OpenAPI spec lacks proper authorization securityDefinitions

Question

OpenAPI spec lacks proper authorization securityDefinitions

devth opened this issue 5 years ago · comments

Since the openapi.yaml spec doesn't specify securityDefinitions generated clients will lack the proper code to set the Authorization header.

Trevor Hartman · Answer 1 · Tue Jan 28 2020 01:11:15 GMT+0800 (China Standard Time)

Any thoughts on this?

Ben Schumacher · Answer 2 · Sat Feb 01 2020 04:34:50 GMT+0800 (China Standard Time)

@jupenur I lack the domain knowable to properly triage this issue. Can you help?

Trevor Hartman · Answer 3 · Sat Feb 01 2020 04:37:10 GMT+0800 (China Standard Time)

Here are the docs if it helps: https://swagger.io/docs/specification/2-0/authentication/

Juho Forsén · Answer 4 · Mon Feb 03 2020 18:06:26 GMT+0800 (China Standard Time)

@hanzei I can't say that I know much about the OpenAPI spec, and certainly not enough to write a fix, but this seems like a valid issue for sure. Authorization is only described in text in introduction.yaml and not in a format usable for client generation.

Ben Schumacher · Answer 5 · Mon Feb 03 2020 18:11:19 GMT+0800 (China Standard Time)

Mattermost has a lot of scopes for authentication. Hence, it a lot of work to add them all.

@devth Would you be interested on working on this?

Trevor Hartman · Answer 6 · Thu Feb 06 2020 02:27:54 GMT+0800 (China Standard Time)

I don't know anything about Mattermost codebase and I only just started using Mattermost itself. Just trying to use its OpenAPI spec to generate clients to consume the API. I'm happy to help test / provide feedback.

Eli Yukelzon · Answer 7 · Mon Feb 17 2020 22:43:44 GMT+0800 (China Standard Time)

@hanzei - I'll take over this issue