From 61861f61f360a93abed7247d45f139d043370b81 Mon Sep 17 00:00:00 2001 From: Sergei Date: Fri, 20 Oct 2023 00:05:53 +0200 Subject: [PATCH] Export proper scopes in openapi3 file for oauth2 and jwt (#3399) Co-authored-by: server-may-cry --- http/codegen/openapi/v3/builder.go | 6 +----- .../openapi/v3/testdata/golden/security_file0.golden | 2 +- .../openapi/v3/testdata/golden/security_file1.golden | 2 -- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/http/codegen/openapi/v3/builder.go b/http/codegen/openapi/v3/builder.go index 5859d55cf4..550349273f 100644 --- a/http/codegen/openapi/v3/builder.go +++ b/http/codegen/openapi/v3/builder.go @@ -549,11 +549,7 @@ func buildSecurityRequirements(reqs []*expr.SecurityExpr) []map[string][]string case expr.BasicAuthKind, expr.APIKeyKind: sr[sch.Hash()] = []string{} case expr.OAuth2Kind, expr.JWTKind: - scopes := make([]string, len(sch.Scopes)) - for i, scope := range sch.Scopes { - scopes[i] = scope.Name - } - sr[sch.Hash()] = scopes + sr[sch.Hash()] = req.Scopes } } srs[i] = sr diff --git a/http/codegen/openapi/v3/testdata/golden/security_file0.golden b/http/codegen/openapi/v3/testdata/golden/security_file0.golden index 4ca40dd6b5..63871908f8 100644 --- a/http/codegen/openapi/v3/testdata/golden/security_file0.golden +++ b/http/codegen/openapi/v3/testdata/golden/security_file0.golden @@ -1 +1 @@ -{"openapi":"3.0.3","info":{"title":"Goa API","version":"1.0"},"servers":[{"url":"http://localhost:80","description":"Default server for test api"}],"paths":{"/":{"get":{"tags":["testService"],"summary":"testEndpointA testService","operationId":"testService#testEndpointA","parameters":[{"name":"k","in":"query","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Quia molestias."},"example":"Doloribus qui quia."},{"name":"Token","in":"header","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Et tempora et quae."},"example":"Itaque inventore optio."},{"name":"X-Authorization","in":"header","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Ullam aut."},"example":"Iste perspiciatis."}],"responses":{"204":{"description":"No Content response."}},"security":[{"api_key_query_k":[],"basic_header_Authorization":[],"jwt_header_X-Authorization":["api:read","api:write"],"oauth2_header_Token":["api:read","api:write"]}]},"post":{"tags":["testService"],"summary":"testEndpointB testService","operationId":"testService#testEndpointB","parameters":[{"name":"auth","in":"query","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Harum et."},"example":"Neque nisi quibusdam nisi sint sunt."}],"responses":{"204":{"description":"No Content response."}},"security":[{"api_key_header_Authorization":[]},{"oauth2_query_auth":["api:read","api:write"]}]}}},"components":{"securitySchemes":{"api_key_header_Authorization":{"type":"apiKey","description":"Secures endpoint by requiring an API key.","name":"Authorization","in":"header"},"api_key_query_k":{"type":"apiKey","description":"Secures endpoint by requiring an API key.","name":"k","in":"query"},"basic_header_Authorization":{"type":"http","description":"Basic authentication used to authenticate security principal during signin","scheme":"basic"},"jwt_header_X-Authorization":{"type":"http","description":"Secures endpoint by requiring a valid JWT token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","scheme":"bearer"},"oauth2_header_Token":{"type":"oauth2","description":"Secures endpoint by requiring a valid OAuth2 token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","flows":{"authorizationCode":{"authorizationUrl":"http://goa.design/authorization","tokenUrl":"http://goa.design/token","refreshUrl":"http://goa.design/refresh","scopes":{"api:read":"Read-only access","api:write":"Read and write access"}}}},"oauth2_query_auth":{"type":"oauth2","description":"Secures endpoint by requiring a valid OAuth2 token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","flows":{"authorizationCode":{"authorizationUrl":"http://goa.design/authorization","tokenUrl":"http://goa.design/token","refreshUrl":"http://goa.design/refresh","scopes":{"api:read":"Read-only access","api:write":"Read and write access"}}}}}},"tags":[{"name":"testService"}]} \ No newline at end of file +{"openapi":"3.0.3","info":{"title":"Goa API","version":"1.0"},"servers":[{"url":"http://localhost:80","description":"Default server for test api"}],"paths":{"/":{"get":{"tags":["testService"],"summary":"testEndpointA testService","operationId":"testService#testEndpointA","parameters":[{"name":"k","in":"query","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Quia molestias."},"example":"Doloribus qui quia."},{"name":"Token","in":"header","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Et tempora et quae."},"example":"Itaque inventore optio."},{"name":"X-Authorization","in":"header","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Ullam aut."},"example":"Iste perspiciatis."}],"responses":{"204":{"description":"No Content response."}},"security":[{"api_key_query_k":[],"basic_header_Authorization":[],"jwt_header_X-Authorization":["api:read"],"oauth2_header_Token":["api:read"]}]},"post":{"tags":["testService"],"summary":"testEndpointB testService","operationId":"testService#testEndpointB","parameters":[{"name":"auth","in":"query","allowEmptyValue":true,"required":true,"schema":{"type":"string","example":"Harum et."},"example":"Neque nisi quibusdam nisi sint sunt."}],"responses":{"204":{"description":"No Content response."}},"security":[{"api_key_header_Authorization":[]},{"oauth2_query_auth":["api:read","api:write"]}]}}},"components":{"securitySchemes":{"api_key_header_Authorization":{"type":"apiKey","description":"Secures endpoint by requiring an API key.","name":"Authorization","in":"header"},"api_key_query_k":{"type":"apiKey","description":"Secures endpoint by requiring an API key.","name":"k","in":"query"},"basic_header_Authorization":{"type":"http","description":"Basic authentication used to authenticate security principal during signin","scheme":"basic"},"jwt_header_X-Authorization":{"type":"http","description":"Secures endpoint by requiring a valid JWT token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","scheme":"bearer"},"oauth2_header_Token":{"type":"oauth2","description":"Secures endpoint by requiring a valid OAuth2 token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","flows":{"authorizationCode":{"authorizationUrl":"http://goa.design/authorization","tokenUrl":"http://goa.design/token","refreshUrl":"http://goa.design/refresh","scopes":{"api:read":"Read-only access","api:write":"Read and write access"}}}},"oauth2_query_auth":{"type":"oauth2","description":"Secures endpoint by requiring a valid OAuth2 token retrieved via the signin endpoint. Supports scopes \"api:read\" and \"api:write\".","flows":{"authorizationCode":{"authorizationUrl":"http://goa.design/authorization","tokenUrl":"http://goa.design/token","refreshUrl":"http://goa.design/refresh","scopes":{"api:read":"Read-only access","api:write":"Read and write access"}}}}}},"tags":[{"name":"testService"}]} \ No newline at end of file diff --git a/http/codegen/openapi/v3/testdata/golden/security_file1.golden b/http/codegen/openapi/v3/testdata/golden/security_file1.golden index 55d73c2a16..f83c071962 100644 --- a/http/codegen/openapi/v3/testdata/golden/security_file1.golden +++ b/http/codegen/openapi/v3/testdata/golden/security_file1.golden @@ -45,10 +45,8 @@ paths: basic_header_Authorization: [] jwt_header_X-Authorization: - api:read - - api:write oauth2_header_Token: - api:read - - api:write post: tags: - testService