From dac0cee12856bb624422d107bf0fe69b6d3e27ab Mon Sep 17 00:00:00 2001 From: Jeffy Mathew Date: Mon, 18 Nov 2024 11:13:05 +0100 Subject: [PATCH 1/4] Make upstream oauth flow client secret omitempty --- apidef/api_definitions.go | 2 +- apidef/oas/upstream.go | 2 +- apidef/schema.go | 1 - 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/apidef/api_definitions.go b/apidef/api_definitions.go index 53a536c0807..d8bc35864ec 100644 --- a/apidef/api_definitions.go +++ b/apidef/api_definitions.go @@ -849,7 +849,7 @@ type ClientAuthData struct { // ClientID is the application's ID. ClientID string `bson:"client_id" json:"client_id"` // ClientSecret is the application's secret. - ClientSecret string `bson:"client_secret" json:"client_secret"` + ClientSecret string `bson:"client_secret,omitempty" json:"client_secret,omitempty"` // client secret is optional for password flow } // ClientCredentials holds the client credentials for upstream OAuth2 authentication. diff --git a/apidef/oas/upstream.go b/apidef/oas/upstream.go index 84e503a6061..6a5505a8cf8 100644 --- a/apidef/oas/upstream.go +++ b/apidef/oas/upstream.go @@ -681,7 +681,7 @@ type ClientAuthData struct { // ClientID is the application's ID. ClientID string `bson:"clientId" json:"clientId"` // ClientSecret is the application's secret. - ClientSecret string `bson:"clientSecret" json:"clientSecret"` + ClientSecret string `bson:"clientSecret,omitempty" json:"clientSecret,omitempty"` // client secret is optional for password flow } // ClientCredentials holds the configuration for OAuth2 Client Credentials flow. diff --git a/apidef/schema.go b/apidef/schema.go index 34c48674e61..f3c62b8576b 100644 --- a/apidef/schema.go +++ b/apidef/schema.go @@ -1107,7 +1107,6 @@ const Schema = `{ }, "required": [ "client_id", - "client_secret", "token_url", "username", "password" From 0e7323661b9292f63e2030357ec339bb28a30748 Mon Sep 17 00:00:00 2001 From: Jeffy Mathew Date: Mon, 18 Nov 2024 12:41:25 +0100 Subject: [PATCH 2/4] add default value for client secret in schema test --- apidef/api_definitions.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/apidef/api_definitions.go b/apidef/api_definitions.go index d8bc35864ec..9e36c17bcfb 100644 --- a/apidef/api_definitions.go +++ b/apidef/api_definitions.go @@ -1527,6 +1527,17 @@ func DummyAPI() APIDefinition { CORS: defaultCORSConfig, Tags: []string{}, GraphQL: graphql, + UpstreamAuth: UpstreamAuth{ + Enabled: true, + OAuth: UpstreamOAuth{ + Enabled: true, + ClientCredentials: ClientCredentials{ + ClientAuthData: ClientAuthData{ + ClientSecret: "dummy", // workaround to fix schema error + }, + }, + }, + }, } } From d19e4bada3d47812c73e815d13449df5fdf2949e Mon Sep 17 00:00:00 2001 From: Jeffy Mathew Date: Mon, 18 Nov 2024 13:07:25 +0100 Subject: [PATCH 3/4] limit dummy value only in schema test --- apidef/api_definitions.go | 11 ----------- apidef/api_definitions_test.go | 11 +++++++++++ 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/apidef/api_definitions.go b/apidef/api_definitions.go index 9e36c17bcfb..d8bc35864ec 100644 --- a/apidef/api_definitions.go +++ b/apidef/api_definitions.go @@ -1527,17 +1527,6 @@ func DummyAPI() APIDefinition { CORS: defaultCORSConfig, Tags: []string{}, GraphQL: graphql, - UpstreamAuth: UpstreamAuth{ - Enabled: true, - OAuth: UpstreamOAuth{ - Enabled: true, - ClientCredentials: ClientCredentials{ - ClientAuthData: ClientAuthData{ - ClientSecret: "dummy", // workaround to fix schema error - }, - }, - }, - }, } } diff --git a/apidef/api_definitions_test.go b/apidef/api_definitions_test.go index b3408b7ec98..bd18133c34e 100644 --- a/apidef/api_definitions_test.go +++ b/apidef/api_definitions_test.go @@ -15,6 +15,17 @@ func TestSchema(t *testing.T) { schemaLoader := schema.NewBytesLoader([]byte(Schema)) spec := DummyAPI() + spec.UpstreamAuth = UpstreamAuth{ + Enabled: true, + OAuth: UpstreamOAuth{ + Enabled: true, + ClientCredentials: ClientCredentials{ + ClientAuthData: ClientAuthData{ + ClientSecret: "dummy", // workaround to fix schema error + }, + }, + }, + } goLoader := schema.NewGoLoader(spec) result, err := schema.Validate(schemaLoader, goLoader) if err != nil { From 353377fad32d1edc912e18f730545a4b32b757cd Mon Sep 17 00:00:00 2001 From: Jeffy Mathew Date: Mon, 18 Nov 2024 13:46:06 +0100 Subject: [PATCH 4/4] add dummy value in TestSchemaGraphqlConfig --- apidef/api_definitions_test.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/apidef/api_definitions_test.go b/apidef/api_definitions_test.go index bd18133c34e..8b488c9b2cc 100644 --- a/apidef/api_definitions_test.go +++ b/apidef/api_definitions_test.go @@ -111,6 +111,17 @@ func TestSchemaGraphqlConfig(t *testing.T) { schemaLoader := schema.NewBytesLoader([]byte(Schema)) spec := DummyAPI() + spec.UpstreamAuth = UpstreamAuth{ + Enabled: true, + OAuth: UpstreamOAuth{ + Enabled: true, + ClientCredentials: ClientCredentials{ + ClientAuthData: ClientAuthData{ + ClientSecret: "dummy", // workaround to fix schema error + }, + }, + }, + } spec.GraphQL.ExecutionMode = "" goLoader := schema.NewGoLoader(spec)