Flasgger -添加承载授权

Question

我正在运行一个烧瓶应用程序，并使用flasgger生成Swagger规范以及Swagger。我的API要求使用承载令牌对请求进行身份验证。我能够在页面上得到按钮并设置令牌。但它不是通过请求发送的。我使用的是OpenAPI 3.0.3。下面是我的代码：

from flasgger import Swagger

swagger_template = {
    'components': {
        'securitySchemes': {
            'bearerAuth': {
                'type': 'http',
                'scheme': 'bearer',
                'bearerFormat': 'JWT'
            }
        },
        'security': {
            'bearerAuth': []
        }
    }
}

# Register controllers
api = Api(app)
swagger = Swagger(app=app, config={
    'headers': [

    ],
    'title': 'Model Design Application API',
    'specs': [
        {
            'endpoint': 'apispec',
            'route': '/apispec.json'
        }
    ],
    'openapi': '3.0.3'
}, template=swagger_template)

这是在Swagger中设置的令牌：

​

​

这就是我在Swagger获得的UI：

​

​

这是生成的apispec.json：

{
  "definitions": {
    "User": {
      "properties": {
        "username": {
          "default": "Steven Wilson", 
          "description": "The name of the user", 
          "type": "string"
        }
      }
    }
  }, 
  "info": {
    "description": "powered by Flasgger", 
    "termsOfService": "/tos", 
    "title": "Model Design Application API", 
    "version": "0.0.1"
  }, 
  "openapi": "3.0.3", 
  "paths": {
    "/profile": {
      "get": {
        "description": "It works also with swag_from, schemas and spec_dict<br/>", 
        "responses": {
          "200": {
            "description": "A single user item", 
            "schema": {
              "$ref": "#/definitions/User"
            }
          }
        }, 
        "summary": "This examples uses FlaskRESTful Resource"
      }
    }
  }, 
  "security": {
    "bearerAuth": []
  }, 
  "securitySchemes": {
    "bearerAuth": {
      "bearerFormat": "JWT", 
      "scheme": "bearer", 
      "type": "http"
    }
  }
}

请指点。任何帮助都是非常感谢的。

Answer 1

要在Flasgger API中添加标头，请执行以下更改：

SWAGGER_TEMPLATE = {"securityDefinitions": {"APIKeyHeader": {"type": "apiKey", "name": "x-access-token", "in": "header"}}}

swagger = Swagger(app, template=SWAGGER_TEMPLATE)

在这里，x-access-token是我们头中的密钥名。您可以根据需要更改此名称。之后，我们需要在我们的.yml文件中添加这个头。我们的.yml文件将如下所示：

summary: "Put your summery here."
description: "Put your description here."
consumes:
- "application/json"
produces:
- "application/json"
security:
- APIKeyHeader: ['x-access-token']
responses:
  200:
    description: "Success"

Answer 2

检查这里的工作代码

template = {
    "swagger": "2.0",
    "info": {
        "title": XYZ API Docs",
        "description": "API Documentation for XYZ Application",
        "contact": {
            "responsibleOrganization": "",
            "responsibleDeveloper": "",
            "email": "XYZ@XYZ.com",
            "url": "XYZ.com",
        },
        "termsOfService": "XYZ .com",
        "version": "1.0"
    },
    "basePath": "/api/v1",  # base bash for blueprint registration
    "schemes": [
        "http",
        "https"
    ],
    "securityDefinitions": {
        "Bearer": {
            "type": "apiKey",
            "name": "Authorization",
            "in": "header",
            "description": "\
            JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\""
        }
    },
    "security": [
        {
            "Bearer": []
        }
    ]
}

swagger_config = {
    "headers": [

        ],
    "specs": [
        {
            "endpoint": 'apispec',
            "route": '/apispec.json',
            "rule_filter": lambda rule: True,  # all in
            "model_filter": lambda tag: True,  # all in
        }
    ],
    "static_url_path": "/flasgger_static",
    "swagger_ui": True,
    "specs_route": "/api/v1/apispec"
}