Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend Security Scheme Object to support DPoP token specification #3613

Closed
wants to merge 1 commit into from
Closed

Extend Security Scheme Object to support DPoP token specification #3613

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 7 additions & 3 deletions versions/3.0.3.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3188,7 +3188,7 @@ Field Name | Type | Applies To | Description
<a name="securitySchemeDescription"></a>description | `string` | Any | A short description for security scheme. [CommonMark syntax](https://spec.commonmark.org/) MAY be used for rich text representation.
<a name="securitySchemeName"></a>name | `string` | `apiKey` | **REQUIRED**. The name of the header, query or cookie parameter to be used.
<a name="securitySchemeIn"></a>in | `string` | `apiKey` | **REQUIRED**. The location of the API key. Valid values are `"query"`, `"header"` or `"cookie"`.
<a name="securitySchemeScheme"></a>scheme | `string` | `http` | **REQUIRED**. The name of the HTTP Authorization scheme to be used in the [Authorization header as defined in RFC7235](https://tools.ietf.org/html/rfc7235#section-5.1). The values used SHOULD be registered in the [IANA Authentication Scheme registry](https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

adding a required statement , might be seen as a breaking change , even if here it is not formulated inside a strong schema validation. so any addition should be set as optionnal

given the addition should go in the 3.2 as a target branch

required statement would mandate a version change , and so going to moonwalk

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the review. Could we possibly change the base branch of the current PR instead of creating a new one? I'll need to check if it has a common history with the current branch to ensure there are no conflicts. Do you think that would be a better approach, or would you recommend creating a new PR?

<a name="securitySchemeScheme"></a>scheme | `string` | `http`, `oauth2` | **REQUIRED**. The name of the HTTP Authorization scheme to be used in the [Authorization header as defined in RFC7235](https://tools.ietf.org/html/rfc7235#section-5.1). The values used SHOULD be registered in the [IANA Authentication Scheme registry](https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml).
<a name="securitySchemeBearerFormat"></a>bearerFormat | `string` | `http` (`"bearer"`) | A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes.
<a name="securitySchemeFlows"></a>flows | [OAuth Flows Object](#oauthFlowsObject) | `oauth2` | **REQUIRED**. An object containing configuration information for the flow types supported.
<a name="securitySchemeOpenIdConnectUrl"></a>openIdConnectUrl | `string` | `openIdConnect` | **REQUIRED**. OpenId Connect URL to discover OAuth2 configuration values. This MUST be in the form of a URL.
Expand Down Expand Up @@ -3248,6 +3248,7 @@ bearerFormat: JWT
```json
{
"type": "oauth2",
"scheme": "bearer",
"flows": {
"implicit": {
"authorizationUrl": "https://example.com/api/oauth/dialog",
Expand All @@ -3262,7 +3263,8 @@ bearerFormat: JWT

```yaml
type: oauth2
flows:
scheme: bearer
flows:
implicit:
authorizationUrl: https://example.com/api/oauth/dialog
scopes:
Expand Down Expand Up @@ -3303,6 +3305,7 @@ This object MAY be extended with [Specification Extensions](#specificationExtens
```JSON
{
"type": "oauth2",
"scheme": "bearer",
"flows": {
"implicit": {
"authorizationUrl": "https://example.com/api/oauth/dialog",
Expand All @@ -3325,7 +3328,8 @@ This object MAY be extended with [Specification Extensions](#specificationExtens

```yaml
type: oauth2
flows:
scheme: bearer
flows:
implicit:
authorizationUrl: https://example.com/api/oauth/dialog
scopes:
Expand Down