1

I am using the springdoc-openapi-ui. I have configured the global headers named Authorization. When I execute the API Authorization is not showing in the CURL of the requests. My other parameters are showing in the CURL except Authorization.

Previously, I was using the springfox-swagger-ui and that time it was showing in CURL section.

I have searched for the same and found Note on https://swagger.io/docs/specification/describing-parameters/#header-parameters Note: Header parameters named Accept, Content-Type and Authorization are not allowed.

But my requirement to use Authorization as header only. Is there any away we can achieve this?

My SwaggerConfiguration is added below.

@Configuration
public class SwaggerConfiguration {

    @Value("${title:title}")
    private String title;
    @Value("${description:description.}")
    private String description;
    @Value("${version:0.0.1}")
    private String version;

    @Value("${schemeId}")
    String schemeIdentifier;

    @Bean
    public OperationCustomizer customGlobalHeaders() {

        return (Operation operation, HandlerMethod handlerMethod) -> {

            Parameter authorization = new Parameter().in(ParameterIn.HEADER.toString()).name("Authorization")
                    .description("Authorization details JWT token")
                    .schema(new StringSchema()).required(true);

            Parameter applicationId = new Parameter().in(ParameterIn.HEADER.toString()).schema(new StringSchema())
                    .name("Application-Id").description("Originating application or client using the service")
                    .required(false);

            operation.addParametersItem(authorization);
            operation.addParametersItem(applicationId);

            return operation;
        };
    }

    @Bean
    public GroupedOpenApi adminApi() {      

        String[] packagesToscan = { "abc.controller" };

        return GroupedOpenApi.builder().setGroup("Client").packagesToScan(packagesToscan).build();
    }

    @Bean
    public OpenAPI customOpenAPI() {
        return new OpenAPI().info(new Info().title(title).version(version).description(description))
                .components(new Components());
    }
}
SSK
  • 3,444
  • 6
  • 32
  • 59
  • You need to use annotations that would generate `securitySchemes` + `security` (if you use OpenAPI 3.0) or `securityDefinitions` + `security` (in OpenAPI 2.0) - that's how the `Authorization` header is defined. – Helen Jun 05 '20 at 06:58
  • Thanks for your time. I got your point. I have 300+ https methods so for each method I need to use annotations and this is quite time consuming. I am looking for generic solutions if any. – SSK Jun 05 '20 at 07:08

1 Answers1

9

I have searched for an answer on the same.
We can not set Authorization as a header with springdoc open api. if we want to use then we need to enable the authorization button on swagger ui.

enter image description here

then it will shows in CURL section as shown below.

enter image description here

code to enable authorization button on swagger in glabal location

@Configuration
public class SwaggerConfiguration {

    @Bean
    public OpenAPI customOpenAPI() {
        return new OpenAPI().info(new 
             Info().title("title").version("version").description("description"))
                .addSecurityItem(new SecurityRequirement().addList("my security"))
                .components(new Components().addSecuritySchemes("my security",
                        new SecurityScheme().name("my 
                 security").type(SecurityScheme.Type.HTTP).scheme("bearer")));
    }
}
SSK
  • 3,444
  • 6
  • 32
  • 59