Skip to content

Commit

Permalink
Export proper scopes in openapi3 file for oauth2 and jwt
Browse files Browse the repository at this point in the history
  • Loading branch information
@server-may-cry @sergei-dh
server-may-cry authored and sergei-dh committed Oct 19, 2023
1 parent 8cfbb57 commit 9114ab4
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 6 deletions.
6 changes: 3 additions & 3 deletions http/codegen/openapi/v3/builder.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -549,9 +549,9 @@ func buildSecurityRequirements(reqs []*expr.SecurityExpr) []map[string][]string
case expr.BasicAuthKind, expr.APIKeyKind:
sr[sch.Hash()] = []string{}
case expr.OAuth2Kind, expr.JWTKind:
scopes := make([]string, len(sch.Scopes))
for i, scope := range sch.Scopes {
scopes[i] = scope.Name
scopes := make([]string, len(req.Scopes))
for i, scope := range req.Scopes {
scopes[i] = scope
}
sr[sch.Hash()] = scopes
}
Expand Down
2 changes: 1 addition & 1 deletion http/codegen/openapi/v3/testdata/golden/security_file0.golden
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"openapi":"3.0.3","info":{"title":"Goa API","version":"1.0"},"servers":[{"url":"http://localhost:80","description":"Default server for test api"}],"paths":{"/":{"get":{"tags":["testService"],"summary":"testEndpointA testService","operationId":"testService#testEndpointA","parameters":[{"name":"k","in":"query","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Quia molestias."},"example":"Doloribus qui quia."},{"name":"Token","in":"header","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Et tempora et quae."},"example":"Itaque inventore optio."},{"name":"X-Authorization","in":"header","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Ullam aut."},"example":"Iste perspiciatis."}],"responses":{"204":{"description":"No Content response."}},"security":[{"api_key_query_k":[],"basic_header_Authorization":[],"jwt_header_X-Authorization":["api:read","api:write"],"oauth2_header_Token":["api:read","api:write"]}]},"post":{"tags":["testService"],"summary":"testEndpointB testService","operationId":"testService#testEndpointB","parameters":[{"name":"auth","in":"query","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Harum et."},"example":"Neque nisi quibusdam nisi sint sunt."}],"responses":{"204":{"description":"No Content response."}},"security":[{"api_key_header_Authorization":[]},{"oauth2_query_auth":["api:read","api:write"]}]}}},"components":{"securitySchemes":{"api_key_header_Authorization":{"type":"apiKey","description":"Secures endpoint by requiring an API key.","name":"Authorization","in":"header"},"api_key_query_k":{"type":"apiKey","description":"Secures endpoint by requiring an API key.","name":"k","in":"query"},"basic_header_Authorization":{"type":"http","description":"Basic authentication used to authenticate security principal during signin","scheme":"basic"},"jwt_header_X-Authorization":{"type":"http","description":"Secures endpoint by requiring a valid JWT token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","scheme":"bearer"},"oauth2_header_Token":{"type":"oauth2","description":"Secures endpoint by requiring a valid OAuth2 token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","flows":{"authorizationCode":{"authorizationUrl":"http://goa.design/authorization","tokenUrl":"http://goa.design/token","refreshUrl":"http://goa.design/refresh","scopes":{"api:read":"Read-only access","api:write":"Read and write access"}}}},"oauth2_query_auth":{"type":"oauth2","description":"Secures endpoint by requiring a valid OAuth2 token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","flows":{"authorizationCode":{"authorizationUrl":"http://goa.design/authorization","tokenUrl":"http://goa.design/token","refreshUrl":"http://goa.design/refresh","scopes":{"api:read":"Read-only access","api:write":"Read and write access"}}}}}},"tags":[{"name":"testService"}]}
{"openapi":"3.0.3","info":{"title":"Goa API","version":"1.0"},"servers":[{"url":"http://localhost:80","description":"Default server for test api"}],"paths":{"/":{"get":{"tags":["testService"],"summary":"testEndpointA testService","operationId":"testService#testEndpointA","parameters":[{"name":"k","in":"query","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Quia molestias."},"example":"Doloribus qui quia."},{"name":"Token","in":"header","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Et tempora et quae."},"example":"Itaque inventore optio."},{"name":"X-Authorization","in":"header","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Ullam aut."},"example":"Iste perspiciatis."}],"responses":{"204":{"description":"No Content response."}},"security":[{"api_key_query_k":[],"basic_header_Authorization":[],"jwt_header_X-Authorization":["api:read"],"oauth2_header_Token":["api:read"]}]},"post":{"tags":["testService"],"summary":"testEndpointB testService","operationId":"testService#testEndpointB","parameters":[{"name":"auth","in":"query","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Harum et."},"example":"Neque nisi quibusdam nisi sint sunt."}],"responses":{"204":{"description":"No Content response."}},"security":[{"api_key_header_Authorization":[]},{"oauth2_query_auth":["api:read","api:write"]}]}}},"components":{"securitySchemes":{"api_key_header_Authorization":{"type":"apiKey","description":"Secures endpoint by requiring an API key.","name":"Authorization","in":"header"},"api_key_query_k":{"type":"apiKey","description":"Secures endpoint by requiring an API key.","name":"k","in":"query"},"basic_header_Authorization":{"type":"http","description":"Basic authentication used to authenticate security principal during signin","scheme":"basic"},"jwt_header_X-Authorization":{"type":"http","description":"Secures endpoint by requiring a valid JWT token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","scheme":"bearer"},"oauth2_header_Token":{"type":"oauth2","description":"Secures endpoint by requiring a valid OAuth2 token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","flows":{"authorizationCode":{"authorizationUrl":"http://goa.design/authorization","tokenUrl":"http://goa.design/token","refreshUrl":"http://goa.design/refresh","scopes":{"api:read":"Read-only access","api:write":"Read and write access"}}}},"oauth2_query_auth":{"type":"oauth2","description":"Secures endpoint by requiring a valid OAuth2 token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","flows":{"authorizationCode":{"authorizationUrl":"http://goa.design/authorization","tokenUrl":"http://goa.design/token","refreshUrl":"http://goa.design/refresh","scopes":{"api:read":"Read-only access","api:write":"Read and write access"}}}}}},"tags":[{"name":"testService"}]}
2 changes: 0 additions & 2 deletions http/codegen/openapi/v3/testdata/golden/security_file1.golden
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,10 +45,8 @@ paths:
basic_header_Authorization: []
jwt_header_X-Authorization:
- api:read
- api:write
oauth2_header_Token:
- api:read
- api:write
post:
tags:
- testService
Expand Down

0 comments on commit 9114ab4

Please sign in to comment.