search

swaggest / openapi-go

OpenAPI structures for Go
https://pkg.go.dev/github.com/swaggest/openapi-go/openapi3
MIT License
223 stars 18 forks source link

Error with UnmarshalYAML() using http/bearer auth scheme #100

Closed sudorandom closed 3 months ago

sudorandom commented 3 months ago

Describe the bug I get an error when unmarshaling an openapi v3 spec that includes "bearer" as the scheme and has a bearerFormat value:

oneOf constraint failed for SecuritySchemeOrReference with 0 valid results: map[Reference:required key missing: $ref SecurityScheme:oneOf constraint failed for SecurityScheme with 2 valid results: map[APIKey:required key missing: name MutualTLS:bad const value for "type" ("mutualTLS" expected, "http" received) Oauth2:required key missing: flows Oidc:required key missing: openIdConnectUrl]]

To Reproduce Run github.com/swaggest/openapi-go/openapi31.Schema.Unmarshal() with this input:

openapi: 3.1.0
info:
  title: MyProject
  description: "My Project Description"
  version: v1.0.0
# 1) Define the security scheme type (HTTP bearer)
components:
  securitySchemes:
    bearerAuth: # arbitrary name for the security scheme
      type: http
      scheme: bearer
      bearerFormat: JWT # optional, arbitrary value for documentation purposes
# 2) Apply the security globally to all operations
security:
  - bearerAuth: [] # use the same name as above

Go Playground: https://go.dev/play/p/TpF1raEIANk

Expected behavior I expected the scheme to parse without an error and have these assertions hold true of the resulting schema:

s.Components.SecuritySchemes["bearerAuth"].SecurityScheme.HTTP != nil
s.Components.SecuritySchemes["bearerAuth"].SecurityScheme.HTTP.Scheme == "bearer"
s.Components.SecuritySchemes["bearerAuth"].SecurityScheme.HTTPBearer != nil
s.Components.SecuritySchemes["bearerAuth"].SecurityScheme.HTTPBearer.BearerFormat == "JWT"

Additional context github.com/swaggest/openapi-go v0.2.47 https://github.com/sudorandom/protoc-gen-connect-openapi/issues/5

vearutop commented 3 months ago

Thank you for raising this issue, it should be fixed now in v0.2.48.

sudorandom commented 3 months ago

Awesome! Thanks for fixing this so quickly!

devleejb commented 3 months ago

@vearutop It works well! Thank you for your quick fix!

However, this doesn't work same before.

components:
  securitySchemes:
    basicAuth: # <-- arbitrary name for the security scheme
      type: http
      scheme: basic
security:
  - basicAuth: [] # <-- use the same name here

Reference - Authentication in OpenAPI

vearutop commented 3 months ago

@devleejb I'm not sure if I understand, could you explain in more detail the case and your expectations (maybe a reproducer)?

devleejb commented 3 months ago

@vearutop I wrote the test code in openapi31. It is basicAuth test.

func TestSpec_MarshalYAML_3(t *testing.T) {
    var s openapi31.Spec

    spec := `openapi: 3.1.0
info:
  title: MyProject
  description: "My Project Description"
  version: v1.0.0
components:
  securitySchemes:
    basicAuth: # <-- arbitrary name for the security scheme
      type: http
      scheme: basic
security:
  - basicAuth: [] # <-- use the same name here  
paths:
`

    require.NoError(t, s.UnmarshalYAML([]byte(spec)))
}
vearutop commented 3 months ago

Ah, I see, thanks, let me quickly fix that. 😅

sudorandom commented 3 months ago

I was also confused at first! Here's the resulting error just for history:

oneOf constraint failed for SecuritySchemeOrReference with 0 valid results: map[Reference:required key missing: $ref SecurityScheme:oneOf constraint failed for SecurityScheme with 2 valid results: map[APIKey:required key missing: name MutualTLS:bad const value for "type" ("mutualTLS" expected, "http" received) Oauth2:required key missing: flows Oidc:required key missing: openIdConnectUrl]]
vearutop commented 3 months ago

Please check v0.2.49.

devleejb commented 3 months ago

Thank you very much!