Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Relative URL not resolved correctly for openIdConnectUrl #231

Open
saamc opened this issue Jun 23, 2023 · 1 comment
Open

Relative URL not resolved correctly for openIdConnectUrl #231

saamc opened this issue Jun 23, 2023 · 1 comment

Comments

@saamc
Copy link

saamc commented Jun 23, 2023

Description

Relative URL for openIdConnectUrl is resolved against webview not against server.

Environment

Extension
Version: v4.18.2

VS Code
Version: 1.79.2
Commit: 695af097c7bd098fbf017ce3ac85e09bbc5dda06
Date: 2023-06-14T08:59:55.818Z
Electron: 22.5.7
Chromium: 108.0.5359.215
Node.js: 16.17.1
V8: 10.8.168.25-electron.0
OS: Linux x64 5.15.0-73-generic snap

Expected behaviour

Preview authorization discovery queries given URL on given server and presents discovered authorization flows.

Actual behaviour

Authorize button opens modal dialog, but no authorization options are shown.

Suspected error

The Developer Tools console shows the following error

main.js:formatted:34041 Refused to connect to 'vscode-webview://1tgqcfmoi217r87r2p5o6ljpmijn5pq81asctfq0f2d4ushsg7pu/auth/realms/myrealm/.well-known/openid-configuration#/' because it violates the document's Content Security Policy.

Obviously, the relative URL given in openIdConnectUrl is resolved against the preview window and not against the server from the servers specification.
Supplying the full absolute URL works.

Unless specified otherwise, all properties that are URLs MAY be relative references as defined by RFC3986. Relative references are resolved using the URLs defined in the Server Object as a Base URI.

Minimal Example

openapi: '3.0.3'
info:
  title: Test
  version: 0.1alpha

servers:
- url: https://my.server.test

components:
  securitySchemes:
    openId:
      type: openIdConnect
      # according to spec, relative URLs are relative to server
      openIdConnectUrl: /auth/realms/myrealm/.well-known/openid-configuration#/

Steps to reproduce

  • create file for minimal example
  • open preview
  • Toggle Developer Tools
  • inspect console error log
@ak1394
Copy link
Collaborator

ak1394 commented Jun 26, 2023

Hi @saamc ! For the Swagger UI Preview we rely on https://github.com/swagger-api/swagger-ui which seems to support relative URLs in openIdConnectUrl per https://swagger.io/docs/specification/authentication/openid-connect-discovery/

I'll see if upgrading to the latest version of SwaggerUI would fix your issue, and will update the ticket with more info.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ak1394 @saamc