Merge branch 'master' into openapi/merge

2026-01-25 15:22:56 +00:00 · 2020-04-04 19:47:12 +01:00
parent 02cf2e668b 5e2663eb6a
commit e0ed6bb646
9 changed files with 225 additions and 2 deletions
--- a/rswag-ui/lib/generators/rswag/ui/install/templates/rswag-ui.rb
+++ b/rswag-ui/lib/generators/rswag/ui/install/templates/rswag-ui.rb
@@ -7,4 +7,8 @@ Rswag::Ui.configure do |c|
  # then the list below should correspond to the relative paths for those endpoints

  c.swagger_endpoint '/api-docs/v1/swagger.yaml', 'API V1 Docs'
+
+  # Add Basic Auth in case your API is private
+  # c.basic_auth_enabled = true
+  # c.basic_auth_credentials 'username', 'password'
 end
--- a/rswag-ui/lib/rswag/ui/basic_auth.rb
+++ b/rswag-ui/lib/rswag/ui/basic_auth.rb
@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require 'rack/auth/basic'
+
+module Rswag
+  module Ui
+    # Extend Rack HTTP Basic Authentication, as per RFC 2617.
+    # @api private
+    #
+    class BasicAuth < ::Rack::Auth::Basic
+      def call(env)
+        return @app.call(env) unless env_matching_path(env)
+
+        super(env)
+      end
+
+      private
+
+      def env_matching_path(env)
+        path = base_path(env['PATH_INFO'])
+        Rswag::Ui.config.config_object[:urls].find do |endpoint|
+          base_path(endpoint[:url]) == path
+        end
+      end
+
+      def base_path(url)
+        url.downcase.split('/')[1]
+      end
+    end
+  end
+end
--- a/rswag-ui/lib/rswag/ui/configuration.rb
+++ b/rswag-ui/lib/rswag/ui/configuration.rb
@@ -1,9 +1,11 @@
 require 'ostruct'
+require 'rack'

 module Rswag
  module Ui
    class Configuration
      attr_reader :template_locations
+      attr_accessor :basic_auth_enabled
      attr_accessor :config_object
      attr_accessor :oauth_config_object
      attr_reader :assets_root
@@ -20,6 +22,7 @@ module Rswag
        @assets_root = File.expand_path('../../../../node_modules/swagger-ui-dist', __FILE__)
        @config_object = {}
        @oauth_config_object = {}
+        @basic_auth_enabled = false
      end

      def swagger_endpoint(url, name)
@@ -27,9 +30,15 @@ module Rswag
        @config_object[:urls] << { url: url, name: name }
      end

+      def basic_auth_credentials(username, password)
+        @config_object[:basic_auth] = { username: username, password: password }
+      end
+
+      # rubocop:disable Naming/AccessorMethodName
      def get_binding
        binding
      end
+      # rubocop:enable Naming/AccessorMethodName
    end
  end
 end
--- a/rswag-ui/lib/rswag/ui/engine.rb
+++ b/rswag-ui/lib/rswag/ui/engine.rb
@@ -1,4 +1,5 @@
 require 'rswag/ui/middleware'
+require 'rswag/ui/basic_auth'

 module Rswag
  module Ui
@@ -7,6 +8,13 @@ module Rswag

      initializer 'rswag-ui.initialize' do |app|
        middleware.use Rswag::Ui::Middleware, Rswag::Ui.config
+
+        if Rswag::Ui.config.basic_auth_enabled
+          c = Rswag::Ui.config
+          app.middleware.use Rswag::Ui::BasicAuth do |username, password|
+            c.config_object[:basic_auth].values == [username, password]
+          end
+        end
      end

      rake_tasks do