Swagger-php: Cannot specify default security scheme

Created on 11 Jul 2018  路  2Comments  路  Source: zircote/swagger-php

OpenAPI 3.
I wanted to set Bearer Authentication as a default security scheme for my application, like described in this document: https://swagger.io/docs/specification/authentication/bearer-authentication/ , but I was not able to find the way how I can add 'security' keyword to API document root, so I had to add security keyword to every request.
Please, add a way to specify default security scheme from the whole API.

Most helpful comment

You can set values on the API document root with the @OA\OpenApi annotation.
I've fixed a bug, so now this also works for security.

 /**
  * @OA\OpenApi(
  *     security={
  *         {"api_key": {}}
  *     }
  * )
  */

Thanks for reporting the issue.

All 2 comments

You can set values on the API document root with the @OA\OpenApi annotation.
I've fixed a bug, so now this also works for security.

 /**
  * @OA\OpenApi(
  *     security={
  *         {"api_key": {}}
  *     }
  * )
  */

Thanks for reporting the issue.

Hello,

Please, can you provide a complete example for a login, logout or indicate where to find it.

I want to include in the logout the Bearer token in the Header as described the first comment.

I only have...

/**
 * @OA\Info(
 *      version="1.0.0",
 *      title="Sample API",
 *      description="Sample OpenApi description",
 *      @OA\Contact(
 *          email="[email protected]"
 *      )
 * )
 */

and for the login

 /**
     * @OA\Post(
     *     path="/api/v1/auth/login",
     *     tags={"Authorization"},
     *     summary="Logs user into system.",
     *     description="API Login. Return the token for later access.",
     *     operationId="login",
     *     @OA\Parameter(
     *         name="email",
     *         in="query",
     *         description="The email for login",
     *         required=true,
     *         @OA\Schema(
     *             type="string"
     *         )
     *     ),
     *     @OA\Parameter(
     *         name="password",
     *         in="query",
     *         required=true,
     *         @OA\Schema(
     *             type="string",
     *         )
     *     ),
     *     @OA\Response(
     *         response=200,
     *         description="successful operation",
     *     ),
     *     @OA\Response(
     *         response=401,
     *         description="Invalid username/password supplied"
     *     )
     * )
     */
    public function login(Request $request): JsonResponse {
   ...
}

and this for logout

    /**
     * @OA\Post(
     *     path="/api/v1/auth/logout",
     *     tags={"Authorization"},
     *     summary="Logs out current logged in user session",
     *     description="API Logout. Invalidates the session token.",
     *     operationId="logout",
     *     @OA\Response(
     *         response=200,
     *         description="successful operation",
     *     ),
     *     @OA\Response(
     *         response=401,
     *         description="Invalid operation"
     *     )
     * )
     */
    public function logout(Request $request)
{
...
}

Any help is welcomed.

Thanks and best regards

Was this page helpful?
0 / 5 - 0 ratings

Related issues

xywenke picture xywenke  路  4Comments

hpatoio picture hpatoio  路  3Comments

birendragurung picture birendragurung  路  3Comments

MKHSKY picture MKHSKY  路  3Comments

bfanger picture bfanger  路  4Comments