Ask a Question
Log In / Sign Up
Resources
Ask a Question
Log In Sign Up

swagger OAuth2

staylor2916396
New Member
‎02-22-2023 02:26 PM
‎02-22-2023 02:26 PM

swagger OAuth2

Hi. I have a node.js api, using swagger. I am trying to add security around each method to authenticate the user. 

Using AWS Cognito user pool to authenticate users.

I am using swagger 2.0.

 

I have securityDefenitions setup in my json:

 

  "securityDefinitions": {
    "Bearer": {
      "type": "oauth2",
      "flow": "accessCode",
    }
  }
also have security setup for all methods:
"security": [],
 
I am not sure I understand the flow correctly, as OAuth2 has 2 basic steps 1)authenticate username/password, send back CODE(authorizationUrl) 2)get JWT from code (tokenUrl)
 
My app is getting the CODE back from the authorizationURL but swagger does not know what to do with the redirect or how to call the tokenUrl to get the JWT.
 
Would like some help so that on my swagger page, user clicks the Authorize button, enter user credentials and grabs the JWT needed to pass in to the header in the api calls.
thanks for any help and guidance
Labels:
0 Kudos
1 REPLY 1
ponelat
Staff
Staff
‎02-23-2023 02:14 AM
‎02-23-2023 02:14 AM

HI @staylor2916396 ,

 

What Swagger library are you using in Node.js? Swagger (and OpenAPI) are about describing your APIs, and then using that definition to do fancy things like routing, validation, etc. 

In Node.js case, I would imagine you'd want to look at something like https://www.passportjs.org/ for handling authentication on the code level. 

 

On another point, having `security: []` doesn't add your security. You need to reference it by name, like `security: [ Bearer: [] ]`. See "Apply Security" in https://swagger.io/docs/specification/authentication/ for some more info there.

 

0 Kudos
Subscribe
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: