We have a library that we use for security and it is tied to custom errors. I was wondering if you could parameterize the settings in the oauth_2.0 scheme like you would with endpoints.
It would save having to add the block of code each time in the RAML just a few parameters would be needed.
settings:
authorizationUri: INSERT_OAUTH2_AUTHORIZATION_URI
accessTokenUri: INSERT_OAUTH2_ACCESS_TOKEN_URI
authorizationGrants: INSERT_OAUTH2_AUTHORIZATION_GRANT
vs
settings:
authorizationUri: <<authorizationUri>>
accessTokenUri: <<accessTokenUri>>
authorizationGrants: <<authorizationGrants>>
{
authorizationUri: this,
accessTokenUri: that,
authorizationGrants, somethingElse
}
Hello @Michael Fesser
i think you are talking about security schemes in raml, you can defind it in raml as below
securitySchemes:
basicAuth:
description: username and password in headers
type: Basic Authentication #its Mandatory
describedBy:
headers:
Authorization:
type: string
responses:
401:
description: Unauthorized entred wrong Credentials
oauth_2:
description: The Oauth 2.0 authoriztion framework is a protocol that allows a user to grant a hird party website or application access to the users's protected resources, without neccessarily revealing tgeir credentials
type: OAuth 2.0
describedBy:
headers:
Authorization:
description: senda Valid OAuth 2 access Token
responses:
404:
description: Unauthorized
and then use it in resource like below
/employees:
is: [uuid-required]
securedBy:
- basicAuth
