diff --git a/api/src/main/scala/de/zalando/play/controllers/SecurityExtractors.scala b/api/src/main/scala/de/zalando/play/controllers/SecurityExtractors.scala index 0817572..2507617 100644 --- a/api/src/main/scala/de/zalando/play/controllers/SecurityExtractors.scala +++ b/api/src/main/scala/de/zalando/play/controllers/SecurityExtractors.scala @@ -55,7 +55,7 @@ object SwaggerSecurityExtractors extends BasicAuthSecurityExtractor with OAuthRe def queryApiKey[User >: Any]: String => RequestHeader => (String => User) => Future[Option[User]] = name => header => convertToUser => header.queryString.get(name).flatMap(_.headOption) map convertToUser - def oAuthPassword[User >: Any]: Seq[String] => String => RequestHeader => (JsValue => User) => Future[Option[User]] = + def oAuth[User >: Any]: Seq[String] => String => RequestHeader => (JsValue => User) => Future[Option[User]] = scopes => tokenUrl => header => convertToUser => { val futureResult = header.headers.get("Authorization").flatMap(decodeBearer).map { token: String => checkOAuthToken(tokenUrl, token, scopes:_*) @@ -66,8 +66,6 @@ object SwaggerSecurityExtractors extends BasicAuthSecurityExtractor with OAuthRe futureResult.map(_.map(convertToUser)) } - def oAuth[User >: Any]: (String*) => RequestHeader => (Seq[String] => User) => Future[Option[User]] = - scopes => header => convertUer => ??? } trait BasicAuthSecurityExtractor { diff --git a/compiler/src/main/scala/de/zalando/apifirst/ast.scala b/compiler/src/main/scala/de/zalando/apifirst/ast.scala index faad689..6d65761 100644 --- a/compiler/src/main/scala/de/zalando/apifirst/ast.scala +++ b/compiler/src/main/scala/de/zalando/apifirst/ast.scala @@ -224,31 +224,14 @@ object Security { sealed trait Definition { def description: Option[String] } - sealed trait OAuth2Definition extends Definition { - def description: Option[String] - def scopes: OAuth2Scopes - } case class Basic(description: Option[String]) extends Definition case class ApiKey(description: Option[String], name: String, in: ParameterPlace) extends Definition { require(in == ParameterPlace.QUERY || in == ParameterPlace.HEADER) require(name.nonEmpty) } - case class OAuth2Implicit(description: Option[String], authorizationUrl: URL, - scopes: OAuth2Scopes) extends OAuth2Definition { - require(authorizationUrl != null) - } - case class OAuth2Password(description: Option[String], tokenUrl: URL, - scopes: OAuth2Scopes) extends OAuth2Definition { - require(tokenUrl != null) - } - case class OAuth2Application(description: Option[String], tokenUrl: URL, - scopes: OAuth2Scopes) extends OAuth2Definition { - require(tokenUrl != null) - } - case class OAuth2AccessCode(description: Option[String], authorizationUrl: URL, tokenUrl: URL, - scopes: OAuth2Scopes) extends OAuth2Definition { - require(tokenUrl != null) - require(authorizationUrl != null) + case class OAuth2Definition(description: Option[String], validationURL: Option[URL], + scopes: OAuth2Scopes) extends Definition { + require(validationURL != null) } sealed trait Constraint { diff --git a/compiler/src/main/scala/de/zalando/apifirst/generators/SecurityStep.scala b/compiler/src/main/scala/de/zalando/apifirst/generators/SecurityStep.scala index 621b372..d457652 100644 --- a/compiler/src/main/scala/de/zalando/apifirst/generators/SecurityStep.scala +++ b/compiler/src/main/scala/de/zalando/apifirst/generators/SecurityStep.scala @@ -35,19 +35,15 @@ trait SecurityStep extends EnrichmentStep[StrictModel] with SecurityCommons { case b: Basic => "basicAuth" case ApiKey(_, _, in) if in == ParameterPlace.HEADER => "headerApiKey" case ApiKey(_, _, in) if in == ParameterPlace.QUERY => "queryApiKey" - case o: OAuth2Password => "oAuthPassword" - case o: OAuth2Application => "oAuthPassword" - case o: OAuth2Implicit => "oAuth" // FIXME - case o: OAuth2AccessCode => "oAuth" // FIXME + case o: OAuth2Definition => "oAuth" } private def securityParams(definition: Definition): Seq[Map[String,String]] = definition match { case b: Basic => Nil case ApiKey(_, name, _) => Seq(Map("name" -> ("\"" + name + "\""))) - case OAuth2Password(_, tokenUrl, scopes) => Seq(Map("name" -> ("\"" + tokenUrl + "\""))) - case OAuth2Application(_, tokenUrl, scopes) => Seq(Map("name" -> ("\"" + tokenUrl + "\""))) - - case _ => Nil // FIXME + case OAuth2Definition(_, None, _) => + throw new IllegalStateException("Validation URL is required for play security code generator") + case OAuth2Definition(_, Some(validationURL), scopes) => Seq(Map("name" -> ("\"" + validationURL + "\""))) } private def externalSecurityParams(definition: Definition): Seq[Map[String,String]] = definition match { @@ -58,9 +54,7 @@ trait SecurityStep extends EnrichmentStep[StrictModel] with SecurityCommons { private def userParams(definition: Definition): Seq[Map[String,String]] = definition match { case b: Basic => Seq(Map("name" -> "username", "type" -> "String"), Map("name" -> "password", "type" -> "String")) case ApiKey(_, name, _) => Seq(Map("name" -> "apiKey", "type" -> "String")) - case OAuth2Password(_, tokenUrl, scopes) => Seq(Map("name" -> "token", "type" -> "play.api.libs.json.JsValue")) - case OAuth2Application(_, tokenUrl, scopes) => Seq(Map("name" -> "token", "type" -> "play.api.libs.json.JsValue")) - case _ => Nil // FIXME + case OAuth2Definition(_, tokenUrl, scopes) => Seq(Map("name" -> "token", "type" -> "play.api.libs.json.JsValue")) } } diff --git a/compiler/src/main/scala/de/zalando/swagger/SecurityConverter.scala b/compiler/src/main/scala/de/zalando/swagger/SecurityConverter.scala index a608a71..43f7250 100644 --- a/compiler/src/main/scala/de/zalando/swagger/SecurityConverter.scala +++ b/compiler/src/main/scala/de/zalando/swagger/SecurityConverter.scala @@ -23,19 +23,9 @@ object SecurityConverter { val place = ParameterPlace.withName(apiKey.in.toLowerCase) require(place == ParameterPlace.HEADER || place == ParameterPlace.QUERY) name -> Security.ApiKey(Option(apiKey.description), apiKey.name, place) - case (name, oauth: Oauth2ImplicitSecurity) => - val authorizationUrl = new URL(oauth.authorizationUrl) - name -> Security.OAuth2Implicit(Option(oauth.description), authorizationUrl, oauth.scopes) - case (name, oauth: Oauth2PasswordSecurity) => - val tokenUrl = new URL(oauth.tokenUrl) - name -> Security.OAuth2Password(Option(oauth.description), tokenUrl, oauth.scopes) - case (name, oauth: Oauth2ApplicationSecurity) => - val tokenUrl = new URL(oauth.tokenUrl) - name -> Security.OAuth2Application(Option(oauth.description), tokenUrl, oauth.scopes) - case (name, oauth: Oauth2AccessCodeSecurity) => - val authorizationUrl = new URL(oauth.authorizationUrl) - val tokenUrl = new URL(oauth.tokenUrl) - name -> Security.OAuth2AccessCode(Option(oauth.description), authorizationUrl, tokenUrl, oauth.scopes) + case (name, oauth: Oauth2SecurityDefinition) => + val validationURL = oauth.validationUrl.map(new URL(_)) + name -> Security.OAuth2Definition(Option(oauth.description), validationURL, oauth.scopes) } } diff --git a/compiler/src/main/scala/de/zalando/swagger/strictModel.scala b/compiler/src/main/scala/de/zalando/swagger/strictModel.scala index 8de0ccf..77598e6 100644 --- a/compiler/src/main/scala/de/zalando/swagger/strictModel.scala +++ b/compiler/src/main/scala/de/zalando/swagger/strictModel.scala @@ -748,6 +748,12 @@ object strictModel { /********* security definitions *********/ sealed trait SecurityDefinition extends VendorExtensions + sealed trait Oauth2SecurityDefinition extends SecurityDefinition { + lazy val validationUrl: Option[Uri] = vendorExtensions.get("x-token-validation-url") + def description: String + def scopes: Oauth2Scopes + } + case class BasicAuthenticationSecurity( @JsonProperty(required = true) `type`: String, // "enum": basic description: Description @@ -766,7 +772,7 @@ object strictModel { @JsonProperty(required = true) authorizationUrl: Uri, scopes: Oauth2Scopes, description: Description - ) extends SecurityDefinition with UriChecker { + ) extends Oauth2SecurityDefinition with UriChecker { val url = authorizationUrl } @@ -776,7 +782,7 @@ object strictModel { @JsonProperty(required = true) tokenUrl: Uri, scopes: Oauth2Scopes, description: Description - ) extends SecurityDefinition with UriChecker { + ) extends Oauth2SecurityDefinition with UriChecker { val url = tokenUrl } @@ -786,7 +792,7 @@ object strictModel { @JsonProperty(required = true) tokenUrl: Uri, scopes: Oauth2Scopes, description: Description - ) extends SecurityDefinition with UriChecker { + ) extends Oauth2SecurityDefinition with UriChecker { val url = tokenUrl } @@ -797,7 +803,7 @@ object strictModel { @JsonProperty(required = true) tokenUrl: Uri, scopes: Oauth2Scopes, description: Description - ) extends SecurityDefinition with UriChecker { + ) extends Oauth2SecurityDefinition with UriChecker { val url = tokenUrl } diff --git a/compiler/src/test/resources/examples/full.petstore.api.yaml b/compiler/src/test/resources/examples/full.petstore.api.yaml index b131a5c..e0cb07c 100644 --- a/compiler/src/test/resources/examples/full.petstore.api.yaml +++ b/compiler/src/test/resources/examples/full.petstore.api.yaml @@ -490,6 +490,7 @@ securityDefinitions: petstore_auth: type: oauth2 authorizationUrl: http://petstore.swagger.wordnik.com/api/oauth/dialog + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/dialog flow: implicit scopes: write_pets: modify pets in your account diff --git a/compiler/src/test/resources/examples/instagram.api.yaml b/compiler/src/test/resources/examples/instagram.api.yaml index abeb852..5cba24d 100644 --- a/compiler/src/test/resources/examples/instagram.api.yaml +++ b/compiler/src/test/resources/examples/instagram.api.yaml @@ -175,6 +175,7 @@ securityDefinitions: type: oauth2 flow: implicit authorizationUrl: https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token + x-token-validation-url: https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token scopes: basic: | to read any and all data related to a user (e.g. following/followed-by diff --git a/compiler/src/test/resources/examples/security.api.yaml b/compiler/src/test/resources/examples/security.api.yaml index 660ac75..f6115ae 100644 --- a/compiler/src/test/resources/examples/security.api.yaml +++ b/compiler/src/test/resources/examples/security.api.yaml @@ -120,6 +120,7 @@ securityDefinitions: flow: accessCode authorizationUrl: https://github.com/login/oauth/authorize tokenUrl: https://github.com/login/oauth/access_token + x-token-validation-url: https://github.com/login/oauth/access_token petstoreImplicit: type: oauth2 scopes: @@ -144,6 +145,7 @@ securityDefinitions: admin:public_key: Fully manage public keys. flow: implicit authorizationUrl: http://petstore.swagger.wordnik.com/oauth/dialog + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/dialog petstorePassword: type: oauth2 scopes: @@ -151,6 +153,7 @@ securityDefinitions: admin: Fully manage flow: password tokenUrl: http://petstore.swagger.wordnik.com/oauth/dialog + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/dialog petstoreApplication: type: oauth2 scopes: @@ -158,6 +161,7 @@ securityDefinitions: admin: Fully manage flow: application tokenUrl: http://petstore.swagger.wordnik.com/oauth/token + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/token internalApiKey: type: apiKey in: header diff --git a/compiler/src/test/resources/examples/split.petstore.api.yaml b/compiler/src/test/resources/examples/split.petstore.api.yaml index 745911a..a87e148 100644 --- a/compiler/src/test/resources/examples/split.petstore.api.yaml +++ b/compiler/src/test/resources/examples/split.petstore.api.yaml @@ -484,6 +484,7 @@ securityDefinitions: petstore_auth: type: oauth2 authorizationUrl: http://petstore.swagger.wordnik.com/api/oauth/dialog + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/dialog flow: implicit scopes: write_pets: modify pets in your account diff --git a/compiler/src/test/resources/expected_results/security/full.petstore.api.yaml.extractor.scala b/compiler/src/test/resources/expected_results/security/full.petstore.api.yaml.extractor.scala index 0baec1e..b256a88 100644 --- a/compiler/src/test/resources/expected_results/security/full.petstore.api.yaml.extractor.scala +++ b/compiler/src/test/resources/expected_results/security/full.petstore.api.yaml.extractor.scala @@ -13,7 +13,7 @@ trait SecurityExtractors { ??? } def petstore_auth_Extractor[User >: Any](scopes: String*): RequestHeader => Future[Option[User]] = - header => oAuth(scopes)(header) { _ => + header => oAuth(scopes)("http://petstore.swagger.wordnik.com/oauth/dialog")(header) { (token: play.api.libs.json.JsValue) => ??? } implicit val unauthorizedContentWriter = ??? diff --git a/compiler/src/test/resources/expected_results/security/instagram.api.yaml.extractor.scala b/compiler/src/test/resources/expected_results/security/instagram.api.yaml.extractor.scala index 355d55e..b38f140 100644 --- a/compiler/src/test/resources/expected_results/security/instagram.api.yaml.extractor.scala +++ b/compiler/src/test/resources/expected_results/security/instagram.api.yaml.extractor.scala @@ -7,7 +7,7 @@ import de.zalando.play.controllers.SwaggerSecurityExtractors._ trait SecurityExtractors { def oauth_Extractor[User >: Any](scopes: String*): RequestHeader => Future[Option[User]] = - header => oAuth(scopes)(header) { _ => + header => oAuth(scopes)("https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token")(header) { (token: play.api.libs.json.JsValue) => ??? } def key_Extractor[User >: Any](): RequestHeader => Future[Option[User]] = diff --git a/compiler/src/test/resources/expected_results/security/security.api.yaml.extractor.scala b/compiler/src/test/resources/expected_results/security/security.api.yaml.extractor.scala index c16a9bc..cc5e391 100644 --- a/compiler/src/test/resources/expected_results/security/security.api.yaml.extractor.scala +++ b/compiler/src/test/resources/expected_results/security/security.api.yaml.extractor.scala @@ -8,15 +8,15 @@ import de.zalando.play.controllers.ArrayWrapper trait SecurityExtractors { def petstoreImplicit_Extractor[User >: Any](scopes: String*): RequestHeader => Future[Option[User]] = - header => oAuth(scopes)(header) { _ => + header => oAuth(scopes)("http://petstore.swagger.wordnik.com/oauth/dialog")(header) { (token: play.api.libs.json.JsValue) => ??? } def githubAccessCode_Extractor[User >: Any](scopes: String*): RequestHeader => Future[Option[User]] = - header => oAuth(scopes)(header) { _ => + header => oAuth(scopes)("https://github.com/login/oauth/access_token")(header) { (token: play.api.libs.json.JsValue) => ??? } def petstorePassword_Extractor[User >: Any](scopes: String*): RequestHeader => Future[Option[User]] = - header => oAuthPassword(scopes)("http://petstore.swagger.wordnik.com/oauth/dialog")(header) { (token: play.api.libs.json.JsValue) => + header => oAuth(scopes)("http://petstore.swagger.wordnik.com/oauth/dialog")(header) { (token: play.api.libs.json.JsValue) => ??? } def justBasicStuff_Extractor[User >: Any](): RequestHeader => Future[Option[User]] = @@ -24,7 +24,7 @@ trait SecurityExtractors { ??? } def petstoreApplication_Extractor[User >: Any](scopes: String*): RequestHeader => Future[Option[User]] = - header => oAuthPassword(scopes)("http://petstore.swagger.wordnik.com/oauth/token")(header) { (token: play.api.libs.json.JsValue) => + header => oAuth(scopes)("http://petstore.swagger.wordnik.com/oauth/token")(header) { (token: play.api.libs.json.JsValue) => ??? } def internalApiKey_Extractor[User >: Any](): RequestHeader => Future[Option[User]] = diff --git a/compiler/src/test/resources/expected_results/security/split.petstore.api.yaml.extractor.scala b/compiler/src/test/resources/expected_results/security/split.petstore.api.yaml.extractor.scala index 2755110..38055f9 100644 --- a/compiler/src/test/resources/expected_results/security/split.petstore.api.yaml.extractor.scala +++ b/compiler/src/test/resources/expected_results/security/split.petstore.api.yaml.extractor.scala @@ -13,7 +13,7 @@ trait SecurityExtractors { ??? } def petstore_auth_Extractor[User >: Any](scopes: String*): RequestHeader => Future[Option[User]] = - header => oAuth(scopes)(header) { _ => + header => oAuth(scopes)("http://petstore.swagger.wordnik.com/oauth/dialog")(header) { (token: play.api.libs.json.JsValue) => ??? } implicit val unauthorizedContentWriter = ??? diff --git a/compiler/src/test/resources/expected_results/security_constraints/full.petstore.api.yaml.types b/compiler/src/test/resources/expected_results/security_constraints/full.petstore.api.yaml.types index 1e384b0..6b6c10b 100644 --- a/compiler/src/test/resources/expected_results/security_constraints/full.petstore.api.yaml.types +++ b/compiler/src/test/resources/expected_results/security_constraints/full.petstore.api.yaml.types @@ -1,2 +1,2 @@ -OAuth2Constraint(petstore_auth,OAuth2Implicit(None,http://petstore.swagger.wordnik.com/api/oauth/dialog,Map(write_pets -> modify pets in your account, read_pets -> read your pets)),Set(write_pets, read_pets)) +OAuth2Constraint(petstore_auth,OAuth2Definition(None,Some(http://petstore.swagger.wordnik.com/oauth/dialog),Map(write_pets -> modify pets in your account, read_pets -> read your pets)),Set(write_pets, read_pets)) ApiKeyConstraint(api_key,ApiKey(None,api_key,header)) \ No newline at end of file diff --git a/compiler/src/test/resources/expected_results/security_constraints/instagram.api.yaml.types b/compiler/src/test/resources/expected_results/security_constraints/instagram.api.yaml.types index d9ed032..41cc8e2 100644 --- a/compiler/src/test/resources/expected_results/security_constraints/instagram.api.yaml.types +++ b/compiler/src/test/resources/expected_results/security_constraints/instagram.api.yaml.types @@ -1,13 +1,13 @@ -OAuth2Constraint(oauth,OAuth2Implicit(None,https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token,Map(basic -> to read any and all data related to a user (e.g. following/followed-by +OAuth2Constraint(oauth,OAuth2Definition(None,Some(https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token),Map(basic -> to read any and all data related to a user (e.g. following/followed-by lists, photos, etc.) (granted by default) , comments -> to create or delete comments on a user’s behalf, relationships -> to follow and unfollow users on a user’s behalf, likes -> to like and unlike items on a user’s behalf)),Set(basic, comments, relationships, likes)) ApiKeyConstraint(key,ApiKey(None,access_token,query)) -OAuth2Constraint(oauth,OAuth2Implicit(None,https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token,Map(basic -> to read any and all data related to a user (e.g. following/followed-by +OAuth2Constraint(oauth,OAuth2Definition(None,Some(https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token),Map(basic -> to read any and all data related to a user (e.g. following/followed-by lists, photos, etc.) (granted by default) , comments -> to create or delete comments on a user’s behalf, relationships -> to follow and unfollow users on a user’s behalf, likes -> to like and unlike items on a user’s behalf)),Set(comments)) -OAuth2Constraint(oauth,OAuth2Implicit(None,https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token,Map(basic -> to read any and all data related to a user (e.g. following/followed-by +OAuth2Constraint(oauth,OAuth2Definition(None,Some(https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token),Map(basic -> to read any and all data related to a user (e.g. following/followed-by lists, photos, etc.) (granted by default) , comments -> to create or delete comments on a user’s behalf, relationships -> to follow and unfollow users on a user’s behalf, likes -> to like and unlike items on a user’s behalf)),Set(relationships)) -OAuth2Constraint(oauth,OAuth2Implicit(None,https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token,Map(basic -> to read any and all data related to a user (e.g. following/followed-by +OAuth2Constraint(oauth,OAuth2Definition(None,Some(https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token),Map(basic -> to read any and all data related to a user (e.g. following/followed-by lists, photos, etc.) (granted by default) , comments -> to create or delete comments on a user’s behalf, relationships -> to follow and unfollow users on a user’s behalf, likes -> to like and unlike items on a user’s behalf)),Set(basic)) \ No newline at end of file diff --git a/compiler/src/test/resources/expected_results/security_constraints/security.api.yaml.types b/compiler/src/test/resources/expected_results/security_constraints/security.api.yaml.types index 983acc1..45bf6a7 100644 --- a/compiler/src/test/resources/expected_results/security_constraints/security.api.yaml.types +++ b/compiler/src/test/resources/expected_results/security_constraints/security.api.yaml.types @@ -1,2 +1,2 @@ -OAuth2Constraint(githubAccessCode,OAuth2AccessCode(None,https://github.com/login/oauth/authorize,https://github.com/login/oauth/access_token,Map(admin:org -> Fully manage organization, teams, and memberships., user:email -> Grants read access to a user’s email addresses., read:org -> Read-only access to organization, teams, and membership., public_repo -> Grants read/write access to code, commit statuses, and deployment statuses for public repositories and organizations., write:public_key -> Create, list, and view details for public keys., repo_deployment -> Grants access to deployment statuses for public and private repositories. This scope is only necessary to grant other users or services access to deployment statuses, without granting access to the code., write:repo_hook -> Grants read, write, and ping access to hooks in public or private repositories., admin:public_key -> Fully manage public keys., repo:status -> Grants read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses without granting access to the code., gist -> Grants write access to gists., user:follow -> Grants access to follow or unfollow other users., repo -> Grants read/write access to code, commit statuses, and deployment statuses for public and private repositories and organizations., read:repo_hook -> Grants read and ping access to hooks in public or private repositories., notifications -> Grants read access to a user’s notifications. repo also provides this access., read:public_key -> List and view details for public keys., admin:repo_hook -> Grants read, write, ping, and delete access to hooks in public or private repositories., user -> Grants read/write access to profile info only. Note that this scope includes user:email and user:follow., write:org -> Publicize and unpublicize organization membership., delete_repo -> Grants access to delete adminable repositories.)),Set(user)) +OAuth2Constraint(githubAccessCode,OAuth2Definition(None,Some(https://github.com/login/oauth/access_token),Map(admin:org -> Fully manage organization, teams, and memberships., user:email -> Grants read access to a user’s email addresses., read:org -> Read-only access to organization, teams, and membership., public_repo -> Grants read/write access to code, commit statuses, and deployment statuses for public repositories and organizations., write:public_key -> Create, list, and view details for public keys., repo_deployment -> Grants access to deployment statuses for public and private repositories. This scope is only necessary to grant other users or services access to deployment statuses, without granting access to the code., write:repo_hook -> Grants read, write, and ping access to hooks in public or private repositories., admin:public_key -> Fully manage public keys., repo:status -> Grants read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses without granting access to the code., gist -> Grants write access to gists., user:follow -> Grants access to follow or unfollow other users., repo -> Grants read/write access to code, commit statuses, and deployment statuses for public and private repositories and organizations., read:repo_hook -> Grants read and ping access to hooks in public or private repositories., notifications -> Grants read access to a user’s notifications. repo also provides this access., read:public_key -> List and view details for public keys., admin:repo_hook -> Grants read, write, ping, and delete access to hooks in public or private repositories., user -> Grants read/write access to profile info only. Note that this scope includes user:email and user:follow., write:org -> Publicize and unpublicize organization membership., delete_repo -> Grants access to delete adminable repositories.)),Set(user)) ApiKeyConstraint(internalApiKey,ApiKey(None,api_key,header)) \ No newline at end of file diff --git a/compiler/src/test/resources/expected_results/security_constraints/split.petstore.api.yaml.types b/compiler/src/test/resources/expected_results/security_constraints/split.petstore.api.yaml.types index 1e384b0..6b6c10b 100644 --- a/compiler/src/test/resources/expected_results/security_constraints/split.petstore.api.yaml.types +++ b/compiler/src/test/resources/expected_results/security_constraints/split.petstore.api.yaml.types @@ -1,2 +1,2 @@ -OAuth2Constraint(petstore_auth,OAuth2Implicit(None,http://petstore.swagger.wordnik.com/api/oauth/dialog,Map(write_pets -> modify pets in your account, read_pets -> read your pets)),Set(write_pets, read_pets)) +OAuth2Constraint(petstore_auth,OAuth2Definition(None,Some(http://petstore.swagger.wordnik.com/oauth/dialog),Map(write_pets -> modify pets in your account, read_pets -> read your pets)),Set(write_pets, read_pets)) ApiKeyConstraint(api_key,ApiKey(None,api_key,header)) \ No newline at end of file diff --git a/compiler/src/test/resources/expected_results/security_definitions/full.petstore.api.yaml.types b/compiler/src/test/resources/expected_results/security_definitions/full.petstore.api.yaml.types index fd17fec..8e01de2 100644 --- a/compiler/src/test/resources/expected_results/security_definitions/full.petstore.api.yaml.types +++ b/compiler/src/test/resources/expected_results/security_definitions/full.petstore.api.yaml.types @@ -1,2 +1,2 @@ api_key -> ApiKey(None,api_key,header) -petstore_auth -> OAuth2Implicit(None,http://petstore.swagger.wordnik.com/api/oauth/dialog,Map(write_pets -> modify pets in your account, read_pets -> read your pets)) \ No newline at end of file +petstore_auth -> OAuth2Definition(None,Some(http://petstore.swagger.wordnik.com/oauth/dialog),Map(write_pets -> modify pets in your account, read_pets -> read your pets)) \ No newline at end of file diff --git a/compiler/src/test/resources/expected_results/security_definitions/instagram.api.yaml.types b/compiler/src/test/resources/expected_results/security_definitions/instagram.api.yaml.types index 5ff7ee2..f471335 100644 --- a/compiler/src/test/resources/expected_results/security_definitions/instagram.api.yaml.types +++ b/compiler/src/test/resources/expected_results/security_definitions/instagram.api.yaml.types @@ -1,4 +1,4 @@ -oauth -> OAuth2Implicit(None,https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token,Map(basic -> to read any and all data related to a user (e.g. following/followed-by +oauth -> OAuth2Definition(None,Some(https://instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token),Map(basic -> to read any and all data related to a user (e.g. following/followed-by lists, photos, etc.) (granted by default) , comments -> to create or delete comments on a user’s behalf, relationships -> to follow and unfollow users on a user’s behalf, likes -> to like and unlike items on a user’s behalf)) key -> ApiKey(None,access_token,query) \ No newline at end of file diff --git a/compiler/src/test/resources/expected_results/security_definitions/security.api.yaml.types b/compiler/src/test/resources/expected_results/security_definitions/security.api.yaml.types index 3c4655d..05d9e15 100644 --- a/compiler/src/test/resources/expected_results/security_definitions/security.api.yaml.types +++ b/compiler/src/test/resources/expected_results/security_definitions/security.api.yaml.types @@ -1,6 +1,6 @@ -petstoreImplicit -> OAuth2Implicit(None,http://petstore.swagger.wordnik.com/oauth/dialog,Map(admin:org -> Fully manage organization, teams, and memberships., user:email -> Grants read access to a user’s email addresses., read:org -> Read-only access to organization, teams, and membership., public_repo -> Grants read/write access to code, commit statuses, and deployment statuses for public repositories and organizations., write:public_key -> Create, list, and view details for public keys., repo_deployment -> Grants access to deployment statuses for public and private repositories. This scope is only necessary to grant other users or services access to deployment statuses, without granting access to the code., write:repo_hook -> Grants read, write, and ping access to hooks in public or private repositories., admin:public_key -> Fully manage public keys., repo:status -> Grants read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses without granting access to the code., gist -> Grants write access to gists., user:follow -> Grants access to follow or unfollow other users., repo -> Grants read/write access to code, commit statuses, and deployment statuses for public and private repositories and organizations., read:repo_hook -> Grants read and ping access to hooks in public or private repositories., notifications -> Grants read access to a user’s notifications. repo also provides this access., read:public_key -> List and view details for public keys., admin:repo_hook -> Grants read, write, ping, and delete access to hooks in public or private repositories., user -> Grants read/write access to profile info only. Note that this scope includes user:email and user:follow., write:org -> Publicize and unpublicize organization membership., delete_repo -> Grants access to delete adminable repositories.)) -githubAccessCode -> OAuth2AccessCode(None,https://github.com/login/oauth/authorize,https://github.com/login/oauth/access_token,Map(admin:org -> Fully manage organization, teams, and memberships., user:email -> Grants read access to a user’s email addresses., read:org -> Read-only access to organization, teams, and membership., public_repo -> Grants read/write access to code, commit statuses, and deployment statuses for public repositories and organizations., write:public_key -> Create, list, and view details for public keys., repo_deployment -> Grants access to deployment statuses for public and private repositories. This scope is only necessary to grant other users or services access to deployment statuses, without granting access to the code., write:repo_hook -> Grants read, write, and ping access to hooks in public or private repositories., admin:public_key -> Fully manage public keys., repo:status -> Grants read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses without granting access to the code., gist -> Grants write access to gists., user:follow -> Grants access to follow or unfollow other users., repo -> Grants read/write access to code, commit statuses, and deployment statuses for public and private repositories and organizations., read:repo_hook -> Grants read and ping access to hooks in public or private repositories., notifications -> Grants read access to a user’s notifications. repo also provides this access., read:public_key -> List and view details for public keys., admin:repo_hook -> Grants read, write, ping, and delete access to hooks in public or private repositories., user -> Grants read/write access to profile info only. Note that this scope includes user:email and user:follow., write:org -> Publicize and unpublicize organization membership., delete_repo -> Grants access to delete adminable repositories.)) -petstorePassword -> OAuth2Password(None,http://petstore.swagger.wordnik.com/oauth/dialog,Map(user -> Grants read/write access to profile, admin -> Fully manage)) +petstoreImplicit -> OAuth2Definition(None,Some(http://petstore.swagger.wordnik.com/oauth/dialog),Map(admin:org -> Fully manage organization, teams, and memberships., user:email -> Grants read access to a user’s email addresses., read:org -> Read-only access to organization, teams, and membership., public_repo -> Grants read/write access to code, commit statuses, and deployment statuses for public repositories and organizations., write:public_key -> Create, list, and view details for public keys., repo_deployment -> Grants access to deployment statuses for public and private repositories. This scope is only necessary to grant other users or services access to deployment statuses, without granting access to the code., write:repo_hook -> Grants read, write, and ping access to hooks in public or private repositories., admin:public_key -> Fully manage public keys., repo:status -> Grants read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses without granting access to the code., gist -> Grants write access to gists., user:follow -> Grants access to follow or unfollow other users., repo -> Grants read/write access to code, commit statuses, and deployment statuses for public and private repositories and organizations., read:repo_hook -> Grants read and ping access to hooks in public or private repositories., notifications -> Grants read access to a user’s notifications. repo also provides this access., read:public_key -> List and view details for public keys., admin:repo_hook -> Grants read, write, ping, and delete access to hooks in public or private repositories., user -> Grants read/write access to profile info only. Note that this scope includes user:email and user:follow., write:org -> Publicize and unpublicize organization membership., delete_repo -> Grants access to delete adminable repositories.)) +githubAccessCode -> OAuth2Definition(None,Some(https://github.com/login/oauth/access_token),Map(admin:org -> Fully manage organization, teams, and memberships., user:email -> Grants read access to a user’s email addresses., read:org -> Read-only access to organization, teams, and membership., public_repo -> Grants read/write access to code, commit statuses, and deployment statuses for public repositories and organizations., write:public_key -> Create, list, and view details for public keys., repo_deployment -> Grants access to deployment statuses for public and private repositories. This scope is only necessary to grant other users or services access to deployment statuses, without granting access to the code., write:repo_hook -> Grants read, write, and ping access to hooks in public or private repositories., admin:public_key -> Fully manage public keys., repo:status -> Grants read/write access to public and private repository commit statuses. This scope is only necessary to grant other users or services access to private repository commit statuses without granting access to the code., gist -> Grants write access to gists., user:follow -> Grants access to follow or unfollow other users., repo -> Grants read/write access to code, commit statuses, and deployment statuses for public and private repositories and organizations., read:repo_hook -> Grants read and ping access to hooks in public or private repositories., notifications -> Grants read access to a user’s notifications. repo also provides this access., read:public_key -> List and view details for public keys., admin:repo_hook -> Grants read, write, ping, and delete access to hooks in public or private repositories., user -> Grants read/write access to profile info only. Note that this scope includes user:email and user:follow., write:org -> Publicize and unpublicize organization membership., delete_repo -> Grants access to delete adminable repositories.)) +petstorePassword -> OAuth2Definition(None,Some(http://petstore.swagger.wordnik.com/oauth/dialog),Map(user -> Grants read/write access to profile, admin -> Fully manage)) justBasicStuff -> Basic(None) -petstoreApplication -> OAuth2Application(None,http://petstore.swagger.wordnik.com/oauth/token,Map(user -> Grants read/write access to profile, admin -> Fully manage)) +petstoreApplication -> OAuth2Definition(None,Some(http://petstore.swagger.wordnik.com/oauth/token),Map(user -> Grants read/write access to profile, admin -> Fully manage)) internalApiKey -> ApiKey(None,api_key,header) \ No newline at end of file diff --git a/compiler/src/test/resources/expected_results/security_definitions/split.petstore.api.yaml.types b/compiler/src/test/resources/expected_results/security_definitions/split.petstore.api.yaml.types index fd17fec..8e01de2 100644 --- a/compiler/src/test/resources/expected_results/security_definitions/split.petstore.api.yaml.types +++ b/compiler/src/test/resources/expected_results/security_definitions/split.petstore.api.yaml.types @@ -1,2 +1,2 @@ api_key -> ApiKey(None,api_key,header) -petstore_auth -> OAuth2Implicit(None,http://petstore.swagger.wordnik.com/api/oauth/dialog,Map(write_pets -> modify pets in your account, read_pets -> read your pets)) \ No newline at end of file +petstore_auth -> OAuth2Definition(None,Some(http://petstore.swagger.wordnik.com/oauth/dialog),Map(write_pets -> modify pets in your account, read_pets -> read your pets)) \ No newline at end of file diff --git a/plugin/src/sbt-test/swagger/compile/conf/full.petstore.api.yaml b/plugin/src/sbt-test/swagger/compile/conf/full.petstore.api.yaml index b131a5c..e0cb07c 100644 --- a/plugin/src/sbt-test/swagger/compile/conf/full.petstore.api.yaml +++ b/plugin/src/sbt-test/swagger/compile/conf/full.petstore.api.yaml @@ -490,6 +490,7 @@ securityDefinitions: petstore_auth: type: oauth2 authorizationUrl: http://petstore.swagger.wordnik.com/api/oauth/dialog + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/dialog flow: implicit scopes: write_pets: modify pets in your account diff --git a/plugin/src/sbt-test/swagger/compile/conf/security.api.yaml b/plugin/src/sbt-test/swagger/compile/conf/security.api.yaml index 83f5895..634fe12 100644 --- a/plugin/src/sbt-test/swagger/compile/conf/security.api.yaml +++ b/plugin/src/sbt-test/swagger/compile/conf/security.api.yaml @@ -120,6 +120,7 @@ securityDefinitions: flow: accessCode authorizationUrl: https://github.com/login/oauth/authorize tokenUrl: https://github.com/login/oauth/access_token + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/dialog petstoreImplicit: type: oauth2 scopes: @@ -144,6 +145,7 @@ securityDefinitions: admin:public_key: Fully manage public keys. flow: implicit authorizationUrl: http://petstore.swagger.wordnik.com/oauth/dialog + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/dialog internalApiKey: type: apiKey in: header diff --git a/plugin/src/sbt-test/swagger/compile/conf/split.petstore.api.yaml b/plugin/src/sbt-test/swagger/compile/conf/split.petstore.api.yaml index 745911a..a87e148 100644 --- a/plugin/src/sbt-test/swagger/compile/conf/split.petstore.api.yaml +++ b/plugin/src/sbt-test/swagger/compile/conf/split.petstore.api.yaml @@ -484,6 +484,7 @@ securityDefinitions: petstore_auth: type: oauth2 authorizationUrl: http://petstore.swagger.wordnik.com/api/oauth/dialog + x-token-validation-url: http://petstore.swagger.wordnik.com/oauth/dialog flow: implicit scopes: write_pets: modify pets in your account