如何在 Swagger UI 中发送带有请求的自定义标头? [英] How to send custom headers with requests in Swagger UI?

问题描述

我在 API 中有一些端点 - /user/login、/products.

I have some endpoints in the API - /user/login, /products.

在 Swagger UI 中，我将 email 和 password 发布到 /user/login，作为响应，我收到了 令牌字符串.

In Swagger UI I post email and password to /user/login and as a response I receive a token string.

然后，我可以从响应中复制令牌，并希望将其用作 Authorization 请求中的所有 url(如果存在)以及 /products 作为标头值一个例子.

Then, I can copy the token from the response and want to use it as Authorization header value in requests to all urls if it's present, and to /products as an example.

我应该在 Swagger UI 页面的某处手动创建一个文本输入，然后将令牌放在那里并以某种方式注入请求，还是有工具可以更好地管理它?

Should I create a text input manually somewhere on the Swagger UI page, then put the token there and somehow inject in the requests or are there tools to manage it in a better way?

推荐答案

您可以在请求中添加标头参数，Swagger-UI 会将其显示为可编辑的文本框:

You can add a header parameter to your request, and Swagger-UI will show it as an editable text box:

swagger: "2.0"
info:
  version: 1.0.0
  title: TaxBlaster
host: taxblaster.com
basePath: /api
schemes:
- http

paths:

  /taxFilings/{id}:

    get:
      parameters:
      - name: id
        in: path
        description: ID of the requested TaxFiling
        required: true
        type: string
      - name: auth
        in: header
        description: an authorization header
        required: true
        type: string
      responses:
        200:
          description: Successful response, with a representation of the Tax Filing.
          schema:
            $ref: "#/definitions/TaxFilingObject"
        404:
          description: The requested tax filing was not found.

definitions:
  TaxFilingObject:
    type: object
    description: An individual Tax Filing record.
    properties:
      filingID:
        type: string
      year:
        type: string
      period:
        type: integer
      currency:
        type: string
      taxpayer:
        type: object

您还可以添加类型为 apiKey 的安全定义:

You can also add a security definition with type apiKey:

swagger: "2.0"
info:
  version: 1.0.0
  title: TaxBlaster
host: taxblaster.com
basePath: /api
schemes:
- http

securityDefinitions:
  api_key:
    type: apiKey
    name: api_key
    in: header
    description: Requests should pass an api_key header.

security: 
 - api_key: []

paths:

  /taxFilings/{id}:

    get:
      parameters:
      - name: id
        in: path
        description: ID of the requested TaxFiling
        required: true
        type: string

      responses:
        200:
          description: Successful response, with a representation of the Tax Filing.
          schema:
            $ref: "#/definitions/TaxFilingObject"
        404:
          description: The requested tax filing was not found.

definitions:
  TaxFilingObject:
    type: object
    description: An individual Tax Filing record.
    properties:
      filingID:
        type: string
      year:
        type: string
      period:
        type: integer
      currency:
        type: string
      taxpayer:
        type: object

securityDefinitions 对象定义安全方案.

security 对象(在 Swagger–OpenAPI 中称为安全要求")，将安全方案应用于给定的上下文.在我们的例子中，我们通过将安全要求声明为顶级来将其应用于整个 API.我们可以选择在单个路径项和/或方法中覆盖它.

The security object (called "security requirements" in Swagger–OpenAPI), applies a security scheme to a given context. In our case, we're applying it to the entire API by declaring the security requirement a top level. We can optionally override it within individual path items and/or methods.

这将是指定安全方案的首选方式；它替换了第一个示例中的 header 参数.不幸的是，Swagger-UI 没有提供文本框来控制这个参数，至少在我目前的测试中是这样.

This would be the preferred way to specify your security scheme; and it replaces the header parameter from the first example. Unfortunately, Swagger-UI doesn't offer a text box to control this parameter, at least in my testing so far.

这篇关于如何在 Swagger UI 中发送带有请求的自定义标头?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！