Menu
I use these packages (installed via composer)
"swagger-api/swagger-ui": "^3.0",
"zircote/swagger-php": "~2.0|3.*"
In my def controller I have these annotations
/**
* @OA\Info(title="My API", version="0.1")
* @OA\Schemes(format="http")
* @OA\SecurityScheme(
* securityScheme="bearerAuth",
* in="header",
* name="Authorization",
* type="http",
* scheme="Bearer",
* bearerFormat="JWT",
* ),
* @OA\Tag(
* name="Auth",
* description="Auth endpoints",
* )
* @OA\Tag(
* name="Users",
* description="Users endpoints",
* )
*/
class Controller extends BaseController
Then I have method
/**
*
* @OA\Get(
* path="/users",
* operationId="getListOfUsers",
* tags={"Users"},
* description="Get list of users",
* security={{"bearerAuth":{}}},
* @OA\Parameter(
* name="Authorization",
* in="header",
* required=true,
* description="Bearer {access-token}",
* @OA\Schema(
* type="bearerAuth"
* )
* ),
* @OA\Response(
* response=200,
* description="Get list of users.",
* @OA\JsonContent(type="object",
* @OA\Property(property="message", type="string"),
* @OA\Property(property="data", type="array",
* @OA\Items(type="object",
* @OA\Property(property="id", type="integer"),
* @OA\Property(property="name", type="string"),
* @OA\Property(property="email", type="string"),
* ),
* ),
* ),
* ),
* @OA\Response(response=401, description="Unauthorized"),
* @OA\Response(response=404, description="Not Found"),
* )
*
* @return JsonResponse
*/
public function users()
So, when I try to test this route via swagger ui, I am getting error
401, "message": "Unauthenticated."
When I checked header (Firefox), I have not seen
Authorization: Bearer {{access-token}}
but I have my token in
Cookie: XSRF-TOKEN=eyJpdiI6Ik5COUV5Y1ltRTM4eXNsRlpLY2ptTGc9PSIsInZhbHVlIjoiNDFCbG95c1RHSHRFT0IyWWZ4aWFRQVJ6RHhTS1A4SFJiQXp2amlQc3RCUFRUWWs5R3RQQ0ZlakdFNnlvRm50MSIsIm1hYyI6ImM...
Swagger UI does not send header properly. What is wrong in annotations? Thanks
364
Token-based Authentication To retrieve a token via our Swagger UI, send a POST request like the following to the /api-token-auth/ endpoint. Copy the token generated from the response, excluding the quotation marks. Click the Authorize button and enter "Bearer", followed by the token from step 2. Click Authorize.
Tokens can be generated in one of two ways: If Active Directory LDAP or a local administrator account is enabled, then send a 'POST /login HTTP/1.1' API request to retrieve the bearer token. If Azure Active Directory (AAD) is enabled, then the token comes from AAD.
To send a request with the Bearer Token authorization header, you need to make an HTTP request and provide your Bearer Token with the "Authorization: Bearer {token}" header. A Bearer Token is a cryptic string typically generated by the server in response to a login request.
Authorization has nothing to do with XSRF-TOKEN. I also had the same issue and solved it after several hours of googling. Here are the changes you might want to try:
Remove these lines:
* @OA\Parameter(
* name="Authorization",
* in="header",
* required=true,
* description="Bearer {access-token}",
* @OA\Schema(
* type="bearerAuth"
* )
* ),
And change this:
* @OA\SecurityScheme(
* securityScheme="bearerAuth",
* in="header",
* name="Authorization",
* type="http",
* scheme="Bearer",
* bearerFormat="JWT",
* ),
to
* @OA\SecurityScheme(
* securityScheme="bearerAuth",
* in="header",
* name="bearerAuth",
* type="http",
* scheme="bearer",
* bearerFormat="JWT",
* ),
Note that the "Bearer" and "bearer" are differed.
150
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With