Add Support for Oauth2 Auth Code Flow with PKCE In Swagger UI

.gitignore

@@ -60,8 +60,6 @@ histograms/
 doc/_build/
 
 # Specifics
-flask_restx/static
-node_modules
 
 # pyenv
 .python-version

flask_restx/__about__.py

@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-__version__ = "1.0.4.dev"
+__version__ = "1.0.3"
 __description__ = (
     "Fully featured framework for fast, easy and documented API development with Flask"
 )

flask_restx/static/droid-sans.css

@@ -0,0 +1,26 @@
+/* droid-sans-400normal - latin */
+@font-face {
+  font-family: 'Droid Sans';
+  font-style: normal;
+  font-display: swap;
+  font-weight: 400;
+  src:
+    local('Droid Sans Regular '),
+    local('Droid Sans-Regular'),
+    url('./files/droid-sans-latin-400.woff2') format('woff2'), /* Super Modern Browsers */
+    url('./files/droid-sans-latin-400.woff') format('woff'); /* Modern Browsers */
+}
+
+/* droid-sans-700normal - latin */
+@font-face {
+  font-family: 'Droid Sans';
+  font-style: normal;
+  font-display: swap;
+  font-weight: 700;
+  src:
+    local('Droid Sans Bold '),
+    local('Droid Sans-Bold'),
+    url('./files/droid-sans-latin-700.woff2') format('woff2'), /* Super Modern Browsers */
+    url('./files/droid-sans-latin-700.woff') format('woff'); /* Modern Browsers */
+}
+

flask_restx/static/oauth2-redirect.html

@@ -0,0 +1,75 @@
+<!doctype html>
+<html lang="en-US">
+<head>
+    <title>Swagger UI: OAuth2 Redirect</title>
+</head>
+<body>
+<script>
+    'use strict';
+    function run () {
+        var oauth2 = window.opener.swaggerUIRedirectOauth2;
+        var sentState = oauth2.state;
+        var redirectUrl = oauth2.redirectUrl;
+        var isValid, qp, arr;
+
+        if (/code|token|error/.test(window.location.hash)) {
+            qp = window.location.hash.substring(1);
+        } else {
+            qp = location.search.substring(1);
+        }
+
+        arr = qp.split("&");
+        arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';});
+        qp = qp ? JSON.parse('{' + arr.join() + '}',
+                function (key, value) {
+                    return key === "" ? value : decodeURIComponent(value);
+                }
+        ) : {};
+
+        isValid = qp.state === sentState;
+
+        if ((
+          oauth2.auth.schema.get("flow") === "accessCode" ||
+          oauth2.auth.schema.get("flow") === "authorizationCode" ||
+          oauth2.auth.schema.get("flow") === "authorization_code"
+        ) && !oauth2.auth.code) {
+            if (!isValid) {
+                oauth2.errCb({
+                    authId: oauth2.auth.name,
+                    source: "auth",
+                    level: "warning",
+                    message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
+                });
+            }
+
+            if (qp.code) {
+                delete oauth2.state;
+                oauth2.auth.code = qp.code;
+                oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
+            } else {
+                let oauthErrorMsg;
+                if (qp.error) {
+                    oauthErrorMsg = "["+qp.error+"]: " +
+                        (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
+                        (qp.error_uri ? "More info: "+qp.error_uri : "");
+                }
+
+                oauth2.errCb({
+                    authId: oauth2.auth.name,
+                    source: "auth",
+                    level: "error",
+                    message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server"
+                });
+            }
+        } else {
+            oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
+        }
+        window.close();
+    }
+
+    window.addEventListener('DOMContentLoaded', function () {
+      run();
+    });
+</script>
+</body>
+</html>

flask_restx/templates/swagger-ui.html

@@ -75,7 +75,9 @@
             ui.initOAuth({
                 clientId: "{{ config.SWAGGER_UI_OAUTH_CLIENT_ID }}",
                 realm: "{{ config.SWAGGER_UI_OAUTH_REALM }}",
-                appName: "{{ config.SWAGGER_UI_OAUTH_APP_NAME }}"
+                appName: "{{ config.SWAGGER_UI_OAUTH_APP_NAME }}",
+                usePkceWithAuthorizationCodeGrant: true
+
             })
             {%- endif %}
         }