swaggo
missing scopes on oauth2 access code flow
Describe the bug When defining an OAuth2AccessCode security scheme, the generated OpenAPI spec is incorrect for use with Swagger UI. It includes annotations that don't make sense in this context (e.g., in header), and the name of the security scheme in the spec is also wrong.
To Reproduce
Define the OAuth2AccessCode security scheme like this in main.go.
(swagger version: swag v2)
Command used:
go tool swag init -g cmd/main.go -o api --v3.1 --parseInternal --parseDependency
// @securitydefinitions.oauth2.accessCode OAuth2AccessCode
// @tokenUrl https://mydomain.com/oauth/v2/token
// @authorizationurl https://mydomain.com/oauth/v2/authorize
// @in header
// @scope.openid OpenID Connect basic login
// @scope.email Access to user's email
// @scope.profile Access to user's profile
is generated this spec:
securitySchemes:
OAuth2AccessCode:
flows:
authorizationCode:
authorizationUrl: https://mydomain.com/oauth/v2/authorize
tokenUrl: https://mydomain.com/oauth/v2/token
in: header
type: oauth2
Expected behavior
securitySchemes:
OAuth2AccessCode:
flows:
authorizationCode:
authorizationUrl: https://mydomain.com/oauth/authorize
scopes:
openid: "OpenID Connect basic login"
email: "Access to user's email"
profile: "Access to user's profile"
tokenUrl: https://mydomain.com/oauth/token
type: oauth2
Note:
- The name of the security scheme should not include the annotation string.
- The in field shouldn't be required for OAuth2; it doesn't apply to this security type.
Screenshots If applicable, add screenshots to help explain your problem.
Your swag version e.g. v2.0.0-rc4
Your go version e.g. 1.24.0
Desktop (please complete the following information):
- OS: [e.g. Fedora]
- Browser: [e.g. firefox]
- Version: [e.g. 137.0.1]
Additional context Add any other context about the problem here.
