From fdb02c4f6a2223c56031bad5fd3ec8db26c60daf Mon Sep 17 00:00:00 2001
From: Sunny Juneja <me@sunnyjuneja.com>
Date: Wed, 19 Aug 2015 16:34:19 -0700
Subject: [PATCH] Check for authorization header.

It appears that Swagger-UI correctly sets an authorization header when
added in the interface (api key field). However, if the endpoint has
the option "authorizations" set with "oauth2", it will override the
value. See https://github.com/ruby-grape/grape-swagger-rails/issues/13.
---
 spec/dummy/app/api/api.rb                 | 5 +++++
 spec/dummy/config/initializers/swagger.rb | 3 +++
 spec/features/swagger_spec.rb             | 8 ++++----
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/spec/dummy/app/api/api.rb b/spec/dummy/app/api/api.rb
index 1547f72..e388c94 100644
--- a/spec/dummy/app/api/api.rb
+++ b/spec/dummy/app/api/api.rb
@@ -26,5 +26,10 @@ class API < Grape::API
     request.params.as_json
   end
 
+  desc 'Get Authorization header.', authorizations: { oauth2: [] }
+  get '/authorization' do
+    request.headers.slice('Authorization').as_json
+  end
+
   add_swagger_documentation
 end
diff --git a/spec/dummy/config/initializers/swagger.rb b/spec/dummy/config/initializers/swagger.rb
index 3433907..b8894c5 100644
--- a/spec/dummy/config/initializers/swagger.rb
+++ b/spec/dummy/config/initializers/swagger.rb
@@ -1,3 +1,6 @@
 GrapeSwaggerRails.options.url = '/api/swagger_doc'
 GrapeSwaggerRails.options.app_name = 'Swagger'
 GrapeSwaggerRails.options.app_url  = 'http://localhost:3000'
+GrapeSwaggerRails.options.api_auth     = 'bearer'
+GrapeSwaggerRails.options.api_key_name = 'Authorization'
+GrapeSwaggerRails.options.api_key_type = 'header'
diff --git a/spec/features/swagger_spec.rb b/spec/features/swagger_spec.rb
index d4ff60d..1149fb7 100644
--- a/spec/features/swagger_spec.rb
+++ b/spec/features/swagger_spec.rb
@@ -49,8 +49,8 @@
       it 'adds an Authorization header' do
         page.execute_script("$('#input_apiKey').val('username:password')")
         page.execute_script("$('#input_apiKey').trigger('change')")
-        find('#endpointListTogger_headers', visible: true).click
-        first('a[href="#!/headers/GET_api_headers_format"]', visible: true).click
+        find('#endpointListTogger_authorization', visible: true).click
+        first('a[href="#!/authorization/GET_api_authorization_format"]', visible: true).click
         click_button 'Try it out!'
         expect(page).to have_css 'span.attribute', text: 'Authorization'
         expect(page).to have_css 'span.string', text: "Basic #{Base64.encode64('username:password').strip}"
@@ -66,8 +66,8 @@
       it 'adds an Authorization header' do
         page.execute_script("$('#input_apiKey').val('token')")
         page.execute_script("$('#input_apiKey').trigger('change')")
-        find('#endpointListTogger_headers', visible: true).click
-        first('a[href="#!/headers/GET_api_headers_format"]', visible: true).click
+        find('#endpointListTogger_authorization', visible: true).click
+        first('a[href="#!/authorization/GET_api_authorization_format"]', visible: true).click
         click_button 'Try it out!'
         expect(page).to have_css 'span.attribute', text: 'Authorization'
         expect(page).to have_css 'span.string', text: 'Bearer token'