Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to use Security and SecurityRequirement #75

Open
nadar opened this issue Jul 28, 2020 · 2 comments · May be fixed by #225
Open

How to use Security and SecurityRequirement #75

nadar opened this issue Jul 28, 2020 · 2 comments · May be fixed by #225
Labels
enhancement New feature or request

Comments

@nadar
Copy link
Contributor

nadar commented Jul 28, 2020
edited
Loading

I am not sure how to use Security in combination with SecurityRequirements.

The Security Schema defined:

new OpenApi([
    'components' => new Components([
            'securitySchemes' => [
                'BearerAuth' => new SecurityScheme([
                    'type' => 'http',
                    'scheme' => 'bearer',
                    'bearerFormat' => 'AuthToken and JWT Format' # optional, arbitrary value for documentation purposes
                ])
            ],
   ]),
]);

Now the security schema is created (components).

How do i assign this security schema for an specific operation?

return new PathItem([
    'get' => new Operation([
        'security' => [new SecurityRequirement(['BearerAuth'])],
    ])
]);

Thanks for the great library and maybe it clarifies this task also for others.
@cebe
Copy link
Owner

cebe commented Jul 29, 2020
edited
Loading

I have never used Security and SecurityRequirement definitions before, but according to this documentation (https://swagger.io/docs/specification/authentication/) it seems it needs to look like this in YAML:

    get:
      security:
        - BearerAuth: []
#...
      summary: Gets the account billing info
      responses:
        '200':
          description: OK

So the correct way to create such a spec from PHP code would be:

return new PathItem([
    'get' => new Operation([
        'security' => [new SecurityRequirement(['BearerAuth' => []])],
        // ...
    ])
]);

I have not tried it, but this should work as far as I see.
I also see there is room for improvement on the class API here, so even if this answers your question, please keep the issue open.

@cebe cebe added the enhancement New feature or request label Jul 29, 2020
@cebe cebe added this to the 1.5.0 milestone Jul 29, 2020
@cebe cebe modified the milestones: 1.5.0, 1.6.0 Dec 14, 2020
@cebe cebe removed this from the 1.6.0 milestone Oct 13, 2021
@SOHELAHMED7 SOHELAHMED7 linked a pull request Feb 5, 2025 that will close this issue
Draft
@SOHELAHMED7
Copy link
Contributor

@cebe

How about improving the class API this way:

           'paths' => [
                '/test' => new PathItem([
                    'get' => new Operation([
                        'security' => new SecurityRequirements([ # plural
                            'BearerAuth' => new SecurityRequirement([]), # singular
                        ]),
                        'responses' => new Responses([
                            200 => new Response(['description' => 'OK']),
                        ])
                    ])
                ])
            ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Draft: How to use Security and SecurityRequirement SOHELAHMED7/php-openapi
3 participants
@cebe @nadar @SOHELAHMED7