feat(securityscheme): add oauth2MetadataUrl support (OpenAPI 3.2)#2706
feat(securityscheme): add oauth2MetadataUrl support (OpenAPI 3.2)#2706baywet merged 12 commits intomicrosoft:mainfrom
Conversation
baywet
left a comment
There was a problem hiding this comment.
Thanks for the contribution!
In addition to the requested change, you'll need to refresh the public API export.
|
Always I forget about that 😓 |
|
That test looks interesting! I might just borrow it and incorporate it into my project. |
The dotnet team actually made it an analyzer, so you get feedback on build and not on tests anymore. We just haven't taken the time to update things here. See this as an example. |
When serializing OAuth2 security schemes, the OAuth2MetadataUrl is now written as 'x-oauth2-metadata-url' for OpenAPI 3.1 and later. Updated tests and public API documentation to reflect this change.
|
@mdaneri would you mind updating the benchmarks please? cd performance/benchmark
dotnet run -c Release(and commit the changes) |
|
Hi @mdaneri To drive this to completion, whenever you have time, could you please:
Let me know if you have any additional comments or questions. |
|
Gentle ping on this one @mdaneri |
|
I'll work on this tomorrow |
…tadata URL support
…rformance.Descriptions-report-github.md modified: performance/benchmark/BenchmarkDotNet.Artifacts/results/performance.Descriptions-report.csv modified: performance/benchmark/BenchmarkDotNet.Artifacts/results/performance.Descriptions-report.html modified: performance/benchmark/BenchmarkDotNet.Artifacts/results/performance.Descriptions-report.json modified: performance/benchmark/BenchmarkDotNet.Artifacts/results/performance.EmptyModels-report-github.md modified: performance/benchmark/BenchmarkDotNet.Artifacts/results/performance.EmptyModels-report.csv modified: performance/benchmark/BenchmarkDotNet.Artifacts/results/performance.EmptyModels-report.html modified: performance/benchmark/BenchmarkDotNet.Artifacts/results/performance.EmptyModels-report.json
Done |
baywet
left a comment
There was a problem hiding this comment.
Thank you for making the changes!
One minor thing to clean up
Remove the IsTrimmable assembly metadata entry from test/Microsoft.OpenApi.Tests/PublicApi/PublicApi.approved.txt to update the public API baseline to reflect the attribute's removal.
Delete the approved public API snapshot used by tests (test/Microsoft.OpenApi.Tests/PublicApi/PublicApi.approved.txt). This removes the long approved PublicApi text file, likely because the public API approvals were updated or the snapshot is no longer required; update or regenerate the approved snapshot in tests if needed.
|
@mdaneri can you please also run the following: # add the missing public api entries
dotnet format --diagnostics RS0016
# discard changes to cs files to avoid creating conflicts
git checkout *.csand then commit the text file? Sorry for not providing the context here: I moved this repos from using custom tests for the public API surface to using the "new" dotnet analyzers. And your PR was originally created before that move, hence the "migration" here. |
Expose OAuth2 metadata URL support in the public API: add OpenApiConstants.OAuth2MetadataUrl constant, introduce IOAuth2MetadataProvider with an OAuth2MetadataUrl getter (System.Uri?), and surface OAuth2MetadataUrl on OpenApiSecurityScheme (get/set) and OpenApiSecuritySchemeReference (get). This enables consumers to read/write the OAuth2 metadata URL for security schemes.
baywet
left a comment
There was a problem hiding this comment.
Thank you for making the changes!
|
Could you please update the contributing guide? It seems like some important information is missing. I’m afraid I might forget all of it next time! :) |
This is an excellent suggestion, working on it. Also adding this section for the failing benchmarks, would you mind updating them please? Updating the benchmark informationTo ensure performance of the library does not degrade over time, we have continuous benchmarks running. You might see the continuous integration failing if your pull request changed any model under src/Microsoft.OpenApi/Models. Benchmark result for EmptyApiSchema does not match the existing benchmark result (original!=new). Allocated bytes differ: 408 != 416To update the benchmarks, run the following script: cd performance/benchmark
dotnet run -c ReleaseThen commit the report files using a "chore" commit. |
|
also put together #2734 to address the contributing documentation gaps. |
baywet
left a comment
There was a problem hiding this comment.
Thank you for making the changes!
Pull Request
Description
Adds first-class support for OpenAPI 3.2
oauth2MetadataUrlon OAuth2 security schemes, including serialization and OpenAPI 3.2 reader support.Type of Change
Related Issue(s)
Fixes #2694
Changes Made
OAuth2MetadataUrltoOpenApiSecurityScheme/IOpenApiSecuritySchemeand reference wrapper.oauth2MetadataUrlonly for OpenAPI 3.2+ whentype: oauth2.oauth2MetadataUrlin the OpenAPI 3.2 reader.Testing
Checklist
Versions applicability
Additional Notes
Unit tests executed locally:
test/Microsoft.OpenApi.Tests/Models/OpenApiSecuritySchemeTests.cstest/Microsoft.OpenApi.Readers.Tests/V32Tests/OpenApiSecuritySchemeTests.cs