Connexion-compatible token validation #82
Labels
priority: high
High priority
type: auth
Related to authorization or authentication
workload: days
Likely takes days to resolve
Projects
Milestone
Since Connexion 2.0, Connexion helps with validation of Swagger 2 / OpenAPI 3 security schemas. While this is in princple welcome, it inteferes with the functionality of the dedicated auth/security decorator implemented in FOCA.
In order to be compatible with Connexion, an
x-{auth_method}TokenInfo
field needs to be added to thesecurityDefinitions
(Swagger 2) orsecuritySchemes
(OpenAPI 3) objects, where{auth_method}
is one of several options, depending on the version of the OpenAPI specificaiton.This will require a major refactoring in various places (decorator in
security.auth
module needs to be re-factored/-implemented, the API registration needs to be udpated, and likely a lot of tests will be affected, too).The text was updated successfully, but these errors were encountered: