fixes 1005 - do not show inputs in the authentication section when allowTry = false

mrin9 · mrin9 · commit bb8ec2d40293 · 2024-10-19T11:32:03.000-04:00
diff --git a/src/templates/focused-endpoint-template.js b/src/templates/focused-endpoint-template.js
@@ -66,7 +66,7 @@ export default function focusedEndpointTemplate() {
   if (focusElId.startsWith('overview') && this.showInfo === 'true') {
     focusedTemplate = overviewTemplate.call(this);
   } else if (focusElId === 'auth' && this.allowAuthentication === 'true') {
-    focusedTemplate = securitySchemeTemplate.call(this);
+    focusedTemplate = securitySchemeTemplate.call(this, this.allowTry);
   } else if (focusElId === 'servers' && this.allowServerSelection === 'true') {
     focusedTemplate = serverTemplate.call(this);
   } else if (focusElId === 'operations-top') {
diff --git a/src/templates/main-body-template.js b/src/templates/main-body-template.js
@@ -87,7 +87,7 @@ export default function mainBodyTemplate(isMini = false, pathsExpanded = false)
                     : html`
                       ${this.showInfo === 'true' ? overviewTemplate.call(this) : ''}
                       ${this.allowServerSelection === 'true' ? serverTemplate.call(this) : ''}
-                      ${this.allowAuthentication === 'true' ? securitySchemeTemplate.call(this) : ''}
+                      ${this.allowAuthentication === 'true' ? securitySchemeTemplate.call(this, this.allowTry) : ''}
                       <div id='operations-top' class='observe-me'>
                         <slot name='operations-top'></slot>
                       </div>  
diff --git a/src/templates/security-scheme-template.js b/src/templates/security-scheme-template.js
@@ -256,7 +256,7 @@ async function onInvokeOAuthFlow(securitySchemeId, flowType, authUrl, tokenUrl,
 
 /* eslint-disable indent */
 
-function oAuthFlowTemplate(flowName, clientId, clientSecret, securitySchemeId, authFlow, defaultScopes = [], receiveTokenIn = 'header', receiveTokenInOptions = undefined) {
+function oAuthFlowTemplate(flowName, clientId, clientSecret, securitySchemeId, authFlow, defaultScopes = [], receiveTokenIn = 'header', receiveTokenInOptions = undefined, allowTry = 'true') {
   let { authorizationUrl, tokenUrl, refreshUrl } = authFlow;
   const pkceOnly = authFlow['x-pkce-only'] || false;
   const isUrlAbsolute = (url) => (url.indexOf('://') > 0 || url.indexOf('//') === 0);
@@ -329,59 +329,60 @@ function oAuthFlowTemplate(flowName, clientId, clientSecret, securitySchemeId, a
                       <span class="mono-font">${scopeAndDescr[0]}</span>
                         ${scopeAndDescr[0] !== scopeAndDescr[1] ? ` - ${scopeAndDescr[1] || ''}` : ''}
                     </label>
-                  </div>
-                `)}
-              </div>
-            `
+                  </div>`)
+                }
+              </div>`
             : ''
           }
-          ${flowName === 'password'
+          ${flowName === 'password' && allowTry === 'true'
             ? html`
               <div style="margin:5px 0">
                 <input type="text" value = "" placeholder="username" spellcheck="false" class="oauth2 ${flowName} ${securitySchemeId} api-key-user" part="textbox textbox-username" id="input-${securitySchemeId}-${flowName}-api-key-user">
                 <input type="password" value = "" placeholder="password" spellcheck="false" class="oauth2 ${flowName} ${securitySchemeId} api-key-password" style = "margin:0 5px;" part="textbox textbox-password" id="input-${securitySchemeId}-${flowName}-api-key-password">
               </div>`
             : ''
           }
-          <div>
-            ${flowName === 'authorizationCode'
-              ? html`
-                <div style="margin: 16px 0 4px">
-                  <input type="checkbox" part="checkbox checkbox-auth-scope" id="${securitySchemeId}-pkce" checked ?disabled=${pkceOnly}>
-                  <label for="${securitySchemeId}-pkce" style="margin:0 16px 0 4px; line-height:24px; cursor:pointer">
-                   Send Proof Key for Code Exchange (PKCE)
-                  </label>
-                </div>
-              `
-              : ''
-            }
-            <input type="text" part="textbox textbox-auth-client-id" value = "${clientId || ''}" placeholder="client-id" spellcheck="false" class="oauth2 ${flowName} ${securitySchemeId} oauth-client-id">
-            ${flowName === 'authorizationCode' || flowName === 'clientCredentials' || flowName === 'password'
-              ? html`
-                <input
-                  id="${securitySchemeId}-${flowName}-oauth-client-secret"
-                  type="password" part="textbox textbox-auth-client-secret"
-                  value = "${clientSecret || ''}" placeholder="client-secret" spellcheck="false"
-                  class="oauth2 ${flowName} ${securitySchemeId}
-                  oauth-client-secret"
-                  style = "margin:0 5px;${pkceOnly ? 'display:none;' : ''}"
-                >
-                <select style="margin-right:5px;${pkceOnly ? 'display:none;' : ''}" class="${flowName} ${securitySchemeId} oauth-send-client-secret-in">
-                   ${(!receiveTokenInOptions || receiveTokenInOptions.includes('header')) ? html`<option value = 'header' .selected = ${receiveTokenIn === 'header'} > Authorization Header </option>` : ''}
-                   ${(!receiveTokenInOptions || receiveTokenInOptions.includes('request-body')) ? html` <option value = 'request-body' .selected = ${receiveTokenIn === 'request-body'}> Request Body </option>` : ''}
-                </select>`
-              : ''
-            }
-            ${flowName === 'authorizationCode' || flowName === 'clientCredentials' || flowName === 'implicit' || flowName === 'password'
-              ? html`
-                <button class="m-btn thin-border" part="btn btn-outline"
-                  @click="${(e) => { onInvokeOAuthFlow.call(this, securitySchemeId, flowName, authorizationUrl, tokenUrl, e); }}"
-                > GET TOKEN </button>`
-              : ''
-            }
-          </div>
-          <div class="oauth-resp-display red-text small-font-size"></div>
-          `
+          ${allowTry === 'true'
+            ? html`
+              <div>
+                ${flowName === 'authorizationCode'
+                  ? html`
+                    <div style="margin: 16px 0 4px">
+                      <input type="checkbox" part="checkbox checkbox-auth-scope" id="${securitySchemeId}-pkce" checked ?disabled=${pkceOnly}>
+                      <label for="${securitySchemeId}-pkce" style="margin:0 16px 0 4px; line-height:24px; cursor:pointer">
+                      Send Proof Key for Code Exchange (PKCE)
+                      </label>
+                    </div>`
+                  : ''
+                }
+                <input type="text" part="textbox textbox-auth-client-id" value = "${clientId || ''}" placeholder="client-id" spellcheck="false" class="oauth2 ${flowName} ${securitySchemeId} oauth-client-id">
+                ${flowName === 'authorizationCode' || flowName === 'clientCredentials' || flowName === 'password'
+                  ? html`
+                    <input
+                      id="${securitySchemeId}-${flowName}-oauth-client-secret"
+                      type="password" part="textbox textbox-auth-client-secret"
+                      value = "${clientSecret || ''}" placeholder="client-secret" spellcheck="false"
+                      class="oauth2 ${flowName} ${securitySchemeId}
+                      oauth-client-secret"
+                      style = "margin:0 5px;${pkceOnly ? 'display:none;' : ''}"
+                    >
+                    <select style="margin-right:5px;${pkceOnly ? 'display:none;' : ''}" class="${flowName} ${securitySchemeId} oauth-send-client-secret-in">
+                      ${(!receiveTokenInOptions || receiveTokenInOptions.includes('header')) ? html`<option value = 'header' .selected = ${receiveTokenIn === 'header'} > Authorization Header </option>` : ''}
+                      ${(!receiveTokenInOptions || receiveTokenInOptions.includes('request-body')) ? html` <option value = 'request-body' .selected = ${receiveTokenIn === 'request-body'}> Request Body </option>` : ''}
+                    </select>`
+                  : ''
+                }
+                ${flowName === 'authorizationCode' || flowName === 'clientCredentials' || flowName === 'implicit' || flowName === 'password'
+                  ? html`
+                    <button class="m-btn thin-border" part="btn btn-outline"
+                      @click="${(e) => { onInvokeOAuthFlow.call(this, securitySchemeId, flowName, authorizationUrl, tokenUrl, e); }}"
+                    > GET TOKEN </button>`
+                  : ''
+                }
+              </div>
+              <div class="oauth-resp-display red-text small-font-size"></div>`
+            : ''
+          }`
         : ''
       }
     </div>
@@ -402,24 +403,30 @@ function removeApiKey(securitySchemeId) {
   this.requestUpdate();
 }
 
-export default function securitySchemeTemplate() {
+export default function securitySchemeTemplate(allowTry = 'true') {
   if (!this.resolvedSpec) { return ''; }
+  // eslint-disable-next-line no-console
+  console.log('allowTry: ', allowTry);
   const providedApiKeys = this.resolvedSpec.securitySchemes?.filter((v) => (v.finalKeyValue));
   if (!providedApiKeys) {
     return;
   }
   return html`
   <section id='auth' part="section-auth" style="text-align:left; direction:ltr; margin-top:24px; margin-bottom:24px;" class = 'observe-me ${'read focused'.includes(this.renderStyle) ? 'section-gap--read-mode' : 'section-gap '}'>
     <div class='sub-title regular-font'> AUTHENTICATION </div>
-
-    <div class="small-font-size" style="display:flex; align-items: center; min-height:30px">
-      ${providedApiKeys.length > 0
-        ? html`
-          <div class="blue-text"> ${providedApiKeys.length} API key applied </div>
-          <div style="flex:1"></div>
-          <button class="m-btn thin-border" part="btn btn-outline" @click=${() => { onClearAllApiKeys.call(this); }}>CLEAR ALL API KEYS</button>`
-        : html`<div class="red-text">No API key applied</div>`
-      }
+    ${allowTry === 'true'
+      ? html`
+        <div class="small-font-size" style="display:flex; align-items: center; min-height:30px">
+          ${providedApiKeys.length > 0
+            ? html`
+              <div class="blue-text"> ${providedApiKeys.length} API key applied </div>
+              <div style="flex:1"></div>
+              <button class="m-btn thin-border" part="btn btn-outline" @click=${() => { onClearAllApiKeys.call(this); }}>CLEAR ALL API KEYS</button>`
+            : html`<div class="red-text">No API key applied</div>`
+          }
+        `
+      : ''
+    }
     </div>
     ${this.resolvedSpec.securitySchemes && this.resolvedSpec.securitySchemes.length > 0
       ? html`
@@ -433,7 +440,7 @@ export default function securitySchemeTemplate() {
                   <span style="font-weight:bold; font-size:var(--font-size-regular)">${v.typeDisplay}</span>
                   ${v.finalKeyValue
                     ? html`
-                      <span class='blue-text'>  ${v.finalKeyValue ? 'Key Applied' : ''} </span>
+                      <span class='blue-text'> ${v.finalKeyValue ? 'Key Applied' : ''} </span>
                       <button class="m-btn thin-border small" part="btn btn-outline" @click=${() => { removeApiKey.call(this, v.securitySchemeId); }}>REMOVE</button>
                       `
                     : ''
@@ -442,47 +449,59 @@ export default function securitySchemeTemplate() {
                 ${v.description ? html`<div class="m-markdown"> ${unsafeHTML(marked(v.description || ''))}</div>` : ''}
                 ${(v.type.toLowerCase() === 'apikey')
                   ? html`
-                    <div style="margin-bottom:5px"> Send <code>${v.name}</code> in <code>${v.in}</code> </div>
-                    <div style="max-height:28px;">
-                      ${v.in !== 'cookie'
-                        ? html`
-                          <input type = "text" value = "${v.value}" class="${v.type} ${v.securitySchemeId} api-key-input" placeholder = "api-token" spellcheck = "false" id = "${v.type}-${v.securitySchemeId}-api-key-input">
-                          <button class="m-btn thin-border" style = "margin-left:5px;" part = "btn btn-outline"
-                            @click="${(e) => { onApiKeyChange.call(this, v.securitySchemeId, e); }}">
-                            ${v.finalKeyValue ? 'UPDATE' : 'SET'}
-                          </button>`
-                        : html`<span class="gray-text" style="font-size::var(--font-size-small)"> cookies cannot be set from here</span>`
-                      }
-                    </div>`
+                    <div style="margin-bottom:5px"> Send <code>${v.name}</code> in <code>${v.in}</code></div>
+                    ${allowTry === 'true'
+                      ? html`
+                        <div style="max-height:28px;">
+                          ${v.in !== 'cookie'
+                            ? html`
+                              <input type = "text" value = "${v.value}" class="${v.type} ${v.securitySchemeId} api-key-input" placeholder = "api-token" spellcheck = "false" id = "${v.type}-${v.securitySchemeId}-api-key-input">
+                              <button class="m-btn thin-border" style = "margin-left:5px;" part = "btn btn-outline"
+                                @click="${(e) => { onApiKeyChange.call(this, v.securitySchemeId, e); }}">
+                                ${v.finalKeyValue ? 'UPDATE' : 'SET'}
+                              </button>`
+                            : html`<span class="gray-text" style="font-size::var(--font-size-small)"> cookies cannot be set from here</span>`
+                          }
+                        </div>`
+                      : ''
+                    }`
                   : ''
                 }
                 ${v.type.toLowerCase() === 'http' && v.scheme?.toLowerCase() === 'basic'
                   ? html`
                     <div style="margin-bottom:5px">
                       Send <code>Authorization</code> in <code>header</code> containing the word <code>Basic</code> followed by a space and a base64 encoded string of <code>username:password</code>.
                     </div>
-                    <div>
-                      <input type="text" value = "${v.user}" placeholder="username" spellcheck="false" class="${v.type} ${v.securitySchemeId} api-key-user" style="width:100px" id = "input-${v.type}-${v.securitySchemeId}-api-key-user">
-                      <input type="password" value = "${v.password}" placeholder="password" spellcheck="false" class="${v.type} ${v.securitySchemeId} api-key-password" style = "width:100px; margin:0 5px;" id = "input-${v.type}-${v.securitySchemeId}-api-key-password">
-                      <button class="m-btn thin-border"
-                        @click="${(e) => { onApiKeyChange.call(this, v.securitySchemeId, e); }}"
-                        part = "btn btn-outline"
-                      >
-                        ${v.finalKeyValue ? 'UPDATE' : 'SET'}
-                      </button>
-                    </div>`
+                    ${allowTry === 'true'
+                      ? html`
+                        <div>
+                          <input type="text" value = "${v.user}" placeholder="username" spellcheck="false" class="${v.type} ${v.securitySchemeId} api-key-user" style="width:100px" id = "input-${v.type}-${v.securitySchemeId}-api-key-user">
+                          <input type="password" value = "${v.password}" placeholder="password" spellcheck="false" class="${v.type} ${v.securitySchemeId} api-key-password" style = "width:100px; margin:0 5px;" id = "input-${v.type}-${v.securitySchemeId}-api-key-password">
+                          <button class="m-btn thin-border"
+                            @click="${(e) => { onApiKeyChange.call(this, v.securitySchemeId, e); }}"
+                            part = "btn btn-outline"
+                          >
+                            ${v.finalKeyValue ? 'UPDATE' : 'SET'}
+                          </button>
+                        </div>`
+                      : ''
+                    }`
                   : ''
                 }
                 ${v.type.toLowerCase() === 'http' && v.scheme?.toLowerCase() === 'bearer'
                   ? html`
                     <div style="margin-bottom:5px"> Send <code>Authorization</code> in <code>header</code> containing the word <code>Bearer</code> followed by a space and token value</div>
-                    <div style="max-height:28px;">
-                      <input type = "text" value = "${v.value}" class="${v.type} ${v.securitySchemeId} api-key-input" placeholder = "api-token" spellcheck = "false" id = "${v.type}-${v.securitySchemeId}-api-key-input">
-                      <button class="m-btn thin-border" style = "margin-left:5px;" part = "btn btn-outline"
-                        @click="${(e) => { onApiKeyChange.call(this, v.securitySchemeId, e); }}">
-                        ${v.finalKeyValue ? 'UPDATE' : 'SET'}
-                      </button>
-                    </div>`
+                    ${allowTry === 'true'
+                      ? html`
+                        <div style="max-height:28px;">
+                          <input type = "text" value = "${v.value}" class="${v.type} ${v.securitySchemeId} api-key-input" placeholder = "api-token" spellcheck = "false" id = "${v.type}-${v.securitySchemeId}-api-key-input">
+                          <button class="m-btn thin-border" style = "margin-left:5px;" part = "btn btn-outline"
+                            @click="${(e) => { onApiKeyChange.call(this, v.securitySchemeId, e); }}">
+                            ${v.finalKeyValue ? 'UPDATE' : 'SET'}
+                          </button>
+                        </div>`
+                      : ''
+                    }`
                   : ''
                 }
               </td>
@@ -502,6 +521,7 @@ export default function securitySchemeTemplate() {
                         (v.flows[f]['x-default-scopes'] || v['x-default-scopes']),
                         (v.flows[f]['x-receive-token-in'] || v['x-receive-token-in']),
                         (v.flows[f]['x-receive-token-in-options'] || v['x-receive-token-in-options']),
+                        allowTry,
                       ))}
                   </td>
                 </tr>
