search

omermecitoglu / next-openapi-json-generator

a Next.js plugin to generate OpenAPI documentation from route handlers
MIT License
1 stars 2 forks source link

Security Schemas #4

Closed gvzq closed 2 days ago

gvzq commented 3 days ago

@omermecitoglu I was looking to add security schemas.

The current documentation suggests this:

const spec = await generateOpenApiSpec({
    schema
  });

I see no way to edit the info or components:

  return {
    openapi: "3.1.0",
    info: {
      title: metadata.serviceName,
      version: metadata.version,
    },
    paths: bundlePaths(validRoutes, schemas),
    components: {
      schemas: bundleSchemas(schemas),
    },
    tags: [],
  } as OpenApiDocument;

Would it be possible to provide a way to extend the info, component security schemas? Here's a repo you might find helpful for inspiration: https://github.com/jellydn/next-swagger-doc

createSwaggerSpec({
    apiFolder: 'app/api', // define api folder under app folder
    definition: {
      openapi: '3.0.0',
      info: {
        title: 'Next Swagger API Example',
        version: '1.0'
      },
      components: {
        securitySchemes: {
          BearerAuth: {
            type: 'http',
            scheme: 'bearer',
            bearerFormat: 'JWT'
          }
        }
      },
      security: []
    }
  });
gvzq commented 3 days ago

This was my solution. It's not pretty but works to add a api key in my headers for swagger:


interface ApiKeyAuth {
  type: 'apiKey';
  in: 'header';
  name: 'x-api-key';
}

interface ComponentsObject {
  securitySchemes?: {
    ApiKeyAuth: ApiKeyAuth;
  };
}

// Function to add the ApiKeyAuth security scheme to the spec object
function addApiKeyAuth(spec: OpenApiDocument) {
  // Ensure spec.components is initialized
  spec.components = spec.components ?? {};

  // Initialize securitySchemes if not already present
  spec.components.securitySchemes = spec.components.securitySchemes ?? {};

  // Add the ApiKeyAuth security scheme
  spec.components.securitySchemes.ApiKeyAuth = {
    type: 'apiKey',
    in: 'header',
    name: 'x-api-key'
  };

  spec.security = [
    {
      ApiKeyAuth: []
    }
  ];

  console.log('API Spec', JSON.stringify(spec, null, ' '));
}
// Function to add the ApiKeyAuth security scheme to the spec object
function addApiKeyAuth(spec: OpenApiDocument) {
  // Ensure spec.components is initialized
  spec.components = spec.components ?? {};

  // Initialize securitySchemes if not already present
  spec.components.securitySchemes = spec.components.securitySchemes ?? {};

  // Add the ApiKeyAuth security scheme
  spec.components.securitySchemes.ApiKeyAuth = {
    type: 'apiKey',
    in: 'header',
    name: 'x-api-key'
  };

  spec.security = [
    {
      ApiKeyAuth: []
    }
  ];

  console.info('API Spec', JSON.stringify(spec, null, ' '));
}

export async function GET() {
  const spec = await generateOpenApiSpec({
    schema
  });
  addApiKeyAuth(spec);
  return Response.json(spec);
}
omermecitoglu commented 2 days ago

You can do it like this

const Page = async () => {
  const spec = await generateOpenApiSpec({
    ...
  });
  spec.components.securitySchemes = {
    BearerAuth: {
      type: "http",
      scheme: "bearer",
      bearerFormat: "JWT",
    },
  };
  return <ReactSwagger spec={spec} />;
};

I fixed the types in 0.3.1, please update

npm i @omer-x/next-openapi-json-generator@0.3.1 @omer-x/openapi-types@0.1.3
gvzq commented 2 days ago

Thank you for the quick response!