CODEWITHSUNDEEP
pythondjangooauth-2.0swaggerpython-social-auth
voilalex
voilalex

Reputation: 2615

Integrate python-social-auth to drf-spectacular (Swagger)

I have a Django (DRF) project with OAuth2 based on python-social-auth and Swagger based on drf-spectacular. I need to integrate these two libraries together so that Swagger allow OAuth2 authorization, for example Google OAuth2. I found OAuth2 configuration for drf-spectacular in settings:

SPECTACULAR_SETTINGS = {
    ...
    'SWAGGER_UI_OAUTH2_CONFIG': {
         ...
         # Oauth2 related settings. used for example by django-oauth2-toolkit.
         # https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.3.md#oauth-flows-object
         'OAUTH2_FLOWS': [],
         'OAUTH2_AUTHORIZATION_URL': None,
         'OAUTH2_TOKEN_URL': None,
         'OAUTH2_REFRESH_URL': None,
         'OAUTH2_SCOPES': None,
    },
    ...
}

But I'm not really sure whether it fits me or not. I wrote this in my version of this config, but it appearently has no effect:

'SWAGGER_UI_OAUTH2_CONFIG': {
    'OAUTH2_AUTHORIZATION_URL': 'https://accounts.google.com/o/oauth2/auth',
    'OAUTH2_TOKEN_URL': 'https://accounts.google.com/o/oauth2/token',
    'OAUTH2_SCOPES': ['openid', 'email', 'profile'],
}

Swagger still has no OAuth2. Any idea how to manage it?

Upvotes: 2

Views: 969

Answers (1)

fanny
fanny

Reputation: 1441

I think you mixed scopes with flows and furthermore those keys should belong to SPECTACULAR_SETTINGS dictionary, not to SWAGGER_UI_OAUTH2_CONFIG:

SPECTACULAR_SETTINGS = {
    'OAUTH2_FLOWS': ['password'],
    'OAUTH2_SCOPES': {
                'read': 'Read scope',
                'write': 'Write scope',
            }
}

I cannot explain why there is some duplication of data in SPECTACULAR_SETTINGS and SWAGGER_UI_OAUTH2_CONFIG and indeed the second one seems to have no effect

Upvotes: 0

Related Questions