Vovchikan
Open Api Spec for bearer Token
I can’t understand where and what i need to write for adding Bearer Token Auth for my API JSON SPEC.
I’ve added security schema in %OpenApiSpex.OpenApi{}
%OpenApi{
servers: [%Server{url: url}],
info: %Info{
title: to_string(Application.spec(:getmsg_api, :description)),
version: to_string(Application.spec(:getmsg_api, :vsn))
},
components: %Components{
securitySchemes: %{"authorization" => %OpenApiSpex.SecurityScheme{
type: "apiKey",
name: "Autorization",
in: "header"}
}
},
# Populate the paths from a phoenix router
paths: Paths.from_router(Router)
}
I’ve added macro security to my Phoenix.Controller. But i don’t understand, what it does.
security [%{}, %{"api_key" => ["write:message", "read:message"]}]
This is one of method from this controller
operation :index,
summary: "List messages",
parameters: [
token: [
in: :header,
name: "Authorization",
schema: %OpenApiSpex.Schema{type: :string},
required: true,
example: "Bearer valid_token"
]],
responses: %{
200 => {"List of messages", "application/json", OpenApi.MessageListResponse},
401 => {"Permission denied", "application/json", OpenApi.PermissionDeniedResponse}
}
def index(conn, _params) do
messages = Msgs.list_all()
render(conn, "index.json", messages: messages)
end
I’m missing something, but don’t know what.
When i’m trying to test method /GET through swaggerui, there is no req_header 'autorization` with value “Bearer some_token_value”
curl from swaggerui
curl -X 'GET' \
'http://localhost:4000/getmsg/api/messages' \
-H 'accept: application/json' \
-H 'x-csrf-token: TCwFJzMqJhoFKAQLClAYIV9ULgwEQD8taKJRWksmULaZ8iJE7akos9GG'
Marked As Solved
Vovchikan
Solved!
Security scheme in OpenApi{} struct and in macro OpenApiSpex.ControllerSpecs.security/1 must have same key (in my case it is “bearerAuth”)! And i had spelling mistake in field name in my security scheme.
%OpenApi{
servers: [%Server{url: url}],
info: %Info{
title: to_string(Application.spec(:getmsg_api, :description)),
version: to_string(Application.spec(:getmsg_api, :vsn))
},
components: %Components{
securitySchemes: %{"bearerAuth" => %OpenApiSpex.SecurityScheme{
type: "apiKey",
name: "Authorization",
in: "header"}
}
},
# Populate the paths from a phoenix router
paths: Paths.from_router(Router)
}
and in controller
security [%{"bearerAuth" => []}]
so correct curl generated
curl -X 'GET' \
'http://localhost:4000/getmsg/api/messages' \
-H 'accept: application/json' \
-H 'Authorization: Bearer SFMyNTY.g2gDYQFuBgCHP8PphgFiAAFRgA.HAuxlwCHIsGcRibuYnWuDaLOcjx_ZB44RdcAwPPy3xA' \
-H 'x-csrf-token: NmQ5ETMwXAAjLSk4ESQYL3E-e3gxdEYgU2siii6NEdvirtMHIG5IaG6T'
Popular in Questions
I have a another noob question about loop. Since elixir is immutable, while loop is not directly possible.
total = 10
while total != 0
...
New
What is the difference between System.get_env and Application.get_env? For example, what are best practices to use one versus another.
New
Hello all!
I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
I’m working on defining a simple Ecto schema for a table (in PostGres), but I don’t see where I can define a column as NOT NULL. Conside...
New
Hello, I have map which I want to convert it to string like this:
the map:
%{last_name: "tavakkoli", name: "shahryar"}
the string I ne...
New
What’s the safe way to decode a JSON string into a struct? I want to avoid calling String.to_atom. Jason.decode can give me a map with st...
New
Original source of discussion: This topic on the Pragmatic Programmers’ Functional Web Development with Elixir, OTP, and Phoenix forum.
...
New
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar.
I p...
New
I would like to know what is the best IDE for elixir development?
New
In asking this question I am more interested about the expressiveness of the language itself and less concerned about the availability of...
New
Other popular topics
I am constructing a JSON object (map) and I need to conditionally set a field. I’m trying to write proper elixir-way code… and I’m at a l...
New
As promised, the first release candidate of Phoenix 1.3.0 is out! This release focuses on code generators with improved project structure...
New
I believe there are people here who are dealing with CSV files import on the daily basis, and since Excel is a really popular tool there ...
New
About me? ( if you have nothing better to do than reading about some random guy in the internet :stuck_out_tongue: )
Hello all, this is ...
New
Good day to you all.
I have been struggling to get a query involving like and ilike to work.
Can anyone assist me on this, please?
pro...
New
i’m a new one to elixir
which editor can i use
vs code? or atom?
Thanks! :smiley:
New
I have VueJS GUIs with the project generated using Webpack.
I have Elixir modules that will need to be used by the VueJS GUIs.
I forese...
New
Original source of discussion: This topic on the Pragmatic Programmers’ Functional Web Development with Elixir, OTP, and Phoenix forum.
...
New
I am going through the kafka architecture. All the features what the kafka is providing are already in Erlang. I would like hear your opi...
New
I would like to know what is the best IDE for elixir development?
New
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #javascript
- #code-sync
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








