Skip to content

security things #84

Open
Open
security things#84
Labels
enhancementNew feature or requestspec supportsomething that the spec says should be supported
@karenetheridge

Description

@karenetheridge
karenetheridge
opened on Oct 4, 2024

document validation:

  • security requirements in an operation must correspond to security schemes defined in /components

runtime validation:

  • minimal implementation: we can at least check if a security requirement is declared for an operation, and bomb out with the appropriate 40x error if the query/header/cookie is missing.

  • provide some sort of hook where the caller can provide an implementation for performing authentication/authorization of a request or response: provide the request/response and the relevant bits of the OpenAPI object parsed into a sensible format, etc. TBD pending discussion with users.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestspec supportsomething that the spec says should be supported

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions