oauth_2_0 is not inherited at endpoint level

[priyavivek1]

Following is my RAML and i want to include oauth_2_0 at endpoint level. Its not giving any error and also not including it,

%RAML 0.8

---

title: File System version: v3 baseUri: https://api.domain.com/{version}/{other} baseUriParameters: other: displayName: Dummy description: | Description of the other baseUriParameter default: abc mediaType: application/json securitySchemes:

• oauth_2_0: description: | OAuth2 is a protocol that lets external apps request authorization to private details in a user's GitHub account without getting their password. This is preferred over Basic Authentication because tokens can be limited to specific types of data, and can be revoked by users at any time. type: OAuth 2.0 describedBy: headers: Authorization: description: | Used to send a valid OAuth 2 access token. Do not use together with the "access_token" query string parameter. type: string queryParameters: access_token: description: | Used to send a valid OAuth 2 access token. Do not use together with the "Authorization" header type: string responses: 404: description: Unauthorized settings: authorizationUri: https://github.com/login/oauth/authorize accessTokenUri: https://github.com/login/oauth/access_token authorizationGrants: [ code, token ] scopes:
  • "user"
  • "user:email"
  • "user:follow"
  • "public_repo"
  • "repo"
  • "repo:status"
  • "delete_repo"
  • "notifications"
  • "gist"
• oauth_1_0: description: | OAuth 1.0 continues to be supported for all API requests, but OAuth 2.0 is now preferred. type: OAuth 1.0 settings: requestTokenUri: https://api.dropbox.com/1/oauth/request_token authorizationUri: https://www.dropbox.com/1/oauth/authorize tokenCredentialsUri: https://api.dropbox.com/1/oauth/access_token

securedBy: [ null, oauth_2_0 ] documentation:

• title: Summary content: | By default, this content does not go in a new topic, as other user defined titles do. Instead, it will be rendered as the top level summary on the main RAML page. This emphasized text tests GFM formatting.
• title: Overview content: | By default, this content does not go in a new topic, as other user defined titles do. Instead, it will be rendered in the Overview section on the main RAML page. This emphasized text tests GFM formatting.

schemas:

• Entry: !include entry-schema.json /: description: | Description of the / resource. displayName: Root

  get: description: | Returns the root object. displayName: Root queryParameters: type: type: string other: type: string responses: 200: body: application/json: schema: Entry example: | { "storage1": { "type": "disk", "device": "/dev/sda1" }, "fstype": "btrfs", "readonly": true } /folder: displayName: Folder description: A folder's description get: displayName: Get a folder description: | Get a folder description. responses: 200: body: application/json: example: | {}

  title: Stormpath REST API

  version: v1

  baseUri: https://api.stormpath.com/{version}

  mediaType: application/json

Following is my parsed file

{ "/": { "get": { "queryParameters": { "type": { "type": "string", "displayName": "type" }, "other": { "type": "string", "displayName": "other" } }, "securedBy": [ null, "oauth_2_0" ], "responsesschema": { "200": { "body": { "application/json": { "schema": "{\r\n \"id\": \"https://www.paschidev.com/schemas/entry-schema.json\",\r\n \"$schema\": \"http://json-schema.org/draft-04/schema#\",\r\n \"description\": \"schema for an fstab entry\",\r\n \"type\": \"object\",\r\n \"required\": [ \"storage\" ],\r\n \"properties\": {\r\n \"storage\": {\r\n \"type\": \"object\",\r\n \"oneOf\": [\r\n { \"$ref\": \"#/definitions/diskDevice\" },\r\n { \"$ref\": \"#/definitions/diskUUID\" },\r\n { \"$ref\": \"#/definitions/nfs\" },\r\n { \"$ref\": \"#/definitions/tmpfs\" }\r\n ]\r\n },\r\n \"fstype\": {\r\n \"enum\": [ \"ext3\", \"ext4\", \"btrfs\" ]\r\n },\r\n \"options\": {\r\n \"type\": \"array\",\r\n \"minItems\": 1,\r\n \"items\": { \"type\": \"string\" },\r\n \"uniqueItems\": true\r\n },\r\n \"readonly\": { \"type\": \"boolean\" }\r\n },\r\n \"definitions\": {\r\n \"diskDevice\": {\r\n \"properties\": {\r\n \"type\": { \"enum\": [ \"disk\" ] },\r\n \"device\": {\r\n \"type\": \"string\",\r\n \"pattern\": \"^/dev/[^/]+(/[^/]+)*$\"\r\n }\r\n },\r\n \"required\": [ \"type\", \"device\" ],\r\n \"additionalProperties\": false\r\n },\r\n \"diskUUID\": {\r\n \"properties\": {\r\n \"type\": { \"enum\": [ \"disk\" ] },\r\n \"label\": {\r\n \"type\": \"string\",\r\n \"pattern\": \"^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$\"\r\n }\r\n },\r\n \"required\": [ \"type\", \"label\" ],\r\n \"additionalProperties\": false\r\n },\r\n \"nfs\": {\r\n \"properties\": {\r\n \"type\": { \"enum\": [ \"nfs\" ] },\r\n \"remotePath\": {\r\n \"type\": \"string\",\r\n \"pattern\": \"^(/[^/]+)+$\"\r\n },\r\n \"server\": {\r\n \"type\": \"string\",\r\n \"oneOf\": [\r\n { \"format\": \"host-name\" },\r\n { \"format\": \"ipv4\" },\r\n { \"format\": \"ipv6\" }\r\n ]\r\n }\r\n },\r\n \"required\": [ \"type\", \"server\", \"remotePath\" ],\r\n \"additionalProperties\": false\r\n },\r\n \"tmpfs\": {\r\n \"properties\": {\r\n \"type\": { \"enum\": [ \"tmpfs\" ] },\r\n \"sizeInMB\": {\r\n \"type\": \"integer\",\r\n \"minimum\": 16,\r\n \"maximum\": 512\r\n }\r\n },\r\n \"required\": [ \"type\", \"sizeInMB\" ],\r\n \"additionalProperties\": false\r\n }\r\n }\r\n}", "example": "{\n \"storage1\": {\n \"type\": \"disk\",\n \"device\": \"/dev/sda1\"\n },\n \"fstype\": \"btrfs\",\n \"readonly\": true\n}\n" } } } } } }, "//folder": { "get": { "securedBy": [ null, "oauth_2_0" ], "responsesschema": { "200": { "body": { "application/json": { "example": "{}\n" } } } } } } }

[dmartinezg]

Hi @priyavivek1, I am not sure what you mean by endpoint level do you mean that the securedBy property is not copied to each resource in the tree?

[priyavivek1]

SecuredBY property can be specified at root level also, which should after parsing be added to each endpoint level.