From c2686fdc65eba339b4ffb08224d05886bf0c3344 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tommy=20Engstr=C3=B6m?= Date: Sat, 16 Jan 2021 11:16:14 +0100 Subject: [PATCH 1/2] Include the scheme when using http security --- src/Data/OpenApi.hs | 1 + src/Data/OpenApi/Internal.hs | 19 +++++++++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/src/Data/OpenApi.hs b/src/Data/OpenApi.hs index fcd7e302..bd5e361b 100644 --- a/src/Data/OpenApi.hs +++ b/src/Data/OpenApi.hs @@ -91,6 +91,7 @@ module Data.OpenApi ( -- ** Security SecurityScheme(..), SecuritySchemeType(..), + HttpSchemeType(..), SecurityDefinitions(..), SecurityRequirement(..), diff --git a/src/Data/OpenApi/Internal.hs b/src/Data/OpenApi/Internal.hs index ad193bc7..c7647734 100644 --- a/src/Data/OpenApi/Internal.hs +++ b/src/Data/OpenApi/Internal.hs @@ -838,8 +838,17 @@ data OAuth2Flows = OAuth2Flows , _oAuth2FlowsAuthorizationCode :: Maybe (OAuth2Flow OAuth2AuthorizationCodeFlow) } deriving (Eq, Show, Generic, Data, Typeable) +data HttpSchemeType + = HttpSchemeBearer + | HttpSchemeBasic + deriving (Eq, Show, Generic, Data, Typeable) +instance ToJSON HttpSchemeType where + toJSON = genericToJSON (jsonPrefix "HttpScheme") +instance FromJSON HttpSchemeType where + parseJSON = genericParseJSON (jsonPrefix "HttpScheme") + data SecuritySchemeType - = SecuritySchemeHttp + = SecuritySchemeHttp HttpSchemeType | SecuritySchemeApiKey ApiKeyParams | SecuritySchemeOAuth2 OAuth2Flows | SecuritySchemeOpenIdConnect URL @@ -1229,8 +1238,10 @@ instance ToJSON OAuth2Flows where toEncoding = sopSwaggerGenericToEncoding instance ToJSON SecuritySchemeType where - toJSON SecuritySchemeHttp - = object [ "type" .= ("http" :: Text) ] + toJSON (SecuritySchemeHttp ty) + = object [ "type" .= ("http" :: Text) + , "scheme" .= toJSON ty + ] toJSON (SecuritySchemeApiKey params) = toJSON params <+> object [ "type" .= ("apiKey" :: Text) ] @@ -1379,7 +1390,7 @@ instance FromJSON SecuritySchemeType where parseJSON js@(Object o) = do (t :: Text) <- o .: "type" case t of - "http" -> pure SecuritySchemeHttp + "http" -> SecuritySchemeHttp <$> (o .: "scheme") "apiKey" -> SecuritySchemeApiKey <$> parseJSON js "oauth2" -> SecuritySchemeOAuth2 <$> (o .: "flows") "openIdConnect" -> SecuritySchemeOpenIdConnect <$> (o .: "openIdConnectUrl") From f163ab59667973667ea278ed740797a42a6c49d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tommy=20Engstr=C3=B6m?= Date: Fri, 26 Feb 2021 16:23:43 +0100 Subject: [PATCH 2/2] Add HttpSchemeCustom and optional bearerFormat --- src/Data/OpenApi/Internal.hs | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/src/Data/OpenApi/Internal.hs b/src/Data/OpenApi/Internal.hs index c7647734..1fba780b 100644 --- a/src/Data/OpenApi/Internal.hs +++ b/src/Data/OpenApi/Internal.hs @@ -838,14 +838,13 @@ data OAuth2Flows = OAuth2Flows , _oAuth2FlowsAuthorizationCode :: Maybe (OAuth2Flow OAuth2AuthorizationCodeFlow) } deriving (Eq, Show, Generic, Data, Typeable) +type BearerFormat = Text + data HttpSchemeType - = HttpSchemeBearer + = HttpSchemeBearer (Maybe BearerFormat) | HttpSchemeBasic + | HttpSchemeCustom Text deriving (Eq, Show, Generic, Data, Typeable) -instance ToJSON HttpSchemeType where - toJSON = genericToJSON (jsonPrefix "HttpScheme") -instance FromJSON HttpSchemeType where - parseJSON = genericParseJSON (jsonPrefix "HttpScheme") data SecuritySchemeType = SecuritySchemeHttp HttpSchemeType @@ -1238,10 +1237,19 @@ instance ToJSON OAuth2Flows where toEncoding = sopSwaggerGenericToEncoding instance ToJSON SecuritySchemeType where - toJSON (SecuritySchemeHttp ty) - = object [ "type" .= ("http" :: Text) - , "scheme" .= toJSON ty - ] + toJSON (SecuritySchemeHttp ty) = case ty of + HttpSchemeBearer mFmt -> + object $ [ "type" .= ("http" :: Text) + , "scheme" .= ("bearer" :: Text) + ] <> maybe [] (\t -> ["bearerFormat" .= t]) mFmt + HttpSchemeBasic -> + object [ "type" .= ("http" :: Text) + , "scheme" .= ("basic" :: Text) + ] + HttpSchemeCustom t -> + object [ "type" .= ("http" :: Text) + , "scheme" .= t + ] toJSON (SecuritySchemeApiKey params) = toJSON params <+> object [ "type" .= ("apiKey" :: Text) ] @@ -1390,7 +1398,12 @@ instance FromJSON SecuritySchemeType where parseJSON js@(Object o) = do (t :: Text) <- o .: "type" case t of - "http" -> SecuritySchemeHttp <$> (o .: "scheme") + "http" -> do + scheme <- o .: "scheme" + SecuritySchemeHttp <$> case scheme of + "bearer" -> HttpSchemeBearer <$> (o .:! "bearerFormat") + "basic" -> pure HttpSchemeBasic + t -> pure $ HttpSchemeCustom t "apiKey" -> SecuritySchemeApiKey <$> parseJSON js "oauth2" -> SecuritySchemeOAuth2 <$> (o .: "flows") "openIdConnect" -> SecuritySchemeOpenIdConnect <$> (o .: "openIdConnectUrl")