@api-client/core 0.8.2 → 0.8.3

package/data/apis/secured-api/oauth-2-custom-settings.raml

@@ -0,0 +1,143 @@
+#%RAML 1.0 AnnotationTypeDeclaration
+displayName: OAuth 2.0 custom settings
+description: |
+  OAuth 2.0 allows to extend the specification with custom access token types,
+  endpoint parameters, grant types or response types.
+  This annotation allows you to annotate the `settings` property of OAuth 2.0
+  security scheme type to inform applications about additional settings.
+  ## Use case
+  Let's say a authorization server requires to send a `resource` query parameter
+  with the authorization request. The `resource` parameter can be any string.
+  Currently it is impossible to define this property in RAML file.
+  Similar if the code exchange request requires to put the `resource` parameter
+  into the request body.
+  This annotation allows you to define this parameter with the RAML definition
+  and place the parameter in the right request.
+  ## Annotation Target
+  The [annotation target](https://github.com/raml-org/raml-spec/blob/master/versions/raml-10/raml-10.md#annotation-targets)
+  for those annotations is `SecuritySchemeSettings`.
+  You can only apply it to Security Scheme `settings` property.
+  ## Example
+  ```yaml
+  annotationTypes:
+    customSettings: !include oauth-2-custom-settings.raml
+  securitySchemes:
+    oauth2:
+      type: OAuth 2.0
+      describedBy:
+        headers:
+          Authorization:
+            example: "Bearer token"
+      settings:
+        (customSettings):
+          authorizationGrants: [custom_grant]
+          ignoreDefaultGrants:
+          authorizationSettings:
+            queryParameters:
+              resource:
+                type: string
+                required: true
+                description: |
+                  A resource ID that defines a domain of authorization.
+            headers:
+              x-auth-resource:
+                type: string
+                required: false
+          accessTokenSettings:
+            body:
+              resource:
+                type: string
+                required: true
+                description: |
+                  A resource ID that defines a domain of authorization.
+        accessTokenUri: https://auth.domain.com/authorize
+        authorizationUri: https://auth.domain.com/token
+        authorizationGrants: [implicit]
+        scopes: profile
+  ```
+  ## API console
+  This annotation is recognized and respected by API console.
+allowedTargets: [ SecuritySchemeSettings ]
+properties:
+  authorizationSettings:
+    description: |
+      Settings to be applied to the `authorizationUri` GET request.
+      Define any query parameters or headers that are required by your OAuth 2.0
+      authorization server implementation.
+      This settings can be applied only to `token` and `code` requests
+    type: object
+    displayName: Authorization settings
+    required: false
+    properties:
+      queryParameters:
+        displayName: Authorization query parameters
+        description: |
+          Query parameters to be applied to the `authorizationUri`.
+          Use the same notation as RAML's `queryParameters`.
+          If you define a parameter that is already defined in OAuth 2.0 specification
+          (RFC6749) it should be ignored by the processor.
+        type: object
+        required: false
+        properties:
+          /a-zA-Z0-9\-\_/*:
+            type: object
+            required: false
+  accessTokenSettings:
+    displayName: Access token settings
+    description: |
+      Settings to be applied to the token endpoint POST request.
+      Define query parameters, headers or custom body paramaeters that should
+      be included into the request.
+      Note, as per RFC6749, the request content type is `application/x-www-form-urlencoded`
+      and the processor has to always assume this content type.
+    type: object
+    required: false
+    properties:
+      queryParameters:
+        displayName: Token query parameters
+        description: |
+          Query parameters to be applied to the `accessTokenUri`.
+          Use the same notation as RAML's `queryParameters`.
+          OAuth 2.0 specification does not specify any query parameters for this
+          type of request.
+        type: object
+        required: false
+        properties:
+          /a-zA-Z0-9\-\_/*:
+            type: object
+            required: false
+      headers:
+        displayName: Token request headers
+        description: |
+          Headers to be set on the token request.
+          Use the same notation as RAML's `headers`.
+        type: object
+        required: false
+        properties:
+          /a-zA-Z0-9\-\_/*:
+            type: object
+            required: false
+      body:
+        displayName: Token body parameters
+        description: |
+          Body parameters to be applied to the `accessTokenUri`.
+          Properties will be applied to the default set of OAuth 2.0 token request
+          parameters.
+          If you define a parameter that is already defined in OAuth 2.0 specification
+          (RFC6749) it should be ignored by the processor.
+        type: object
+        required: false
+  authorizationGrants:
+    type: string[]
+    displayName: Custom authorization grants
+    required: false
+    description: |
+      List of custom authorization granst supported by your OAuth 2.0 server
+  ignoreDefaultGrants:
+    type: nil
+    required: false
+    description: |
+      If set, the processor should not use any of the `authorizationGrants`
+      properties defined in the `settings` and should be replaced by
+      `authorizationGrants` defined in this annotation.
+      This can be used only if this annotation `authorizationGrants` is set.

package/data/apis/secured-api/oauth2-header-delivery.raml

@@ -0,0 +1,13 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 2.0
+displayName: Token delivery described as header parameter only
+settings:
+  accessTokenUri: https://header.com/token
+  authorizationUri: https://header.com/auth
+  authorizationGrants: password
+  scopes: [header]
+describedBy:
+  headers:
+    token:
+      type: string
+      description: Apply access token as a header here.

package/data/apis/secured-api/oauth2-no-delivery.raml

@@ -0,0 +1,8 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 2.0
+displayName: Token delivery described as query parameter only
+settings:
+  accessTokenUri: https://token.com
+  authorizationUri: https://auth.com
+  authorizationGrants: authorization_code
+  scopes: [profile, email]

package/data/apis/secured-api/oauth2-no-grants.raml

@@ -0,0 +1,12 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 2.0
+displayName: This OAuth2 has no auth grants!
+settings:
+  accessTokenUri: https://token.com
+  authorizationUri: https://auth.com
+  scopes: [profile, email]
+describedBy:
+  queryParameters:
+    access_token:
+      type: string
+      description: Apply access token here.

package/data/apis/secured-api/oauth2-pkce.raml

@@ -0,0 +1,13 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 2.0
+displayName: This OAuth2 has PKCE annotation
+settings:
+  (pkce): true
+  accessTokenUri: https://token.com
+  authorizationUri: https://auth.com
+  scopes: [profile, email]
+describedBy:
+  queryParameters:
+    access_token:
+      type: string
+      description: Apply access token here.

package/data/apis/secured-api/oauth2-query-delivery.raml

@@ -0,0 +1,13 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 2.0
+displayName: Token delivery described as query parameter only
+settings:
+  accessTokenUri: https://query.com/token
+  authorizationUri: https://query.com/auth
+  authorizationGrants: client_credentials
+  scopes: [query]
+describedBy:
+  queryParameters:
+    access_token:
+      type: string
+      description: Apply access token as a query here.

package/data/apis/secured-api/oauth_1_0.raml

@@ -0,0 +1,8 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 1.0
+description: OAuth 1.0 continues to be supported for all API requests, but OAuth 2.0 is now preferred.
+settings:
+  requestTokenUri: http://api.domain.com/oauth1/request_token
+  authorizationUri: http://api.domain.com/oauth1/authorize
+  tokenCredentialsUri: http://api.domain.com/oauth1/access_token
+  signatures: [RSA-SHA1, HMAC-SHA1]

package/data/apis/secured-api/oauth_1_0_no-settings.raml

@@ -0,0 +1,3 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 1.0
+description: This has no settings.

package/data/apis/secured-api/oauth_1_0_no-signature.raml

@@ -0,0 +1,7 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 1.0
+description: OAuth 1.0 continues to be supported for all API requests, but OAuth 2.0 is now preferred.
+settings:
+  requestTokenUri: http://api.domain.com/oauth1/request_token
+  authorizationUri: http://api.domain.com/oauth1/authorize
+  tokenCredentialsUri: http://api.domain.com/oauth1/access_token

package/data/apis/secured-api/oauth_1_0_signature.raml

@@ -0,0 +1,8 @@
+#%RAML 1.0 SecurityScheme
+type: OAuth 1.0
+description: OAuth 1.0 continues to be supported for all API requests, but OAuth 2.0 is now preferred.
+settings:
+  requestTokenUri: http://api.domain.com/oauth1/request_token
+  authorizationUri: http://api.domain.com/oauth1/authorize
+  tokenCredentialsUri: http://api.domain.com/oauth1/access_token
+  signatures: [RSA-SHA1]

package/data/apis/secured-api/passthrough-querystring.raml

@@ -0,0 +1,16 @@
+#%RAML 1.0 SecurityScheme
+
+description: |
+  This API supports Pass Through Authentication.
+type: Pass Through
+describedBy:
+  queryString:
+    type: object
+    properties:
+      queryStringProperty1:
+        type: number
+        required: true
+      queryStringProperty2:
+        description: Random string
+        type: string
+        required: false

package/data/apis/secured-api/passthrough.raml

@@ -0,0 +1,24 @@
+#%RAML 1.0 SecurityScheme
+
+description: |
+  This API supports Pass Through Authentication.
+type: Pass Through
+describedBy:
+  queryParameters:
+    query:
+      type: string
+      example: my-value
+      description: |
+        This demonstrates how Pass Through authentication
+        works with `api-authorization-method` component.
+    debugTokenParam:
+      description: Select one of available values to run the request in the debug mode with selected level.
+      enum: [Info, Log, Warning, Error, Critical]
+      type: string
+      required: false
+  headers:
+    api_key:
+      type: string
+      pattern: "[0-9a-zA-Z\\.-]+"
+      description: |
+        This headers has pattern included in the definition.

package/data/apis/secured-api/secured-api.raml

@@ -0,0 +1,231 @@
+#%RAML 1.0
+title: Authorization Test API
+version: v1
+baseUri: http://api.domain.com/
+
+annotationTypes:
+  oauth-2-custom-settings: !include oauth-2-custom-settings.raml
+
+types:
+  apiTokens: # each is optional, not exclusive with anything
+    properties:
+      userToken: number
+      applicationToken?: number
+
+securitySchemes:
+  basic:
+    type: Basic Authentication
+    description: |
+      This API supports Basic Authentication.
+  digest:
+    description: |
+      This API supports DigestSecurityScheme Authentication.
+    type: Digest Authentication
+  passthrough: !include passthrough.raml
+  passthroughQueryString: !include passthrough-querystring.raml
+  custom_scheme:
+    description: |
+      A custom security scheme for authenticating requests.
+    type: x-custom
+    displayName: RAML's custom scheme
+    describedBy:
+      headers:
+        SpecialToken:
+          description: |
+            Used to send a custom token.
+          type: string
+      queryString:
+        type: apiTokens
+        examples:
+          first:
+            value:
+              userToken: 1234
+              applicationToken: 5678
+          second:
+            value:
+              start: 1239874566
+              page-size: 987321456
+      responses:
+        401:
+          description: |
+            Bad token.
+        403:
+  custom1: !include x-custom.raml
+  custom2: !include x-other.raml
+  custom3: !include x-query-string.raml
+  oauth2:
+    type: OAuth 2.0
+    displayName: Regular OAuth 2.0 definition
+    settings:
+      accessTokenUri: https://token.com
+      authorizationUri: https://auth.com
+      scopes: [profile, email]
+    describedBy:
+      queryParameters:
+        access_token:
+          type: string
+          description: Apply access token here.
+      headers:
+        Authorization:
+          type: string
+  oauth2grants:
+    type: OAuth 2.0
+    displayName: OAuth 2 grants security
+    settings:
+      accessTokenUri: https://token.com
+      authorizationUri: https://auth.com
+      authorizationGrants: authorization_code
+      scopes: [profile, email]
+    describedBy:
+      queryParameters:
+        access_token:
+          type: string
+          description: Apply access token here.
+      headers:
+        Authorization:
+          type: string
+  oauth2Annotation:
+    type: OAuth 2.0
+    displayName: OAuth 2.0 with annotation
+    settings:
+      (oauth-2-custom-settings):
+        # ignoreDefaultGrants:
+        authorizationGrants: [annotated_custom_grant, annotated_custom_grant2]
+        authorizationSettings:
+          queryParameters:
+            resource:
+              type: string
+              required: true
+              description: |
+                A resource ID that defines a domain of authorization.
+              displayName: Hello query parameeter
+              default: default
+              examples:
+                named: named example value
+                otherExample: test example value
+              pattern: "[a-zA-Z]+"
+              maxLength: 12
+              minLength: 3
+            numericParam:
+              type: number
+              minimum: 10
+              maximum: 20
+              multipleOf: 2
+              format: float
+              required: false
+              example: 22
+            dateParam:
+              type: date-only
+              required: false
+            repeatableParam1:
+              type: string[]
+              required: false
+            repetableParam2:
+              type: array
+              items: integer
+              required: false
+        accessTokenSettings:
+          queryParameters:
+            queryTokenResource: string
+            detailedTokenResource:
+              type: number
+              description: some description
+              required: false
+          headers:
+            x-token-resource:
+              type: number
+              default: 123
+          body:
+            bodyTokenResource: string
+            bodyDetailed:
+              type: boolean
+              required: true
+              displayName: Body detailed property
+              default: true
+      accessTokenUri: https://token.com
+      authorizationUri: https://auth.com
+      authorizationGrants: [authorization_code, password, client_credentials, implicit]
+      scopes: [profile, email]
+    describedBy:
+      queryParameters:
+        access_token:
+          type: string
+          description: Apply access token here.
+  oauth2queryDelivery: !include oauth2-query-delivery.raml
+  oauth2headerDelivery: !include oauth2-header-delivery.raml
+  oauth2noDelivery: !include oauth2-no-delivery.raml
+  oauth2noGrants: !include oauth2-no-grants.raml
+  oauth2pkce: !include oauth2-pkce.raml
+  oauth1: !include oauth_1_0.raml
+  oauth1signature: !include oauth_1_0_signature.raml
+  oauth1noSignature: !include oauth_1_0_no-signature.raml
+  oauth1noSettings: !include oauth_1_0_no-settings.raml
+/basic:
+  get:
+    securedBy: basic
+/digest:
+  get:
+    securedBy: digest
+/passthrough:
+  get:
+    securedBy: passthrough
+/passthrough-query-string:
+  get:
+    securedBy: passthroughQueryString
+/custom-query-string:
+  get:
+    securedBy: custom_scheme
+/custom1:
+  get:
+    securedBy: [custom1]
+/custom2:
+  get:
+    securedBy: [custom2]
+/custom3:
+  get:
+    securedBy: [custom3]
+/oauth2:
+  post:
+    securedBy: [oauth2]
+/oauth2-with-annotations:
+  get:
+    securedBy: [oauth2Annotation]
+/oauth2-with-grant-list:
+  get:
+    securedBy: [oauth2grants]
+/oauth2-query-delivery:
+  get:
+    securedBy: [oauth2queryDelivery]
+/oauth2-header-delivery:
+  get:
+    securedBy: [oauth2headerDelivery]
+/oauth2-no-delivery:
+  get:
+    securedBy: [oauth2noDelivery]
+/oauth2-no-grants:
+  get:
+    securedBy: [oauth2noGrants]
+/oauth2-pkce:
+  get:
+    securedBy: [oauth2pkce]
+/oauth1:
+  get:
+    securedBy: [oauth1]
+/oauth1-signature:
+  get:
+    securedBy: [oauth1signature]
+/oauth1-nosignature:
+  get:
+    securedBy: [oauth1noSignature]
+/oauth1-nosettings:
+  get:
+    securedBy: [oauth1noSettings]
+/combo-types:
+  get:
+    securedBy: [basic, digest, passthroughQueryString, custom1, oauth2, oauth1]
+/all-oauth2:
+  get:
+    securedBy: [oauth2, oauth2Annotation, oauth2grants, oauth2queryDelivery, oauth2headerDelivery, oauth2noDelivery, oauth2noGrants]
+/nil-oauth2:
+  get:
+    securedBy: [null, oauth2]

package/data/apis/secured-api/x-custom.raml

@@ -0,0 +1,33 @@
+#%RAML 1.0 SecurityScheme
+
+description: |
+  A custom security scheme for authenticating requests.
+  It allows to set `SpecialToken` header from the authorization panel.
+  The same header should be rendered in the headers editor with console using
+  RAML JS parser.
+  With `AMF` console this is separated information.
+  This scheme also sets `debugToken` and `booleanToken` query parameters.
+  Both are enums, however `booleanToken` can only have `true` and `false`
+  values.
+type: x-my-custom
+describedBy:
+  headers:
+    SpecialTokenHeader:
+      description: |
+        Used to send a custom token.
+      type: string
+  queryParameters:
+    debugTokenParam:
+      description: Select one of available values to run the request in the debug mode with selected level.
+      enum: [Info, Log, Warning, Error, Critical]
+      type: string
+      required: false
+    booleanTokenParam:
+      description: Just to test boolean values.
+      type: boolean
+      default: true
+  responses:
+    401:
+      description: |
+        Bad token.
+    403:

package/data/apis/secured-api/x-other.raml

@@ -0,0 +1,29 @@
+#%RAML 1.0 SecurityScheme
+
+description: |
+  Other custom security method for authorization.
+type: x-custom
+describedBy:
+  queryParameters:
+    apiUserIdParam:
+      description: |
+        Your api user ID. Some imaginary value.
+      type: number
+      required: true
+    apiNonceParam:
+      description: Random string
+      type: string
+  responses:
+    401:
+      description: |
+        Bad token autorization.
+      body:
+        application/json:
+          type: object
+          properties:
+            error:
+              type: boolean
+              description: Always true. Indicates that the response is errord.
+            message:
+              type: string
+              description: Human readable message describing the error.

package/data/apis/secured-api/x-query-string.raml

@@ -0,0 +1,16 @@
+#%RAML 1.0 SecurityScheme
+
+description: |
+  Tests for queryString RAML's property
+type: x-custom
+describedBy:
+  queryString:
+    type: object
+    properties:
+      queryStringProperty1:
+        type: number
+        required: true
+      queryStringProperty2:
+        description: Random string
+        type: string
+        required: false

package/data/model.js

@@ -46,6 +46,11 @@ config.set('SE-10469/SE-10469.raml', { type: "RAML 1.0" });
 config.set('SE-13092/SE-13092.raml', { type: 'RAML 1.0' });
 config.set('SE-22063/SE-22063.raml', { type: 'RAML 1.0' });
 config.set('tracked-examples/tracked-to-linked.raml', { type: 'RAML 1.0' });
+config.set('petstore/petstore.yaml', { type: "OAS 3.0" });
+config.set('arc-demo-api/arc-demo-api.raml', { type: "RAML 1.0" });
+config.set('APIC-483/APIC-483.raml', { type: "RAML 1.0" });
+config.set('oas-3-api/oas-3-api.yaml', { type: "OAS 3.0" });
+config.set('secured-api/secured-api.raml', { type: "RAML 1.0" });
 
 const srcFolder = path.join('data', 'apis');
 const descFolder = path.join('data', 'models');