Swagger Fails to Access OpenID Configurations #65
Comments
from fastapi import FastAPI, Request, Depends
from fastapi.responses import HTMLResponse
from api.routers import games, scores, analytics
import time
from core.config import settings, swagger_settings, auth_settings
from fastapi_keycloak_middleware import KeycloakConfiguration, setup_keycloak_middleware, get_user
# Set up Keycloak
keycloak_config = KeycloakConfiguration(
url=auth_settings.BH_KEYCLOAK_SERVER_URL,
realm=auth_settings.BH_KEYCLOAK_REALM,
client_id=auth_settings.BH_KEYCLOAK_CLIENT_ID,
client_secret=auth_settings.BH_KEYCLOAK_CLIENT_SECRET,
# Swagger
swagger_client_id=swagger_settings.BH_SWAGGER_CLIENT_ID,
swagger_auth_scopes=swagger_settings.BH_SWAGGER_SCOPES, # Optional
swagger_auth_pkce=True, # Optional
# swagger_scheme_name="keycloak" # Optional
)
app = FastAPI(
title=settings.BH_PROJECT_NAME,
description=f"{settings.BH_PROJECT_NAME} - {settings.BH_ENVIRONMENT} API",
docs_url=None,
redoc_url=None
)
excluded_routes = [
"/status",
"/docs",
"/v1/games/openapi.json",
"/v1/games/redoc",
"/v1/games/docs"
]
# create sub app for game
gameAPI = FastAPI(
title="Baloot Hub - Baloot Game Management API",
description="APIs for managing game scores and details.",
version="1.0"
)
# Added middleware with basic config
setup_keycloak_middleware(
gameAPI,
keycloak_configuration=keycloak_config,
exclude_patterns=excluded_routes,
add_swagger_auth=True,
swagger_auth_scopes=swagger_settings.BH_SWAGGER_SCOPES
)
gameAPI.include_router(analytics.router)
gameAPI.include_router(games.router)
gameAPI.include_router(scores.router)
# https://fastapi.tiangolo.com/advanced/sub-applications/
app.mount(
path="/v1/games",
app=gameAPI
)
@app.get("/")
def read_root(request: Request):
base_url = str(request.base_url)
return {
"about": "This application is a Game Management API built using FastAPI. It provides a set of APIs for managing game scores and details. The API allows users to create, update, and retrieve game scores, as well as manage user profiles. The application is designed to be scalable and easy to integrate with other services.",
"readme": f"{base_url}readme",
"games_docs": f"{base_url}v1/games/docs",
"users_docs": f"{base_url}v1/users/docs"
}
@app.get("/readme", response_class=HTMLResponse)
def read_readme():
with open("README.md", "r") as readme_file:
readme_content = readme_file.read()
return f"<html><body><pre>{readme_content}</pre></body></html>" |
|
@waza-ari appreciate your support |
|
Hi @cs4alhaider, I don't see anything obviously missing - can you just verify that |
|
Hi @waza-ari , The value is correct, I'm using the latest versions |
|
I’ve identified the solution to my issue, which had previously left me puzzled. After a thorough investigation, I now understand the root cause, and I’m pleased to report that it’s fully resolved. Issue Details: 
.. The issue arises because I’m running my stack within Docker, where both FastAPI and Keycloak are on the same Docker network. They communicate internally using the service name, meaning keycloak_baseurl = http://keycloak:8080. However, when loading the Swagger page in a web browser, Swagger tries to fetch the OpenID configurations from Keycloak externally (i.e., from outside the Docker network). .. The fix is straightforward: pass the OpenID base URL explicitly if you’re working in a similar setup where your app and Keycloak are within a Docker network. This approach ensures that Swagger can correctly access the OpenID configurations from an external browser session. Happy coding, everyone! |
|
@waza-ari I'm going to open a PR for this now! |
cs4alhaider
changed the title
Hi,
I have added swagger and all things but not sure why I cant authorise the user while I have added
add_swagger_auth=TrueThe text was updated successfully, but these errors were encountered: