Swagger generates invalid securitySchema for OAuth2 implicit flows

Using Swagger, I have registered an authorisation scheme. The swagger.json file includes the securitySchemes:

 "securitySchemes": {
 "Bearer": {
  "type": "oauth2",
   "description": "blah blah",
   "flows": {
    "implicit": {
      "authorizationUrl": "https://...../oauth2/v2.0/authorize",
      "tokenUrl": "https://...../oauth2/v2.0/token",
      "scopes": {
        "https://blah": "Access User API"
     }
   }
  }
},

When compared to the spec here it looks correct.

authorizationUrl	string	oauth2 ("implicit", "authorizationCode")	REQUIRED. The authorization URL to be used for this flow. This MUST be in the form of a URL.
tokenUrl	string	oauth2 ("password", "clientCredentials", "authorizationCode")	REQUIRED. The token URL to be used for this flow. This MUST be in the form of a URL.

But 2 different validators (including editor.swagger.io) says it's incorrect:

Structural error at components.securitySchemes.Bearer.flows.implicit
should NOT have additional properties additionalProperty: tokenUrl

If I remove the tokenUrl, then it passes, but then it doesn't match what the spec requires.

Swagger Core

Swagger Editor

Forum Discussion

Swagger generates invalid securitySchema for OAuth2 implicit flows

Related Content

Turn off JScript implicit variable declaration

Generate JSON Schemas

Generating a schema for a generic list in c#

Generating report

Automating Oauth2 token retrieval- 'Implicit Grant' method . Java script in auth manager failing

Recent Discussions

Authorization Tag For Basic BASE64 Encoding

Support for Google Signin

parsing csv columns in enum on json file from flask-python

Swagger Editor (Local) CORS Error

SwaggerHub CORS Error