Skip to content

feat(swagger): add extension in SecuritySchemeObject#3247

Closed
mag123c wants to merge 7 commits intonestjs:masterfrom
mag123c:3179-security-schemes-extensions
Closed

feat(swagger): add extension in SecuritySchemeObject#3247
mag123c wants to merge 7 commits intonestjs:masterfrom
mag123c:3179-security-schemes-extensions

Conversation

@mag123c
Copy link
Contributor

@mag123c mag123c commented Jan 17, 2025

PR Checklist

Please check if your PR fulfills the following requirements:

PR Type

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • Build related changes
  • CI related changes
  • Other... Please describe:

What is the current behavior?

SecuritySchemes cannot include additional necessary information. Specifically, for security implementations requiring more than one header, the current Security Scheme Object cannot represent such configurations. This limitation makes it difficult to express security setups for platforms like AWS API Gateway, which often require additional metadata.

Issue Number: #3179

What is the new behavior?

Added support for custom extension properties in the SecuritySchemeObject

example code when used addApiKey()

.addApiKey({
    type: 'apiKey',
    name: 'Authorization',
    in: 'header',
    'x-amazon-apigateway-authtype': 'oauth2',
    'x-amazon-apigateway-authorizer': {
        type: 'token',
        authorizerUri:
            'arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:account-id:function:function-name/invocations',
        authorizerCredentials: 'arn:aws:iam::account-id:role',
        identityValidationExpression: '^x-[a-z]+',
        authorizerResultTtlInSeconds: 60,
    },
})

When creating a Swagger document, you can now include custom extensions in the Security Scheme Object using methods like .addApiKey(), .addBearerAuth(), .addOAuth2(), or .addBasicAuth(). This feature enables you to define additional metadata required for platforms like AWS API Gateway or other custom security configurations.

image

Does this PR introduce a breaking change?

  • Yes
  • No

Other information

reference: https://swagger.io/docs/specification/v3_0/openapi-extensions/

@mag123c
Copy link
Contributor Author

mag123c commented Jan 17, 2025

I think we just need to add extension to SecuritySchemeObject like this commit. Additionally, I don't see the test code either. Is there anything else we need to consider for adding extension?

@mag123c mag123c closed this Jan 17, 2025
@mag123c mag123c reopened this Jan 17, 2025
@mag123c
Copy link
Contributor Author

mag123c commented Jan 17, 2025

This PR contains unnecessary commits due to a branch synchronization issue. I will close this PR and open a new one with only the relevant changes!!

@mag123c mag123c closed this Jan 17, 2025
@mag123c mag123c deleted the 3179-security-schemes-extensions branch January 17, 2025 01:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mag123c