Swagger 2.0 's security scheme validated against OAS 3.0 instead of swagger 2.0 #4364
Labels
Comments
|
This issue was moved to swagger-api/swagger-editor#1711 |
|
Locking due to inactivity. This is done to avoid resurrecting old issues and bumping long threads with new, possibly unrelated content. If you think you're experiencing something similar to what you've found here: please open a new issue, follow the template, and reference this issue in your report. Thanks! |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
When editing a swagger 2.0 yaml content featuring oauth2 security schemes like below:
securityDefinitions:
oauth2_Password:
type: oauth2
tokenUrl: /authorizationserver/oauth/token
flow: password
scopes:
basic: ''
oauth2_client_credentials:
type: oauth2
tokenUrl: /authorizationserver/oauth/token
flow: application
scopes:
extended: ''
Validation error is reported:
Schema error at securityDefinitions['oauth2_Password']
should NOT have additional properties
additionalProperty: tokenUrl, flow, scopes
Jump to line 5243
Schema error at securityDefinitions['oauth2_Password'].type
should be equal to one of the allowed values
allowedValues: basic, apiKey
Jump to line 5244
Schema error at securityDefinitions['oauth2_Password'].tokenUrl
should match format "uri"
format: uri
Jump to line 5245
Schema error at securityDefinitions['oauth2_Password'].flow
should be equal to one of the allowed values
allowedValues: implicit, application, accessCode
Jump to line 5246
Basically the validator acts as if the input content was OAS 3.0 while it is swagger 2.0 content
Demonstration API definition
See above
Configuration (browser query string, constructor, config.yaml)
regular use of editor.swagger.io
Expected Behavior
No error should be shown for this part of the yaml
Current Behavior
See above
Possible Solution
Context
The error messages are misleading. They claim the content is not valid when it is.
The text was updated successfully, but these errors were encountered: