如何在Swagger编辑器中使用Cookies [英] How to use Cookies in Swagger editor

问题描述

我想记录和测试一个API，该API在 http：//editor.swagger中使用基于Cookie的身份验证。 io / 。举一个简单的例子：如何在下面的YAML中编写代码，/ login操作创建一个Cookie，而该Cookie必须传递给/ showMySecretStuff？

I would like to document and test an API, which uses Cookie-based authetication in http://editor.swagger.io/. To give a simple example: How to write in the following YAML, that /login action creates a Cookie and the Cookie has to be passed to /showMySecretStuff?

swagger: '2.0'
info:
  title: Test API
  version: '1'
host: my.test.com
schemes:
  - https
basePath: /
consumes:
  - multipart/form-data
produces:
  - application/json
paths:
  /login:
    post:
      parameters:
        - name: username
          in: formData
          required: true
          type: string
        - name: password
          in: formData
          required: true
          type: string
          default: secret
      responses:
        200:
          description: OK
  /showMySecretStuff:
    get:
      responses:
        200:
          description: OK

推荐答案

Cookie身份验证为s在OpenAPI 3.0中支持，但在OpenAPI / Swagger 2.0中不支持。

Cookie authentication is supported in OpenAPI 3.0 but not in OpenAPI/Swagger 2.0.

在OpenAPI 3.0中，cookie身份验证定义为在中发送的API密钥： cookie ：

In OpenAPI 3.0, cookie authentication is defined as an API key that is sent in: cookie:

openapi: 3.0.1
...

components:
  securitySchemes:
    cookieAuth:
      type: apiKey
      in: cookie
      name: COOKIE-NAME  # replace with your cookie name

paths:
  /showMySecretStuff:
    get:
      security:
        - cookieAuth: []
      responses:
        '200':
          description: OK

登录操作未链接到 securitySchemes 的任何方式，但出于文档目的，您可能需要定义响应标头 Set-Cookie ：

The login operation is not linked to securitySchemes in any way, but you may want to define the response header Set-Cookie for documentation purposes:

paths:
  /login:
    post:
      requestBody:
        ...
      responses:
        '200':
          description: OK
          headers:
            Set-Cookie:
              description: >
                Contains the session cookie named `COOKIE-NAME`.
                Pass this cookie back in subsequent requests.
              schema: 
                type: string

也就是说，Swagger编辑器和Swagger UI目前不支持Cookie身份验证。查看 OAS 3.0支持待办事项和此问题以进行更新。

That said, Swagger Editor and Swagger UI currently don't support cookie authentication. Check out the OAS 3.0 Support Backlog and this issue for updates.

不过， SwaggerHub 中支持Cookie身份验证。 （披露：SwaggerHub是我工作的公司的产品。）

Cookie auth is supported in SwaggerHub though. (Disclosure: SwaggerHub is a product of the company I work for.)

这篇关于如何在Swagger编辑器中使用Cookies的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！