search

TykTechnologies / tyk

Tyk Open Source API Gateway written in Go, supporting REST, GraphQL, TCP and gRPC protocols
Other
9.68k stars 1.08k forks source link

[TT-13185] reorganize contract in upstream oauth #6668

Closed andrei-tyk closed 3 days ago

andrei-tyk commented 4 days ago
TT-13185
Summary Implement OAuth 2.0 Password Flow for API Gateway Authentication with Upstream Server
Type Story Story
Status In Code Review
Points N/A
Labels QA_Fail

Description

Modified the spec of the upstream OAS to align with new contract.

Related Issue

Motivation and Context

How This Has Been Tested

Screenshots (if appropriate)

Types of changes

Checklist

buger commented 4 days ago

This PR is too huge for one to review :broken_heart: 

<table>
  <tr>
      <th>Additions</th>
      <td>1198 :no_good_woman: </td>
  </tr>
  <tr>
      <th>Expected</th>
      <td>:arrow_down: 800</td>
    </tr>
</table>
<p>
Consider breaking it down into multiple small PRs.
</p>
<p>
  Check out this <a href="https://www.atlassian.com/blog/git/written-unwritten-guide-pull-requests">guide</a> to learn more about PR best-practices.
</p>
buger commented 4 days ago

Let's make that PR title a 💯 shall we? 💪 

<p>
Your <em>PR title</em> and <em>story title</em> look <strong>slightly different</strong>. Just checking in to know if it was intentional!
</p>
<table>
  <tr>
    <th>Story Title</th>
    <td>Implement OAuth 2.0 Password Flow for API Gateway Authentication with Upstream Server</td>
  </tr>
  <tr>
      <th>PR Title</th>
      <td>[TT-13185] reorganize contract in upstream oauth</td>
    </tr>
</table>
<p>
  Check out this <a href="https://www.atlassian.com/blog/git/written-unwritten-guide-pull-requests">guide</a> to learn more about PR best-practices.
</p>
github-actions[bot] commented 4 days ago

API Changes

--- prev.txt    2024-10-25 10:46:03.499956815 +0000
+++ current.txt 2024-10-25 10:45:57.227853129 +0000
@@ -93,860 +93,1132 @@
    ResponseProcessorResponseBodyTransform = "response_body_transform"
 )
 const Schema = `{
-    "type": ["object", "null"],
-    "$schema": "http://json-schema.org/draft-04/schema",
-    "id": "http://jsonschema.net",
-    "additionalProperties": false,
-    "properties": {
-        "is_site": {
-            "type": "boolean"
-        },
-        "uptime_tests": {
-            "type": ["object", "null"]
-        },
-        "expire_analytics_after": {
-            "type": "number"
-        },
-        "id": {
-            "type": "string"
-        },
-        "org_id": {
-            "type": "string"
-        },
-        "api_id": {
-            "type": "string"
-        },
-       "expiration": {
-            "type": "string"
-        },
-        "tags_disabled": {
-            "type": "boolean"
-        },
-        "enable_ip_whitelisting": {
-            "type": "boolean"
-        },
-        "enable_ip_blacklisting": {
-            "type": "boolean"
+  "type": [
+    "object",
+    "null"
+  ],
+  "$schema": "http://json-schema.org/draft-04/schema",
+  "id": "http://jsonschema.net",
+  "additionalProperties": false,
+  "properties": {
+    "is_site": {
+      "type": "boolean"
+    },
+    "uptime_tests": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "expire_analytics_after": {
+      "type": "number"
+    },
+    "id": {
+      "type": "string"
+    },
+    "org_id": {
+      "type": "string"
+    },
+    "api_id": {
+      "type": "string"
+    },
+    "expiration": {
+      "type": "string"
+    },
+    "tags_disabled": {
+      "type": "boolean"
+    },
+    "enable_ip_whitelisting": {
+      "type": "boolean"
+    },
+    "enable_ip_blacklisting": {
+      "type": "boolean"
+    },
+    "enable_context_vars": {
+      "type": "boolean"
+    },
+    "strip_auth_data": {
+      "type": "boolean"
+    },
+    "do_not_track": {
+      "type": "boolean"
+    },
+    "enable_jwt": {
+      "type": "boolean"
+    },
+    "use_openid": {
+      "type": "boolean"
+    },
+    "openid_options": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "use_standard_auth": {
+      "type": "boolean"
+    },
+    "use_go_plugin_auth": {
+      "type": "boolean"
+    },
+    "enable_coprocess_auth": {
+      "type": "boolean"
+    },
+    "custom_plugin_auth_enabled": {
+      "type": "boolean"
+    },
+    "jwt_skip_kid": {
+      "type": "boolean"
+    },
+    "base_identity_provided_by": {
+      "type": "string"
+    },
+    "disable_rate_limit": {
+      "type": "boolean"
+    },
+    "disable_quota": {
+      "type": "boolean"
+    },
+    "custom_middleware_bundle": {
+      "type": "string"
+    },
+    "custom_middleware_bundle_disabled": {
+      "type": "boolean"
+    },
+    "jwt_policy_field_name": {
+      "type": "string"
+    },
+    "jwt_default_policies": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "jwt_signing_method": {
+      "type": "string"
+    },
+    "jwt_source": {
+      "type": "string"
+    },
+    "jwt_identity_base_field": {
+      "type": "string"
+    },
+    "jwt_client_base_field": {
+      "type": "string"
+    },
+    "jwt_disable_issued_at_validation": {
+      "type": "boolean"
+    },
+    "jwt_disable_expires_at_validation": {
+      "type": "boolean"
+    },
+    "jwt_disable_not_before_validation": {
+      "type": "boolean"
+    },
+    "jwt_issued_at_validation_skew": {
+      "type": "number"
+    },
+    "jwt_expires_at_validation_skew": {
+      "type": "number"
+    },
+    "jwt_not_before_validation_skew": {
+      "type": "number"
+    },
+    "jwt_scope_to_policy_mapping": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "jwt_scope_claim_name": {
+      "type": "string"
+    },
+    "scopes": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "properties": {
+        "jwt": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "scope_claim_name": {
+              "type": "string"
+            },
+            "scope_to_policy": {
+              "type": [
+                "object",
+                "null"
+              ]
+            }
+          }
         },
-        "enable_context_vars": {
-            "type": "boolean"
+        "oidc": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "scope_claim_name": {
+              "type": "string"
+            },
+            "scope_to_policy": {
+              "type": [
+                "object",
+                "null"
+              ]
+            }
+          }
+        }
+      }
+    },
+    "idp_client_id_mapping_disabled": {
+      "type": "boolean"
+    },
+    "use_keyless": {
+      "type": "boolean"
+    },
+    "use_basic_auth": {
+      "type": "boolean"
+    },
+    "use_mutual_tls_auth": {
+      "type": "boolean"
+    },
+    "client_certificates": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "upstream_certificates": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "upstream_certificates_disabled": {
+      "type": "boolean"
+    },
+    "pinned_public_keys": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "certificate_pinning_disabled": {
+      "type": "boolean"
+    },
+    "allowed_ips": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "blacklisted_ips": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "enable_batch_request_support": {
+      "type": "boolean"
+    },
+    "event_handlers": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "notifications": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "use_oauth2": {
+      "type": "boolean"
+    },
+    "oauth_meta": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "external_oauth": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "cache_options": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "tags": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "tag_headers": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "basic_auth": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "CORS": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "response_processors": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "auth_provider": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "properties": {
+        "name": {
+          "type": "string",
+          "enum": [
+            ""
+          ]
+        },
+        "storage_engine": {
+          "type": "string",
+          "enum": [
+            ""
+          ]
+        }
+      }
+    },
+    "session_provider": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "properties": {
+        "name": {
+          "type": "string",
+          "enum": [
+            ""
+          ]
+        },
+        "storage_engine": {
+          "type": "string",
+          "enum": [
+            ""
+          ]
+        }
+      }
+    },
+    "hmac_allowed_clock_skew": {
+      "type": "number"
+    },
+    "hmac_allowed_algorithms": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "dont_set_quota_on_create": {
+      "type": "boolean"
+    },
+    "custom_middleware": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "properties": {
+        "pre": {
+          "type": [
+            "array",
+            "null"
+          ]
+        },
+        "post": {
+          "type": [
+            "array",
+            "null"
+          ]
+        }
+      }
+    },
+    "session_lifetime_respects_key_expiration": {
+      "type": "boolean"
+    },
+    "session_lifetime": {
+      "type": "number"
+    },
+    "enable_detailed_recording": {
+      "type": "boolean"
+    },
+    "enable_signature_checking": {
+      "type": "boolean"
+    },
+    "active": {
+      "type": "boolean"
+    },
+    "internal": {
+      "type": "boolean"
+    },
+    "auth": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "id": "http://jsonschema.net/auth",
+      "properties": {
+        "auth_header_name": {
+          "type": "string",
+          "id": "http://jsonschema.net/auth/auth_header_name"
         },
-        "strip_auth_data": {
+        "use_certificate": {
           "type": "boolean"
+        }
+      }
+    },
+    "auth_configs": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "definition": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "id": "http://jsonschema.net/definition",
+      "properties": {
+        "key": {
+          "type": "string",
+          "id": "http://jsonschema.net/definition/key"
+        },
+        "location": {
+          "type": "string",
+          "id": "http://jsonschema.net/definition/location"
+        },
+        "strip_path": {
+          "type": "boolean",
+          "id": "http://jsonschema.net/definition/location"
+        }
+      },
+      "required": [
+        "key",
+        "location"
+      ]
+    },
+    "name": {
+      "type": "string",
+      "id": "http://jsonschema.net/name"
+    },
+    "slug": {
+      "type": "string",
+      "pattern": "[a-zA-Z0-9]*",
+      "id": "http://jsonschema.net/name"
+    },
+    "domain": {
+      "type": "string"
+    },
+    "domain_disabled": {
+      "type": "boolean"
+    },
+    "listen_port": {
+      "type": "number"
+    },
+    "protocol": {
+      "type": "string"
+    },
+    "enable_proxy_protocol": {
+      "type": "boolean"
+    },
+    "certificates": {
+      "type": [
+        "array",
+        "null"
+      ]
+    },
+    "check_host_against_uptime_tests": {
+      "type": "boolean"
+    },
+    "proxy": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "id": "http://jsonschema.net/proxy",
+      "properties": {
+        "target_url": {
+          "type": "string",
+          "id": "http://jsonschema.net/proxy/target_url"
         },
-        "do_not_track": {
-            "type": "boolean"
-        },
-        "enable_jwt": {
-            "type": "boolean"
-        },
-        "use_openid": {
-            "type": "boolean"
-        },
-        "openid_options": {
-            "type": ["object", "null"]
-        },
-        "use_standard_auth": {
-            "type": "boolean"
-        },
-        "use_go_plugin_auth": {
-            "type": "boolean"
-        },
-        "enable_coprocess_auth": {
-            "type": "boolean"
-        },
-       "custom_plugin_auth_enabled": {
-            "type": "boolean"
-        },
-        "jwt_skip_kid": {
-            "type": "boolean"
-        },
-        "base_identity_provided_by": {
-            "type": "string"
-        },
-        "disable_rate_limit": {
-            "type": "boolean"
-        },
-        "disable_quota": {
-            "type": "boolean"
-        },
-        "custom_middleware_bundle": {
-            "type": "string"
-        },
-       "custom_middleware_bundle_disabled": {
-               "type": "boolean"
-        },
-        "jwt_policy_field_name": {
-            "type": "string"
-        },
-        "jwt_default_policies": {
-            "type": ["array", "null"]
-        },
-        "jwt_signing_method": {
-            "type": "string"
-        },
-        "jwt_source": {
-            "type": "string"
-        },
-        "jwt_identity_base_field": {
-            "type": "string"
-        },
-        "jwt_client_base_field": {
-            "type": "string"
-        },
-        "jwt_disable_issued_at_validation": {
-            "type": "boolean"
-        },
-        "jwt_disable_expires_at_validation": {
-            "type": "boolean"
-        },
-        "jwt_disable_not_before_validation": {
-            "type": "boolean"
-        },
-        "jwt_issued_at_validation_skew": {
-            "type": "number"
-        },
-        "jwt_expires_at_validation_skew": {
-            "type": "number"
-        },
-        "jwt_not_before_validation_skew": {
-            "type": "number"
-        },
-        "jwt_scope_to_policy_mapping": {
-            "type": ["object", "null"]
-        },
-        "jwt_scope_claim_name": {
-            "type": "string"
-        },
-       "scopes" : {
-       "type":["object", "null"],
-       "properties": {
-           "jwt": {
-               "type":["object", "null"],
-               "properties" : {
-                   "scope_claim_name": {
-                       "type": "string"
-                   },
-                   "scope_to_policy": {
-                       "type":["object", "null"]
-                   }
-               }
-           },
-           "oidc": {
-               "type":["object", "null"],
-                "properties" : {
-                    "scope_claim_name": {
-                        "type": "string"
-                    },
-                    "scope_to_policy": {
-                        "type":["object", "null"]
-                    }
-                }
-               }
-           }
-       },
-        "idp_client_id_mapping_disabled": {
-            "type": "boolean"
-        },
-        "use_keyless": {
-            "type": "boolean"
-        },
-        "use_basic_auth": {
-            "type": "boolean"
-        },
-        "use_mutual_tls_auth": {
-            "type": "boolean"
-        },
-        "client_certificates": {
-            "type": ["array", "null"]
-        },
-        "upstream_certificates": {
-            "type": ["object", "null"]
-        },
-       "upstream_certificates_disabled": {
-           "type": "boolean"
-       },
-        "pinned_public_keys": {
-            "type": ["object", "null"]
-        },
-       "certificate_pinning_disabled": {
-           "type": "boolean"
-       },
-        "allowed_ips": {
-            "type": ["array", "null"]
-        },
-        "blacklisted_ips": {
-            "type": ["array", "null"]
-        },
-        "enable_batch_request_support": {
-            "type": "boolean"
-        },
-        "event_handlers": {
-            "type":["object", "null"]
-        },
-        "notifications": {
-            "type":["object", "null"]
-        },
-        "use_oauth2": {
-            "type": "boolean"
-        },
-        "oauth_meta": {
-            "type":["object", "null"]
-        },
-       "external_oauth": {
-            "type":["object", "null"]
-        },
-        "cache_options": {
-            "type":["object", "null"]
-        },
-        "tags": {
-            "type": ["array", "null"]
-        },
-        "tag_headers": {
-            "type": ["array", "null"]
-        },
-        "basic_auth": {
-            "type": ["object", "null"]
-        },
-        "CORS": {
-            "type":["object", "null"]
+        "check_host_against_uptime_tests": {
+          "type": "boolean"
         },
-        "response_processors": {
-            "type": ["array", "null"]
+        "preserve_host_header": {
+          "type": "boolean"
         },
-        "auth_provider": {
-            "type":["object", "null"],
-            "properties": {
-                "name": {
-                    "type": "string",
-                    "enum": [""]
-                },
-                "storage_engine": {
-                    "type": "string",
-                    "enum": [""]
-                }
+        "transport": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "ssl_ciphers": {
+              "type": [
+                "array",
+                "null"
+              ]
+            },
+            "ssl_min_version": {
+              "type": "number"
+            },
+            "ssl_max_version": {
+              "type": "number"
+            },
+            "proxy_url": {
+              "type": "string"
+            },
+            "ssl_force_common_name_check": {
+              "type": "boolean"
             }
-        },
-        "session_provider": {
-            "type":["object", "null"],
-            "properties": {
+          }
+        }
+      },
+      "required": [
+        "target_url"
+      ]
+    },
+    "hook_references": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "version_data": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "id": "http://jsonschema.net/version_data",
+      "properties": {
+        "not_versioned": {
+          "type": "boolean",
+          "id": "http://jsonschema.net/version_data/not_versioned"
+        },
+        "default_version": {
+          "type": "string",
+          "id": "http://jsonschema.net/version_data/default_version"
+        },
+        "versions": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "id": "http://jsonschema.net/version_data/versions",
+          "patternProperties": {
+            "^[a-zA-Z0-9]+$": {
+              "title": "versionInfoProperty",
+              "type": [
+                "object",
+                "null"
+              ],
+              "id": "http://jsonschema.net/access_rights/versionInfoProperty",
+              "properties": {
+                "expires": {
+                  "type": "string",
+                  "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/expires"
+                },
                 "name": {
-                    "type": "string",
-                    "enum": [""]
+                  "type": "string",
+                  "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/name"
                 },
-                "storage_engine": {
-                    "type": "string",
-                    "enum": [""]
+                "paths": {
+                  "type": [
+                    "object",
+                    "null"
+                  ],
+                  "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/paths",
+                  "properties": {
+                    "black_list": {
+                      "type": [
+                        "array",
+                        "null"
+                      ],
+                      "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/paths/black_list"
+                    },
+                    "ignored": {
+                      "type": [
+                        "array",
+                        "null"
+                      ],
+                      "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/paths/ignored"
+                    },
+                    "white_list": {
+                      "type": [
+                        "array",
+                        "null"
+                      ],
+                      "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/paths/white_list"
+                    }
+                  }
                 }
+              },
+              "required": [
+                "name"
+              ]
             }
+          }
+        }
+      },
+      "required": [
+        "not_versioned",
+        "versions"
+      ]
+    },
+    "config_data": {
+      "type": [
+        "object",
+        "null"
+      ]
+    },
+    "config_data_disabled": {
+      "type": "boolean"
+    },
+    "global_rate_limit": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "properties": {
+        "rate": {
+          "type": "number"
+        },
+        "per": {
+          "type": "number"
+        }
+      }
+    },
+    "request_signing": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "properties": {
+        "is_enabled": {
+          "type": "boolean"
         },
-        "hmac_allowed_clock_skew": {
-            "type": "number"
+        "secret": {
+          "type": "string"
         },
-        "hmac_allowed_algorithms": {
-            "type": ["array", "null"]
+        "key_id": {
+          "type": "string"
+        },
+        "algorithm": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "is_enabled"
+      ]
+    },
+    "graphql": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "properties": {
+        "enabled": {
+          "type": "boolean"
         },
-        "dont_set_quota_on_create": {
-            "type": "boolean"
+        "version": {
+          "type": "string"
+        },
+        "execution_mode": {
+          "type": "string",
+          "enum": [
+            "proxyOnly",
+            "executionEngine",
+            "subgraph",
+            "supergraph",
+            ""
+          ]
+        },
+        "schema": {
+          "type": "string"
+        },
+        "last_schema_update": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "type_field_configurations": {
+          "type": [
+            "array",
+            "null"
+          ],
+          "properties": {
+            "type_name": {
+              "type": "string"
+            },
+            "field_name": {
+              "type": "string"
             },
-        "custom_middleware": {
-            "type":["object", "null"],
-            "properties": {
-                "pre": {
-                    "type": ["array", "null"]
+            "mapping": {
+              "type": [
+                "object",
+                "null"
+              ],
+              "properties": {
+                "disabled": {
+                  "type": "boolean"
                 },
-                "post": {
-                    "type": ["array", "null"]
+                "path": {
+                  "type": "string"
                 }
-            }
-        },
-        "session_lifetime_respects_key_expiration": {
-            "type": "boolean"
-        },
-        "session_lifetime": {
-            "type": "number"
-        },
-        "enable_detailed_recording": {
-            "type": "boolean"
-        },
-        "enable_signature_checking": {
-            "type": "boolean"
-        },
-        "active": {
-            "type": "boolean"
-        },
-        "internal": {
-            "type": "boolean"
-        },
-        "auth": {
-            "type": ["object", "null"],
-            "id": "http://jsonschema.net/auth",
-            "properties": {
-                "auth_header_name": {
-                    "type": "string",
-                    "id": "http://jsonschema.net/auth/auth_header_name"
+              },
+              "required": [
+                "disabled"
+              ]
+            },
+            "data_source": {
+              "type": [
+                "object",
+                "null"
+              ],
+              "properties": {
+                "kind": {
+                  "type": "boolean"
                 },
-                "use_certificate": {
-                    "type": "boolean"
+                "data_source_config": {
+                  "type": [
+                    "object",
+                    "null"
+                  ]
                 }
+              },
+              "required": [
+                "kind"
+              ]
             }
-        },
-        "auth_configs":{
-            "type": ["object", "null"]
-        },
-        "definition": {
-            "type": ["object", "null"],
-            "id": "http://jsonschema.net/definition",
-            "properties": {
-                "key": {
-                    "type": "string",
-                    "id": "http://jsonschema.net/definition/key"
+          },
+          "required": [
+            "type_name",
+            "field_name"
+          ]
+        },
+        "engine": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "field_configs": {
+              "type": [
+                "array",
+                "null"
+              ],
+              "properties": {
+                "type_name": {
+                  "type": "string"
                 },
-                "location": {
-                    "type": "string",
-                    "id": "http://jsonschema.net/definition/location"
+                "field_name": {
+                  "type": "string"
                 },
-                "strip_path": {
-                    "type": "boolean",
-                    "id": "http://jsonschema.net/definition/location"
+                "disable_default_mapping": {
+                  "type": "boolean"
+                },
+                "path": {
+                  "type": [
+                    "array",
+                    "null"
+                  ]
                 }
+              }
             },
-            "required": [
-                "key",
-                "location"
-            ]
-        },
-        "name": {
-            "type": "string",
-            "id": "http://jsonschema.net/name"
-        },
-        "slug": {
-            "type": "string",
-            "pattern": "[a-zA-Z0-9]*",
-            "id": "http://jsonschema.net/name"
-        },
-        "domain": {
-            "type": "string"
-        },
-        "domain_disabled": {
-             "type": "boolean"
-        },
-        "listen_port": {
-            "type": "number"
-        },
-        "protocol": {
-            "type": "string"
-        },
-        "enable_proxy_protocol": {
-            "type": "boolean"
-        },
-        "certificates": {
-            "type": ["array", "null"]
-        },
-        "check_host_against_uptime_tests": {
-            "type": "boolean"
-        },
-        "proxy": {
-            "type": ["object", "null"],
-            "id": "http://jsonschema.net/proxy",
-            "properties": {
-                "target_url": {
-                    "type": "string",
-                    "id": "http://jsonschema.net/proxy/target_url"
+            "data_sources": {
+              "type": [
+                "array",
+                "null"
+              ],
+              "properties": {
+                "kind": {
+                  "type": "string",
+                  "enum": [
+                    "REST",
+                    "GraphQL",
+                    ""
+                  ]
                 },
-                "check_host_against_uptime_tests": {
-                    "type": "boolean"
+                "name": {
+                  "type": "string"
                 },
-                "preserve_host_header": {
-                    "type": "boolean"
+                "internal": {
+                  "type": "boolean"
                 },
-                "transport": {
-                    "type": ["object", "null"],
-                    "properties": {
-                        "ssl_ciphers": {
-                            "type": ["array", "null"]
-                        },
-                        "ssl_min_version": {
-                            "type": "number"
-                        },
-                        "ssl_max_version": {
-                            "type": "number"
-                        },
-                        "proxy_url": {
-                            "type": "string"
-                        },
-                        "ssl_force_common_name_check": {
-                            "type": "boolean"
-                        }
+                "root_fields": {
+                  "type": [
+                    "array",
+                    "null"
+                  ],
+                  "properties": {
+                    "type": {
+                      "type": "string"
+                    },
+                    "fields": {
+                      "type": [
+                        "array",
+                        "null"
+                      ]
                     }
-                }
-            },
-            "required": [
-                "target_url"
-            ]
-        },
-        "hook_references": {
-            "type": ["object", "null"]
-        },
-        "version_data": {
-            "type": ["object", "null"],
-            "id": "http://jsonschema.net/version_data",
-            "properties": {
-                "not_versioned": {
-                    "type": "boolean",
-                    "id": "http://jsonschema.net/version_data/not_versioned"
+                  }
                 },
-                "default_version":{
-                    "type": "string",
-                    "id": "http://jsonschema.net/version_data/default_version"
-                },
-                "versions": {
-                    "type": ["object", "null"],
-                    "id": "http://jsonschema.net/version_data/versions",
-                    "patternProperties": {
-                        "^[a-zA-Z0-9]+$": {
-                            "title": "versionInfoProperty",
-                            "type": ["object", "null"],
-                            "id": "http://jsonschema.net/access_rights/versionInfoProperty",
-                            "properties": {
-                                "expires": {
-                                    "type": "string",
-                                    "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/expires"
-                                },
-                                "name": {
-                                    "type": "string",
-                                    "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/name"
-                                },
-                                "paths": {
-                                    "type": ["object", "null"],
-                                    "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/paths",
-                                    "properties": {
-                                        "black_list": {
-                                            "type": ["array", "null"],
-                                            "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/paths/black_list"
-                                        },
-                                        "ignored": {
-                                            "type": ["array", "null"],
-                                            "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/paths/ignored"
-                                        },
-                                        "white_list": {
-                                            "type": ["array", "null"],
-                                            "id": "http://jsonschema.net/version_data/versions/versionInfoProperty/paths/white_list"
-                                        }
-                                    }
-                                }
-                            },
-                            "required": [
-                                "name"
-                            ]
-                        }
-                    }
+                "config": {
+                  "type": [
+                    "object",
+                    "null"
+                  ]
                 }
+              },
+              "required": [
+                "kind"
+              ]
             },
-            "required": [
-                "not_versioned",
-                "versions"
-            ]
-        },
-        "config_data": {
-            "type": ["object", "null"]
-        },
-       "config_data_disabled": {
-           "type": "boolean"   
-       },
-        "global_rate_limit": {
-          "type": ["object", "null"],
-           "properties": {
-                "rate": {
-                    "type": "number"
+            "global_headers": {
+              "type": [
+                "array",
+                "null"
+              ],
+              "properties": {
+                "key": {
+                  "type": "string"
                 },
-                "per": {
-                    "type": "number"
+                "value": {
+                  "type": "string"
                 }
+              },
+              "required": [
+                "key",
+                "value"
+              ]
             }
+          }
         },
-    "request_signing": {
-          "type": ["object", "null"],
-           "properties": {
-                "is_enabled": {
+        "proxy": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "features": {
+              "type": [
+                "object",
+                "null"
+              ],
+              "properties": {
+                "use_immutable_headers": {
+                  "type": "boolean"
+                }
+              }
+            },
+            "auth_headers": {
+              "type": [
+                "object",
+                "null"
+              ]
+            },
+            "request_headers_rewrite": {
+              "type": [
+                "object",
+                "null"
+              ],
+              "additionalProperties": {
+                "type": "object",
+                "properties": {
+                  "value": {
+                    "type": "string"
+                  },
+                  "remove": {
                     "type": "boolean"
+                  }
                 },
-                "secret": {
-                    "type": "string"
+                "required": [
+                  "value",
+                  "remove"
+                ]
+              }
+            }
+          }
+        },
+        "subgraph": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "sdl": {
+              "type": "string"
+            }
+          }
+        },
+        "supergraph": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "updated_at": {
+              "type": "string",
+              "format": "date-time"
+            },
+            "disable_query_batching": {
+              "type": "boolean"
+            },
+            "subgraphs": {
+              "type": [
+                "array",
+                "null"
+              ],
+              "properties": {
+                "api_id": {
+                  "type": "string"
                 },
-        "key_id": {
-                    "type": "string"
+                "name": {
+                  "type": "string"
                 },
-        "algorithm": {
-                    "type": "string"
+                "url": {
+                  "type": "string"
+                },
+                "sdl": {
+                  "type": "string"
+                },
+                "headers": {
+                  "type": [
+                    "object",
+                    "null"
+                  ]
                 }
+              }
+            },
+            "global_headers": {
+              "type": [
+                "object",
+                "null"
+              ]
+            },
+            "merged_sdl": {
+              "type": "string"
+            }
+          }
+        },
+        "introspection": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "disabled": {
+              "type": "boolean"
+            }
+          }
+        },
+        "playground": {
+          "type": [
+            "object",
+            "null"
+          ],
+          "properties": {
+            "enabled": {
+              "type": "boolean"
+            },
+            "path": {
+              "type": "string"
+            }
+          },
+          "required": [
+            "enabled"
+          ]
+        }
+      },
+      "required": [
+        "enabled"
+      ]
+    },
+    "analytics_plugin": {
+      "type": [
+        "object",
+        "null"
+      ],
+      "properties": {
+        "enabled": {
+          "type": "boolean"
+        },
+        "plugin_path": {
+          "type": "string"
+        },
+        "func_name": {
+          "type": "string"
+        }
+      }
+    },
+    "is_oas": {
+      "type": "boolean"
+    },
+    "detailed_tracing": {
+      "type": "boolean"
+    },
+    "upstream_auth": {
+      "type": "object",
+      "properties": {
+        "enabled": {
+          "type": "boolean"
+        },
+        "basic_auth": {
+          "type": "object",
+          "properties": {
+            "enabled": {
+              "type": "boolean"
+            },
+            "username": {
+              "type": "string"
             },
-        "required": [
-            "is_enabled"
-        ]
+            "password": {
+              "type": "string"
+            },
+            "header_name": {
+              "type": "string"
+            }
+          }
         },
-        "graphql": {
-            "type": ["object", "null"],
-            "properties": {
+        "oauth": {
+          "type": "object",
+          "properties": {
+            "enabled": {
+              "type": "boolean"
+            },
+            "client_credentials": {
+              "type": "object",
+              "properties": {
                 "enabled": {
-                    "type": "boolean"
+                  "type": "boolean"
                 },
-                "version": {
-                    "type": "string"
+                "client_id": {
+                  "type": "string"
                 },
-                "execution_mode": {
-                    "type": "string",
-                    "enum": [
-                        "proxyOnly",
-                        "executionEngine",
-                        "subgraph",
-                        "supergraph",
-                        ""
-                    ]
+                "client_secret": {
+                  "type": "string"
                 },
-                "schema": {
-                    "type": "string"
+                "token_url": {
+                  "type": "string"
                 },
-                "last_schema_update": {
-                    "type": "string",
-                    "format": "date-time"
+                "scopes": {
+                  "type": [
+                    "array",
+                    "null"
+                  ]
                 },
-                "type_field_configurations": {
-                    "type": ["array", "null"],
-                    "properties": {
-                        "type_name": {
-                            "type": "string"
-                        },
-                        "field_name": {
-                            "type": "string"
-                        },
-                        "mapping": {
-                            "type": ["object", "null"],
-                            "properties": {
-                                "disabled": {
-                                    "type": "boolean"
-                                },
-                                "path": {
-                                    "type": "string"
-                                }
-                            },
-                            "required": [
-                                "disabled"
-                            ]
-                        },
-                        "data_source": {
-                            "type": ["object", "null"],
-                            "properties": {
-                                "kind": {
-                                    "type": "boolean"
-                                },
-                                "data_source_config": {
-                                    "type": ["object", "null"]
-                                }
-                            },
-                            "required": [
-                                "kind"
-                            ]
-                        }
+                "header": {
+                  "type": "object",
+                  "properties": {
+                    "enabled": {
+                      "type": "boolean"
                     },
-                    "required": [
-                        "type_name",
-                        "field_name"
-                    ]
-                },
-                "engine": {
-                    "type": ["object", "null"],
-                    "properties": {
-                        "field_configs": {
-                            "type": ["array", "null"],
-                            "properties": {
-                                "type_name": {
-                                    "type": "string"
-                                },
-                                "field_name": {
-                                    "type": "string"
-                                },
-                                "disable_default_mapping": {
-                                    "type": "boolean"
-                                },
-                                "path": {
-                                    "type": ["array", "null"]
-                                }
-                            }
-                        },
-                        "data_sources": {
-                            "type": ["array", "null"],
-                            "properties": {
-                                "kind": {
-                                    "type": "string",
-                                    "enum": [
-                                        "REST",
-                                        "GraphQL",
-                                        ""
-                                    ]
-                                },
-                                "name": {
-                                    "type": "string"
-                                },
-                                "internal": {
-                                    "type": "boolean"
-                                },
-                                "root_fields": {
-                                    "type": ["array", "null"],
-                                    "properties": {
-                                        "type": {
-                                            "type": "string"
-                                        },
-                                        "fields": {
-                                            "type": ["array", "null"]
-                                        }
-                                    }
-                                },
-                                "config": {
-                                    "type": ["object", "null"]
-                                }
-                            },
-                            "required": [
-                                "kind"
-                            ]
-                        },
-                        "global_headers": {
-                            "type": [
-                                "array",
-                                "null"
-                            ],
-                            "properties": {
-                                "key": {
-                                    "type": "string"
-                                },
-                                "value": {
-                                    "type": "string"
-                                }
-                            },
-                            "required": [
-                                "key",
-                                "value"
-                            ]
-                        }
+                    "name": {
+                      "type": "string"
                     }
+                  },
+                  "required": [
+                    "enabled"
+                  ]
+                }
+              },
+              "required": [
+                "enabled",
+                "client_id",
+                "client_secret",
+                "token_url"
+              ]
+            },
+            "password_authentication": {
+              "type": "object",
+              "properties": {
+                "enabled": {
+                  "type": "boolean"
                 },
-                "proxy": {
-                    "type": ["object", "null"],
-                    "properties": {
-                       "features": {
-                           "type": ["object", "null"],
-                           "properties": {
-                               "use_immutable_headers": {
-                                   "type": "boolean"
-                               }
-                           }
-                       },
-                        "auth_headers": {
-                            "type": ["object", "null"]
-                        },
-                       "request_headers_rewrite": {
-                           "type": ["object", "null"],
-                           "additionalProperties": {
-                               "type": "object",
-                               "properties": {
-                                   "value": {
-                                       "type": "string"
-                                   },
-                                   "remove": {
-                                       "type": "boolean"
-                                   }
-                               },
-                               "required": ["value", "remove"]
-                           }
-                       }
-                    }
+                "client_id": {
+                  "type": "string"
                 },
-                "subgraph": {
-                    "type": ["object", "null"],
-                    "properties": {
-                        "sdl": {
-                            "type": "string"
-                        }
-                    }
+                "client_secret": {
+                  "type": "string"
                 },
-                "supergraph": {
-                    "type": ["object", "null"],
-                    "properties": {
-                        "updated_at": {
-                            "type": "string",
-                            "format": "date-time"
-                        },
-                        "disable_query_batching": {
-                            "type": "boolean"
-                        },
-                        "subgraphs": {
-                            "type": ["array", "null"],
-                            "properties": {
-                                "api_id": {
-                                    "type": "string"
-                                },
-                                "name": {
-                                    "type": "string"
-                                },
-                                "url": {
-                                    "type": "string"
-                                },
-                                "sdl": {
-                                    "type": "string"
-                                },
-                                "headers": {
-                                    "type": ["object", "null"]
-                                }
-                            }
-                        },
-                        "global_headers": {
-                            "type": ["object", "null"]
-                        },
-                        "merged_sdl": {
-                            "type": "string"
-                        }
-                    }
+                "username": {
+                  "type": "string"
                 },
-                "introspection": {
-                    "type": ["object", "null"],
-                    "properties": {
-                        "disabled": {
-                            "type": "boolean"
-                        }
-                    }
+                "password": {
+                  "type": "string"
                 },
-                "playground": {
-                    "type": ["object", "null"],
-                    "properties": {
-                        "enabled": {
-                            "type": "boolean"
-                        },
-                        "path": {
-                            "type": "string"
-                        }
-                    },
-                    "required": [
-                        "enabled"
-                    ]
-                }
-            },
-            "required": [
-                "enabled"
-            ]
-        },
-        "analytics_plugin": {
-            "type": ["object", "null"],
-            "properties": {
-                "enabled": {
-                    "type": "boolean"
+                "token_url": {
+                  "type": "string"
                 },
-                "plugin_path": {
-                    "type": "string"
+                "scopes": {
+                  "type": [
+                    "array",
+                    "null"
+                  ]
                 },
-                "func_name": {
-                    "type": "string"
+                "header": {
+                  "type": "object",
+                  "properties": {
+                    "enabled": {
+                      "type": "boolean"
+                    },
+                    "name": {
+                      "type": "string"
+                    }
+                  },
+                  "required": [
+                    "enabled"
+                  ]
                 }
+              },
+              "required": [
+                "enabled",
+                "client_id",
+                "client_secret",
+                "token_url",
+                "username",
+                "password"
+              ]
             }
-        },
-       "is_oas": {
-           "type": "boolean"
-       },
-        "detailed_tracing": {
-            "type": "boolean"
-        },
-       "upstream_auth": {
-           "type": "object",
-           "properties": {
-               "enabled": {
-                   "type": "boolean"
-               },
-               "basic_auth": {
-                   "type": "object",
-                   "properties": {
-                       "enabled": {
-                           "type": "boolean"
-                       },
-                       "username": {
-                           "type": "string"
-                       },
-                       "password": {
-                           "type": "string"
-                       },
-                       "header_name": {
-                           "type": "string"
-                       }
-                   }
-               },
-               "oauth": {
-                   "type":"object",
-                   "properties": {
-                       "enabled": {
-                           "type": "boolean"
-                       },
-                       "client_credentials": {
-                           "type": "object",
-                           "properties": {
-                               "enabled": {
-                                   "type": "boolean"
-                               },
-                               "client_id": {
-                                   "type": "string"
-                               },
-                               "client_secret": {
-                                   "type": "string"
-                               },
-                               "token_url": {
-                                   "type": "string"
-                               },
-                               "scopes":{
-                                   "type": ["array", "null"]
-                               },
-                               "header_name": {
-                                   "type": "string"
-                               }
-                           }
-                       },
-                       "password_authentication": {
-                         "type": "object",
-                         "properties": {
-                               "enabled": {
-                                 "type": "boolean"
-                               },
-                               "client_id": {
-                                 "type": "string"
-                               },
-                               "client_secret": {
-                                 "type": "string"
-                               },
-                               "username": {
-                                 "type": "string"
-                               },
-                               "password": {
-                                 "type": "string"
-                               },
-                               "token_url": {
-                                 "type": "string"
-                               },
-                               "scopes": {
-                                 "type": ["array", "null"]
-                               },
-                               "header_name": {
-                                 "type": "string"
-                               }
-                           }
-                         }
-                       }
-                   }
-               }
-           }
-       }
-    },
-    "required": [
-        "name",
-        "proxy",
-        "version_data"
-    ]
-}`
+          }
+        }
+      }
+    }
+  },
+  "required": [
+    "name",
+    "proxy",
+    "version_data"
+  ]
+}
+`

 VARIABLES

@@ -1185,6 +1457,20 @@
    Meta          map[string]interface{} `bson:"meta" json:"meta"`
 }

+type AuthSource struct {
+   // Enabled enables the auth source.
+   Enabled bool `bson:"enabled" json:"enabled"`
+   // Name specifies the key to be used in the auth source.
+   Name string `bson:"name" json:"name"`
+}
+    AuthSource is a common type to be used for auth configurations.
+
+func (a AuthSource) AuthKeyName() string
+    AuthKeyName returns the key name to be used for the auth source.
+
+func (a AuthSource) IsEnabled() bool
+    IsEnabled returns the enabled status of the auth source.
+
 type AuthTypeEnum string

 type BundleManifest struct {
@@ -1251,6 +1537,8 @@

 type ClientCredentials struct {
    ClientAuthData
+   // Header holds the configuration for the custom header to be used for OAuth authentication.
+   Header AuthSource `bson:"header" json:"header"`
    // Enabled activates upstream OAuth2 client credentials authentication.
    Enabled bool `bson:"enabled" json:"enabled"`
    // TokenURL is the resource server's token endpoint
@@ -1258,9 +1546,6 @@
    TokenURL string `bson:"token_url" json:"token_url"`
    // Scopes specifies optional requested permissions.
    Scopes []string `bson:"scopes" json:"scopes,omitempty"`
-   // HeaderName is the custom header name to be used for OAuth client credential flow authentication.
-   // Defaults to `Authorization`.
-   HeaderName string `bson:"header_name" json:"header_name"`

    // TokenProvider is the OAuth2 token provider for internal use.
    TokenProvider oauth2.TokenSource `bson:"-" json:"-"`
@@ -1760,8 +2045,8 @@

 type PasswordAuthentication struct {
    ClientAuthData
-   // Enabled activates upstream OAuth2 password authentication.
-   Enabled bool `bson:"enabled" json:"enabled"`
+   // Header holds the configuration for the custom header to be used for OAuth authentication.
+   Header AuthSource `bson:"header" json:"header"`
    // Username is the username to be used for upstream OAuth2 password authentication.
    Username string `bson:"username" json:"username"`
    // Password is the password to be used for upstream OAuth2 password authentication.
@@ -1771,9 +2056,6 @@
    TokenURL string `bson:"token_url" json:"token_url"`
    // Scopes specifies optional requested permissions.
    Scopes []string `bson:"scopes" json:"scopes,omitempty"`
-   // HeaderName is the custom header name to be used for OAuth password authentication flow.
-   // Defaults to `Authorization`.
-   HeaderName string `bson:"header_name" json:"header_name"`

    // TokenProvider is the OAuth2 password authentication flow token for internal use.
    Token *oauth2.Token `bson:"-" json:"-"`
@@ -2141,6 +2423,8 @@
 type UpstreamOAuth struct {
    // Enabled enables upstream OAuth2 authentication.
    Enabled bool `bson:"enabled" json:"enabled"`
+   // AllowedAuthorizeTypes specifies the allowed authorization types for upstream OAuth2 authentication.
+   AllowedAuthorizeTypes []string `bson:"allowed_authorize_types" json:"allowed_authorize_types"`
    // ClientCredentials holds the client credentials for upstream OAuth2 authentication.
    ClientCredentials ClientCredentials `bson:"client_credentials" json:"client_credentials"`
    // PasswordAuthentication holds the configuration for upstream OAauth password authentication flow.
@@ -3193,16 +3477,13 @@

 type ClientCredentials struct {
    ClientAuthData
-   // Enabled activates upstream OAuth2 client credentials authentication.
-   Enabled bool `bson:"enabled" json:"enabled"`
+   // Header holds the configuration for the custom header to be used for OAuth authentication.
+   Header *AuthSource `bson:"header" json:"header"`
    // TokenURL is the resource server's token endpoint
    // URL. This is a constant specific to each server.
-   TokenURL string `bson:"tokenURL" json:"tokenURL"`
+   TokenURL string `bson:"tokenUrl" json:"tokenUrl"`
    // Scopes specifies optional requested permissions.
    Scopes []string `bson:"scopes,omitempty" json:"scopes,omitempty"`
-   // HeaderName is the custom header name to be used for OAuth client credential flow authentication.
-   // Defaults to `Authorization`.
-   HeaderName string `bson:"headerName" json:"headerName"`
 }
     ClientCredentials holds the configuration for OAuth2 Client Credentials
     flow.
@@ -4109,20 +4390,17 @@

 type PasswordAuthentication struct {
    ClientAuthData
-   // Enabled activates upstream OAuth2 password authentication.
-   Enabled bool `bson:"enabled" json:"enabled"`
+   // Header holds the configuration for the custom header to be used for OAuth authentication.
+   Header *AuthSource `bson:"header" json:"header"`
    // Username is the username to be used for upstream OAuth2 password authentication.
    Username string `bson:"username" json:"username"`
    // Password is the password to be used for upstream OAuth2 password authentication.
    Password string `bson:"password" json:"password"`
    // TokenURL is the resource server's token endpoint
    // URL. This is a constant specific to each server.
-   TokenURL string `bson:"tokenURL" json:"tokenURL"`
+   TokenURL string `bson:"tokenUrl" json:"tokenUrl"`
    // Scopes specifies optional requested permissions.
    Scopes []string `bson:"scopes" json:"scopes,omitempty"`
-   // HeaderName is the custom header name to be used for OAuth password authentication flow.
-   // Defaults to `Authorization`.
-   HeaderName string `bson:"headerName" json:"headerName"`
 }
     PasswordAuthentication holds the configuration for upstream OAuth2 password
     authentication flow.
@@ -4984,6 +5262,8 @@
 type UpstreamOAuth struct {
    // Enabled activates upstream OAuth2 authentication.
    Enabled bool `bson:"enabled" json:"enabled"`
+   // AllowedAuthorizeTypes specifies the allowed authorization types for upstream OAuth2 authentication.
+   AllowedAuthorizeTypes []string `bson:"allowedAuthorizeTypes" json:"allowedAuthorizeTypes"`
    // ClientCredentials holds the configuration for OAuth2 Client Credentials flow.
    ClientCredentials *ClientCredentials `bson:"clientCredentials,omitempty" json:"clientCredentials,omitempty"`
    // PasswordAuthentication holds the configuration for upstream OAauth password authentication flow.
@@ -8032,8 +8312,10 @@
    ECDSASign = "ecdsa"
 )
 const (
-   UpstreamOAuthErrorEventName = "UpstreamOAuthError"
-   UpstreamOAuthMiddlewareName = "UpstreamOAuth"
+   UpstreamOAuthErrorEventName    = "UpstreamOAuthError"
+   UpstreamOAuthMiddlewareName    = "UpstreamOAuth"
+   ClientCredentialsAuthorizeType = "clientCredentials"
+   PasswordAuthorizeType          = "password"
 )
 const (
    ErrOAuthAuthorizationFieldMissing   = "oauth.auth_field_missing"
sonarcloud[bot] commented 3 days ago

Quality Gate Failed Quality Gate failed

Failed conditions
0.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarCloud