- Use these vendor-extensions to pre fill client-id and client-secret in the UI
+ Use these vendor-extensions to pre fill client-id and client-secret
+ and to eventually pre select scopes in the UI
- Pre fill client-id and client-secret with vendor extension 'x-client-id' and 'x-client-secret'
+ Pre fill client-id and client-secret with vendor extension 'x-client-id' and 'x-client-secret', and pre select
+ desired scopes with vendor extension 'x-default-scopes'
diff --git a/docs/specs/oauth-vendor-extension.yaml b/docs/specs/oauth-vendor-extension.yaml
index 6e846486..fcaa6f37 100644
--- a/docs/specs/oauth-vendor-extension.yaml
+++ b/docs/specs/oauth-vendor-extension.yaml
@@ -2,10 +2,11 @@ openapi: 3.0.0
info:
title: Petstore API
description: |
- Example to show how to use `x-client-id` and `x-client-secret` vendor extensions to pre fill them in the UI.
-
- Below is the Open API spec snippet that shows its usage,
- and if you check the authentication section you will find that client-id and client-secret is pre-filled, the user just needs to click on `GET TOKEN`
+ Example to show how to use `x-client-id`, `x-client-secret` and `x-default-scopes` vendor extensions to pre fill them in the UI.
+
+ Below is the Open API spec snippet that shows its usage,
+ and if you check the authentication section you will find that client-id and client-secret are pre-filled, the user just needs to click on `GET TOKEN`.
+ Also notice that the scope `dog-lover` is already checked
```yaml
openapi: 3.0.0
...
@@ -16,6 +17,7 @@ info:
type: oauth2
x-client-id: my-client-id # <--- when provided it will be pre filled in RapiDoc UI
x-client-secret: my-client-secret # <--- when provided it will be pre filled in RapiDoc UI
+ x-default-scopes: [dog-lover] # <--- when provided scopes will be pre checked in RapiDoc UI
flows:
authorizationCode:
authorizationUrl: /authorize
@@ -53,6 +55,8 @@ components:
description: You authorize requests, by providing client credentials.
x-client-id: my-client-id
x-client-secret: my-client-secret
+ x-default-scopes:
+ - dog-lover
flows:
authorizationCode:
authorizationUrl: /authorize
diff --git a/src/templates/security-scheme-template.js b/src/templates/security-scheme-template.js
index 22c344cb..ac74a82a 100644
--- a/src/templates/security-scheme-template.js
+++ b/src/templates/security-scheme-template.js
@@ -252,7 +252,7 @@ async function onInvokeOAuthFlow(securitySchemeId, flowType, authUrl, tokenUrl,
/* eslint-disable indent */
-function oAuthFlowTemplate(flowName, clientId, clientSecret, securitySchemeId, authFlow) {
+function oAuthFlowTemplate(flowName, clientId, clientSecret, securitySchemeId, authFlow, defaultScopes = []) {
let { authorizationUrl, tokenUrl, refreshUrl } = authFlow.authorizationUrl;
const isUrlAbsolute = (url) => (url.indexOf('://') > 0 || url.indexOf('//') === 0);
if (refreshUrl && !isUrlAbsolute(refreshUrl)) {
@@ -277,8 +277,8 @@ function oAuthFlowTemplate(flowName, clientId, clientSecret, securitySchemeId, a
flowNameDisplay = flowName;
}
return html`
-
-
${flowNameDisplay}
+
+
${flowNameDisplay}
${authorizationUrl
? html`
Auth URL ${authorizationUrl}
`
: ''
@@ -299,7 +299,7 @@ function oAuthFlowTemplate(flowName, clientId, clientSecret, securitySchemeId, a
`;
}
@@ -424,14 +424,14 @@ export default function securitySchemeTemplate() {
? html`Send ${v.name} in ${v.in}`
: html`Send Authorization in header containing the word Bearer followed by a space and a Token String.`
}
-
+
${v.in !== 'cookie'
? html`
`
: html` cookies cannot be set from here`
@@ -443,14 +443,14 @@ export default function securitySchemeTemplate() {
? html`
Send Authorization in header containing the word Basic followed by a space and a base64 encoded string of username:password.
-