search

LucyBot-Inc / api-spec-converter

Convert API descriptions between popular formats such as OpenAPI(fka Swagger), RAML, API Blueprint, WADL, etc.
https://lucybot-inc.github.io/api-spec-converter/
MIT License
1.11k stars 179 forks source link

OpenAPI 3 -> Swagger 2.0 conversion sometimes makes the securityDefinitions disappear #278

Open mdirkse opened 3 years ago

mdirkse commented 3 years ago

Hi,

I'm using the project to convert an OpenAPI 3 spec to Swagger 2 (for use in GCP's API Gateway). I'm noticing that the convertor will make the securityDefinitions top level element disappear if any paths reference a schema object definition. Let me give 2 examples:

If I input the following:

---
openapi: 3.0.3
info:
  title: Works
  description: Works
  version: 0.5.0
schemes:
  - https
produces:
  - application/json
securityDefinitions:
  firebase:
    authorizationUrl: ""
    flow: "implicit"
    type: "oauth2"
    x-google-issuer: "https://securetoken.google.com/test"
    x-google-jwks_uri: "https://www.googleapis.com/service_accounts/v1/metadata/x509/securetoken@system.gserviceaccount.com"
    x-google-audiences: "test"
paths:
  /v1/hello:
    get:
      operationId: hello-get
      responses:
        "200":
          description: OK
          content:
            text/plain:
              schema:
                type: string
      security:
      - firebase: []
      x-google-backend:
        address: https://test-ew.a.run.app

I get the following (as expected):

swagger: '2.0'
info:
  description: Works
  title: Works
  version: 0.5.0
schemes:
  - https
produces:
  - application/json
paths:
  /v1/hello:
    get:
      produces:
        - text/plain
      parameters: []
      responses:
        '200':
          description: OK
          schema:
            type: string
      security:
        - firebase: []
      operationId: hello-get
      x-google-backend:
        address: 'https://test-ew.a.run.app'
securityDefinitions:
  firebase:
    authorizationUrl: ''
    flow: implicit
    type: oauth2
    x-google-audiences: test
    x-google-issuer: 'https://securetoken.google.com/test'
    x-google-jwks_uri: >-
      https://www.googleapis.com/service_accounts/v1/metadata/x509/securetoken@system.gserviceaccount.com

However, if I include an endpoint with a reference to a schema in its response, like so:

---
openapi: 3.0.3
info:
  title: Broken
  description: Broken
  version: 0.5.0
schemes:
  - https
produces:
  - application/json
securityDefinitions:
  firebase:
    authorizationUrl: ""
    flow: "implicit"
    type: "oauth2"
    x-google-issuer: "https://securetoken.google.com/test"
    x-google-jwks_uri: "https://www.googleapis.com/service_accounts/v1/metadata/x509/securetoken@system.gserviceaccount.com"
    x-google-audiences: "test"
paths:
  /v1/profile:
    get:
      operationId: profile-get
      responses:
        "200":
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Profile'
      security:
      - firebase: []
      x-google-backend:
        address: https://test-ew.a.run.app
components:
  schemas:
    Profile:
      type: object
      properties:
        club:
          format: int32
          type: integer
        email:
          type: string
        id:
          type: string
        name:
          type: string
        roles:
          type: array
          items:
            type: string

I get the following:

swagger: '2.0'
info:
  description: Broken
  title: Broken
  version: 0.5.0
schemes:
  - https
produces:
  - application/json
paths:
  /v1/profile:
    get:
      produces:
        - application/json
      parameters: []
      responses:
        '200':
          description: OK
          schema:
            $ref: '#/definitions/Profile'
      security:
        - firebase: []
      operationId: profile-get
      x-google-backend:
        address: 'https://test-ew.a.run.app'
definitions:
  Profile:
    properties:
      club:
        format: int32
        type: integer
      email:
        type: string
      id:
        type: string
      name:
        type: string
      roles:
        items:
          type: string
        type: array
    type: object
x-components: {}

Notice that the securityDefinitions element has disappeared and I've got an extra x-components: {} tag that was added.

Is this intended behavior or a bug?

thegris commented 2 years ago

I am hitting the same thing. Conversion from OpenAPIv3 to Swaggerv2 is removing the securityDefinitions.

wuzechen commented 2 years ago

Same thing here is my command api-spec-converter --from=openapi_3 --to=swagger_2 --syntax=yaml endpoints/openapi3.yml > endpoints/openapi.yml

guiguialinea commented 1 year ago

Any solutions ? Google cloud endpoints only support swagger_2 format and when i use api-spec-converter to convert from openapi3 to swagger2 googe cloud endpoints says my file is not a 3.0 openapi, but it is... I also noticed that it removed securityDefinitions, security, x-google-endpoints and host key