$ref downloading doesn't use requestInterceptor #3763
Description
| Q | A |
|---|---|
| Bug or feature request? | Bug |
| Which Swagger/OpenAPI version? | 2.0 |
| Which Swagger-UI version? | 3.3.2 |
| How did you install Swagger-UI? | git checkout, dist dir |
| Which browser & version? | Chrome 63 |
| Which operating system? | macOS 10.13 |
Demonstration API definition
-
The 'petstore' example from here:
https://github.com/OAI/OpenAPI-Specification/blob/master/examples/v2.0/json/petstore.json -
The 'petstore-separate' example from here:
https://github.com/OAI/OpenAPI-Specification/tree/master/examples/v2.0/json/petstore-separate
...both hosted on a local server that requires basic authentication.
Configuration (browser query string, constructor, config.yaml)
{
url: "http://locahost:3000/spec/swagger.json", /* or http://localhost:3000/petstore.json */
requestInterceptor: (req) => {
if (req.loadSpec) {
req.headers.Authorization = 'Basic ' + btoa("admin:secret");
}
return req;
},
...
}Expected Behavior
In [email protected], #3738 fixes a gap where the requestInterceptor() wasn't being invoked for the download of the spec URL.
Current Behavior
I have been testing this feature and can confirm that it works as expected for the initial spec URL.
For example, when loading the simple petstore.json example, the requestInterceptor is invoked and the correct Authorization: Basic <base64(admin:secret)> header is passed in the fetch.
Similarly, for the 'separate' example, the requestInterceptor is invoked on the fetch of spec/swagger.json and the correct Authorization header is passed.
However, when resolving and fetching any the $ref URLs in spec/swagger.json (i.e. spec/parameters.json, spec/Pet.json, spec/NewPet.json and common/Error.json), the requestInterceptor doesn't appear to be invoked; and as a result these sub-fetches fail with a 401 Unauthorized.
Possible Solution
Ensure that requestInterceptor is correctly called for any $ref downloads.