10 function handleLogin() {
13 var auths = window.swaggerUi.api.authSchemes || window.swaggerUi.api.securityDefinitions;
19 if(auth.type === 'oauth2' && auth.scopes) {
22 if(Array.isArray(auth.scopes)) {
25 for(i = 0; i < auth.scopes.length; i++) {
26 scopes.push(auth.scopes[i]);
31 for(scope in auth.scopes) {
32 scopes.push({scope: scope, description: auth.scopes[scope]});
39 if(window.swaggerUi.api
40 && window.swaggerUi.api.info) {
41 appName = window.swaggerUi.api.info.title;
46 '<div class="api-popup-dialog">',
47 '<div class="api-popup-title">Select OAuth2.0 Scopes</div>',
48 '<div class="api-popup-content">',
49 '<p>Scopes are used to grant an application different levels of access to data on behalf of the end user. Each API may declare one or more scopes.',
50 '<a href="#">Learn how to use</a>',
52 '<p><strong>' + appName + '</strong> API requires the following scopes. Select which ones you want to grant to Swagger UI.</p>',
53 '<ul class="api-popup-scopes">',
55 '<p class="error-msg"></p>',
56 '<div class="api-popup-actions"><button class="api-popup-authbtn api-button green" type="button">Authorize</button><button class="api-popup-cancel api-button gray" type="button">Cancel</button></div>',
59 $(document.body).append(popupDialog);
61 popup = popupDialog.find('ul.api-popup-scopes').empty();
62 for (i = 0; i < scopes.length; i ++) {
64 str = '<li><input type="checkbox" id="scope_' + i + '" scope="' + scope.scope + '"/>' + '<label for="scope_' + i + '">' + scope.scope;
65 if (scope.description) {
66 str += '<br/><span class="api-scope-desc">' + scope.description + '</span>';
68 str += '</label></li>';
75 st = $win.scrollTop(),
76 dlgWd = popupDialog.outerWidth(),
77 dlgHt = popupDialog.outerHeight(),
78 top = (dh -dlgHt)/2 + st,
79 left = (dw - dlgWd)/2;
82 top: (top < 0? 0 : top) + 'px',
83 left: (left < 0? 0 : left) + 'px'
86 popupDialog.find('button.api-popup-cancel').click(function() {
93 $('button.api-popup-authbtn').unbind();
94 popupDialog.find('button.api-popup-authbtn').click(function() {
98 var authSchemes = window.swaggerUi.api.authSchemes;
99 var host = window.location;
100 var pathname = location.pathname.substring(0, location.pathname.lastIndexOf("/"));
101 var redirectUrl = host.protocol + '//' + host.host + pathname + '/o2c.html';
104 for (var key in authSchemes) {
105 if (authSchemes.hasOwnProperty(key)) {
106 var flow = authSchemes[key].flow;
108 if(authSchemes[key].type === 'oauth2' && flow && (flow === 'implicit' || flow === 'accessCode')) {
109 var dets = authSchemes[key];
110 url = dets.authorizationUrl + '?response_type=' + (flow === 'implicit' ? 'token' : 'code');
111 window.swaggerUi.tokenName = dets.tokenName || 'access_token';
112 window.swaggerUi.tokenUrl = (flow === 'accessCode' ? dets.tokenUrl : null);
114 else if(authSchemes[key].grantTypes) {
116 var o = authSchemes[key].grantTypes;
118 if(o.hasOwnProperty(t) && t === 'implicit') {
120 var ep = dets.loginEndpoint.url;
121 url = dets.loginEndpoint.url + '?response_type=token';
122 window.swaggerUi.tokenName = dets.tokenName;
124 else if (o.hasOwnProperty(t) && t === 'accessCode') {
126 var ep = dets.tokenRequestEndpoint.url;
127 url = dets.tokenRequestEndpoint.url + '?response_type=code';
128 window.swaggerUi.tokenName = dets.tokenName;
135 var o = $('.api-popup-scopes').find('input:checked');
137 for(k =0; k < o.length; k++) {
138 var scope = $(o[k]).attr('scope');
140 if (scopes.indexOf(scope) === -1)
144 window.enabledScopes=scopes;
146 redirect_uri = redirectUrl;
148 url += '&redirect_uri=' + encodeURIComponent(redirectUrl);
149 url += '&realm=' + encodeURIComponent(realm);
150 url += '&client_id=' + encodeURIComponent(clientId);
151 url += '&scope=' + encodeURIComponent(scopes);
162 function handleLogout() {
163 for(key in window.authorizations.authz){
164 window.authorizations.remove(key)
166 window.enabledScopes = null;
167 $('.api-ic.ic-on').addClass('ic-off');
168 $('.api-ic.ic-on').removeClass('ic-on');
171 $('.api-ic.ic-warning').addClass('ic-error');
172 $('.api-ic.ic-warning').removeClass('ic-warning');
175 function initOAuth(opts) {
179 appName = (o.appName||errors.push('missing appName'));
180 popupMask = (o.popupMask||$('#api-common-mask'));
181 popupDialog = (o.popupDialog||$('.api-popup-dialog'));
182 clientId = (o.clientId||errors.push('missing client id'));
183 realm = (o.realm||errors.push('missing realm'));
185 if(errors.length > 0){
186 log('auth unable initialize oauth: ' + errors);
190 $('pre code').each(function(i, e) {hljs.highlightBlock(e)});
191 $('.api-ic').unbind();
192 $('.api-ic').click(function(s) {
193 if($(s.target).hasClass('ic-off'))
202 function processOAuthCode(data) {
204 'client_id': clientId,
206 'grant_type': 'authorization_code',
207 'redirect_uri': redirect_uri
211 url : window.swaggerUi.tokenUrl,
214 success:function(data, textStatus, jqXHR)
216 onOAuthComplete(data);
218 error: function(jqXHR, textStatus, errorThrown)
225 function onOAuthComplete(token) {
228 var checkbox = $('input[type=checkbox],.secured')
229 checkbox.each(function(pos){
230 checkbox[pos].checked = false;
235 var b = token[window.swaggerUi.tokenName];
237 // if all roles are satisfied
239 $.each($('.auth #api_information_panel'), function(k, v) {
241 if(children && children.childNodes) {
242 var requiredScopes = [];
243 $.each((children.childNodes), function (k1, v1){
244 var inner = v1.innerHTML;
246 requiredScopes.push(inner);
249 for(var i=0; i < requiredScopes.length; i++) {
250 var s = requiredScopes[i];
251 if(window.enabledScopes && window.enabledScopes.indexOf(s) == -1) {
257 $(o.parentNode).find('.api-ic.ic-on').addClass('ic-off');
258 $(o.parentNode).find('.api-ic.ic-on').removeClass('ic-on');
260 // sorry, not all scopes are satisfied
261 $(o).find('.api-ic').addClass('ic-warning');
262 $(o).find('.api-ic').removeClass('ic-error');
266 $(o.parentNode).find('.api-ic.ic-off').addClass('ic-on');
267 $(o.parentNode).find('.api-ic.ic-off').removeClass('ic-off');
269 // all scopes are satisfied
270 $(o).find('.api-ic').addClass('ic-info');
271 $(o).find('.api-ic').removeClass('ic-warning');
272 $(o).find('.api-ic').removeClass('ic-error');
276 window.authorizations.add(oauth2KeyName, new ApiKeyAuthorization('Authorization', 'Bearer ' + b, 'header'));