Skip to content

Fix OAuth2 security schemes for OpenAPI importer #4151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 22, 2022
Merged

Fix OAuth2 security schemes for OpenAPI importer #4151

merged 1 commit into from
Feb 22, 2022

Conversation

gazoakley
Copy link
Contributor

@gazoakley gazoakley commented Oct 25, 2021
edited by filfreire
Loading

Closes #3093
Closes #4095

The existing importer for OpenAPI requires specifying scheme: bearer for OAuth2 security schemes, but unfortunately this violates the OpenAPI specification (and Insomnia will show warnings when using the schema editor). In this PR:

  • Fixes importing OpenAPI specs for OAuth2 security schemes
  • Updates the test fixtures to comply with the OpenAPI specification for OAuth2
  • Updates the test result fixtures for Petstore tests (these previously didn't import correctly due to the above issue)
  • Sets the Redirect URL for OAuth2 requests to a variable - this is a required parameter for Amazon Cognito/Okta and most/all IdPs, so being able to set it easily for all requests (as is possible for Client ID/secret) simplifies using Insomnia

changelog(Fixes): For OpenAPI documents, OAuth2 security scheme components no longer require the scheme to be set to bearer

@gazoakley gazoakley changed the title WIP: Fix importer test fixtures to comply with OpenAPI specs (#4095) Fix importer test fixtures to comply with OpenAPI specs (#4095) Oct 25, 2021
@gazoakley gazoakley changed the title Fix importer test fixtures to comply with OpenAPI specs (#4095) Fix importer test fixtures to comply with OpenAPI specs Oct 25, 2021
@gazoakley gazoakley changed the title Fix importer test fixtures to comply with OpenAPI specs Fix OAuth2 security schemes for OpenAPI importer Oct 26, 2021
@develohpanda develohpanda self-requested a review October 27, 2021 07:17
@gazoakley
Copy link
Contributor Author

Doh - lint issue! Updated and rebased

@filfreire filfreire added the insomnia-stream a good candidate to look at during the weekly livestream (see #stream on https://chat.insomnia.rest) label Feb 8, 2022
@martin-thoma
Copy link

Is there anything missing here? Or is it only the review that still needs to be done?

@dimitropoulos
Copy link
Contributor

@MT-Cash we're going to look at this on the stream today in a little bit. see the #stream channel on the insomnia community slack if you'd like to be there or watch (no pressure whatsoever).

gatzjames
gatzjames approved these changes Feb 22, 2022
View reviewed changes
Copy link
Contributor

@gatzjames gatzjames left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👏🚀 Great UX improvement and spec compliance! Did some extra testing and seems to work as expected! We should simplify the scheme logic when we revisit this but works fine for now!

@gatzjames gatzjames merged commit 3a944d9 into Kong:develop Feb 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gatzjames gatzjames gatzjames approved these changes

@dimitropoulos dimitropoulos dimitropoulos approved these changes

@develohpanda develohpanda Awaiting requested review from develohpanda

Assignees
No one assigned
Labels
insomnia-stream a good candidate to look at during the weekly livestream (see #stream on https://chat.insomnia.rest)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Insomnia does not recognize OAuth2 authentication scheme properly Open api importer support for oauth 2 security schemes
5 participants
@gazoakley @martin-thoma @dimitropoulos @gatzjames @filfreire