From be0e363b8f07813e13a123eec47f6a32e43dc474 Mon Sep 17 00:00:00 2001 From: Sunny Juneja Date: Mon, 24 Aug 2015 17:56:31 -0700 Subject: [PATCH] Check for oauth2 tokens. It appears that Swagger-UI correctly sets an authorization header when added in the interface (api key field). However, if the endpoint has the option "authorizations" set with "oauth2", it will override the value. See https://github.com/ruby-grape/grape-swagger-rails/issues/13. --- spec/dummy/app/api/api.rb | 5 +++++ spec/features/swagger_spec.rb | 17 +++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/spec/dummy/app/api/api.rb b/spec/dummy/app/api/api.rb index 1547f72..9c695d8 100644 --- a/spec/dummy/app/api/api.rb +++ b/spec/dummy/app/api/api.rb @@ -26,5 +26,10 @@ class API < Grape::API request.params.as_json end + desc 'Return oauth2 token', authorizations: { oauth2: [] } + get '/oauth2' do + request.headers.slice('Authorization').as_json + end + add_swagger_documentation end diff --git a/spec/features/swagger_spec.rb b/spec/features/swagger_spec.rb index d4ff60d..dd64c47 100644 --- a/spec/features/swagger_spec.rb +++ b/spec/features/swagger_spec.rb @@ -89,6 +89,23 @@ expect(page).to have_css 'span.string', text: 'dummy' end end + context '#api_auth:oauth2' do + before do + GrapeSwaggerRails.options.api_auth = 'bearer' + GrapeSwaggerRails.options.api_key_name = 'Authorization' + GrapeSwaggerRails.options.api_key_type = 'header' + visit '/swagger' + end + it 'adds a token when the route specifies oauth2 authorization' do + page.execute_script("$('#input_apiKey').val('token')") + page.execute_script("$('#input_apiKey').trigger('change')") + find('#endpointListTogger_oauth2', visible: true).click + first('a[href="#!/oauth2/GET_api_oauth2_format"]', visible: true).click + click_button 'Try it out!' + expect(page).to have_css 'span.attribute', text: 'Authorization' + expect(page).to have_css 'span.string', text: 'Bearer token' + end + end context '#before_filter' do before do GrapeSwaggerRails.options.before_filter do |_request|