Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security things #84

Open
karenetheridge opened this issue Oct 4, 2024 · 0 comments
Open

security things #84

karenetheridge opened this issue Oct 4, 2024 · 0 comments
Labels
enhancement New feature or request spec support something that the spec says should be supported

Comments

@karenetheridge
Copy link
Owner

document validation:

  • security requirements in an operation must correspond to security schemes defined in /components

runtime validation:

  • minimal implementation: we can at least check if a security requirement is declared for an operation, and bomb out with the appropriate 40x error if the query/header/cookie is missing.

  • provide some sort of hook where the caller can provide an implementation for performing authentication/authorization of a request or response: provide the request/response and the relevant bits of the OpenAPI object parsed into a sensible format, etc. TBD pending discussion with users.
@karenetheridge karenetheridge added enhancement New feature or request spec support something that the spec says should be supported labels Oct 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request spec support something that the spec says should be supported
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@karenetheridge