8000 Space getting added to oAuth scope while making authorization request · Issue #1913 · springfox/springfox · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Space getting added to oAuth scope while making authorization request #1913
New issue
New issue
Closed
Closed
Space getting added to oAuth scope while making authorization request#1913
Labels
can-use-for-docsmaintenancequestion
Milestone
 
2.8.0
@mojaiq

Description

@mojaiq
mojaiq
opened on Jul 12, 2017

I am using Springfox UI v 2.7.0 and have integrated OAuth authorization successfully with the Swagger UI. However I noticed an issue when I am specifying multiple scopes as part of defining the AuthorizationScopes. It seems that the Http request being made to request Authorization code appends a space to the scope string and this causes the authorization request to fail.
Relevant code snippets are ..

@Configuration
@EnableSwagger2
public class SwaggerConfig {
@Bean
	public Docket postsApi() {
		return new Docket(DocumentationType.SWAGGER_2).groupName("public-api")
				...
				.build()		
				.securitySchemes(Collections.singletonList(oauth()))
		;
	}

@Bean
    SecurityScheme oauth() {
        return new OAuthBuilder()
                .name("OAuth2")
                .scopes(scopes())
                .grantTypes(grantTypes())
                .build();
    }
	
	private List<AuthorizationScope> scopes() {
		List<AuthorizationScope> list = new ArrayList();
		list.add(new AuthorizationScope("scope_write","Grants read and write access to All"));
		list.add(new AuthorizationScope("scope_read","Grants read access to All"));	
		return list;
    }    	

	@Bean
    public SecurityConfiguration securityInfo() {
        return new SecurityConfiguration(clientId, clientSecret, "realm", clientId, "", ApiKeyVehicle.HEADER, "api_key", "");
    }

While selecting a scope for authorization on the Swagger UI, the first scope selected always works as the request is framed correctly. In this case i.e.
http://myauthserver/oauth/authorize?response_type=code&redirect_uri=http://myhost/mycontextpath/webjars/springfox-swagger-ui/o2c.html&realm=realm&client_id=myclientId&scope=scope_write&state=OAuth2

However if I select the second scope from the Swagger UI, then the request gets sent as http://myauthserver/oauth/authorize?response_type=code&redirect_uri=http://localhost:8083/api/v1/xms-pt-routemgmt/webjars/springfox-swagger-ui/o2c.html&realm=realm&client_id=myclientId&scope=%20scope_write&state=OAuth2
This fails the scope match because of a leading space character in the scope.
If I change the scope separator to space or , then that gets appended to the scope. Do I need to mention the scope separator anywhere else apart from security Info in order for the request to be constructed correctly ?

Thanks..

Metadata

Metadata

Assignees

No one assigned

    Labels

    can-use-for-docsmaintenancequestion

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0