Swagger UI endpoint authorization.

texpert · texpert · commit 161c6e3fe7b3 · 2016-08-16T00:15:29.000+03:00
diff --git a/lib/grape-swagger.rb b/lib/grape-swagger.rb
@@ -32,6 +32,8 @@ def add_swagger_documentation(options = {})
         options = { target_class: self }.merge(options)
         @target_class = options[:target_class]
 
+        use options[:endpoint_auth_wrapper] if !options[:endpoint_auth_wrapper].nil? && options[:endpoint_auth_wrapper].method_defined?(:before)
+
         documentation_class.setup(options)
         mount(documentation_class)
 
diff --git a/lib/grape-swagger/doc_methods.rb b/lib/grape-swagger/doc_methods.rb
@@ -41,6 +41,11 @@ def setup(options)
       end if options[:format]
       # getting of the whole swagger2.0 spec file
       desc api_doc.delete(:desc), api_doc
+
+      unless options[:swagger_endpoint_guard].nil?
+        send(options[:swagger_endpoint_guard].split.first.to_sym, *options[:swagger_endpoint_guard].split(/[\s,]+/).drop(1))
+      end
+
       get mount_path do
         header['Access-Control-Allow-Origin']   = '*'
         header['Access-Control-Request-Method'] = '*'
@@ -104,7 +109,10 @@ def defaults
         authorizations: nil,
         security_definitions: nil,
         api_documentation: { desc: 'Swagger compatible API description' },
-        specific_api_documentation: { desc: 'Swagger compatible API description for specific API' }
+        specific_api_documentation: { desc: 'Swagger compatible API description for specific API' },
+        endpoint_auth_wrapper: nil,
+        swagger_endpoint_guard: nil,
+        oauth_token: nil
       }
     end
 
diff --git a/lib/grape-swagger/endpoint.rb b/lib/grape-swagger/endpoint.rb
@@ -84,7 +84,7 @@ def add_definitions_from(models)
     # path object
     def path_item(routes, options)
       routes.each do |route|
-        next if hidden?(route)
+        next if hidden?(route, options)
 
         @item, path = GrapeSwagger::DocMethods::PathString.build(route, options)
         @entity = route.entity || route.options[:success]
@@ -282,10 +282,14 @@ def model_name(name)
       name.respond_to?(:name) ? name.name.demodulize.camelize : name.split('::').last
     end
 
-    def hidden?(route)
+    def hidden?(route, options)
       route_hidden = route.options[:hidden]
-      route_hidden = route_hidden.call if route_hidden.is_a?(Proc)
-      route_hidden
+      return route_hidden unless route_hidden.is_a?(Proc)
+      if !options[:oauth_token].nil?
+        route_hidden.call(send(options[:oauth_token].to_sym))
+      else
+        route_hidden.call
+      end
     end
 
     def public_parameter?(param)
