How to use Basic auth in swagger ui v.3.0

Question

in swagger ui 2.0 it was code

var basicAuth = new SwaggerClient.PasswordAuthorization(\"basicAuth\", username, password);
window.swaggerUi.api.clientAuthoriz         


        

Answer 1

In swagger-ui 3.2x, to manually set Authorization header based on values entered in the authorize popup for basic authentication, we can use below code.

const ui = SwaggerUIBundle({
        dom_id: '#swagger-ui',
        requestInterceptor: (req) => {
        if (!req.loadSpec) {
            var authorized = this.ui.authSelectors.authorized();
            //'Basic_Authentication' is security scheme key for basic authentication in the OpenApi file
            var basicAuth = getEntry(authorized, 'Basic_Authentication');
            if (basicAuth) {
                var basicAuthValue = getEntry(basicAuth, 'value');
                if (basicAuthValue) {
                    var username = getEntry(basicAuthValue, 'username');
                    var password = getEntry(basicAuthValue, 'password');
                    if (username && password) {
                        req.headers.Authorization = "Basic " + btoa(username + ":" + password); 
                    }
                }
            }
        }
        return req;
    }

//traverse through the object structure of swagger-ui authorized object to get value for an entryName
    function getEntry(complexObj, entryName) {
        if (complexObj && complexObj._root && complexObj._root.entries) {
            var objEntries = complexObj._root.entries;
            for (var t = 0; t < objEntries.length; t++) {
                var entryArray = objEntries[t];
                if (entryArray.length > 1) {
                    var name = entryArray[0];
                    if (name === entryName) {
                        return entryArray[1];
                    }
                }
            }
        }

        return null;
        }

Answer 2

In Swagger UI 3.x, fetching specs (.yaml/.json files) protected with Basic auth / API keys is supported in ver. 3.3.2 and later. In your Swagger UI initialization code, define a requestinterceptor that attaches auth headers to the spec fetch request:

<!-- index.html -->

const ui = SwaggerUIBundle({
  url: "http://petstore.swagger.io/v2/swagger.json",

  requestInterceptor: (req) => {
    if (req.loadSpec) {
        // Fetch the spec using Basic auth, replace "user" and "password" with yours
        req.headers.Authorization = 'Basic ' + btoa('user:password');

        // or API key
        // req.headers.MyApiKey = 'abcde12345';

        // or bearer token
        // req.headers.Authorization = 'Bearer abcde12345';
    }
    return req;
  },
  ...
})

Answer 3

I build an index.html with a simple form to fill user credentials to get a session id. Then redirect to swagger.html, for instance, and make some changes.

Before window.onload:

var orgFetch;

window.setExtraHeader = function(sessionId) {
    var system = window.ui.getSystem();

    if(!system) return;

    if(!orgFetch) {
        orgFetch = system.fn.fetch;
    }

    system.fn.fetch = function(obj) {
        if(!obj) return;

        if(!obj.headers) {
            obj.headers = {};
        }

        obj.headers['sessionId'] = sessionId;

        return orgFetch(obj)
            .then(function(fetchRes) {
                return fetchRes;
            });
    }

    system.specActions.download();
}

and then:

window.ui = ui;
window.setExtraHeader(localStorage.getItem("sessionId"));

Source: https://github.com/swagger-api/swagger-ui/issues/2793

Hope this helps.