Examples with OAuthFlow io.swagger.v3.oas.models.security.OAuthFlow used on opensource projects

Example 1 with OAuthFlow

use of io.swagger.v3.oas.models.security.OAuthFlow in project swagger-parser by swagger-api.

the class SwaggerConverter method convertOauth2SecurityScheme.

private SecurityScheme convertOauth2SecurityScheme(SecuritySchemeDefinition definition) {
    SecurityScheme securityScheme = new SecurityScheme();
    OAuth2Definition oAuth2Definition = (OAuth2Definition) definition;
    OAuthFlows oAuthFlows = new OAuthFlows();
    OAuthFlow oAuthFlow = new OAuthFlow();
    securityScheme.setType(SecurityScheme.Type.OAUTH2);
    String flow = oAuth2Definition.getFlow();
    if (flow != null) {
        switch(flow) {
            case "implicit":
                oAuthFlow.setAuthorizationUrl(oAuth2Definition.getAuthorizationUrl());
                oAuthFlows.setImplicit(oAuthFlow);
                break;
            case "password":
                oAuthFlow.setTokenUrl(oAuth2Definition.getTokenUrl());
                oAuthFlows.setPassword(oAuthFlow);
                break;
            case "application":
                oAuthFlow.setTokenUrl(oAuth2Definition.getTokenUrl());
                oAuthFlows.setClientCredentials(oAuthFlow);
                break;
            case "accessCode":
                oAuthFlow.setAuthorizationUrl(oAuth2Definition.getAuthorizationUrl());
                oAuthFlow.setTokenUrl(oAuth2Definition.getTokenUrl());
                oAuthFlows.setAuthorizationCode(oAuthFlow);
                break;
        }
    }
    Scopes scopes = new Scopes();
    Map<String, String> oAuth2Scopes = oAuth2Definition.getScopes();
    if (oAuth2Scopes != null) {
        oAuth2Scopes.forEach((k, v) -> scopes.addString(k, v));
    }
    oAuthFlow.setScopes(scopes);
    securityScheme.setFlows(oAuthFlows);
    return securityScheme;
}

Example 2 with OAuthFlow

use of io.swagger.v3.oas.models.security.OAuthFlow in project swagger-parser by swagger-api.

the class V2ConverterTest method testIssue28.

@Test(description = "OAuth 2 flows and URLs were lost ")
public void testIssue28() throws Exception {
    OpenAPI oas = getConvertedOpenAPIFromJsonFile(ISSUE_28_JSON);
    OAuthFlow oAuth2Implicit = oas.getComponents().getSecuritySchemes().get(SECURITY_SCHEMA_OAUTH2).getFlows().getImplicit();
    assertEquals(AUTHORIZATION_URL, oAuth2Implicit.getAuthorizationUrl());
    assertEquals(WRITE_PETS_VALUE, oAuth2Implicit.getScopes().get(SCOPE_WRITE_PETS));
    assertEquals(READ_PETS_VALUE, oAuth2Implicit.getScopes().get(SCOPE_READ_PETS));
}

Example 3 with OAuthFlow

use of io.swagger.v3.oas.models.security.OAuthFlow in project swagger-core by swagger-api.

the class SecurityDefinitionTest method createModelWithSecurityRequirements.

@Test(description = "it should create a model with security requirements")
public void createModelWithSecurityRequirements() throws IOException {
    final Schema personModel = ModelConverters.getInstance().read(Person.class).get("Person");
    final Schema errorModel = ModelConverters.getInstance().read(Error.class).get("Error");
    final Info info = new Info().version("1.0.0").title("Swagger Petstore");
    final Contact contact = new Contact().name("Swagger API Team").email("foo@bar.baz").url("http://swagger.io");
    info.setContact(contact);
    final OpenAPI oas = new OpenAPI().info(info).addServersItem(new Server().url("http://petstore.swagger.io")).schema("Person", personModel).schema("Error", errorModel);
    oas.schemaRequirement("githubAccessCode", new SecurityScheme().flows(new OAuthFlows().authorizationCode(new OAuthFlow().scopes(new Scopes().addString("user:email", "Grants read access to a user’s email addresses.")))));
    final Operation get = new Operation().summary("finds pets in the system").description("a longer description").addTagsItem("Pet Operations").operationId("get pet by id");
    get.addParametersItem(new Parameter().in("query").name("tags").description("tags to filter by").required(false).schema(new StringSchema()));
    get.addParametersItem(new Parameter().in("path").name("petId").description("pet to fetch").schema(new IntegerSchema().format("int64")));
    final ApiResponse response = new ApiResponse().description("pets returned").content(new Content().addMediaType("*/*", new MediaType().schema(new Schema().$ref("Person"))));
    final ApiResponse errorResponse = new ApiResponse().description("error response").content(new Content().addMediaType("*/*", new MediaType().schema(new Schema().$ref("Error"))));
    get.responses(new ApiResponses().addApiResponse("200", response).addApiResponse("default", errorResponse)).addSecurityItem(new SecurityRequirement().addList("internal_oauth2", "user:email")).addSecurityItem(new SecurityRequirement().addList("api_key"));
    oas.path("/pets", new PathItem().get(get));
    final String json = ResourceUtils.loadClassResource(getClass(), "ModelWithSecurityRequirements.json");
    SerializationMatchers.assertEqualsToJson(oas, json);
}

Example 4 with OAuthFlow

use of io.swagger.v3.oas.models.security.OAuthFlow in project swagger-core by swagger-api.

the class SecurityParser method getOAuthFlow.

public static Optional<OAuthFlow> getOAuthFlow(io.swagger.v3.oas.annotations.security.OAuthFlow oAuthFlow) {
    if (isEmpty(oAuthFlow)) {
        return Optional.empty();
    }
    OAuthFlow oAuthFlowObject = new OAuthFlow();
    if (StringUtils.isNotBlank(oAuthFlow.authorizationUrl())) {
        oAuthFlowObject.setAuthorizationUrl(oAuthFlow.authorizationUrl());
    }
    if (StringUtils.isNotBlank(oAuthFlow.refreshUrl())) {
        oAuthFlowObject.setRefreshUrl(oAuthFlow.refreshUrl());
    }
    if (StringUtils.isNotBlank(oAuthFlow.tokenUrl())) {
        oAuthFlowObject.setTokenUrl(oAuthFlow.tokenUrl());
    }
    if (oAuthFlow.extensions().length > 0) {
        Map<String, Object> extensions = AnnotationsUtils.getExtensions(oAuthFlow.extensions());
        if (extensions != null) {
            extensions.forEach(oAuthFlowObject::addExtension);
        }
    }
    getScopes(oAuthFlow.scopes()).ifPresent(oAuthFlowObject::setScopes);
    return Optional.of(oAuthFlowObject);
}

Example 5 with OAuthFlow

use of io.swagger.v3.oas.models.security.OAuthFlow in project carbon-apimgt by wso2.

the class OAS3Parser method updateSwaggerSecurityDefinition.

/**
 * Include Scope details to the definition
 *
 * @param openAPI     openapi definition
 * @param swaggerData Swagger related API data
 */
private void updateSwaggerSecurityDefinition(OpenAPI openAPI, SwaggerData swaggerData, String authUrl) {
    if (openAPI.getComponents() == null) {
        openAPI.setComponents(new Components());
    }
    Map<String, SecurityScheme> securitySchemes = openAPI.getComponents().getSecuritySchemes();
    if (securitySchemes == null) {
        securitySchemes = new HashMap<>();
        openAPI.getComponents().setSecuritySchemes(securitySchemes);
    }
    SecurityScheme securityScheme = securitySchemes.get(OPENAPI_SECURITY_SCHEMA_KEY);
    if (securityScheme == null) {
        securityScheme = new SecurityScheme();
        securityScheme.setType(SecurityScheme.Type.OAUTH2);
        securitySchemes.put(OPENAPI_SECURITY_SCHEMA_KEY, securityScheme);
        List<SecurityRequirement> security = new ArrayList<SecurityRequirement>();
        SecurityRequirement secReq = new SecurityRequirement();
        secReq.addList(OPENAPI_SECURITY_SCHEMA_KEY, new ArrayList<String>());
        security.add(secReq);
        openAPI.setSecurity(security);
    }
    if (securityScheme.getFlows() == null) {
        securityScheme.setFlows(new OAuthFlows());
    }
    OAuthFlow oAuthFlow = securityScheme.getFlows().getImplicit();
    if (oAuthFlow == null) {
        oAuthFlow = new OAuthFlow();
        securityScheme.getFlows().setImplicit(oAuthFlow);
    }
    oAuthFlow.setAuthorizationUrl(authUrl);
    Scopes oas3Scopes = new Scopes();
    Set<Scope> scopes = swaggerData.getScopes();
    if (scopes != null && !scopes.isEmpty()) {
        Map<String, String> scopeBindings = new HashMap<>();
        for (Scope scope : scopes) {
            String description = scope.getDescription() != null ? scope.getDescription() : "";
            oas3Scopes.put(scope.getKey(), description);
            String roles = (StringUtils.isNotBlank(scope.getRoles()) && scope.getRoles().trim().split(",").length > 0) ? scope.getRoles() : StringUtils.EMPTY;
            scopeBindings.put(scope.getKey(), roles);
        }
        oAuthFlow.addExtension(APIConstants.SWAGGER_X_SCOPES_BINDINGS, scopeBindings);
    }
    oAuthFlow.setScopes(oas3Scopes);
}