Export authSchemes and securityDefinitions

[superkhau]

From @JonnyBGod on May 10, 2016 20:6

We should be able to export auth specifications with swagger spec.

At least make it easy to hardcode it in options.

Copied from original issue: strongloop/loopback-component-explorer#162

[superkhau]

From @JonnyBGod on May 10, 2016 20:9

It would be perfect if it was possible to easily integrate with loopback-component-oauth2

[superkhau]

From @richardpringle on August 11, 2016 19:1

@JonnyBGod, should this be in loopback-swagger/issues?

[superkhau]

From @gunjpan on October 11, 2016 20:10

@JonnyBGod : Could you please post this issue in the correct place as shown above?
Also, a sample/example to understand what you're proposing will definitely help within the description.
Closing this now. Thank you and have a great day!

[superkhau]

@JonnyBGod I'm going to help move this issue over to the repo mentioned by @gunjpan and @richardpringle. Please add a better description of your issue there. I'll add a template you can edit there.

[superkhau]

@JonnyBGod

<!--
- DO NOT ask questions using GitHub issues (only bug or feature requests please,
  see http://loopback.io/doc/en/contrib/Reporting-issues.html#asking-questions)

- Please ask questions at https://groups.google.com/forum/#!forum/loopbackjs or
  https://gitter.im/strongloop/loopback

- Immediate support is available through our subscription plans, see
  https://strongloop.com/node-js/subscription-plans
-->

### Bug or feature request

- [ ] Bug
- [ ] Feature request

### Description of feature (or steps to reproduce if bug)



### Link to sample repo to reproduce issue (if bug)



### Expected result



### Actual result (if bug)



### Additional information (Node.js version, LoopBack version, etc)

[JonnyBGod]

Bug or feature request

• Bug
• Feature request

Description of feature (or steps to reproduce if bug)

The lib should generate swagger 2 Security Definitions Object. http://swagger.io/specification/#securityDefinitionsObject

This would enable the usage of proper authentication in swagger generated documentation pages such as http://petstore.swagger.io/. (check "Authorize" button)

Expected result

{
  "api_key": {
    "type": "apiKey",
    "name": "api_key",
    "in": "header"
  },
  "petstore_auth": {
    "type": "oauth2",
    "authorizationUrl": "http://swagger.io/api/oauth/dialog",
    "flow": "implicit",
    "scopes": {
      "write:pets": "modify pets in your account",
      "read:pets": "read your pets"
    }
  }
}

Additional information (Node.js version, LoopBack version, etc)

[JonnyBGod]

I believe the easiest way to configure this would be to enable the developer to configure the spec in config.json and export it.

[flvndvd]

Hey there,

Is someone able to tell me if this feature is coming soon cause I need to find a way to expose my scopes required for each method in my swagger.json ? If no, do you have another way to expose the scope in the swagger.json ?

[drmikecrowe]

I have a work-in-progress that supports this (for my application). Still needs automated tests, but the results work perfectly in http://editor.swagger.io/#!/

https:/drmikecrowe/loopback-swagger

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[sebastianhaas]

Still an important issue for me to be resolved.

[bajtos]

According to strongloop/loopback-component-explorer#209 (comment), we need to support authorization metadata in order to be able to use the latest version of Swagger UI.

[drmikecrowe]

Continuing my OAuth2 work:

• loopback-component-explorer
• loopback-swagger

I created tasks on each of what is left open (as far as I can see). This is definitely targeting Loopback 2/3 projects, and working in an OAuth2 application we've rolled out.

[STRML]

@drmikecrowe Would you be willing to make a PR from the mergeable parts of exporting security and securityDefinitions (I see some work from @mike-zipit there in your branch) - this will help us get this through.

[bajtos]

Closing as stale.