Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Authorization header to OpenAPI docs #61

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

flakey5
Copy link
Collaborator

@flakey5 flakey5 commented May 14, 2024

Closes #43

@flakey5 flakey5 requested a review from mcollina May 14, 2024 18:26
@flakey5 flakey5 force-pushed the flakey5/openapi-auth branch 2 times, most recently from b599fa0 to e662307 Compare May 14, 2024 18:34
Copy link
Member

@ivan-tymoshenko ivan-tymoshenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, thank you for the PR. Adding a security schema seems like a correct idea from the spec point of view, but unfortunatelly this would not work with other platformatic openapi tools like client or composer. I think you need to add the authorization header to each route schema.

You will probably need the onRoute hook for that.
https://fastify.dev/docs/latest/Reference/Hooks/#onroute

And add the test for that, please.

index.ts Outdated Show resolved Hide resolved
@flakey5 flakey5 force-pushed the flakey5/openapi-auth branch from e662307 to 6c4abab Compare May 15, 2024 22:50
fastify.route({
url: '/api/v1/prompt',
method: 'POST',
schema: {
security,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again, this is not enough for platformatic openapi tools. They just don't check for the security schemas now. What you need to do it to add an "Authorization" header to the route headers schema.

And I think it's better to use the onRoute hook to intercept app routes that you want to update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add authorization to the OpenAPI spec if the JWT is enabled
2 participants