mirror of
https://github.com/LukeHagar/connexion.git
synced 2025-12-06 04:19:26 +00:00
44ea9336fe
- App and Api options must be provided through the "options" argument (``old_style_options`` have been removed). - You must specify a form content-type in 'consumes' in order to consume form data. - The `Operation` interface has been formalized in the `AbstractOperation` class. - The `Operation` class has been renamed to `Swagger2Operation`. - Array parameter deserialization now follows the Swagger 2.0 spec more closely. In situations when a query parameter is passed multiple times, and the collectionFormat is either csv or pipes, the right-most value will be used. For example, `?q=1,2,3&q=4,5,6` will result in `q = [4, 5, 6]`. The old behavior is available by setting the collectionFormat to `multi`, or by importing `decorators.uri_parsing.AlwaysMultiURIParser` and passing `parser_class=AlwaysMultiURIParser` to your Api. - The spec validator library has changed from `swagger-spec-validator` to `openapi-spec-validator`. - Errors that previously raised `SwaggerValidationError` now raise the `InvalidSpecification` exception. All spec validation errors should be wrapped with `InvalidSpecification`. - Support for nullable/x-nullable, readOnly and writeOnly/x-writeOnly has been added to the standard json schema validator. - Custom validators can now be specified on api level (instead of app level). - Added support for basic authentication and apikey authentication - If unsupported security requirements are defined or ``x-tokenInfoFunc``/``x-tokenInfoUrl`` is missing, connexion now denies requests instead of allowing access without security-check. - Accessing ``connexion.request.user`` / ``flask.request.user`` is no longer supported, use ``connexion.context['user']`` instead
43 lines
1.1 KiB
Python
Executable File
43 lines
1.1 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
'''
|
|
Basic example of a resource server
|
|
'''
|
|
|
|
import connexion
|
|
from connexion.decorators.security import validate_scope
|
|
from connexion.exceptions import OAuthScopeProblem
|
|
|
|
|
|
def basic_auth(username, password, required_scopes=None):
|
|
if username == 'admin' and password == 'secret':
|
|
info = {'sub': 'admin', 'scope': 'secret'}
|
|
elif username == 'foo' and password == 'bar':
|
|
info = {'sub': 'user1', 'scope': ''}
|
|
else:
|
|
# optional: raise exception for custom error response
|
|
return None
|
|
|
|
# optional
|
|
if required_scopes is not None and not validate_scope(required_scopes, info['scope']):
|
|
raise OAuthScopeProblem(
|
|
description='Provided user doesn\'t have the required access rights',
|
|
required_scopes=required_scopes,
|
|
token_scopes=info['scope']
|
|
)
|
|
|
|
return info
|
|
|
|
|
|
def dummy_func(token):
|
|
return None
|
|
|
|
|
|
def get_secret(user) -> str:
|
|
return "You are {user} and the secret is 'wbevuec'".format(user=user)
|
|
|
|
|
|
if __name__ == '__main__':
|
|
app = connexion.FlaskApp(__name__)
|
|
app.add_api('openapi.yaml')
|
|
app.run(port=8080)
|