Contributions
Swagger generates invalid securitySchema for OAuth2 implicit flows
Using Swagger, I have registered an authorisation scheme. The swagger.json file includes the securitySchemes: "securitySchemes": { "Bearer": { "type": "oauth2", "description": "blah blah", "flows": { "implicit": { "authorizationUrl": "https://...../oauth2/v2.0/authorize", "tokenUrl": "https://...../oauth2/v2.0/token", "scopes": { "https://blah": "Access User API" } } } }, When compared to the spec hereit looks correct. authorizationUrl string oauth2("implicit","authorizationCode") REQUIRED. The authorization URL to be used for this flow. This MUST be in the form of a URL. tokenUrl string oauth2("password","clientCredentials","authorizationCode") REQUIRED. The token URL to be used for this flow. This MUST be in the form of a URL. But 2 different validators (including editor.swagger.io) says it's incorrect: Structural error at components.securitySchemes.Bearer.flows.implicit should NOT have additional properties additionalProperty: tokenUrl If I remove the tokenUrl, then it passes, but then it doesn't match what the spec requires.634Views0likes0Comments