Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allowing user to set "AUTH_TOKEN" in env to download privately hosted schema as well #3677

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

manzarul
Copy link

@manzarul manzarul commented Oct 5, 2024

In certain use cases where OpenAPI specifications reference schemas hosted on private URLs, it's important to support authentication to allow access to these resources. I identified this section of code that resolves schema references. To enable seamless access to private URLs, I propose extending the functionality to include an Authorization header if a user sets an authentication token via an environment variable. This way, when the schema reference is hosted on a private server, users can authenticate by setting the auth token in their environment, allowing the private URL to be accessed.

Description

Allowing user to "AUTH_TOKEN" in env to download privately hosted schema as well.

Motivation and Context

Currently Editor can resolve only ref which is publicly available , but if we add this then it can allow to resolved authenticated url as well.

Not sure!

How Has This Been Tested?

Screenshots (if appropriate):

Types of changes

  • No code changes (changes to documentation, CI, metadata, etc)
  • Dependency changes (any modification to dependencies in package.json)
  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

In certain use cases where OpenAPI specifications reference schemas hosted on private URLs, it's important to support authentication to allow access to these resources. I identified this section of code that resolves schema references. To enable seamless access to private URLs, I propose extending the functionality to include an Authorization header if a user sets an authentication token via an environment variable. This way, when the schema reference is hosted on a private server, users can authenticate by setting the auth token in their environment, allowing the private URL to be accessed.
@manzarul manzarul changed the title Update index.js Allowing user to set "AUTH_TOKEN" in env to download privately hosted schema as well Oct 5, 2024
@char0n
Copy link
Member

char0n commented Nov 29, 2024

Hi @manzarul,

swagger-client is an isomorphic library - it must work in browser and Node.js like environment. Reading environment variables is platform specific thing.

I would say, that what you're trying to achieve if fully possible by using requestInterceptor. Please see the following docs section, and let me know if it resolves your requirement:

@char0n char0n self-assigned this Nov 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants