From a3e450f0fc9d241e7e3626f328bf4a96742b698e Mon Sep 17 00:00:00 2001 From: Samat Jorobekov Date: Thu, 19 Mar 2026 14:58:47 +0300 Subject: [PATCH 1/3] feat: allow configuration of authPolicy for swagger page --- README.md | 1 + src/openapi-registry.ts | 2 ++ src/tests/openapi-registry.test.ts | 35 +++++++++++++++++++++++++++++- src/types.ts | 3 ++- 4 files changed, 39 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3e81099..9d80f08 100644 --- a/README.md +++ b/README.md @@ -82,6 +82,7 @@ app.run(); // Open http://localhost:3030/api/docs | `enabled` | `true` | Convenience flag—skip calling `registerRoutes` if you want to hide docs. | | `path` | `'/api/docs'` | Mount path for Swagger UI; value is used as-is. | | `swaggerJsonPath` | `undefined` | Path relative to mount path where OpenAPI schema is served as JSON. When set, Swagger UI loads the schema from this endpoint instead of embedding it directly. | +| `authPolicy` | `AuthPolicy.disabled` | Controls authentication for the Swagger UI page itself. | Usage example: diff --git a/src/openapi-registry.ts b/src/openapi-registry.ts index a34c09d..6c2db1a 100644 --- a/src/openapi-registry.ts +++ b/src/openapi-registry.ts @@ -45,6 +45,7 @@ export function createOpenApiRegistry(config: OpenApiRegistryConfig) { schemas: {}, securitySchemes: {}, }, + authPolicy: config.authPolicy || AuthPolicy.disabled, }; if (config.contact) { @@ -403,6 +404,7 @@ export function createOpenApiRegistry(config: OpenApiRegistryConfig) { return { ...routes, [`MOUNT ${mountPath}`]: { + authPolicy: config.authPolicy || AuthPolicy.disabled, handler: ({router}: Parameters[0]) => { const schema = getOpenApiSchema(); diff --git a/src/tests/openapi-registry.test.ts b/src/tests/openapi-registry.test.ts index b73b7fb..81d21a1 100644 --- a/src/tests/openapi-registry.test.ts +++ b/src/tests/openapi-registry.test.ts @@ -1,6 +1,12 @@ import {createOpenApiRegistry} from '../openapi-registry'; import {apiKeyAuth, bearerAuth} from '../security-schemas'; -import {AppRoutes, AuthPolicy, RouteContract, withContract} from '@gravity-ui/expresskit'; +import { + AppMountDescription, + AppRoutes, + AuthPolicy, + RouteContract, + withContract, +} from '@gravity-ui/expresskit'; import {NodeKit} from '@gravity-ui/nodekit'; import {z} from 'zod'; @@ -669,6 +675,33 @@ describe('openapi-registry', () => { const registeredRoutes = registerRoutes(routes, nodekit); expect(registeredRoutes).toHaveProperty('MOUNT /api/docs'); + const mountRoute = registeredRoutes['MOUNT /api/docs'] as AppMountDescription; + expect(mountRoute).toBeDefined(); + expect(mountRoute.authPolicy).toBe(AuthPolicy.disabled); + }); + + it('should apply configured authPolicy to MOUNT route', () => { + const {registerRoutes} = createOpenApiRegistry({ + title: 'Test API', + authPolicy: AuthPolicy.required, + }); + + const routes = { + 'GET /test': { + handler: withContract({ + request: {}, + response: {content: {200: z.object({})}}, + })(async (_req, res) => { + res.sendTyped(200, {}); + }), + }, + }; + + const registeredRoutes = registerRoutes(routes, nodekit); + const mountRoute = registeredRoutes['MOUNT /api/docs'] as AppMountDescription; + + expect(mountRoute).toBeDefined(); + expect(mountRoute.authPolicy).toBe(AuthPolicy.required); }); it('should handle routes with tags and description', () => { diff --git a/src/types.ts b/src/types.ts index f91473f..1f5ddf6 100644 --- a/src/types.ts +++ b/src/types.ts @@ -1,5 +1,5 @@ import type {SwaggerUiOptions} from 'swagger-ui-express'; -import type {AppRouteDescription} from '@gravity-ui/expresskit'; +import type {AppRouteDescription, AuthPolicy} from '@gravity-ui/expresskit'; // OpenAPI Security Scheme Object types export interface SecuritySchemeObject { @@ -64,6 +64,7 @@ export interface OpenApiRegistryConfig { }[]; swaggerUi?: SwaggerUiOptions; swaggerJsonPath?: string; + authPolicy?: AuthPolicy; transformOperation?: ( operation: OpenApiOperation, context: { From ddb83fc0dec6cb87276fdceaf1de3d5650b77563 Mon Sep 17 00:00:00 2001 From: Samat Jorobekov Date: Thu, 19 Mar 2026 15:12:44 +0300 Subject: [PATCH 2/3] fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- src/openapi-registry.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/src/openapi-registry.ts b/src/openapi-registry.ts index 6c2db1a..3ec9e5e 100644 --- a/src/openapi-registry.ts +++ b/src/openapi-registry.ts @@ -45,7 +45,6 @@ export function createOpenApiRegistry(config: OpenApiRegistryConfig) { schemas: {}, securitySchemes: {}, }, - authPolicy: config.authPolicy || AuthPolicy.disabled, }; if (config.contact) { From 32b28cd2c30c5c0174f832fb3a05790093a04444 Mon Sep 17 00:00:00 2001 From: Samat Jorobekov Date: Thu, 19 Mar 2026 15:17:14 +0300 Subject: [PATCH 3/3] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- src/openapi-registry.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/openapi-registry.ts b/src/openapi-registry.ts index 3ec9e5e..8ebcb93 100644 --- a/src/openapi-registry.ts +++ b/src/openapi-registry.ts @@ -403,7 +403,7 @@ export function createOpenApiRegistry(config: OpenApiRegistryConfig) { return { ...routes, [`MOUNT ${mountPath}`]: { - authPolicy: config.authPolicy || AuthPolicy.disabled, + authPolicy: config.authPolicy ?? AuthPolicy.disabled, handler: ({router}: Parameters[0]) => { const schema = getOpenApiSchema();