Swagger-ui: Handling of relative paths in OAuth 2.0 AuthorizationUrl/TokenUrl on authorization actions
| Q | A
| ------------------------------- | -------
| Bug or feature request? | Bug
| Which Swagger/OpenAPI version? | 3.0
| Which Swagger-UI version? | 3.x
| How did you install Swagger-UI? | http://petstore.swagger.io/ or https://editor.swagger.io/
| Which browser & version? | Chrome 62
| Which operating system? | Sierra
Demonstration API definition
Configuration (browser query string, constructor, config.yaml)
Default.
Expected Behavior
Relative paths in AuthorizationUrl or TokenUrl in securitySchemes are treated as relative to the API server URL.
Current Behavior
They are treated as relative to the UI/Editor's server URL.
Possible Solution
- Fix URL here: https://github.com/swagger-api/swagger-ui/blob/v3.6.0/src/core/plugins/auth/actions.js#L145
Context
- We are going to host Web APIs and also OAuth 2.0 authorization endpoints on the same server(domain)
- Original post: https://groups.google.com/d/msg/swagger-swaggersocket/IS6xNL5AEjQ/YfE35QIMAQAJ
yewton
All 4 comments
As I understand it this is the desired behaviour. If you don't want a relative url, ensure that the token or authorisation url begins with '/'. i.e. "/oauth/token"
Zachius
on 30 May 2018
@Zachius We want a URL to be relative to the API server URL, not to the UI/Editor's server URL.
yewton
on 31 May 2018
Is it likely we can get this merged in?
uhrohraggy
on 13 Feb 2020
@shockey Any update on this issue? Can we expect the PR to be merged?
pszalko
on 16 Mar 2020
Related issues
hnthu
路
3Comments
insideshell
路
3Comments
ilnurshax
路
3Comments
DavidBiesack
路
4Comments
easyest
路
3Comments
Most helpful comment
@Zachius We want a URL to be relative to the API server URL, not to the UI/Editor's server URL.