Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Flask restx is not compatible with StrictUndefined mode of jinja #565

Open
sloschert opened this issue Sep 23, 2023 · 0 comments · May be fixed by #591
Open

Flask restx is not compatible with StrictUndefined mode of jinja #565

sloschert opened this issue Sep 23, 2023 · 0 comments · May be fixed by #591
Labels
bug Something isn't working

Comments

@sloschert
Copy link

sloschert commented Sep 23, 2023
edited

Repro Steps (if applicable)

  1. Change Flask app's Jinja environment from undefined to StrictUndefined:
app = Flask(__name__)
app.jinja_env.undefined = StrictUndefined
  1. Visit the swagger documentation of the app on /api/v1/doc/
  2. The documentation page crashes with a jinja2.exceptions.UndefinedError.

Expected Behavior

The docs page should load even with Flask's jinja enviroment being "StrictUndefined".

Actual Behavior

The app crashes.

Error Messages/Stack Trace

127.0.0.1 - - [23/Sep/2023 20:12:51] "GET /api/v1/doc/ HTTP/1.1" 500 -
Traceback (most recent call last):
  File "/nix/store/vnd7krkpq1cyla05s4wxqpkaghiykgcw-python3.10-flask-2.2.5/lib/python3.10/site-packages/flask/app.py", line 2552, in __call__
    return self.wsgi_app(environ, start_response)
  File "/nix/store/vnd7krkpq1cyla05s4wxqpkaghiykgcw-python3.10-flask-2.2.5/lib/python3.10/site-packages/flask/app.py", line 2532, in wsgi_app
    response = self.handle_exception(e)
  File "/nix/store/d9jb0b4d3yhba2yalqq3anv2841lmxf0-python3.10-flask-restx-1.1.0/lib/python3.10/site-packages/flask_restx/api.py", line 674, in error_router
    return original_handler(e)
  File "/nix/store/vnd7krkpq1cyla05s4wxqpkaghiykgcw-python3.10-flask-2.2.5/lib/python3.10/site-packages/flask/app.py", line 2529, in wsgi_app
    response = self.full_dispatch_request()
  File "/nix/store/vnd7krkpq1cyla05s4wxqpkaghiykgcw-python3.10-flask-2.2.5/lib/python3.10/site-packages/flask/app.py", line 1825, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/nix/store/d9jb0b4d3yhba2yalqq3anv2841lmxf0-python3.10-flask-restx-1.1.0/lib/python3.10/site-packages/flask_restx/api.py", line 674, in error_router
    return original_handler(e)
  File "/nix/store/vnd7krkpq1cyla05s4wxqpkaghiykgcw-python3.10-flask-2.2.5/lib/python3.10/site-packages/flask/app.py", line 1823, in full_dispatch_request
    rv = self.dispatch_request()
  File "/nix/store/vnd7krkpq1cyla05s4wxqpkaghiykgcw-python3.10-flask-2.2.5/lib/python3.10/site-packages/flask/app.py", line 1799, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
  File "/nix/store/4082f2rc70mwq5g93nmrv545645gs7d8-python3.10-flask_profiler-master/lib/python3.10/site-packages/flask_profiler/measured_route.py", line 40, in __call__
    response = self.use_case.record_measurement(
  File "/nix/store/4082f2rc70mwq5g93nmrv545645gs7d8-python3.10-flask_profiler-master/lib/python3.10/site-packages/flask_profiler/use_cases/observe_request_handling_use_case.py", line 35, in record_measurement
    response = self.request_handler.handle_request(
  File "/nix/store/4082f2rc70mwq5g93nmrv545645gs7d8-python3.10-flask_profiler-master/lib/python3.10/site-packages/flask_profiler/measured_route.py", line 27, in handle_request
    return self.original_route(*args, **kwargs)
  File "/nix/store/d9jb0b4d3yhba2yalqq3anv2841lmxf0-python3.10-flask-restx-1.1.0/lib/python3.10/site-packages/flask_restx/api.py", line 456, in render_doc
    return apidoc.ui_for(self)
  File "/nix/store/d9jb0b4d3yhba2yalqq3anv2841lmxf0-python3.10-flask-restx-1.1.0/lib/python3.10/site-packages/flask_restx/apidoc.py", line 35, in ui_for
    return render_template("swagger-ui.html", title=api.title, specs_url=api.specs_url)
  File "/nix/store/vnd7krkpq1cyla05s4wxqpkaghiykgcw-python3.10-flask-2.2.5/lib/python3.10/site-packages/flask/templating.py", line 147, in render_template
    return _render(app, template, context)
  File "/nix/store/vnd7krkpq1cyla05s4wxqpkaghiykgcw-python3.10-flask-2.2.5/lib/python3.10/site-packages/flask/templating.py", line 130, in _render
    rv = template.render(context)
  File "/nix/store/5qmbk3vzjhz9ng0d4k57nmp675v0vfb9-python3.10-Jinja2-3.1.2/lib/python3.10/site-packages/jinja2/environment.py", line 1301, in render
    self.environment.handle_exception()
  File "/nix/store/5qmbk3vzjhz9ng0d4k57nmp675v0vfb9-python3.10-Jinja2-3.1.2/lib/python3.10/site-packages/jinja2/environment.py", line 936, in handle_exception
    raise rewrite_traceback_stack(source=source)
  File "/nix/store/d9jb0b4d3yhba2yalqq3anv2841lmxf0-python3.10-flask-restx-1.1.0/lib/python3.10/site-packages/flask_restx/templates/swagger-ui.html", line 54, in top-level template code
    {% if config.SWAGGER_UI_OAUTH_CLIENT_ID -%}
jinja2.exceptions.UndefinedError: 'flask.config.Config object' has no attribute 'SWAGGER_UI_OAUTH_CLIENT_ID'

Environment

  • Python 3.10.12
  • Flask==2.2.5
  • flask-restx==1.1.0
  • Flask==2.2.5
  • flask-babel==3.1.0
  • Flask-HTTPAuth==4.8.0
  • Flask-Login==0.6.2
  • Flask-Mail==0.9.1
  • Flask-Migrate==4.0.4
  • Flask-SQLAlchemy==3.0.3
  • flask-talisman==1.1.0
  • Flask-WTF==1.1.1

Additional Context

The template swagger-ui.html contains in two places the following problematic jinja expression:

  • {% if config.SWAGGER_UI_OAUTH_CLIENT_ID -%}

It is problematic because it makes the docs page crash if the config variable SWAGGER_UI_OAUTH_CLIENT_ID is undefined and flask jinja environment is running in StrictUndefined mode (app.jinja_env.undefined = StrictUndefined).

There is no place in the flask restx documentation that specifies that the config variable has to be set or that StrictUndefined mode cannot be used.

The expression should be replaced with:

  • {% if config.SWAGGER_UI_OAUTH_CLIENT_ID is defined and config.SWAGGER_UI_OAUTH_CLIENT_ID -%}

This should fix the bug.
@sloschert sloschert added the bug Something isn't working label Sep 23, 2023
@sloschert sloschert mentioned this issue Sep 23, 2023
Merged
@sloschert sloschert changed the title Swagger docs crash when running Flask with "StrictUndefined" jinja environment Flask restx is not compatible with StrictUndefined mode of jinja Jan 30, 2024
sloschert added a commit to sloschert/flask-restx that referenced this issue Jan 30, 2024
@sloschert
Fix potential undefined variable in swagger-ui.html (python-restx#565)
a45ac1a 
* Add jinja test for potentially undefined variable in `swagger-ui.html`. Compatibility with jinja's StrictUndefined mode.

* Add CHANGELOG.rst entry
@sloschert sloschert linked a pull request Jan 30, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix potential undefined variable in swagger-ui.html (#565) sloschert/flask-restx
1 participant
@sloschert