OpenAPI and JSON-LD
Hello, Could you please tell me if OpenAPI supports the use of JSON-LD? I am using OpenAPI 3.0.1, and I am trying to include in the Schema some context information in order to add IRIs for objects/properties that are described in the Schema. If yes, are there any examples available? If not, do you know of any alternatives besides using x-<label>? Thank you very much for your help! FlorinaCan't upload files within a nested object Asp.NET
I'm working with asp.net. Usually when you want to include file data in your http request you can use the interface IFormFile within your input object. For example, if I define the object public class A { public IFormFile file {get; set; } } and then an endpoint: public ActionResult Test([FromForm] A a) {...} it will generate a GUI that lets you upload a file. This is all fine but I'm encountering a case where it has problems. If a define an object B that contains a collection of A: public class A { public IEnumerable<A> objects {get; set; } } then the generated GUI won't let me upload a file for the nested field B.A.File and instead it treats it as a simple string. If anyone has a solution for this it'd help me very muchCreating new Swagger UI page
My company have an existing swagger UI page. This page maintain all the public and the internals api's of the company. My task is to create a new page exactly like this that keeps only the public api's. I have 0 knowledge about swagger and how to create\modify pages so any general explanation/articles of how to resolve my task will be very helpful.AsyncApi support
Hi, I've been looking into AsyncApi,https://www.asyncapi.com/,and it has also been mentioned in the Q&A earlier. I'm wondering if there is any plan to add AsyncApi support to swagger? meaning that I can give a AsyncApi specification file to the swagger-ui and visualize the spec. I imagine something like this:https://petstore.swagger.io/?url=https://raw.githubusercontent.com/asyncapi/asyncapi/v2.2.0/examples/simple.ymlBeat practices for authenticating user prior to rendering the swagger landing page?
Hello: I need to authenticate users before displaying the swagger landing page. It's great that I can add authorization to the "try it" feature, and I've done that, but I want to authenticate users before they even see the list of API endpoints, and schemas. My application is a .NET Core 3.1 application hosted in IIS. Should I simply enable IIS level authentication to handle the initial authentication? Will the user be propagated to swagger UI or will the user have to "Authorize" again on the UI using the swagger UI authorize button? ty!How to set the clientId and the clientSecret for displaying automatically on Authorization page?
On my Spring Boot application, I am trying to replace Swagger 2 with OpenApi 3. In the current implementation of SwaggerConfiguration class, @Configuration @EnableSwagger2 public class SwaggerConfig { ... @Bean public Docket api() { return new Docket(DocumentationType.SWAGGER_2) .select() .apis(RequestHandlerSelectors.any()) .paths(PathSelectors.any()) .build() .securitySchemes(Collections.singletonList(securityScheme())) .host(host) .securityContexts(Collections.singletonList(securityContext())); } @Bean public SecurityConfiguration security() { return SecurityConfigurationBuilder.builder() .clientId(swaggerCredentialsProvider.getClientId()) .clientSecret(swaggerCredentialsProvider.getClientSecret()) .scopeSeparator(" ") .useBasicAuthenticationWithAccessCodeGrant(true) .build(); } private SecurityScheme securityScheme() { GrantType grantType = new AuthorizationCodeGrantBuilder() .tokenEndpoint(new TokenEndpoint(tokenEndpoint, "code")) .tokenRequestEndpoint(new TokenRequestEndpoint(tokenRequestEndpoint, swaggerCredentialsProvider.getClientId(), swaggerCredentialsProvider.getClientSecret())) .build(); return new OAuthBuilder().name("spring_oauth") .grantTypes(Collections.singletonList(grantType)) .scopes(Arrays.asList(scopes())).build(); } ... } In this sample code, I give the clientId and the clientSecret and it will display automatically on the swagger-ui Authorization page: In my new implementation of OpenApi Configuration @Bean public OpenAPI customOpenAPI() { OAuthFlow oAuthFlow = new OAuthFlow() .tokenUrl(tokenEndpoint) .authorizationUrl(tokenRequestEndpoint) .scopes(new Scopes().addString(scope, "")); return new OpenAPI() .components(new Components() .addSecuritySchemes("security_auth", new SecurityScheme() .flows(new OAuthFlows().authorizationCode(oAuthFlow)) .type(SecurityScheme.Type.OAUTH2).scheme("oauth2"))) .info(new Info() .title(appName) .version(appVersion) .description(appDescription)); } I do not find a way to set theses information. I tried to set springdoc.swagger-ui.oauth.clientId in the application.property file, but the clientId did not display. How to set the clientId and the clientSecret with OpenApi 3 for displaying automatically on the Authorization Page?Callbacks and readOnly/writeOnly
I have a question about how the readOnly and writeOnly properties relate to webhook requests. The spec says of readOnly "This means that it MAY be sent as part of a response but SHOULD NOT be sent as part of the request" which seems clear enough. But while a callback is a request at the network level, at the semantic level it contains response data from the API. For example if I have a schema for an object which has a readOnly createdDate property, I mean that it is forbidden in the request body when creating an object but will be present in the response when fetching an object. And when it comes to a callback, I would expect the createdDate to be present in the request body of the callback when it is sent to the remote server. The Swagger UI omits readOnly properties from the schema of requests, including callbacks. I started out creating a bug report there before realising that the implemented behaviour is a valid interpretation of the OpenAPI spec. But it seems wrong to me. I can't think of a situation where this behaviour is what I would want. If this issue has been debated before, could someone point me to the discussion? If not, would there be any appetite for clarifying the spec to make readOnly/writeOnly relative to the API rather than the network request?SolveddeepObject not working as expected when used inside requestBody.
openApi 3.0 spec: paths: /users/: post: summary: creates a user requestBody: content: application/x-www-form-urlencoded: schema: type: object properties: first_name: type: string last_name: type: string address: type: object properties: first_name: type: string last_name: type: string email: type: string company: type: string encoding: address: style: deepObject explode: true On serialising the address object using deepObject the following is expected : address[first_name] = "" address[last_name] = "" .... It is not working as expected when i use it inside requestBody . But when i use it inside query parameter it is working fine , can you help me with this ? Thanks,