public function OpenApiGeneratorBase::getSecurityDefinitions in OpenAPI 8.2
Same name and namespace in other branches
- 8 src/Plugin/openapi/OpenApiGeneratorBase.php \Drupal\openapi\Plugin\openapi\OpenApiGeneratorBase::getSecurityDefinitions()
Get a list a valid security method definitions.
Returned schema should be similar to the below structure.
``` { "api_key": { "type": "apiKey", "name": "api_key", "in": "header" }, "petstore_auth": { "type": "oauth2", "authorizationUrl": "http://swagger.io/api/oauth/dialog", "flow": "implicit", "scopes": { "write:pets": "modify pets in your account", "read:pets": "read your pets" } } } ```
Return value
array Associative array of security definitions.
Overrides OpenApiGeneratorInterface::getSecurityDefinitions
2 calls to OpenApiGeneratorBase::getSecurityDefinitions()
- OpenApiGeneratorBase::getSecurity in src/
Plugin/ openapi/ OpenApiGeneratorBase.php - Returns a list of valid security types for the api.
- OpenApiGeneratorBase::getSpecification in src/
Plugin/ openapi/ OpenApiGeneratorBase.php - Generates OpenAPI specification.
File
- src/
Plugin/ openapi/ OpenApiGeneratorBase.php, line 248
Class
- OpenApiGeneratorBase
- Defines base class for OpenApi Generator plugins.
Namespace
Drupal\openapi\Plugin\openapiCode
public function getSecurityDefinitions() {
$base_url = $this->request
->getSchemeAndHttpHost() . '/' . $this->request
->getBasePath();
$auth_providers = $this->authenticationCollector
->getSortedProviders();
$security_definitions = [];
foreach ($auth_providers as $provider => $info) {
$def = NULL;
switch ($provider) {
case 'basic_auth':
$def = [
'type' => 'basic',
];
break;
case 'oauth2':
$def = [
'type' => 'oauth2',
'description' => 'For more information see https://developers.getbase.com/docs/rest/articles/oauth2/requests',
'flows' => [
'password' => [
'tokenUrl' => $base_url . 'oauth/token',
'refreshUrl' => $base_url . 'oauth/token',
],
'authorizationCode' => [
'authorizationUrl' => $base_url . 'oauth/authorize',
'tokenUrl' => $base_url . 'oauth/token',
'refreshUrl' => $base_url . 'oauth/token',
],
'implicit' => [
'authorizationUrl' => $base_url . 'oauth/authorize',
'refreshUrl' => $base_url . 'oauth/token',
],
'clientCredentials' => [
'tokenUrl' => $base_url . 'oauth/token',
'refreshUrl' => $base_url . 'oauth/token',
],
],
];
break;
default:
continue 2;
}
if ($def !== NULL) {
$security_definitions[$provider] = $def;
}
}
// Core's CSRF token doesn't have an auth provider.
$security_definitions['csrf_token'] = [
'type' => 'apiKey',
'name' => 'X-CSRF-Token',
'in' => 'header',
'x-tokenUrl' => $base_url . 'user/token',
];
return $security_definitions;
}