Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
BasicAuth not adding to generated doc (BasicAuth security scheme not working)
See original GitHub issueHello. I use spring-fox 3.0 and spring-boot 2.3.2
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
<version>3.0.0</version>
</dependency>
When i try adding basic authorization to my API descpription this is not working (no securityScheme block added to generated doc). I use springfox.documentation.service.BasicAuth class for aim my goal.
This is my api descpition:
@Configuration
public class SwaggerConfig {
@Bean
public Docket openApi() {
return new Docket(DocumentationType.OAS_30)
.groupName("MYAPI")
.apiInfo(apiInfo())
.select()
.apis(RequestHandlerSelectors.basePackage("com.mypackage"))
.paths(PathSelectors.regex("/.*"))
.build().securitySchemes(Arrays.asList(new BasicAuth("basicAuth")) //THIS IS NOT WORKING. NO securityScheme block generated
.securityContexts(Arrays.asList(securityContext()));
}
private ApiInfo apiInfo() {
return new ApiInfoBuilder()
.title("MYAPI")
.description("My api")
.version("1.0")
.build();
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(Arrays.asList(basicAuthReference()))
.forPaths(PathSelectors.ant("/**"))
.build();
}
private SecurityReference basicAuthReference() {
AuthorizationScope authorizationScope = new AuthorizationScope("basicAuth","basicAuth");
return new SecurityReference("basicAuth", new AuthorizationScope[0]);
}
}
I small research source code and finded this class: springfox.documentation.oas.mappers.SecuritySchemeMapper
next method not covering BasicAuth class!!!
void mapScheme(Map<String, SecurityScheme> map, springfox.documentation.service.SecurityScheme scheme) {
SecurityScheme mapped = null;
SecurityScheme securityScheme = new SecurityScheme()
.extensions(new VendorExtensionsMapper().mapExtensions(scheme.getVendorExtensions()));
if (scheme instanceof HttpAuthenticationScheme) {
mapped = securityScheme
.type(SecurityScheme.Type.HTTP)
.description(scheme.getDescription())
.bearerFormat(((HttpAuthenticationScheme) scheme).getBearerFormat())
.scheme(((HttpAuthenticationScheme) scheme).getScheme());
} else if (scheme instanceof OAuth2Scheme) {
OAuthFlows flows = new OAuthFlows();
Scopes scopes = new Scopes();
((OAuth2Scheme) scheme).getScopes()
.forEach(s -> scopes.addString(s.getScope(), s.getDescription()));
OAuthFlow flow = new OAuthFlow()
.authorizationUrl(((OAuth2Scheme) scheme).getAuthorizationUrl())
.refreshUrl(((OAuth2Scheme) scheme).getRefreshUrl())
.tokenUrl(((OAuth2Scheme) scheme).getTokenUrl())
.scopes(scopes);
switch (((OAuth2Scheme) scheme).getFlowType()) {
case "password":
flows.password(flow);
break;
case "clientCredentials":
flows.clientCredentials(flow);
break;
case "authorizationCode":
flows.authorizationCode(flow);
break;
case "implicit":
default:
flows.implicit(flow);
break;
}
mapped = securityScheme
.type(SecurityScheme.Type.OAUTH2)
.description(scheme.getDescription())
.flows(flows);
} else if (scheme instanceof ApiKey) {
mapped = securityScheme
.type(SecurityScheme.Type.APIKEY)
.name(scheme.getName())
.in(mapIn(((ApiKey) scheme).getPassAs()));
} else if (scheme instanceof OpenIdConnectScheme) {
mapped = securityScheme
.type(SecurityScheme.Type.OPENIDCONNECT)
.name(scheme.getName())
.openIdConnectUrl(((OpenIdConnectScheme) scheme).getOpenIdConnectUrl());
}
if (mapped != null) {
map.put(scheme.getName(), mapped);
}
}
this only accept HttpAuthenticationScheme classes.
When i change BasicAuth to HttpAuthenticationScheme all working fine.
return new Docket(DocumentationType.OAS_30)
.groupName("APIEKD")
.apiInfo(apiInfo())
.select()
.apis(RequestHandlerSelectors.basePackage("com.mypackage"))
.paths(PathSelectors.regex("/.*"))
.build().securitySchemes(Arrays.asList(HttpAuthenticationScheme.BASIC_AUTH_BUILDER.name("basicAuth").description("Basic authorization").build())) //THIS IS WORKING NOW!
.securityContexts(Arrays.asList(securityContext()));
Please fix it or update documentation and delete BasicAuth class from libs. Thank you!
P.S. Swagger2 not working too with BasicAuth
Issue Analytics
- State:
- Created 3 years ago
- Reactions:1
- Comments:5 (1 by maintainers)
Top Results From Across the Web
Basic Authentication - Swagger
The first section, securitySchemes , defines a security scheme named basicAuth (an arbitrary name). This scheme must have type: http and scheme: basic...
Read more >swagger : basic authentication not working - Stack Overflow
You need to add basic Auth to your service. A declaration of the security schemes available to be used in the specification. This...
Read more >Deprecation of Basic authentication in Exchange Online
The username/password isn't sent to the service using Basic, but the Basic Auth header is required to send the session's OAuth token, because ......
Read more >How to authorize Basic Auth requests in Spring Boot Swagger UI
I'm working on a Spring Boot project that you can find in the spring-boot-swagger-ui-basic-auth repository. The project serves a simple API and ...
Read more >Basic Authentication Plugin | Apache Solr Reference Guide 8.1
If blockUnknown does not appear in the security.json file, it will default to false . This has the effect of not requiring authentication...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Use HttpAuthenticationScheme.BASIC_AUTH_BUILDER
Worked Perfect! Thanks a lot.