Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SecuritySchemes: JWT tokens not valid #2

Closed
pjmolina opened this issue Mar 14, 2017 · 4 comments
Closed

SecuritySchemes: JWT tokens not valid #2

pjmolina opened this issue Mar 14, 2017 · 4 comments

Comments

@pjmolina
Copy link

pjmolina commented Mar 14, 2017
edited

Hi Mike:

Validating a contract with something like this:

{
  "components": {
    "securitySchemes": {
      "autentication_jwt": {
        "type": "scheme",
        "scheme": "bearer",
        "bearerFormat": "JWT"
      },
	...

Got this error:

{
  "status": false,
  "message": "expected Object { type: 'scheme', scheme: 'bearer', bearerFormat: 'JWT' } not to have property scheme (false negative fail)",
  "context": "#/components/securitySchemes/autentication_jwt"
}

Accordingly the Spec, this is a sample with the same info. This should be valid, isn't it?

Repro sample.
@MikeRalphson
Copy link
Contributor

@pjmolina Hi - in this case I think the JSON example snippet is wrong. According to the fixed fields section above that example the only valid types are http, apiKey, oauth2, openIdConnect, as per the yaml example.

If you agree, one of us should raise a PR on the v3 spec to fix the example.

@pjmolina
Copy link
Author

I see. Feel free and go for it!

MikeRalphson added a commit to MikeRalphson/OpenAPI-Specification that referenced this issue Mar 14, 2017
@MikeRalphson
Fix JWT Bearer security JSON sample
dc645ab 
As reported by @pjmolina [here](Mermade/oas-kit#2)
@MikeRalphson MikeRalphson mentioned this issue Mar 14, 2017
Merged
MikeRalphson added a commit that referenced this issue Mar 14, 2017
@MikeRalphson
Explicitly check securityDefinition type against valid values, refs #2
296ba4a
@MikeRalphson
Copy link
Contributor

I've improved the error message to make the problem clearer

#/components/securitySchemes/jwt
expected 'scheme' to be equals one of Array [ 'apiKey', 'http', 'oauth2', 'openIdConnect' ]

@MikeRalphson
Copy link
Contributor

Thanks for the report.

MikeRalphson added a commit that referenced this issue Mar 9, 2018
@MikeRalphson
Explicitly check securityDefinition type against valid values, refs #2
75e09db
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MikeRalphson @pjmolina