feat: swagger ui persist authorization option (#6877)

Co-authored-by: Antoine Bluchet <[email protected]>
api-platform · Jan 17, 2025 · c97db6b · c97db6b
1 parent a44c38c
commit c97db6b
Show file tree

Hide file tree

Showing 12 changed files with 42 additions and 5 deletions.
diff --git a/src/Laravel/ApiPlatformProvider.php b/src/Laravel/ApiPlatformProvider.php
@@ -777,6 +777,7 @@ public function register(): void
                 contactEmail: $config->get('api-platform.swagger_ui.contact.email', ''),
                 licenseName: $config->get('api-platform.swagger_ui.license.name', ''),
                 licenseUrl: $config->get('api-platform.swagger_ui.license.url', ''),
+                persistAuthorization: $config->get('api-platform.swagger_ui.persist_authorization', false),
                 httpAuth: $config->get('api-platform.swagger_ui.http_auth', []),
             );
         });

diff --git a/src/Laravel/public/init-swagger-ui.js b/src/Laravel/public/init-swagger-ui.js
@@ -45,6 +45,7 @@ window.onload = function() {
         spec: data.spec,
         dom_id: '#swagger-ui',
         validatorUrl: null,
+        persistAuthorization: data.persistAuthorization,
         oauth2RedirectUrl: data.oauth.redirectUrl,
         presets: [
             SwaggerUIBundle.presets.apis,

diff --git a/src/OpenApi/Options.php b/src/OpenApi/Options.php
@@ -13,10 +13,30 @@
 
 namespace ApiPlatform\OpenApi;
 
-final class Options
+final readonly class Options
 {
-    public function __construct(private readonly string $title, private readonly string $description = '', private readonly string $version = '', private readonly bool $oAuthEnabled = false, private readonly ?string $oAuthType = null, private readonly ?string $oAuthFlow = null, private readonly ?string $oAuthTokenUrl = null, private readonly ?string $oAuthAuthorizationUrl = null, private readonly ?string $oAuthRefreshUrl = null, private readonly array $oAuthScopes = [], private readonly array $apiKeys = [], private readonly ?string $contactName = null, private readonly ?string $contactUrl = null, private readonly ?string $contactEmail = null, private readonly ?string $termsOfService = null, private readonly ?string $licenseName = null, private readonly ?string $licenseUrl = null, private bool $overrideResponses = true, private readonly array $httpAuth = [])
-    {
+    public function __construct(
+        private string $title,
+        private string $description = '',
+        private string $version = '',
+        private bool $oAuthEnabled = false,
+        private ?string $oAuthType = null,
+        private ?string $oAuthFlow = null,
+        private ?string $oAuthTokenUrl = null,
+        private ?string $oAuthAuthorizationUrl = null,
+        private ?string $oAuthRefreshUrl = null,
+        private array $oAuthScopes = [],
+        private array $apiKeys = [],
+        private ?string $contactName = null,
+        private ?string $contactUrl = null,
+        private ?string $contactEmail = null,
+        private ?string $termsOfService = null,
+        private ?string $licenseName = null,
+        private ?string $licenseUrl = null,
+        private bool $overrideResponses = true,
+        private bool $persistAuthorization = false,
+        private array $httpAuth = [],
+    ) {
     }
 
     public function getTitle(): string
@@ -113,4 +133,9 @@ public function getOverrideResponses(): bool
     {
         return $this->overrideResponses;
     }
+
+    public function hasPersistAuthorization(): bool
+    {
+        return $this->persistAuthorization;
+    }
 }
diff --git a/src/OpenApi/Tests/Factory/OpenApiFactoryTest.php b/src/OpenApi/Tests/Factory/OpenApiFactoryTest.php
@@ -533,7 +533,7 @@ public function testInvoke(): void
                     'type' => 'query',
                     'name' => 'key',
                 ],
-            ], null, null, null, null, null, null, true, [
+            ], null, null, null, null, null, null, true, true, [
                 'bearer' => [
                     'scheme' => 'bearer',
                     'bearerFormat' => 'JWT',

diff --git a/src/Symfony/Bundle/DependencyInjection/ApiPlatformExtension.php b/src/Symfony/Bundle/DependencyInjection/ApiPlatformExtension.php
@@ -500,6 +500,7 @@ private function registerSwaggerConfiguration(ContainerBuilder $container, array
         $container->setParameter('api_platform.enable_swagger_ui', $config['enable_swagger_ui']);
         $container->setParameter('api_platform.enable_re_doc', $config['enable_re_doc']);
         $container->setParameter('api_platform.swagger.api_keys', $config['swagger']['api_keys']);
+        $container->setParameter('api_platform.swagger.persist_authorization', $config['swagger']['persist_authorization']);
         $container->setParameter('api_platform.swagger.http_auth', $config['swagger']['http_auth']);
         if ($config['openapi']['swagger_ui_extra_configuration'] && $config['swagger']['swagger_ui_extra_configuration']) {
             throw new RuntimeException('You can not set "swagger_ui_extra_configuration" twice - in "openapi" and "swagger" section.');

diff --git a/src/Symfony/Bundle/DependencyInjection/Configuration.php b/src/Symfony/Bundle/DependencyInjection/Configuration.php
@@ -293,6 +293,7 @@ private function addSwaggerSection(ArrayNodeDefinition $rootNode): void
                 ->arrayNode('swagger')
                     ->addDefaultsIfNotSet()
                     ->children()
+                        ->booleanNode('persist_authorization')->defaultValue(false)->info('Persist the SwaggerUI Authorization in the localStorage.')->end()
                         ->arrayNode('versions')
                             ->info('The active versions of OpenAPI to be exported or used in Swagger UI. The first value is the default.')
                             ->defaultValue($supportedVersions)

diff --git a/src/Symfony/Bundle/Resources/config/openapi.xml b/src/Symfony/Bundle/Resources/config/openapi.xml
@@ -59,6 +59,7 @@
             <argument>%api_platform.openapi.license.name%</argument>
             <argument>%api_platform.openapi.license.url%</argument>
             <argument>%api_platform.openapi.overrideResponses%</argument>
+            <argument>%api_platform.swagger.persist_authorization%</argument>
             <argument>%api_platform.swagger.http_auth%</argument>
         </service>
         <service id="ApiPlatform\OpenApi\Options" alias="api_platform.openapi.options" />

diff --git a/src/Symfony/Bundle/Resources/public/init-swagger-ui.js b/src/Symfony/Bundle/Resources/public/init-swagger-ui.js
@@ -45,6 +45,7 @@ window.onload = function() {
         spec: data.spec,
         dom_id: '#swagger-ui',
         validatorUrl: null,
+        persistAuthorization: data.persistAuthorization,
         deepLinking: true,
         oauth2RedirectUrl: data.oauth.redirectUrl,
         presets: [

diff --git a/src/Symfony/Bundle/SwaggerUi/SwaggerUiAction.php b/src/Symfony/Bundle/SwaggerUi/SwaggerUiAction.php
@@ -79,6 +79,7 @@ public function __invoke(Request $request): Response
                 'pkce' => $this->oauthPkce,
             ],
             'extraConfiguration' => $this->swaggerUiContext->getExtraConfiguration(),
+            'persistAuthorization' => $this->openApiOptions->hasPersistAuthorization(),
         ];
 
         $originalRouteParams = $request->attributes->get('_api_original_route_params') ?? [];

diff --git a/src/Symfony/Bundle/SwaggerUi/SwaggerUiProcessor.php b/src/Symfony/Bundle/SwaggerUi/SwaggerUiProcessor.php
@@ -63,6 +63,7 @@ public function process(mixed $openApi, Operation $operation, array $uriVariable
         $swaggerData = [
             'url' => $this->urlGenerator->generate('api_doc', ['format' => 'json']),
             'spec' => $this->normalizer->normalize($openApi, 'json', []),
+            'persistAuthorization' => $this->openApiOptions->hasPersistAuthorization(),
             'oauth' => [
                 'enabled' => $this->openApiOptions->getOAuthEnabled(),
                 'type' => $this->openApiOptions->getOAuthType(),

diff --git a/tests/Symfony/Bundle/DependencyInjection/ConfigurationTest.php b/tests/Symfony/Bundle/DependencyInjection/ConfigurationTest.php
@@ -153,6 +153,7 @@ private function runDefaultConfigTests(array $doctrineIntegrationsToLoad = ['orm
                 'api_keys' => [],
                 'http_auth' => [],
                 'swagger_ui_extra_configuration' => [],
+                'persist_authorization' => false,
             ],
             'eager_loading' => [
                 'enabled' => true,

diff --git a/tests/Symfony/Bundle/SwaggerUi/SwaggerUiActionTest.php b/tests/Symfony/Bundle/SwaggerUi/SwaggerUiActionTest.php
@@ -100,6 +100,7 @@ public static function getInvokeParameters(): iterable
                 'swagger_data' => [
                     'url' => '/url',
                     'spec' => self::SPEC,
+                    'persistAuthorization' => false,
                     'oauth' => [
                         'enabled' => false,
                         'clientId' => '',
@@ -142,6 +143,7 @@ public static function getInvokeParameters(): iterable
                 'swagger_data' => [
                     'url' => '/url',
                     'spec' => self::SPEC,
+                    'persistAuthorization' => false,
                     'oauth' => [
                         'enabled' => false,
                         'clientId' => null,
@@ -201,6 +203,7 @@ public function testDoNotRunCurrentRequest(Request $request): void
             'swagger_data' => [
                 'url' => '/url',
                 'spec' => self::SPEC,
+                'persistAuthorization' => true,
                 'oauth' => [
                     'enabled' => false,
                     'clientId' => '',
@@ -228,7 +231,7 @@ public function testDoNotRunCurrentRequest(Request $request): void
             $urlGeneratorProphecy->reveal(),
             $normalizerProphecy->reveal(),
             $openApiFactoryProphecy->reveal(),
-            new Options('title', '', '1.0.0'),
+            new Options(title: 'title', description: '', version: '1.0.0', persistAuthorization: true),
             new SwaggerUiContext(),
             ['jsonld' => ['application/ld+json']]
         );