From 51ec07261d193aa94ed15e397f9c695fb11079a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristi=20V=C3=AEjdea?= <cristi@cvjd.me>
Date: Sat, 24 Mar 2018 13:05:37 +0200
Subject: [PATCH] Improve OAuth2 behaviour and documentation (#90)

* Set OAUTH2_REDIRECT_URL to oauth2-redirect.html by default
* Add example SWAGGER_SETTINGS for OAuth
* Add note about redirect URL
---
 docs/changelog.rst                            |  8 +++++
 docs/conf.py                                  |  2 +-
 docs/security.rst                             | 34 +++++++++++++++++++
 docs/settings.rst                             |  5 ++-
 .../static/drf-yasg/swagger-ui-init.js        | 11 ++++--
 .../templates/drf-yasg/swagger-ui.html        |  2 ++
 6 files changed, 58 insertions(+), 4 deletions(-)

diff --git a/docs/changelog.rst b/docs/changelog.rst
index b28ad57..e0557d6 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -3,6 +3,14 @@ Changelog
 #########
 
 
+*********
+**1.6.0**
+*********
+
+*Release date: Mar 24, 2018*
+
+- **IMPROVED:** ``OAUTH2_REDIRECT_URL`` will now default to the built in ``oauth2-redirect.html`` file
+
 *********
 **1.5.1**
 *********
diff --git a/docs/conf.py b/docs/conf.py
index b9f5f28..af5235e 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -273,7 +273,7 @@ def role_github_user(name, rawtext, text, lineno, inliner, options=None, content
     options = options or {}
     content = content or []
 
-    if not re.match(r"^[a-z\d](?:[a-z\d]|-(?=[a-z\d])){0,38}$", text):
+    if not re.match(r"^[a-z\d](?:[a-z\d]|-(?=[a-z\d])){0,38}$", text, re.IGNORECASE):
         return sphinx_err(inliner, lineno, rawtext, '"%s" is not a valid GitHub username.' % text)
 
     ref = gh_user_uri.format(text)
diff --git a/docs/security.rst b/docs/security.rst
index e172a69..95f6d8a 100644
--- a/docs/security.rst
+++ b/docs/security.rst
@@ -63,3 +63,37 @@ settings described below were added as a result of discussion in issue :issue:`5
 The settings of interest can be found on the :ref:`settings page <oauth2-settings>`. Configuration options are similar
 to most OAuth client setups like web or mobile applications. Reading the relevant ``swagger-ui`` docmentation linked
 will also probably help.
+
+
+Example
+^^^^^^^
+
+A very simple working configuration was provided by :ghuser:`Vigrond`, originally at
+`https://github.com/Vigrond/django_oauth2_example <https://github.com/Vigrond/django_oauth2_example>`_.
+
+
+.. code-block:: python
+
+   SWAGGER_SETTINGS = {
+      'USE_SESSION_AUTH': False,
+      'SECURITY_DEFINITIONS': {
+         'Your App API - Swagger': {
+            'type': 'oauth2',
+            'authorizationUrl': '/yourapp/o/authorize',
+            'tokenUrl': '/yourapp/o/token/',
+            'flow": "accessCode',
+            'scopes': {
+             'read:groups': 'read groups',
+            }
+         }
+      },
+      'OAUTH2_CONFIG': {
+         'clientId': 'yourAppClientId',
+         'clientSecret': 'yourAppClientSecret',
+         'appName': 'your application name'
+      },
+   }
+
+If the OAuth2 provider requires you to provide the full absolute redirect URL, the default value for most
+``staticfiles`` configurations will be ``<origin>/static/drf-yasg/swagger-ui-dist/oauth2-redirect.html``. If this is
+not suitable for some reason, you can override the ``OAUTH2_REDIRECT_URL`` setting as appropriate.
diff --git a/docs/settings.rst b/docs/settings.rst
index 40ee9c8..e8b81d8 100644
--- a/docs/settings.rst
+++ b/docs/settings.rst
@@ -259,7 +259,10 @@ Controls how many levels are expaned by default when showing nested models.
 OAUTH2_REDIRECT_URL
 -------------------
 
-Used when OAuth2 authenitcation of API requests via swagger-ui is desired.
+Used when OAuth2 authenitcation of API requests via swagger-ui is desired. If ``None`` is passed, the
+``oauth2RedirectUrl`` parameter will be set to ``{% static 'drf-yasg/swagger-ui-dist/oauth2-redirect.html' %}``. This
+is the default `https://github.com/swagger-api/swagger-ui/blob/master/dist/oauth2-redirect.html <oauth2-redirect>`_
+file provided by ``swagger-ui``.
 
 **Default**: :python:`None` |br|
 *Maps to parameter*: ``oauth2RedirectUrl``
diff --git a/src/drf_yasg/static/drf-yasg/swagger-ui-init.js b/src/drf_yasg/static/drf-yasg/swagger-ui-init.js
index 5a83468..8c64cfe 100644
--- a/src/drf_yasg/static/drf-yasg/swagger-ui-init.js
+++ b/src/drf_yasg/static/drf-yasg/swagger-ui-init.js
@@ -38,7 +38,7 @@ function initSwaggerUi() {
         ],
         layout: "StandaloneLayout",
         filter: true,
-        requestInterceptor: function(request) {
+        requestInterceptor: function (request) {
             var headers = request.headers || {};
             var csrftoken = document.querySelector("[name=csrfmiddlewaretoken]");
             if (csrftoken) {
@@ -49,8 +49,15 @@ function initSwaggerUi() {
     };
 
     var swaggerSettings = JSON.parse(document.getElementById('swagger-settings').innerHTML);
-    console.log(swaggerSettings);
+    if (!('oauth2RedirectUrl' in swaggerSettings)) {
+        var oauth2RedirectUrl = document.getElementById('oauth2-redirect-url');
+        if (oauth2RedirectUrl) {
+            swaggerSettings['oauth2RedirectUrl'] = oauth2RedirectUrl.href;
+            oauth2RedirectUrl.parentNode.removeChild(oauth2RedirectUrl);
+        }
+    }
 
+    console.log(swaggerSettings);
     for (var p in swaggerSettings) {
         if (swaggerSettings.hasOwnProperty(p)) {
             swaggerConfig[p] = swaggerSettings[p];
diff --git a/src/drf_yasg/templates/drf-yasg/swagger-ui.html b/src/drf_yasg/templates/drf-yasg/swagger-ui.html
index b99327b..c4a9a1e 100644
--- a/src/drf_yasg/templates/drf-yasg/swagger-ui.html
+++ b/src/drf_yasg/templates/drf-yasg/swagger-ui.html
@@ -67,6 +67,8 @@
 <script src="{% static 'drf-yasg/insQ.min.js' %}"></script>
 <script src="{% static 'drf-yasg/swagger-ui-init.js' %}"></script>
 
+<a id="oauth2-redirect-url" href="{% static 'drf-yasg/swagger-ui-dist/oauth2-redirect.html' %}" class="hidden"></a>
+
 <div id="django-session-auth" class="hidden">
     {% if USE_SESSION_AUTH %}
         {% csrf_token %}