Forum Discussion

Soundman32's avatar
Soundman32
Visitor
2 years ago

Swagger generates invalid securitySchema for OAuth2 implicit flows

Using Swagger, I have registered an authorisation scheme.  The swagger.json file includes the securitySchemes:

 "securitySchemes": {
 "Bearer": {
  "type": "oauth2",
   "description": "blah blah",
"flows": {
"implicit": {
  "authorizationUrl": "https://...../oauth2/v2.0/authorize",
  "tokenUrl": "https://...../oauth2/v2.0/token",
  "scopes": {
  "https://blah": "Access User API"
  }
}
}
},

 

 

When compared to the spec here it looks correct.

 

authorizationUrlstringoauth2 ("implicit", "authorizationCode")REQUIRED. The authorization URL to be used for this flow. This MUST be in the form of a URL.
tokenUrlstringoauth2 ("password", "clientCredentials", "authorizationCode")REQUIRED. The token URL to be used for this flow. This MUST be in the form of a URL.

 

But 2 different validators (including editor.swagger.io) says it's incorrect:

 

 

Structural error at components.securitySchemes.Bearer.flows.implicit
should NOT have additional properties additionalProperty: tokenUrl

 

 

 

 

If I remove the tokenUrl, then it passes, but then it doesn't match what the spec requires.

 

 

No RepliesBe the first to reply