Swagger: auth token #232

rolweber · 2017-03-08T12:22:22Z

According to swagger.yaml, only /api/kernelspecs requires the auth token.
https://github.com/rolweber/kernel_gateway/blob/e897143cb8ff84a9f52819005524f168675966cb/kernel_gateway/jupyter_websocket/swagger.yaml#L72

I thought it is required for all calls, if configured? Should swagger list the token as a top-level security element? If there are only few calls which do not require the token, it would still be easier to exempt those than to add the token to many calls individually.

The text was updated successfully, but these errors were encountered:

parente · 2017-03-08T12:37:48Z

That was a copy/paste mistake, and PR #227 fixes it. It might be worth calling out in the top level security section how auth is handled globally.

Fix #232: Security requirements in swagger

rolweber mentioned this issue Apr 4, 2017

Update all swagger.json endpoints to support auth token header/query param #236

Closed

parente modified the milestone: 2.0 Apr 18, 2017

parente added a commit to parente/kernel_gateway that referenced this issue May 7, 2017

Fix jupyter-server#232: Security requirements in swagger

74c9bb6

parente mentioned this issue May 7, 2017

Fix #232: Security requirements in swagger #244

Merged

rolweber closed this as completed in #244 May 8, 2017

rolweber added a commit that referenced this issue May 8, 2017

Merge pull request #244 from parente/fix-232-security-section

02ef193

Fix #232: Security requirements in swagger

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Swagger: auth token #232

Swagger: auth token #232

rolweber commented Mar 8, 2017

parente commented Mar 8, 2017

Swagger: auth token #232

Swagger: auth token #232

Comments

rolweber commented Mar 8, 2017

parente commented Mar 8, 2017