No adding of token in swagger for flask

Question

This is my code:

authorizations = {
    'Basic Auth': {
        'type': 'basic',
        'in': 'header',
        'name': 'Authorization'
    },
}
task_namespace = Namespace('task', security='Authorization', authorizations=authorizations, description='A namespace for tasks')
@task_namespace.route('/')
class TaskGetResource(Resource):
    @jwt_required(refresh=True)
    def get(self):
        user_id = get_jwt_identity()
        return Task.query.filter_by(
                user_id=user_id
            )

WHen I run the flask app and go to the swagger url, I authorize it by email and password and then run the api/task as located in the swagger, but the header token does not get added

Complete code is https://github.com/eadaradhiraj/flask-tasks-jwt

NO i do see the lock icon and I unlock it. It works. But the api that I want to test still doesnot have the bearer token when I `try it out` — Echchama Nayak, Jul 10 '23 at 03:13
I believe you actually want `security="Basic Auth"`, not `security='Authorization'`. — Tim Roberts, Jul 10 '23 at 04:19

Divyessh · Answer 1 · 2023-07-13T09:35:10.250

-1

The security parameter only works with the flask_restx.Api class and not with flask_restx.Namespace class.

So, the best alternative for your use case will be adding this security parameter in the @api.doc() decorator.

You can do that by changing your task.py file as follows:


authorizations = {
    'Basic': {
        'type': 'basic'
    },
}
task_namespace = Namespace('task', authorizations=authorizations, description='A namespace for tasks')

...


@task_namespace.route('/')
@task_namespace.doc(security="Basic")
class TaskGetResource(Resource):
    ...

I hope this helps!

EDIT

You are using "basic" authentication type here - https://swagger.io/docs/specification/2-0/authentication/basic-authentication/

This means that the token will be passed as "Authorization header that contains the Basic word followed by a space and a base64-encoded username:password string"

If you want to implement custom authentication with swagger, you will need to use openapi 3.0, and specify the details in yml file as shown here - any workaround to add token authorization decorator to endpoint at swagger python server stub

edited Jul 13 '23 at 09:35

answered Jul 12 '23 at 14:29

Divyessh

2,540
1
7
24

Token is added. But I get the message `{ "msg": "Missing 'Bearer' type in 'Authorization' header. Expected 'Authorization: Bearer '" }` – Echchama Nayak Jul 13 '23 at 06:03
@EchchamaNayak I have added some edits to answer this. I hope it helps. – Divyessh Jul 13 '23 at 09:35
ok i think my use case would be better off with basic auth. should i remove jwt required? – Echchama Nayak Jul 13 '23 at 18:43
@EchchamaNayak Yes, you can create a basic auth checker for that decoding. You should find some helpful resource in the documentation of Open API for that too. – Divyessh Jul 13 '23 at 19:35

score -1 · Accepted Answer · answered Jul 31 '23 at 07:46

I changed the the code as follows after going through this video:

authorizations = {
'jsonWebToken': {
    'type': 'apiKey',
    'in': 'header',
    'name': 'Authorization'
},
}
task_namespace = Namespace(
    'task',
    authorizations=authorizations
)

@task_namespace.route('/')
class TaskGetResource(Resource):
    @task_namespace.doc(security="jsonWebToken")
    @jwt_required()
    def get(self):
        ....

No adding of token in swagger for flask

2 Answers2

EDIT