在Swagger <token>注释中发布“授权:承载openAPI”

Question

我使用这些包(通过composer安装)

"swagger-api/swagger-ui"："^3.0"， “锆石/swagger-php”：“~2.0\3.*”

在我的def控制器中，我有以下注释

/**
 * @OA\Info(title="My API", version="0.1")
 * @OA\Schemes(format="http")
 * @OA\SecurityScheme(
 *      securityScheme="bearerAuth",
 *      in="header",
 *      name="Authorization",
 *      type="http",
 *      scheme="Bearer",
 *      bearerFormat="JWT",
 * ),
 * @OA\Tag(
 *     name="Auth",
 *     description="Auth endpoints",
 * )
 * @OA\Tag(
 *     name="Users",
 *     description="Users endpoints",
 * )
 */
class Controller extends BaseController

那我就有办法

/**
 * 
 * @OA\Get(
 *      path="/users",
 *      operationId="getListOfUsers",
 *      tags={"Users"},
 *      description="Get list of users",
 *      security={{"bearerAuth":{}}}, 
 *      @OA\Parameter(
 *         name="Authorization",
 *         in="header",
 *         required=true,
 *         description="Bearer {access-token}",
 *         @OA\Schema(
 *              type="bearerAuth"
 *         ) 
 *      ), 
 *      @OA\Response(
 *          response=200,
 *          description="Get list of users.",
 *          @OA\JsonContent(type="object",
 *              @OA\Property(property="message", type="string"),
 *              @OA\Property(property="data", type="array",
 *                  @OA\Items(type="object",
 *                      @OA\Property(property="id", type="integer"),
 *                      @OA\Property(property="name", type="string"),
 *                      @OA\Property(property="email", type="string"),
 *                  ),
 *              ),
 *          ),
 *       ),
 *       @OA\Response(response=401, description="Unauthorized"),
 *       @OA\Response(response=404, description="Not Found"),
 * )
 * 
 * @return JsonResponse
 */
public function users()

所以，当我尝试通过swagger ui测试这个路径时，我会出错。

401，“信息”：“未经认证”

当我检查header (Firefox)时，我还没有看到

授权:承载{访问-令牌}

但我有我的记号

Cookie: XSRF-TOKEN=eyJpdiI6Ik5COUV5Y1ltRTM4eXNsRlpLY2ptTGc9PSIsInZhbHVlIjoiNDFCbG95c1RHSHRFT0IyWWZ4aWFRQVJ6RHhTS1A4SFJiQXp2amlQc3RCUFRUWWs5R3RQQ0ZlakdFNnlvRm50MSIsIm1hYyI6ImM...

Swagger用户界面不能正确发送标头。注解有什么问题？谢谢

Answer 1

授权与XSRF令牌无关。我也有同样的问题，并解决了几个小时谷歌搜索。下面是您可能要尝试的更改：

移除以下线条：

 *      @OA\Parameter(
 *         name="Authorization",
 *         in="header",
 *         required=true,
 *         description="Bearer {access-token}",
 *         @OA\Schema(
 *              type="bearerAuth"
 *         ) 
 *      ), 

并改变这一点：

 * @OA\SecurityScheme(
 *      securityScheme="bearerAuth",
 *      in="header",
 *      name="Authorization",
 *      type="http",
 *      scheme="Bearer",
 *      bearerFormat="JWT",
 * ),

至

* @OA\SecurityScheme(
*      securityScheme="bearerAuth",
*      in="header",
*      name="bearerAuth",
*      type="http",
*      scheme="bearer",
*      bearerFormat="JWT",
* ),

请注意，“承担者”和“承担者”是不同的。