Examples with Scopes io.swagger.v3.oas.models.security.Scopes used on opensource projects

Example 1 with Scopes

use of io.swagger.v3.oas.models.security.Scopes in project swagger-core by swagger-api.

the class JsonDeserializationTest method testDeserializeSecurity.

@Test
public void testDeserializeSecurity() throws Exception {
    final OpenAPI swagger = TestUtils.deserializeJsonFileFromClasspath("specFiles/securityDefinitions.json", OpenAPI.class);
    final List<SecurityRequirement> security = swagger.getSecurity();
    assertNotNull(security);
    assertEquals(security.size(), 3);
    final Map<String, SecurityScheme> securitySchemes = swagger.getComponents().getSecuritySchemes();
    assertNotNull(securitySchemes);
    assertEquals(securitySchemes.size(), 4);
    {
        final SecurityScheme scheme = securitySchemes.get("petstore_auth");
        assertNotNull(scheme);
        assertEquals(scheme.getType().toString(), "oauth2");
        assertEquals(scheme.getFlows().getImplicit().getAuthorizationUrl(), "http://petstore.swagger.io/oauth/dialog");
        assertEquals(scheme.getFlows().getImplicit().getScopes().get("write:pets"), "modify pets in your account");
        assertEquals(scheme.getFlows().getImplicit().getScopes().get("read:pets"), "read your pets");
    }
    {
        final SecurityScheme scheme = securitySchemes.get("api_key");
        assertNotNull(scheme);
        assertEquals(scheme.getType().toString(), "apiKey");
        assertEquals(scheme.getIn().toString(), "header");
        assertEquals(scheme.getName(), "api_key");
    }
    {
        final SecurityScheme scheme = securitySchemes.get("http");
        assertNotNull(scheme);
        assertEquals(scheme.getType().toString(), "http");
        assertEquals(scheme.getScheme(), "basic");
    }
    {
        final SecurityScheme scheme = securitySchemes.get("open_id_connect");
        assertNotNull(scheme);
        assertEquals(scheme.getType().toString(), "openIdConnect");
        assertEquals(scheme.getOpenIdConnectUrl(), "http://petstore.swagger.io/openid");
    }
    {
        final SecurityRequirement securityRequirement = security.get(0);
        final List<String> scopes = securityRequirement.get("petstore_auth");
        assertNotNull(scopes);
        assertEquals(scopes.size(), 2);
        assertTrue(scopes.contains("write:pets"));
        assertTrue(scopes.contains("read:pets"));
    }
    {
        final SecurityRequirement securityRequirement = security.get(1);
        final List<String> scopes = securityRequirement.get("api_key");
        assertNotNull(scopes);
        assertTrue(scopes.isEmpty());
    }
    {
        final SecurityRequirement securityRequirement = security.get(2);
        final List<String> scopes = securityRequirement.get("http");
        assertNotNull(scopes);
        assertTrue(scopes.isEmpty());
    }
}

Example 2 with Scopes

use of io.swagger.v3.oas.models.security.Scopes in project swagger-core by swagger-api.

the class SecurityDefinitionTest method createModelWithSecurityRequirements.

@Test(description = "it should create a model with security requirements")
public void createModelWithSecurityRequirements() throws IOException {
    final Schema personModel = ModelConverters.getInstance().read(Person.class).get("Person");
    final Schema errorModel = ModelConverters.getInstance().read(Error.class).get("Error");
    final Info info = new Info().version("1.0.0").title("Swagger Petstore");
    final Contact contact = new Contact().name("Swagger API Team").email("foo@bar.baz").url("http://swagger.io");
    info.setContact(contact);
    final OpenAPI oas = new OpenAPI().info(info).addServersItem(new Server().url("http://petstore.swagger.io")).schema("Person", personModel).schema("Error", errorModel);
    oas.schemaRequirement("githubAccessCode", new SecurityScheme().flows(new OAuthFlows().authorizationCode(new OAuthFlow().scopes(new Scopes().addString("user:email", "Grants read access to a user’s email addresses.")))));
    final Operation get = new Operation().summary("finds pets in the system").description("a longer description").addTagsItem("Pet Operations").operationId("get pet by id");
    get.addParametersItem(new Parameter().in("query").name("tags").description("tags to filter by").required(false).schema(new StringSchema()));
    get.addParametersItem(new Parameter().in("path").name("petId").description("pet to fetch").schema(new IntegerSchema().format("int64")));
    final ApiResponse response = new ApiResponse().description("pets returned").content(new Content().addMediaType("*/*", new MediaType().schema(new Schema().$ref("Person"))));
    final ApiResponse errorResponse = new ApiResponse().description("error response").content(new Content().addMediaType("*/*", new MediaType().schema(new Schema().$ref("Error"))));
    get.responses(new ApiResponses().addApiResponse("200", response).addApiResponse("default", errorResponse)).addSecurityItem(new SecurityRequirement().addList("internal_oauth2", "user:email")).addSecurityItem(new SecurityRequirement().addList("api_key"));
    oas.path("/pets", new PathItem().get(get));
    final String json = ResourceUtils.loadClassResource(getClass(), "ModelWithSecurityRequirements.json");
    SerializationMatchers.assertEqualsToJson(oas, json);
}

Example 3 with Scopes

use of io.swagger.v3.oas.models.security.Scopes in project swagger-core by swagger-api.

the class ReaderTest method testSecuritySchemeWithRef.

@Test(description = "SecurityScheme with REf")
public void testSecuritySchemeWithRef() {
    Components components = new Components();
    components.addSecuritySchemes("Security", new SecurityScheme().description("Security Example").name("Security").type(SecurityScheme.Type.OAUTH2).$ref("myOauth2Security").in(SecurityScheme.In.HEADER));
    OpenAPI oas = new OpenAPI().info(new Info().description("info")).components(components);
    Reader reader = new Reader(oas);
    OpenAPI openAPI = reader.read(RefSecurityResource.class);
    String yaml = "openapi: 3.0.1\n" + "info:\n" + "  description: info\n" + "paths:\n" + "  /:\n" + "    get:\n" + "      description: description\n" + "      operationId: Operation Id\n" + "      responses:\n" + "        default:\n" + "          description: default response\n" + "          content:\n" + "            '*/*': {}\n" + "      security:\n" + "      - security_key:\n" + "        - write:pets\n" + "        - read:pets\n" + "components:\n" + "  securitySchemes:\n" + "    Security:\n" + "      type: oauth2\n" + "      description: Security Example\n" + "    myOauth2Security:\n" + "      type: oauth2\n" + "      description: myOauthSecurity Description\n" + "      $ref: '#/components/securitySchemes/Security'\n" + "      in: header\n" + "      flows:\n" + "        implicit:\n" + "          authorizationUrl: http://x.com\n" + "          scopes:\n" + "            write:pets: modify pets in your account\n";
    SerializationMatchers.assertEqualsToYaml(openAPI, yaml);
}

Example 4 with Scopes

use of io.swagger.v3.oas.models.security.Scopes in project swagger-core by swagger-api.

the class ReaderTest method testSecurityRequirement.

@Test(description = "Security Requirement")
public void testSecurityRequirement() {
    Reader reader = new Reader(new OpenAPI());
    Method[] methods = SecurityResource.class.getDeclaredMethods();
    Operation securityOperation = reader.parseMethod(Arrays.stream(methods).filter((method -> method.getName().equals("getSecurity"))).findFirst().get(), null, null);
    assertNotNull(securityOperation);
    List<SecurityRequirement> securityRequirements = securityOperation.getSecurity();
    assertNotNull(securityRequirements);
    assertEquals(SECURITY_REQUIREMENT_NUMBER, securityRequirements.size());
    List<String> scopes = securityRequirements.get(0).get(SECURITY_KEY);
    assertNotNull(scopes);
    assertEquals(SCOPE_NUMBER, scopes.size());
    assertEquals(SCOPE_VALUE1, scopes.get(0));
    assertEquals(SCOPE_VALUE2, scopes.get(1));
}