mirror of
https://github.com/LukeHagar/connexion.git
synced 2025-12-09 04:19:32 +00:00
44ea9336fe
- App and Api options must be provided through the "options" argument (``old_style_options`` have been removed). - You must specify a form content-type in 'consumes' in order to consume form data. - The `Operation` interface has been formalized in the `AbstractOperation` class. - The `Operation` class has been renamed to `Swagger2Operation`. - Array parameter deserialization now follows the Swagger 2.0 spec more closely. In situations when a query parameter is passed multiple times, and the collectionFormat is either csv or pipes, the right-most value will be used. For example, `?q=1,2,3&q=4,5,6` will result in `q = [4, 5, 6]`. The old behavior is available by setting the collectionFormat to `multi`, or by importing `decorators.uri_parsing.AlwaysMultiURIParser` and passing `parser_class=AlwaysMultiURIParser` to your Api. - The spec validator library has changed from `swagger-spec-validator` to `openapi-spec-validator`. - Errors that previously raised `SwaggerValidationError` now raise the `InvalidSpecification` exception. All spec validation errors should be wrapped with `InvalidSpecification`. - Support for nullable/x-nullable, readOnly and writeOnly/x-writeOnly has been added to the standard json schema validator. - Custom validators can now be specified on api level (instead of app level). - Added support for basic authentication and apikey authentication - If unsupported security requirements are defined or ``x-tokenInfoFunc``/``x-tokenInfoUrl`` is missing, connexion now denies requests instead of allowing access without security-check. - Accessing ``connexion.request.user`` / ``flask.request.user`` is no longer supported, use ``connexion.context['user']`` instead
26 lines
769 B
ReStructuredText
26 lines
769 B
ReStructuredText
==============
|
|
OAuth2 Example
|
|
==============
|
|
|
|
This example demonstrates how to implement a resource server with Connexion.
|
|
The app will lookup OAuth2 Bearer tokens with the given token info function.
|
|
|
|
Running:
|
|
|
|
.. code-block:: bash
|
|
|
|
$ sudo pip3 install --upgrade connexion # install Connexion from PyPI
|
|
$ ./mock_tokeninfo.py & # start mock in background
|
|
$ ./app.py
|
|
|
|
Now open your browser and go to http://localhost:8080/ui/ to see the Swagger UI.
|
|
|
|
You can use the hardcoded tokens to request the endpoint:
|
|
|
|
.. code-block:: bash
|
|
|
|
$ curl http://localhost:8080/secret # missing authentication
|
|
$ curl -H 'Authorization: Bearer 123' http://localhost:8080/secret
|
|
$ curl -H 'Authorization: Bearer 456' http://localhost:8080/secret
|
|
|