Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False positive error from oas3-schema rule with http security scheme with bearerFormat property #257

Open
mikekistler opened this issue Nov 20, 2024 · 2 comments
Open

False positive error from oas3-schema rule with http security scheme with bearerFormat property #257

mikekistler opened this issue Nov 20, 2024 · 2 comments

Comments

@mikekistler
Copy link

mikekistler commented Nov 20, 2024
edited
Loading

Type: Bug

The Spectral VSCode extension reports an error in an OAS v3.0.1 OpenAPI description for the following security scheme:

      "Bearer": {
        "type": "http",
        "scheme": "Bearer",
        "bearerFormat": "JWT"
      }

but this scheme is valid and in fact exactly matches the example of a JWT Bearer security scheme in the OpenAPI Specification.

I ran the Spectral CLI (version 6.13.1) on the same file and it does not flag this error.

Extension version: 1.1.2
VS Code version: Code 1.95.3 (f1a4fb101478ce6ec82fe9627c43efbf9e98c813, 2024-11-13T14:50:04.152Z)
OS version: Darwin arm64 24.1.0
Modes:
Remote OS version: Linux arm64 6.10.4-linuxkit
Remote OS version: Linux arm64 6.10.4-linuxkit

System Info
Item Value
CPUs Apple M1 Pro (10 x 2400)
GPU Status 2d_canvas: enabled
canvas_oop_rasterization: enabled_on
direct_rendering_display_compositor: disabled_off_ok
gpu_compositing: enabled
multiple_raster_threads: enabled_on
opengl: enabled_on
rasterization: enabled
raw_draw: disabled_off_ok
skia_graphite: disabled_off
video_decode: enabled
video_encode: enabled
webgl: enabled
webgl2: enabled
webgpu: enabled
webnn: disabled_off
Load (avg) 3, 4, 5
Memory (System) 32.00GB (0.08GB free)
Process Argv . --crash-reporter-id 419d896f-7e85-4c21-8845-5a77abdaec9d
Screen Reader no
VM 0%
Item Value
Remote Dev Container: C# (.NET) @ desktop-linux
OS Linux arm64 6.10.4-linuxkit
CPUs unknown (10 x 0)
Memory (System) 7.66GB (3.03GB free)
VM 0%
Item Value
Remote Dev Container @ desktop-linux
OS Linux arm64 6.10.4-linuxkit
CPUs unknown (10 x 0)
Memory (System) 7.66GB (3.03GB free)
VM 0%
A/B Experiments 
vsliv368cf:30146710
vspor879:30202332
vspor708:30202333
vspor363:30204092
pythonvspyt551cf:31179979
vscod805cf:30301675
binariesv615:30325510
vsaa593cf:30376535
py29gd2263:31024239
c4g48928:30535728
azure-dev_surveyone:30548225
962ge761:30959799
pythonnoceb:30805159
asynctok:30898717
pythonmypyd1:30879173
h48ei257:31000450
pythontbext0:30879054
cppperfnew:31000557
dsvsc020:30976470
pythonait:31006305
dsvsc021:30996838
9c06g630:31013171
dvdeprecation:31068756
dwnewjupytercf:31046870
2f103344:31071589
nativerepl2:31139839
pythonrstrctxt:31112756
cf971741:31144450
iacca1:31171482
notype1:31157159
5fd0e150:31155592
dwcopilot:31170013
stablechunks:31184530
@mikekistler
Copy link
Author

Forgot to mention that removing the "bearerFormat" property makes the error go away.

Here are some screen shots:

image

image

@frankkilcommins
Copy link
Contributor

@mikekistler thanks for reporting.

We'll be releasing a new version to the marketplace including latest spectral dependencies soon and will validate following that. If it's still an issue then, we'll dig deeper.

@frankkilcommins frankkilcommins mentioned this issue Nov 20, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@frankkilcommins @mikekistler