Swagger Options for Authorization Flow with PKCE

[nwehrli]

We recently wanted to integrate Authorization Flow with PKCE into Swagger from tapir. For this it seems like one needs to call

window.ui.initOAuth({
clientId: "CLIENT_ID",
usePkceWithAuthorizationCodeGrant: true,
scopes: "SCOPES",
});

after SwaggerUIBundle({ ....}) in swagger-initializer.js.

Furthermore, it seems as if there is no support for any general options one would want to pass to SwaggerUIBundle({...}) such as a custom oauth2RedirectUrl option.

Is there any reason, why these kind of options are not realized in SwaggerUIOptions and SwaggerUI?

If not, we would be happy to create a pull request which adds these options as part of SwaggerUIOptions and then adds code to SwaggerUI to inject them into swagger-initializer.js.

[adamw]

There's two ways to approach the problem:

1. extend SwaggerUIOptions to cover the options you mention above. The complication here is that it might be more than just passing a dictionary of values to SwaggerUIBundle, as in your case you also need an additional invocation. So this might get complex quite quickly?
2. only support the basic case OOTB. For anything more complex, you can create an endpoint which serves swagger-initializer.js with your custom content, and add it before the swagger UI endpoints, so that it takes precedence

I understand the extra effort required for 2., but 1. seems like a rabbit hole with never-ending changes.

Maybe a good middle ground would be to include in the options an optional full body of the swagger-initializer that should be served (maybe parametrized with URL to the yaml?), wdyt?