Allow for security schemes #71
Conversation
README.md
Outdated
| type: apiKey | ||
| name: api_key | ||
| in: header | ||
| overallSecurityRequirement: |
There was a problem hiding this comment.
Why not stick to standard naming "security" instead of overallSecurityRequirement. We know that it should be applied to all paths because it is in the root of the documentation object. If it was path specific it would have been defined inside of the path object.
There was a problem hiding this comment.
OpenAPI does this by itself, if it's defined in the root it will be applied, no need to copy from root to each path
There was a problem hiding this comment.
OpenAPI does this by itself, if it's defined in the root it will be applied, no need to copy from root to each path
Not 100% sure what you mean here.
README.md
Outdated
| - read:pets | ||
| ``` | ||
|
|
||
| If you have specified an `overallSecurityRequirement`, but this HTTP Request should not apply any security schemes, you should set security to be an array with an empty object: |
There was a problem hiding this comment.
Yeah i'll change it to security, but was mostly trying to differentiate so as to not cause confusion.
src/definitionGenerator.js
Outdated
| this.createSecuritySchemes(this.serverless.service.custom.documentation.securitySchemes) | ||
|
|
||
| if (this.serverless.service.custom.documentation.overallSecurityRequirement) { | ||
| this.openAPI.security = this.serverless.service.custom.documentation.overallSecurityRequirement |
There was a problem hiding this comment.
If you have line 277-280 of this file, then you dont need this conditional:
277-280
if (Object.keys(documentation).includes('security')) {
obj.security = documentation.security
}
There was a problem hiding this comment.
Think you're misunderstanding here. Line 46 is checking for a security (or previously overallSecurityRequirement) set within the documentation top level to apply to every operation.
Line 277 is checking on an operation level to see if there is a security config to override the overall security configuration set in Line 46.
There was a problem hiding this comment.
You could fix the README as well with this version. in the Model re-use i believe the indentation is wrong, you are missing a tab after schema:
FROM THIS:
custom:
documentation:
...
models:
- name: "ErrorResponse"
description: "This is an error"
content:
application/json:
schema: &ErrorItem
type: object
properties:
message:
type: string
code:
type: integer
- name: "PutDocumentResponse"
description: "PUT Document response model (external reference example)"
content:
application/json:
schema:
type: array
items: *ErrorItemTO THIS:
custom:
documentation:
...
models:
- name: "ErrorResponse"
description: "This is an error"
content:
application/json:
schema: &ErrorItem
type: object
properties:
message:
type: string
code:
type: integer
- name: "PutDocumentResponse"
description: "PUT Document response model (external reference example)"
content:
application/json:
schema:
type: array
items: *ErrorItem
No description provided.