-
Notifications
You must be signed in to change notification settings - Fork 270
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth2Authentication #1324
Comments
Hi, pretty sure this works if setup properly. Your settings alone are not enough to judge the situation. Have a look at the test implementation. You need both https://github.com/tfranzel/drf-spectacular/blob/master/tests/contrib/test_oauth_toolkit.py https://github.com/tfranzel/drf-spectacular/blob/master/tests/contrib/test_oauth_toolkit.yml |
sry I don't really understand what you are saying. As far as I can see, you are using django-oauth-toolkit and it requires you to use If you are doing some custom stuff there, you would need to write custom extensions for it: https://drf-spectacular.readthedocs.io/en/latest/customization.html#specify-authentication-with-openapiauthenticationextension |
Describe the bug
There is no mark on the protected endpoint => swagger does not transfer the access token when accessing the protected endpoint.
To Reproduce
Expected behavior
Settings:
REST_FRAMEWORK = {
'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
'DEFAULT_AUTHENTICATION_CLASSES': [
'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
],
'DEFAULT_PAGINATION_CLASS': 'apps.utils.pagination.DefaultPagination',
'DEFAULT_FILTER_BACKENDS': [
'django_filters.rest_framework.DjangoFilterBackend',
'rest_framework.filters.SearchFilter',
],
}
OAUTH2_PROVIDER = {
"SCOPES": {
"read": "Read scope",
"write": "Write scope",
"groups": "Access to groups",
},
}
SPECTACULAR_SETTINGS = {
'TITLE': 'Your Project API',
'DESCRIPTION': 'Your project description',
'VERSION': '1.0.0',
'SERVE_INCLUDE_SCHEMA': False,
"SWAGGER_UI_SETTINGS": {
"swagger": "2.0",
"deepLinking": True,
"filter": True,
"persistAuthorization": True,
},
'OAUTH2_FLOWS': ['password'],
'OAUTH2_AUTHORIZATION_URL': 'auth/authorize/',
'OAUTH2_TOKEN_URL': 'auth/token/',
'OAUTH2_REFRESH_URL': 'auth/revoke_token/',
'OAUTH2_SCOPES': 'read write groups',
'SWAGGER_UI_OAUTH2_CONFIG': {
'clientId': env.str('OAUTH2_CLIENTID'),
'clientSecret': env.str('OAUTH2_CLIENTSECRET'),
'appName': env.str('OAUTH2_APPNAME'),
},
}
The text was updated successfully, but these errors were encountered: