I am using the swagger UI interface to test my node js requests.
I added the Authentication for those requests but when I try them in swagger I have the following issue:
If I add a bearerAuth token in the swagger UI When I click on execute in one of my requests, they are not executed. If I don't put a bearerAuth token my request plays as intended.
To add a token I added those options :
const openApi = OpenAPI({
schema,
info: {
title: '**** API',
version: '1.0.0',
},
components: {
securitySchemes: {
bearerAuth: {
type: 'http',
scheme: 'bearer',
bearerFormat: 'JWT',
},
},
},
security: {
bearerAuth: [],
},
});
security must be an array:
security: [
{ bearerAuth: [] }
],
Related
Here is Swagger has been setup in our backend and prior it was working just fine but today for certain unknown reasons I can't seem to figure out it stopped working and when we visit our endpoint locally we just get a blank page and the tab loader just keeps spinning
const options = {
definition: {
openapi: "3.0.0",
info: {
title: "Docs",
version,
},
compontents: {
securitySchemas: {
bearerAuth: {
type: "http",
scheme: "bearer",
bearerFormat: "JWT",
},
},
},
security: [
{
bearerAuth: [],
},
],
},
apis: ["./backend/api/V1/routes/*.routes.js"],
swaggerOptions: {
url: "/api-docs/swagger.json",
},
};
const openapiSpecification = swaggerJsdoc(options);
function swaggerDocs(app, port) {
app.use("/api-docs", swaggerUi.serve, swaggerUi.setup(openapiSpecification));
app.get("/api-docs.json", (req, res) => {
res.setHeader("Content-Type", "application/json");
res.send(openapiSpecification);
});
logger.info(`Swagger docs are running at http://localhost:${port}/api-docs`);
}
module.exports = {
swaggerDocs,
};
Here are the various package versions we are using
"swagger-jsdoc": "^6.2.1",
"swagger-ui-express": "^4.5.0",
Look Like you are missing info of version here:
info: {
title: "Docs",
version,
}
You can fix that by adding version to it, for example version: "1.0.0"
Let me know if it works or not
I have hosted a Web app in Azure DevOps, the application built with Vue and Nuxt.
#vue/cli 5.0.1 and "nuxt": "^2.15.8". After hosting the web application works fine, I can login, then it navigates me to the listing page. But from there when I refresh the page it's showing this error. Sorry, check with the site admin for error: EISDIR .. in the browser and throwing a 500 Error in the console. In my login response I get only access token, there is no refresh token, could that be an issue? or any other settings in the Azure side? We tried setting this in the azure pm2 serve /home/site/wwwroot --no-daemon --spa. Still it's not working. Everything works fine in my dev environment.
export default {
ssr: false,
head: {
title: 'BBG Returns Self Service',
meta: [
{ charset: 'utf-8' },
{ name: 'viewport', content: 'width=device-width, initial-scale=1' },
{ hid: 'description', name: 'description', content: '' },
{ name: 'format-detection', content: 'telephone=no' },
],
link: [{ rel: 'icon', type: 'image/x-icon', href: '/favicon.ico' }],
},
plugins: ['~/plugins/clearTokens.js'],
components: true,
buildModules: ['#nuxtjs/style-resources'],
env: {
BASE_URL: 'https://my-api-url',
},
publicRuntimeConfig: {
baseURL: process.env.BASE_URL,
},
router: {
mode: 'history',
},
styleResources: {
// scss: ["~assets/scss/main.scss"],
},
modules: ['#nuxtjs/i18n'],
build: { transpile: [/^#storefront-ui/] },
server: {
port: 4200,
},
i18n: {
locales: [
{
code: 'en',
iso: 'en-GB',
name: 'English',
file: 'en.json',
icon: 'uk.svg',
},
{
code: 'de',
iso: 'de-DE',
name: 'Deutsch',
file: 'de.json',
icon: 'de.svg',
},
],
lazy: true,
langDir: 'i18n/',
defaultLocale: 'en',
detectBrowserLanguage: false,
},
target: 'static',
}
If deploying an SPA app, you need to have both:
target: 'static' (the default being 'server')
ssr: false
This removes quite some benefits regarding SEO + performance but at least, you still get all the benefits of the Nuxt DX and ecosystem.
To host it on Azure, you have several approaches, if you're using:
a static app, you can follow this official documentation for Azure Static Web Apps: https://nuxtjs.org/deployments/azure-static-web-apps/
a SSR app, you can follow this one about Azure Portal: https://nuxtjs.org/deployments/azure-portal
The actual issue was the Azure configuration. The resource should be created as Static website, then it will work fine.
Please follow this official documentation to understand How to Deploy in Azure.
https://nuxtjs.org/deployments/azure-static-web-apps/
My script deploys a cloud run service, but after several hours of search i can't find the option to make the service public available.
const auth = new google.auth.GoogleAuth({
keyFile: 'path/to/keyfile.json',
scopes: ['https://www.googleapis.com/auth/cloud-platform'],
});
const authClient = await auth.getClient();
const run = google.run({
version: 'v1',
auth: authClient,
rootUrl: 'https://europe-west6-run.googleapis.com/'
});
const response = await run.namespaces.services.create({
parent: 'namespaces/pace21',
requestBody: {
metadata: {
name: 'my-new-service',
namespace: 'myProject',
annotations: {
'run.googleapis.com/ingress': 'all',
},
},
kind: 'Service',
apiVersion: 'serving.knative.dev/v1',
spec: {
template: {
spec: {
containers: [
{
image: 'europe-west6-docker.pkg.dev/path/to/image',
}
]
}
},
traffic: [{ percent: 100, latestRevision: true }]
}
}
}, {})
I can see an option in the package but I don't know how to apply it.
Thanks #JohnHanley.
The second request to change the policy of the new service is the answer I was searching for. For completion the node script:
const policy_response = await run.projects.locations.services.setIamPolicy({
resource: `projects/${project_id}/locations/europe-west6/services/${service_name}`,
requestBody: {
policy: {
bindings: [
{
role: 'roles/run.invoker',
members: [
'allUsers',
],
},
],
},
},
});
How can I use the prometheus within a LoopBack 4 application
here is a piece of code from the application.ts file
export class BackendV4Application extends BootMixin(ServiceMixin(RepositoryMixin(RestApplication))) {
constructor(options?: ApplicationConfig)
{
options = { ...options, rest: { requestBodyParser: { json: { limit: '6mb' } } } };
super(options);
// Set up dotenv
dotenv.config();
// Set up the base path
this.basePath('/api');
this.api({
openapi: '3.0.0',
info: { title: pkg.name, version: pkg.version },
paths: {},
components: { securitySchemes: SECURITY_SCHEME_SPEC },
servers: [{ url: '/api' }]
});
this.setUpBindings();
There's a component package #loopback/metrics made by LoopBack that implements Prometheus. The Metrics collection for Prometheus documentation page explains how to set it up in the application.
I am using node acl for authorization for my rest end points into my node app.
The the roles based authorization works perfectly fine for the below urls.
acl.allow([{
roles: ['user'],
allows: [{
resources: ['/books/v1/single'],
permissions: ['post'],
},
{
resources: ['/books/v1/book/list'],
permissions: ['get'],
},
]
},
{
roles: ['admin'],
allows: [{
resources: ['/books/v1/list'],
permissions: ['get'],
}
]
}]);
But when I try to add dynamic urls it does not works as expected and gives the error which meant as UnAuthorized Needs more permissions.
acl.allow([{
roles: ['user'],
allows: [{
resources: ['/books/v1/single'],
permissions: ['post'],
},
{
resources: ['/books/v1/book/list'],
permissions: ['get'],
},
]
},
{
roles: ['admin'],
allows: [{
resources: ['/books/v1/list'],
permissions: ['get'],
},
{
resources: ['/books/v1/user/:userID/book/:bookID'],
permissions: ['get', 'put', 'delete'],
},
{
resources: ['/users/v1/list'],
permissions: ['get'],
},
{
resources: ['/users/v1/:userId'],
permissions: ['get', 'post', 'put', 'delete'],
}
]
}]);
So it gives unauthorized error for rest endpoints for dynamic urls i.e. /users/v1/:userId or /books/v1/user/:userID/book/:bookID
Any way/method in which same can implemented using node-acl libraray.
That's because node acl does not actually support hierarchy. It is really just a flat list, so it is explicitly checking for the string to match the resource. This is just a fundamental problem with the package. Since all the functionality is contained in the middleware, and it just isn't extensible there is no way to do what you want with this package without making a change so that it accepts a custom handler to decide what to pass to the middleware check.
Here's an example of the relevant open issue from 2017-08. The lack of funcitonality here is exactly why solutions like PolicyServer and Authress exist which do handle wildcard middleware and dynamic resource hierarchies.