Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kiota needs validate the security scheme and let the user know the only accepted methods are OAuth2, HTTP+Bearer Token and OpenId Connect #5071

Closed
Tracked by #5021
maisarissi opened this issue Aug 1, 2024 · 5 comments
Closed
Tracked by #5021

Kiota needs validate the security scheme and let the user know the only accepted methods are OAuth2, HTTP+Bearer Token and OpenId Connect #5071

maisarissi opened this issue Aug 1, 2024 · 5 comments
Assignees
@calebkiage @samwelkanda
Labels
area:authentication Focused on the extension module of the product enhancement New feature or request generator Issues or improvements relater to generation capabilities. type:enhancement Enhancement request targeting an existing experience
Milestone
Kiota v1.18

Comments

@maisarissi
Copy link
Contributor

maisarissi commented Aug 1, 2024
edited
Loading

If the security scheme is provided in the OpenAPI description, Kiota should validate whether the auth type is supported when creating the API Plugins.

The only auth supported for now when creating an API Plugin are OAuth2, HTTP+Bearer Token and OpenId connect. Also, multiple auth in one operation is yet not supported.

If the security scheme is provided and the auth type is not supported, Kiota should thrown an error.

Superseeded by #5070.

Acceptance Criteria

  • Add validation for the auth type and thrown an error in the Kiota CLI and list the supported auths
  • Show an error message in the Kiota VS Code extension when the auth type is not supported and list the supported auths
  • Add validation for multiple auth in one operation and thrown an error in the Kiota CLI
  • Show an error message in the Kiota VS Code extension when there are multiple with in one operation
@maisarissi maisarissi mentioned this issue Aug 1, 2024
Closed
@github-project-automation github-project-automation bot moved this to Needs Triage 🔍 in Kiota Aug 1, 2024
@maisarissi maisarissi changed the title Kiota needs validate the security scheme and let the user know the only accepted methods are API Token, OAuth and Bearer Token Kiota needs validate the security scheme and let the user know the only accepted methods are API Key, OAuth and Bearer Token Aug 1, 2024
This was referenced Aug 1, 2024
Closed
Closed
Closed
@baywet
Copy link
Member

baywet commented Aug 2, 2024

I'm assuming this is "just an epic" and there's no actual work to be done here. Correct?

@baywet baywet added enhancement New feature or request generator Issues or improvements relater to generation capabilities. type:enhancement Enhancement request targeting an existing experience labels Aug 2, 2024
@baywet baywet moved this from Needs Triage 🔍 to Todo 📃 in Kiota Aug 2, 2024
@baywet baywet added this to the Backlog milestone Aug 2, 2024
@maisarissi
Copy link
Contributor Author

I wouldn't say a epic, because this is under the "Enabling authenticate API calls from Kiota API plugins" epic 😄 But yes, implementing the other issues mentioned above and making sure we are adding the "tasks" I mentioned here, this can be closed when the others are done.

@maisarissi maisarissi mentioned this issue Aug 14, 2024
Closed
@petrhollayms petrhollayms added the area:authentication Focused on the extension module of the product label Aug 16, 2024
@petrhollayms
Copy link
Contributor

We did not have the criteria specified as a requirement in other stories, so it would be a complementary story to #5070 . I added it there to have it on one place now, also as we need to throw an error for unknown/unsupported values anyway.

@maisarissi maisarissi changed the title Kiota needs validate the security scheme and let the user know the only accepted methods are API Key, OAuth and Bearer Token Kiota needs validate the security scheme and let the user know the only accepted methods are API Key, OAuth, HTTP+Bearer Token and OpenId Connect Aug 23, 2024
@petrhollayms petrhollayms moved this from Todo 📃 to Done ✔️ in Kiota Sep 4, 2024
@petrhollayms
Copy link
Contributor

Done in Kiota and for CLI. VS Code extension is post-GA now, tracked separately, so closing this issue here.

@maisarissi
Copy link
Contributor Author

Hey @petrhollayms . The validation and creating the right auth scheme in VS Code extensions is not post-GA. Post-GA is only providing a way for folks to add auth info when they are not available in the OpenAPI description (the UI implementation of --authentication-type and --authentication-reference-id).

@petrhollayms petrhollayms modified the milestones: Backlog, Kiota v1.18 Sep 5, 2024
@maisarissi maisarissi changed the title Kiota needs validate the security scheme and let the user know the only accepted methods are API Key, OAuth, HTTP+Bearer Token and OpenId Connect Kiota needs validate the security scheme and let the user know the only accepted methods are OAuth2, HTTP+Bearer Token and OpenId Connect Oct 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@calebkiage calebkiage

@samwelkanda samwelkanda

Labels
area:authentication Focused on the extension module of the product enhancement New feature or request generator Issues or improvements relater to generation capabilities. type:enhancement Enhancement request targeting an existing experience
Projects
Kiota
Archived in project
Milestone
Kiota v1.18
Development

No branches or pull requests
5 participants
@calebkiage @baywet @maisarissi @samwelkanda @petrhollayms