Merge pull request #436 from franzwilhelm/master

Add complete swagger 3.0 security support for oauth2, apiKey and basic
2017-05-16 11:17:35 +08:00 · 2017-05-16 11:17:35 +08:00 · 69760a96ec
parent a1e8589798 e8c0f528a6
commit 69760a96ec
5 changed files with 98 additions and 26 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -16,7 +16,7 @@ script:
  - go vet  $(go list ./... | grep -v /vendor/)
  - structcheck  $(go list ./... | grep -v /vendor/)
  - gosimple -ignore "$(cat gosimple.ignore)" $(go list ./... | grep -v /vendor/)
-  - staticcheck $(go list ./... | grep -v /vendor/)
+  - staticcheck -ignore "$(cat staticcheck.ignore)" $(go list ./... | grep -v /vendor/)
  - unused $(go list ./... | grep -v /vendor/)
  - unconvert $(go list ./... | grep -v /vendor/)
  - ineffassign .
--- a/generate/swaggergen/g_docs.go
+++ b/generate/swaggergen/g_docs.go
@ -184,11 +184,62 @@ func GenerateDocs(curpath string) {
 					rootapi.Schemes = strings.Split(strings.TrimSpace(s[len("@Schemes"):]), ",")
 				} else if strings.HasPrefix(s, "@Host") {
 					rootapi.Host = strings.TrimSpace(s[len("@Host"):])
+				} else if strings.HasPrefix(s, "@SecurityDefinition") {
+					if len(rootapi.SecurityDefinitions) == 0 {
+						rootapi.SecurityDefinitions = make(map[string]swagger.Security)
+					}
+					var out swagger.Security
+					p := getparams(strings.TrimSpace(s[len("@SecurityDefinition"):]))
+					if len(p) < 2 {
+						beeLogger.Log.Fatalf("Not enough params for security: %d\n", len(p))
+					}
+					out.Type = p[1]
+					switch out.Type {
+					case "oauth2":
+						if len(p) < 6 {
+							beeLogger.Log.Fatalf("Not enough params for oauth2: %d\n", len(p))
+						}
+						if !(p[3] == "implicit" || p[3] == "password" || p[3] == "application" || p[3] == "accessCode") {
+							beeLogger.Log.Fatalf("Unknown flow type: %s. Possible values are `implicit`, `password`, `application` or `accessCode`.\n", p[1])
+						}
+						out.AuthorizationURL = p[2]
+						out.Flow = p[3]
+						if len(p)%2 != 0 {
+							out.Description = strings.Trim(p[len(p)-1], `" `)
+						}
+						out.Scopes = make(map[string]string)
+						for i := 4; i < len(p)-1; i += 2 {
+							out.Scopes[p[i]] = strings.Trim(p[i+1], `" `)
+						}
+					case "apiKey":
+						if len(p) < 4 {
+							beeLogger.Log.Fatalf("Not enough params for apiKey: %d\n", len(p))
+						}
+						if !(p[3] == "header" || p[3] == "query") {
+							beeLogger.Log.Fatalf("Unknown in type: %s. Possible values are `query` or `header`.\n", p[4])
+						}
+						out.Name = p[2]
+						out.In = p[3]
+						if len(p) > 4 {
+							out.Description = strings.Trim(p[4], `" `)
+						}
+					case "basic":
+						if len(p) > 2 {
+							out.Description = strings.Trim(p[2], `" `)
+						}
+					default:
+						beeLogger.Log.Fatalf("Unknown security type: %s. Possible values are `oauth2`, `apiKey` or `basic`.\n", p[1])
+					}
+					rootapi.SecurityDefinitions[p[0]] = out
+				} else if strings.HasPrefix(s, "@Security") {
+					if len(rootapi.Security) == 0 {
+						rootapi.Security = make([]map[string][]string, 0)
+					}
+					rootapi.Security = append(rootapi.Security, getSecurity(s))
 				}
 			}
 		}
 	}
-
 	// Analyse controller package
 	for _, im := range f.Imports {
 		localName := ""
@ -631,6 +682,11 @@ func parserComments(comments *ast.CommentGroup, funcName, controllerName, pkgpat
 						opts.Produces = append(opts.Produces, ahtml)
 					}
 				}
+			} else if strings.HasPrefix(t, "@Security") {
+				if len(opts.Security) == 0 {
+					opts.Security = make([]map[string][]string, 0)
+				}
+				opts.Security = append(opts.Security, getSecurity(t))
 			}
 		}
 	}
@ -921,6 +977,19 @@ func appendModels(pkgpath, controllerName string, realTypes []string) {
 	}
 }

+func getSecurity(t string) (security map[string][]string) {
+	security = make(map[string][]string)
+	p := getparams(strings.TrimSpace(t[len("@Security"):]))
+	if len(p) == 0 {
+		beeLogger.Log.Fatalf("No params for security specified\n")
+	}
+	security[p[0]] = make([]string, 0)
+	for i := 1; i < len(p); i++ {
+		security[p[0]] = append(security[p[0]], p[i])
+	}
+	return
+}
+
 func urlReplace(src string) string {
 	pt := strings.Split(src, "/")
 	for i, p := range pt {
--- a/gosimple.ignore
+++ b/gosimple.ignore
@ -1,2 +1,3 @@
 github.com/beego/bee/cmd/commands/run/*.go:S1024
 github.com/beego/bee/cmd/commands/dlv/*.go:S1024
+github.com/beego/bee/utils/*.go:S1026
--- a/staticcheck.ignore
+++ b/staticcheck.ignore
@ -0,0 +1 @@
+github.com/beego/bee/generate/swaggergen/*.go:SA1024
--- a/vendor/github.com/astaxie/beego/swagger/swagger.go
+++ b/vendor/github.com/astaxie/beego/swagger/swagger.go
@ -22,19 +22,19 @@ package swagger

 // Swagger list the resource
 type Swagger struct {
-	SwaggerVersion      string              `json:"swagger,omitempty" yaml:"swagger,omitempty"`
-	Infos               Information         `json:"info" yaml:"info"`
-	Host                string              `json:"host,omitempty" yaml:"host,omitempty"`
-	BasePath            string              `json:"basePath,omitempty" yaml:"basePath,omitempty"`
-	Schemes             []string            `json:"schemes,omitempty" yaml:"schemes,omitempty"`
-	Consumes            []string            `json:"consumes,omitempty" yaml:"consumes,omitempty"`
-	Produces            []string            `json:"produces,omitempty" yaml:"produces,omitempty"`
-	Paths               map[string]*Item    `json:"paths" yaml:"paths"`
-	Definitions         map[string]Schema   `json:"definitions,omitempty" yaml:"definitions,omitempty"`
-	SecurityDefinitions map[string]Security `json:"securityDefinitions,omitempty" yaml:"securityDefinitions,omitempty"`
-	Security            map[string][]string `json:"security,omitempty" yaml:"security,omitempty"`
-	Tags                []Tag               `json:"tags,omitempty" yaml:"tags,omitempty"`
-	ExternalDocs        *ExternalDocs       `json:"externalDocs,omitempty" yaml:"externalDocs,omitempty"`
+	SwaggerVersion      string                `json:"swagger,omitempty" yaml:"swagger,omitempty"`
+	Infos               Information           `json:"info" yaml:"info"`
+	Host                string                `json:"host,omitempty" yaml:"host,omitempty"`
+	BasePath            string                `json:"basePath,omitempty" yaml:"basePath,omitempty"`
+	Schemes             []string              `json:"schemes,omitempty" yaml:"schemes,omitempty"`
+	Consumes            []string              `json:"consumes,omitempty" yaml:"consumes,omitempty"`
+	Produces            []string              `json:"produces,omitempty" yaml:"produces,omitempty"`
+	Paths               map[string]*Item      `json:"paths" yaml:"paths"`
+	Definitions         map[string]Schema     `json:"definitions,omitempty" yaml:"definitions,omitempty"`
+	SecurityDefinitions map[string]Security   `json:"securityDefinitions,omitempty" yaml:"securityDefinitions,omitempty"`
+	Security            []map[string][]string `json:"security,omitempty" yaml:"security,omitempty"`
+	Tags                []Tag                 `json:"tags,omitempty" yaml:"tags,omitempty"`
+	ExternalDocs        *ExternalDocs         `json:"externalDocs,omitempty" yaml:"externalDocs,omitempty"`
 }

 // Information Provides metadata about the API. The metadata can be used by the clients if needed.
@ -75,16 +75,17 @@ type Item struct {

 // Operation Describes a single API operation on a path.
 type Operation struct {
-	Tags        []string            `json:"tags,omitempty" yaml:"tags,omitempty"`
-	Summary     string              `json:"summary,omitempty" yaml:"summary,omitempty"`
-	Description string              `json:"description,omitempty" yaml:"description,omitempty"`
-	OperationID string              `json:"operationId,omitempty" yaml:"operationId,omitempty"`
-	Consumes    []string            `json:"consumes,omitempty" yaml:"consumes,omitempty"`
-	Produces    []string            `json:"produces,omitempty" yaml:"produces,omitempty"`
-	Schemes     []string            `json:"schemes,omitempty" yaml:"schemes,omitempty"`
-	Parameters  []Parameter         `json:"parameters,omitempty" yaml:"parameters,omitempty"`
-	Responses   map[string]Response `json:"responses,omitempty" yaml:"responses,omitempty"`
-	Deprecated  bool                `json:"deprecated,omitempty" yaml:"deprecated,omitempty"`
+	Tags        []string              `json:"tags,omitempty" yaml:"tags,omitempty"`
+	Summary     string                `json:"summary,omitempty" yaml:"summary,omitempty"`
+	Description string                `json:"description,omitempty" yaml:"description,omitempty"`
+	OperationID string                `json:"operationId,omitempty" yaml:"operationId,omitempty"`
+	Consumes    []string              `json:"consumes,omitempty" yaml:"consumes,omitempty"`
+	Produces    []string              `json:"produces,omitempty" yaml:"produces,omitempty"`
+	Schemes     []string              `json:"schemes,omitempty" yaml:"schemes,omitempty"`
+	Parameters  []Parameter           `json:"parameters,omitempty" yaml:"parameters,omitempty"`
+	Responses   map[string]Response   `json:"responses,omitempty" yaml:"responses,omitempty"`
+	Security    []map[string][]string `json:"security,omitempty" yaml:"security,omitempty"`
+	Deprecated  bool                  `json:"deprecated,omitempty" yaml:"deprecated,omitempty"`
 }

 // Parameter Describes a single operation parameter.
@ -100,7 +101,7 @@ type Parameter struct {
 	Default     interface{}     `json:"default,omitempty" yaml:"default,omitempty"`
 }

-// A limited subset of JSON-Schema's items object. It is used by parameter definitions that are not located in "body".
+// ParameterItems A limited subset of JSON-Schema's items object. It is used by parameter definitions that are not located in "body".
 // http://swagger.io/specification/#itemsObject
 type ParameterItems struct {
 	Type             string            `json:"type,omitempty" yaml:"type,omitempty"`
				`@ -0,0 +1 @@`
				`github.com/beego/bee/generate/swaggergen/*.go:SA1024`