Try-it - Otoroshi Header required #358

sadmin91 · 2021-11-30T16:02:25Z

sadmin91
Nov 30, 2021

With Daikoku, I exposed an API hosted on an Otorshi instance.
The swagger of this API referenced autentication Otoroshi headers as required.

When I use the try-it function theses headers are required, is it possible to ignore theses headers with the try-it function?

Answered by Zwiterrion

Dec 1, 2021

I think your openAPI is not right configured. The Otoroshi-Client-Id and Otoroshi-Client-Secret headers have to be pass through the security part of your openAPI and not as a required headers.

You will find a solution on this following pseudo-openAPI. The global idea is to add two possibility of passing your apikey : one with the header Authorization as Basic auth and the other with the two headers Otoroshi-Client-Id and Otoroshi-Client-Secret. With this configuration, Daikoku will expose the swagger fill with the generated testing apikey credentials.

We will work to complete the Daikoku documentation on this subject.

openapi: 3.0.1
info:
  title: PWNED Password API
  version: 1.0.0
serve…

View full answer

Zwiterrion · 2021-12-01T14:44:02Z

Zwiterrion
Dec 1, 2021
Maintainer

I think your openAPI is not right configured. The Otoroshi-Client-Id and Otoroshi-Client-Secret headers have to be pass through the security part of your openAPI and not as a required headers.

You will find a solution on this following pseudo-openAPI. The global idea is to add two possibility of passing your apikey : one with the header Authorization as Basic auth and the other with the two headers Otoroshi-Client-Id and Otoroshi-Client-Secret. With this configuration, Daikoku will expose the swagger fill with the generated testing apikey credentials.

We will work to complete the Daikoku documentation on this subject.

openapi: 3.0.1
info:
  title: PWNED Password API
  version: 1.0.0
servers:
- url: https://xxxxx.xxxx.xx
paths:
  /api/_verify:
    get:
      summary: Verification using query params
      operationId: getVerify
      responses:
        200:
          description: Some Query params have been pwned
          content:
            application/json:
              schema:
                type: object
                items:
                  $ref: '#/components/schemas/QueryResult'
      security:
      - basicAuth: []
      - otoClientId: []
        otoClientSecret: []
components:
  schemas:
    Query:
      type: object
      properties:
        email:
          type: string
        password:
          type: string
        hashed_password:
          type: string
    QueryResult:
      type: object
      required:
      - query
      - email
      - password
      - hashed_password
      properties:
        query:
          type: object
          schema:
            $ref: '#/components/schemas/Query'
        email:
          type: boolean
          default: false
        password:
          type: boolean
          default: false
        hashed_password:
          type: boolean
          default: false
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic
    otoClientId:
      type: apiKey
      name: Otoroshi-Client-Id
      in: header
    otoClientSecret:
      type: apiKey
      name: Otoroshi-Client-Secret
      in: header

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Try-it - Otoroshi Header required #358

{{title}}

Replies: 1 comment

{{title}}

Select a reply

Try-it - Otoroshi Header required #358

sadmin91 Nov 30, 2021

Replies: 1 comment

Zwiterrion Dec 1, 2021 Maintainer

sadmin91
Nov 30, 2021

Zwiterrion
Dec 1, 2021
Maintainer