forked from chanced/openapi
-
Notifications
You must be signed in to change notification settings - Fork 0
/
security.go
187 lines (162 loc) · 6.09 KB
/
security.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
package openapi
import (
"encoding/json"
"github.com/chanced/openapi/yamlutil"
)
const (
// SecuritySchemeTypeAPIKey = "apiKey"
SecuritySchemeTypeAPIKey SecuritySchemeType = "apiKey"
// SecuritySchemeTypeHTTP = "http"
SecuritySchemeTypeHTTP SecuritySchemeType = "http"
// SecuritySchemeTypeMutualTLS = mutualTLS
SecuritySchemeTypeMutualTLS SecuritySchemeType = "mutualTLS"
// SecuritySchemeTypeOAuth2 = oauth2
SecuritySchemeTypeOAuth2 SecuritySchemeType = "oauth2"
// SecuritySchemeTypeOpenIDConnect = "openIdConnect"
SecuritySchemeTypeOpenIDConnect SecuritySchemeType = "openIdConnect"
)
// SecurityRequirements is a list of SecurityRequirement
type SecurityRequirements []SecurityRequirement
// SecurityRequirement lists the required security schemes to execute this
// operation. The name used for each property MUST correspond to a security
// scheme declared in the Security Schemes under the Components Object.
//
// Security Requirement Objects that contain multiple schemes require that all
// schemes MUST be satisfied for a request to be authorized. This enables
// support for scenarios where multiple query parameters or HTTP headers are
// required to convey security information.
//
// When a list of Security Requirement Objects is defined on the OpenAPI Object
// or Operation Object, only one of the Security Requirement Objects in the list
// needs to be satisfied to authorize the request.
//
// Each name MUST correspond to a security scheme which is declared in the
// Security Schemes under the Components Object. If the security scheme is of
// type "oauth2" or "openIdConnect", then the value is a list of scope names
// required for the execution, and the list MAY be empty if authorization does
// not require a specified scope. For other security scheme types, the array MAY
// contain a list of role names which are required for the execution, but are
// not otherwise defined or exchanged in-band.
type SecurityRequirement map[string][]string
// SecuritySchemeType represents the type of the security scheme.
type SecuritySchemeType string
func (ss SecuritySchemeType) String() string {
return string(ss)
}
// SecuritySchemeKind is either a SecuritySchemeObj or Reference
type SecuritySchemeKind uint8
const (
// SecuritySchemeKindObj = SecuritySchemeObj
SecuritySchemeKindObj SecuritySchemeKind = iota
// SecuritySchemeKindRef = Reference
SecuritySchemeKindRef
)
// SecuritySchemes is a map of SecurityScheme
type SecuritySchemes map[string]SecurityScheme
// UnmarshalJSON unmarshals json
func (ss *SecuritySchemes) UnmarshalJSON(data []byte) error {
var dm map[string]json.RawMessage
if err := json.Unmarshal(data, &dm); err != nil {
return err
}
res := make(SecuritySchemes, len(dm))
for k, d := range dm {
if isRefJSON(d) {
v, err := unmarshalReferenceJSON(d)
if err != nil {
return err
}
res[k] = v
continue
}
var v SecuritySchemeObj
if err := json.Unmarshal(d, &v); err != nil {
return err
}
res[k] = &v
}
*ss = res
return nil
}
// MarshalYAML marshals YAML
func (ss SecuritySchemes) MarshalYAML() (interface{}, error) {
return yamlutil.Marshal(ss)
}
// UnmarshalYAML unmarshals YAML
func (ss *SecuritySchemes) UnmarshalYAML(unmarshal func(interface{}) error) error {
return yamlutil.Unmarshal(unmarshal, ss)
}
// SecuritySchemeObj defines a security scheme that can be used by the operations.
type SecuritySchemeObj struct {
// The type of the security scheme.
//
// *required
Type SecuritySchemeType `json:"type,omitempty"`
// Any description for security scheme. CommonMark syntax MAY be used for
// rich text representation.
Description string `json:"description,omitempty"`
// The name of the header, query or cookie parameter to be used.
//
// Applies to: API Key
//
// *required*
Name string `json:"name,omitempty"`
// The location of the API key. Valid values are "query", "header" or "cookie".
//
// Applies to: APIKey
//
// *required*
In In `json:"in,omitempty"`
// The name of the HTTP Authorization scheme to be used in the Authorization
// header as defined in RFC7235. The values used SHOULD be registered in the
// IANA Authentication Scheme registry.
//
// *required*
Scheme string `json:"scheme,omitempty"`
// http ("bearer") A hint to the client to identify how the bearer token is
// formatted. Bearer tokens are usually generated by an authorization
// server, so this information is primarily for documentation purposes.
BearerFormat string `json:"bearerFormat,omitempty"`
// An object containing configuration information for the flow types supported.
//
// *required*
Flows *OAuthFlows `json:"flows,omitempty"`
// OpenId Connect URL to discover OAuth2 configuration values. This MUST be
// in the form of a URL. The OpenID Connect standard requires the use of
// TLS.
//
// *required*
OpenIDConnectURL string `json:"openIdConnect,omitempty"`
Extensions `json:"-"`
}
type securityscheme SecuritySchemeObj
// UnmarshalJSON unmarshals JSON
func (sso *SecuritySchemeObj) UnmarshalJSON(data []byte) error {
var v securityscheme
err := unmarshalExtendedJSON(data, &v)
*sso = SecuritySchemeObj(v)
return err
}
// MarshalJSON marshals JSON
func (sso SecuritySchemeObj) MarshalJSON() ([]byte, error) {
return marshalExtendedJSON(securityscheme(sso))
}
// MarshalYAML marshals YAML
func (sso SecuritySchemeObj) MarshalYAML() (interface{}, error) {
return yamlutil.Marshal(sso)
}
// UnmarshalYAML unmarshals YAML
func (sso *SecuritySchemeObj) UnmarshalYAML(unmarshal func(interface{}) error) error {
return yamlutil.Unmarshal(unmarshal, sso)
}
// SecuritySchemeKind returns SecuritySchemeKindObj
func (sso *SecuritySchemeObj) SecuritySchemeKind() SecuritySchemeKind { return SecuritySchemeKindObj }
// ResolveSecurityScheme resolves SecuritySchemeObj by returning itself. resolve is not called.
func (sso *SecuritySchemeObj) ResolveSecurityScheme(SecuritySchemeResolver) (*SecuritySchemeObj, error) {
return sso, nil
}
// SecurityScheme can either be a ScecuritySchemeObj or a Reference
type SecurityScheme interface {
ResolveSecurityScheme(SecuritySchemeResolver) (*SecuritySchemeObj, error)
SecuritySchemeKind() SecuritySchemeKind
}