Previously, in a Security Requirement Object, roles were only valid for oauth2 and openIdConnect (where they correspond to required scopes required for execution) but now roles can be specified for all security schemes.
We should:
Update our documentation to reflect the removal of this limitation:
SecurityRequirement annotation Javadoc
SecurityRequirement model interface Javadoc
Add a test which builds a model with roles where they were not previously allowed
Add a test which uses annotations to declare a security requirement with roles for a previously unsupported type
Previously, in a Security Requirement Object, roles were only valid for
oauth2
andopenIdConnect
(where they correspond to required scopes required for execution) but now roles can be specified for all security schemes.We should:
SecurityRequirement
annotation JavadocSecurityRequirement
model interface Javadoc