Skip to content

Schemas

MyBasicAuth

demonstrate customizing the OAS security scheme name, once DRF 3.13 adds this functionality.

MyOAuth2Auth

Temporary workaround until DRF 3.13 merges https://github.com/encode/django-rest-framework/pull/7516 and DOT's OAuth2Authentication gets updated to add openapi security schemes and security requirement objects.

openapi_security_requirement(view, method) classmethod

OAuth2 is the only OAS security requirement object that fills in the list of required scopes :param view: used to get to the required_alternate_scopes attribute :param method: key for required_alternate_scopes :return:

Source code in myapp/schemas.py 
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
@classmethod
def openapi_security_requirement(cls, view, method):
    """
    OAuth2 is the only OAS security requirement object that fills in the list of required scopes
    :param view: used to get to the required_alternate_scopes attribute
    :param method: key for required_alternate_scopes
    :return:
    """
    scopes = []
    if hasattr(view, 'required_alternate_scopes'):
        if method in view.required_alternate_scopes:
            for alt in view.required_alternate_scopes[method]:
                scopes.append({cls.openapi_security_scheme_name: alt})
    return scopes

SchemaGenerator

Extend the schema to include some documentation, servers and override not-yet-implemented security.

get_schema(self, request, public)

Generate a JSONAPI OpenAPI schema. Overrides upstream DRF's get_schema.

Source code in myapp/schemas.py 
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
 
def get_schema(self, request, public):
    schema = super().get_schema(request, public)
    schema['info'] = {
        'version': __version__,
        'title': __title__,
        'description':
            '![alt-text](https://cuit.columbia.edu/sites/default/files/logo/CUIT_Logo_286_web.jpg "CUIT logo")'
            '\n'
            '\n'
            '\n'
            'A sample API that uses courses as an example to demonstrate representing\n'
            '[JSON:API 1.0](http://jsonapi.org/format) in the OpenAPI 3.0 specification.\n'
            '\n'
            '\n'
            'See [https://columbia-it-django-jsonapi-training.readthedocs.io]'
            '(https://columbia-it-django-jsonapi-training.readthedocs.io)\n'
            'for more about this.\n'
            '\n'
            '\n' + __copyright__ + '\n',
        'contact': {
            'name': __author__
        },
        'license': {
            'name': __license__,
            'url': __license_url__
        }
    }
    schema['servers'] = [
        {'url': 'http://localhost:8000', 'description': 'local dev'},
        {'url': 'https://localhost', 'description': 'local docker'},
        {'url': 'https://ac45devapp01.cc.columbia.edu', 'description': 'demo'},
        {'url': '{serverURL}', 'description': 'provide your server URL',
         'variables': {'serverURL': {'default': 'http://localhost:8000'}}}
    ]

    # temporarily add securitySchemes until implemented upstream
    if 'securitySchemes' not in schema['components']:
        schema['components']['securitySchemes'] = {
            'basicAuth': {
                'type': 'http',
                'scheme': 'basic',
                'description': 'basic authentication',
            },
            'sessionAuth': {
                'type': 'apiKey',
                'in': 'cookie',
                'name': 'JSESSIONID',
                'description': 'Session authentication'
            },
            'oauth-test': {
                'type': 'oauth2',
                'description': 'test OAuth2 service',
                'flows': {
                    'authorizationCode': {
                        'authorizationUrl': 'https://oauth-test.cc.columbia.edu/as/authorization.oauth2',
                        'tokenUrl': 'https://oauth-test.cc.columbia.edu/as/token.oauth2',
                        'scopes': {
                            'auth-columbia': 'Columbia UNI login',
                            'create': 'create',
                            'read': 'read',
                            'update': 'update',
                            'delete': 'delete',
                            'openid': 'disclose your identity',
                            'profile': 'your user profile',
                            'email': 'your email address',
                            'https://api.columbia.edu/scope/group': 'groups you are a member of',
                            'demo-django-jsonapi-training-sla-bronze':
                                'permitted to access the django-jsonapi-training demo: 1 request per second',
                            'demo-django-jsonapi-training-sla-update':
                                'permitted to update the django-jsonapi-training resources'
                         }
                    }
                }
            }
        }

    # temporarily add default security object at top-level
    if 'security' not in schema:
        schema['security'] = [
            {'basicAuth': []},
            {'sessionAuth': []},
            {'oauth-test': [['auth-columbia', 'openid', 'https://api.columbia.edu/scope/group']]}
        ]

    return schema