Im currently working with Quarkus and Swagger-UI as delivered by quarkus-smallrye-openapi.
We have OIDC from Azure AD as security, which is currently not supported by Swagger-UI (see Swagger-Docs), so I can't add the "real" authorization to swagger.
This means, I can't use Swagger since my endpoints are at least secured with @RolesAllowed
.
We have an endpoint to fetch a mock-security token, but I don't know how to tell swagger to take this token.
Basically I want to tell swagger-ui "Here, I have this token, add it as Authorization: Bearer XXX
to all requests", but I don't know how to do that in Quarkus.
Asked
Active
Viewed 694 times
8
![](../../users/profiles/4558848.webp)
Urr4
- 421
- 5
- 17
-
Please take a look: https://stackoverflow.com/questions/64037662/quarkus-how-to-test-secured-api-endpoints-with-swagger-ui/64053958#64053958 – Ghokun Oct 05 '20 at 07:52
-
You want this token to fetched automatically from OIDC or you want to place it and be used by your APIs in Swagger ? – iabughosh Oct 05 '20 at 07:57
1 Answers
7
- Register security scheme
@Path("/sample")
@SecuritySchemes(value = {
@SecurityScheme(securitySchemeName = "apiKey",
type = SecuritySchemeType.HTTP,
scheme = "Bearer")}
)
public class SampleResource {
- Mark the operation's security requirement with the scheme name registered.
@GET
@SecurityRequirement(name = "apiKey")
String hello() {
![](../../users/profiles/1679317.webp)
Haroon
- 654
- 1
- 5
- 9