecret" type="text" autocomplete="off"/></div>

and add the following javascript to handle updates within the initialisation block (replacing the apikey javascript):

      function updateOauth(){
          initOAuth({
              clientId: $('#input_clientId')[0].value,
              clientSecret: $('#input_clientSecret')[0].value,
              realm: "blank",
              appName: "blank"
          });
      }

      $('#input_clientId').change(updateOauth);
      $('#input_clientSecret').change(updateOauth);

These examples could be incorporated into the swagger index.html file if required (or a new example created)

Issues - displaying multiple schemes could be improved.  Currently the UI is unaware that a particular scheme is required for a call so displays all scopes as options.  Will require work on core swagger ui and templates to make scheme available to swagger-oauth.js
@TomDemeranville
fixed display of OAuth scheme in dialog if more than one scheme
3f9b178
@TomDemeranville
added selector back in
04c23c4
This was referenced Dec 18, 2015
Closed
Closed
@fehguy fehguy merged commit 7fca3bd into swagger-api:master Dec 18, 2015
@fehguy fehguy modified the milestone: v2.1.4 Jan 6, 2016
@shupp
Copy link

shupp commented Apr 18, 2016

Is there a working example index.html file of this? I've tried the above suggestion, but the call to the token url never fires.. The authorize interface comes up, but doesn't work since there's no authorize url. Tried 2.1.4 and current master. Thanks!

@frol frol mentioned this pull request Nov 24, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v2.1.4

Development

Successfully merging this pull request may close these issues.

3 participants

@TomDemeranville @shupp @fehguy