Support for Bearer / JWT Authentication

  • Resolved ouija

    (@ouija)


    5 years ago

    Hey,

    I have JSON Web Tokens (JWT / Bearer Authentication) enabled on my site, and wanted to share how I managed to allow for this authentication method via your plugin.

    I edited the swaggerauth.php file, and edited the appendSwaggerAuth function to include an additional method for an “apiKey” type (being that the plugin is based on OpenAPI 2.0) as follows:

    public function appendSwaggerAuth( $auth ) {
		if ( ! is_array( $auth ) ) {
			$auth = [];
		}

		$auth['basic'] = array(
			'type' => 'basic'
		);

		$auth['Bearer / JWT'] = array(
			'type' => 'apiKey',
			'name' => 'Authorization',
			'in' => 'header'
		);

		return $auth;
	}

    And this enabled support for passing tokens for authentication, as well as basic auth:

    Note that you need to prepend the token value with “Bearer”, ie: “Bearer <token>”, to get it to work properly.

    However, after realizing basic auth wasn’t working when I had JWT enabled (without also passing a token with basic auth), I came up with an alternate solution to this, but figured I share this solution anyways should anyone else be looking to achieve something similar. ??

    • This topic was modified 5 years ago by ouija. Reason: Added image
    • This topic was modified 5 years ago by ouija.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author agussuroyo

    (@agussuroyo)

    Hi @ouija

    Thanks for your feedback, actually you can use this filter to add more “Available authorizations” fields without edit the plugin directly:

    swagger_api_security_definitions

    it’s accept 1 parameter which is the list of authorizations method in Array format

    Thanks

    Thread Starter ouija

    (@ouija)

    @agussuroyo Awesome! Thanks for the tip and the great plugin!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Support for Bearer / JWT Authentication’ is closed to new replies.