Swagger generates invalid securitySchema for OAuth2 implicit flows

Using Swagger, I have registered an authorisation scheme. The swagger.json file includes the securitySchemes:

 "securitySchemes": {
 "Bearer": {
  "type": "oauth2",
   "description": "blah blah",
   "flows": {
    "implicit": {
      "authorizationUrl": "https://...../oauth2/v2.0/authorize",
      "tokenUrl": "https://...../oauth2/v2.0/token",
      "scopes": {
        "https://blah": "Access User API"
     }
   }
  }
},

When compared to the spec here it looks correct.

authorizationUrl	string	oauth2 ("implicit", "authorizationCode")	REQUIRED. The authorization URL to be used for this flow. This MUST be in the form of a URL.
tokenUrl	string	oauth2 ("password", "clientCredentials", "authorizationCode")	REQUIRED. The token URL to be used for this flow. This MUST be in the form of a URL.

But 2 different validators (including editor.swagger.io) says it's incorrect:

Structural error at components.securitySchemes.Bearer.flows.implicit
should NOT have additional properties additionalProperty: tokenUrl

If I remove the tokenUrl, then it passes, but then it doesn't match what the spec requires.

Swagger Core

Swagger Editor

Forum Discussion

Swagger generates invalid securitySchema for OAuth2 implicit flows

Related Content

Turn off JScript implicit variable declaration

Generate JSON Schemas

Automating Oauth2 token retrieval- 'Implicit Grant' method . Java script in auth manager failing

Generating a schema for a generic list in c#

Generating report

Recent Discussions

Swagger Form Editor

Swagger Editor Display Fault

requestInterceptor with Python

Swagger - hide definition, BUT....

Customize Swagger like spotify web console