I am using API-Platform with JWTs and have created a decorator to allow Swagger to display a /authentication_token endpoint as described by https://api-platform.com/docs/core/jwt/ and to a lesser degree https://api-platform.com/docs/core/openapi/. In addition to providing an email and password, I also need to provide a third parameter which is a UUID which identifies the account the user belongs to. I was able to do so by including the UUID in the body, but I would rather have it included as a header such as X-Account-UUID.
How can this be modified so that Swagger-UI includes this uuid property as a header and not in the body's JSON?
<?php
// api/src/OpenApi/JwtDecorator.php
declare(strict_types=1);
namespace App\OpenApi;
use ApiPlatform\Core\OpenApi\Factory\OpenApiFactoryInterface;
use ApiPlatform\Core\OpenApi\OpenApi;
use ApiPlatform\Core\OpenApi\Model;
final class JwtDecorator implements OpenApiFactoryInterface
{
private $decorated;
public function __construct(OpenApiFactoryInterface $decorated)
{
$this->decorated = $decorated;
}
public function __invoke(array $context = []): OpenApi
{
$openApi = ($this->decorated)($context);
$schemas = $openApi->getComponents()->getSchemas();
/*
echo(json_encode(['class'=>get_class($this), 'methods'=>get_class_methods($this)]));
echo(json_encode(['class'=>get_class($this->decorated), 'methods'=>get_class_methods($this->decorated)]));
echo(json_encode(['class'=>get_class($openApi), 'methods'=>get_class_methods($openApi)]));
echo(json_encode(['class'=>get_class($openApi->getComponents()), 'methods'=>get_class_methods($openApi->getComponents())]));
echo(json_encode(['class'=>get_class($schemas), 'properties'=>$schemas]));
$securitySchemas = $openApi->getComponents()->getSecuritySchemes();
echo(json_encode(['class'=>get_class($securitySchemas), 'properties'=>$securitySchemas]));
$headers = $openApi->getComponents()->getHeaders();
exit(json_encode(['class'=>get_class($headers), 'properties'=>$headers]));
*/
$schemas['Token'] = new \ArrayObject([
'type' => 'object',
'properties' => [
'token' => [
'type' => 'string',
'readOnly' => true,
],
],
]);
$schemas['Credentials'] = new \ArrayObject([
'type' => 'object',
'properties' => [
'email' => [
'type' => 'string',
'example' => 'john.doe@bla.com',
],
'password' => [
'type' => 'string',
'example' => 'secret',
],
'uuid' => [
'type' => 'string',
'in' => 'header',
'example' => '1234abcd-abcd-1234-abcd-123412341234',
],
],
'headers' => [
'uuid' => [
'type' => 'string',
'in' => 'header',
'example' => '1234abcd-abcd-1234-abcd-123412341234',
],
],
]);
$responses = [
'200' => [
'description' => 'Get JWT token',
'content' => [
'application/json' => [
'schema' => [
'$ref' => '#/components/schemas/Token',
],
],
]
]
];
$content = new \ArrayObject([
'application/json' => [
'schema' => [
'$ref' => '#/components/schemas/Credentials',
],
],
]);
$requestBody = new Model\RequestBody('Generate new JWT Token', $content);
$post = new Model\Operation('postCredentialsItem', [], $responses, 'Get JWT token to login.', '', new Model\ExternalDocumentation, [], $requestBody);
$pathItem = new Model\PathItem('JWT Token', null, null, null, null, $post);
$openApi->getPaths()->addPath('/authentication_token', $pathItem);
return $openApi;
}
}
