Package software.amazon.smithy.openapi.fromsmithy

Interface SecuritySchemeConverter<T extends Trait>

Type Parameters:
T - the auth scheme trait to convert.
All Known Implementing Classes:
AwsV4Converter, HttpApiKeyAuthConverter, HttpBasicConverter, HttpBearerConverter, HttpDigestConverter
public interface SecuritySchemeConverter<T extends Trait>
Converts a Smithy authentication scheme to an OpenAPI security scheme and applies security requirements to operations.

Implementations of this interface are discovered using Java SPI.

  • Method Details

    • getAuthSchemeType

      Class<T> getAuthSchemeType()
      Get the U that matches this converter.
      Returns:
      The Smithy security auth scheme ID.

    • getAuthSchemeId

      default ShapeId getAuthSchemeId()
      Gets the shape ID of the auth scheme type.

      By default, this operation uses reflection to get the value of a static property of the auth scheme class named "ID". If that is not how a specific auth scheme class is implemented, then this method must be overridden.

      Returns:
      Returns the auth scheme's shape ID.

    • createSecurityScheme

      SecurityScheme createSecurityScheme(Context<? extends Trait> context, T authTrait)
      Creates an OpenAPI security scheme.
      Parameters:
      context - Conversion context.
      authTrait - Authentication trait to convert.
      Returns:
      The generated security scheme
      See Also:

    • createSecurityRequirements

      default List<String> createSecurityRequirements(Context<? extends Trait> context, T authTrait, Shape shape)
      Creates a "security" requirements property to apply to an operation or top-level service using the Smithy auth scheme name as the key.

      The default implementation will return an empty list.

      Parameters:
      context - OpenAPI context
      authTrait - Authentication trait to convert.
      shape - Service or operation shape.
      Returns:
      The security requirements value.

    • getOpenApiAuthSchemeName

      default String getOpenApiAuthSchemeName()
      Gets the name of OpenApi auth scheme.

      For compatibility with Amazon API Gateway, the `#` is replaced with an `.` when deriving the name from the auth scheme's shape ID.

      Returns:
      Returns the auth scheme's name.

    • getAuthRequestHeaders

      default Set<String> getAuthRequestHeaders(Context<? extends Trait> context, T authTrait)
      Gets the names of the headers set on HTTP requests used by this authentication scheme.

      This is useful when integrating with things like CORS.

      Parameters:
      context - Context for the conversion.
      authTrait - The auth trait that is being used.
      Returns:
      A set of header names.

    • getAuthResponseHeaders

      default Set<String> getAuthResponseHeaders(Context<? extends Trait> context, T authTrait)
      Gets the names of the headers set on HTTP responses used by this authentication scheme.

      This is useful when integrating with things like CORS.

      Parameters:
      context - Context for the conversion.
      authTrait - The auth trait that is being used.
      Returns:
      A set of header names.

    • usesHttpCredentials

      default boolean usesHttpCredentials()
      Reports if this authentication mechanism uses HTTP credentials, such as cookies, browser-managed usernames and passwords, or TLS client certificates.

      This is useful when integrating with things like CORS.

      Returns:
      Whether this authentication mechanism relies on browser-managed credentials
      See Also: