openapi-filter
openapi-filter copied to clipboard
Feature - filter by OAuth scopes rather than `x-internal` flags
In a non-trivial set of APIs with complex OAuth scopes; some clients want a 'simplified' openapi spec that covers just the stuff they're allowed to do.
So let's filter by --scopes
allowing us to prune away the operations they're not allowed.
Recognised HTTP operations that don't have security
element will be filtered based upon global security
element as expected.
Thanks, could you move the last commit to a new PR, as the functionality seems to be separate from the original intent?
As I read this, the scopes
option is mutually exclusive of the flags
option. I can see the reason from a code perspective, but wonder if it is what users will expect. We at least need to call it out and warn if both are selected.
Hi, appreciate it has been a long time, but if you're still interested in this PR, could you fix up the lint errors/warnings?