akheron
commented
2 years ago Hi! I'm glad to hear you like typera and typera-openapi :)
I wasn't familiar with the security stuff in OpenAPI v3. I read the docs and am now a bit confused about the whole thing.
First, the security schemes are more like data than types, so creating security schemes automatically in typera-openapi is not straightforward. Typera-openapi does it's job solely on the type level by employing the TypeScript compiler API.
Second, the OpenAPI v3 security schemes are global in the sense that they're defined once under components.securitySchemes and then referred to by name. If there was a solution for creating security scheme definitions based on some type-level information, how to assign the global name and reuse the schemes between different routes?
Third, typera doesn't really force (or help) you in building runtime stuff like authentication in any particular way. In the NodeJS world, authentication is usually handled by sophisticated middleware libraries like passport. How to map the use of a third party middleware to any particular security scheme definition?
I think it would be nice to support this stuff, but currently I have no clue on how to do it properly.
Hello,
I've being trying to with with an
Authorizationheader using the following patternthen with
typera-openapiI'am able to generate the related OpenApi v3 specs.However, it seems that this auth technique is not supported by OpenApi anymore.
They've introduced a concept called security schemes
Relevant documentation is in here https://swagger.io/docs/specification/authentication/
As far as I know
typeradoes not supportsecurity schemasand I'm wondering how this kind of feature could be implemented? maybe extendingRouteConstructor? I've just discovered the library today but I'm eager to add the feature with some help.Thanks a lot for the hard work