diff --git a/README.md b/README.md index 7c37e7a7..cac96057 100644 --- a/README.md +++ b/README.md @@ -97,7 +97,8 @@ To use swagger-ui's bundles, you should take a look at the [source of swagger-ui #### OAuth2 configuration You can configure OAuth2 authorization by calling `initOAuth` method with passed configs under the instance of `SwaggerUIBundle` -default `client_id` and `client_secret`, `realm`, an application name `appName`, `scopeSeparator`, `additionalQueryStringParams`. +default `client_id` and `client_secret`, `realm`, an application name `appName`, `scopeSeparator`, `additionalQueryStringParams`, +`useBasicAuthenticationWithAccessCodeGrant`. Config Name | Description --- | --- @@ -107,6 +108,7 @@ realm | realm query parameter (for oauth1) added to `authorizationUrl` and `toke appName | application name, displayed in authorization popup. MUST be a string scopeSeparator | scope separator for passing scopes, encoded before calling, default value is a space (encoded value `%20`). MUST be a string additionalQueryStringParams | Additional query parameters added to `authorizationUrl` and `tokenUrl`. MUST be an object +useBasicAuthenticationWithAccessCodeGrant | Only activated for the `accessCode` flow. During the `authorization_code` request to the `tokenUrl`, pass the [Client Password](https://tools.ietf.org/html/rfc6749#section-2.3.1) using the HTTP Basic Authentication scheme (`Authorization` header with `Basic base64encoded[client_id:client_secret]`). The default is `false` ``` const ui = SwaggerUIBundle({...}) diff --git a/src/core/oauth2-authorize.js b/src/core/oauth2-authorize.js index 5d654318..2e36010e 100644 --- a/src/core/oauth2-authorize.js +++ b/src/core/oauth2-authorize.js @@ -68,11 +68,21 @@ export default function authorize ( { auth, authActions, errActions, configs, au // pass action authorizeOauth2 and authentication data through window // to authorize with oauth2 + + let callback + if (flow === "implicit") { + callback = authActions.preAuthorizeImplicit + } else if (authConfigs.useBasicAuthenticationWithAccessCodeGrant) { + callback = authActions.authorizeAccessCodeWithBasicAuthentication + } else { + callback = authActions.authorizeAccessCodeWithFormParams + } + win.swaggerUIRedirectOauth2 = { auth: auth, state: state, redirectUrl: redirectUrl, - callback: flow === "implicit" ? authActions.preAuthorizeImplicit : authActions.authorizeAccessCode, + callback: callback, errCb: errActions.newAuthErr } diff --git a/src/core/plugins/auth/actions.js b/src/core/plugins/auth/actions.js index 772e858c..e0939398 100644 --- a/src/core/plugins/auth/actions.js +++ b/src/core/plugins/auth/actions.js @@ -111,7 +111,7 @@ export const authorizeApplication = ( auth ) => ( { authActions } ) => { return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth, headers }) } -export const authorizeAccessCode = ( { auth, redirectUrl } ) => ( { authActions } ) => { +export const authorizeAccessCodeWithFormParams = ( { auth, redirectUrl } ) => ( { authActions } ) => { let { schema, name, clientId, clientSecret } = auth let form = { grant_type: "authorization_code", @@ -124,6 +124,21 @@ export const authorizeAccessCode = ( { auth, redirectUrl } ) => ( { authActions return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth}) } +export const authorizeAccessCodeWithBasicAuthentication = ( { auth, redirectUrl } ) => ( { authActions } ) => { + let { schema, name, clientId, clientSecret } = auth + let headers = { + Authorization: "Basic " + btoa(clientId + ":" + clientSecret) + } + let form = { + grant_type: "authorization_code", + code: auth.code, + client_id: clientId, + redirect_uri: redirectUrl + } + + return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth, headers}) +} + export const authorizeRequest = ( data ) => ( { fn, authActions, errActions, authSelectors } ) => { let { body, query={}, headers={}, name, url, auth } = data let { additionalQueryStringParams } = authSelectors.getConfigs() || {}