Wyllys Ingersoll created SYNCOPE-1376:
-----------------------------------------
Summary: swagger-ui server URL incorrect behind ssl reverse proxy
Key: SYNCOPE-1376
URL: https://issues.apache.org/jira/browse/SYNCOPE-1376
Project: Syncope
Issue Type: Bug
Components: documentation
Affects Versions: 2.1.1
Reporter: Wyllys Ingersoll
Im running syncope-core in a container behind an nginx ingress controller. The
browser client hits the ingress URL as HTTPS, which then proxies to the backend
syncope service as HTTP.
When accessing swagger-ui, the server URL that it generates for API testing is
HTTP and not HTTPS, so it is not possible to exercise the APIs ("try it out")
because that URL is hardcoded and cannot be overwritten.
Here is the snippet from the openapi.json to illustrate the problem:
{noformat}
{
"openapi" : "3.0.1",
"info" : {
"title" : "Apache Syncope",
"description" : "Apache Syncope 2.1.2-SNAPSHOT",
"contact" : {
"name" : "The Apache Syncope community",
"url" : "http://syncope.apache.org";,
"email" : "[email protected]"
},
"license" : {
"name" : "Apache 2.0 License",
"url" : "http://www.apache.org/licenses/LICENSE-2.0.html";
},
"version" : "2.1.2-SNAPSHOT"
},
"servers" : [ {
"url" : "http://proxyserver:443/syncope/rest";
^^^^^
!! THIS IS THE PROBLEM !!
} ],
"paths" : {
"/accessTokens/refresh" : {
...
{noformat}
I hit the proxy with the url "https://proxy:443/syncope/swagger";, but the
server URL generated by syncope (or swagger-ui) ignores the "HTTPS" and assumes
HTTP.
I can view all of the API docs, but cannot test them via the UI due to the
server URL being hardcoded. I cannot see how to override or pre-configure the
URL in this environment.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
