UNPKG

@scalar/openapi-types

Version:

Modern OpenAPI types

github.com/scalar/scalar

scalar/scalar

143 lines (142 loc) 4.94 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
import { z } from "zod"; const DescriptionSchema = z.object({ /** * A description for security scheme. CommonMark syntax MAY be used for rich text representation. */ description: z.string().optional() }); const ApiKeyInValues = ["query", "header", "cookie"]; const ApiKeySchema = DescriptionSchema.extend({ /** * REQUIRED. The type of the security scheme. Valid values are "apiKey", "http", "mutualTLS", "oauth2", * "openIdConnect". */ type: z.literal("apiKey"), /** * REQUIRED. The name of the header, query or cookie parameter to be used. * * TODO: Why do we use an empty string as the default? */ name: z.string().optional().default(""), /** * REQUIRED. The location of the API key. Valid values are "query", "header", or "cookie". */ in: z.enum(ApiKeyInValues).optional().default("header").catch("header") }); const HttpSchema = DescriptionSchema.extend({ /** * REQUIRED. The type of the security scheme. Valid values are "apiKey", "http", "mutualTLS", "oauth2", * "openIdConnect". */ type: z.literal("http"), /** * REQUIRED. The name of the HTTP Authentication scheme to be used in the Authorization header as defined in RFC7235. * The values used SHOULD be registered in the IANA Authentication Scheme registry. The value is case-insensitive, * as defined in RFC7235. */ scheme: z.string().toLowerCase().pipe(z.enum(["basic", "bearer"])).optional().default("basic"), /** * A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an * authorization server, so this information is primarily for documentation purposes. */ bearerFormat: z.union([z.literal("JWT"), z.literal("bearer"), z.string()]).optional() }); const OpenIdConnectSchema = DescriptionSchema.extend({ /** * REQUIRED. The type of the security scheme. Valid values are "apiKey", "http", "mutualTLS", "oauth2", * "openIdConnect". */ type: z.literal("openIdConnect"), /** * REQUIRED. Well-known URL to discover the [[OpenID-Connect-Discovery]] provider metadata. */ openIdConnectUrl: z.string().optional().default("") }); const authorizationUrl = z.string().default(""); const tokenUrl = z.string().default(""); const OAuthFlowObjectSchema = z.object({ /** * The URL to be used for obtaining refresh tokens. This MUST be in the form of a URL. The OAuth2 standard requires * the use of TLS. */ refreshUrl: z.string().optional(), /** * REQUIRED. The available scopes for the OAuth2 security scheme. A map * between the scope name and a short description for it. The map MAY be empty. */ scopes: z.record(z.string(), z.string().optional()).optional().default({}).catch({}) }); const ImplicitFlowSchema = OAuthFlowObjectSchema.extend({ type: z.literal("implicit").optional(), authorizationUrl }); const PasswordFlowSchema = OAuthFlowObjectSchema.extend({ type: z.literal("password").optional(), tokenUrl }); const ClientCredentialsFlowSchema = OAuthFlowObjectSchema.extend({ type: z.literal("clientCredentials").optional(), tokenUrl }); const AuthorizationCodeFlowSchema = OAuthFlowObjectSchema.extend({ type: z.literal("authorizationCode").optional(), authorizationUrl, tokenUrl }); const OAuthFlowsObjectSchema = DescriptionSchema.extend({ /** * REQUIRED. The type of the security scheme. Valid values are "apiKey", "http", "mutualTLS", "oauth2", * "openIdConnect". */ type: z.literal("oauth2"), /** * REQUIRED. An object containing configuration information for the flow types supported. */ flows: z.object({ /** * Configuration for the OAuth Implicit flow */ implicit: ImplicitFlowSchema.optional(), /** * Configuration for the OAuth Resource Owner Password flow */ password: PasswordFlowSchema.optional(), /** * Configuration for the OAuth Client Credentials flow. Previously called application in OpenAPI 2.0. */ clientCredentials: ClientCredentialsFlowSchema.optional(), /** * Configuration for the OAuth Authorization Code flow. Previously called accessCode in OpenAPI 2.0. */ authorizationCode: AuthorizationCodeFlowSchema.optional() }).partial() }); const MutualTlsSchema = DescriptionSchema.extend({ /** * REQUIRED. The type of the security scheme. Valid values are "apiKey", "http", "mutualTLS", "oauth2", * "openIdConnect". */ type: z.literal("mutualTLS") }); const SecuritySchemeObjectSchema = z.union([ ApiKeySchema, HttpSchema, MutualTlsSchema, OAuthFlowsObjectSchema, OpenIdConnectSchema ]); export { ApiKeyInValues, ApiKeySchema, AuthorizationCodeFlowSchema, ClientCredentialsFlowSchema, HttpSchema, ImplicitFlowSchema, MutualTlsSchema, OAuthFlowObjectSchema, OAuthFlowsObjectSchema, OpenIdConnectSchema, PasswordFlowSchema, SecuritySchemeObjectSchema }; //# sourceMappingURL=security-scheme-object.js.map