Skip to content

Enhance OpenAPI security scopes handling #3712

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Enhance OpenAPI security scopes handling #3712

wants to merge 3 commits into from
+144 −57

Conversation

nolannbiron
Copy link
Member

This PR refactors OpenAPI security scopes, adds resolved scope types, improves OAuth2 handling, and updates the UI.

@linear Linear
Copy link

linear bot commented Oct 8, 2025

RND-8365 Add scopes from any OpenAPI security type

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Oct 8, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 35b892e

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages
Name Type
@gitbook/react-openapi Patch
gitbook Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@nolannbiron nolannbiron requested a review from Copilot October 8, 2025 21:33
Copilot
Copilot AI reviewed Oct 8, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR enhances OpenAPI security scopes handling by refactoring type definitions and improving OAuth2 scope resolution. The changes add support for resolved scope types, better OAuth2 flow handling, and an improved UI for displaying security scopes.

  • Renamed OpenAPISecuritySchemeWithRequired to OpenAPICustomSecurityScheme and added scope resolution
  • Enhanced OAuth2 security scheme handling with proper scope merging from flows and operation requirements
  • Updated UI components to display security scopes in a more structured format

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
packages/react-openapi/src/types.ts Renamed security scheme type and added scope type definitions
packages/react-openapi/src/resolveOpenAPIOperation.ts Added scope resolution logic for OAuth2 and other security schemes
packages/react-openapi/src/utils.ts Updated type references and improved type filtering
packages/react-openapi/src/util/tryit-prefill.ts Updated type references for consistency
packages/react-openapi/src/OpenAPISecurities.tsx Refactored OAuth2 scope display and added dedicated scope components
packages/gitbook/src/components/DocumentView/OpenAPI/style.css Extended CSS classes for scope styling
.changeset/clever-ducks-double.md Added changeset documentation

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 8, 2025
edited
Loading

Summary of the deployments:

Version URL Status
Vercel https://gitbook-v2-88bdh7da5-gitbook.vercel.app
Cloudflare https://5a00f2cd-gitbook-open-v2-preview.gitbook.workers.dev

Test content

Site 2v 2c
GitBook https://gitbook-v2-88bdh7da5-gitbook.vercel.app/url/gitbook.com/docs https://5a00f2cd-gitbook-open-v2-preview.gitbook.workers.dev/url/gitbook.com/docs
E2E https://gitbook-v2-88bdh7da5-gitbook.vercel.app/url/gitbook.gitbook.io/test-gitbook-open https://5a00f2cd-gitbook-open-v2-preview.gitbook.workers.dev/url/gitbook.gitbook.io/test-gitbook-open

@argos-ci Argos CI
Copy link

argos-ci bot commented Oct 8, 2025
edited
Loading

The latest updates on your projects. Learn more about Argos notifications ↗︎

Build Status Details Updated (UTC)
customers-v2 (Inspect) 👍 Changes approved 5 changed Oct 8, 2025, 10:22 PM
v2-cloudflare (Inspect) ✅ No changes detected - Oct 8, 2025, 10:26 PM
v2-vercel (Inspect) 👍 Changes approved 4 changed Oct 8, 2025, 10:24 PM

@nolannbiron nolannbiron force-pushed the nolann/rnd-8365-add-scopes-from-any-openapi-security-type branch from 2424bcf to 35b892e Compare October 8, 2025 22:15
@nolannbiron nolannbiron requested a review from gregberge October 9, 2025 06:15
@gregberge
Copy link
Contributor

@nolannbiron where can we see a preview of it?

@nolannbiron Linear
Copy link
Member Author

nolannbiron commented Oct 9, 2025
edited
Loading

@gregberge

Scopes with apiToken security: https://gitbook-v2-88bdh7da5-gitbook.vercel.app/url/developers.make.com/api-documentation/api-reference/ai-agents

Scopes with OAuth2: https://gitbook-v2-88bdh7da5-gitbook.vercel.app/url/developer.emporix.io/api-references-1/readme/api-reference/text-generation

@nolannbiron
Copy link
Member Author

@gregberge Also wondering if we should rename “Available scopes” to “Required scopes”, makes more sense

@gregberge
Copy link
Contributor

@gregberge Also wondering if we should rename “Available scopes” to “Required scopes”, makes more sense

Required scopes is better

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@gregberge gregberge Awaiting requested review from gregberge

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nolannbiron @gregberge