Scopes are incorrectly formatted in OpenAPI specification when using YAML properties #3074
Description
Describe the bug
Setting the scopes in the OpenAPI specification from application YAML properties doesn't preserve the scope format as expected.
When I try to set the scopes like this:
scopes:
write:pets: modify pets in your account
read:pets: read your petsor
scopes:
"write:pets": modify pets in your account
"read:pets": read your petsThe result is:
- writepets
- readpets
To Reproduce
Steps to reproduce the behavior:
- Create a Spring Boot application with the following dependencies:
- gradle 8.14.3
- org.springframework.boot:spring-boot-starter-web:3.5.5
- org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.9
- Add the following
application.ymlconfiguration:
server:
port: 8080
spring:
application:
name: hello-application
springdoc:
swagger-ui:
oauth:
app-name: "Pet Auth Service"
open-api:
components:
securitySchemes:
petstore-oauth2:
type: oauth2
flows:
implicit:
authorizationUrl: https://example.com/api/oauth/dialog
scopes:
write:pets: modify pets in your account
read:pets: read your pets
authorizationCode:
authorizationUrl: https://example.com/api/oauth/dialog
tokenUrl: https://example.com/api/oauth/token
scopes:
write:pets: modify pets in your account
read:pets: read your pets- Access the OpenAPI docs at http://localhost:8080/v3/api-docs and observe that the scopes are rendered as writepets and readpets, not write:pets and read:pets as expected.
{
"openapi": "3.1.0",
"info": {
"title": "OpenAPI definition",
"version": "v0"
},
"servers": [
{
"url": "http://localhost:8080",
"description": "Generated server url"
}
],
"paths": {
},
"components": {
"securitySchemes": {
"petstore-oauth2": {
"type": "oauth2",
"flows": {
"implicit": {
"authorizationUrl": "https://example.com/api/oauth/dialog",
"scopes": {
"writepets": "modify pets in your account",
"readpets": "read your pets"
}
},
"authorizationCode": {
"authorizationUrl": "https://example.com/api/oauth/dialog",
"tokenUrl": "https://example.com/api/oauth/token",
"scopes": {
"writepets": "modify pets in your account",
"readpets": "read your pets"
}
}
}
}
}
}
}Expected behavior
The output JSON should include the scopes in the correct format, like so:
{
"openapi": "3.1.0",
"info": {
"title": "OpenAPI definition",
"version": "v0"
},
"servers": [
{
"url": "http://localhost:8080",
"description": "Generated server url"
}
],
"paths": {
},
"components": {
"securitySchemes": {
"petstore-oauth2": {
"type": "oauth2",
"flows": {
"implicit": {
"authorizationUrl": "https://example.com/api/oauth/dialog",
"scopes": {
"write:pets": "modify pets in your account",
"read:pets": "read your pets"
}
},
"authorizationCode": {
"authorizationUrl": "https://example.com/api/oauth/dialog",
"tokenUrl": "https://example.com/api/oauth/token",
"scopes": {
"write:pets": "modify pets in your account",
"read:pets": "read your pets"
}
}
}
}
}
}
}Screenshots
Then in swagger ui the scopes also appears with the wrong format:
Additional context