-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
added security definition description #1174
Conversation
@pmorelli92 I perfectly understand the use case, please open a feature request https://github.com/swaggo/swag/issues examining this implementation requirement and I will follow you with a CR. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well done.
We need to have a clear readme so our users will understand how to use it.
README.md
Outdated
| securitydefinitions.oauth2.application | [OAuth2 application](https://swagger.io/docs/specification/authentication/oauth2/) auth. | tokenUrl, scope, sec.def.description | // @securitydefinitions.oauth2.application OAuth2Application | | ||
| securitydefinitions.oauth2.implicit | [OAuth2 implicit](https://swagger.io/docs/specification/authentication/oauth2/) auth. | authorizationUrl, scope, sec.def.description | // @securitydefinitions.oauth2.implicit OAuth2Implicit | | ||
| securitydefinitions.oauth2.password | [OAuth2 password](https://swagger.io/docs/specification/authentication/oauth2/) auth. | tokenUrl, scope, sec.def.description | // @securitydefinitions.oauth2.password OAuth2Password | | ||
| securitydefinitions.oauth2.accessCode | [OAuth2 access code](https://swagger.io/docs/specification/authentication/oauth2/) auth. | tokenUrl, authorizationUrl, scope, sec.def.description | // @securitydefinitions.oauth2.accessCode OAuth2AccessCode | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please update sec.def.description with "description" for the parameter column and add also the "description" feature in the example column.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added the example on the table below where the parameter annotation | example
lives as I cannot do line breaks on the example cell of the mentioned table. Hope that is ok.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ubogdan , as sec.def.description
is a "line" parameter such as header
, in
, scopes
etc; I had to name it in the mentioned way because if I named it description
it will override (or take) the description at the general API info level.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can of course change it to x-description
as well as an alternative :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See the following definition
Lines 31 to 56 in 050b0aa
// @securityDefinitions.basic BasicAuth | |
// @securityDefinitions.apikey ApiKeyAuth | |
// @in header | |
// @name Authorization | |
// @securitydefinitions.oauth2.application OAuth2Application | |
// @tokenUrl https://example.com/oauth/token | |
// @scope.write Grants write access | |
// @scope.admin Grants read and write access to administrative information | |
// @securitydefinitions.oauth2.implicit OAuth2Implicit | |
// @authorizationUrl https://example.com/oauth/authorize | |
// @scope.write Grants write access | |
// @scope.admin Grants read and write access to administrative information | |
// @securitydefinitions.oauth2.password OAuth2Password | |
// @tokenUrl https://example.com/oauth/token | |
// @scope.read Grants read access | |
// @scope.write Grants write access | |
// @scope.admin Grants read and write access to administrative information | |
// @securitydefinitions.oauth2.accessCode OAuth2AccessCode | |
// @tokenUrl https://example.com/oauth/token | |
// @authorizationUrl https://example.com/oauth/authorize | |
// @scope.admin Grants read and write access to administrative information |
I expect to see something like
// @securitydefinitions.oauth2.application OAuth2Application
// @tokenUrl https://example.com/oauth/token
// @scope.write Grants write access
// @scope.admin Grants read and write access to administrative information
// @description Perform OAUTH2 at application level
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can do that :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You made it @security.definition.description instead of @description ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, did not see your edited comment 😅
I will try to make it work with just description
but as I said before, when I tried it overlapped with the @description
that you put to the general API info. I will debug and see if I can solve that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The current way it works is the following, given these lines:
// @description this API is a demo
// @securitydefinitions.oauth2.application OAuth2Application
// @description Perform OAUTH2 at application level
The code will:
- Range every comment
- For the first line it will set the API description to
this API is a demo
- For the second line it will range all comments starting from
comments[i+1:]
in other words skipping the current. This will effectively go through the@description
and set it correctly. - For the third line it will set the API description (and override) to
Perform OAUTH2 at application level
The issue is that the parseSecAttr
function is iterating all the lines below until it finds another @securitydefinitions.
. But then, the lines that parseSecAttr
iterated, will be iterated back again by the main for buckle.
This is why I changed the name to something different. I can potentially see how to make the main buckle not go through the lines that the security definition already did, but that might introduce lots of changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ubogdan check it now, with the changes I have done it is working correctly and the main buckle does not re-iterate the lines that the security definitions already iterated :)
Codecov Report
@@ Coverage Diff @@
## master #1174 +/- ##
==========================================
- Coverage 94.77% 94.71% -0.06%
==========================================
Files 10 10
Lines 2449 2460 +11
==========================================
+ Hits 2321 2330 +9
- Misses 67 68 +1
- Partials 61 62 +1
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@ubogdan I discovered a bug when you could have more than one security definition so I did the fix and added test cases for it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@pmorelli92 Thanks for your contribution. |
Describe the PR
Added description capabilities for the security definitions types.
Additional context
I know this field is not mandatory, but another tool I am working with, relies on me adding the descriptions, otherwise it will break. I would need pretty please a tag if this gets merged 🙏