1. Atlassian Avatar Atlassian
  2. Tooling and Automation
  3. swagger-request-validator
  4. Issues

Validate security spec of an operation

Issue #30 resolved
Anshul Bajpai created an issue

We noticed that security spec of an operation isn't validated against top level securityDefinitions. e.g. if we have the following top level securityDefinitions and a security definition on an operation.

{
    "securityDefinitions": {
        "Bearer": {
            "type": "apiKey",
            "name": "Authorization",
            "in": "header",
            "description": "Authentication by Bearer token"
        }
    },
    "paths": {
        "/hello": {
            "get": {
                "security": [{
                    "Bearer": []
                }]
            }
        }
    }
}

calling GET /hello without an Authorisation header is validated.

Comments (4)

  3. James Navin

    Yep - this one has been on my list for a while. Currently there is no validation of security specs at all.

    PRs will be gratefully accepted! (Just note the contributor section in the README - a signed CLA will be required before I can merge in any contributions). Thanks!

  5. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Votes
1
Watchers
2