Yes, this solution works, but in my specific scenario, I also require the user's login credentials.

SELECT 'authentication' AS component,
 case sqlpage.basic_auth_username()
 when 'admin'
 then '$argon2i$v=19$m=8,t=1,p=1$YWFhYWFhYWE$oKBq5E8XFTHO2w' 
 when 'user'
 then '$argon2i$v=19$m=8,t=1,p=1$YWFhYWFhYWE$qsrWdjgl96ooYw' 
 end AS password_hash, 
 sqlpage.basic_auth_password() AS password
WHERE sqlpage.request_method() != 'OPTIONS';

In this scenario, I receive a 401 Unauthorized error because the sqlpage.basic_auth_name() function returns no value.

I am testing the Swagger file on my computer using localhost, and SQLPage is also running on my computer. They are using two different TCP ports, but this seems to be enough for Swagger UI to consider that it needs to use CORS.

Yes, different ports are different origins. Your problem is not in swagger ui, any JavaScript code running from a different origin will have the browser trigger a preflight request before a non-GET request to your api.

The easiest is to serve your static swagger ui directly from SQLPage

You should be able to just put a documentation.html file along your .json file, served directly by sqlpage, and use it to render the ui

https://github.com/swagger-api/swagger-ui/blob/HEAD/docs/usage/installation.md#unpkg

Thank you for your responses, which helped me integrate an OpenAPI document into my project.

I created a small shell-swagger-ui component to ensure a clean implementation. It is a simple HTML page that loads the Swagger-UI code via the unpkg CDN.

<!DOCTYPE html>
<html{{#if language}} lang="{{language}}{{/if}}">
 <head>
 <meta charset="{{default charset "utf-8"}}" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <meta name="description" content="SwaggerUI" />
 <title>{{default title "Swagger UI"}}</title>
 <link rel="stylesheet" href="https://unpkg.com/swagger-ui-dist@{{default version "5.11.0"}}/swagger-ui.css" />
 </head>
 <body>
 <div id="swagger-ui"></div>
 <script nonce="{{@csp_nonce}}" src="https://unpkg.com/swagger-ui-dist@{{default version "5.11.0"}}/swagger-ui-bundle.js" crossorigin></script>
 <script nonce="{{@csp_nonce}}">
 window.onload = () => {
 window.ui = SwaggerUIBundle({
 url: '{{documentation}}',
 dom_id: '#swagger-ui',
 });
 };
 </script> 
 </body>
</html>

The endpoint /api/v2/openapi.sql for accessing the documentation is simply a component with a few parameters, such as the page title and the path to the OpenAPI file formatted in YAML.

SELECT
 'shell-swagger-ui' AS component,
 'Swagger Demo' AS title,
 'fr' AS language,
 'utf-8' AS charset,
 'swagger/openapi.yaml' AS documentation,
 '5.11.0' AS version;

@lovasoa I'm not sure if this type of component would be beneficial to add to the standard components of SQLPage. It doesn't seem to have general applicability. What are your thoughts on this?

Best regards
Olivier

Indeed, I don't think we should upstream this before we have more support for building APIs