Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Swagger-ui oauth2 accesscode flow not working correctly

See original GitHub issue

Hi All,

I started using swagger-ui to use with oauth2 access code flow with interactive facility( Try it out feature) I downloaded latest master version and copied ‘dist’ folder and run ‘live-server’ by mounting to dist folder.It loads my test.yaml file and “Authorize” also will be appeared(But it is showing unlock icon though). Refer unlock-icon.png

Anyway once i click Authorize button, it shows the popup and i can enter client id and secret too. Refer authorize-popup.png

Then once i click Authorize button with correct client id and secret it will open a new window and i can see the generated code with the redirect url. But problem is, it won’t close that window and it remain in the same page. That new window url something like this http://localhost:3200/oauth2-redirect.html?code=fs-QFeYgj-bpXLjs8Fbak2pm2DwZZs0hc4QU0gKV&state=RnJpIEp1biAwMiAyMDE3IDExOjU4OjQ2IEdNVCsxMDAwIChBRVNUKQ%3D%3D

Can you just explain is this something on my code or defect? i spend more than 3 days to fix this issue with several tricks, but didn’t success.

My security definitions on the yaml file looks like follow

securityDefinitions:
  OauthSecurity:
    type: oauth2
    flow: accessCode
    authorizationUrl: https://xxxxxx.xxxxx.xxxx/as/authorization.oauth2
    tokenUrl: https://yyyyy.yyyyy.yyyyy/as/token.oauth2
    grantType: authorization_code
    scopes:
      admin: Admin things

security:
 - OauthSecurity:
    - admin

Thank you very much for your help. Really looking forward for a quick reply 😃 authorize-popup unlock-icon

Issue Analytics

State:
Created 6 years ago
Comments:87 (16 by maintainers)

Top GitHub Comments

2reactions

bodniacommented, Jun 9, 2017

@phenbach security must be an array.

"security": [
		{
			"qud_auth": [
				"qud_user",
				"bb_user"
			]
		}
	]

2reactions

phenbachcommented, Jun 2, 2017

I ran into this problem last night and finally solved this issue but ran into another one. As far as fixing the above try using the oauth2-redirect.html in the dev-helpers folder. You will notice the oauth2.callback on line 39 has a couple of parameters that are needed.

oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});

Unfortunately for me when I attempt to try out the endpoint, my token is not included at all with the curl request. Can you report back if you experience the same issue?