OpenAPI 3.
I wanted to set Bearer Authentication as a default security scheme for my application, like described in this document: https://swagger.io/docs/specification/authentication/bearer-authentication/ , but I was not able to find the way how I can add 'security' keyword to API document root, so I had to add security keyword to every request.
Please, add a way to specify default security scheme from the whole API.
You can set values on the API document root with the @OA\OpenApi annotation.
I've fixed a bug, so now this also works for security.
/**
* @OA\OpenApi(
* security={
* {"api_key": {}}
* }
* )
*/
Thanks for reporting the issue.
Hello,
Please, can you provide a complete example for a login, logout or indicate where to find it.
I want to include in the logout the Bearer token in the Header as described the first comment.
I only have...
/**
* @OA\Info(
* version="1.0.0",
* title="Sample API",
* description="Sample OpenApi description",
* @OA\Contact(
* email="[email protected]"
* )
* )
*/
and for the login
/**
* @OA\Post(
* path="/api/v1/auth/login",
* tags={"Authorization"},
* summary="Logs user into system.",
* description="API Login. Return the token for later access.",
* operationId="login",
* @OA\Parameter(
* name="email",
* in="query",
* description="The email for login",
* required=true,
* @OA\Schema(
* type="string"
* )
* ),
* @OA\Parameter(
* name="password",
* in="query",
* required=true,
* @OA\Schema(
* type="string",
* )
* ),
* @OA\Response(
* response=200,
* description="successful operation",
* ),
* @OA\Response(
* response=401,
* description="Invalid username/password supplied"
* )
* )
*/
public function login(Request $request): JsonResponse {
...
}
and this for logout
/**
* @OA\Post(
* path="/api/v1/auth/logout",
* tags={"Authorization"},
* summary="Logs out current logged in user session",
* description="API Logout. Invalidates the session token.",
* operationId="logout",
* @OA\Response(
* response=200,
* description="successful operation",
* ),
* @OA\Response(
* response=401,
* description="Invalid operation"
* )
* )
*/
public function logout(Request $request)
{
...
}
Any help is welcomed.
Thanks and best regards
Most helpful comment
You can set values on the API document root with the
@OA\OpenApiannotation.I've fixed a bug, so now this also works for
security.Thanks for reporting the issue.