Example 1 with SecurityScheme
use of io.swagger.v3.oas.models.security.SecurityScheme in project cxf by apache.
the class OpenApiFeature method registerComponents.
private static Optional<Components> registerComponents(Map<String, SecurityScheme> securityDefinitions) {
final Components components = new Components();
boolean hasComponents = false;
if (securityDefinitions != null && !securityDefinitions.isEmpty()) {
securityDefinitions.forEach((key, value) -> components.addSecuritySchemes(key, value));
hasComponents |= true;
}
return hasComponents ? Optional.of(components) : Optional.empty();
}
Also used :
Components(io.swagger.v3.oas.models.Components)
Example 2 with SecurityScheme
use of io.swagger.v3.oas.models.security.SecurityScheme in project swagger-core by swagger-api.
the class SecuritySchemeDeserializer method deserialize.
@Override
public SecurityScheme deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException {
ObjectMapper mapper = null;
if (openapi31) {
mapper = Json31.mapper();
} else {
mapper = Json.mapper();
}
SecurityScheme result = null;
JsonNode node = jp.getCodec().readTree(jp);
JsonNode inNode = node.get("type");
if (inNode != null) {
String type = inNode.asText();
if (Arrays.stream(SecurityScheme.Type.values()).noneMatch(t -> t.toString().equals(type))) {
// wrong type, throw exception
throw new JsonParseException(jp, String.format("SecurityScheme type %s not allowed", type));
}
result = new SecurityScheme().description(getFieldText("description", node));
if ("http".equals(type)) {
result.type(SecurityScheme.Type.HTTP).scheme(getFieldText("scheme", node)).bearerFormat(getFieldText("bearerFormat", node));
} else if ("apiKey".equals(type)) {
result.type(SecurityScheme.Type.APIKEY).name(getFieldText("name", node)).in(getIn(getFieldText("in", node)));
} else if ("openIdConnect".equals(type)) {
result.type(SecurityScheme.Type.OPENIDCONNECT).openIdConnectUrl(getFieldText("openIdConnectUrl", node));
} else if ("oauth2".equals(type)) {
result.type(SecurityScheme.Type.OAUTH2).flows(mapper.convertValue(node.get("flows"), OAuthFlows.class));
} else if ("mutualTLS".equals(type)) {
result.type(SecurityScheme.Type.MUTUALTLS);
}
}
return result;
}
Also used :
JsonNode(com.fasterxml.jackson.databind.JsonNode)
JsonParseException(com.fasterxml.jackson.core.JsonParseException)
SecurityScheme(io.swagger.v3.oas.models.security.SecurityScheme)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Example 3 with SecurityScheme
use of io.swagger.v3.oas.models.security.SecurityScheme in project swagger-core by swagger-api.
the class JsonDeserializationTest method testDeserializeSecurity.
@Test
public void testDeserializeSecurity() throws Exception {
final OpenAPI swagger = TestUtils.deserializeJsonFileFromClasspath("specFiles/securityDefinitions.json", OpenAPI.class);
final List<SecurityRequirement> security = swagger.getSecurity();
assertNotNull(security);
assertEquals(security.size(), 3);
final Map<String, SecurityScheme> securitySchemes = swagger.getComponents().getSecuritySchemes();
assertNotNull(securitySchemes);
assertEquals(securitySchemes.size(), 4);
{
final SecurityScheme scheme = securitySchemes.get("petstore_auth");
assertNotNull(scheme);
assertEquals(scheme.getType().toString(), "oauth2");
assertEquals(scheme.getFlows().getImplicit().getAuthorizationUrl(), "http://petstore.swagger.io/oauth/dialog");
assertEquals(scheme.getFlows().getImplicit().getScopes().get("write:pets"), "modify pets in your account");
assertEquals(scheme.getFlows().getImplicit().getScopes().get("read:pets"), "read your pets");
}
{
final SecurityScheme scheme = securitySchemes.get("api_key");
assertNotNull(scheme);
assertEquals(scheme.getType().toString(), "apiKey");
assertEquals(scheme.getIn().toString(), "header");
assertEquals(scheme.getName(), "api_key");
}
{
final SecurityScheme scheme = securitySchemes.get("http");
assertNotNull(scheme);
assertEquals(scheme.getType().toString(), "http");
assertEquals(scheme.getScheme(), "basic");
}
{
final SecurityScheme scheme = securitySchemes.get("open_id_connect");
assertNotNull(scheme);
assertEquals(scheme.getType().toString(), "openIdConnect");
assertEquals(scheme.getOpenIdConnectUrl(), "http://petstore.swagger.io/openid");
}
{
final SecurityRequirement securityRequirement = security.get(0);
final List<String> scopes = securityRequirement.get("petstore_auth");
assertNotNull(scopes);
assertEquals(scopes.size(), 2);
assertTrue(scopes.contains("write:pets"));
assertTrue(scopes.contains("read:pets"));
}
{
final SecurityRequirement securityRequirement = security.get(1);
final List<String> scopes = securityRequirement.get("api_key");
assertNotNull(scopes);
assertTrue(scopes.isEmpty());
}
{
final SecurityRequirement securityRequirement = security.get(2);
final List<String> scopes = securityRequirement.get("http");
assertNotNull(scopes);
assertTrue(scopes.isEmpty());
}
}
Also used :
List(java.util.List)
OpenAPI(io.swagger.v3.oas.models.OpenAPI)
SecurityScheme(io.swagger.v3.oas.models.security.SecurityScheme)
SecurityRequirement(io.swagger.v3.oas.models.security.SecurityRequirement)
Test(org.testng.annotations.Test)
Example 4 with SecurityScheme
use of io.swagger.v3.oas.models.security.SecurityScheme in project swagger-core by swagger-api.
the class SecurityDefinitionTest method createModelWithSecurityRequirements.
@Test(description = "it should create a model with security requirements")
public void createModelWithSecurityRequirements() throws IOException {
final Schema personModel = ModelConverters.getInstance().read(Person.class).get("Person");
final Schema errorModel = ModelConverters.getInstance().read(Error.class).get("Error");
final Info info = new Info().version("1.0.0").title("Swagger Petstore");
final Contact contact = new Contact().name("Swagger API Team").email("foo@bar.baz").url("http://swagger.io");
info.setContact(contact);
final OpenAPI oas = new OpenAPI().info(info).addServersItem(new Server().url("http://petstore.swagger.io")).schema("Person", personModel).schema("Error", errorModel);
oas.schemaRequirement("githubAccessCode", new SecurityScheme().flows(new OAuthFlows().authorizationCode(new OAuthFlow().scopes(new Scopes().addString("user:email", "Grants read access to a user’s email addresses.")))));
final Operation get = new Operation().summary("finds pets in the system").description("a longer description").addTagsItem("Pet Operations").operationId("get pet by id");
get.addParametersItem(new Parameter().in("query").name("tags").description("tags to filter by").required(false).schema(new StringSchema()));
get.addParametersItem(new Parameter().in("path").name("petId").description("pet to fetch").schema(new IntegerSchema().format("int64")));
final ApiResponse response = new ApiResponse().description("pets returned").content(new Content().addMediaType("*/*", new MediaType().schema(new Schema().$ref("Person"))));
final ApiResponse errorResponse = new ApiResponse().description("error response").content(new Content().addMediaType("*/*", new MediaType().schema(new Schema().$ref("Error"))));
get.responses(new ApiResponses().addApiResponse("200", response).addApiResponse("default", errorResponse)).addSecurityItem(new SecurityRequirement().addList("internal_oauth2", "user:email")).addSecurityItem(new SecurityRequirement().addList("api_key"));
oas.path("/pets", new PathItem().get(get));
final String json = ResourceUtils.loadClassResource(getClass(), "ModelWithSecurityRequirements.json");
SerializationMatchers.assertEqualsToJson(oas, json);
}
Also used :
Server(io.swagger.v3.oas.models.servers.Server)
OAuthFlows(io.swagger.v3.oas.models.security.OAuthFlows)
Schema(io.swagger.v3.oas.models.media.Schema)
IntegerSchema(io.swagger.v3.oas.models.media.IntegerSchema)
StringSchema(io.swagger.v3.oas.models.media.StringSchema)
IntegerSchema(io.swagger.v3.oas.models.media.IntegerSchema)
Operation(io.swagger.v3.oas.models.Operation)
Info(io.swagger.v3.oas.models.info.Info)
ApiResponse(io.swagger.v3.oas.models.responses.ApiResponse)
Contact(io.swagger.v3.oas.models.info.Contact)
PathItem(io.swagger.v3.oas.models.PathItem)
OAuthFlow(io.swagger.v3.oas.models.security.OAuthFlow)
Scopes(io.swagger.v3.oas.models.security.Scopes)
Content(io.swagger.v3.oas.models.media.Content)
Parameter(io.swagger.v3.oas.models.parameters.Parameter)
MediaType(io.swagger.v3.oas.models.media.MediaType)
StringSchema(io.swagger.v3.oas.models.media.StringSchema)
Person(io.swagger.v3.core.oas.models.Person)
OpenAPI(io.swagger.v3.oas.models.OpenAPI)
SecurityScheme(io.swagger.v3.oas.models.security.SecurityScheme)
ApiResponses(io.swagger.v3.oas.models.responses.ApiResponses)
SecurityRequirement(io.swagger.v3.oas.models.security.SecurityRequirement)
Test(org.testng.annotations.Test)
Example 5 with SecurityScheme
use of io.swagger.v3.oas.models.security.SecurityScheme in project swagger-core by swagger-api.
the class ReaderTest method testSecuritySchemeWithRef.
@Test(description = "SecurityScheme with REf")
public void testSecuritySchemeWithRef() {
Components components = new Components();
components.addSecuritySchemes("Security", new SecurityScheme().description("Security Example").name("Security").type(SecurityScheme.Type.OAUTH2).$ref("myOauth2Security").in(SecurityScheme.In.HEADER));
OpenAPI oas = new OpenAPI().info(new Info().description("info")).components(components);
Reader reader = new Reader(oas);
OpenAPI openAPI = reader.read(RefSecurityResource.class);
String yaml = "openapi: 3.0.1\n" + "info:\n" + " description: info\n" + "paths:\n" + " /:\n" + " get:\n" + " description: description\n" + " operationId: Operation Id\n" + " responses:\n" + " default:\n" + " description: default response\n" + " content:\n" + " '*/*': {}\n" + " security:\n" + " - security_key:\n" + " - write:pets\n" + " - read:pets\n" + "components:\n" + " securitySchemes:\n" + " Security:\n" + " type: oauth2\n" + " description: Security Example\n" + " myOauth2Security:\n" + " type: oauth2\n" + " description: myOauthSecurity Description\n" + " $ref: '#/components/securitySchemes/Security'\n" + " in: header\n" + " flows:\n" + " implicit:\n" + " authorizationUrl: http://x.com\n" + " scopes:\n" + " write:pets: modify pets in your account\n";
SerializationMatchers.assertEqualsToYaml(openAPI, yaml);
}
Also used :
Components(io.swagger.v3.oas.models.Components)
Info(io.swagger.v3.oas.models.info.Info)
SecurityScheme(io.swagger.v3.oas.models.security.SecurityScheme)
OpenAPI(io.swagger.v3.oas.models.OpenAPI)
Test(org.testng.annotations.Test)
Aggregations
SecurityScheme (io.swagger.v3.oas.models.security.SecurityScheme)9
OpenAPI (io.swagger.v3.oas.models.OpenAPI)7
Components (io.swagger.v3.oas.models.Components)6
Test (org.testng.annotations.Test)6
Operation (io.swagger.v3.oas.models.Operation)3
PathItem (io.swagger.v3.oas.models.PathItem)3
Content (io.swagger.v3.oas.models.media.Content)3
MediaType (io.swagger.v3.oas.models.media.MediaType)3
Schema (io.swagger.v3.oas.models.media.Schema)3
Parameter (io.swagger.v3.oas.models.parameters.Parameter)3
ApiResponse (io.swagger.v3.oas.models.responses.ApiResponse)3
ApiResponses (io.swagger.v3.oas.models.responses.ApiResponses)3
SecurityRequirement (io.swagger.v3.oas.models.security.SecurityRequirement)3
Info (io.swagger.v3.oas.models.info.Info)2
HashSet (java.util.HashSet)2
List (java.util.List)2
JsonView (com.fasterxml.jackson.annotation.JsonView)1
JsonParseException (com.fasterxml.jackson.core.JsonParseException)1
BeanDescription (com.fasterxml.jackson.databind.BeanDescription)1
JavaType (com.fasterxml.jackson.databind.JavaType)1
